search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
terminology shift:
[tor.git] / src / or / main.c
blob581f83d90cbe81a7400092d3647807ed90c253bc
1 /* Copyright 2001,2002,2003 Roger Dingledine, Matej Pfajfar. */
2 /* See LICENSE for licensing information */
3 /* $Id$ */
4
5 #include "or.h"
6
7 /********* START PROTOTYPES **********/
8
9 static void dumpstats(int severity); /* log stats */
10 static int init_from_config(int argc, char **argv);
11
12 /********* START VARIABLES **********/
13
14 extern char *conn_type_to_string[];
15 extern char *conn_state_to_string[][_CONN_TYPE_MAX+1];
16
17 or_options_t options; /* command-line and config-file options */
18 int global_read_bucket; /* max number of bytes I can read this second */
19
20 static int stats_prev_global_read_bucket;
21 static uint64_t stats_n_bytes_read = 0;
22 static long stats_n_seconds_reading = 0;
23
24 static connection_t *connection_array[MAXCONNECTIONS] =
25 { NULL };
26
27 static struct pollfd poll_array[MAXCONNECTIONS];
28
29 static int nfds=0; /* number of connections currently active */
30
31 #ifndef MS_WINDOWS /* do signal stuff only on unix */
32 static int please_dumpstats=0; /* whether we should dump stats during the loop */
33 static int please_reset=0; /* whether we just got a sighup */
34 static int please_reap_children=0; /* whether we should waitpid for exited children */
35 #endif /* signal stuff */
36
37 /* private keys */
38 static crypto_pk_env_t *onionkey=NULL;
39 static crypto_pk_env_t *linkkey=NULL;
40 static crypto_pk_env_t *identitykey=NULL;
41
42 /********* END VARIABLES ************/
43
44 void set_onion_key(crypto_pk_env_t *k) {
45 onionkey = k;
46 }
47
48 crypto_pk_env_t *get_onion_key(void) {
49 assert(onionkey);
50 return onionkey;
51 }
52
53 void set_link_key(crypto_pk_env_t *k)
54 {
55 linkkey = k;
56 }
57
58 crypto_pk_env_t *get_link_key(void)
59 {
60 assert(linkkey);
61 return linkkey;
62 }
63
64 void set_identity_key(crypto_pk_env_t *k) {
65 identitykey = k;
66 }
67
68 crypto_pk_env_t *get_identity_key(void) {
69 assert(identitykey);
70 return identitykey;
71 }
72
73 /****************************************************************************
74 *
75 * This section contains accessors and other methods on the connection_array
76 * and poll_array variables (which are global within this file and unavailable
77 * outside it).
78 *
79 ****************************************************************************/
80
81 int connection_add(connection_t *conn) {
82
83 if(nfds >= options.MaxConn-1) {
84 log(LOG_WARN,"connection_add(): failing because nfds is too high.");
85 return -1;
86 }
87
88 conn->poll_index = nfds;
89 connection_set_poll_socket(conn);
90 connection_array[nfds] = conn;
91
92 /* zero these out here, because otherwise we'll inherit values from the previously freed one */
93 poll_array[nfds].events = 0;
94 poll_array[nfds].revents = 0;
95
96 nfds++;
97
98 log(LOG_INFO,"connection_add(): new conn type %d, socket %d, nfds %d.",conn->type, conn->s, nfds);
99
100 return 0;
101 }
102
103 void connection_set_poll_socket(connection_t *conn) {
104 poll_array[conn->poll_index].fd = conn->s;
105 }
106
107 /* Remove the connection from the global list, and remove the
108 * corresponding poll entry. Calling this function will shift the last
109 * connection (if any) into the position occupied by conn.
110 */
111 int connection_remove(connection_t *conn) {
112 int current_index;
113
114 assert(conn);
115 assert(nfds>0);
116
117 log(LOG_INFO,"connection_remove(): removing socket %d, nfds now %d",conn->s, nfds-1);
118 /* if it's an edge conn, remove it from the list
119 * of conn's on this circuit. If it's not on an edge,
120 * flush and send destroys for all circuits on this conn
121 */
122 circuit_about_to_close_connection(conn);
123
124 current_index = conn->poll_index;
125 if(current_index == nfds-1) { /* this is the end */
126 nfds--;
127 return 0;
128 }
129
130 /* we replace this one with the one at the end, then free it */
131 nfds--;
132 poll_array[current_index].fd = poll_array[nfds].fd;
133 poll_array[current_index].events = poll_array[nfds].events;
134 poll_array[current_index].revents = poll_array[nfds].revents;
135 connection_array[current_index] = connection_array[nfds];
136 connection_array[current_index]->poll_index = current_index;
137
138 return 0;
139 }
140
141 void get_connection_array(connection_t ***array, int *n) {
142 *array = connection_array;
143 *n = nfds;
144 }
145
146 void connection_watch_events(connection_t *conn, short events) {
147
148 assert(conn && conn->poll_index < nfds);
149
150 poll_array[conn->poll_index].events = events;
151 }
152
153 int connection_is_reading(connection_t *conn) {
154 return poll_array[conn->poll_index].events & POLLIN;
155 }
156
157 void connection_stop_reading(connection_t *conn) {
158
159 assert(conn && conn->poll_index < nfds);
160
161 log(LOG_DEBUG,"connection_stop_reading() called.");
162 if(poll_array[conn->poll_index].events & POLLIN)
163 poll_array[conn->poll_index].events -= POLLIN;
164 }
165
166 void connection_start_reading(connection_t *conn) {
167
168 assert(conn && conn->poll_index < nfds);
169
170 poll_array[conn->poll_index].events |= POLLIN;
171 }
172
173 void connection_stop_writing(connection_t *conn) {
174
175 assert(conn && conn->poll_index < nfds);
176
177 if(poll_array[conn->poll_index].events & POLLOUT)
178 poll_array[conn->poll_index].events -= POLLOUT;
179 }
180
181 void connection_start_writing(connection_t *conn) {
182
183 assert(conn && conn->poll_index < nfds);
184
185 poll_array[conn->poll_index].events |= POLLOUT;
186 }
187
188 static void conn_read(int i) {
189 connection_t *conn = connection_array[i];
190
191 /* see http://www.greenend.org.uk/rjk/2001/06/poll.html for
192 * discussion of POLLIN vs POLLHUP */
193 if(!(poll_array[i].revents & (POLLIN|POLLHUP|POLLERR)))
194 if(!connection_is_reading(conn) ||
195 !connection_has_pending_tls_data(conn))
196 return; /* this conn should not read */
197
198 log_fn(LOG_DEBUG,"socket %d wants to read.",conn->s);
199
200 assert_connection_ok(conn, time(NULL));
201
202 if(
203 /* XXX does POLLHUP also mean it's definitely broken? */
204 #ifdef MS_WINDOWS
205 (poll_array[i].revents & POLLERR) ||
206 #endif
207 connection_handle_read(conn) < 0)
208 {
209 /* this connection is broken. remove it */
210 log_fn(LOG_INFO,"%s connection broken, removing.",
211 conn_type_to_string[conn->type]);
212 connection_remove(conn);
213 connection_free(conn);
214 if(i<nfds) {
215 /* we just replaced the one at i with a new one. process it too. */
216 conn_read(i);
217 }
218 } else assert_connection_ok(conn, time(NULL));
219 }
220
221 static void conn_write(int i) {
222 connection_t *conn;
223
224 if(!(poll_array[i].revents & POLLOUT))
225 return; /* this conn doesn't want to write */
226
227 conn = connection_array[i];
228 log_fn(LOG_DEBUG,"socket %d wants to write.",conn->s);
229
230 assert_connection_ok(conn, time(NULL));
231
232 if(connection_handle_write(conn) < 0) { /* this connection is broken. remove it. */
233 log_fn(LOG_INFO,"%s connection broken, removing.", conn_type_to_string[conn->type]);
234 connection_remove(conn);
235 connection_free(conn);
236 if(i<nfds) { /* we just replaced the one at i with a new one. process it too. */
237 conn_write(i);
238 }
239 } else assert_connection_ok(conn, time(NULL));
240 }
241
242 static void conn_close_if_marked(int i) {
243 connection_t *conn;
244
245 conn = connection_array[i];
246 assert_connection_ok(conn, time(NULL));
247 if(conn->marked_for_close) {
248 log_fn(LOG_INFO,"Cleaning up connection (fd %d).",conn->s);
249 if(conn->s >= 0) { /* might be an incomplete edge connection */
250 /* FIXME there's got to be a better way to check for this -- and make other checks? */
251 if(connection_speaks_cells(conn)) {
252 if(conn->state == OR_CONN_STATE_OPEN)
253 flush_buf_tls(conn->tls, conn->outbuf, &conn->outbuf_flushlen);
254 } else {
255 flush_buf(conn->s, conn->outbuf, &conn->outbuf_flushlen);
256 }
257 if(connection_wants_to_flush(conn)) /* not done flushing */
258 log_fn(LOG_WARN,"Conn (socket %d) still wants to flush. Losing %d bytes!",conn->s, (int)buf_datalen(conn->inbuf));
259 }
260 connection_remove(conn);
261 connection_free(conn);
262 if(i<nfds) { /* we just replaced the one at i with a new one.
263 process it too. */
264 conn_close_if_marked(i);
265 }
266 }
267 }
268
269 /* Perform regular maintenance tasks for a single connection. This
270 * function gets run once per second per connection by run_housekeeping.
271 */
272 static void run_connection_housekeeping(int i, time_t now) {
273 cell_t cell;
274 connection_t *conn = connection_array[i];
275
276 if(connection_receiver_bucket_should_increase(conn)) {
277 conn->receiver_bucket += conn->bandwidth;
278 // log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i, conn->receiver_bucket);
279 }
280
281 if(conn->wants_to_read == 1 /* it's marked to turn reading back on now */
282 && global_read_bucket > 0 /* and we're allowed to read */
283 && (!connection_speaks_cells(conn) || conn->receiver_bucket > 0)) {
284 /* and either a non-cell conn or a cell conn with non-empty bucket */
285 conn->wants_to_read = 0;
286 connection_start_reading(conn);
287 if(conn->wants_to_write == 1) {
288 conn->wants_to_write = 0;
289 connection_start_writing(conn);
290 }
291 }
292
293 /* check connections to see whether we should send a keepalive, expire, or wait */
294 if(!connection_speaks_cells(conn))
295 return;
296
297 if(now >= conn->timestamp_lastwritten + options.KeepalivePeriod) {
298 if((!options.ORPort && !circuit_get_by_conn(conn)) ||
299 (!connection_state_is_open(conn))) {
300 /* we're an onion proxy, with no circuits; or our handshake has expired. kill it. */
301 log_fn(LOG_INFO,"Expiring connection to %d (%s:%d).",
302 i,conn->address, conn->port);
303 conn->marked_for_close = 1;
304 } else {
305 /* either a full router, or we've got a circuit. send a padding cell. */
306 log_fn(LOG_DEBUG,"Sending keepalive to (%s:%d)",
307 conn->address, conn->port);
308 memset(&cell,0,sizeof(cell_t));
309 cell.command = CELL_PADDING;
310 connection_or_write_cell_to_buf(&cell, conn);
311 }
312 }
313 }
314
315 /* Perform regular maintenance tasks. This function gets run once per
316 * second by prepare_for_poll.
317 */
318 static void run_scheduled_events(time_t now) {
319 static long time_to_fetch_directory = 0;
320 static long time_to_new_circuit = 0;
321 circuit_t *circ;
322 int i;
323
324 /* 1. Every DirFetchPostPeriod seconds, we get a new directory and upload
325 * our descriptor (if any). */
326 if(time_to_fetch_directory < now) {
327 /* it's time to fetch a new directory and/or post our descriptor */
328 if(options.ORPort) {
329 router_rebuild_descriptor();
330 router_upload_desc_to_dirservers();
331 }
332 if(!options.DirPort) {
333 /* NOTE directory servers do not currently fetch directories.
334 * Hope this doesn't bite us later. */
335 directory_initiate_command(router_pick_directory_server(),
336 DIR_CONN_STATE_CONNECTING_FETCH);
337 }
338 time_to_fetch_directory = now + options.DirFetchPostPeriod;
339 }
340
341 /* 2. Every second, we examine pending circuits and prune the
342 * ones which have been pending for more than 3 seconds.
343 * We do this before step 3, so it can try building more if
344 * it's not comfortable with the number of available circuits.
345 */
346 circuit_expire_building();
347
348 /* 3. Every second, we try a new circuit if there are no valid
349 * circuits. Every NewCircuitPeriod seconds, we expire circuits
350 * that became dirty more than NewCircuitPeriod seconds ago,
351 * and we make a new circ if there are no clean circuits.
352 */
353 if(options.SocksPort) {
354
355 /* launch a new circ for any pending streams that need one */
356 connection_ap_attach_pending();
357
358 circ = circuit_get_newest(NULL, 1);
359 if(time_to_new_circuit < now) {
360 client_dns_clean();
361 circuit_expire_unused_circuits();
362 circuit_reset_failure_count();
363 if(circ && circ->timestamp_dirty) {
364 log_fn(LOG_INFO,"Youngest circuit dirty; launching replacement.");
365 circuit_launch_new(); /* make a new circuit */
366 }
367 time_to_new_circuit = now + options.NewCircuitPeriod;
368 }
369 #define CIRCUIT_MIN_BUILDING 2
370 if(!circ && circuit_count_building() < CIRCUIT_MIN_BUILDING) {
371 /* if there's no open circ, and less than 2 are on the way,
372 * go ahead and try another.
373 */
374 circuit_launch_new();
375 }
376 }
377
378 /* 4. Every second, we check how much bandwidth we've consumed and
379 * increment global_read_bucket.
380 */
381 stats_n_bytes_read += stats_prev_global_read_bucket-global_read_bucket;
382 if(global_read_bucket < 9*options.TotalBandwidth) {
383 global_read_bucket += options.TotalBandwidth;
384 log_fn(LOG_DEBUG,"global_read_bucket now %d.", global_read_bucket);
385 }
386 stats_prev_global_read_bucket = global_read_bucket;
387
388 /* 5. We do housekeeping for each connection... */
389 for(i=0;i<nfds;i++) {
390 run_connection_housekeeping(i, now);
391 }
392
393 /* 6. and blow away any connections that need to die. can't do this later
394 * because we might open up a circuit and not realize we're about to cull
395 * the connection it's running over.
396 * XXX we can remove this step once we audit circuit-building to make sure
397 * it doesn't pick a marked-for-close conn. -RD
398 */
399 for(i=0;i<nfds;i++)
400 conn_close_if_marked(i);
401 }
402
403 static int prepare_for_poll(void) {
404 static long current_second = 0; /* from previous calls to gettimeofday */
405 connection_t *conn;
406 struct timeval now;
407 int i;
408
409 tor_gettimeofday(&now);
410
411 if(now.tv_sec > current_second) { /* the second has rolled over. check more stuff. */
412
413 ++stats_n_seconds_reading;
414 run_scheduled_events(now.tv_sec);
415
416 current_second = now.tv_sec; /* remember which second it is, for next time */
417 }
418
419 for(i=0;i<nfds;i++) {
420 conn = connection_array[i];
421 if(connection_has_pending_tls_data(conn)) {
422 log_fn(LOG_DEBUG,"sock %d has pending bytes.",conn->s);
423 return 0; /* has pending bytes to read; don't let poll wait. */
424 }
425 }
426
427 return (1000 - (now.tv_usec / 1000)); /* how many milliseconds til the next second? */
428 }
429
430 static crypto_pk_env_t *init_key_from_file(const char *fname)
431 {
432 crypto_pk_env_t *prkey = NULL;
433 int fd = -1;
434 FILE *file = NULL;
435
436 if (!(prkey = crypto_new_pk_env(CRYPTO_PK_RSA))) {
437 log(LOG_ERR, "Error creating crypto environment.");
438 goto error;
439 }
440
441 switch(file_status(fname)) {
442 case FN_DIR:
443 case FN_ERROR:
444 log(LOG_ERR, "Can't read key from %s", fname);
445 goto error;
446 case FN_NOENT:
447 log(LOG_INFO, "No key found in %s; generating fresh key.", fname);
448 if (crypto_pk_generate_key(prkey)) {
449 log(LOG_ERR, "Error generating key: %s", crypto_perror());
450 goto error;
451 }
452 if (crypto_pk_check_key(prkey) <= 0) {
453 log(LOG_ERR, "Generated key seems invalid");
454 goto error;
455 }
456 log(LOG_INFO, "Generated key seems valid");
457 if (crypto_pk_write_private_key_to_filename(prkey, fname)) {
458 log(LOG_ERR, "Couldn't write generated key to %s.", fname);
459 goto error;
460 }
461 return prkey;
462 case FN_FILE:
463 if (crypto_pk_read_private_key_from_filename(prkey, fname)) {
464 log(LOG_ERR, "Error loading private key.");
465 goto error;
466 }
467 return prkey;
468 default:
469 assert(0);
470 }
471
472 error:
473 if (prkey)
474 crypto_free_pk_env(prkey);
475 if (fd >= 0 && !file)
476 close(fd);
477 if (file)
478 fclose(file);
479 return NULL;
480 }
481
482 static int init_keys(void)
483 {
484 char keydir[512];
485 char fingerprint[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];
486 char *cp;
487 const char *tmp, *mydesc;
488 crypto_pk_env_t *prkey;
489
490 /* OP's don't need keys. Just initialize the TLS context.*/
491 if (!options.ORPort) {
492 assert(!options.DirPort);
493 if (tor_tls_context_new(NULL, 0, NULL)<0) {
494 log_fn(LOG_ERR, "Error creating TLS context for OP.");
495 return -1;
496 }
497 return 0;
498 }
499 assert(options.DataDirectory);
500 if (strlen(options.DataDirectory) > (512-128)) {
501 log_fn(LOG_ERR, "DataDirectory is too long.");
502 return -1;
503 }
504 if (check_private_dir(options.DataDirectory, 1)) {
505 return -1;
506 }
507 sprintf(keydir,"%s/keys",options.DataDirectory);
508 if (check_private_dir(keydir, 1)) {
509 return -1;
510 }
511 cp = keydir + strlen(keydir); /* End of string. */
512
513 /* 1. Read identity key. Make it if none is found. */
514 strcpy(cp, "/identity.key");
515 log_fn(LOG_INFO,"Reading/making identity key %s...",keydir);
516 prkey = init_key_from_file(keydir);
517 if (!prkey) return -1;
518 set_identity_key(prkey);
519 /* 2. Read onion key. Make it if none is found. */
520 strcpy(cp, "/onion.key");
521 log_fn(LOG_INFO,"Reading/making onion key %s...",keydir);
522 prkey = init_key_from_file(keydir);
523 if (!prkey) return -1;
524 set_onion_key(prkey);
525
526 /* 3. Initialize link key and TLS context. */
527 strcpy(cp, "/link.key");
528 log_fn(LOG_INFO,"Reading/making link key %s...",keydir);
529 prkey = init_key_from_file(keydir);
530 if (!prkey) return -1;
531 set_link_key(prkey);
532 if (tor_tls_context_new(prkey, 1, options.Nickname) < 0) {
533 log_fn(LOG_ERR, "Error initializing TLS context");
534 return -1;
535 }
536 /* 4. Dump router descriptor to 'router.desc' */
537 /* Must be called after keys are initialized. */
538 if (!(router_get_my_descriptor())) {
539 log_fn(LOG_ERR, "Error initializing descriptor.");
540 return -1;
541 }
542 /* We need to add our own fingerprint so it gets recognized. */
543 if (dirserv_add_own_fingerprint(options.Nickname, get_identity_key())) {
544 log_fn(LOG_ERR, "Error adding own fingerprint to approved set");
545 return -1;
546 }
547 tmp = mydesc = router_get_my_descriptor();
548 if (dirserv_add_descriptor(&tmp)) {
549 log(LOG_ERR, "Unable to add own descriptor to directory.");
550 return -1;
551 }
552 sprintf(keydir,"%s/router.desc", options.DataDirectory);
553 log_fn(LOG_INFO,"Dumping descriptor to %s...",keydir);
554 if (write_str_to_file(keydir, mydesc)) {
555 return -1;
556 }
557 /* 5. Dump fingerprint to 'fingerprint' */
558 sprintf(keydir,"%s/fingerprint", options.DataDirectory);
559 log_fn(LOG_INFO,"Dumping fingerprint to %s...",keydir);
560 assert(strlen(options.Nickname) <= MAX_NICKNAME_LEN);
561 strcpy(fingerprint, options.Nickname);
562 strcat(fingerprint, " ");
563 if (crypto_pk_get_fingerprint(get_identity_key(),
564 fingerprint+strlen(fingerprint))<0) {
565 log_fn(LOG_ERR, "Error computing fingerprint");
566 return -1;
567 }
568 strcat(fingerprint, "\n");
569 if (write_str_to_file(keydir, fingerprint))
570 return -1;
571 if(!options.DirPort)
572 return 0;
573 /* 6. [dirserver only] load approved-routers file */
574 sprintf(keydir,"%s/approved-routers", options.DataDirectory);
575 log_fn(LOG_INFO,"Loading approved fingerprints from %s...",keydir);
576 if(dirserv_parse_fingerprint_file(keydir) < 0) {
577 log_fn(LOG_ERR, "Error loading fingerprints");
578 return -1;
579 }
580 /* 7. [dirserver only] load old directory, if it's there */
581 sprintf(keydir,"%s/cached-directory", options.DataDirectory);
582 log_fn(LOG_INFO,"Loading cached directory from %s...",keydir);
583 cp = read_file_to_str(keydir);
584 if(!cp) {
585 log_fn(LOG_INFO,"Cached directory %s not present. Ok.",keydir);
586 } else {
587 if(dirserv_init_from_directory_string(cp) < 0) {
588 log_fn(LOG_ERR, "Cached directory %s is corrupt", keydir);
589 free(cp);
590 return -1;
591 }
592 free(cp);
593 }
594 /* success */
595 return 0;
596 }
597
598 static int init_from_config(int argc, char **argv) {
599 static int have_daemonized=0;
600
601 if(getconfig(argc,argv,&options)) {
602 log_fn(LOG_ERR,"Reading config failed. For usage, try -h.");
603 return -1;
604 }
605 log_set_severity(options.loglevel); /* assign logging severity level from options */
606 close_logs(); /* we'll close, then open with correct loglevel if necessary */
607 if(!options.LogFile && !options.RunAsDaemon)
608 add_stream_log(options.loglevel, "<stdout>", stdout);
609 if(options.LogFile)
610 if (add_file_log(options.loglevel, options.LogFile) != 0) {
611 /* opening the log file failed! Use stderr and log a warning */
612 add_stream_log(options.loglevel, "<stderr>", stderr);
613 log_fn(LOG_WARN, "Cannot write to LogFile '%s': %s.", options.LogFile, strerror(errno));
614 }
615 if(options.DebugLogFile)
616 if (add_file_log(LOG_DEBUG, options.DebugLogFile) != 0)
617 log_fn(LOG_WARN, "Cannot write to DebugLogFile '%s': %s.", options.LogFile, strerror(errno));
618
619 global_read_bucket = options.TotalBandwidth; /* start it at 1 second of traffic */
620 stats_prev_global_read_bucket = global_read_bucket;
621
622 if(options.User || options.Group) {
623 if(switch_id(options.User, options.Group) != 0) {
624 return -1;
625 }
626 }
627
628 if(options.RunAsDaemon && !have_daemonized) {
629 daemonize();
630 have_daemonized = 1;
631 }
632
633 /* write our pid to the pid file, if we do not have write permissions we will log a warning */
634 if(options.PidFile)
635 write_pidfile(options.PidFile);
636
637 return 0;
638 }
639
640 static int do_main_loop(void) {
641 int i;
642 int timeout;
643 int poll_result;
644
645 /* load the routers file */
646 if(router_set_routerlist_from_file(options.RouterFile) < 0) {
647 log_fn(LOG_ERR,"Error loading router list.");
648 return -1;
649 }
650
651 /* load the private keys, if we're supposed to have them, and set up the
652 * TLS context. */
653 if (init_keys() < 0) {
654 log_fn(LOG_ERR,"Error initializing keys; exiting");
655 return -1;
656 }
657
658 if(options.ORPort) {
659 cpu_init(); /* launch cpuworkers. Need to do this *after* we've read the onion key. */
660 router_upload_desc_to_dirservers(); /* upload our descriptor to all dirservers */
661 }
662
663 /* start up the necessary connections based on which ports are
664 * non-zero. This is where we try to connect to all the other ORs,
665 * and start the listeners.
666 */
667 if(retry_all_connections() < 0) {
668 log_fn(LOG_ERR,"Failed to bind one of the listener ports.");
669 return -1;
670 }
671
672 for(;;) {
673 #ifndef MS_WINDOWS /* do signal stuff only on unix */
674 if(please_dumpstats) {
675 /* prefer to log it at INFO, but make sure we always see it */
676 dumpstats(options.loglevel>LOG_INFO ? options.loglevel : LOG_INFO);
677 please_dumpstats = 0;
678 }
679 if(please_reset) {
680 log_fn(LOG_WARN,"Received sighup. Reloading config.");
681 /* first, reload config variables, in case they've changed */
682 if (init_from_config(0, NULL) < 0) {
683 /* no need to provide argc/v, they've been cached inside init_from_config */
684 exit(1);
685 }
686
687 if(options.DirPort) {
688 /* reload the fingerprint file */
689 char keydir[512];
690 sprintf(keydir,"%s/approved-routers", options.DataDirectory);
691 log_fn(LOG_INFO,"Reloading approved fingerprints from %s...",keydir);
692 if(dirserv_parse_fingerprint_file(keydir) < 0) {
693 log_fn(LOG_WARN, "Error reloading fingerprints. Continuing with old list.");
694 }
695
696 /* XXX do we really want to be resetting the routerlist here? */
697 if(router_set_routerlist_from_file(options.RouterFile) < 0) {
698 log(LOG_WARN,"Error reloading router list. Continuing with old list.");
699 }
700 } else {
701 /* fetch a new directory */
702 directory_initiate_command(router_pick_directory_server(), DIR_CONN_STATE_CONNECTING_FETCH);
703 }
704
705 please_reset = 0;
706 }
707 if(please_reap_children) {
708 while(waitpid(-1,NULL,WNOHANG)) ; /* keep reaping until no more zombies */
709 please_reap_children = 0;
710 }
711 #endif /* signal stuff */
712
713 timeout = prepare_for_poll();
714
715 /* poll until we have an event, or the second ends */
716 poll_result = poll(poll_array, nfds, timeout);
717
718 /* let catch() handle things like ^c, and otherwise don't worry about it */
719 if(poll_result < 0) {
720 if(errno != EINTR) { /* let the program survive things like ^z */
721 log_fn(LOG_ERR,"poll failed.");
722 return -1;
723 } else {
724 log_fn(LOG_DEBUG,"poll interrupted.");
725 }
726 }
727
728 /* do all the reads and errors first, so we can detect closed sockets */
729 for(i=0;i<nfds;i++)
730 conn_read(i); /* this also blows away broken connections */
731
732 /* then do the writes */
733 for(i=0;i<nfds;i++)
734 conn_write(i);
735
736 /* any of the conns need to be closed now? */
737 for(i=0;i<nfds;i++)
738 conn_close_if_marked(i);
739
740 /* refilling buckets and sending cells happens at the beginning of the
741 * next iteration of the loop, inside prepare_for_poll()
742 */
743 }
744 }
745
746 static void catch(int the_signal) {
747
748 #ifndef MS_WINDOWS /* do signal stuff only on unix */
749 switch(the_signal) {
750 // case SIGABRT:
751 case SIGTERM:
752 case SIGINT:
753 log(LOG_ERR,"Catching signal %d, exiting cleanly.", the_signal);
754 /* we don't care if there was an error when we unlink, nothing
755 we could do about it anyways */
756 if(options.PidFile)
757 unlink(options.PidFile);
758 exit(0);
759 case SIGHUP:
760 please_reset = 1;
761 break;
762 case SIGUSR1:
763 please_dumpstats = 1;
764 break;
765 case SIGCHLD:
766 please_reap_children = 1;
767 break;
768 default:
769 log(LOG_WARN,"Caught signal %d that we can't handle??", the_signal);
770 }
771 #endif /* signal stuff */
772 }
773
774 static void dumpstats(int severity) {
775 int i;
776 connection_t *conn;
777 time_t now = time(NULL);
778
779 log(severity, "Dumping stats:");
780
781 for(i=0;i<nfds;i++) {
782 conn = connection_array[i];
783 log(severity, "Conn %d (socket %d) type %d (%s), state %d (%s), created %ld secs ago",
784 i, conn->s, conn->type, conn_type_to_string[conn->type],
785 conn->state, conn_state_to_string[conn->type][conn->state], now - conn->timestamp_created);
786 if(!connection_is_listener(conn)) {
787 log(severity,"Conn %d is to '%s:%d'.",i,conn->address, conn->port);
788 log(severity,"Conn %d: %d bytes waiting on inbuf (last read %ld secs ago)",i,
789 (int)buf_datalen(conn->inbuf),
790 now - conn->timestamp_lastread);
791 log(severity,"Conn %d: %d bytes waiting on outbuf (last written %ld secs ago)",i,
792 (int)buf_datalen(conn->outbuf), now - conn->timestamp_lastwritten);
793 }
794 circuit_dump_by_conn(conn, severity); /* dump info about all the circuits using this conn */
795 }
796 log(severity,
797 "Cells processed: %10lu padding\n"
798 " %10lu create\n"
799 " %10lu created\n"
800 " %10lu relay\n"
801 " (%10lu relayed)\n"
802 " (%10lu delivered)\n"
803 " %10lud destroy",
804 stats_n_padding_cells_processed,
805 stats_n_create_cells_processed,
806 stats_n_created_cells_processed,
807 stats_n_relay_cells_processed,
808 stats_n_relay_cells_relayed,
809 stats_n_relay_cells_delivered,
810 stats_n_destroy_cells_processed);
811 if (stats_n_data_cells_packaged)
812 log(severity,"Average outgoing cell fullness: %2.3f%%",
813 100*(((double)stats_n_data_bytes_packaged) /
814 (stats_n_data_cells_packaged*(CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE))) );
815 if (stats_n_data_cells_received)
816 log(severity,"Average incoming cell fullness: %2.3f%%",
817 100*(((double)stats_n_data_bytes_received) /
818 (stats_n_data_cells_received*(CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE))) );
819
820 if (stats_n_seconds_reading)
821 log(severity,"Average bandwidth used: %d bytes/sec",
822 (int) (stats_n_bytes_read/stats_n_seconds_reading));
823 }
824
825 int tor_main(int argc, char *argv[]) {
826
827 /* give it somewhere to log to initially */
828 add_stream_log(LOG_INFO, "<stdout>", stdout);
829 log_fn(LOG_WARN,"Tor v%s. This is experimental software. Do not use it if you need anonymity.",VERSION);
830
831 if (init_from_config(argc,argv) < 0)
832 return -1;
833
834 if(options.ORPort) { /* only spawn dns handlers if we're a router */
835 dns_init(); /* initialize the dns resolve tree, and spawn workers */
836 }
837 if(options.SocksPort) {
838 client_dns_init(); /* init the client dns cache */
839 }
840
841 #ifndef MS_WINDOWS /* do signal stuff only on unix */
842 signal (SIGINT, catch); /* catch kills so we can exit cleanly */
843 signal (SIGTERM, catch);
844 signal (SIGUSR1, catch); /* to dump stats */
845 signal (SIGHUP, catch); /* to reload directory */
846 signal (SIGCHLD, catch); /* for exiting dns/cpu workers */
847 #endif /* signal stuff */
848
849 crypto_global_init();
850 crypto_seed_rng();
851 do_main_loop();
852 crypto_global_cleanup();
853 return -1;
854 }
855
856 /*
857 Local Variables:
858 mode:c
859 indent-tabs-mode:nil
860 c-basic-offset:2
861 End:
862 */
The Onion Router