1 /* Copyright (c) 2001 Matej Pfajfar.
2 * Copyright (c) 2001-2004, Roger Dingledine.
3 * Copyright (c) 2004-2007, Roger Dingledine, Nick Mathewson. */
4 /* See LICENSE for licensing information */
6 const char main_c_id
[] =
11 * \brief Toplevel module. Handles signals, multiplexes between
12 * connections, implements main loop, and drives scheduled events.
20 void evdns_shutdown(int);
23 /********* PROTOTYPES **********/
25 static void dumpmemusage(int severity
);
26 static void dumpstats(int severity
); /* log stats */
27 static void conn_read_callback(int fd
, short event
, void *_conn
);
28 static void conn_write_callback(int fd
, short event
, void *_conn
);
29 static void signal_callback(int fd
, short events
, void *arg
);
30 static void second_elapsed_callback(int fd
, short event
, void *args
);
31 static int conn_close_if_marked(int i
);
33 /********* START VARIABLES **********/
35 int global_read_bucket
; /**< Max number of bytes I can read this second. */
36 int global_write_bucket
; /**< Max number of bytes I can write this second. */
38 /** What was the read bucket before the last call to prepare_for_pool?
39 * (used to determine how many bytes we've read). */
40 static int stats_prev_global_read_bucket
;
41 /** What was the write bucket before the last call to prepare_for_pool?
42 * (used to determine how many bytes we've written). */
43 static int stats_prev_global_write_bucket
;
44 /** How many bytes have we read/written since we started the process? */
45 static uint64_t stats_n_bytes_read
= 0;
46 static uint64_t stats_n_bytes_written
= 0;
47 /** What time did this process start up? */
48 long time_of_process_start
= 0;
49 /** How many seconds have we been running? */
50 long stats_n_seconds_working
= 0;
51 /** When do we next download a directory? */
52 static time_t time_to_fetch_directory
= 0;
53 /** When do we next download a running-routers summary? */
54 static time_t time_to_fetch_running_routers
= 0;
55 /** When do we next launch DNS wildcarding checks? */
56 static time_t time_to_check_for_correct_dns
= 0;
58 /** How often will we honor SIGNEWNYM requests? */
59 #define MAX_SIGNEWNYM_RATE 10
60 /** When did we last process a SIGNEWNYM request? */
61 static time_t time_of_last_signewnym
= 0;
62 /** Is there a signewnym request we're currently waiting to handle? */
63 static int signewnym_is_pending
= 0;
65 /** Array of all open connections. The first n_conns elements are valid. */
66 static connection_t
*connection_array
[MAXCONNECTIONS
+1] =
68 /** List of connections that have been marked for close and need to be freed
69 * and removed from connection_array. */
70 static smartlist_t
*closeable_connection_lst
= NULL
;
72 static int n_conns
=0; /**< Number of connections currently active. */
74 /** We set this to 1 when we've opened a circuit, so we can print a log
75 * entry to inform the user that Tor is working. */
76 int has_completed_circuit
=0;
79 #define MS_WINDOWS_SERVICE
82 #ifdef MS_WINDOWS_SERVICE
84 #define GENSRV_SERVICENAME TEXT("tor")
85 #define GENSRV_DISPLAYNAME TEXT("Tor Win32 Service")
86 #define GENSRV_DESCRIPTION \
87 TEXT("Provides an anonymous Internet communication system")
88 #define GENSRV_USERACCT TEXT("NT AUTHORITY\\LocalService")
90 // Cheating: using the pre-defined error codes, tricks Windows into displaying
91 // a semi-related human-readable error message if startup fails as
92 // opposed to simply scaring people with Error: 0xffffffff
93 #define NT_SERVICE_ERROR_TORINIT_FAILED ERROR_EXCEPTION_IN_SERVICE
95 SERVICE_STATUS service_status
;
96 SERVICE_STATUS_HANDLE hStatus
;
97 /* XXXX This 'backup argv' and 'backup argc' business is an ugly hack. This
98 * is a job for arguments, not globals. */
99 static char **backup_argv
;
100 static int backup_argc
;
101 static int nt_service_is_stopping(void);
102 static char* nt_strerror(uint32_t errnum
);
104 #define nt_service_is_stopping() (0)
107 /** If our router descriptor ever goes this long without being regenerated
108 * because something changed, we force an immediate regenerate-and-upload. */
109 #define FORCE_REGENERATE_DESCRIPTOR_INTERVAL (18*60*60)
110 /** How often do we check whether part of our router info has changed in a way
111 * that would require an upload? */
112 #define CHECK_DESCRIPTOR_INTERVAL (60)
113 /** How often do we (as a router) check whether our IP address has changed? */
114 #define CHECK_IPADDRESS_INTERVAL (15*60)
115 /** How often do we check buffers for empty space that can be deallocated? */
116 #define BUF_SHRINK_INTERVAL (60)
117 /** How often do we check for router descriptors that we should download? */
118 #define DESCRIPTOR_RETRY_INTERVAL (10)
119 /** How often do we 'forgive' undownloadable router descriptors and attempt
120 * to download them again? */
121 #define DESCRIPTOR_FAILURE_RESET_INTERVAL (60*60)
122 /** How often do we add more entropy to OpenSSL's RNG pool? */
123 #define ENTROPY_INTERVAL (60*60)
124 /** How long do we let a directory connection stall before expiring it? */
125 #define DIR_CONN_MAX_STALL (5*60)
127 /** How old do we let a connection to an OR get before deciding it's
129 #define TIME_BEFORE_OR_CONN_IS_OBSOLETE (60*60*24*7)
130 /** How long do we let OR connections handshake before we decide that
131 * they are obsolete? */
132 #define TLS_HANDSHAKE_TIMEOUT (60)
134 /********* END VARIABLES ************/
136 /****************************************************************************
138 * This section contains accessors and other methods on the connection_array
139 * variables (which are global within this file and unavailable outside it).
141 ****************************************************************************/
143 /** Add <b>conn</b> to the array of connections that we can poll on. The
144 * connection's socket must be set; the connection starts out
145 * non-reading and non-writing.
148 connection_add(connection_t
*conn
)
151 tor_assert(conn
->s
>= 0);
153 if (n_conns
>= get_options()->_ConnLimit
-1) {
154 log_warn(LD_NET
,"Failing because we have %d connections already. Please "
155 "raise your ulimit -n.", n_conns
);
156 control_event_general_status(LOG_WARN
, "TOO_MANY_CONNECTIONS CURRENT=%d",
161 tor_assert(conn
->conn_array_index
== -1); /* can only connection_add once */
162 conn
->conn_array_index
= n_conns
;
163 connection_array
[n_conns
] = conn
;
165 conn
->read_event
= tor_malloc_zero(sizeof(struct event
));
166 conn
->write_event
= tor_malloc_zero(sizeof(struct event
));
167 event_set(conn
->read_event
, conn
->s
, EV_READ
|EV_PERSIST
,
168 conn_read_callback
, conn
);
169 event_set(conn
->write_event
, conn
->s
, EV_WRITE
|EV_PERSIST
,
170 conn_write_callback
, conn
);
174 log_debug(LD_NET
,"new conn type %s, socket %d, n_conns %d.",
175 conn_type_to_string(conn
->type
), conn
->s
, n_conns
);
180 /** Remove the connection from the global list, and remove the
181 * corresponding poll entry. Calling this function will shift the last
182 * connection (if any) into the position occupied by conn.
185 connection_remove(connection_t
*conn
)
190 tor_assert(n_conns
>0);
192 log_debug(LD_NET
,"removing socket %d (type %s), n_conns now %d",
193 conn
->s
, conn_type_to_string(conn
->type
), n_conns
-1);
195 tor_assert(conn
->conn_array_index
>= 0);
196 current_index
= conn
->conn_array_index
;
197 if (current_index
== n_conns
-1) { /* this is the end */
202 connection_unregister(conn
);
204 /* replace this one with the one at the end */
206 connection_array
[current_index
] = connection_array
[n_conns
];
207 connection_array
[current_index
]->conn_array_index
= current_index
;
212 /** If it's an edge conn, remove it from the list
213 * of conn's on this circuit. If it's not on an edge,
214 * flush and send destroys for all circuits on this conn.
216 * If <b>remove</b> is non-zero, then remove it from the
217 * connection_array and closeable_connection_lst.
222 connection_unlink(connection_t
*conn
, int remove
)
224 connection_about_to_close_connection(conn
);
226 connection_remove(conn
);
228 smartlist_remove(closeable_connection_lst
, conn
);
229 if (conn
->type
== CONN_TYPE_EXIT
) {
230 assert_connection_edge_not_dns_pending(TO_EDGE_CONN(conn
));
232 if (conn
->type
== CONN_TYPE_OR
) {
233 if (!tor_digest_is_zero(TO_OR_CONN(conn
)->identity_digest
))
234 connection_or_remove_from_identity_map(TO_OR_CONN(conn
));
236 connection_free(conn
);
239 /** Schedule <b>conn</b> to be closed. **/
241 add_connection_to_closeable_list(connection_t
*conn
)
243 tor_assert(!smartlist_isin(closeable_connection_lst
, conn
));
244 tor_assert(conn
->marked_for_close
);
245 assert_connection_ok(conn
, time(NULL
));
246 smartlist_add(closeable_connection_lst
, conn
);
249 /** Return 1 if conn is on the closeable list, else return 0. */
251 connection_is_on_closeable_list(connection_t
*conn
)
253 return smartlist_isin(closeable_connection_lst
, conn
);
256 /** Return true iff conn is in the current poll array. */
258 connection_in_array(connection_t
*conn
)
261 for (i
=0; i
<n_conns
; ++i
) {
262 if (conn
==connection_array
[i
])
268 /** Set <b>*array</b> to an array of all connections, and <b>*n</b>
269 * to the length of the array. <b>*array</b> and <b>*n</b> must not
273 get_connection_array(connection_t
***array
, int *n
)
275 *array
= connection_array
;
279 /** Set the event mask on <b>conn</b> to <b>events</b>. (The event
280 * mask is a bitmask whose bits are EV_READ and EV_WRITE.)
283 connection_watch_events(connection_t
*conn
, short events
)
288 tor_assert(conn
->read_event
);
289 tor_assert(conn
->write_event
);
291 if (events
& EV_READ
) {
292 r
= event_add(conn
->read_event
, NULL
);
294 r
= event_del(conn
->read_event
);
299 "Error from libevent setting read event state for %d to "
301 conn
->s
, (events
& EV_READ
)?"":"un",
302 tor_socket_strerror(tor_socket_errno(conn
->s
)));
304 if (events
& EV_WRITE
) {
305 r
= event_add(conn
->write_event
, NULL
);
307 r
= event_del(conn
->write_event
);
312 "Error from libevent setting read event state for %d to "
314 conn
->s
, (events
& EV_WRITE
)?"":"un",
315 tor_socket_strerror(tor_socket_errno(conn
->s
)));
318 /** Return true iff <b>conn</b> is listening for read events. */
320 connection_is_reading(connection_t
*conn
)
324 return conn
->read_event
&& event_pending(conn
->read_event
, EV_READ
, NULL
);
327 /** Tell the main loop to stop notifying <b>conn</b> of any read events. */
329 connection_stop_reading(connection_t
*conn
)
332 tor_assert(conn
->read_event
);
334 log_debug(LD_NET
,"entering.");
335 if (event_del(conn
->read_event
))
336 log_warn(LD_NET
, "Error from libevent setting read event state for %d "
339 tor_socket_strerror(tor_socket_errno(conn
->s
)));
342 /** Tell the main loop to start notifying <b>conn</b> of any read events. */
344 connection_start_reading(connection_t
*conn
)
347 tor_assert(conn
->read_event
);
349 if (event_add(conn
->read_event
, NULL
))
350 log_warn(LD_NET
, "Error from libevent setting read event state for %d "
353 tor_socket_strerror(tor_socket_errno(conn
->s
)));
356 /** Return true iff <b>conn</b> is listening for write events. */
358 connection_is_writing(connection_t
*conn
)
362 return conn
->write_event
&& event_pending(conn
->write_event
, EV_WRITE
, NULL
);
365 /** Tell the main loop to stop notifying <b>conn</b> of any write events. */
367 connection_stop_writing(connection_t
*conn
)
370 tor_assert(conn
->write_event
);
372 if (event_del(conn
->write_event
))
373 log_warn(LD_NET
, "Error from libevent setting write event state for %d "
376 tor_socket_strerror(tor_socket_errno(conn
->s
)));
379 /** Tell the main loop to start notifying <b>conn</b> of any write events. */
381 connection_start_writing(connection_t
*conn
)
384 tor_assert(conn
->write_event
);
386 if (event_add(conn
->write_event
, NULL
))
387 log_warn(LD_NET
, "Error from libevent setting write event state for %d "
390 tor_socket_strerror(tor_socket_errno(conn
->s
)));
393 /** Close all connections that have been scheduled to get closed */
395 close_closeable_connections(void)
398 for (i
= 0; i
< smartlist_len(closeable_connection_lst
); ) {
399 connection_t
*conn
= smartlist_get(closeable_connection_lst
, i
);
400 if (conn
->conn_array_index
< 0) {
401 connection_unlink(conn
, 0); /* blow it away right now */
403 if (!conn_close_if_marked(conn
->conn_array_index
))
409 /** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
410 * some data to read. */
412 conn_read_callback(int fd
, short event
, void *_conn
)
414 connection_t
*conn
= _conn
;
418 log_debug(LD_NET
,"socket %d wants to read.",conn
->s
);
420 assert_connection_ok(conn
, time(NULL
));
422 if (connection_handle_read(conn
) < 0) {
423 if (!conn
->marked_for_close
) {
425 log_warn(LD_BUG
,"Bug: unhandled error on read for %s connection "
427 conn_type_to_string(conn
->type
), conn
->s
);
428 tor_fragile_assert();
430 if (CONN_IS_EDGE(conn
))
431 connection_edge_end_errno(TO_EDGE_CONN(conn
),
432 TO_EDGE_CONN(conn
)->cpath_layer
);
433 connection_mark_for_close(conn
);
436 assert_connection_ok(conn
, time(NULL
));
438 if (smartlist_len(closeable_connection_lst
))
439 close_closeable_connections();
442 /** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
443 * some data to write. */
445 conn_write_callback(int fd
, short events
, void *_conn
)
447 connection_t
*conn
= _conn
;
451 LOG_FN_CONN(conn
, (LOG_DEBUG
, LD_NET
, "socket %d wants to write.",conn
->s
));
453 assert_connection_ok(conn
, time(NULL
));
455 if (connection_handle_write(conn
, 0) < 0) {
456 if (!conn
->marked_for_close
) {
457 /* this connection is broken. remove it. */
458 log_fn(LOG_WARN
,LD_BUG
,
459 "Bug: unhandled error on write for %s connection (fd %d); removing",
460 conn_type_to_string(conn
->type
), conn
->s
);
461 tor_fragile_assert();
462 if (CONN_IS_EDGE(conn
)) {
463 /* otherwise we cry wolf about duplicate close */
464 edge_connection_t
*edge_conn
= TO_EDGE_CONN(conn
);
465 if (!edge_conn
->end_reason
)
466 edge_conn
->end_reason
= END_STREAM_REASON_INTERNAL
;
467 conn
->edge_has_sent_end
= 1;
469 /* XXX do we need a close-immediate here, so we don't try to flush? */
470 connection_mark_for_close(conn
);
473 assert_connection_ok(conn
, time(NULL
));
475 if (smartlist_len(closeable_connection_lst
))
476 close_closeable_connections();
479 /** If the connection at connection_array[i] is marked for close, then:
480 * - If it has data that it wants to flush, try to flush it.
481 * - If it _still_ has data to flush, and conn->hold_open_until_flushed is
482 * true, then leave the connection open and return.
483 * - Otherwise, remove the connection from connection_array and from
484 * all other lists, close it, and free it.
485 * Returns 1 if the connection was closed, 0 otherwise.
488 conn_close_if_marked(int i
)
493 conn
= connection_array
[i
];
494 if (!conn
->marked_for_close
)
495 return 0; /* nothing to see here, move along */
496 assert_connection_ok(conn
, time(NULL
));
497 assert_all_pending_dns_resolves_ok();
499 log_debug(LD_NET
,"Cleaning up connection (fd %d).",conn
->s
);
500 if (conn
->s
>= 0 && connection_wants_to_flush(conn
)) {
501 /* s == -1 means it's an incomplete edge connection, or that the socket
502 * has already been closed as unflushable. */
503 int sz
= connection_bucket_write_limit(conn
);
504 if (!conn
->hold_open_until_flushed
)
506 "Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
507 "to flush %d bytes. (Marked at %s:%d)",
508 escaped_safe_str(conn
->address
),
509 conn
->s
, conn_type_to_string(conn
->type
), conn
->state
,
510 (int)conn
->outbuf_flushlen
,
511 conn
->marked_for_close_file
, conn
->marked_for_close
);
512 if (connection_speaks_cells(conn
)) {
513 if (conn
->state
== OR_CONN_STATE_OPEN
) {
514 retval
= flush_buf_tls(TO_OR_CONN(conn
)->tls
, conn
->outbuf
, sz
,
515 &conn
->outbuf_flushlen
);
517 retval
= -1; /* never flush non-open broken tls connections */
519 retval
= flush_buf(conn
->s
, conn
->outbuf
, sz
, &conn
->outbuf_flushlen
);
521 if (retval
>= 0 && /* Technically, we could survive things like
522 TLS_WANT_WRITE here. But don't bother for now. */
523 conn
->hold_open_until_flushed
&& connection_wants_to_flush(conn
)) {
525 LOG_FN_CONN(conn
, (LOG_INFO
,LD_NET
,
526 "Holding conn (fd %d) open for more flushing.",
528 /* XXX should we reset timestamp_lastwritten here? */
531 if (connection_wants_to_flush(conn
)) {
533 if (conn
->type
== CONN_TYPE_EXIT
||
534 (conn
->type
== CONN_TYPE_OR
&& server_mode(get_options())) ||
535 (conn
->type
== CONN_TYPE_DIR
&& conn
->purpose
== DIR_PURPOSE_SERVER
))
538 severity
= LOG_NOTICE
;
539 /* XXXX Maybe allow this to happen a certain amount per hour; it usually
541 log_fn(severity
, LD_NET
, "We stalled too much while trying to write %d "
542 "bytes to addr %s. If this happens a lot, either "
543 "something is wrong with your network connection, or "
544 "something is wrong with theirs. "
545 "(fd %d, type %s, state %d, marked at %s:%d).",
546 (int)buf_datalen(conn
->outbuf
),
547 escaped_safe_str(conn
->address
), conn
->s
,
548 conn_type_to_string(conn
->type
), conn
->state
,
549 conn
->marked_for_close_file
,
550 conn
->marked_for_close
);
553 connection_unlink(conn
, 1); /* unlink, remove, free */
557 /** We've just tried every dirserver we know about, and none of
558 * them were reachable. Assume the network is down. Change state
559 * so next time an application connection arrives we'll delay it
560 * and try another directory fetch. Kill off all the circuit_wait
561 * streams that are waiting now, since they will all timeout anyway.
564 directory_all_unreachable(time_t now
)
569 stats_n_seconds_working
=0; /* reset it */
571 while ((conn
= connection_get_by_type_state(CONN_TYPE_AP
,
572 AP_CONN_STATE_CIRCUIT_WAIT
))) {
573 edge_connection_t
*edge_conn
= TO_EDGE_CONN(conn
);
575 "Is your network connection down? "
576 "Failing connection to '%s:%d'.",
577 safe_str(edge_conn
->socks_request
->address
),
578 edge_conn
->socks_request
->port
);
579 connection_mark_unattached_ap(edge_conn
,
580 END_STREAM_REASON_NET_UNREACHABLE
);
582 control_event_general_status(LOG_ERR
, "DIR_ALL_UNREACHABLE");
585 /** This function is called whenever we successfully pull down some new
586 * network statuses or server descriptors. */
588 directory_info_has_arrived(time_t now
, int from_cache
)
590 or_options_t
*options
= get_options();
592 if (!router_have_minimum_dir_info()) {
593 log(LOG_NOTICE
, LD_DIR
,
594 "I learned some more directory information, but not enough to "
596 update_router_descriptor_downloads(now
);
600 if (server_mode(options
) && !we_are_hibernating() && !from_cache
&&
601 (has_completed_circuit
|| !any_predicted_circuits(now
)))
602 consider_testing_reachability(1, 1);
605 /** Perform regular maintenance tasks for a single connection. This
606 * function gets run once per second per connection by run_scheduled_events.
609 run_connection_housekeeping(int i
, time_t now
)
612 connection_t
*conn
= connection_array
[i
];
613 or_options_t
*options
= get_options();
614 or_connection_t
*or_conn
;
616 if (conn
->outbuf
&& !buf_datalen(conn
->outbuf
) && conn
->type
== CONN_TYPE_OR
)
617 TO_OR_CONN(conn
)->timestamp_lastempty
= now
;
619 if (conn
->marked_for_close
) {
620 /* nothing to do here */
624 /* Expire any directory connections that haven't been active (sent
625 * if a server or received if a client) for 5 min */
626 if (conn
->type
== CONN_TYPE_DIR
&&
627 ((DIR_CONN_IS_SERVER(conn
) &&
628 conn
->timestamp_lastwritten
+ DIR_CONN_MAX_STALL
< now
) ||
629 (!DIR_CONN_IS_SERVER(conn
) &&
630 conn
->timestamp_lastread
+ DIR_CONN_MAX_STALL
< now
))) {
631 log_info(LD_DIR
,"Expiring wedged directory conn (fd %d, purpose %d)",
632 conn
->s
, conn
->purpose
);
633 /* This check is temporary; it's to let us know whether we should consider
634 * parsing partial serverdesc responses. */
635 if (conn
->purpose
== DIR_PURPOSE_FETCH_SERVERDESC
&&
636 buf_datalen(conn
->inbuf
)>=1024) {
637 log_info(LD_DIR
,"Trying to extract information from wedged server desc "
639 connection_dir_reached_eof(TO_DIR_CONN(conn
));
641 connection_mark_for_close(conn
);
646 if (!connection_speaks_cells(conn
))
647 return; /* we're all done here, the rest is just for OR conns */
649 or_conn
= TO_OR_CONN(conn
);
651 if (!conn
->or_is_obsolete
) {
652 if (conn
->timestamp_created
+ TIME_BEFORE_OR_CONN_IS_OBSOLETE
< now
) {
654 "Marking OR conn to %s:%d obsolete (fd %d, %d secs old).",
655 conn
->address
, conn
->port
, conn
->s
,
656 (int)(now
- conn
->timestamp_created
));
657 conn
->or_is_obsolete
= 1;
659 or_connection_t
*best
=
660 connection_or_get_by_identity_digest(or_conn
->identity_digest
);
661 if (best
&& best
!= or_conn
&&
662 (conn
->state
== OR_CONN_STATE_OPEN
||
663 now
> conn
->timestamp_created
+ TLS_HANDSHAKE_TIMEOUT
)) {
664 /* We only mark as obsolete connections that already are in
665 * OR_CONN_STATE_OPEN, i.e. that have finished their TLS handshaking.
666 * This is necessary because authorities judge whether a router is
667 * reachable based on whether they were able to TLS handshake with it
668 * recently. Without this check we would expire connections too
669 * early for router->last_reachable to be updated.
672 "Marking duplicate conn to %s:%d obsolete "
673 "(fd %d, %d secs old).",
674 conn
->address
, conn
->port
, conn
->s
,
675 (int)(now
- conn
->timestamp_created
));
676 conn
->or_is_obsolete
= 1;
681 if (conn
->or_is_obsolete
&& !or_conn
->n_circuits
) {
682 /* no unmarked circs -- mark it now */
684 "Expiring non-used OR connection to fd %d (%s:%d) [Obsolete].",
685 conn
->s
, conn
->address
, conn
->port
);
686 connection_mark_for_close(conn
);
687 conn
->hold_open_until_flushed
= 1;
691 /* If we haven't written to an OR connection for a while, then either nuke
692 the connection or send a keepalive, depending. */
693 if (now
>= conn
->timestamp_lastwritten
+ options
->KeepalivePeriod
) {
694 routerinfo_t
*router
= router_get_by_digest(or_conn
->identity_digest
);
695 if (!connection_state_is_open(conn
)) {
696 log_info(LD_OR
,"Expiring non-open OR connection to fd %d (%s:%d).",
697 conn
->s
,conn
->address
, conn
->port
);
698 connection_mark_for_close(conn
);
699 conn
->hold_open_until_flushed
= 1;
700 } else if (we_are_hibernating() && !or_conn
->n_circuits
&&
701 !buf_datalen(conn
->outbuf
)) {
702 log_info(LD_OR
,"Expiring non-used OR connection to fd %d (%s:%d) "
703 "[Hibernating or exiting].",
704 conn
->s
,conn
->address
, conn
->port
);
705 connection_mark_for_close(conn
);
706 conn
->hold_open_until_flushed
= 1;
707 } else if (!clique_mode(options
) && !or_conn
->n_circuits
&&
708 (!router
|| !server_mode(options
) ||
709 !router_is_clique_mode(router
))) {
710 log_info(LD_OR
,"Expiring non-used OR connection to fd %d (%s:%d) "
711 "[Not in clique mode].",
712 conn
->s
,conn
->address
, conn
->port
);
713 connection_mark_for_close(conn
);
714 conn
->hold_open_until_flushed
= 1;
716 now
>= or_conn
->timestamp_lastempty
+ options
->KeepalivePeriod
*10 &&
717 now
>= conn
->timestamp_lastwritten
+ options
->KeepalivePeriod
*10) {
718 log_fn(LOG_PROTOCOL_WARN
,LD_PROTOCOL
,
719 "Expiring stuck OR connection to fd %d (%s:%d). (%d bytes to "
720 "flush; %d seconds since last write)",
721 conn
->s
, conn
->address
, conn
->port
,
722 (int)buf_datalen(conn
->outbuf
),
723 (int)(now
-conn
->timestamp_lastwritten
));
724 connection_mark_for_close(conn
);
725 } else if (!buf_datalen(conn
->outbuf
)) {
726 /* either in clique mode, or we've got a circuit. send a padding cell. */
727 log_fn(LOG_DEBUG
,LD_OR
,"Sending keepalive to (%s:%d)",
728 conn
->address
, conn
->port
);
729 memset(&cell
,0,sizeof(cell_t
));
730 cell
.command
= CELL_PADDING
;
731 connection_or_write_cell_to_buf(&cell
, or_conn
);
736 /** Perform regular maintenance tasks. This function gets run once per
737 * second by prepare_for_poll.
740 run_scheduled_events(time_t now
)
742 static time_t last_rotated_certificate
= 0;
743 static time_t time_to_check_listeners
= 0;
744 static time_t time_to_check_descriptor
= 0;
745 static time_t time_to_check_ipaddress
= 0;
746 static time_t time_to_shrink_buffers
= 0;
747 static time_t time_to_try_getting_descriptors
= 0;
748 static time_t time_to_reset_descriptor_failures
= 0;
749 static time_t time_to_add_entropy
= 0;
750 or_options_t
*options
= get_options();
754 /** 0. See if we've been asked to shut down and our timeout has
755 * expired; or if our bandwidth limits are exhausted and we
756 * should hibernate; or if it's time to wake up from hibernation.
758 consider_hibernation(now
);
760 /* 0b. If we've deferred a signewnym, make sure it gets handled
762 if (signewnym_is_pending
&&
763 time_of_last_signewnym
+ MAX_SIGNEWNYM_RATE
<= now
) {
764 log(LOG_INFO
, LD_CONTROL
, "Honoring delayed NEWNYM request");
765 circuit_expire_all_dirty_circs();
766 addressmap_clear_transient();
767 time_of_last_signewnym
= now
;
768 signewnym_is_pending
= 0;
771 /** 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys,
772 * shut down and restart all cpuworkers, and update the directory if
775 if (server_mode(options
) &&
776 get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME
< now
) {
777 log_info(LD_GENERAL
,"Rotating onion key.");
780 if (router_rebuild_descriptor(1)<0) {
781 log_info(LD_CONFIG
, "Couldn't rebuild router descriptor");
783 if (advertised_server_mode())
784 router_upload_dir_desc_to_dirservers(0);
787 if (time_to_try_getting_descriptors
< now
) {
788 /* XXXX Maybe we should do this every 10sec when not enough info,
789 * and every 60sec when we have enough info -NM */
790 update_router_descriptor_downloads(now
);
791 time_to_try_getting_descriptors
= now
+ DESCRIPTOR_RETRY_INTERVAL
;
794 if (time_to_reset_descriptor_failures
< now
) {
795 router_reset_descriptor_download_failures();
796 time_to_reset_descriptor_failures
=
797 now
+ DESCRIPTOR_FAILURE_RESET_INTERVAL
;
800 /** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
801 if (!last_rotated_certificate
)
802 last_rotated_certificate
= now
;
803 if (last_rotated_certificate
+MAX_SSL_KEY_LIFETIME
< now
) {
804 log_info(LD_GENERAL
,"Rotating tls context.");
805 if (tor_tls_context_new(get_identity_key(), options
->Nickname
,
806 MAX_SSL_KEY_LIFETIME
) < 0) {
807 log_warn(LD_BUG
, "Error reinitializing TLS context");
808 /* XXX is it a bug here, that we just keep going? */
810 last_rotated_certificate
= now
;
811 /* XXXX We should rotate TLS connections as well; this code doesn't change
815 if (time_to_add_entropy
== 0)
816 time_to_add_entropy
= now
+ ENTROPY_INTERVAL
;
817 if (time_to_add_entropy
< now
) {
818 /* We already seeded once, so don't die on failure. */
820 time_to_add_entropy
= now
+ ENTROPY_INTERVAL
;
823 /** 1c. If we have to change the accounting interval or record
824 * bandwidth used in this accounting interval, do so. */
825 if (accounting_is_enabled(options
))
826 accounting_run_housekeeping(now
);
828 if (now
% 10 == 0 && authdir_mode(options
) && !we_are_hibernating()) {
829 /* try to determine reachability of the other Tor servers */
830 dirserv_test_reachability(0);
833 /** 2. Periodically, we consider getting a new directory, getting a
834 * new running-routers list, and/or force-uploading our descriptor
835 * (if we've passed our internal checks). */
836 if (time_to_fetch_directory
< now
) {
837 /* Only caches actually need to fetch directories now. */
838 if (options
->DirPort
&& !options
->V1AuthoritativeDir
) {
839 /* XXX actually, we should only do this if we want to advertise
840 * our dirport. not simply if we configured one. -RD */
841 if (any_trusted_dir_is_v1_authority())
842 directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR
, NULL
, 1);
844 /** How often do we (as a cache) fetch a new V1 directory? */
845 #define V1_DIR_FETCH_PERIOD (6*60*60)
846 time_to_fetch_directory
= now
+ V1_DIR_FETCH_PERIOD
;
849 /* Caches need to fetch running_routers; directory clients don't. */
850 if (options
->DirPort
&& time_to_fetch_running_routers
< now
) {
851 if (!authdir_mode(options
) || !options
->V1AuthoritativeDir
) {
852 directory_get_from_dirserver(DIR_PURPOSE_FETCH_RUNNING_LIST
, NULL
, 1);
854 /** How often do we (as a cache) fetch a new V1 runningrouters document? */
855 #define V1_RUNNINGROUTERS_FETCH_PERIOD (30*60)
856 time_to_fetch_running_routers
= now
+ V1_RUNNINGROUTERS_FETCH_PERIOD
;
858 /* Also, take this chance to remove old information from rephist
859 * and the rend cache. */
860 rep_history_clean(now
- options
->RephistTrackTime
);
864 /* 2b. Once per minute, regenerate and upload the descriptor if the old
865 * one is inaccurate. */
866 if (time_to_check_descriptor
< now
) {
867 static int dirport_reachability_count
= 0;
868 time_to_check_descriptor
= now
+ CHECK_DESCRIPTOR_INTERVAL
;
869 check_descriptor_bandwidth_changed(now
);
870 if (time_to_check_ipaddress
< now
) {
871 time_to_check_ipaddress
= now
+ CHECK_IPADDRESS_INTERVAL
;
872 check_descriptor_ipaddress_changed(now
);
874 mark_my_descriptor_dirty_if_older_than(
875 now
- FORCE_REGENERATE_DESCRIPTOR_INTERVAL
);
876 consider_publishable_server(0);
877 /* also, check religiously for reachability, if it's within the first
878 * 20 minutes of our uptime. */
879 if (server_mode(options
) &&
880 (has_completed_circuit
|| !any_predicted_circuits(now
)) &&
881 stats_n_seconds_working
< TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
&&
882 !we_are_hibernating()) {
883 consider_testing_reachability(1, dirport_reachability_count
==0);
884 if (++dirport_reachability_count
> 5)
885 dirport_reachability_count
= 0;
888 /* If any networkstatus documents are no longer recent, we need to
889 * update all the descriptors' running status. */
890 /* purge obsolete entries */
891 routerlist_remove_old_routers();
892 networkstatus_list_clean(now
);
893 networkstatus_list_update_recent(now
);
894 routers_update_all_from_networkstatus();
896 /* Also, once per minute, check whether we want to download any
897 * networkstatus documents.
899 update_networkstatus_downloads(now
);
902 /** 3a. Every second, we examine pending circuits and prune the
903 * ones which have been pending for more than a few seconds.
904 * We do this before step 4, so it can try building more if
905 * it's not comfortable with the number of available circuits.
907 circuit_expire_building(now
);
909 /** 3b. Also look at pending streams and prune the ones that 'began'
910 * a long time ago but haven't gotten a 'connected' yet.
911 * Do this before step 4, so we can put them back into pending
912 * state to be picked up by the new circuit.
914 connection_ap_expire_beginning();
916 /** 3c. And expire connections that we've held open for too long.
918 connection_expire_held_open();
920 /** 3d. And every 60 seconds, we relaunch listeners if any died. */
921 if (!we_are_hibernating() && time_to_check_listeners
< now
) {
922 /* 0 means "only launch the ones that died." */
923 retry_all_listeners(0, NULL
, NULL
);
924 time_to_check_listeners
= now
+60;
927 /** 4. Every second, we try a new circuit if there are no valid
928 * circuits. Every NewCircuitPeriod seconds, we expire circuits
929 * that became dirty more than MaxCircuitDirtiness seconds ago,
930 * and we make a new circ if there are no clean circuits.
932 have_dir_info
= router_have_minimum_dir_info();
933 if (have_dir_info
&& !we_are_hibernating())
934 circuit_build_needed_circs(now
);
936 /** 5. We do housekeeping for each connection... */
937 for (i
=0;i
<n_conns
;i
++) {
938 run_connection_housekeeping(i
, now
);
940 if (time_to_shrink_buffers
< now
) {
941 for (i
=0;i
<n_conns
;i
++) {
942 connection_t
*conn
= connection_array
[i
];
944 buf_shrink(conn
->outbuf
);
946 buf_shrink(conn
->inbuf
);
948 time_to_shrink_buffers
= now
+ BUF_SHRINK_INTERVAL
;
951 /** 6. And remove any marked circuits... */
952 circuit_close_all_marked();
954 /** 7. And upload service descriptors if necessary. */
955 if (has_completed_circuit
&& !we_are_hibernating())
956 rend_consider_services_upload(now
);
958 /** 8. and blow away any connections that need to die. have to do this now,
959 * because if we marked a conn for close and left its socket -1, then
960 * we'll pass it to poll/select and bad things will happen.
962 close_closeable_connections();
964 /** 8b. And if anything in our state is ready to get flushed to disk, we
968 /** 9. and if we're a server, check whether our DNS is telling stories to
970 if (server_mode(options
) && time_to_check_for_correct_dns
< now
) {
971 if (!time_to_check_for_correct_dns
) {
972 time_to_check_for_correct_dns
= now
+ 60 + crypto_rand_int(120);
974 dns_launch_correctness_checks();
975 time_to_check_for_correct_dns
= now
+ 12*3600 +
976 crypto_rand_int(12*3600);
981 /** Libevent timer: used to invoke second_elapsed_callback() once per
983 static struct event
*timeout_event
= NULL
;
984 /** Number of libevent errors in the last second: we die if we get too many. */
985 static int n_libevent_errors
= 0;
987 /** Libevent callback: invoked once every second. */
989 second_elapsed_callback(int fd
, short event
, void *args
)
991 /* XXXX This could be sensibly refactored into multiple callbacks, and we
992 * could use libevent's timers for this rather than checking the current
993 * time against a bunch of timeouts every second. */
994 static struct timeval one_second
;
995 static long current_second
= 0;
997 size_t bytes_written
;
1000 or_options_t
*options
= get_options();
1004 if (!timeout_event
) {
1005 timeout_event
= tor_malloc_zero(sizeof(struct event
));
1006 evtimer_set(timeout_event
, second_elapsed_callback
, NULL
);
1007 one_second
.tv_sec
= 1;
1008 one_second
.tv_usec
= 0;
1011 n_libevent_errors
= 0;
1013 /* log_fn(LOG_NOTICE, "Tick."); */
1014 tor_gettimeofday(&now
);
1016 /* the second has rolled over. check more stuff. */
1017 bytes_written
= stats_prev_global_write_bucket
- global_write_bucket
;
1018 bytes_read
= stats_prev_global_read_bucket
- global_read_bucket
;
1019 seconds_elapsed
= current_second
? (now
.tv_sec
- current_second
) : 0;
1020 stats_n_bytes_read
+= bytes_read
;
1021 stats_n_bytes_written
+= bytes_written
;
1022 if (accounting_is_enabled(options
) && seconds_elapsed
>= 0)
1023 accounting_add_bytes(bytes_read
, bytes_written
, seconds_elapsed
);
1024 control_event_bandwidth_used((uint32_t)bytes_read
,(uint32_t)bytes_written
);
1025 control_event_stream_bandwidth_used();
1027 if (seconds_elapsed
> 0)
1028 connection_bucket_refill(seconds_elapsed
);
1029 stats_prev_global_read_bucket
= global_read_bucket
;
1030 stats_prev_global_write_bucket
= global_write_bucket
;
1032 if (server_mode(options
) &&
1033 !we_are_hibernating() &&
1034 seconds_elapsed
> 0 &&
1035 stats_n_seconds_working
/ TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
!=
1036 (stats_n_seconds_working
+seconds_elapsed
) /
1037 TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT
) {
1038 /* every 20 minutes, check and complain if necessary */
1039 routerinfo_t
*me
= router_get_my_routerinfo();
1040 if (me
&& !check_whether_orport_reachable())
1041 log_warn(LD_CONFIG
,"Your server (%s:%d) has not managed to confirm that "
1042 "its ORPort is reachable. Please check your firewalls, ports, "
1043 "address, /etc/hosts file, etc.",
1044 me
->address
, me
->or_port
);
1045 if (me
&& !check_whether_dirport_reachable())
1047 "Your server (%s:%d) has not managed to confirm that its "
1048 "DirPort is reachable. Please check your firewalls, ports, "
1049 "address, /etc/hosts file, etc.",
1050 me
->address
, me
->dir_port
);
1053 /** If more than this many seconds have elapsed, probably the clock
1054 * jumped: doesn't count. */
1055 #define NUM_JUMPED_SECONDS_BEFORE_WARN 100
1056 if (seconds_elapsed
< -NUM_JUMPED_SECONDS_BEFORE_WARN
||
1057 seconds_elapsed
>= NUM_JUMPED_SECONDS_BEFORE_WARN
) {
1058 circuit_note_clock_jumped(seconds_elapsed
);
1059 /* XXX if the time jumps *back* many months, do our events in
1060 * run_scheduled_events() recover? I don't think they do. -RD */
1061 } else if (seconds_elapsed
> 0)
1062 stats_n_seconds_working
+= seconds_elapsed
;
1064 run_scheduled_events(now
.tv_sec
);
1066 current_second
= now
.tv_sec
; /* remember which second it is, for next time */
1069 if (current_second
% 300 == 0) {
1070 rep_history_clean(current_second
- options
->RephistTrackTime
);
1071 dumpmemusage(get_min_log_level()<LOG_INFO
?
1072 get_min_log_level() : LOG_INFO
);
1076 if (evtimer_add(timeout_event
, &one_second
))
1078 "Error from libevent when setting one-second timeout event");
1082 /** Called when a possibly ignorable libevent error occurs; ensures that we
1083 * don't get into an infinite loop by ignoring too many errors from
1086 got_libevent_error(void)
1088 if (++n_libevent_errors
> 8) {
1089 log_err(LD_NET
, "Too many libevent errors in one second; dying");
1096 #define UPTIME_CUTOFF_FOR_NEW_BANDWIDTH_TEST (6*60*60)
1098 /** Called when our IP address seems to have changed. <b>at_interface</b>
1099 * should be true if we detected a change in our interface, and false if we
1100 * detected a change in our published address. */
1102 ip_address_changed(int at_interface
)
1104 int server
= server_mode(get_options());
1108 /* Okay, change our keys. */
1113 if (stats_n_seconds_working
> UPTIME_CUTOFF_FOR_NEW_BANDWIDTH_TEST
)
1114 reset_bandwidth_test();
1115 stats_n_seconds_working
= 0;
1116 router_reset_reachability();
1117 mark_my_descriptor_dirty();
1121 dns_servers_relaunch_checks();
1124 /** Forget what we've learned about the correctness of our DNS servers, and
1125 * start learning again. */
1127 dns_servers_relaunch_checks(void)
1129 if (server_mode(get_options())) {
1130 dns_reset_correctness_checks();
1131 time_to_check_for_correct_dns
= 0;
1135 /** Called when we get a SIGHUP: reload configuration files and keys,
1136 * retry all connections, re-upload all descriptors, and so on. */
1140 or_options_t
*options
= get_options();
1142 log_notice(LD_GENERAL
,"Received reload signal (hup). Reloading config.");
1143 if (accounting_is_enabled(options
))
1144 accounting_record_bandwidth_usage(time(NULL
), get_or_state());
1146 router_reset_warnings();
1147 routerlist_reset_warnings();
1148 addressmap_clear_transient();
1149 /* first, reload config variables, in case they've changed */
1150 /* no need to provide argc/v, they've been cached inside init_from_config */
1151 if (options_init_from_torrc(0, NULL
) < 0) {
1152 log_err(LD_CONFIG
,"Reading config failed--see warnings above. "
1153 "For usage, try -h.");
1156 options
= get_options(); /* they have changed now */
1157 if (authdir_mode(options
)) {
1158 /* reload the approved-routers file */
1159 if (dirserv_load_fingerprint_file() < 0) {
1160 /* warnings are logged from dirserv_load_fingerprint_file() directly */
1161 log_info(LD_GENERAL
, "Error reloading fingerprints. "
1162 "Continuing with old list.");
1166 /* Rotate away from the old dirty circuits. This has to be done
1167 * after we've read the new options, but before we start using
1168 * circuits for directory fetches. */
1169 circuit_expire_all_dirty_circs();
1171 /* retry appropriate downloads */
1172 router_reset_status_download_failures();
1173 router_reset_descriptor_download_failures();
1174 update_networkstatus_downloads(time(NULL
));
1176 /* We'll retry routerstatus downloads in about 10 seconds; no need to
1177 * force a retry there. */
1179 if (server_mode(options
)) {
1180 // const char *descriptor;
1181 mark_my_descriptor_dirty();
1182 /* Restart cpuworker and dnsworker processes, so they get up-to-date
1183 * configuration options. */
1184 cpuworkers_rotate();
1187 const char *descriptor
;
1189 /* Write out a fresh descriptor, but leave old one on failure. */
1190 router_rebuild_descriptor(1);
1191 descriptor
= router_get_my_descriptor();
1193 tor_snprintf(keydir
,sizeof(keydir
),"%s/router.desc",
1194 options
->DataDirectory
);
1195 log_info(LD_OR
,"Saving descriptor to \"%s\"...",keydir
);
1196 if (write_str_to_file(keydir
, descriptor
, 0)) {
1205 /** Tor main loop. */
1211 /* initialize dns resolve map, spawn workers if needed */
1212 if (dns_init() < 0) {
1213 log_err(LD_GENERAL
,"Error initializing dns subsystem; exiting");
1219 /* load the private keys, if we're supposed to have them, and set up the
1221 if (! identity_key_is_set()) {
1222 if (init_keys() < 0) {
1223 log_err(LD_BUG
,"Error initializing keys; exiting");
1228 /* Set up our buckets */
1229 connection_bucket_init();
1230 stats_prev_global_read_bucket
= global_read_bucket
;
1231 stats_prev_global_write_bucket
= global_write_bucket
;
1233 /* load the routers file, or assign the defaults. */
1234 if (router_reload_router_list()) {
1237 /* load the networkstatuses. (This launches a download for new routers as
1240 if (router_reload_networkstatus()) {
1243 directory_info_has_arrived(time(NULL
),1);
1245 if (authdir_mode(get_options())) {
1246 /* the directory is already here, run startup things */
1247 dirserv_test_reachability(1);
1250 if (server_mode(get_options())) {
1251 /* launch cpuworkers. Need to do this *after* we've read the onion key. */
1255 /* set up once-a-second callback. */
1256 second_elapsed_callback(0,0,NULL
);
1259 if (nt_service_is_stopping())
1263 /* Make it easier to tell whether libevent failure is our fault or not. */
1266 /* poll until we have an event, or the second ends */
1267 loop_result
= event_dispatch();
1269 /* let catch() handle things like ^c, and otherwise don't worry about it */
1270 if (loop_result
< 0) {
1271 int e
= tor_socket_errno(-1);
1272 /* let the program survive things like ^z */
1273 if (e
!= EINTR
&& !ERRNO_IS_EINPROGRESS(e
)) {
1274 #ifdef HAVE_EVENT_GET_METHOD
1275 log_err(LD_NET
,"libevent call with %s failed: %s [%d]",
1276 event_get_method(), tor_socket_strerror(e
), e
);
1278 log_err(LD_NET
,"libevent call failed: %s [%d]",
1279 tor_socket_strerror(e
), e
);
1283 } else if (e
== EINVAL
) {
1284 log_warn(LD_NET
, "EINVAL from libevent: should you upgrade libevent?");
1285 if (got_libevent_error())
1289 if (ERRNO_IS_EINPROGRESS(e
))
1291 "libevent call returned EINPROGRESS? Please report.");
1292 log_debug(LD_NET
,"libevent call interrupted.");
1293 /* You can't trust the results of this poll(). Go back to the
1294 * top of the big for loop. */
1299 /* refilling buckets and sending cells happens at the beginning of the
1300 * next iteration of the loop, inside prepare_for_poll()
1301 * XXXX No longer so.
1306 /** Used to implement the SIGNAL control command: if we accept
1307 * <b>the_signal</b> as a remote pseudo-signal, act on it. */
1308 /* We don't re-use catch() here because:
1309 * 1. We handle a different set of signals than those allowed in catch.
1310 * 2. Platforms without signal() are unlikely to define SIGfoo.
1311 * 3. The control spec is defined to use fixed numeric signal values
1312 * which just happen to match the unix values.
1315 control_signal_act(int the_signal
)
1320 signal_callback(0,0,(void*)(uintptr_t)SIGHUP
);
1323 signal_callback(0,0,(void*)(uintptr_t)SIGINT
);
1326 signal_callback(0,0,(void*)(uintptr_t)SIGUSR1
);
1329 signal_callback(0,0,(void*)(uintptr_t)SIGUSR2
);
1332 signal_callback(0,0,(void*)(uintptr_t)SIGTERM
);
1335 signal_callback(0,0,(void*)(uintptr_t)SIGNEWNYM
);
1337 case SIGCLEARDNSCACHE
:
1338 signal_callback(0,0,(void*)(uintptr_t)SIGCLEARDNSCACHE
);
1341 log_warn(LD_BUG
, "Unrecognized signal number %d.", the_signal
);
1346 /** Libevent callback: invoked when we get a signal.
1349 signal_callback(int fd
, short events
, void *arg
)
1351 uintptr_t sig
= (uintptr_t)arg
;
1357 log_notice(LD_GENERAL
,"Catching signal TERM, exiting cleanly.");
1362 if (!server_mode(get_options())) { /* do it now */
1363 log_notice(LD_GENERAL
,"Interrupt: exiting cleanly.");
1367 hibernate_begin_shutdown();
1371 log_debug(LD_GENERAL
,"Caught sigpipe. Ignoring.");
1375 /* prefer to log it at INFO, but make sure we always see it */
1376 dumpstats(get_min_log_level()<LOG_INFO
? get_min_log_level() : LOG_INFO
);
1379 switch_logs_debug();
1380 log_debug(LD_GENERAL
,"Caught USR2, going to loglevel debug. "
1381 "Send HUP to change back.");
1385 log_warn(LD_CONFIG
,"Restart failed (config error?). Exiting.");
1392 while (waitpid(-1,NULL
,WNOHANG
) > 0) ; /* keep reaping until no more
1397 time_t now
= time(NULL
);
1398 if (time_of_last_signewnym
+ MAX_SIGNEWNYM_RATE
> now
) {
1399 signewnym_is_pending
= 1;
1400 log(LOG_NOTICE
, LD_CONTROL
,
1401 "Rate limiting NEWNYM request: delaying by %d second(s)",
1402 (int)(MAX_SIGNEWNYM_RATE
+time_of_last_signewnym
-now
));
1404 /* XXX refactor someday: these two calls are in
1405 * run_scheduled_events() above too, and they should be in just
1407 circuit_expire_all_dirty_circs();
1408 addressmap_clear_transient();
1409 time_of_last_signewnym
= now
;
1413 case SIGCLEARDNSCACHE
:
1414 addressmap_clear_transient();
1419 extern uint64_t buf_total_used
;
1420 extern uint64_t buf_total_alloc
;
1421 extern uint64_t rephist_total_alloc
;
1422 extern uint32_t rephist_total_num
;
1425 * Write current memory usage information to the log.
1428 dumpmemusage(int severity
)
1430 log(severity
, LD_GENERAL
,
1431 "In buffers: "U64_FORMAT
" used/"U64_FORMAT
" allocated (%d conns).",
1432 U64_PRINTF_ARG(buf_total_used
), U64_PRINTF_ARG(buf_total_alloc
),
1434 log(severity
, LD_GENERAL
, "In rephist: "U64_FORMAT
" used by %d Tors.",
1435 U64_PRINTF_ARG(rephist_total_alloc
), rephist_total_num
);
1436 dump_routerlist_mem_usage(severity
);
1439 /** Write all statistics to the log, with log level 'severity'. Called
1440 * in response to a SIGUSR1. */
1442 dumpstats(int severity
)
1446 time_t now
= time(NULL
);
1449 log(severity
, LD_GENERAL
, "Dumping stats:");
1451 for (i
=0;i
<n_conns
;i
++) {
1452 conn
= connection_array
[i
];
1453 log(severity
, LD_GENERAL
,
1454 "Conn %d (socket %d) type %d (%s), state %d (%s), created %d secs ago",
1455 i
, conn
->s
, conn
->type
, conn_type_to_string(conn
->type
),
1456 conn
->state
, conn_state_to_string(conn
->type
, conn
->state
),
1457 (int)(now
- conn
->timestamp_created
));
1458 if (!connection_is_listener(conn
)) {
1459 log(severity
,LD_GENERAL
,
1460 "Conn %d is to %s:%d.", i
,
1461 safe_str(conn
->address
), conn
->port
);
1462 log(severity
,LD_GENERAL
,
1463 "Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",
1465 (int)buf_datalen(conn
->inbuf
),
1466 (int)buf_capacity(conn
->inbuf
),
1467 (int)(now
- conn
->timestamp_lastread
));
1468 log(severity
,LD_GENERAL
,
1469 "Conn %d: %d bytes waiting on outbuf "
1470 "(len %d, last written %d secs ago)",i
,
1471 (int)buf_datalen(conn
->outbuf
),
1472 (int)buf_capacity(conn
->outbuf
),
1473 (int)(now
- conn
->timestamp_lastwritten
));
1475 circuit_dump_by_conn(conn
, severity
); /* dump info about all the circuits
1476 * using this conn */
1478 log(severity
, LD_NET
,
1479 "Cells processed: "U64_FORMAT
" padding\n"
1480 " "U64_FORMAT
" create\n"
1481 " "U64_FORMAT
" created\n"
1482 " "U64_FORMAT
" relay\n"
1483 " ("U64_FORMAT
" relayed)\n"
1484 " ("U64_FORMAT
" delivered)\n"
1485 " "U64_FORMAT
" destroy",
1486 U64_PRINTF_ARG(stats_n_padding_cells_processed
),
1487 U64_PRINTF_ARG(stats_n_create_cells_processed
),
1488 U64_PRINTF_ARG(stats_n_created_cells_processed
),
1489 U64_PRINTF_ARG(stats_n_relay_cells_processed
),
1490 U64_PRINTF_ARG(stats_n_relay_cells_relayed
),
1491 U64_PRINTF_ARG(stats_n_relay_cells_delivered
),
1492 U64_PRINTF_ARG(stats_n_destroy_cells_processed
));
1493 if (stats_n_data_cells_packaged
)
1494 log(severity
,LD_NET
,"Average packaged cell fullness: %2.3f%%",
1495 100*(U64_TO_DBL(stats_n_data_bytes_packaged
) /
1496 U64_TO_DBL(stats_n_data_cells_packaged
*RELAY_PAYLOAD_SIZE
)) );
1497 if (stats_n_data_cells_received
)
1498 log(severity
,LD_NET
,"Average delivered cell fullness: %2.3f%%",
1499 100*(U64_TO_DBL(stats_n_data_bytes_received
) /
1500 U64_TO_DBL(stats_n_data_cells_received
*RELAY_PAYLOAD_SIZE
)) );
1502 if (now
- time_of_process_start
>= 0)
1503 elapsed
= now
- time_of_process_start
;
1508 log(severity
, LD_NET
,
1509 "Average bandwidth: "U64_FORMAT
"/%d = %d bytes/sec reading",
1510 U64_PRINTF_ARG(stats_n_bytes_read
),
1512 (int) (stats_n_bytes_read
/elapsed
));
1513 log(severity
, LD_NET
,
1514 "Average bandwidth: "U64_FORMAT
"/%d = %d bytes/sec writing",
1515 U64_PRINTF_ARG(stats_n_bytes_written
),
1517 (int) (stats_n_bytes_written
/elapsed
));
1520 log(severity
, LD_NET
, "--------------- Dumping memory information:");
1521 dumpmemusage(severity
);
1523 rep_hist_dump_stats(now
,severity
);
1524 rend_service_dump_stats(severity
);
1525 dump_pk_ops(severity
);
1526 dump_distinct_digest_count(severity
);
1529 /** Called by exit() as we shut down the process.
1534 /* NOTE: If we ever daemonize, this gets called immediately. That's
1535 * okay for now, because we only use this on Windows. */
1541 /** Set up the signal handlers for either parent or child. */
1543 handle_signals(int is_parent
)
1545 #ifndef MS_WINDOWS /* do signal stuff only on unix */
1547 static int signals
[] = {
1548 SIGINT
, /* do a controlled slow shutdown */
1549 SIGTERM
, /* to terminate now */
1550 SIGPIPE
, /* otherwise sigpipe kills us */
1551 SIGUSR1
, /* dump stats */
1552 SIGUSR2
, /* go to loglevel debug */
1553 SIGHUP
, /* to reload config, retry conns, etc */
1555 SIGXFSZ
, /* handle file-too-big resource exhaustion */
1557 SIGCHLD
, /* handle dns/cpu workers that exit */
1559 static struct event signal_events
[16]; /* bigger than it has to be. */
1561 for (i
= 0; signals
[i
] >= 0; ++i
) {
1562 signal_set(&signal_events
[i
], signals
[i
], signal_callback
,
1563 (void*)(uintptr_t)signals
[i
]);
1564 if (signal_add(&signal_events
[i
], NULL
))
1565 log_warn(LD_BUG
, "Error from libevent when adding event for signal %d",
1569 struct sigaction action
;
1570 action
.sa_flags
= 0;
1571 sigemptyset(&action
.sa_mask
);
1572 action
.sa_handler
= SIG_IGN
;
1573 sigaction(SIGINT
, &action
, NULL
);
1574 sigaction(SIGTERM
, &action
, NULL
);
1575 sigaction(SIGPIPE
, &action
, NULL
);
1576 sigaction(SIGUSR1
, &action
, NULL
);
1577 sigaction(SIGUSR2
, &action
, NULL
);
1578 sigaction(SIGHUP
, &action
, NULL
);
1580 sigaction(SIGXFSZ
, &action
, NULL
);
1583 #else /* MS windows */
1585 #endif /* signal stuff */
1588 /** Main entry point for the Tor command-line client.
1591 tor_init(int argc
, char *argv
[])
1593 time_of_process_start
= time(NULL
);
1594 if (!closeable_connection_lst
)
1595 closeable_connection_lst
= smartlist_create();
1596 /* Initialize the history structures. */
1598 /* Initialize the service cache. */
1600 addressmap_init(); /* Init the client dns cache. Do it always, since it's
1603 /* give it somewhere to log to initially */
1606 log(LOG_NOTICE
, LD_GENERAL
, "Tor v%s. This is experimental software. "
1607 "Do not rely on it for strong anonymity.",VERSION
);
1609 if (network_init()<0) {
1610 log_err(LD_BUG
,"Error initializing network; exiting.");
1613 atexit(exit_function
);
1615 if (options_init_from_torrc(argc
,argv
) < 0) {
1616 log_err(LD_CONFIG
,"Reading config failed--see warnings above.");
1622 log_warn(LD_GENERAL
,"You are running Tor as root. You don't need to, "
1623 "and you probably shouldn't.");
1626 crypto_global_init(get_options()->HardwareAccel
);
1627 if (crypto_seed_rng()) {
1628 log_err(LD_BUG
, "Unable to seed random number generator. Exiting.");
1635 /** Free all memory that we might have allocated somewhere.
1636 * Helps us find the real leaks with dmalloc and the like.
1638 * Also valgrind should then report 0 reachable in its
1641 tor_free_all(int postfork
)
1648 routerlist_free_all();
1649 addressmap_free_all();
1650 set_exit_redirects(NULL
); /* free the registered exit redirects */
1652 rend_service_free_all();
1653 rend_cache_free_all();
1654 rep_hist_free_all();
1656 clear_pending_onions();
1658 entry_guards_free_all();
1659 connection_free_all();
1660 policies_free_all();
1666 /* stuff in main.c */
1667 smartlist_free(closeable_connection_lst
);
1668 tor_free(timeout_event
);
1669 /* Stuff in util.c */
1672 close_logs(); /* free log strings. do this last so logs keep working. */
1676 /** Do whatever cleanup is necessary before shutting Tor down. */
1680 or_options_t
*options
= get_options();
1681 /* Remove our pid file. We don't care if there was an error when we
1682 * unlink, nothing we could do about it anyways. */
1683 if (options
->command
== CMD_RUN_TOR
) {
1684 if (options
->PidFile
)
1685 unlink(options
->PidFile
);
1686 if (accounting_is_enabled(options
))
1687 accounting_record_bandwidth_usage(time(NULL
), get_or_state());
1688 or_state_mark_dirty(get_or_state(), 0); /* force an immediate save. */
1689 or_state_save(time(NULL
));
1691 tor_free_all(0); /* move tor_free_all back into the ifdef below later. XXX*/
1692 crypto_global_cleanup();
1694 dmalloc_log_unfreed();
1699 /** Read/create keys as needed, and echo our fingerprint to stdout. */
1701 do_list_fingerprint(void)
1703 char buf
[FINGERPRINT_LEN
+1];
1705 const char *nickname
= get_options()->Nickname
;
1706 if (!server_mode(get_options())) {
1708 "Clients don't have long-term identity keys. Exiting.\n");
1711 tor_assert(nickname
);
1712 if (init_keys() < 0) {
1713 log_err(LD_BUG
,"Error initializing keys; can't display fingerprint");
1716 if (!(k
= get_identity_key())) {
1717 log_err(LD_GENERAL
,"Error: missing identity key.");
1720 if (crypto_pk_get_fingerprint(k
, buf
, 1)<0) {
1721 log_err(LD_BUG
, "Error computing fingerprint");
1724 printf("%s %s\n", nickname
, buf
);
1728 /** Entry point for password hashing: take the desired password from
1729 * the command line, and print its salted hash to stdout. **/
1731 do_hash_password(void)
1735 char key
[S2K_SPECIFIER_LEN
+DIGEST_LEN
];
1737 crypto_rand(key
, S2K_SPECIFIER_LEN
-1);
1738 key
[S2K_SPECIFIER_LEN
-1] = (uint8_t)96; /* Hash 64 K of data. */
1739 secret_to_key(key
+S2K_SPECIFIER_LEN
, DIGEST_LEN
,
1740 get_options()->command_arg
, strlen(get_options()->command_arg
),
1742 base16_encode(output
, sizeof(output
), key
, sizeof(key
));
1743 printf("16:%s\n",output
);
1746 #ifdef MS_WINDOWS_SERVICE
1748 /* XXXX can some/all these functions become static? without breaking NT
1750 /* XXXX I'd also like to move much of the NT service stuff into its own
1752 void nt_service_control(DWORD request
);
1753 void nt_service_body(int argc
, char **argv
);
1754 void nt_service_main(void);
1755 SC_HANDLE
nt_service_open_scm(void);
1756 SC_HANDLE
nt_service_open(SC_HANDLE hSCManager
);
1757 int nt_service_start(SC_HANDLE hService
);
1758 int nt_service_stop(SC_HANDLE hService
);
1759 int nt_service_install(int argc
, char **argv
);
1760 int nt_service_remove(void);
1761 int nt_service_cmd_start(void);
1762 int nt_service_cmd_stop(void);
1764 struct service_fns
{
1767 BOOL (WINAPI
*ChangeServiceConfig2A_fn
)(
1772 BOOL (WINAPI
*CloseServiceHandle_fn
)(
1773 SC_HANDLE hSCObject
);
1775 BOOL (WINAPI
*ControlService_fn
)(
1778 LPSERVICE_STATUS lpServiceStatus
);
1780 SC_HANDLE (WINAPI
*CreateServiceA_fn
)(
1781 SC_HANDLE hSCManager
,
1782 LPCTSTR lpServiceName
,
1783 LPCTSTR lpDisplayName
,
1784 DWORD dwDesiredAccess
,
1785 DWORD dwServiceType
,
1787 DWORD dwErrorControl
,
1788 LPCTSTR lpBinaryPathName
,
1789 LPCTSTR lpLoadOrderGroup
,
1791 LPCTSTR lpDependencies
,
1792 LPCTSTR lpServiceStartName
,
1793 LPCTSTR lpPassword
);
1795 BOOL (WINAPI
*DeleteService_fn
)(
1796 SC_HANDLE hService
);
1798 SC_HANDLE (WINAPI
*OpenSCManagerA_fn
)(
1799 LPCTSTR lpMachineName
,
1800 LPCTSTR lpDatabaseName
,
1801 DWORD dwDesiredAccess
);
1803 SC_HANDLE (WINAPI
*OpenServiceA_fn
)(
1804 SC_HANDLE hSCManager
,
1805 LPCTSTR lpServiceName
,
1806 DWORD dwDesiredAccess
);
1808 BOOL (WINAPI
*QueryServiceStatus_fn
)(
1810 LPSERVICE_STATUS lpServiceStatus
);
1812 SERVICE_STATUS_HANDLE (WINAPI
*RegisterServiceCtrlHandlerA_fn
)(
1813 LPCTSTR lpServiceName
,
1814 LPHANDLER_FUNCTION lpHandlerProc
);
1816 BOOL (WINAPI
*SetServiceStatus_fn
)(SERVICE_STATUS_HANDLE
,
1819 BOOL (WINAPI
*StartServiceCtrlDispatcherA_fn
)(
1820 const SERVICE_TABLE_ENTRY
* lpServiceTable
);
1822 BOOL (WINAPI
*StartServiceA_fn
)(
1824 DWORD dwNumServiceArgs
,
1825 LPCTSTR
* lpServiceArgVectors
);
1827 BOOL (WINAPI
*LookupAccountNameA_fn
)(
1828 LPCTSTR lpSystemName
,
1829 LPCTSTR lpAccountName
,
1832 LPTSTR ReferencedDomainName
,
1833 LPDWORD cchReferencedDomainName
,
1834 PSID_NAME_USE peUse
);
1835 } service_fns
= { 0,
1836 NULL
, NULL
, NULL
, NULL
, NULL
, NULL
,
1837 NULL
, NULL
, NULL
, NULL
, NULL
, NULL
,
1840 /** Loads functions used by NT services. Returns on success, or prints a
1841 * complaint to stdout and exits on error. */
1843 nt_service_loadlibrary(void)
1845 HMODULE library
= 0;
1848 if (service_fns
.loaded
)
1851 /* XXXX Possibly, we should hardcode the location of this DLL. */
1852 if (!(library
= LoadLibrary("advapi32.dll"))) {
1853 log_err(LD_GENERAL
, "Couldn't open advapi32.dll. Are you trying to use "
1854 "NT services on Windows 98? That doesn't work.");
1858 #define LOAD(f) do { \
1859 if (!(fn = GetProcAddress(library, #f))) { \
1861 "Couldn't find %s in advapi32.dll! We probably got the " \
1862 "name wrong.", #f); \
1865 service_fns.f ## _fn = fn; \
1869 LOAD(ChangeServiceConfig2A
);
1870 LOAD(CloseServiceHandle
);
1871 LOAD(ControlService
);
1872 LOAD(CreateServiceA
);
1873 LOAD(DeleteService
);
1874 LOAD(OpenSCManagerA
);
1876 LOAD(QueryServiceStatus
);
1877 LOAD(RegisterServiceCtrlHandlerA
);
1878 LOAD(SetServiceStatus
);
1879 LOAD(StartServiceCtrlDispatcherA
);
1880 LOAD(StartServiceA
);
1881 LOAD(LookupAccountNameA
);
1883 service_fns
.loaded
= 1;
1887 printf("Unable to load library support for NT services: exiting.\n");
1891 /** If we're compiled to run as an NT service, and the service wants to
1892 * shut down, then change our current status and return 1. Else
1896 nt_service_is_stopping(void)
1897 /* XXXX this function would probably _love_ to be inline, in 0.2.0. */
1899 /* If we haven't loaded the function pointers, we can't possibly be an NT
1900 * service trying to shut down. */
1901 if (!service_fns
.loaded
)
1904 if (service_status
.dwCurrentState
== SERVICE_STOP_PENDING
) {
1905 service_status
.dwWin32ExitCode
= 0;
1906 service_status
.dwCurrentState
= SERVICE_STOPPED
;
1907 service_fns
.SetServiceStatus_fn(hStatus
, &service_status
);
1909 } else if (service_status
.dwCurrentState
== SERVICE_STOPPED
) {
1915 /** Handles service control requests, such as stopping or starting the
1918 nt_service_control(DWORD request
)
1920 static struct timeval exit_now
;
1921 exit_now
.tv_sec
= 0;
1922 exit_now
.tv_usec
= 0;
1924 nt_service_loadlibrary();
1927 case SERVICE_CONTROL_STOP
:
1928 case SERVICE_CONTROL_SHUTDOWN
:
1929 log_notice(LD_GENERAL
,
1930 "Got stop/shutdown request; shutting down cleanly.");
1931 service_status
.dwCurrentState
= SERVICE_STOP_PENDING
;
1932 event_loopexit(&exit_now
);
1935 service_fns
.SetServiceStatus_fn(hStatus
, &service_status
);
1938 /** Called when the service is started via the system's service control
1939 * manager. This calls tor_init() and starts the main event loop. If
1940 * tor_init() fails, the service will be stopped and exit code set to
1941 * NT_SERVICE_ERROR_TORINIT_FAILED. */
1943 nt_service_body(int argc
, char **argv
)
1946 (void) argc
; /* unused */
1947 (void) argv
; /* unused */
1948 nt_service_loadlibrary();
1949 service_status
.dwServiceType
= SERVICE_WIN32_OWN_PROCESS
;
1950 service_status
.dwCurrentState
= SERVICE_START_PENDING
;
1951 service_status
.dwControlsAccepted
=
1952 SERVICE_ACCEPT_STOP
| SERVICE_ACCEPT_SHUTDOWN
;
1953 service_status
.dwWin32ExitCode
= 0;
1954 service_status
.dwServiceSpecificExitCode
= 0;
1955 service_status
.dwCheckPoint
= 0;
1956 service_status
.dwWaitHint
= 1000;
1957 hStatus
= service_fns
.RegisterServiceCtrlHandlerA_fn(GENSRV_SERVICENAME
,
1958 (LPHANDLER_FUNCTION
) nt_service_control
);
1961 /* Failed to register the service control handler function */
1965 r
= tor_init(backup_argc
, backup_argv
);
1967 /* Failed to start the Tor service */
1968 r
= NT_SERVICE_ERROR_TORINIT_FAILED
;
1969 service_status
.dwCurrentState
= SERVICE_STOPPED
;
1970 service_status
.dwWin32ExitCode
= r
;
1971 service_status
.dwServiceSpecificExitCode
= r
;
1972 service_fns
.SetServiceStatus_fn(hStatus
, &service_status
);
1976 /* Set the service's status to SERVICE_RUNNING and start the main
1978 service_status
.dwCurrentState
= SERVICE_RUNNING
;
1979 service_fns
.SetServiceStatus_fn(hStatus
, &service_status
);
1984 /** Main service entry point. Starts the service control dispatcher and waits
1985 * until the service status is set to SERVICE_STOPPED. */
1987 nt_service_main(void)
1989 SERVICE_TABLE_ENTRY table
[2];
1992 nt_service_loadlibrary();
1993 table
[0].lpServiceName
= (char*)GENSRV_SERVICENAME
;
1994 table
[0].lpServiceProc
= (LPSERVICE_MAIN_FUNCTION
)nt_service_body
;
1995 table
[1].lpServiceName
= NULL
;
1996 table
[1].lpServiceProc
= NULL
;
1998 if (!service_fns
.StartServiceCtrlDispatcherA_fn(table
)) {
1999 result
= GetLastError();
2000 errmsg
= nt_strerror(result
);
2001 printf("Service error %d : %s\n", (int) result
, errmsg
);
2003 if (result
== ERROR_FAILED_SERVICE_CONTROLLER_CONNECT
) {
2004 if (tor_init(backup_argc
, backup_argv
) < 0)
2006 switch (get_options()->command
) {
2010 case CMD_LIST_FINGERPRINT
:
2011 do_list_fingerprint();
2013 case CMD_HASH_PASSWORD
:
2016 case CMD_VERIFY_CONFIG
:
2017 printf("Configuration was valid\n");
2019 case CMD_RUN_UNITTESTS
:
2021 log_err(LD_CONFIG
, "Illegal command number %d: internal error.",
2022 get_options()->command
);
2029 /** Return a handle to the service control manager on success, or NULL on
2032 nt_service_open_scm(void)
2034 SC_HANDLE hSCManager
;
2035 char *errmsg
= NULL
;
2037 nt_service_loadlibrary();
2038 if ((hSCManager
= service_fns
.OpenSCManagerA_fn(
2039 NULL
, NULL
, SC_MANAGER_CREATE_SERVICE
)) == NULL
) {
2040 errmsg
= nt_strerror(GetLastError());
2041 printf("OpenSCManager() failed : %s\n", errmsg
);
2047 /** Open a handle to the Tor service using <b>hSCManager</b>. Return NULL
2050 nt_service_open(SC_HANDLE hSCManager
)
2053 char *errmsg
= NULL
;
2054 nt_service_loadlibrary();
2055 if ((hService
= service_fns
.OpenServiceA_fn(hSCManager
, GENSRV_SERVICENAME
,
2056 SERVICE_ALL_ACCESS
)) == NULL
) {
2057 errmsg
= nt_strerror(GetLastError());
2058 printf("OpenService() failed : %s\n", errmsg
);
2064 /** Start the Tor service. Return 0 if the service is started or was
2065 * previously running. Return -1 on error. */
2067 nt_service_start(SC_HANDLE hService
)
2069 char *errmsg
= NULL
;
2071 nt_service_loadlibrary();
2073 service_fns
.QueryServiceStatus_fn(hService
, &service_status
);
2074 if (service_status
.dwCurrentState
== SERVICE_RUNNING
) {
2075 printf("Service is already running\n");
2079 if (service_fns
.StartServiceA_fn(hService
, 0, NULL
)) {
2080 /* Loop until the service has finished attempting to start */
2081 while (service_fns
.QueryServiceStatus_fn(hService
, &service_status
) &&
2082 (service_status
.dwCurrentState
== SERVICE_START_PENDING
)) {
2086 /* Check if it started successfully or not */
2087 if (service_status
.dwCurrentState
== SERVICE_RUNNING
) {
2088 printf("Service started successfully\n");
2091 errmsg
= nt_strerror(service_status
.dwWin32ExitCode
);
2092 printf("Service failed to start : %s\n", errmsg
);
2096 errmsg
= nt_strerror(GetLastError());
2097 printf("StartService() failed : %s\n", errmsg
);
2103 /** Stop the Tor service. Return 0 if the service is stopped or was not
2104 * previously running. Return -1 on error. */
2106 nt_service_stop(SC_HANDLE hService
)
2108 /** Wait at most 10 seconds for the service to stop. */
2109 #define MAX_SERVICE_WAIT_TIME 10
2111 char *errmsg
= NULL
;
2112 nt_service_loadlibrary();
2114 service_fns
.QueryServiceStatus_fn(hService
, &service_status
);
2115 if (service_status
.dwCurrentState
== SERVICE_STOPPED
) {
2116 printf("Service is already stopped\n");
2120 if (service_fns
.ControlService_fn(hService
, SERVICE_CONTROL_STOP
,
2123 while (service_fns
.QueryServiceStatus_fn(hService
, &service_status
) &&
2124 (service_status
.dwCurrentState
!= SERVICE_STOPPED
) &&
2125 (wait_time
< MAX_SERVICE_WAIT_TIME
)) {
2129 if (service_status
.dwCurrentState
== SERVICE_STOPPED
) {
2130 printf("Service stopped successfully\n");
2132 } else if (wait_time
== MAX_SERVICE_WAIT_TIME
) {
2133 printf("Service did not stop within %d seconds.\n", wait_time
);
2135 errmsg
= nt_strerror(GetLastError());
2136 printf("QueryServiceStatus() failed : %s\n",errmsg
);
2140 errmsg
= nt_strerror(GetLastError());
2141 printf("ControlService() failed : %s\n", errmsg
);
2147 /** Build a formatted command line used for the NT service. Return a
2148 * pointer to the formatted string on success, or NULL on failure. Set
2149 * *<b>using_default_torrc</b> to true if we're going to use the default
2150 * location to torrc, or 1 if an option was specified on the command line.
2153 nt_service_command_line(int *using_default_torrc
)
2155 TCHAR tor_exe
[MAX_PATH
+1];
2156 char *command
, *options
=NULL
;
2159 *using_default_torrc
= 1;
2161 /* Get the location of tor.exe */
2162 if (0 == GetModuleFileName(NULL
, tor_exe
, MAX_PATH
))
2165 /* Get the service arguments */
2166 sl
= smartlist_create();
2167 for (i
= 1; i
< backup_argc
; ++i
) {
2168 if (!strcmp(backup_argv
[i
], "--options") ||
2169 !strcmp(backup_argv
[i
], "-options")) {
2170 while (++i
< backup_argc
) {
2171 if (!strcmp(backup_argv
[i
], "-f"))
2172 *using_default_torrc
= 0;
2173 smartlist_add(sl
, backup_argv
[i
]);
2177 if (smartlist_len(sl
))
2178 options
= smartlist_join_strings(sl
,"\" \"",0,NULL
);
2181 /* Allocate a string for the NT service command line */
2182 cmdlen
= strlen(tor_exe
) + (options
?strlen(options
):0) + 32;
2183 command
= tor_malloc(cmdlen
);
2185 /* Format the service command */
2187 if (tor_snprintf(command
, cmdlen
, "\"%s\" --nt-service \"%s\"",
2188 tor_exe
, options
)<0) {
2189 tor_free(command
); /* sets command to NULL. */
2191 } else { /* ! options */
2192 if (tor_snprintf(command
, cmdlen
, "\"%s\" --nt-service", tor_exe
)<0) {
2193 tor_free(command
); /* sets command to NULL. */
2201 /** Creates a Tor NT service, set to start on boot. The service will be
2202 * started if installation succeeds. Returns 0 on success, or -1 on
2205 nt_service_install(int argc
, char **argv
)
2207 /* Notes about developing NT services:
2209 * 1. Don't count on your CWD. If an absolute path is not given, the
2210 * fopen() function goes wrong.
2211 * 2. The parameters given to the nt_service_body() function differ
2212 * from those given to main() function.
2215 SC_HANDLE hSCManager
= NULL
;
2216 SC_HANDLE hService
= NULL
;
2217 SERVICE_DESCRIPTION sdBuff
;
2220 const char *user_acct
= GENSRV_USERACCT
;
2221 const char *password
= "";
2223 OSVERSIONINFOEX info
;
2224 SID_NAME_USE sidUse
;
2225 DWORD sidLen
= 0, domainLen
= 0;
2226 int is_win2k_or_worse
= 0;
2227 int using_default_torrc
= 0;
2229 nt_service_loadlibrary();
2231 /* Open the service control manager so we can create a new service */
2232 if ((hSCManager
= nt_service_open_scm()) == NULL
)
2234 /* Build the command line used for the service */
2235 if ((command
= nt_service_command_line(&using_default_torrc
)) == NULL
) {
2236 printf("Unable to build service command line.\n");
2237 service_fns
.CloseServiceHandle_fn(hSCManager
);
2241 for (i
=1; i
< argc
; ++i
) {
2242 if (!strcmp(argv
[i
], "--user") && i
+1<argc
) {
2243 user_acct
= argv
[i
+1];
2246 if (!strcmp(argv
[i
], "--password") && i
+1<argc
) {
2247 password
= argv
[i
+1];
2252 /* Compute our version and see whether we're running win2k or earlier. */
2253 memset(&info
, 0, sizeof(info
));
2254 info
.dwOSVersionInfoSize
= sizeof(info
);
2255 if (! GetVersionEx((LPOSVERSIONINFO
)&info
)) {
2256 printf("Call to GetVersionEx failed.\n");
2257 is_win2k_or_worse
= 1;
2259 if (info
.dwMajorVersion
< 5 ||
2260 (info
.dwMajorVersion
== 5 && info
.dwMinorVersion
== 0))
2261 is_win2k_or_worse
= 1;
2264 if (user_acct
== GENSRV_USERACCT
) {
2265 if (is_win2k_or_worse
) {
2266 /* On Win2k, there is no LocalService account, so we actually need to
2267 * fall back on NULL (the system account). */
2268 printf("Running on Win2K or earlier, so the LocalService account "
2269 "doesn't exist. Falling back to SYSTEM account.\n");
2272 /* Genericity is apparently _so_ last year in Redmond, where some
2273 * accounts are accounts that you can look up, and some accounts
2274 * are magic and undetectable via the security subsystem. See
2275 * http://msdn2.microsoft.com/en-us/library/ms684188.aspx
2277 printf("Running on a Post-Win2K OS, so we'll assume that the "
2278 "LocalService account exists.\n");
2280 } else if (0 && service_fns
.LookupAccountNameA_fn(NULL
, // On this system
2282 NULL
, &sidLen
, // Don't care about the SID
2283 NULL
, &domainLen
, // Don't care about the domain
2285 /* XXXX For some reason, the above test segfaults. Fix that. */
2286 printf("User \"%s\" doesn't seem to exist.\n", user_acct
);
2289 printf("Will try to install service as user \"%s\".\n", user_acct
);
2291 /* XXXX This warning could be better about explaining how to resolve the
2293 if (using_default_torrc
)
2294 printf("IMPORTANT NOTE:\n"
2295 " The Tor service will run under the account \"%s\". This means\n"
2296 " that Tor will look for its configuration file under that\n"
2297 " account's Application Data directory, which is probably not\n"
2298 " the same as yours.\n", user_acct
?user_acct
:"<local system>");
2300 /* Create the Tor service, set to auto-start on boot */
2301 if ((hService
= service_fns
.CreateServiceA_fn(hSCManager
, GENSRV_SERVICENAME
,
2303 SERVICE_ALL_ACCESS
, SERVICE_WIN32_OWN_PROCESS
,
2304 SERVICE_AUTO_START
, SERVICE_ERROR_IGNORE
,
2305 command
, NULL
, NULL
, NULL
,
2306 user_acct
, password
)) == NULL
) {
2307 errmsg
= nt_strerror(GetLastError());
2308 printf("CreateService() failed : %s\n", errmsg
);
2309 service_fns
.CloseServiceHandle_fn(hSCManager
);
2314 printf("Done with CreateService.\n");
2316 /* Set the service's description */
2317 sdBuff
.lpDescription
= (char*)GENSRV_DESCRIPTION
;
2318 service_fns
.ChangeServiceConfig2A_fn(hService
, SERVICE_CONFIG_DESCRIPTION
,
2320 printf("Service installed successfully\n");
2322 /* Start the service initially */
2323 nt_service_start(hService
);
2325 service_fns
.CloseServiceHandle_fn(hService
);
2326 service_fns
.CloseServiceHandle_fn(hSCManager
);
2332 /** Removes the Tor NT service. Returns 0 if the service was successfully
2333 * removed, or -1 on error. */
2335 nt_service_remove(void)
2337 SC_HANDLE hSCManager
= NULL
;
2338 SC_HANDLE hService
= NULL
;
2341 nt_service_loadlibrary();
2342 if ((hSCManager
= nt_service_open_scm()) == NULL
)
2344 if ((hService
= nt_service_open(hSCManager
)) == NULL
) {
2345 service_fns
.CloseServiceHandle_fn(hSCManager
);
2349 nt_service_stop(hService
);
2350 if (service_fns
.DeleteService_fn(hService
) == FALSE
) {
2351 errmsg
= nt_strerror(GetLastError());
2352 printf("DeleteService() failed : %s\n", errmsg
);
2354 service_fns
.CloseServiceHandle_fn(hService
);
2355 service_fns
.CloseServiceHandle_fn(hSCManager
);
2359 service_fns
.CloseServiceHandle_fn(hService
);
2360 service_fns
.CloseServiceHandle_fn(hSCManager
);
2361 printf("Service removed successfully\n");
2366 /** Starts the Tor service. Returns 0 on success, or -1 on error. */
2368 nt_service_cmd_start(void)
2370 SC_HANDLE hSCManager
;
2374 if ((hSCManager
= nt_service_open_scm()) == NULL
)
2376 if ((hService
= nt_service_open(hSCManager
)) == NULL
) {
2377 service_fns
.CloseServiceHandle_fn(hSCManager
);
2381 start
= nt_service_start(hService
);
2382 service_fns
.CloseServiceHandle_fn(hService
);
2383 service_fns
.CloseServiceHandle_fn(hSCManager
);
2388 /** Stops the Tor service. Returns 0 on success, or -1 on error. */
2390 nt_service_cmd_stop(void)
2392 SC_HANDLE hSCManager
;
2396 if ((hSCManager
= nt_service_open_scm()) == NULL
)
2398 if ((hService
= nt_service_open(hSCManager
)) == NULL
) {
2399 service_fns
.CloseServiceHandle_fn(hSCManager
);
2403 stop
= nt_service_stop(hService
);
2404 service_fns
.CloseServiceHandle_fn(hService
);
2405 service_fns
.CloseServiceHandle_fn(hSCManager
);
2410 /** Given a Win32 error code, this attempts to make Windows
2411 * return a human-readable error message. The char* returned
2412 * is allocated by Windows, but should be freed with LocalFree()
2413 * when finished with it. */
2415 nt_strerror(uint32_t errnum
)
2418 FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER
| FORMAT_MESSAGE_FROM_SYSTEM
,
2419 NULL
, errnum
, MAKELANGID(LANG_NEUTRAL
, SUBLANG_DEFAULT
),
2420 (LPSTR
)&msgbuf
, 0, NULL
);
2426 #include <openssl/crypto.h>
2428 _tor_dmalloc_free(void *p
)
2434 /** Main entry point for the Tor process. Called from main(). */
2435 /* This function is distinct from main() only so we can link main.c into
2436 * the unittest binary without conflicting with the unittests' main. */
2438 tor_main(int argc
, char *argv
[])
2442 int r
= CRYPTO_set_mem_ex_functions(_tor_malloc
, _tor_realloc
,
2444 log_notice(LD_CONFIG
, "Set up dmalloc; returned %d", r
);
2446 #ifdef MS_WINDOWS_SERVICE
2450 (!strcmp(argv
[1], "-service") || !strcmp(argv
[1], "--service"))) {
2451 nt_service_loadlibrary();
2452 if (!strcmp(argv
[2], "install"))
2453 return nt_service_install(argc
, argv
);
2454 if (!strcmp(argv
[2], "remove"))
2455 return nt_service_remove();
2456 if (!strcmp(argv
[2], "start"))
2457 return nt_service_cmd_start();
2458 if (!strcmp(argv
[2], "stop"))
2459 return nt_service_cmd_stop();
2460 printf("Unrecognized service command '%s'\n", argv
[2]);
2464 if (!strcmp(argv
[1], "-nt-service") || !strcmp(argv
[1], "--nt-service")) {
2465 nt_service_loadlibrary();
2469 // These values have been deprecated since 0.1.1.2-alpha; we've warned
2470 // about them since 0.1.2.7-alpha.
2471 if (!strcmp(argv
[1], "-install") || !strcmp(argv
[1], "--install")) {
2472 nt_service_loadlibrary();
2474 "The %s option is deprecated; use \"--service install\" instead.",
2476 return nt_service_install(argc
, argv
);
2478 if (!strcmp(argv
[1], "-remove") || !strcmp(argv
[1], "--remove")) {
2479 nt_service_loadlibrary();
2481 "The %s option is deprecated; use \"--service remove\" instead.",
2483 return nt_service_remove();
2487 if (tor_init(argc
, argv
)<0)
2489 switch (get_options()->command
) {
2491 #ifdef MS_WINDOWS_SERVICE
2492 service_status
.dwCurrentState
= SERVICE_RUNNING
;
2494 result
= do_main_loop();
2496 case CMD_LIST_FINGERPRINT
:
2497 result
= do_list_fingerprint();
2499 case CMD_HASH_PASSWORD
:
2503 case CMD_VERIFY_CONFIG
:
2504 printf("Configuration was valid\n");
2507 case CMD_RUN_UNITTESTS
: /* only set by test.c */
2509 log_warn(LD_BUG
,"Illegal command number %d: internal error.",
2510 get_options()->command
);