search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Create policies.h
[tor.git] / src / or / main.c
blob60bea490067172c5de619e278ecd5e679f20f64a
1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4 * Copyright (c) 2007-2010, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6
7 /**
8 * \file main.c
9 * \brief Toplevel module. Handles signals, multiplexes between
10 * connections, implements main loop, and drives scheduled events.
11 **/
12
13 #define MAIN_PRIVATE
14 #include "or.h"
15 #include "buffers.h"
16 #include "circuitbuild.h"
17 #include "circuitlist.h"
18 #include "circuituse.h"
19 #include "command.h"
20 #include "config.h"
21 #include "connection.h"
22 #include "connection_edge.h"
23 #include "connection_or.h"
24 #include "control.h"
25 #include "cpuworker.h"
26 #include "directory.h"
27 #include "dirserv.h"
28 #include "dirvote.h"
29 #include "dns.h"
30 #include "dnsserv.h"
31 #include "geoip.h"
32 #include "hibernate.h"
33 #include "main.h"
34 #include "microdesc.h"
35 #include "networkstatus.h"
36 #include "ntmain.h"
37 #include "onion.h"
38 #include "policies.h"
39 #include "rendclient.h"
40 #include "rendcommon.h"
41 #include "rendservice.h"
42 #include "router.h"
43 #include "routerlist.h"
44 #ifdef USE_DMALLOC
45 #include <dmalloc.h>
46 #include <openssl/crypto.h>
47 #endif
48 #include "memarea.h"
49
50 #ifdef HAVE_EVENT2_EVENT_H
51 #include <event2/event.h>
52 #else
53 #include <event.h>
54 #endif
55
56 void evdns_shutdown(int);
57
58 /********* PROTOTYPES **********/
59
60 static void dumpmemusage(int severity);
61 static void dumpstats(int severity); /* log stats */
62 static void conn_read_callback(int fd, short event, void *_conn);
63 static void conn_write_callback(int fd, short event, void *_conn);
64 static void signal_callback(int fd, short events, void *arg);
65 static void second_elapsed_callback(periodic_timer_t *timer, void *args);
66 static int conn_close_if_marked(int i);
67 static void connection_start_reading_from_linked_conn(connection_t *conn);
68 static int connection_should_read_from_linked_conn(connection_t *conn);
69
70 /********* START VARIABLES **********/
71
72 int global_read_bucket; /**< Max number of bytes I can read this second. */
73 int global_write_bucket; /**< Max number of bytes I can write this second. */
74
75 /** Max number of relayed (bandwidth class 1) bytes I can read this second. */
76 int global_relayed_read_bucket;
77 /** Max number of relayed (bandwidth class 1) bytes I can write this second. */
78 int global_relayed_write_bucket;
79
80 /** What was the read bucket before the last second_elapsed_callback() call?
81 * (used to determine how many bytes we've read). */
82 static int stats_prev_global_read_bucket;
83 /** What was the write bucket before the last second_elapsed_callback() call?
84 * (used to determine how many bytes we've written). */
85 static int stats_prev_global_write_bucket;
86 /* XXX we might want to keep stats about global_relayed_*_bucket too. Or not.*/
87 /** How many bytes have we read since we started the process? */
88 static uint64_t stats_n_bytes_read = 0;
89 /** How many bytes have we written since we started the process? */
90 static uint64_t stats_n_bytes_written = 0;
91 /** What time did this process start up? */
92 time_t time_of_process_start = 0;
93 /** How many seconds have we been running? */
94 long stats_n_seconds_working = 0;
95 /** When do we next launch DNS wildcarding checks? */
96 static time_t time_to_check_for_correct_dns = 0;
97
98 /** How often will we honor SIGNEWNYM requests? */
99 #define MAX_SIGNEWNYM_RATE 10
100 /** When did we last process a SIGNEWNYM request? */
101 static time_t time_of_last_signewnym = 0;
102 /** Is there a signewnym request we're currently waiting to handle? */
103 static int signewnym_is_pending = 0;
104
105 /** Smartlist of all open connections. */
106 static smartlist_t *connection_array = NULL;
107 /** List of connections that have been marked for close and need to be freed
108 * and removed from connection_array. */
109 static smartlist_t *closeable_connection_lst = NULL;
110 /** List of linked connections that are currently reading data into their
111 * inbuf from their partner's outbuf. */
112 static smartlist_t *active_linked_connection_lst = NULL;
113 /** Flag: Set to true iff we entered the current libevent main loop via
114 * <b>loop_once</b>. If so, there's no need to trigger a loopexit in order
115 * to handle linked connections. */
116 static int called_loop_once = 0;
117
118 /** We set this to 1 when we've opened a circuit, so we can print a log
119 * entry to inform the user that Tor is working. */
120 int has_completed_circuit=0;
121
122 /** How often do we check for router descriptors that we should download
123 * when we have too little directory info? */
124 #define GREEDY_DESCRIPTOR_RETRY_INTERVAL (10)
125 /** How often do we check for router descriptors that we should download
126 * when we have enough directory info? */
127 #define LAZY_DESCRIPTOR_RETRY_INTERVAL (60)
128 /** How often do we 'forgive' undownloadable router descriptors and attempt
129 * to download them again? */
130 #define DESCRIPTOR_FAILURE_RESET_INTERVAL (60*60)
131 /** How long do we let a directory connection stall before expiring it? */
132 #define DIR_CONN_MAX_STALL (5*60)
133
134 /** How long do we let OR connections handshake before we decide that
135 * they are obsolete? */
136 #define TLS_HANDSHAKE_TIMEOUT (60)
137
138 /********* END VARIABLES ************/
139
140 /****************************************************************************
141 *
142 * This section contains accessors and other methods on the connection_array
143 * variables (which are global within this file and unavailable outside it).
144 *
145 ****************************************************************************/
146
147 /** Add <b>conn</b> to the array of connections that we can poll on. The
148 * connection's socket must be set; the connection starts out
149 * non-reading and non-writing.
150 */
151 int
152 connection_add(connection_t *conn)
153 {
154 tor_assert(conn);
155 tor_assert(conn->s >= 0 ||
156 conn->linked ||
157 (conn->type == CONN_TYPE_AP &&
158 TO_EDGE_CONN(conn)->is_dns_request));
159
160 tor_assert(conn->conn_array_index == -1); /* can only connection_add once */
161 conn->conn_array_index = smartlist_len(connection_array);
162 smartlist_add(connection_array, conn);
163
164 if (conn->s >= 0 || conn->linked) {
165 conn->read_event = tor_event_new(tor_libevent_get_base(),
166 conn->s, EV_READ|EV_PERSIST, conn_read_callback, conn);
167 conn->write_event = tor_event_new(tor_libevent_get_base(),
168 conn->s, EV_WRITE|EV_PERSIST, conn_write_callback, conn);
169 }
170
171 log_debug(LD_NET,"new conn type %s, socket %d, address %s, n_conns %d.",
172 conn_type_to_string(conn->type), conn->s, conn->address,
173 smartlist_len(connection_array));
174
175 return 0;
176 }
177
178 /** Tell libevent that we don't care about <b>conn</b> any more. */
179 void
180 connection_unregister_events(connection_t *conn)
181 {
182 if (conn->read_event) {
183 if (event_del(conn->read_event))
184 log_warn(LD_BUG, "Error removing read event for %d", conn->s);
185 tor_free(conn->read_event);
186 }
187 if (conn->write_event) {
188 if (event_del(conn->write_event))
189 log_warn(LD_BUG, "Error removing write event for %d", conn->s);
190 tor_free(conn->write_event);
191 }
192 if (conn->dns_server_port) {
193 dnsserv_close_listener(conn);
194 }
195 }
196
197 /** Remove the connection from the global list, and remove the
198 * corresponding poll entry. Calling this function will shift the last
199 * connection (if any) into the position occupied by conn.
200 */
201 int
202 connection_remove(connection_t *conn)
203 {
204 int current_index;
205 connection_t *tmp;
206
207 tor_assert(conn);
208
209 log_debug(LD_NET,"removing socket %d (type %s), n_conns now %d",
210 conn->s, conn_type_to_string(conn->type),
211 smartlist_len(connection_array));
212
213 tor_assert(conn->conn_array_index >= 0);
214 current_index = conn->conn_array_index;
215 connection_unregister_events(conn); /* This is redundant, but cheap. */
216 if (current_index == smartlist_len(connection_array)-1) { /* at the end */
217 smartlist_del(connection_array, current_index);
218 return 0;
219 }
220
221 /* replace this one with the one at the end */
222 smartlist_del(connection_array, current_index);
223 tmp = smartlist_get(connection_array, current_index);
224 tmp->conn_array_index = current_index;
225
226 return 0;
227 }
228
229 /** If <b>conn</b> is an edge conn, remove it from the list
230 * of conn's on this circuit. If it's not on an edge,
231 * flush and send destroys for all circuits on this conn.
232 *
233 * Remove it from connection_array (if applicable) and
234 * from closeable_connection_list.
235 *
236 * Then free it.
237 */
238 static void
239 connection_unlink(connection_t *conn)
240 {
241 connection_about_to_close_connection(conn);
242 if (conn->conn_array_index >= 0) {
243 connection_remove(conn);
244 }
245 if (conn->linked_conn) {
246 conn->linked_conn->linked_conn = NULL;
247 if (! conn->linked_conn->marked_for_close &&
248 conn->linked_conn->reading_from_linked_conn)
249 connection_start_reading(conn->linked_conn);
250 conn->linked_conn = NULL;
251 }
252 smartlist_remove(closeable_connection_lst, conn);
253 smartlist_remove(active_linked_connection_lst, conn);
254 if (conn->type == CONN_TYPE_EXIT) {
255 assert_connection_edge_not_dns_pending(TO_EDGE_CONN(conn));
256 }
257 if (conn->type == CONN_TYPE_OR) {
258 if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest))
259 connection_or_remove_from_identity_map(TO_OR_CONN(conn));
260 }
261 connection_free(conn);
262 }
263
264 /** Schedule <b>conn</b> to be closed. **/
265 void
266 add_connection_to_closeable_list(connection_t *conn)
267 {
268 tor_assert(!smartlist_isin(closeable_connection_lst, conn));
269 tor_assert(conn->marked_for_close);
270 assert_connection_ok(conn, time(NULL));
271 smartlist_add(closeable_connection_lst, conn);
272 }
273
274 /** Return 1 if conn is on the closeable list, else return 0. */
275 int
276 connection_is_on_closeable_list(connection_t *conn)
277 {
278 return smartlist_isin(closeable_connection_lst, conn);
279 }
280
281 /** Return true iff conn is in the current poll array. */
282 int
283 connection_in_array(connection_t *conn)
284 {
285 return smartlist_isin(connection_array, conn);
286 }
287
288 /** Set <b>*array</b> to an array of all connections, and <b>*n</b>
289 * to the length of the array. <b>*array</b> and <b>*n</b> must not
290 * be modified.
291 */
292 smartlist_t *
293 get_connection_array(void)
294 {
295 if (!connection_array)
296 connection_array = smartlist_create();
297 return connection_array;
298 }
299
300 /** Set the event mask on <b>conn</b> to <b>events</b>. (The event
301 * mask is a bitmask whose bits are READ_EVENT and WRITE_EVENT)
302 */
303 void
304 connection_watch_events(connection_t *conn, watchable_events_t events)
305 {
306 if (events & READ_EVENT)
307 connection_start_reading(conn);
308 else
309 connection_stop_reading(conn);
310
311 if (events & WRITE_EVENT)
312 connection_start_writing(conn);
313 else
314 connection_stop_writing(conn);
315 }
316
317 /** Return true iff <b>conn</b> is listening for read events. */
318 int
319 connection_is_reading(connection_t *conn)
320 {
321 tor_assert(conn);
322
323 return conn->reading_from_linked_conn ||
324 (conn->read_event && event_pending(conn->read_event, EV_READ, NULL));
325 }
326
327 /** Tell the main loop to stop notifying <b>conn</b> of any read events. */
328 void
329 connection_stop_reading(connection_t *conn)
330 {
331 tor_assert(conn);
332 tor_assert(conn->read_event);
333
334 if (conn->linked) {
335 conn->reading_from_linked_conn = 0;
336 connection_stop_reading_from_linked_conn(conn);
337 } else {
338 if (event_del(conn->read_event))
339 log_warn(LD_NET, "Error from libevent setting read event state for %d "
340 "to unwatched: %s",
341 conn->s,
342 tor_socket_strerror(tor_socket_errno(conn->s)));
343 }
344 }
345
346 /** Tell the main loop to start notifying <b>conn</b> of any read events. */
347 void
348 connection_start_reading(connection_t *conn)
349 {
350 tor_assert(conn);
351 tor_assert(conn->read_event);
352
353 if (conn->linked) {
354 conn->reading_from_linked_conn = 1;
355 if (connection_should_read_from_linked_conn(conn))
356 connection_start_reading_from_linked_conn(conn);
357 } else {
358 if (event_add(conn->read_event, NULL))
359 log_warn(LD_NET, "Error from libevent setting read event state for %d "
360 "to watched: %s",
361 conn->s,
362 tor_socket_strerror(tor_socket_errno(conn->s)));
363 }
364 }
365
366 /** Return true iff <b>conn</b> is listening for write events. */
367 int
368 connection_is_writing(connection_t *conn)
369 {
370 tor_assert(conn);
371
372 return conn->writing_to_linked_conn ||
373 (conn->write_event && event_pending(conn->write_event, EV_WRITE, NULL));
374 }
375
376 /** Tell the main loop to stop notifying <b>conn</b> of any write events. */
377 void
378 connection_stop_writing(connection_t *conn)
379 {
380 tor_assert(conn);
381 tor_assert(conn->write_event);
382
383 if (conn->linked) {
384 conn->writing_to_linked_conn = 0;
385 if (conn->linked_conn)
386 connection_stop_reading_from_linked_conn(conn->linked_conn);
387 } else {
388 if (event_del(conn->write_event))
389 log_warn(LD_NET, "Error from libevent setting write event state for %d "
390 "to unwatched: %s",
391 conn->s,
392 tor_socket_strerror(tor_socket_errno(conn->s)));
393 }
394 }
395
396 /** Tell the main loop to start notifying <b>conn</b> of any write events. */
397 void
398 connection_start_writing(connection_t *conn)
399 {
400 tor_assert(conn);
401 tor_assert(conn->write_event);
402
403 if (conn->linked) {
404 conn->writing_to_linked_conn = 1;
405 if (conn->linked_conn &&
406 connection_should_read_from_linked_conn(conn->linked_conn))
407 connection_start_reading_from_linked_conn(conn->linked_conn);
408 } else {
409 if (event_add(conn->write_event, NULL))
410 log_warn(LD_NET, "Error from libevent setting write event state for %d "
411 "to watched: %s",
412 conn->s,
413 tor_socket_strerror(tor_socket_errno(conn->s)));
414 }
415 }
416
417 /** Return true iff <b>conn</b> is linked conn, and reading from the conn
418 * linked to it would be good and feasible. (Reading is "feasible" if the
419 * other conn exists and has data in its outbuf, and is "good" if we have our
420 * reading_from_linked_conn flag set and the other conn has its
421 * writing_to_linked_conn flag set.)*/
422 static int
423 connection_should_read_from_linked_conn(connection_t *conn)
424 {
425 if (conn->linked && conn->reading_from_linked_conn) {
426 if (! conn->linked_conn ||
427 (conn->linked_conn->writing_to_linked_conn &&
428 buf_datalen(conn->linked_conn->outbuf)))
429 return 1;
430 }
431 return 0;
432 }
433
434 /** Helper: Tell the main loop to begin reading bytes into <b>conn</b> from
435 * its linked connection, if it is not doing so already. Called by
436 * connection_start_reading and connection_start_writing as appropriate. */
437 static void
438 connection_start_reading_from_linked_conn(connection_t *conn)
439 {
440 tor_assert(conn);
441 tor_assert(conn->linked == 1);
442
443 if (!conn->active_on_link) {
444 conn->active_on_link = 1;
445 smartlist_add(active_linked_connection_lst, conn);
446 if (!called_loop_once) {
447 /* This is the first event on the list; we won't be in LOOP_ONCE mode,
448 * so we need to make sure that the event_base_loop() actually exits at
449 * the end of its run through the current connections and lets us
450 * activate read events for linked connections. */
451 struct timeval tv = { 0, 0 };
452 tor_event_base_loopexit(tor_libevent_get_base(), &tv);
453 }
454 } else {
455 tor_assert(smartlist_isin(active_linked_connection_lst, conn));
456 }
457 }
458
459 /** Tell the main loop to stop reading bytes into <b>conn</b> from its linked
460 * connection, if is currently doing so. Called by connection_stop_reading,
461 * connection_stop_writing, and connection_read. */
462 void
463 connection_stop_reading_from_linked_conn(connection_t *conn)
464 {
465 tor_assert(conn);
466 tor_assert(conn->linked == 1);
467
468 if (conn->active_on_link) {
469 conn->active_on_link = 0;
470 /* FFFF We could keep an index here so we can smartlist_del
471 * cleanly. On the other hand, this doesn't show up on profiles,
472 * so let's leave it alone for now. */
473 smartlist_remove(active_linked_connection_lst, conn);
474 } else {
475 tor_assert(!smartlist_isin(active_linked_connection_lst, conn));
476 }
477 }
478
479 /** Close all connections that have been scheduled to get closed. */
480 static void
481 close_closeable_connections(void)
482 {
483 int i;
484 for (i = 0; i < smartlist_len(closeable_connection_lst); ) {
485 connection_t *conn = smartlist_get(closeable_connection_lst, i);
486 if (conn->conn_array_index < 0) {
487 connection_unlink(conn); /* blow it away right now */
488 } else {
489 if (!conn_close_if_marked(conn->conn_array_index))
490 ++i;
491 }
492 }
493 }
494
495 /** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
496 * some data to read. */
497 static void
498 conn_read_callback(int fd, short event, void *_conn)
499 {
500 connection_t *conn = _conn;
501 (void)fd;
502 (void)event;
503
504 log_debug(LD_NET,"socket %d wants to read.",conn->s);
505
506 /* assert_connection_ok(conn, time(NULL)); */
507
508 if (connection_handle_read(conn) < 0) {
509 if (!conn->marked_for_close) {
510 #ifndef MS_WINDOWS
511 log_warn(LD_BUG,"Unhandled error on read for %s connection "
512 "(fd %d); removing",
513 conn_type_to_string(conn->type), conn->s);
514 tor_fragile_assert();
515 #endif
516 if (CONN_IS_EDGE(conn))
517 connection_edge_end_errno(TO_EDGE_CONN(conn));
518 connection_mark_for_close(conn);
519 }
520 }
521 assert_connection_ok(conn, time(NULL));
522
523 if (smartlist_len(closeable_connection_lst))
524 close_closeable_connections();
525 }
526
527 /** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
528 * some data to write. */
529 static void
530 conn_write_callback(int fd, short events, void *_conn)
531 {
532 connection_t *conn = _conn;
533 (void)fd;
534 (void)events;
535
536 LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "socket %d wants to write.",conn->s));
537
538 /* assert_connection_ok(conn, time(NULL)); */
539
540 if (connection_handle_write(conn, 0) < 0) {
541 if (!conn->marked_for_close) {
542 /* this connection is broken. remove it. */
543 log_fn(LOG_WARN,LD_BUG,
544 "unhandled error on write for %s connection (fd %d); removing",
545 conn_type_to_string(conn->type), conn->s);
546 tor_fragile_assert();
547 if (CONN_IS_EDGE(conn)) {
548 /* otherwise we cry wolf about duplicate close */
549 edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
550 if (!edge_conn->end_reason)
551 edge_conn->end_reason = END_STREAM_REASON_INTERNAL;
552 edge_conn->edge_has_sent_end = 1;
553 }
554 connection_close_immediate(conn); /* So we don't try to flush. */
555 connection_mark_for_close(conn);
556 }
557 }
558 assert_connection_ok(conn, time(NULL));
559
560 if (smartlist_len(closeable_connection_lst))
561 close_closeable_connections();
562 }
563
564 /** If the connection at connection_array[i] is marked for close, then:
565 * - If it has data that it wants to flush, try to flush it.
566 * - If it _still_ has data to flush, and conn->hold_open_until_flushed is
567 * true, then leave the connection open and return.
568 * - Otherwise, remove the connection from connection_array and from
569 * all other lists, close it, and free it.
570 * Returns 1 if the connection was closed, 0 otherwise.
571 */
572 static int
573 conn_close_if_marked(int i)
574 {
575 connection_t *conn;
576 int retval;
577 time_t now;
578
579 conn = smartlist_get(connection_array, i);
580 if (!conn->marked_for_close)
581 return 0; /* nothing to see here, move along */
582 now = time(NULL);
583 assert_connection_ok(conn, now);
584 /* assert_all_pending_dns_resolves_ok(); */
585
586 log_debug(LD_NET,"Cleaning up connection (fd %d).",conn->s);
587 if ((conn->s >= 0 || conn->linked_conn) && connection_wants_to_flush(conn)) {
588 /* s == -1 means it's an incomplete edge connection, or that the socket
589 * has already been closed as unflushable. */
590 ssize_t sz = connection_bucket_write_limit(conn, now);
591 if (!conn->hold_open_until_flushed)
592 log_info(LD_NET,
593 "Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
594 "to flush %d bytes. (Marked at %s:%d)",
595 escaped_safe_str_client(conn->address),
596 conn->s, conn_type_to_string(conn->type), conn->state,
597 (int)conn->outbuf_flushlen,
598 conn->marked_for_close_file, conn->marked_for_close);
599 if (conn->linked_conn) {
600 retval = move_buf_to_buf(conn->linked_conn->inbuf, conn->outbuf,
601 &conn->outbuf_flushlen);
602 if (retval >= 0) {
603 /* The linked conn will notice that it has data when it notices that
604 * we're gone. */
605 connection_start_reading_from_linked_conn(conn->linked_conn);
606 }
607 log_debug(LD_GENERAL, "Flushed last %d bytes from a linked conn; "
608 "%d left; flushlen %d; wants-to-flush==%d", retval,
609 (int)buf_datalen(conn->outbuf),
610 (int)conn->outbuf_flushlen,
611 connection_wants_to_flush(conn));
612 } else if (connection_speaks_cells(conn)) {
613 if (conn->state == OR_CONN_STATE_OPEN) {
614 retval = flush_buf_tls(TO_OR_CONN(conn)->tls, conn->outbuf, sz,
615 &conn->outbuf_flushlen);
616 } else
617 retval = -1; /* never flush non-open broken tls connections */
618 } else {
619 retval = flush_buf(conn->s, conn->outbuf, sz, &conn->outbuf_flushlen);
620 }
621 if (retval >= 0 && /* Technically, we could survive things like
622 TLS_WANT_WRITE here. But don't bother for now. */
623 conn->hold_open_until_flushed && connection_wants_to_flush(conn)) {
624 if (retval > 0) {
625 LOG_FN_CONN(conn, (LOG_INFO,LD_NET,
626 "Holding conn (fd %d) open for more flushing.",
627 conn->s));
628 conn->timestamp_lastwritten = now; /* reset so we can flush more */
629 }
630 return 0;
631 }
632 if (connection_wants_to_flush(conn)) {
633 int severity;
634 if (conn->type == CONN_TYPE_EXIT ||
635 (conn->type == CONN_TYPE_OR && server_mode(get_options())) ||
636 (conn->type == CONN_TYPE_DIR && conn->purpose == DIR_PURPOSE_SERVER))
637 severity = LOG_INFO;
638 else
639 severity = LOG_NOTICE;
640 /* XXXX Maybe allow this to happen a certain amount per hour; it usually
641 * is meaningless. */
642 log_fn(severity, LD_NET, "We stalled too much while trying to write %d "
643 "bytes to address %s. If this happens a lot, either "
644 "something is wrong with your network connection, or "
645 "something is wrong with theirs. "
646 "(fd %d, type %s, state %d, marked at %s:%d).",
647 (int)buf_datalen(conn->outbuf),
648 escaped_safe_str_client(conn->address),
649 conn->s, conn_type_to_string(conn->type), conn->state,
650 conn->marked_for_close_file,
651 conn->marked_for_close);
652 }
653 }
654 connection_unlink(conn); /* unlink, remove, free */
655 return 1;
656 }
657
658 /** We've just tried every dirserver we know about, and none of
659 * them were reachable. Assume the network is down. Change state
660 * so next time an application connection arrives we'll delay it
661 * and try another directory fetch. Kill off all the circuit_wait
662 * streams that are waiting now, since they will all timeout anyway.
663 */
664 void
665 directory_all_unreachable(time_t now)
666 {
667 connection_t *conn;
668 (void)now;
669
670 stats_n_seconds_working=0; /* reset it */
671
672 while ((conn = connection_get_by_type_state(CONN_TYPE_AP,
673 AP_CONN_STATE_CIRCUIT_WAIT))) {
674 edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
675 log_notice(LD_NET,
676 "Is your network connection down? "
677 "Failing connection to '%s:%d'.",
678 safe_str_client(edge_conn->socks_request->address),
679 edge_conn->socks_request->port);
680 connection_mark_unattached_ap(edge_conn,
681 END_STREAM_REASON_NET_UNREACHABLE);
682 }
683 control_event_general_status(LOG_ERR, "DIR_ALL_UNREACHABLE");
684 }
685
686 /** This function is called whenever we successfully pull down some new
687 * network statuses or server descriptors. */
688 void
689 directory_info_has_arrived(time_t now, int from_cache)
690 {
691 or_options_t *options = get_options();
692
693 if (!router_have_minimum_dir_info()) {
694 int quiet = directory_too_idle_to_fetch_descriptors(options, now);
695 log(quiet ? LOG_INFO : LOG_NOTICE, LD_DIR,
696 "I learned some more directory information, but not enough to "
697 "build a circuit: %s", get_dir_info_status_string());
698 update_router_descriptor_downloads(now);
699 return;
700 } else {
701 if (directory_fetches_from_authorities(options))
702 update_router_descriptor_downloads(now);
703
704 /* if we have enough dir info, then update our guard status with
705 * whatever we just learned. */
706 entry_guards_compute_status();
707 /* Don't even bother trying to get extrainfo until the rest of our
708 * directory info is up-to-date */
709 if (options->DownloadExtraInfo)
710 update_extrainfo_downloads(now);
711 }
712
713 if (server_mode(options) && !we_are_hibernating() && !from_cache &&
714 (has_completed_circuit || !any_predicted_circuits(now)))
715 consider_testing_reachability(1, 1);
716 }
717
718 /** How long do we wait before killing OR connections with no circuits?
719 * In Tor versions up to 0.2.1.25 and 0.2.2.12-alpha, we waited 15 minutes
720 * before cancelling these connections, which caused fast relays to accrue
721 * many many idle connections. Hopefully 3 minutes is low enough that
722 * it kills most idle connections, without being so low that we cause
723 * clients to bounce on and off.
724 */
725 #define IDLE_OR_CONN_TIMEOUT 180
726
727 /** Perform regular maintenance tasks for a single connection. This
728 * function gets run once per second per connection by run_scheduled_events.
729 */
730 static void
731 run_connection_housekeeping(int i, time_t now)
732 {
733 cell_t cell;
734 connection_t *conn = smartlist_get(connection_array, i);
735 or_options_t *options = get_options();
736 or_connection_t *or_conn;
737 int past_keepalive =
738 now >= conn->timestamp_lastwritten + options->KeepalivePeriod;
739
740 if (conn->outbuf && !buf_datalen(conn->outbuf) && conn->type == CONN_TYPE_OR)
741 TO_OR_CONN(conn)->timestamp_lastempty = now;
742
743 if (conn->marked_for_close) {
744 /* nothing to do here */
745 return;
746 }
747
748 /* Expire any directory connections that haven't been active (sent
749 * if a server or received if a client) for 5 min */
750 if (conn->type == CONN_TYPE_DIR &&
751 ((DIR_CONN_IS_SERVER(conn) &&
752 conn->timestamp_lastwritten + DIR_CONN_MAX_STALL < now) ||
753 (!DIR_CONN_IS_SERVER(conn) &&
754 conn->timestamp_lastread + DIR_CONN_MAX_STALL < now))) {
755 log_info(LD_DIR,"Expiring wedged directory conn (fd %d, purpose %d)",
756 conn->s, conn->purpose);
757 /* This check is temporary; it's to let us know whether we should consider
758 * parsing partial serverdesc responses. */
759 if (conn->purpose == DIR_PURPOSE_FETCH_SERVERDESC &&
760 buf_datalen(conn->inbuf)>=1024) {
761 log_info(LD_DIR,"Trying to extract information from wedged server desc "
762 "download.");
763 connection_dir_reached_eof(TO_DIR_CONN(conn));
764 } else {
765 connection_mark_for_close(conn);
766 }
767 return;
768 }
769
770 if (!connection_speaks_cells(conn))
771 return; /* we're all done here, the rest is just for OR conns */
772
773 /* If we haven't written to an OR connection for a while, then either nuke
774 the connection or send a keepalive, depending. */
775
776 or_conn = TO_OR_CONN(conn);
777 tor_assert(conn->outbuf);
778
779 if (or_conn->is_bad_for_new_circs && !or_conn->n_circuits) {
780 /* It's bad for new circuits, and has no unmarked circuits on it:
781 * mark it now. */
782 log_info(LD_OR,
783 "Expiring non-used OR connection to fd %d (%s:%d) [Too old].",
784 conn->s, conn->address, conn->port);
785 if (conn->state == OR_CONN_STATE_CONNECTING)
786 connection_or_connect_failed(TO_OR_CONN(conn),
787 END_OR_CONN_REASON_TIMEOUT,
788 "Tor gave up on the connection");
789 connection_mark_for_close(conn);
790 conn->hold_open_until_flushed = 1;
791 } else if (past_keepalive && !connection_state_is_open(conn)) {
792 /* We never managed to actually get this connection open and happy. */
793 log_info(LD_OR,"Expiring non-open OR connection to fd %d (%s:%d).",
794 conn->s,conn->address, conn->port);
795 connection_mark_for_close(conn);
796 conn->hold_open_until_flushed = 1;
797 } else if (we_are_hibernating() && !or_conn->n_circuits &&
798 !buf_datalen(conn->outbuf)) {
799 /* We're hibernating, there's no circuits, and nothing to flush.*/
800 log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
801 "[Hibernating or exiting].",
802 conn->s,conn->address, conn->port);
803 connection_mark_for_close(conn);
804 conn->hold_open_until_flushed = 1;
805 } else if (!or_conn->n_circuits &&
806 now >= or_conn->timestamp_last_added_nonpadding +
807 IDLE_OR_CONN_TIMEOUT) {
808 log_info(LD_OR,"Expiring non-used OR connection to fd %d (%s:%d) "
809 "[idle %d].", conn->s,conn->address, conn->port,
810 (int)(now - or_conn->timestamp_last_added_nonpadding));
811 connection_mark_for_close(conn);
812 conn->hold_open_until_flushed = 1;
813 } else if (
814 now >= or_conn->timestamp_lastempty + options->KeepalivePeriod*10 &&
815 now >= conn->timestamp_lastwritten + options->KeepalivePeriod*10) {
816 log_fn(LOG_PROTOCOL_WARN,LD_PROTOCOL,
817 "Expiring stuck OR connection to fd %d (%s:%d). (%d bytes to "
818 "flush; %d seconds since last write)",
819 conn->s, conn->address, conn->port,
820 (int)buf_datalen(conn->outbuf),
821 (int)(now-conn->timestamp_lastwritten));
822 connection_mark_for_close(conn);
823 } else if (past_keepalive && !buf_datalen(conn->outbuf)) {
824 /* send a padding cell */
825 log_fn(LOG_DEBUG,LD_OR,"Sending keepalive to (%s:%d)",
826 conn->address, conn->port);
827 memset(&cell,0,sizeof(cell_t));
828 cell.command = CELL_PADDING;
829 connection_or_write_cell_to_buf(&cell, or_conn);
830 }
831 }
832
833 /** Honor a NEWNYM request: make future requests unlinkable to past
834 * requests. */
835 static void
836 signewnym_impl(time_t now)
837 {
838 circuit_expire_all_dirty_circs();
839 addressmap_clear_transient();
840 time_of_last_signewnym = now;
841 signewnym_is_pending = 0;
842 }
843
844 /** Perform regular maintenance tasks. This function gets run once per
845 * second by second_elapsed_callback().
846 */
847 static void
848 run_scheduled_events(time_t now)
849 {
850 static time_t last_rotated_x509_certificate = 0;
851 static time_t time_to_check_v3_certificate = 0;
852 static time_t time_to_check_listeners = 0;
853 static time_t time_to_check_descriptor = 0;
854 static time_t time_to_check_ipaddress = 0;
855 static time_t time_to_shrink_memory = 0;
856 static time_t time_to_try_getting_descriptors = 0;
857 static time_t time_to_reset_descriptor_failures = 0;
858 static time_t time_to_add_entropy = 0;
859 static time_t time_to_write_bridge_status_file = 0;
860 static time_t time_to_downrate_stability = 0;
861 static time_t time_to_save_stability = 0;
862 static time_t time_to_clean_caches = 0;
863 static time_t time_to_recheck_bandwidth = 0;
864 static time_t time_to_check_for_expired_networkstatus = 0;
865 static time_t time_to_write_stats_files = 0;
866 static time_t time_to_write_bridge_stats = 0;
867 static int should_init_bridge_stats = 1;
868 static time_t time_to_retry_dns_init = 0;
869 or_options_t *options = get_options();
870 int i;
871 int have_dir_info;
872
873 /** 0. See if we've been asked to shut down and our timeout has
874 * expired; or if our bandwidth limits are exhausted and we
875 * should hibernate; or if it's time to wake up from hibernation.
876 */
877 consider_hibernation(now);
878
879 /* 0b. If we've deferred a signewnym, make sure it gets handled
880 * eventually. */
881 if (signewnym_is_pending &&
882 time_of_last_signewnym + MAX_SIGNEWNYM_RATE <= now) {
883 log(LOG_INFO, LD_CONTROL, "Honoring delayed NEWNYM request");
884 signewnym_impl(now);
885 }
886
887 /** 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys,
888 * shut down and restart all cpuworkers, and update the directory if
889 * necessary.
890 */
891 if (server_mode(options) &&
892 get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
893 log_info(LD_GENERAL,"Rotating onion key.");
894 rotate_onion_key();
895 cpuworkers_rotate();
896 if (router_rebuild_descriptor(1)<0) {
897 log_info(LD_CONFIG, "Couldn't rebuild router descriptor");
898 }
899 if (advertised_server_mode())
900 router_upload_dir_desc_to_dirservers(0);
901 }
902
903 if (time_to_try_getting_descriptors < now) {
904 update_router_descriptor_downloads(now);
905 update_extrainfo_downloads(now);
906 if (options->UseBridges)
907 fetch_bridge_descriptors(now);
908 if (router_have_minimum_dir_info())
909 time_to_try_getting_descriptors = now + LAZY_DESCRIPTOR_RETRY_INTERVAL;
910 else
911 time_to_try_getting_descriptors = now + GREEDY_DESCRIPTOR_RETRY_INTERVAL;
912 }
913
914 if (time_to_reset_descriptor_failures < now) {
915 router_reset_descriptor_download_failures();
916 time_to_reset_descriptor_failures =
917 now + DESCRIPTOR_FAILURE_RESET_INTERVAL;
918 }
919
920 /** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
921 if (!last_rotated_x509_certificate)
922 last_rotated_x509_certificate = now;
923 if (last_rotated_x509_certificate+MAX_SSL_KEY_LIFETIME < now) {
924 log_info(LD_GENERAL,"Rotating tls context.");
925 if (tor_tls_context_new(get_identity_key(), MAX_SSL_KEY_LIFETIME) < 0) {
926 log_warn(LD_BUG, "Error reinitializing TLS context");
927 /* XXX is it a bug here, that we just keep going? -RD */
928 }
929 last_rotated_x509_certificate = now;
930 /* We also make sure to rotate the TLS connections themselves if they've
931 * been up for too long -- but that's done via is_bad_for_new_circs in
932 * connection_run_housekeeping() above. */
933 }
934
935 if (time_to_add_entropy < now) {
936 if (time_to_add_entropy) {
937 /* We already seeded once, so don't die on failure. */
938 crypto_seed_rng(0);
939 }
940 /** How often do we add more entropy to OpenSSL's RNG pool? */
941 #define ENTROPY_INTERVAL (60*60)
942 time_to_add_entropy = now + ENTROPY_INTERVAL;
943 }
944
945 /** 1c. If we have to change the accounting interval or record
946 * bandwidth used in this accounting interval, do so. */
947 if (accounting_is_enabled(options))
948 accounting_run_housekeeping(now);
949
950 if (now % 10 == 0 && (authdir_mode_tests_reachability(options)) &&
951 !we_are_hibernating()) {
952 /* try to determine reachability of the other Tor relays */
953 dirserv_test_reachability(now);
954 }
955
956 /** 1d. Periodically, we discount older stability information so that new
957 * stability info counts more, and save the stability information to disk as
958 * appropriate. */
959 if (time_to_downrate_stability < now)
960 time_to_downrate_stability = rep_hist_downrate_old_runs(now);
961 if (authdir_mode_tests_reachability(options)) {
962 if (time_to_save_stability < now) {
963 if (time_to_save_stability && rep_hist_record_mtbf_data(now, 1)<0) {
964 log_warn(LD_GENERAL, "Couldn't store mtbf data.");
965 }
966 #define SAVE_STABILITY_INTERVAL (30*60)
967 time_to_save_stability = now + SAVE_STABILITY_INTERVAL;
968 }
969 }
970
971 /* 1e. Periodically, if we're a v3 authority, we check whether our cert is
972 * close to expiring and warn the admin if it is. */
973 if (time_to_check_v3_certificate < now) {
974 v3_authority_check_key_expiry();
975 #define CHECK_V3_CERTIFICATE_INTERVAL (5*60)
976 time_to_check_v3_certificate = now + CHECK_V3_CERTIFICATE_INTERVAL;
977 }
978
979 /* 1f. Check whether our networkstatus has expired.
980 */
981 if (time_to_check_for_expired_networkstatus < now) {
982 networkstatus_t *ns = networkstatus_get_latest_consensus();
983 /*XXXX RD: This value needs to be the same as REASONABLY_LIVE_TIME in
984 * networkstatus_get_reasonably_live_consensus(), but that value is way
985 * way too high. Arma: is the bridge issue there resolved yet? -NM */
986 #define NS_EXPIRY_SLOP (24*60*60)
987 if (ns && ns->valid_until < now+NS_EXPIRY_SLOP &&
988 router_have_minimum_dir_info()) {
989 router_dir_info_changed();
990 }
991 #define CHECK_EXPIRED_NS_INTERVAL (2*60)
992 time_to_check_for_expired_networkstatus = now + CHECK_EXPIRED_NS_INTERVAL;
993 }
994
995 /* 1g. Check whether we should write statistics to disk.
996 */
997 if (time_to_write_stats_files >= 0 && time_to_write_stats_files < now) {
998 #define WRITE_STATS_INTERVAL (24*60*60)
999 if (options->CellStatistics || options->DirReqStatistics ||
1000 options->EntryStatistics || options->ExitPortStatistics) {
1001 if (!time_to_write_stats_files) {
1002 /* Initialize stats. We're doing this here and not in options_act,
1003 * so that we know exactly when the 24 hours interval ends. */
1004 if (options->CellStatistics)
1005 rep_hist_buffer_stats_init(now);
1006 if (options->DirReqStatistics)
1007 geoip_dirreq_stats_init(now);
1008 if (options->EntryStatistics)
1009 geoip_entry_stats_init(now);
1010 if (options->ExitPortStatistics)
1011 rep_hist_exit_stats_init(now);
1012 log_notice(LD_CONFIG, "Configured to measure statistics. Look for "
1013 "the *-stats files that will first be written to the "
1014 "data directory in %d hours from now.",
1015 WRITE_STATS_INTERVAL / (60 * 60));
1016 time_to_write_stats_files = now + WRITE_STATS_INTERVAL;
1017 } else {
1018 /* Write stats to disk. */
1019 if (options->CellStatistics)
1020 rep_hist_buffer_stats_write(time_to_write_stats_files);
1021 if (options->DirReqStatistics)
1022 geoip_dirreq_stats_write(time_to_write_stats_files);
1023 if (options->EntryStatistics)
1024 geoip_entry_stats_write(time_to_write_stats_files);
1025 if (options->ExitPortStatistics)
1026 rep_hist_exit_stats_write(time_to_write_stats_files);
1027 time_to_write_stats_files += WRITE_STATS_INTERVAL;
1028 }
1029 } else {
1030 /* Never write stats to disk */
1031 time_to_write_stats_files = -1;
1032 }
1033 }
1034
1035 /* 1h. Check whether we should write bridge statistics to disk.
1036 */
1037 if (should_record_bridge_info(options)) {
1038 if (time_to_write_bridge_stats < now) {
1039 if (should_init_bridge_stats) {
1040 /* (Re-)initialize bridge statistics. */
1041 geoip_bridge_stats_init(now);
1042 time_to_write_bridge_stats = now + WRITE_STATS_INTERVAL;
1043 should_init_bridge_stats = 0;
1044 } else {
1045 /* Possibly write bridge statistics to disk and ask when to write
1046 * them next time. */
1047 time_to_write_bridge_stats = geoip_bridge_stats_write(
1048 time_to_write_bridge_stats);
1049 }
1050 }
1051 } else if (!should_init_bridge_stats) {
1052 /* Bridge mode was turned off. Ensure that stats are re-initialized
1053 * next time bridge mode is turned on. */
1054 should_init_bridge_stats = 1;
1055 }
1056
1057 /* Remove old information from rephist and the rend cache. */
1058 if (time_to_clean_caches < now) {
1059 rep_history_clean(now - options->RephistTrackTime);
1060 rend_cache_clean();
1061 rend_cache_clean_v2_descs_as_dir();
1062 #define CLEAN_CACHES_INTERVAL (30*60)
1063 time_to_clean_caches = now + CLEAN_CACHES_INTERVAL;
1064 }
1065
1066 #define RETRY_DNS_INTERVAL (10*60)
1067 /* If we're a server and initializing dns failed, retry periodically. */
1068 if (time_to_retry_dns_init < now) {
1069 time_to_retry_dns_init = now + RETRY_DNS_INTERVAL;
1070 if (server_mode(options) && has_dns_init_failed())
1071 dns_init();
1072 }
1073
1074 /** 2. Periodically, we consider force-uploading our descriptor
1075 * (if we've passed our internal checks). */
1076
1077 /** How often do we check whether part of our router info has changed in a way
1078 * that would require an upload? */
1079 #define CHECK_DESCRIPTOR_INTERVAL (60)
1080 /** How often do we (as a router) check whether our IP address has changed? */
1081 #define CHECK_IPADDRESS_INTERVAL (15*60)
1082
1083 /* 2b. Once per minute, regenerate and upload the descriptor if the old
1084 * one is inaccurate. */
1085 if (time_to_check_descriptor < now) {
1086 static int dirport_reachability_count = 0;
1087 time_to_check_descriptor = now + CHECK_DESCRIPTOR_INTERVAL;
1088 check_descriptor_bandwidth_changed(now);
1089 if (time_to_check_ipaddress < now) {
1090 time_to_check_ipaddress = now + CHECK_IPADDRESS_INTERVAL;
1091 check_descriptor_ipaddress_changed(now);
1092 }
1093 /** If our router descriptor ever goes this long without being regenerated
1094 * because something changed, we force an immediate regenerate-and-upload. */
1095 #define FORCE_REGENERATE_DESCRIPTOR_INTERVAL (18*60*60)
1096 mark_my_descriptor_dirty_if_older_than(
1097 now - FORCE_REGENERATE_DESCRIPTOR_INTERVAL);
1098 consider_publishable_server(0);
1099 /* also, check religiously for reachability, if it's within the first
1100 * 20 minutes of our uptime. */
1101 if (server_mode(options) &&
1102 (has_completed_circuit || !any_predicted_circuits(now)) &&
1103 !we_are_hibernating()) {
1104 if (stats_n_seconds_working < TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT) {
1105 consider_testing_reachability(1, dirport_reachability_count==0);
1106 if (++dirport_reachability_count > 5)
1107 dirport_reachability_count = 0;
1108 } else if (time_to_recheck_bandwidth < now) {
1109 /* If we haven't checked for 12 hours and our bandwidth estimate is
1110 * low, do another bandwidth test. This is especially important for
1111 * bridges, since they might go long periods without much use. */
1112 routerinfo_t *me = router_get_my_routerinfo();
1113 if (time_to_recheck_bandwidth && me &&
1114 me->bandwidthcapacity < me->bandwidthrate &&
1115 me->bandwidthcapacity < 51200) {
1116 reset_bandwidth_test();
1117 }
1118 #define BANDWIDTH_RECHECK_INTERVAL (12*60*60)
1119 time_to_recheck_bandwidth = now + BANDWIDTH_RECHECK_INTERVAL;
1120 }
1121 }
1122
1123 /* If any networkstatus documents are no longer recent, we need to
1124 * update all the descriptors' running status. */
1125 /* purge obsolete entries */
1126 networkstatus_v2_list_clean(now);
1127 /* Remove dead routers. */
1128 routerlist_remove_old_routers();
1129
1130 /* Also, once per minute, check whether we want to download any
1131 * networkstatus documents.
1132 */
1133 update_networkstatus_downloads(now);
1134 }
1135
1136 /** 2c. Let directory voting happen. */
1137 if (authdir_mode_v3(options))
1138 dirvote_act(options, now);
1139
1140 /** 3a. Every second, we examine pending circuits and prune the
1141 * ones which have been pending for more than a few seconds.
1142 * We do this before step 4, so it can try building more if
1143 * it's not comfortable with the number of available circuits.
1144 */
1145 circuit_expire_building(now);
1146
1147 /** 3b. Also look at pending streams and prune the ones that 'began'
1148 * a long time ago but haven't gotten a 'connected' yet.
1149 * Do this before step 4, so we can put them back into pending
1150 * state to be picked up by the new circuit.
1151 */
1152 connection_ap_expire_beginning();
1153
1154 /** 3c. And expire connections that we've held open for too long.
1155 */
1156 connection_expire_held_open();
1157
1158 /** 3d. And every 60 seconds, we relaunch listeners if any died. */
1159 if (!we_are_hibernating() && time_to_check_listeners < now) {
1160 retry_all_listeners(NULL, NULL);
1161 time_to_check_listeners = now+60;
1162 }
1163
1164 /** 4. Every second, we try a new circuit if there are no valid
1165 * circuits. Every NewCircuitPeriod seconds, we expire circuits
1166 * that became dirty more than MaxCircuitDirtiness seconds ago,
1167 * and we make a new circ if there are no clean circuits.
1168 */
1169 have_dir_info = router_have_minimum_dir_info();
1170 if (have_dir_info && !we_are_hibernating())
1171 circuit_build_needed_circs(now);
1172
1173 /* every 10 seconds, but not at the same second as other such events */
1174 if (now % 10 == 5)
1175 circuit_expire_old_circuits_serverside(now);
1176
1177 /** 5. We do housekeeping for each connection... */
1178 connection_or_set_bad_connections();
1179 for (i=0;i<smartlist_len(connection_array);i++) {
1180 run_connection_housekeeping(i, now);
1181 }
1182 if (time_to_shrink_memory < now) {
1183 SMARTLIST_FOREACH(connection_array, connection_t *, conn, {
1184 if (conn->outbuf)
1185 buf_shrink(conn->outbuf);
1186 if (conn->inbuf)
1187 buf_shrink(conn->inbuf);
1188 });
1189 clean_cell_pool();
1190 buf_shrink_freelists(0);
1191 /** How often do we check buffers and pools for empty space that can be
1192 * deallocated? */
1193 #define MEM_SHRINK_INTERVAL (60)
1194 time_to_shrink_memory = now + MEM_SHRINK_INTERVAL;
1195 }
1196
1197 /** 6. And remove any marked circuits... */
1198 circuit_close_all_marked();
1199
1200 /** 7. And upload service descriptors if necessary. */
1201 if (has_completed_circuit && !we_are_hibernating()) {
1202 rend_consider_services_upload(now);
1203 rend_consider_descriptor_republication();
1204 }
1205
1206 /** 8. and blow away any connections that need to die. have to do this now,
1207 * because if we marked a conn for close and left its socket -1, then
1208 * we'll pass it to poll/select and bad things will happen.
1209 */
1210 close_closeable_connections();
1211
1212 /** 8b. And if anything in our state is ready to get flushed to disk, we
1213 * flush it. */
1214 or_state_save(now);
1215
1216 /** 9. and if we're a server, check whether our DNS is telling stories to
1217 * us. */
1218 if (server_mode(options) && time_to_check_for_correct_dns < now) {
1219 if (!time_to_check_for_correct_dns) {
1220 time_to_check_for_correct_dns = now + 60 + crypto_rand_int(120);
1221 } else {
1222 dns_launch_correctness_checks();
1223 time_to_check_for_correct_dns = now + 12*3600 +
1224 crypto_rand_int(12*3600);
1225 }
1226 }
1227
1228 /** 10b. write bridge networkstatus file to disk */
1229 if (options->BridgeAuthoritativeDir &&
1230 time_to_write_bridge_status_file < now) {
1231 networkstatus_dump_bridge_status_to_file(now);
1232 #define BRIDGE_STATUSFILE_INTERVAL (30*60)
1233 time_to_write_bridge_status_file = now+BRIDGE_STATUSFILE_INTERVAL;
1234 }
1235 }
1236
1237 /** Timer: used to invoke second_elapsed_callback() once per second. */
1238 static periodic_timer_t *second_timer = NULL;
1239 /** Number of libevent errors in the last second: we die if we get too many. */
1240 static int n_libevent_errors = 0;
1241
1242 /** Libevent callback: invoked once every second. */
1243 static void
1244 second_elapsed_callback(periodic_timer_t *timer, void *arg)
1245 {
1246 /* XXXX This could be sensibly refactored into multiple callbacks, and we
1247 * could use Libevent's timers for this rather than checking the current
1248 * time against a bunch of timeouts every second. */
1249 static time_t current_second = 0;
1250 time_t now;
1251 size_t bytes_written;
1252 size_t bytes_read;
1253 int seconds_elapsed;
1254 or_options_t *options = get_options();
1255 (void)timer;
1256 (void)arg;
1257
1258 n_libevent_errors = 0;
1259
1260 /* log_notice(LD_GENERAL, "Tick."); */
1261 now = time(NULL);
1262 update_approx_time(now);
1263
1264 /* the second has rolled over. check more stuff. */
1265 bytes_written = stats_prev_global_write_bucket - global_write_bucket;
1266 bytes_read = stats_prev_global_read_bucket - global_read_bucket;
1267 seconds_elapsed = current_second ? (int)(now - current_second) : 0;
1268 stats_n_bytes_read += bytes_read;
1269 stats_n_bytes_written += bytes_written;
1270 if (accounting_is_enabled(options) && seconds_elapsed >= 0)
1271 accounting_add_bytes(bytes_read, bytes_written, seconds_elapsed);
1272 control_event_bandwidth_used((uint32_t)bytes_read,(uint32_t)bytes_written);
1273 control_event_stream_bandwidth_used();
1274
1275 if (seconds_elapsed > 0)
1276 connection_bucket_refill(seconds_elapsed, now);
1277 stats_prev_global_read_bucket = global_read_bucket;
1278 stats_prev_global_write_bucket = global_write_bucket;
1279
1280 if (server_mode(options) &&
1281 !we_are_hibernating() &&
1282 seconds_elapsed > 0 &&
1283 has_completed_circuit &&
1284 stats_n_seconds_working / TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT !=
1285 (stats_n_seconds_working+seconds_elapsed) /
1286 TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT) {
1287 /* every 20 minutes, check and complain if necessary */
1288 routerinfo_t *me = router_get_my_routerinfo();
1289 if (me && !check_whether_orport_reachable()) {
1290 log_warn(LD_CONFIG,"Your server (%s:%d) has not managed to confirm that "
1291 "its ORPort is reachable. Please check your firewalls, ports, "
1292 "address, /etc/hosts file, etc.",
1293 me->address, me->or_port);
1294 control_event_server_status(LOG_WARN,
1295 "REACHABILITY_FAILED ORADDRESS=%s:%d",
1296 me->address, me->or_port);
1297 }
1298
1299 if (me && !check_whether_dirport_reachable()) {
1300 log_warn(LD_CONFIG,
1301 "Your server (%s:%d) has not managed to confirm that its "
1302 "DirPort is reachable. Please check your firewalls, ports, "
1303 "address, /etc/hosts file, etc.",
1304 me->address, me->dir_port);
1305 control_event_server_status(LOG_WARN,
1306 "REACHABILITY_FAILED DIRADDRESS=%s:%d",
1307 me->address, me->dir_port);
1308 }
1309 }
1310
1311 /** If more than this many seconds have elapsed, probably the clock
1312 * jumped: doesn't count. */
1313 #define NUM_JUMPED_SECONDS_BEFORE_WARN 100
1314 if (seconds_elapsed < -NUM_JUMPED_SECONDS_BEFORE_WARN ||
1315 seconds_elapsed >= NUM_JUMPED_SECONDS_BEFORE_WARN) {
1316 circuit_note_clock_jumped(seconds_elapsed);
1317 /* XXX if the time jumps *back* many months, do our events in
1318 * run_scheduled_events() recover? I don't think they do. -RD */
1319 } else if (seconds_elapsed > 0)
1320 stats_n_seconds_working += seconds_elapsed;
1321
1322 run_scheduled_events(now);
1323
1324 current_second = now; /* remember which second it is, for next time */
1325 }
1326
1327 #ifndef MS_WINDOWS
1328 /** Called when a possibly ignorable libevent error occurs; ensures that we
1329 * don't get into an infinite loop by ignoring too many errors from
1330 * libevent. */
1331 static int
1332 got_libevent_error(void)
1333 {
1334 if (++n_libevent_errors > 8) {
1335 log_err(LD_NET, "Too many libevent errors in one second; dying");
1336 return -1;
1337 }
1338 return 0;
1339 }
1340 #endif
1341
1342 #define UPTIME_CUTOFF_FOR_NEW_BANDWIDTH_TEST (6*60*60)
1343
1344 /** Called when our IP address seems to have changed. <b>at_interface</b>
1345 * should be true if we detected a change in our interface, and false if we
1346 * detected a change in our published address. */
1347 void
1348 ip_address_changed(int at_interface)
1349 {
1350 int server = server_mode(get_options());
1351
1352 if (at_interface) {
1353 if (! server) {
1354 /* Okay, change our keys. */
1355 init_keys();
1356 }
1357 } else {
1358 if (server) {
1359 if (stats_n_seconds_working > UPTIME_CUTOFF_FOR_NEW_BANDWIDTH_TEST)
1360 reset_bandwidth_test();
1361 stats_n_seconds_working = 0;
1362 router_reset_reachability();
1363 mark_my_descriptor_dirty();
1364 }
1365 }
1366
1367 dns_servers_relaunch_checks();
1368 }
1369
1370 /** Forget what we've learned about the correctness of our DNS servers, and
1371 * start learning again. */
1372 void
1373 dns_servers_relaunch_checks(void)
1374 {
1375 if (server_mode(get_options())) {
1376 dns_reset_correctness_checks();
1377 time_to_check_for_correct_dns = 0;
1378 }
1379 }
1380
1381 /** Called when we get a SIGHUP: reload configuration files and keys,
1382 * retry all connections, and so on. */
1383 static int
1384 do_hup(void)
1385 {
1386 or_options_t *options = get_options();
1387
1388 #ifdef USE_DMALLOC
1389 dmalloc_log_stats();
1390 dmalloc_log_changed(0, 1, 0, 0);
1391 #endif
1392
1393 log_notice(LD_GENERAL,"Received reload signal (hup). Reloading config and "
1394 "resetting internal state.");
1395 if (accounting_is_enabled(options))
1396 accounting_record_bandwidth_usage(time(NULL), get_or_state());
1397
1398 router_reset_warnings();
1399 routerlist_reset_warnings();
1400 addressmap_clear_transient();
1401 /* first, reload config variables, in case they've changed */
1402 if (options->ReloadTorrcOnSIGHUP) {
1403 /* no need to provide argc/v, they've been cached in init_from_config */
1404 if (options_init_from_torrc(0, NULL) < 0) {
1405 log_err(LD_CONFIG,"Reading config failed--see warnings above. "
1406 "For usage, try -h.");
1407 return -1;
1408 }
1409 options = get_options(); /* they have changed now */
1410 } else {
1411 log_notice(LD_GENERAL, "Not reloading config file: the controller told "
1412 "us not to.");
1413 }
1414 if (authdir_mode_handles_descs(options, -1)) {
1415 /* reload the approved-routers file */
1416 if (dirserv_load_fingerprint_file() < 0) {
1417 /* warnings are logged from dirserv_load_fingerprint_file() directly */
1418 log_info(LD_GENERAL, "Error reloading fingerprints. "
1419 "Continuing with old list.");
1420 }
1421 }
1422
1423 /* Rotate away from the old dirty circuits. This has to be done
1424 * after we've read the new options, but before we start using
1425 * circuits for directory fetches. */
1426 circuit_expire_all_dirty_circs();
1427
1428 /* retry appropriate downloads */
1429 router_reset_status_download_failures();
1430 router_reset_descriptor_download_failures();
1431 update_networkstatus_downloads(time(NULL));
1432
1433 /* We'll retry routerstatus downloads in about 10 seconds; no need to
1434 * force a retry there. */
1435
1436 if (server_mode(options)) {
1437 /* Restart cpuworker and dnsworker processes, so they get up-to-date
1438 * configuration options. */
1439 cpuworkers_rotate();
1440 dns_reset();
1441 }
1442 return 0;
1443 }
1444
1445 /** Tor main loop. */
1446 /* static */ int
1447 do_main_loop(void)
1448 {
1449 int loop_result;
1450 time_t now;
1451
1452 /* initialize dns resolve map, spawn workers if needed */
1453 if (dns_init() < 0) {
1454 if (get_options()->ServerDNSAllowBrokenConfig)
1455 log_warn(LD_GENERAL, "Couldn't set up any working nameservers. "
1456 "Network not up yet? Will try again soon.");
1457 else {
1458 log_err(LD_GENERAL,"Error initializing dns subsystem; exiting. To "
1459 "retry instead, set the ServerDNSAllowBrokenResolvConf option.");
1460 }
1461 }
1462
1463 handle_signals(1);
1464
1465 /* load the private keys, if we're supposed to have them, and set up the
1466 * TLS context. */
1467 if (! identity_key_is_set()) {
1468 if (init_keys() < 0) {
1469 log_err(LD_BUG,"Error initializing keys; exiting");
1470 return -1;
1471 }
1472 }
1473
1474 /* Set up the packed_cell_t memory pool. */
1475 init_cell_pool();
1476
1477 /* Set up our buckets */
1478 connection_bucket_init();
1479 stats_prev_global_read_bucket = global_read_bucket;
1480 stats_prev_global_write_bucket = global_write_bucket;
1481
1482 /* initialize the bootstrap status events to know we're starting up */
1483 control_event_bootstrap(BOOTSTRAP_STATUS_STARTING, 0);
1484
1485 if (trusted_dirs_reload_certs()) {
1486 log_warn(LD_DIR,
1487 "Couldn't load all cached v3 certificates. Starting anyway.");
1488 }
1489 if (router_reload_v2_networkstatus()) {
1490 return -1;
1491 }
1492 if (router_reload_consensus_networkstatus()) {
1493 return -1;
1494 }
1495 /* load the routers file, or assign the defaults. */
1496 if (router_reload_router_list()) {
1497 return -1;
1498 }
1499 /* load the networkstatuses. (This launches a download for new routers as
1500 * appropriate.)
1501 */
1502 now = time(NULL);
1503 directory_info_has_arrived(now, 1);
1504
1505 if (server_mode(get_options())) {
1506 /* launch cpuworkers. Need to do this *after* we've read the onion key. */
1507 cpu_init();
1508 }
1509
1510 /* set up once-a-second callback. */
1511 if (! second_timer) {
1512 struct timeval one_second;
1513 one_second.tv_sec = 1;
1514 one_second.tv_usec = 0;
1515
1516 second_timer = periodic_timer_new(tor_libevent_get_base(),
1517 &one_second,
1518 second_elapsed_callback,
1519 NULL);
1520 tor_assert(second_timer);
1521 }
1522
1523 for (;;) {
1524 if (nt_service_is_stopping())
1525 return 0;
1526
1527 #ifndef MS_WINDOWS
1528 /* Make it easier to tell whether libevent failure is our fault or not. */
1529 errno = 0;
1530 #endif
1531 /* All active linked conns should get their read events activated. */
1532 SMARTLIST_FOREACH(active_linked_connection_lst, connection_t *, conn,
1533 event_active(conn->read_event, EV_READ, 1));
1534 called_loop_once = smartlist_len(active_linked_connection_lst) ? 1 : 0;
1535
1536 update_approx_time(time(NULL));
1537
1538 /* poll until we have an event, or the second ends, or until we have
1539 * some active linked connections to trigger events for. */
1540 loop_result = event_base_loop(tor_libevent_get_base(),
1541 called_loop_once ? EVLOOP_ONCE : 0);
1542
1543 /* let catch() handle things like ^c, and otherwise don't worry about it */
1544 if (loop_result < 0) {
1545 int e = tor_socket_errno(-1);
1546 /* let the program survive things like ^z */
1547 if (e != EINTR && !ERRNO_IS_EINPROGRESS(e)) {
1548 log_err(LD_NET,"libevent call with %s failed: %s [%d]",
1549 tor_libevent_get_method(), tor_socket_strerror(e), e);
1550 return -1;
1551 #ifndef MS_WINDOWS
1552 } else if (e == EINVAL) {
1553 log_warn(LD_NET, "EINVAL from libevent: should you upgrade libevent?");
1554 if (got_libevent_error())
1555 return -1;
1556 #endif
1557 } else {
1558 if (ERRNO_IS_EINPROGRESS(e))
1559 log_warn(LD_BUG,
1560 "libevent call returned EINPROGRESS? Please report.");
1561 log_debug(LD_NET,"libevent call interrupted.");
1562 /* You can't trust the results of this poll(). Go back to the
1563 * top of the big for loop. */
1564 continue;
1565 }
1566 }
1567 }
1568 }
1569
1570 /** Used to implement the SIGNAL control command: if we accept
1571 * <b>the_signal</b> as a remote pseudo-signal, act on it. */
1572 /* We don't re-use catch() here because:
1573 * 1. We handle a different set of signals than those allowed in catch.
1574 * 2. Platforms without signal() are unlikely to define SIGfoo.
1575 * 3. The control spec is defined to use fixed numeric signal values
1576 * which just happen to match the Unix values.
1577 */
1578 void
1579 control_signal_act(int the_signal)
1580 {
1581 switch (the_signal)
1582 {
1583 case 1:
1584 signal_callback(0,0,(void*)(uintptr_t)SIGHUP);
1585 break;
1586 case 2:
1587 signal_callback(0,0,(void*)(uintptr_t)SIGINT);
1588 break;
1589 case 10:
1590 signal_callback(0,0,(void*)(uintptr_t)SIGUSR1);
1591 break;
1592 case 12:
1593 signal_callback(0,0,(void*)(uintptr_t)SIGUSR2);
1594 break;
1595 case 15:
1596 signal_callback(0,0,(void*)(uintptr_t)SIGTERM);
1597 break;
1598 case SIGNEWNYM:
1599 signal_callback(0,0,(void*)(uintptr_t)SIGNEWNYM);
1600 break;
1601 case SIGCLEARDNSCACHE:
1602 signal_callback(0,0,(void*)(uintptr_t)SIGCLEARDNSCACHE);
1603 break;
1604 default:
1605 log_warn(LD_BUG, "Unrecognized signal number %d.", the_signal);
1606 break;
1607 }
1608 }
1609
1610 /** Libevent callback: invoked when we get a signal.
1611 */
1612 static void
1613 signal_callback(int fd, short events, void *arg)
1614 {
1615 uintptr_t sig = (uintptr_t)arg;
1616 (void)fd;
1617 (void)events;
1618 switch (sig)
1619 {
1620 case SIGTERM:
1621 log_notice(LD_GENERAL,"Catching signal TERM, exiting cleanly.");
1622 tor_cleanup();
1623 exit(0);
1624 break;
1625 case SIGINT:
1626 if (!server_mode(get_options())) { /* do it now */
1627 log_notice(LD_GENERAL,"Interrupt: exiting cleanly.");
1628 tor_cleanup();
1629 exit(0);
1630 }
1631 hibernate_begin_shutdown();
1632 break;
1633 #ifdef SIGPIPE
1634 case SIGPIPE:
1635 log_debug(LD_GENERAL,"Caught SIGPIPE. Ignoring.");
1636 break;
1637 #endif
1638 case SIGUSR1:
1639 /* prefer to log it at INFO, but make sure we always see it */
1640 dumpstats(get_min_log_level()<LOG_INFO ? get_min_log_level() : LOG_INFO);
1641 break;
1642 case SIGUSR2:
1643 switch_logs_debug();
1644 log_debug(LD_GENERAL,"Caught USR2, going to loglevel debug. "
1645 "Send HUP to change back.");
1646 break;
1647 case SIGHUP:
1648 if (do_hup() < 0) {
1649 log_warn(LD_CONFIG,"Restart failed (config error?). Exiting.");
1650 tor_cleanup();
1651 exit(1);
1652 }
1653 break;
1654 #ifdef SIGCHLD
1655 case SIGCHLD:
1656 while (waitpid(-1,NULL,WNOHANG) > 0) ; /* keep reaping until no more
1657 zombies */
1658 break;
1659 #endif
1660 case SIGNEWNYM: {
1661 time_t now = time(NULL);
1662 if (time_of_last_signewnym + MAX_SIGNEWNYM_RATE > now) {
1663 signewnym_is_pending = 1;
1664 log(LOG_NOTICE, LD_CONTROL,
1665 "Rate limiting NEWNYM request: delaying by %d second(s)",
1666 (int)(MAX_SIGNEWNYM_RATE+time_of_last_signewnym-now));
1667 } else {
1668 signewnym_impl(now);
1669 }
1670 break;
1671 }
1672 case SIGCLEARDNSCACHE:
1673 addressmap_clear_transient();
1674 break;
1675 }
1676 }
1677
1678 extern uint64_t rephist_total_alloc;
1679 extern uint32_t rephist_total_num;
1680
1681 /**
1682 * Write current memory usage information to the log.
1683 */
1684 static void
1685 dumpmemusage(int severity)
1686 {
1687 connection_dump_buffer_mem_stats(severity);
1688 log(severity, LD_GENERAL, "In rephist: "U64_FORMAT" used by %d Tors.",
1689 U64_PRINTF_ARG(rephist_total_alloc), rephist_total_num);
1690 dump_routerlist_mem_usage(severity);
1691 dump_cell_pool_usage(severity);
1692 dump_dns_mem_usage(severity);
1693 buf_dump_freelist_sizes(severity);
1694 tor_log_mallinfo(severity);
1695 }
1696
1697 /** Write all statistics to the log, with log level <b>severity</b>. Called
1698 * in response to a SIGUSR1. */
1699 static void
1700 dumpstats(int severity)
1701 {
1702 time_t now = time(NULL);
1703 time_t elapsed;
1704 size_t rbuf_cap, wbuf_cap, rbuf_len, wbuf_len;
1705
1706 log(severity, LD_GENERAL, "Dumping stats:");
1707
1708 SMARTLIST_FOREACH(connection_array, connection_t *, conn,
1709 {
1710 int i = conn_sl_idx;
1711 log(severity, LD_GENERAL,
1712 "Conn %d (socket %d) type %d (%s), state %d (%s), created %d secs ago",
1713 i, conn->s, conn->type, conn_type_to_string(conn->type),
1714 conn->state, conn_state_to_string(conn->type, conn->state),
1715 (int)(now - conn->timestamp_created));
1716 if (!connection_is_listener(conn)) {
1717 log(severity,LD_GENERAL,
1718 "Conn %d is to %s:%d.", i,
1719 safe_str_client(conn->address),
1720 conn->port);
1721 log(severity,LD_GENERAL,
1722 "Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",
1723 i,
1724 (int)buf_datalen(conn->inbuf),
1725 (int)buf_allocation(conn->inbuf),
1726 (int)(now - conn->timestamp_lastread));
1727 log(severity,LD_GENERAL,
1728 "Conn %d: %d bytes waiting on outbuf "
1729 "(len %d, last written %d secs ago)",i,
1730 (int)buf_datalen(conn->outbuf),
1731 (int)buf_allocation(conn->outbuf),
1732 (int)(now - conn->timestamp_lastwritten));
1733 if (conn->type == CONN_TYPE_OR) {
1734 or_connection_t *or_conn = TO_OR_CONN(conn);
1735 if (or_conn->tls) {
1736 tor_tls_get_buffer_sizes(or_conn->tls, &rbuf_cap, &rbuf_len,
1737 &wbuf_cap, &wbuf_len);
1738 log(severity, LD_GENERAL,
1739 "Conn %d: %d/%d bytes used on OpenSSL read buffer; "
1740 "%d/%d bytes used on write buffer.",
1741 i, (int)rbuf_len, (int)rbuf_cap, (int)wbuf_len, (int)wbuf_cap);
1742 }
1743 }
1744 }
1745 circuit_dump_by_conn(conn, severity); /* dump info about all the circuits
1746 * using this conn */
1747 });
1748 log(severity, LD_NET,
1749 "Cells processed: "U64_FORMAT" padding\n"
1750 " "U64_FORMAT" create\n"
1751 " "U64_FORMAT" created\n"
1752 " "U64_FORMAT" relay\n"
1753 " ("U64_FORMAT" relayed)\n"
1754 " ("U64_FORMAT" delivered)\n"
1755 " "U64_FORMAT" destroy",
1756 U64_PRINTF_ARG(stats_n_padding_cells_processed),
1757 U64_PRINTF_ARG(stats_n_create_cells_processed),
1758 U64_PRINTF_ARG(stats_n_created_cells_processed),
1759 U64_PRINTF_ARG(stats_n_relay_cells_processed),
1760 U64_PRINTF_ARG(stats_n_relay_cells_relayed),
1761 U64_PRINTF_ARG(stats_n_relay_cells_delivered),
1762 U64_PRINTF_ARG(stats_n_destroy_cells_processed));
1763 if (stats_n_data_cells_packaged)
1764 log(severity,LD_NET,"Average packaged cell fullness: %2.3f%%",
1765 100*(U64_TO_DBL(stats_n_data_bytes_packaged) /
1766 U64_TO_DBL(stats_n_data_cells_packaged*RELAY_PAYLOAD_SIZE)) );
1767 if (stats_n_data_cells_received)
1768 log(severity,LD_NET,"Average delivered cell fullness: %2.3f%%",
1769 100*(U64_TO_DBL(stats_n_data_bytes_received) /
1770 U64_TO_DBL(stats_n_data_cells_received*RELAY_PAYLOAD_SIZE)) );
1771
1772 if (now - time_of_process_start >= 0)
1773 elapsed = now - time_of_process_start;
1774 else
1775 elapsed = 0;
1776
1777 if (elapsed) {
1778 log(severity, LD_NET,
1779 "Average bandwidth: "U64_FORMAT"/%d = %d bytes/sec reading",
1780 U64_PRINTF_ARG(stats_n_bytes_read),
1781 (int)elapsed,
1782 (int) (stats_n_bytes_read/elapsed));
1783 log(severity, LD_NET,
1784 "Average bandwidth: "U64_FORMAT"/%d = %d bytes/sec writing",
1785 U64_PRINTF_ARG(stats_n_bytes_written),
1786 (int)elapsed,
1787 (int) (stats_n_bytes_written/elapsed));
1788 }
1789
1790 log(severity, LD_NET, "--------------- Dumping memory information:");
1791 dumpmemusage(severity);
1792
1793 rep_hist_dump_stats(now,severity);
1794 rend_service_dump_stats(severity);
1795 dump_pk_ops(severity);
1796 dump_distinct_digest_count(severity);
1797 }
1798
1799 /** Called by exit() as we shut down the process.
1800 */
1801 static void
1802 exit_function(void)
1803 {
1804 /* NOTE: If we ever daemonize, this gets called immediately. That's
1805 * okay for now, because we only use this on Windows. */
1806 #ifdef MS_WINDOWS
1807 WSACleanup();
1808 #endif
1809 }
1810
1811 /** Set up the signal handlers for either parent or child. */
1812 void
1813 handle_signals(int is_parent)
1814 {
1815 #ifndef MS_WINDOWS /* do signal stuff only on Unix */
1816 int i;
1817 static const int signals[] = {
1818 SIGINT, /* do a controlled slow shutdown */
1819 SIGTERM, /* to terminate now */
1820 SIGPIPE, /* otherwise SIGPIPE kills us */
1821 SIGUSR1, /* dump stats */
1822 SIGUSR2, /* go to loglevel debug */
1823 SIGHUP, /* to reload config, retry conns, etc */
1824 #ifdef SIGXFSZ
1825 SIGXFSZ, /* handle file-too-big resource exhaustion */
1826 #endif
1827 SIGCHLD, /* handle dns/cpu workers that exit */
1828 -1 };
1829 static struct event *signal_events[16]; /* bigger than it has to be. */
1830 if (is_parent) {
1831 for (i = 0; signals[i] >= 0; ++i) {
1832 signal_events[i] = tor_evsignal_new(
1833 tor_libevent_get_base(), signals[i], signal_callback,
1834 (void*)(uintptr_t)signals[i]);
1835 if (event_add(signal_events[i], NULL))
1836 log_warn(LD_BUG, "Error from libevent when adding event for signal %d",
1837 signals[i]);
1838 }
1839 } else {
1840 struct sigaction action;
1841 action.sa_flags = 0;
1842 sigemptyset(&action.sa_mask);
1843 action.sa_handler = SIG_IGN;
1844 sigaction(SIGINT, &action, NULL);
1845 sigaction(SIGTERM, &action, NULL);
1846 sigaction(SIGPIPE, &action, NULL);
1847 sigaction(SIGUSR1, &action, NULL);
1848 sigaction(SIGUSR2, &action, NULL);
1849 sigaction(SIGHUP, &action, NULL);
1850 #ifdef SIGXFSZ
1851 sigaction(SIGXFSZ, &action, NULL);
1852 #endif
1853 }
1854 #else /* MS windows */
1855 (void)is_parent;
1856 #endif /* signal stuff */
1857 }
1858
1859 /** Main entry point for the Tor command-line client.
1860 */
1861 /* static */ int
1862 tor_init(int argc, char *argv[])
1863 {
1864 char buf[256];
1865 int i, quiet = 0;
1866 time_of_process_start = time(NULL);
1867 if (!connection_array)
1868 connection_array = smartlist_create();
1869 if (!closeable_connection_lst)
1870 closeable_connection_lst = smartlist_create();
1871 if (!active_linked_connection_lst)
1872 active_linked_connection_lst = smartlist_create();
1873 /* Have the log set up with our application name. */
1874 tor_snprintf(buf, sizeof(buf), "Tor %s", get_version());
1875 log_set_application_name(buf);
1876 /* Initialize the history structures. */
1877 rep_hist_init();
1878 /* Initialize the service cache. */
1879 rend_cache_init();
1880 addressmap_init(); /* Init the client dns cache. Do it always, since it's
1881 * cheap. */
1882
1883 /* We search for the "quiet" option first, since it decides whether we
1884 * will log anything at all to the command line. */
1885 for (i=1;i<argc;++i) {
1886 if (!strcmp(argv[i], "--hush"))
1887 quiet = 1;
1888 if (!strcmp(argv[i], "--quiet"))
1889 quiet = 2;
1890 }
1891 /* give it somewhere to log to initially */
1892 switch (quiet) {
1893 case 2:
1894 /* no initial logging */
1895 break;
1896 case 1:
1897 add_temp_log(LOG_WARN);
1898 break;
1899 default:
1900 add_temp_log(LOG_NOTICE);
1901 }
1902
1903 log(LOG_NOTICE, LD_GENERAL, "Tor v%s. This is experimental software. "
1904 "Do not rely on it for strong anonymity. (Running on %s)",get_version(),
1905 get_uname());
1906
1907 if (network_init()<0) {
1908 log_err(LD_BUG,"Error initializing network; exiting.");
1909 return -1;
1910 }
1911 atexit(exit_function);
1912
1913 if (options_init_from_torrc(argc,argv) < 0) {
1914 log_err(LD_CONFIG,"Reading config failed--see warnings above.");
1915 return -1;
1916 }
1917
1918 #ifndef MS_WINDOWS
1919 if (geteuid()==0)
1920 log_warn(LD_GENERAL,"You are running Tor as root. You don't need to, "
1921 "and you probably shouldn't.");
1922 #endif
1923
1924 if (crypto_global_init(get_options()->HardwareAccel,
1925 get_options()->AccelName,
1926 get_options()->AccelDir)) {
1927 log_err(LD_BUG, "Unable to initialize OpenSSL. Exiting.");
1928 return -1;
1929 }
1930
1931 return 0;
1932 }
1933
1934 /** A lockfile structure, used to prevent two Tors from messing with the
1935 * data directory at once. If this variable is non-NULL, we're holding
1936 * the lockfile. */
1937 static tor_lockfile_t *lockfile = NULL;
1938
1939 /** Try to grab the lock file described in <b>options</b>, if we do not
1940 * already have it. If <b>err_if_locked</b> is true, warn if somebody else is
1941 * holding the lock, and exit if we can't get it after waiting. Otherwise,
1942 * return -1 if we can't get the lockfile. Return 0 on success.
1943 */
1944 int
1945 try_locking(or_options_t *options, int err_if_locked)
1946 {
1947 if (lockfile)
1948 return 0;
1949 else {
1950 char *fname = options_get_datadir_fname2_suffix(options, "lock",NULL,NULL);
1951 int already_locked = 0;
1952 tor_lockfile_t *lf = tor_lockfile_lock(fname, 0, &already_locked);
1953 tor_free(fname);
1954 if (!lf) {
1955 if (err_if_locked && already_locked) {
1956 int r;
1957 log_warn(LD_GENERAL, "It looks like another Tor process is running "
1958 "with the same data directory. Waiting 5 seconds to see "
1959 "if it goes away.");
1960 #ifndef WIN32
1961 sleep(5);
1962 #else
1963 Sleep(5000);
1964 #endif
1965 r = try_locking(options, 0);
1966 if (r<0) {
1967 log_err(LD_GENERAL, "No, it's still there. Exiting.");
1968 exit(0);
1969 }
1970 return r;
1971 }
1972 return -1;
1973 }
1974 lockfile = lf;
1975 return 0;
1976 }
1977 }
1978
1979 /** Return true iff we've successfully acquired the lock file. */
1980 int
1981 have_lockfile(void)
1982 {
1983 return lockfile != NULL;
1984 }
1985
1986 /** If we have successfully acquired the lock file, release it. */
1987 void
1988 release_lockfile(void)
1989 {
1990 if (lockfile) {
1991 tor_lockfile_unlock(lockfile);
1992 lockfile = NULL;
1993 }
1994 }
1995
1996 /** Free all memory that we might have allocated somewhere.
1997 * If <b>postfork</b>, we are a worker process and we want to free
1998 * only the parts of memory that we won't touch. If !<b>postfork</b>,
1999 * Tor is shutting down and we should free everything.
2000 *
2001 * Helps us find the real leaks with dmalloc and the like. Also valgrind
2002 * should then report 0 reachable in its leak report (in an ideal world --
2003 * in practice libevent, SSL, libc etc never quite free everything). */
2004 void
2005 tor_free_all(int postfork)
2006 {
2007 if (!postfork) {
2008 evdns_shutdown(1);
2009 }
2010 geoip_free_all();
2011 dirvote_free_all();
2012 routerlist_free_all();
2013 networkstatus_free_all();
2014 addressmap_free_all();
2015 dirserv_free_all();
2016 rend_service_free_all();
2017 rend_cache_free_all();
2018 rend_service_authorization_free_all();
2019 rep_hist_free_all();
2020 dns_free_all();
2021 clear_pending_onions();
2022 circuit_free_all();
2023 entry_guards_free_all();
2024 connection_free_all();
2025 buf_shrink_freelists(1);
2026 memarea_clear_freelist();
2027 microdesc_free_all();
2028 if (!postfork) {
2029 config_free_all();
2030 router_free_all();
2031 policies_free_all();
2032 }
2033 free_cell_pool();
2034 if (!postfork) {
2035 tor_tls_free_all();
2036 }
2037 /* stuff in main.c */
2038
2039 smartlist_free(connection_array);
2040 smartlist_free(closeable_connection_lst);
2041 smartlist_free(active_linked_connection_lst);
2042 periodic_timer_free(second_timer);
2043 if (!postfork) {
2044 release_lockfile();
2045 }
2046 /* Stuff in util.c and address.c*/
2047 if (!postfork) {
2048 escaped(NULL);
2049 esc_router_info(NULL);
2050 logs_free_all(); /* free log strings. do this last so logs keep working. */
2051 }
2052 }
2053
2054 /** Do whatever cleanup is necessary before shutting Tor down. */
2055 void
2056 tor_cleanup(void)
2057 {
2058 or_options_t *options = get_options();
2059 /* Remove our pid file. We don't care if there was an error when we
2060 * unlink, nothing we could do about it anyways. */
2061 if (options->command == CMD_RUN_TOR) {
2062 time_t now = time(NULL);
2063 if (options->PidFile)
2064 unlink(options->PidFile);
2065 if (accounting_is_enabled(options))
2066 accounting_record_bandwidth_usage(now, get_or_state());
2067 or_state_mark_dirty(get_or_state(), 0); /* force an immediate save. */
2068 or_state_save(now);
2069 if (authdir_mode_tests_reachability(options))
2070 rep_hist_record_mtbf_data(now, 0);
2071 }
2072 #ifdef USE_DMALLOC
2073 dmalloc_log_stats();
2074 #endif
2075 tor_free_all(0); /* We could move tor_free_all back into the ifdef below
2076 later, if it makes shutdown unacceptably slow. But for
2077 now, leave it here: it's helped us catch bugs in the
2078 past. */
2079 crypto_global_cleanup();
2080 #ifdef USE_DMALLOC
2081 dmalloc_log_unfreed();
2082 dmalloc_shutdown();
2083 #endif
2084 }
2085
2086 /** Read/create keys as needed, and echo our fingerprint to stdout. */
2087 /* static */ int
2088 do_list_fingerprint(void)
2089 {
2090 char buf[FINGERPRINT_LEN+1];
2091 crypto_pk_env_t *k;
2092 const char *nickname = get_options()->Nickname;
2093 if (!server_mode(get_options())) {
2094 log_err(LD_GENERAL,
2095 "Clients don't have long-term identity keys. Exiting.\n");
2096 return -1;
2097 }
2098 tor_assert(nickname);
2099 if (init_keys() < 0) {
2100 log_err(LD_BUG,"Error initializing keys; can't display fingerprint");
2101 return -1;
2102 }
2103 if (!(k = get_identity_key())) {
2104 log_err(LD_GENERAL,"Error: missing identity key.");
2105 return -1;
2106 }
2107 if (crypto_pk_get_fingerprint(k, buf, 1)<0) {
2108 log_err(LD_BUG, "Error computing fingerprint");
2109 return -1;
2110 }
2111 printf("%s %s\n", nickname, buf);
2112 return 0;
2113 }
2114
2115 /** Entry point for password hashing: take the desired password from
2116 * the command line, and print its salted hash to stdout. **/
2117 /* static */ void
2118 do_hash_password(void)
2119 {
2120
2121 char output[256];
2122 char key[S2K_SPECIFIER_LEN+DIGEST_LEN];
2123
2124 crypto_rand(key, S2K_SPECIFIER_LEN-1);
2125 key[S2K_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
2126 secret_to_key(key+S2K_SPECIFIER_LEN, DIGEST_LEN,
2127 get_options()->command_arg, strlen(get_options()->command_arg),
2128 key);
2129 base16_encode(output, sizeof(output), key, sizeof(key));
2130 printf("16:%s\n",output);
2131 }
2132
2133 #if defined (WINCE)
2134 int
2135 find_flashcard_path(PWCHAR path, size_t size)
2136 {
2137 WIN32_FIND_DATA d = {0};
2138 HANDLE h = NULL;
2139
2140 if (!path)
2141 return -1;
2142
2143 h = FindFirstFlashCard(&d);
2144 if (h == INVALID_HANDLE_VALUE)
2145 return -1;
2146
2147 if (wcslen(d.cFileName) == 0) {
2148 FindClose(h);
2149 return -1;
2150 }
2151
2152 wcsncpy(path,d.cFileName,size);
2153 FindClose(h);
2154 return 0;
2155 }
2156 #endif
2157
2158 /** Main entry point for the Tor process. Called from main(). */
2159 /* This function is distinct from main() only so we can link main.c into
2160 * the unittest binary without conflicting with the unittests' main. */
2161 int
2162 tor_main(int argc, char *argv[])
2163 {
2164 int result = 0;
2165 #if defined (WINCE)
2166 WCHAR path [MAX_PATH] = {0};
2167 WCHAR fullpath [MAX_PATH] = {0};
2168 PWCHAR p = NULL;
2169 FILE* redir = NULL;
2170 FILE* redirdbg = NULL;
2171
2172 // this is to facilitate debugging by opening
2173 // a file on a folder shared by the wm emulator.
2174 // if no flashcard (real or emulated) is present,
2175 // log files will be written in the root folder
2176 if (find_flashcard_path(path,MAX_PATH) == -1)
2177 {
2178 redir = _wfreopen( L"\\stdout.log", L"w", stdout );
2179 redirdbg = _wfreopen( L"\\stderr.log", L"w", stderr );
2180 } else {
2181 swprintf(fullpath,L"\\%s\\tor",path);
2182 CreateDirectory(fullpath,NULL);
2183
2184 swprintf(fullpath,L"\\%s\\tor\\stdout.log",path);
2185 redir = _wfreopen( fullpath, L"w", stdout );
2186
2187 swprintf(fullpath,L"\\%s\\tor\\stderr.log",path);
2188 redirdbg = _wfreopen( fullpath, L"w", stderr );
2189 }
2190 #endif
2191
2192 update_approx_time(time(NULL));
2193 tor_threads_init();
2194 init_logging();
2195 #ifdef USE_DMALLOC
2196 {
2197 /* Instruct OpenSSL to use our internal wrappers for malloc,
2198 realloc and free. */
2199 int r = CRYPTO_set_mem_ex_functions(_tor_malloc, _tor_realloc, _tor_free);
2200 tor_assert(r);
2201 }
2202 #endif
2203 #ifdef NT_SERVICE
2204 {
2205 int done = 0;
2206 result = nt_service_parse_options(argc, argv, &done);
2207 if (done) return result;
2208 }
2209 #endif
2210 if (tor_init(argc, argv)<0)
2211 return -1;
2212 switch (get_options()->command) {
2213 case CMD_RUN_TOR:
2214 #ifdef NT_SERVICE
2215 nt_service_set_state(SERVICE_RUNNING);
2216 #endif
2217 result = do_main_loop();
2218 break;
2219 case CMD_LIST_FINGERPRINT:
2220 result = do_list_fingerprint();
2221 break;
2222 case CMD_HASH_PASSWORD:
2223 do_hash_password();
2224 result = 0;
2225 break;
2226 case CMD_VERIFY_CONFIG:
2227 printf("Configuration was valid\n");
2228 result = 0;
2229 break;
2230 case CMD_RUN_UNITTESTS: /* only set by test.c */
2231 default:
2232 log_warn(LD_BUG,"Illegal command number %d: internal error.",
2233 get_options()->command);
2234 result = -1;
2235 }
2236 tor_cleanup();
2237 return result;
2238 }
2239
The Onion Router