| blob | 9194718e3d46abba88dd35b259680c232fe3303c |
1 /* * Copyright (c) 2012-2020, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
4 /**
5 * \file channel.c
6 *
7 * \brief OR/OP-to-OR channel abstraction layer. A channel's job is to
8 * transfer cells from Tor instance to Tor instance. Currently, there is only
9 * one implementation of the channel abstraction: in channeltls.c.
10 *
11 * Channels are a higher-level abstraction than or_connection_t: In general,
12 * any means that two Tor relays use to exchange cells, or any means that a
13 * relay and a client use to exchange cells, is a channel.
14 *
15 * Channels differ from pluggable transports in that they do not wrap an
16 * underlying protocol over which cells are transmitted: they <em>are</em> the
17 * underlying protocol.
18 *
19 * This module defines the generic parts of the channel_t interface, and
20 * provides the machinery necessary for specialized implementations to be
21 * created. At present, there is one specialized implementation in
22 * channeltls.c, which uses connection_or.c to send cells over a TLS
23 * connection.
24 *
25 * Every channel implementation is responsible for being able to transmit
26 * cells that are passed to it
27 *
28 * For *inbound* cells, the entry point is: channel_process_cell(). It takes a
29 * cell and will pass it to the cell handler set by
30 * channel_set_cell_handlers(). Currently, this is passed back to the command
31 * subsystem which is command_process_cell().
32 *
33 * NOTE: For now, the separation between channels and specialized channels
34 * (like channeltls) is not that well defined. So the channeltls layer calls
35 * channel_process_cell() which originally comes from the connection subsytem.
36 * This should be hopefully be fixed with #23993.
37 *
38 * For *outbound* cells, the entry point is: channel_write_packed_cell().
39 * Only packed cells are dequeued from the circuit queue by the scheduler
40 * which uses channel_flush_from_first_active_circuit() to decide which cells
41 * to flush from which circuit on the channel. They are then passed down to
42 * the channel subsystem. This calls the low layer with the function pointer
43 * .write_packed_cell().
44 *
45 * Each specialized channel (currently only channeltls_t) MUST implement a
46 * series of function found in channel_t. See channel.h for more
47 * documentation.
48 **/
50 /*
51 * Define this so channel.h gives us things only channel_t subclasses
52 * should touch.
53 */
54 #define CHANNEL_OBJECT_PRIVATE
56 /* This one's for stuff only channel.c and the test suite should see */
57 #define CHANNEL_FILE_PRIVATE
87 /* Static function prototypes */
94 /* Global lists of channels */
96 /* All channel_t instances */
99 /* All channel_t instances not in ERROR or CLOSED states */
102 /* All channel_t instances in ERROR or CLOSED states */
105 /* All channel_listener_t instances */
108 /* All channel_listener_t instances in LISTENING state */
111 /* All channel_listener_t instances in LISTENING state */
114 /** Map from channel->global_identifier to channel. Contains the same
115 * elements as all_channels. */
118 static unsigned
120 {
122 }
123 static int
125 {
127 }
136 /* Counter for ID numbers */
139 /* Digest->channel map
140 *
141 * Similar to the one used in connection_or.c, this maps from the identity
142 * digest of a remote endpoint to a channel_t to that endpoint. Channels
143 * should be placed here when registered and removed when they close or error.
144 * If more than one channel exists, follow the next_with_same_id pointer
145 * as a linked list.
146 */
158 {
160 }
165 {
167 }
170 channel_idmap_eq);
174 /* Functions to maintain the digest map */
184 /***********************************
185 * Channel state utility functions *
186 **********************************/
188 /**
189 * Indicate whether a given channel state is valid.
190 */
191 int
193 {
208 }
211 }
213 /**
214 * Indicate whether a given channel listener state is valid.
215 */
216 int
218 {
231 }
234 }
236 /**
237 * Indicate whether a channel state transition is valid.
238 *
239 * This function takes two channel states and indicates whether a
240 * transition between them is permitted (see the state definitions and
241 * transition table in or.h at the channel_state_t typedef).
242 */
243 int
245 {
277 }
280 }
282 /**
283 * Indicate whether a channel listener state transition is valid.
284 *
285 * This function takes two channel listener states and indicates whether a
286 * transition between them is permitted (see the state definitions and
287 * transition table in or.h at the channel_listener_state_t typedef).
288 */
289 int
291 channel_listener_state_t to)
292 {
313 }
316 }
318 /**
319 * Return a human-readable description for a channel state.
320 */
323 {
348 }
351 }
353 /**
354 * Return a human-readable description for a channel listener state.
355 */
358 {
377 }
380 }
382 /***************************************
383 * Channel registration/unregistration *
384 ***************************************/
386 /**
387 * Register a channel.
388 *
389 * This function registers a newly created channel in the global lists/maps
390 * of active channels.
391 */
392 void
394 {
398 /* No-op if already registered */
408 /* Make sure we have all_channels, then add it */
414 /* Is it finished? */
416 /* Put it in the finished list, creating it if necessary */
421 /* Put it in the active list, creating it if necessary */
426 /* It should have a digest set */
428 /* Yeah, we're good, add it to the map */
436 }
437 }
438 }
440 /* Mark it as registered */
442 }
444 /**
445 * Unregister a channel.
446 *
447 * This function removes a channel from the global lists and maps and is used
448 * when freeing a closed/errored channel.
449 */
450 void
452 {
455 /* No-op if not registered */
458 /* Is it finished? */
460 /* Get it out of the finished list */
463 /* Get it out of the active list */
465 }
467 /* Get it out of all_channels */
472 /* Mark it as unregistered */
475 /* Should it be in the digest map? */
478 /* Remove it */
480 }
481 }
483 /**
484 * Register a channel listener.
485 *
486 * This function registers a newly created channel listener in the global
487 * lists/maps of active channel listeners.
488 */
489 void
491 {
494 /* No-op if already registered */
504 /* Make sure we have all_listeners, then add it */
508 /* Is it finished? */
511 /* Put it in the finished list, creating it if necessary */
515 /* Put it in the active list, creating it if necessary */
518 }
520 /* Mark it as registered */
522 }
524 /**
525 * Unregister a channel listener.
526 *
527 * This function removes a channel listener from the global lists and maps
528 * and is used when freeing a closed/errored channel listener.
529 */
530 void
532 {
535 /* No-op if not registered */
538 /* Is it finished? */
541 /* Get it out of the finished list */
544 /* Get it out of the active list */
546 }
548 /* Get it out of all_listeners */
551 /* Mark it as unregistered */
553 }
555 /*********************************
556 * Channel digest map maintenance
557 *********************************/
559 /**
560 * Add a channel to the digest map.
561 *
562 * This function adds a channel to the digest map and inserts it into the
563 * correct linked list if channels with that remote endpoint identity digest
564 * already exist.
565 */
566 STATIC void
568 {
573 /* Assert that the state makes sense */
576 /* Assert that there is a digest */
586 }
595 }
597 /**
598 * Remove a channel from the digest map.
599 *
600 * This function removes a channel from the digest map and the linked list of
601 * channels for that digest if more than one exists.
602 */
603 static void
605 {
610 /* Assert that there is a digest */
613 /* Pull it out of its list, wherever that list is */
619 /* Look for it in the map */
621 /* Okay, it's here */
626 }
635 /* Shouldn't happen */
638 "digest %s from identity map, but couldn't find any with "
642 }
643 }
645 /****************************
646 * Channel lookup functions *
647 ***************************/
649 /**
650 * Find channel by global ID.
651 *
652 * This function searches for a channel by the global_identifier assigned
653 * at initialization time. This identifier is unique for the lifetime of the
654 * Tor process.
655 */
656 channel_t *
658 {
659 channel_t lookup;
666 }
669 }
671 /** Return true iff <b>chan</b> matches <b>rsa_id_digest</b> and <b>ed_id</b>.
672 * as its identity keys. If either is NULL, do not check for a match. */
673 int
677 {
683 }
686 ED25519_PUBKEY_LEN))
688 }
690 }
692 /**
693 * Find channel by RSA/Ed25519 identity of of the remote endpoint.
694 *
695 * This function looks up a channel by the digest of its remote endpoint's RSA
696 * identity key. If <b>ed_id</b> is provided and nonzero, only a channel
697 * matching the <b>ed_id</b> will be returned.
698 *
699 * It's possible that more than one channel to a given endpoint exists. Use
700 * channel_next_with_rsa_identity() to walk the list of channels; make sure
701 * to test for Ed25519 identity match too (as appropriate)
702 */
703 channel_t *
706 {
711 * an RSA identity, and that every lookup
712 * contain an RSA identity */
714 /* Treat zero as meaning "We don't care about the presence or absence of
715 * an Ed key", not "There must be no Ed key". */
717 }
723 }
726 }
729 }
731 /**
732 * Get next channel with digest.
733 *
734 * This function takes a channel and finds the next channel in the list
735 * with the same digest.
736 */
737 channel_t *
739 {
743 }
745 /**
746 * Relays run this once an hour to look over our list of channels to other
747 * relays. It prints out some statistics if there are multiple connections
748 * to many relays.
749 *
750 * This function is similar to connection_or_set_bad_connections(),
751 * and probably could be adapted to replace it, if it was modified to actually
752 * take action on any of these connections.
753 */
754 void
756 {
769 /* Only consider relay connections */
773 total_relays++;
777 total_dirauths++;
785 connections_to_relay++;
786 total_relay_connections++;
788 total_dirauth_connections++;
793 total_half_canonical++;
794 }
795 }
800 }
802 /* Don't bother warning about excessive connections unless we have
803 * at least this many connections, total.
804 */
805 #define MIN_RELAY_CONNECTIONS_TO_WARN 25
806 /* If the average number of connections for a regular relay is more than
807 * this, that's too high.
808 */
809 #define MAX_AVG_RELAY_CONNECTIONS 1.5
810 /* If the average number of connections for a dirauth is more than
811 * this, that's too high.
812 */
813 #define MAX_AVG_DIRAUTH_CONNECTIONS 4
815 /* How many connections total would be okay, given the number of
816 * relays and dirauths that we have connections to? */
821 /* If we average 1.5 or more connections per relay, something is wrong */
825 "Your relay has a very large number of connections to other relays. "
826 "Is your outbound address the same as your relay address? "
827 "Found %d connections to %d relays. Found %d current canonical "
828 "connections, in %d of which we were a non-canonical peer. "
829 "%d relays had more than 1 connection, %d had more than 2, and "
836 "Found %d connections to %d relays. Found %d current canonical "
837 "connections, in %d of which we were a non-canonical peer. "
838 "%d relays had more than 1 connection, %d had more than 2, and "
843 }
844 }
846 /**
847 * Initialize a channel.
848 *
849 * This function should be called by subclasses to set up some per-channel
850 * variables. I.e., this is the superclass constructor. Before this, the
851 * channel should be allocated with tor_malloc_zero().
852 */
853 void
855 {
858 /* Assign an ID and bump the counter */
861 /* Init timestamp */
864 /* Warn about exhausted circuit IDs no more than hourly. */
867 /* Initialize list entries. */
870 /* Timestamp it */
873 /* It hasn't been open yet. */
876 /* Scheduler state is idle */
879 /* Channel is not in the scheduler heap. */
881 }
883 /**
884 * Initialize a channel listener.
885 *
886 * This function should be called by subclasses to set up some per-channel
887 * variables. I.e., this is the superclass constructor. Before this, the
888 * channel listener should be allocated with tor_malloc_zero().
889 */
890 void
892 {
895 /* Assign an ID and bump the counter */
898 /* Timestamp it */
900 }
902 /**
903 * Free a channel; nothing outside of channel.c and subclasses should call
904 * this - it frees channels after they have closed and been unregistered.
905 */
906 void
908 {
911 /* It must be closed or errored */
914 /* It must be deregistered */
921 /* Get this one out of the scheduler */
924 /*
925 * Get rid of cmux policy before we do anything, so cmux policies don't
926 * see channels in weird half-freed states.
927 */
930 }
932 /* Remove all timers and associated handle entries now */
937 /* Call a free method if there is one */
942 /* Get rid of cmux */
948 }
951 }
953 /**
954 * Free a channel listener; nothing outside of channel.c and subclasses
955 * should call this - it frees channel listeners after they have closed and
956 * been unregistered.
957 */
958 void
960 {
966 chan_l);
968 /* It must be closed or errored */
971 /* It must be deregistered */
974 /* Call a free method if there is one */
978 }
980 /**
981 * Free a channel and skip the state/registration asserts; this internal-
982 * use-only function should be called only from channel_free_all() when
983 * shutting down the Tor process.
984 */
985 static void
987 {
994 /* Get this one out of the scheduler */
997 /*
998 * Get rid of cmux policy before we do anything, so cmux policies don't
999 * see channels in weird half-freed states.
1000 */
1003 }
1005 /* Remove all timers and associated handle entries now */
1010 /* Call a free method if there is one */
1015 /* Get rid of cmux */
1019 }
1022 }
1024 /**
1025 * Free a channel listener and skip the state/registration asserts; this
1026 * internal-use-only function should be called only from channel_free_all()
1027 * when shutting down the Tor process.
1028 */
1029 static void
1031 {
1037 chan_l);
1039 /* Call a free method if there is one */
1042 /*
1043 * The incoming list just gets emptied and freed; we request close on
1044 * any channels we find there, but since we got called while shutting
1045 * down they will get deregistered and freed elsewhere anyway.
1046 */
1055 }
1058 }
1060 /**
1061 * Set the listener for a channel listener.
1062 *
1063 * This function sets the handler for new incoming channels on a channel
1064 * listener.
1065 */
1066 void
1068 channel_listener_fn_ptr listener)
1069 {
1074 "Setting listener callback for channel listener %p "
1077 listener);
1081 }
1083 /**
1084 * Return the fixed-length cell handler for a channel.
1085 *
1086 * This function gets the handler for incoming fixed-length cells installed
1087 * on a channel.
1088 */
1089 channel_cell_handler_fn_ptr
1091 {
1098 }
1100 /**
1101 * Set both cell handlers for a channel.
1102 *
1103 * This function sets both the fixed-length and variable length cell handlers
1104 * for a channel.
1105 */
1106 void
1108 channel_cell_handler_fn_ptr cell_handler)
1109 {
1117 /* Change them */
1119 }
1121 /*
1122 * On closing channels
1123 *
1124 * There are three functions that close channels, for use in
1125 * different circumstances:
1126 *
1127 * - Use channel_mark_for_close() for most cases
1128 * - Use channel_close_from_lower_layer() if you are connection_or.c
1129 * and the other end closes the underlying connection.
1130 * - Use channel_close_for_error() if you are connection_or.c and
1131 * some sort of error has occurred.
1132 */
1134 /**
1135 * Mark a channel for closure.
1136 *
1137 * This function tries to close a channel_t; it will go into the CLOSING
1138 * state, and eventually the lower layer should put it into the CLOSED or
1139 * ERROR state. Then, channel_run_cleanup() will eventually free it.
1140 */
1141 void
1143 {
1147 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1156 /* Note closing by request from above */
1159 /* Change state to CLOSING */
1162 /* Tell the lower layer */
1165 /*
1166 * It's up to the lower layer to change state to CLOSED or ERROR when we're
1167 * ready; we'll try to free channels that are in the finished list from
1168 * channel_run_cleanup(). The lower layer should do this by calling
1169 * channel_closed().
1170 */
1171 }
1173 /**
1174 * Mark a channel listener for closure.
1175 *
1176 * This function tries to close a channel_listener_t; it will go into the
1177 * CLOSING state, and eventually the lower layer should put it into the CLOSED
1178 * or ERROR state. Then, channel_run_cleanup() will eventually free it.
1179 */
1180 void
1182 {
1186 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1196 /* Note closing by request from above */
1199 /* Change state to CLOSING */
1202 /* Tell the lower layer */
1205 /*
1206 * It's up to the lower layer to change state to CLOSED or ERROR when we're
1207 * ready; we'll try to free channels that are in the finished list from
1208 * channel_run_cleanup(). The lower layer should do this by calling
1209 * channel_listener_closed().
1210 */
1211 }
1213 /**
1214 * Close a channel from the lower layer.
1215 *
1216 * Notify the channel code that the channel is being closed due to a non-error
1217 * condition in the lower layer. This does not call the close() method, since
1218 * the lower layer already knows.
1219 */
1220 void
1222 {
1225 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1234 /* Note closing by event from below */
1237 /* Change state to CLOSING */
1239 }
1241 /**
1242 * Notify that the channel is being closed due to an error condition.
1243 *
1244 * This function is called by the lower layer implementing the transport
1245 * when a channel must be closed due to an error condition. This does not
1246 * call the channel's close method, since the lower layer already knows.
1247 */
1248 void
1250 {
1253 /* If it's already in CLOSING, CLOSED or ERROR, this is a no-op */
1259 chan);
1261 /* Note closing by event from below */
1264 /* Change state to CLOSING */
1266 }
1268 /**
1269 * Notify that the lower layer is finished closing the channel.
1270 *
1271 * This function should be called by the lower layer when a channel
1272 * is finished closing and it should be regarded as inactive and
1273 * freed by the channel code.
1274 */
1275 void
1277 {
1281 /* No-op if already inactive */
1285 /* Inform any pending (not attached) circs that they should
1286 * give up. */
1290 /* Now close all the attached circuits on it. */
1297 }
1298 }
1300 /**
1301 * Clear the identity_digest of a channel.
1302 *
1303 * This function clears the identity digest of the remote endpoint for a
1304 * channel; this is intended for use by the lower layer.
1305 */
1306 void
1308 {
1314 "Clearing remote endpoint digest on channel %p with "
1322 /* if it's registered get it out of the digest map */
1327 }
1329 /**
1330 * Set the identity_digest of a channel.
1331 *
1332 * This function sets the identity digest of the remote endpoint for a
1333 * channel; this is intended for use by the lower layer.
1334 */
1335 void
1339 {
1345 "Setting remote endpoint digest on channel %p with "
1348 identity_digest ?
1353 was_in_digest_map =
1357 should_be_in_digest_map =
1364 /* We should always remove it; we'll add it back if we're writing
1365 * in a new digest.
1366 */
1371 identity_digest,
1376 }
1381 }
1383 /* Put it in the digest map if we should */
1386 }
1388 /**
1389 * Clear the remote end metadata (identity_digest) of a channel.
1390 *
1391 * This function clears all the remote end info from a channel; this is
1392 * intended for use by the lower layer.
1393 */
1394 void
1396 {
1402 "Clearing remote endpoint identity on channel %p with "
1410 /* if it's registered get it out of the digest map */
1415 }
1417 /**
1418 * Write to a channel the given packed cell.
1419 *
1420 * Two possible errors can happen. Either the channel is not opened or the
1421 * lower layer (specialized channel) failed to write it. In both cases, it is
1422 * the caller responsibility to free the cell.
1423 */
1424 static int
1426 {
1434 /* Assert that the state makes sense for a cell write */
1437 {
1438 circid_t circ_id;
1441 }
1442 }
1444 /* For statistical purposes, figure out how big this cell is */
1447 /* Can we send it right out? If so, try */
1450 }
1452 /* Write the cell on the connection's outbuf. */
1455 }
1456 /* Timestamp for transmission */
1458 /* Update the counter */
1461 /* Successfully sent the cell. */
1464 /* Update padding statistics for the packed codepath.. */
1472 }
1474 done:
1476 }
1478 /**
1479 * Write a packed cell to a channel.
1480 *
1481 * Write a packed cell to a channel using the write_cell() method. This is
1482 * called by the transport-independent code to deliver a packed cell to a
1483 * channel for transmission.
1484 *
1485 * Return 0 on success else a negative value. In both cases, the caller should
1486 * not access the cell anymore, it is freed both on success and error.
1487 */
1488 int
1490 {
1501 }
1503 "Writing %p to channel %p with global ID "
1508 end:
1509 /* Whatever happens, we free the cell. Either an error occurred or the cell
1510 * was put on the connection outbuf, both cases we have ownership of the
1511 * cell and we free it. */
1514 }
1516 /**
1517 * Change channel state.
1518 *
1519 * This internal and subclass use only function is used to change channel
1520 * state, performing all transition validity checks and whatever actions
1521 * are appropriate to the state transition in question.
1522 */
1523 static void
1525 {
1526 channel_state_t from_state;
1537 /* Check for no-op transitions */
1545 }
1547 /* If we're going to a closing or closed state, we must have a reason set */
1552 }
1555 "Changing state of channel %p (global ID %"PRIu64
1557 chan,
1564 /* Need to add to the right lists if the channel is registered */
1571 /* Need to take off active list and put on finished list? */
1577 }
1578 /* Need to put on active list? */
1583 }
1586 /* Now we need to handle the identity map */
1597 }
1598 }
1600 /*
1601 * If we're going to a closed/closing state, we don't need scheduling any
1602 * more; in CHANNEL_STATE_MAINT we can't accept writes.
1603 */
1610 }
1611 }
1613 /**
1614 * As channel_change_state_, but change the state to any state but open.
1615 */
1616 void
1618 {
1621 }
1623 /**
1624 * As channel_change_state, but change the state to open.
1625 */
1626 void
1628 {
1631 /* Tell circuits if we opened and stuff */
1634 }
1636 /**
1637 * Change channel listener state.
1638 *
1639 * This internal and subclass use only function is used to change channel
1640 * listener state, performing all transition validity checks and whatever
1641 * actions are appropriate to the state transition in question.
1642 */
1643 void
1645 channel_listener_state_t to_state)
1646 {
1647 channel_listener_state_t from_state;
1657 /* Check for no-op transitions */
1665 }
1667 /* If we're going to a closing or closed state, we must have a reason set */
1672 }
1675 "Changing state of channel listener %p (global ID %"PRIu64
1683 /* Need to add to the right lists if the channel listener is registered */
1690 /* Need to take off active list and put on finished list? */
1696 }
1697 /* Need to put on active list? */
1702 }
1703 }
1709 }
1710 }
1712 /* Maximum number of cells that is allowed to flush at once within
1713 * channel_flush_some_cells(). */
1714 #define MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED 256
1716 /**
1717 * Try to flush cells of the given channel chan up to a maximum of num_cells.
1718 *
1719 * This is called by the scheduler when it wants to flush cells from the
1720 * channel's circuit queue(s) to the connection outbuf (not yet on the wire).
1721 *
1722 * If the channel is not in state CHANNEL_STATE_OPEN, this does nothing and
1723 * will return 0 meaning no cells were flushed.
1724 *
1725 * If num_cells is -1, we'll try to flush up to the maximum cells allowed
1726 * defined in MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED.
1727 *
1728 * On success, the number of flushed cells are returned and it can never be
1729 * above num_cells. If 0 is returned, no cells were flushed either because the
1730 * channel was not opened or we had no cells on the channel. A negative number
1731 * can NOT be sent back.
1732 *
1733 * This function is part of the fast path. */
1736 {
1746 /* If we aren't in CHANNEL_STATE_OPEN, nothing goes through */
1749 /* Calculate number of cells, including clamp */
1754 MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED) {
1758 }
1759 }
1761 /* Try to get more cells from any active circuits */
1764 }
1765 }
1767 done:
1769 }
1771 /**
1772 * Check if any cells are available.
1773 *
1774 * This is used by the scheduler to know if the channel has more to flush
1775 * after a scheduling round.
1776 */
1779 {
1784 /* Else no */
1786 }
1788 /**
1789 * Notify the channel we're done flushing the output in the lower layer.
1790 *
1791 * Connection.c will call this when we've flushed the output; there's some
1792 * dirreq-related maintenance to do.
1793 */
1794 void
1796 {
1801 DIRREQ_TUNNELED,
1802 DIRREQ_CHANNEL_BUFFER_FLUSHED);
1803 }
1805 /**
1806 * Process the queue of incoming channels on a listener.
1807 *
1808 * Use a listener's registered callback to process as many entries in the
1809 * queue of incoming channels as possible.
1810 */
1811 void
1813 {
1816 /*
1817 * CHANNEL_LISTENER_STATE_CLOSING permitted because we drain the queue
1818 * while closing a listener.
1819 */
1825 "Processing queue of incoming connections for channel "
1838 chan,
1840 listener,
1842 /* Make sure this is set correctly */
1849 }
1851 /**
1852 * Take actions required when a channel becomes open.
1853 *
1854 * Handle actions we should do when we know a channel is open; a lot of
1855 * this comes from the old connection_or_set_state_open() of connection_or.c.
1856 *
1857 * Because of this mechanism, future channel_t subclasses should take care
1858 * not to change a channel from CHANNEL_STATE_OPENING to CHANNEL_STATE_OPEN
1859 * until there is positive confirmation that the network is operational.
1860 * In particular, anything UDP-based should not make this transition until a
1861 * packet is received from the other side.
1862 */
1863 void
1865 {
1866 tor_addr_t remote_addr;
1879 /* only report it to the geoip module if it's a client */
1889 now);
1891 /* Notify the DoS subsystem of a new client. */
1894 }
1895 }
1896 /* Otherwise the underlying transport can't tell us this, so skip it */
1897 }
1898 }
1900 /* Disable or reduce padding according to user prefs. */
1903 /* Disable if torrc disabled */
1907 CHANNELPADDING_SOS_PARAM,
1909 /* Disable if we're using RSOS and the consensus disabled padding
1910 * for RSOS */
1913 /* Padding can be forced and/or reduced by clients, regardless of if
1914 * the channel supports it */
1916 }
1917 }
1920 }
1922 /**
1923 * Queue an incoming channel on a listener.
1924 *
1925 * Internal and subclass use only function to queue an incoming channel from
1926 * a listener. A subclass of channel_listener_t should call this when a new
1927 * incoming channel is created.
1928 */
1929 void
1932 {
1945 /* Do we need to queue it, or can we just call the listener right away? */
1951 /* If we need to queue and have no queue, create one */
1954 }
1956 /* Bump the counter and timestamp it */
1961 /* If we don't need to queue, process it right away */
1965 }
1966 /*
1967 * Otherwise, we need to queue; queue and then process the queue if
1968 * we can.
1969 */
1974 }
1975 }
1977 /**
1978 * Process a cell from the given channel.
1979 */
1980 void
1982 {
1988 /* Nothing we can do if we have no registered cell handlers */
1992 /* Timestamp for receiving */
1994 /* Update received counter. */
1999 "Processing incoming cell_t %p for channel %p (global ID "
2003 }
2005 /** If <b>packed_cell</b> on <b>chan</b> is a destroy cell, then set
2006 * *<b>circid_out</b> to its circuit ID, and return true. Otherwise, return
2007 * false. */
2008 /* XXXX Move this function. */
2009 int
2013 {
2018 }
2023 }
2024 }
2026 }
2028 /**
2029 * Send destroy cell on a channel.
2030 *
2031 * Write a destroy cell with circ ID <b>circ_id</b> and reason <b>reason</b>
2032 * onto channel <b>chan</b>. Don't perform range-checking on reason:
2033 * we may want to propagate reasons from other cells.
2034 */
2035 int
2037 {
2046 }
2048 /* Check to make sure we can send on this channel first */
2053 "Sending destroy (circID %u) on channel %p "
2059 "Someone called channel_send_destroy() for circID %u "
2064 }
2067 }
2069 /**
2070 * Dump channel statistics to the log.
2071 *
2072 * This is called from dumpstats() in main.c and spams the log with
2073 * statistics on channels.
2074 */
2075 void
2077 {
2097 }
2098 }
2100 /**
2101 * Dump channel listener statistics to the log.
2102 *
2103 * This is called from dumpstats() in main.c and spams the log with
2104 * statistics on channel listeners.
2105 */
2106 void
2108 {
2128 }
2129 }
2131 /**
2132 * Clean up channels.
2133 *
2134 * This gets called periodically from run_scheduled_events() in main.c;
2135 * it cleans up after closed channels.
2136 */
2137 void
2139 {
2142 /* Check if we need to do anything */
2145 /* Iterate through finished_channels and get rid of them */
2148 /* Remove it from the list */
2150 /* Also unregister it */
2152 /* ... and free it */
2155 }
2157 /**
2158 * Clean up channel listeners.
2159 *
2160 * This gets called periodically from run_scheduled_events() in main.c;
2161 * it cleans up after closed channel listeners.
2162 */
2163 void
2165 {
2168 /* Check if we need to do anything */
2171 /* Iterate through finished_channels and get rid of them */
2174 /* Remove it from the list */
2176 /* Also unregister it */
2178 /* ... and free it */
2181 }
2183 /**
2184 * Free a list of channels for channel_free_all().
2185 */
2186 static void
2188 {
2192 /* Deregister and free it */
2199 /* Detach circuits early so they can find the channel */
2202 }
2208 }
2212 }
2214 /**
2215 * Free a list of channel listeners for channel_free_all().
2216 */
2217 static void
2219 {
2223 /* Deregister and free it */
2236 }
2240 }
2242 /**
2243 * Close all channels and free everything.
2244 *
2245 * This gets called from tor_free_all() in main.c to clean up on exit.
2246 * It will close all registered channels and free associated storage,
2247 * then free the all_channels, active_channels, listening_channels and
2248 * finished_channels lists and also channel_identity_map.
2249 */
2250 void
2252 {
2256 /* First, let's go for finished channels */
2261 }
2263 /* Now the finished listeners */
2268 }
2270 /* Now all active channels */
2275 }
2277 /* Now all active listeners */
2282 }
2284 /* Now all channels, in case any are left over */
2289 }
2291 /* Now all listeners, in case any are left over */
2296 }
2298 /* Now free channel_identity_map */
2301 /* Geez, anything still left over just won't die ... let it leak then */
2304 /* Same with channel_gid_map */
2311 }
2313 /**
2314 * Connect to a given addr/port/digest.
2315 *
2316 * This sets up a new outgoing channel; in the future if multiple
2317 * channel_t subclasses are available, this is where the selection policy
2318 * should go. It may also be desirable to fold port into tor_addr_t
2319 * or make a new type including a tor_addr_t and port, so we have a
2320 * single abstract object encapsulating all the protocol details of
2321 * how to contact an OR.
2322 */
2323 channel_t *
2327 {
2329 }
2331 /**
2332 * Decide which of two channels to prefer for extending a circuit.
2333 *
2334 * This function is called while extending a circuit and returns true iff
2335 * a is 'better' than b. The most important criterion here is that a
2336 * canonical channel is always better than a non-canonical one, but the
2337 * number of circuits and the age are used as tie-breakers.
2338 *
2339 * This is based on the former connection_or_is_better() of connection_or.c
2340 */
2341 int
2343 {
2349 /* If one channel is bad for new circuits, and the other isn't,
2350 * use the one that is still good. */
2356 /* Check if one is canonical and the other isn't first */
2363 /* Check if we suspect that one of the channels will be preferred
2364 * by the peer */
2368 /*
2369 * Okay, if we're here they tied on canonicity. Prefer the older
2370 * connection, so that the adversary can't create a new connection
2371 * and try to switch us over to it (which will leak information
2372 * about long-lived circuits). Additionally, switching connections
2373 * too often makes us more vulnerable to attacks like Torscan and
2374 * passive netflow-based equivalents.
2375 *
2376 * Connections will still only live for at most a week, due to
2377 * the check in connection_or_group_set_badness() against
2378 * TIME_BEFORE_OR_CONN_IS_TOO_OLD, which marks old connections as
2379 * unusable for new circuits after 1 week. That check sets
2380 * is_bad_for_new_circs, which is checked in channel_get_for_extend().
2381 *
2382 * We check channel_is_bad_for_new_circs() above here anyway, for safety.
2383 */
2389 }
2391 /**
2392 * Get a channel to extend a circuit.
2393 *
2394 * Given the desired relay identity, pick a suitable channel to extend a
2395 * circuit to the target IPv4 or IPv6 address requsted by the client. Search
2396 * for an existing channel for the requested endpoint. Make sure the channel
2397 * is usable for new circuits, and matches one of the target addresses.
2398 *
2399 * Try to return the best channel. But if there is no good channel, set
2400 * *msg_out to a message describing the channel's state and our next action,
2401 * and set *launch_out to a boolean indicated whether the caller should try to
2402 * launch a new channel with channel_connect().
2403 */
2411 {
2421 /* Walk the list of channels */
2429 /* Never return a channel on which the other end appears to be
2430 * a client. */
2433 }
2435 /* The Ed25519 key has to match too */
2438 }
2442 target_ipv4_addr,
2443 target_ipv6_addr);
2444 /* Never return a non-open connection. */
2446 /* If the address matches, don't launch a new connection for this
2447 * circuit. */
2451 }
2453 /* Never return a connection that shouldn't be used for circs. */
2457 }
2459 /* Only return canonical connections or connections where the address
2460 * is the address we wanted. */
2464 }
2469 }
2473 }
2492 }
2493 }
2495 /**
2496 * Describe the transport subclass for a channel.
2497 *
2498 * Invoke a method to get a string description of the lower-layer
2499 * transport for this channel.
2500 */
2503 {
2508 }
2510 /**
2511 * Describe the transport subclass for a channel listener.
2512 *
2513 * Invoke a method to get a string description of the lower-layer
2514 * transport for this channel listener.
2515 */
2518 {
2523 }
2525 /**
2526 * Dump channel statistics.
2527 *
2528 * Dump statistics for one channel to the log.
2529 */
2532 {
2535 tor_addr_t remote_addr;
2559 /* Handle digest. */
2571 }
2573 /* Handle remote address and descriptions */
2596 actual);
2598 }
2600 /* Handle marks */
2615 /* Describe circuits */
2625 /* Describe timestamps */
2645 /* Describe counters and rates */
2663 }
2677 }
2678 }
2685 }
2699 }
2700 }
2701 }
2703 /* Dump anything the lower layer has to say */
2705 }
2707 /**
2708 * Dump channel listener statistics.
2709 *
2710 * Dump statistics for one channel listener to the log.
2711 */
2712 void
2714 {
2747 /*
2748 * If it's sensible to do so, get the rate of incoming channels on this
2749 * listener
2750 */
2766 }
2767 }
2769 /* Dump anything the lower layer has to say */
2771 }
2773 /**
2774 * Invoke transport-specific stats dump for channel.
2775 *
2776 * If there is a lower-layer statistics dump method, invoke it.
2777 */
2778 void
2780 {
2784 }
2786 /**
2787 * Invoke transport-specific stats dump for channel listener.
2788 *
2789 * If there is a lower-layer statistics dump method, invoke it.
2790 */
2791 void
2794 {
2798 }
2800 /**
2801 * Return text description of the remote endpoint.
2802 *
2803 * This function return a test provided by the lower layer of the remote
2804 * endpoint for this channel; it should specify the actual address connected
2805 * to/from.
2806 *
2807 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2808 * may invalidate the return value from this function.
2809 */
2812 {
2816 /* Param 1 indicates the actual description */
2818 }
2820 /**
2821 * Return the text address of the remote endpoint.
2822 *
2823 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2824 * may invalidate the return value from this function.
2825 */
2828 {
2829 /* Param 1 indicates the actual description */
2831 }
2833 /**
2834 * Return text description of the remote endpoint canonical address.
2835 *
2836 * This function return a test provided by the lower layer of the remote
2837 * endpoint for this channel; it should use the known canonical address for
2838 * this OR's identity digest if possible.
2839 *
2840 * Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr}
2841 * may invalidate the return value from this function.
2842 */
2845 {
2849 /* Param 0 indicates the canonicalized description */
2851 }
2853 /**
2854 * Get remote address if possible.
2855 *
2856 * Write the remote address out to a tor_addr_t if the underlying transport
2857 * supports this operation, and return 1. Return 0 if the underlying transport
2858 * doesn't let us do this.
2859 */
2862 {
2868 /* Else no support, method not implemented */
2870 }
2872 /**
2873 * Return true iff the channel has any cells on the connection outbuf waiting
2874 * to be sent onto the network.
2875 */
2876 int
2878 {
2882 /* Check with the lower layer */
2884 }
2886 /**
2887 * Check the is_bad_for_new_circs flag.
2888 *
2889 * This function returns the is_bad_for_new_circs flag of the specified
2890 * channel.
2891 */
2892 int
2894 {
2898 }
2900 /**
2901 * Mark a channel as bad for new circuits.
2902 *
2903 * Set the is_bad_for_new_circs_flag on chan.
2904 */
2905 void
2907 {
2911 }
2913 /**
2914 * Get the client flag.
2915 *
2916 * This returns the client flag of a channel, which will be set if
2917 * command_process_create_cell() in command.c thinks this is a connection
2918 * from a client.
2919 */
2920 int
2922 {
2926 }
2928 /**
2929 * Set the client flag.
2930 *
2931 * Mark a channel as being from a client.
2932 */
2933 void
2935 {
2939 }
2941 /**
2942 * Clear the client flag.
2943 *
2944 * Mark a channel as being _not_ from a client.
2945 */
2946 void
2948 {
2952 }
2954 /**
2955 * Get the canonical flag for a channel.
2956 *
2957 * This returns the is_canonical for a channel; this flag is determined by
2958 * the lower layer and can't be set in a transport-independent way.
2959 */
2960 int
2962 {
2967 }
2969 /**
2970 * Test incoming flag.
2971 *
2972 * This function gets the incoming flag; this is set when a listener spawns
2973 * a channel. If this returns true the channel was remotely initiated.
2974 */
2975 int
2977 {
2981 }
2983 /**
2984 * Set the incoming flag.
2985 *
2986 * This function is called when a channel arrives on a listening channel
2987 * to mark it as incoming.
2988 */
2989 void
2991 {
2995 }
2997 /**
2998 * Test local flag.
2999 *
3000 * This function gets the local flag; the lower layer should set this when
3001 * setting up the channel if is_local_addr() is true for all of the
3002 * destinations it will communicate with on behalf of this channel. It's
3003 * used to decide whether to declare the network reachable when seeing incoming
3004 * traffic on the channel.
3005 */
3006 int
3008 {
3012 }
3014 /**
3015 * Set the local flag.
3016 *
3017 * This internal-only function should be called by the lower layer if the
3018 * channel is to a local address. See channel_is_local() above or the
3019 * description of the is_local bit in channel.h.
3020 */
3021 void
3023 {
3027 }
3029 /**
3030 * Mark a channel as remote.
3031 *
3032 * This internal-only function should be called by the lower layer if the
3033 * channel is not to a local address but has previously been marked local.
3034 * See channel_is_local() above or the description of the is_local bit in
3035 * channel.h
3036 */
3037 void
3039 {
3043 }
3045 /**
3046 * Test outgoing flag.
3047 *
3048 * This function gets the outgoing flag; this is the inverse of the incoming
3049 * bit set when a listener spawns a channel. If this returns true the channel
3050 * was locally initiated.
3051 */
3052 int
3054 {
3058 }
3060 /**
3061 * Mark a channel as outgoing.
3062 *
3063 * This function clears the incoming flag and thus marks a channel as
3064 * outgoing.
3065 */
3066 void
3068 {
3072 }
3074 /************************
3075 * Flow control queries *
3076 ***********************/
3078 /**
3079 * Estimate the number of writeable cells.
3080 *
3081 * Ask the lower layer for an estimate of how many cells it can accept.
3082 */
3083 int
3085 {
3092 /* Query lower layer */
3096 /* No cells are writeable in any other state */
3098 }
3101 }
3103 /*********************
3104 * Timestamp updates *
3105 ********************/
3107 /**
3108 * Update the created timestamp for a channel.
3109 *
3110 * This updates the channel's created timestamp and should only be called
3111 * from channel_init().
3112 */
3113 void
3115 {
3121 }
3123 /**
3124 * Update the created timestamp for a channel listener.
3125 *
3126 * This updates the channel listener's created timestamp and should only be
3127 * called from channel_init_listener().
3128 */
3129 void
3131 {
3137 }
3139 /**
3140 * Update the last active timestamp for a channel.
3141 *
3142 * This function updates the channel's last active timestamp; it should be
3143 * called by the lower layer whenever there is activity on the channel which
3144 * does not lead to a cell being transmitted or received; the active timestamp
3145 * is also updated from channel_timestamp_recv() and channel_timestamp_xmit(),
3146 * but it should be updated for things like the v3 handshake and stuff that
3147 * produce activity only visible to the lower layer.
3148 */
3149 void
3151 {
3159 /* Clear any potential netflow padding timer. We're active */
3161 }
3163 /**
3164 * Update the last active timestamp for a channel listener.
3165 */
3166 void
3168 {
3174 }
3176 /**
3177 * Update the last accepted timestamp.
3178 *
3179 * This function updates the channel listener's last accepted timestamp; it
3180 * should be called whenever a new incoming channel is accepted on a
3181 * listener.
3182 */
3183 void
3185 {
3192 }
3194 /**
3195 * Update client timestamp.
3196 *
3197 * This function is called by relay.c to timestamp a channel that appears to
3198 * be used as a client.
3199 */
3200 void
3202 {
3208 }
3210 /**
3211 * Update the recv timestamp.
3212 *
3213 * This is called whenever we get an incoming cell from the lower layer.
3214 * This also updates the active timestamp.
3215 */
3216 void
3218 {
3226 /* Clear any potential netflow padding timer. We're active */
3228 }
3230 /**
3231 * Update the xmit timestamp.
3232 *
3233 * This is called whenever we pass an outgoing cell to the lower layer. This
3234 * also updates the active timestamp.
3235 */
3236 void
3238 {
3247 /* Clear any potential netflow padding timer. We're active */
3249 }
3251 /***************************************************************
3252 * Timestamp queries - see above for definitions of timestamps *
3253 **************************************************************/
3255 /**
3256 * Query created timestamp for a channel.
3257 */
3258 time_t
3260 {
3264 }
3266 /**
3267 * Query client timestamp.
3268 */
3269 time_t
3271 {
3275 }
3277 /**
3278 * Query xmit timestamp.
3279 */
3280 time_t
3282 {
3286 }
3288 /**
3289 * Check if a channel matches an extend_info_t.
3290 *
3291 * This function calls the lower layer and asks if this channel matches a
3292 * given extend_info_t.
3293 */
3294 int
3296 {
3302 }
3304 /**
3305 * Check if a channel matches the given target IPv4 or IPv6 addresses.
3306 * If either address matches, return true. If neither address matches,
3307 * return false.
3308 *
3309 * Both addresses can't be NULL.
3310 *
3311 * This function calls into the lower layer and asks if this channel thinks
3312 * it matches the target addresses for circuit extension purposes.
3313 */
3314 static bool
3318 {
3332 }
3334 /**
3335 * Return the total number of circuits used by a channel.
3336 *
3337 * @param chan Channel to query
3338 * @return Number of circuits using this as n_chan or p_chan
3339 */
3340 unsigned int
3342 {
3347 }
3349 /**
3350 * Set up circuit ID generation.
3351 *
3352 * This is called when setting up a channel and replaces the old
3353 * connection_or_set_circid_type().
3354 */
3359 {
3370 else
3373 }
3383 }
3386 }
3387 }
3389 static int
3391 {
3397 }
3399 /** Helper for channel_update_bad_for_new_circs(): Perform the
3400 * channel_update_bad_for_new_circs operation on all channels in <b>lst</b>,
3401 * all of which MUST have the same RSA ID. (They MAY have different
3402 * Ed25519 IDs.) */
3403 static void
3405 {
3406 /*XXXX This function should really be about channels. 15056 */
3412 /* if there is only one channel, don't bother looping */
3417 }
3424 }
3425 }
3430 /* it would be more efficient to do a slice, but this case is rare */
3439 common_ed25519_identity)) {
3443 }
3450 /* XXXX 15056 we may want to do something special with connections that have
3451 * no set Ed25519 identity! */
3455 }
3457 /** Go through all the channels (or if <b>digest</b> is non-NULL, just
3458 * the OR connections with that digest), and set the is_bad_for_new_circs
3459 * flag based on the rules in connection_or_group_set_badness() (or just
3460 * always set it if <b>force</b> is true).
3461 */
3462 void
3464 {
3467 channel_idmap_entry_t search;
3473 }
3475 }
3477 /* no digest; just look at everything. */
3481 }
3482 }