#include "or.h"
#include "crypto.h"
#include <math.h>
| #define ENTRY_GUARD_REMOVE_AFTER (30*24*60*60) |
How long (in seconds) do we allow an entry guard to be nonfunctional, unlisted, excluded, or otherwise nonusable before we give up on it?
Referenced by remove_dead_entry_guards().
| static routerinfo_t* add_an_entry_guard | ( | routerinfo_t * | chosen, | |
| int | reset_status | |||
| ) | [static] |
Add a new (preferably stable and fast) router to our entry_guards list. Return a pointer to the router if we succeed, or NULL if we can't find any more suitable entries.
If chosen is defined, use that one, and if it's not already in our entry_guards list, put it at the *beginning*. Else, put the one we pick at the end of the list.
References entry_guard_t::bad_since, routerinfo_t::cache_info, entry_guard_t::can_retry, choose_good_entry_server(), entry_guard_t::chosen_by_version, entry_guard_t::chosen_on_date, CIRCUIT_PURPOSE_C_GENERAL, control_event_guard(), control_event_guard_deferred(), crypto_rand_int(), DIGEST_LEN, entry_guard_t::identity, signed_descriptor_t::identity_digest, is_an_entry_guard(), LD_CIRC, log_entry_guards(), entry_guard_t::nickname, routerinfo_t::nickname, smartlist_add(), and smartlist_insert().
Referenced by choose_random_entry(), learned_bridge_descriptor(), and pick_entry_guards().
| int any_bridge_descriptors_known | ( | void | ) |
Return 1 if any of our entry guards have descriptors that are marked with purpose 'bridge' and are running. Else return 0.
We use this function to decide if we're ready to start building circuits through our bridges, or if we need to wait until the directory "server/authority" requests finish.
References choose_random_entry(), get_options(), and tor_assert.
Referenced by circuit_get_open_circ_or_launch(), control_event_bootstrap_problem(), learned_bridge_descriptor(), and should_delay_dir_fetches().
| int any_pending_bridge_descriptor_fetches | ( | void | ) |
Return 1 if there are any directory conns fetching bridge descriptors that aren't marked for close. We use this to guess if we should tell the controller that we have a problem.
References CONN_TYPE_DIR, DIR_PURPOSE_FETCH_SERVERDESC, get_connection_array(), LD_DIR, ROUTER_PURPOSE_BRIDGE, and TO_DIR_CONN().
Referenced by control_event_bootstrap_problem().
| static int ap_stream_wants_exit_attention | ( | connection_t * | conn | ) | [static] |
Return true iff conn needs another general circuit to be built.
References AP_CONN_STATE_CIRCUIT_WAIT, circuit_stream_is_being_handled(), CONN_TYPE_AP, connection_edge_is_rendezvous_stream(), connection_t::marked_for_close, MIN_CIRCUITS_HANDLING_STREAM, connection_t::state, TO_EDGE_CONN(), and connection_t::type.
Referenced by choose_good_exit_server_general().
| void bridge_add_from_config | ( | const tor_addr_t * | addr, | |
| uint16_t | port, | |||
| char * | digest | |||
| ) |
Remember a new bridge at addr:port. If digest is set, it tells us the identity key too.
References bridge_info_t::addr, DIGEST_LEN, bridge_info_t::fetch_status, bridge_info_t::identity, bridge_info_t::port, download_status_t::schedule, smartlist_add(), smartlist_create(), and tor_addr_copy().
Referenced by parse_bridge_line().
| int bridges_known_but_down | ( | void | ) |
Do we know any descriptors for our bridges, and are they all down?
References bridges_retry_helper().
Referenced by circuit_get_open_circ_or_launch().
| void bridges_retry_all | ( | void | ) |
Mark all down known bridges up.
References bridges_retry_helper().
Referenced by circuit_get_open_circ_or_launch().
| static int bridges_retry_helper | ( | int | act | ) | [static] |
Return 1 if we have at least one descriptor for a bridge and all descriptors we know are down. Else return 0. If act is 1, then mark the down bridges up; else just observe and report.
References routerinfo_t::is_running, LD_DIR, routerinfo_t::purpose, router_get_by_digest(), ROUTER_PURPOSE_BRIDGE, and smartlist_create().
Referenced by bridges_known_but_down(), and bridges_retry_all().
| const char* build_state_get_exit_nickname | ( | cpath_build_state_t * | state | ) |
Return the nickname for the chosen exit router in state. If there is no chosen exit, or if we don't know the routerinfo_t for the chosen exit, return NULL.
References cpath_build_state_t::chosen_exit, and extend_info_t::nickname.
Referenced by _circuit_mark_for_close(), circuit_build_failed(), circuit_launch_by_extend_info(), circuit_list_path_impl(), and onion_extend_cpath().
| routerinfo_t* build_state_get_exit_router | ( | cpath_build_state_t * | state | ) |
Return the routerinfo_t for the chosen exit router in state. If there is no chosen exit, or if we don't know the routerinfo_t for the chosen exit, return NULL.
References cpath_build_state_t::chosen_exit, extend_info_t::identity_digest, and router_get_by_digest().
Referenced by choose_good_entry_server(), choose_good_middle_server(), choose_random_entry(), circuit_is_acceptable(), and circuit_stream_is_being_handled().
| static routerinfo_t* choose_good_entry_server | ( | uint8_t | purpose, | |
| cpath_build_state_t * | state | |||
| ) | [static] |
Pick a good entry server for the circuit to be built according to state. Don't reuse a chosen exit (if any), don't use this router (if we're an OR), and respect firewall settings; if we're configured to use entry guards, return one.
If state is NULL, we're choosing a router to serve as an entry guard, not for any particular circuit.
References or_options_t::BridgeRelay, build_state_get_exit_router(), choose_random_entry(), CIRCUIT_PURPOSE_TESTING, fascist_firewall_allows_or(), firewall_is_fascist_or(), get_options(), router_get_by_digest(), router_get_routerlist(), routerlist_add_family(), routerlist_t::routers, smartlist_add(), smartlist_create(), and or_options_t::UseEntryGuards.
Referenced by add_an_entry_guard(), and onion_extend_cpath().
| static routerinfo_t* choose_good_exit_server | ( | uint8_t | purpose, | |
| routerlist_t * | dir, | |||
| int | need_uptime, | |||
| int | need_capacity, | |||
| int | is_internal | |||
| ) | [static] |
Return a pointer to a suitable router to be the exit node for the circuit of purpose purpose that we're about to build (or NULL if no router is suitable).
For general-purpose circuits, pass it off to choose_good_exit_server_general()
For client-side rendezvous circuits, choose a random node, weighted toward the preferences in 'options'.
References or_options_t::_AllowInvalid, choose_good_exit_server_general(), CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, or_options_t::ExcludeNodes, get_options(), LD_BUG, router_choose_random_node(), and tor_fragile_assert.
Referenced by onion_pick_cpath_exit().
| static routerinfo_t* choose_good_exit_server_general | ( | routerlist_t * | dir, | |
| int | need_uptime, | |||
| int | need_capacity | |||
| ) | [static] |
Return a pointer to a suitable router to be the exit node for the general-purpose circuit we're about to build.
Look through the connection array, and choose a router that maximizes the number of pending streams that can exit from this router.
Return NULL if we can't find any suitable routers.
References or_options_t::_AllowInvalid, or_options_t::_ExcludeExitNodesUnion, routerinfo_t::allow_single_hop_exits, ap_stream_wants_exit_attention(), circuit_get_unhandled_ports(), connection_ap_can_use_exit(), or_options_t::ExcludeSingleHopRelays, or_options_t::ExitNodes, get_connection_array(), get_options(), routerinfo_t::is_bad_exit, routerinfo_t::is_running, routerinfo_t::is_valid, LD_CIRC, routerinfo_t::nickname, router_exit_policy_rejects_all(), router_handles_some_port(), router_is_me(), router_is_unreliable(), routerlist_sl_choose_by_bandwidth(), routerlist_t::routers, routerset_contains_router(), routersets_get_disjunction(), smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), or_options_t::StrictNodes, TO_EDGE_CONN(), and tor_free.
Referenced by choose_good_exit_server().
| static routerinfo_t* choose_good_middle_server | ( | uint8_t | purpose, | |
| cpath_build_state_t * | state, | |||
| crypt_path_t * | head, | |||
| int | cur_len | |||
| ) | [static] |
A helper function used by onion_extend_cpath(). Use purpose and state and the cpath head (currently populated only to length cur_len to decide a suitable middle hop for a circuit. In particular, make sure we don't pick the exit node or its family, and make sure we don't duplicate any previous nodes or their families.
References or_options_t::_AllowInvalid, build_state_get_exit_router(), or_options_t::ExcludeNodes, get_options(), LD_CIRC, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, crypt_path_t::next, router_choose_random_node(), router_get_by_digest(), routerlist_add_family(), smartlist_add(), smartlist_create(), smartlist_free(), and tor_assert.
Referenced by onion_extend_cpath().
| routerinfo_t* choose_random_entry | ( | cpath_build_state_t * | state | ) |
Pick a live (up and listed) entry guard from entry_guards. If state is non-NULL, this is for a specific circuit -- make sure not to pick this circuit's exit or any node in the exit's family. If state is NULL, we're looking for a random guard (likely a bridge).
References add_an_entry_guard(), build_state_get_exit_router(), entry_guards_changed(), entry_guards_prepend_from_config(), entry_is_live(), entry_list_is_constrained(), or_options_t::EntryNodes, get_options(), LD_CIRC, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, or_options_t::NumEntryGuards, pick_entry_guards(), routerlist_add_family(), routerlist_sl_choose_by_bandwidth(), routerset_contains_router(), smartlist_add(), smartlist_choose(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_isin(), or_options_t::StrictNodes, and tor_fragile_assert.
Referenced by any_bridge_descriptors_known(), choose_good_entry_server(), and directory_get_from_dirserver().
| int circuit_all_predicted_ports_handled | ( | time_t | now, | |
| int * | need_uptime, | |||
| int * | need_capacity | |||
| ) |
Return 1 if we already have circuits present or on the way for all anticipated ports. Return 0 if we should make more.
If we're returning 0, set need_uptime and need_capacity to indicate any requirements that the unhandled ports have.
References circuit_get_unhandled_ports(), get_options(), or_options_t::LongLivedPorts, smartlist_free(), smartlist_string_num_isin(), tor_assert, and tor_free.
Referenced by circuit_predict_and_launch_new().
| int circuit_append_new_exit | ( | origin_circuit_t * | circ, | |
| extend_info_t * | exit | |||
| ) |
Give circ a new exit destination to exit, and add a hop to the cpath reflecting this. Don't send the next extend cell -- the caller will do this if it wants to.
References origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, origin_circuit_t::cpath, cpath_build_state_t::desired_path_len, extend_info_dup(), extend_info_free(), onion_append_hop(), and tor_assert.
Referenced by circuit_extend_to_new_exit(), and handle_control_extendcircuit().
| int circuit_build_times_add_time | ( | circuit_build_times_t * | cbt, | |
| build_time_t | time | |||
| ) |
Add a new timeout value time to the set of build times. Time units are milliseconds.
circuit_build_times cbt is a circular array, so loop around when array is full.
References or_options_t::AvoidDiskWrites, circuit_build_times_t::build_times_idx, CBT_NCIRCUITS_TO_OBSERVE, CBT_SAVE_STATE_EVERY, circuit_build_times_t::circuit_build_times, get_options(), get_or_state(), LD_CIRC, or_state_mark_dirty(), tor_assert, circuit_build_times_t::total_build_times, and unit_tests.
Referenced by circuit_build_times_add_timeout_worker(), circuit_build_times_shuffle_and_store_array(), and circuit_send_next_onion_skin().
| int circuit_build_times_add_timeout | ( | circuit_build_times_t * | cbt, | |
| int | did_onehop, | |||
| time_t | start_time | |||
| ) |
Store a timeout as a synthetic value.
Returns true if the store was successful and we should possibly update our timeout estimate.
References circuit_build_times_add_timeout_worker(), circuit_build_times_count_pretimeouts(), circuit_build_times_network_check_changed(), circuit_build_times_network_check_live(), circuit_build_times_network_timeout(), circuit_build_times_t::have_computed_timeout, LD_CIRC, circuit_build_times_t::pre_timeouts, and circuit_build_times_t::total_build_times.
Referenced by circuit_expire_building().
| void circuit_build_times_add_timeout_worker | ( | circuit_build_times_t * | cbt, | |
| double | quantile_cutoff | |||
| ) |
Generate points in [cutoff, 1.0) on the CDF.
References circuit_build_times_t::alpha, CBT_MAX_SYNTHETIC_QUANTILE, circuit_build_times_add_time(), circuit_build_times_generate_sample(), LD_CIRC, circuit_build_times_t::timeout_ms, tor_lround(), and circuit_build_times_t::Xm.
Referenced by circuit_build_times_add_timeout(), and circuit_build_times_count_pretimeouts().
| double circuit_build_times_calculate_timeout | ( | circuit_build_times_t * | cbt, | |
| double | quantile | |||
| ) |
This is the Pareto Quantile Function. It calculates the point x in the distribution such that F(x) = quantile (ie quantile*100% of the mass of the density function is below x on the curve).
We use it to calculate the timeout and also to generate synthetic values of time for circuits that timeout before completion.
See http://en.wikipedia.org/wiki/Quantile_function, http://en.wikipedia.org/wiki/Inverse_transform_sampling and http://en.wikipedia.org/wiki/Pareto_distribution#Generating_a_ random_sample_from_Pareto_distribution That's right. I'll cite wikipedia all day long.
Return value is in milliseconds.
References circuit_build_times_t::alpha, tor_assert, and circuit_build_times_t::Xm.
Referenced by circuit_build_times_generate_sample(), and circuit_build_times_set_timeout().
| double circuit_build_times_cdf | ( | circuit_build_times_t * | cbt, | |
| double | x | |||
| ) |
Pareto CDF
References circuit_build_times_t::alpha, tor_assert, and circuit_build_times_t::Xm.
| static void circuit_build_times_count_pretimeouts | ( | circuit_build_times_t * | cbt | ) | [static] |
Generate synthetic timeout values for the timeouts that have happened before we estimated our parameters.
References CBT_MAX_SYNTHETIC_QUANTILE, circuit_build_times_add_timeout_worker(), circuit_build_times_initial_alpha(), circuit_build_times_mode(), circuit_build_times_t::pre_timeouts, circuit_build_times_t::timeout_ms, tor_assert, circuit_build_times_t::total_build_times, and circuit_build_times_t::Xm.
Referenced by circuit_build_times_add_timeout(), and circuit_build_times_set_timeout().
| static uint32_t* circuit_build_times_create_histogram | ( | circuit_build_times_t * | cbt, | |
| build_time_t * | nbins | |||
| ) | [static] |
Calculate and return a histogram for the set of build times.
Returns an allocated array of histrogram bins representing the frequency of index*CBT_BIN_WIDTH millisecond build times. Also outputs the number of bins in nbins.
The return value must be freed by the caller.
References CBT_BIN_WIDTH, circuit_build_times_t::circuit_build_times, and circuit_build_times_max().
Referenced by circuit_build_times_mode(), and circuit_build_times_update_state().
| build_time_t circuit_build_times_generate_sample | ( | circuit_build_times_t * | cbt, | |
| double | q_lo, | |||
| double | q_hi | |||
| ) |
Generate a synthetic time using our distribution parameters.
The return value will be within the [q_lo, q_hi) quantile points on the CDF.
References circuit_build_times_calculate_timeout(), crypto_rand_uint64(), tor_assert, and tor_lround().
Referenced by circuit_build_times_add_timeout_worker().
| static double circuit_build_times_get_initial_timeout | ( | void | ) | [static] |
Return the initial default or configured timeout in milliseconds
References or_options_t::CircuitBuildTimeout, get_options(), LD_CIRC, and unit_tests.
Referenced by circuit_build_times_init(), circuit_build_times_network_check_changed(), and circuit_build_times_network_check_live().
| void circuit_build_times_init | ( | circuit_build_times_t * | cbt | ) |
Initialize the buildtimes structure for first use.
Sets the initial timeout value based to either the config setting or BUILD_TIMEOUT_INITIAL_VALUE.
References circuit_build_times_get_initial_timeout(), control_event_buildtimeout_set(), circuit_build_times_t::liveness, network_liveness_t::num_recent_circs, circuit_build_times_t::timeout_ms, and network_liveness_t::timeouts_after_firsthop.
Referenced by circuit_build_times_parse_state().
| void circuit_build_times_initial_alpha | ( | circuit_build_times_t * | cbt, | |
| double | quantile, | |||
| double | timeout_ms | |||
| ) |
Estimate an initial alpha parameter by solving the quantile function with a quantile point and a specific timeout value.
References circuit_build_times_t::alpha, tor_assert, tor_mathlog(), and circuit_build_times_t::Xm.
Referenced by circuit_build_times_count_pretimeouts().
| static build_time_t circuit_build_times_max | ( | circuit_build_times_t * | cbt | ) | [static] |
Return maximum circuit build time
References CBT_NCIRCUITS_TO_OBSERVE, and circuit_build_times_t::circuit_build_times.
Referenced by circuit_build_times_create_histogram().
| static build_time_t circuit_build_times_mode | ( | circuit_build_times_t * | cbt | ) | [static] |
Return the most frequent build time (rounded to CBT_BIN_WIDTH ms).
Ties go in favor of the slower time.
References CBT_BIN_WIDTH, circuit_build_times_create_histogram(), and tor_free.
Referenced by circuit_build_times_count_pretimeouts(), and circuit_build_times_update_alpha().
| int circuit_build_times_needs_circuits | ( | circuit_build_times_t * | cbt | ) |
Returns true if we need circuits to be built
References circuit_build_times_t::total_build_times.
Referenced by circuit_build_times_needs_circuits_now(), and circuit_expire_old_circuits_clientside().
| int circuit_build_times_needs_circuits_now | ( | circuit_build_times_t * | cbt | ) |
Returns true if we should build a timeout test circuit right now.
References approx_time(), circuit_build_times_needs_circuits(), and circuit_build_times_t::last_circ_at.
Referenced by circuit_predict_and_launch_new().
| int circuit_build_times_network_check_changed | ( | circuit_build_times_t * | cbt | ) |
Returns true if we have seen more than MAX_RECENT_TIMEOUT_COUNT of the past RECENT_CIRCUITS time out after the first hop. Used to detect if the network connection has changed significantly.
Also resets the entire timeout history in this case and causes us to restart the process of building test circuits and estimating a new timeout.
References network_liveness_t::after_firsthop_idx, circuit_build_times_get_initial_timeout(), circuit_build_times_reset(), control_event_buildtimeout_set(), LD_CIRC, circuit_build_times_t::liveness, network_liveness_t::num_recent_circs, circuit_build_times_t::timeout_ms, network_liveness_t::timeouts_after_firsthop, tor_lround(), and circuit_build_times_t::total_build_times.
Referenced by circuit_build_times_add_timeout().
| int circuit_build_times_network_check_live | ( | circuit_build_times_t * | cbt | ) |
Returns false if the network has not received a cell or tls handshake in the past NETWORK_NOTLIVE_TIMEOUT_COUNT circuits.
Also has the side effect of rewinding the circuit time history in the case of recent liveness changes.
References approx_time(), CBT_NETWORK_NONLIVE_DISCARD_COUNT, CBT_NETWORK_NONLIVE_TIMEOUT_COUNT, circuit_build_times_get_initial_timeout(), circuit_build_times_rewind_history(), control_event_buildtimeout_set(), LD_CIRC, circuit_build_times_t::liveness, network_liveness_t::net_suspended, network_liveness_t::network_last_live, network_liveness_t::nonlive_discarded, network_liveness_t::nonlive_timeouts, circuit_build_times_t::timeout_ms, and tor_lround().
Referenced by circuit_build_times_add_timeout().
| void circuit_build_times_network_circ_success | ( | circuit_build_times_t * | cbt | ) |
Called to indicate that we completed a circuit. Because this circuit succeeded, it doesn't count as a timeout-after-the-first-hop.
References network_liveness_t::after_firsthop_idx, circuit_build_times_t::liveness, network_liveness_t::num_recent_circs, and network_liveness_t::timeouts_after_firsthop.
Referenced by circuit_send_next_onion_skin().
| void circuit_build_times_network_is_live | ( | circuit_build_times_t * | cbt | ) |
Called to indicate that the network showed some signs of liveness.
This function is called every time we receive a cell. Avoid syscalls, events, and other high-intensity work.
References approx_time(), circuit_build_times_t::liveness, network_liveness_t::network_last_live, network_liveness_t::nonlive_discarded, and network_liveness_t::nonlive_timeouts.
Referenced by connection_or_process_cells_from_inbuf(), connection_or_set_state_open(), and connection_tls_finish_handshake().
| static void circuit_build_times_network_timeout | ( | circuit_build_times_t * | cbt, | |
| int | did_onehop, | |||
| time_t | start_time | |||
| ) | [static] |
A circuit just timed out. If there has been no recent network activity at all, but this circuit was launched back when we thought the network was live, increment the number of "nonlive" circuit timeouts.
Also distinguish between whether it failed before the first hop and record that in our history for later deciding if the network has changed.
References network_liveness_t::after_firsthop_idx, circuit_build_times_t::liveness, network_liveness_t::network_last_live, network_liveness_t::nonlive_timeouts, network_liveness_t::num_recent_circs, circuit_build_times_t::timeout_ms, and network_liveness_t::timeouts_after_firsthop.
Referenced by circuit_build_times_add_timeout().
| void circuit_build_times_new_consensus_params | ( | circuit_build_times_t * | cbt, | |
| networkstatus_t * | ns | |||
| ) |
This function is called when we get a consensus update.
It checks to see if we have changed any consensus parameters that require reallocation or discard of previous stats.
References network_liveness_t::after_firsthop_idx, CBT_DEFAULT_RECENT_CIRCUITS, LD_CIRC, circuit_build_times_t::liveness, networkstatus_get_param(), network_liveness_t::num_recent_circs, network_liveness_t::timeouts_after_firsthop, tor_assert, and tor_free.
Referenced by networkstatus_set_current_consensus().
| int circuit_build_times_parse_state | ( | circuit_build_times_t * | cbt, | |
| or_state_t * | state, | |||
| char ** | msg | |||
| ) |
Load histogram from state, shuffling the resulting array after we do so. Use this result to estimate parameters and calculate the timeout.
Returns -1 and sets msg on error. Msg must be freed by the caller.
References or_state_t::BuildtimeHistogram, circuit_build_times_t::circuit_build_times, circuit_build_times_init(), circuit_build_times_set_timeout(), circuit_build_times_shuffle_and_store_array(), LD_CIRC, config_line_t::next, smartlist_create(), smartlist_free(), smartlist_split_string(), tor_assert, tor_free, tor_parse_ulong(), circuit_build_times_t::total_build_times, or_state_t::TotalBuildTimes, and config_line_t::value.
Referenced by or_state_set().
| void circuit_build_times_reset | ( | circuit_build_times_t * | cbt | ) |
Reset the build time state.
Leave estimated parameters, timeout and network liveness intact for future use.
References circuit_build_times_t::build_times_idx, circuit_build_times_t::circuit_build_times, circuit_build_times_t::have_computed_timeout, circuit_build_times_t::pre_timeouts, and circuit_build_times_t::total_build_times.
Referenced by circuit_build_times_network_check_changed().
| static void circuit_build_times_rewind_history | ( | circuit_build_times_t * | cbt, | |
| int | n | |||
| ) | [static] |
Rewind our timeout history by n timeout positions.
References circuit_build_times_t::build_times_idx, CBT_NCIRCUITS_TO_OBSERVE, circuit_build_times_t::circuit_build_times, LD_CIRC, circuit_build_times_t::pre_timeouts, and circuit_build_times_t::total_build_times.
Referenced by circuit_build_times_network_check_live().
| void circuit_build_times_set_timeout | ( | circuit_build_times_t * | cbt | ) |
Estimate a new timeout based on history and set our timeout variable accordingly.
References circuit_build_times_t::alpha, circuit_build_times_calculate_timeout(), circuit_build_times_count_pretimeouts(), circuit_build_times_update_alpha(), control_event_buildtimeout_set(), circuit_build_times_t::have_computed_timeout, LD_CIRC, circuit_build_times_t::timeout_ms, tor_lround(), circuit_build_times_t::total_build_times, and circuit_build_times_t::Xm.
Referenced by circuit_build_times_parse_state(), circuit_expire_building(), and circuit_send_next_onion_skin().
| static void circuit_build_times_shuffle_and_store_array | ( | circuit_build_times_t * | cbt, | |
| build_time_t * | raw_times, | |||
| int | num_times | |||
| ) | [static] |
Shuffle the build times array.
Stolen from http://en.wikipedia.org/wiki/Fisher
References circuit_build_times_add_time(), crypto_rand_int(), and LD_CIRC.
Referenced by circuit_build_times_parse_state().
| void circuit_build_times_update_alpha | ( | circuit_build_times_t * | cbt | ) |
Estimates the Xm and Alpha parameters using http://en.wikipedia.org/wiki/Pareto_distribution#Parameter_estimation
The notable difference is that we use mode instead of min to estimate Xm. This is because our distribution is frechet-like. We claim this is an acceptable approximation because we are only concerned with the accuracy of the CDF of the tail.
References circuit_build_times_t::alpha, circuit_build_times_t::circuit_build_times, circuit_build_times_mode(), LD_CIRC, tor_assert, tor_mathlog(), circuit_build_times_t::total_build_times, and circuit_build_times_t::Xm.
Referenced by circuit_build_times_set_timeout().
| void circuit_build_times_update_state | ( | circuit_build_times_t * | cbt, | |
| or_state_t * | state | |||
| ) |
Output a histogram of current circuit build times to the or_state_t state structure.
References or_options_t::AvoidDiskWrites, or_state_t::BuildtimeHistogram, CBT_BIN_WIDTH, circuit_build_times_create_histogram(), config_free_lines(), get_options(), get_or_state(), config_line_t::key, config_line_t::next, or_state_mark_dirty(), tor_free, tor_snprintf(), circuit_build_times_t::total_build_times, or_state_t::TotalBuildTimes, unit_tests, and config_line_t::value.
Referenced by or_state_save().
| static int circuit_deliver_create_cell | ( | circuit_t * | circ, | |
| uint8_t | cell_type, | |||
| const char * | payload | |||
| ) | [static] |
Find a new circid that isn't currently in use on the circ->n_conn for the outgoing circuit circ, and deliver a cell of type cell_type (either CELL_CREATE or CELL_CREATE_FAST) with payload payload to this circuit. Return -1 if we failed to find a suitable circid, else return 0.
References append_cell_to_circuit_queue(), CELL_DIRECTION_OUT, cell_t::circ_id, CIRCUIT_IS_ORIGIN, circuit_set_n_circid_orconn(), or_connection_t::client_used, cell_t::command, get_unique_circ_id_by_conn(), LD_CIRC, circuit_t::n_circ_id, circuit_t::n_conn, cell_t::payload, and tor_assert.
Referenced by circuit_extend(), circuit_n_conn_done(), and circuit_send_next_onion_skin().
| origin_circuit_t* circuit_establish_circuit | ( | uint8_t | purpose, | |
| extend_info_t * | exit, | |||
| int | flags | |||
| ) |
Build a new circuit for purpose. If exit is defined, then use that as your exit router, else choose a suitable exit node.
Also launch a connection to the first OR in the chosen path, if it's not open already.
References circuit_handle_first_hop(), control_event_circuit_status(), END_CIRC_REASON_NOPATH, onion_pick_cpath_exit(), onion_populate_cpath(), origin_circuit_init(), and TO_CIRCUIT.
Referenced by circuit_launch_by_extend_info().
Take the 'extend' cell, pull out addr/port plus the onion skin and identity digest for the next hop. If we're already connected, pass the onion skin to the next hop using a create cell; otherwise launch a new OR connection, and circ will notice when the connection succeeds or fails.
Return -1 if we want to warn and tear down the circuit, else return 0.
References or_connection_t::_base, connection_t::address, circuit_deliver_create_cell(), circuit_set_state(), CIRCUIT_STATE_OR_WAIT, connection_or_connect(), connection_or_get_for_extend(), DIGEST_LEN, extend_info_alloc(), fmt_addr(), get_options(), get_uint16(), get_uint32(), LD_CIRC, LD_OR, LD_PROTOCOL, relay_header_t::length, circuit_t::n_conn, circuit_t::n_conn_onionskin, circuit_t::n_hop, cell_t::payload, connection_t::port, RELAY_HEADER_SIZE, relay_header_unpack(), server_mode(), TO_OR_CIRCUIT(), tor_addr_from_ipv4h, tor_assert, and tor_digest_is_zero().
Referenced by connection_edge_process_relay_cell().
| int circuit_extend_to_new_exit | ( | origin_circuit_t * | circ, | |
| extend_info_t * | exit | |||
| ) |
Take an open circ, and add a new hop at the end, based on info. Set its state back to CIRCUIT_STATE_BUILDING, and then send the next extend cell to begin connecting to that hop.
References circuit_append_new_exit(), circuit_send_next_onion_skin(), circuit_set_state(), CIRCUIT_STATE_BUILDING, LD_CIRC, extend_info_t::nickname, TO_CIRCUIT, and warn_if_last_router_excluded().
Referenced by circuit_launch_by_extend_info(), and rend_client_introduction_acked().
| int circuit_finish_handshake | ( | origin_circuit_t * | circ, | |
| uint8_t | reply_type, | |||
| const char * | reply | |||
| ) |
A created or extended cell came back to us on the circuit, and it included reply as its body. (If reply_type is CELL_CREATED, the body contains (the second DH key, plus KH). If reply_type is CELL_CREATED_FAST, the body contains a secret y and a hash H(x|y).)
Calculate the appropriate keys and digests, make sure KH is correct, and initialize this hop of the cpath.
Return - reason if we want to mark circ for close, else return 0.
References CIPHER_KEY_LEN, circuit_init_cpath_crypto(), circuit_log_path(), control_event_circuit_status(), origin_circuit_t::cpath, crypto_dh_free(), crypt_path_t::dh_handshake_state, DIGEST_LEN, fast_client_handshake(), crypt_path_t::fast_handshake_state, crypt_path_t::handshake_digest, LD_CIRC, LD_PROTOCOL, onion_next_hop_in_cpath(), onion_skin_client_handshake(), crypt_path_t::state, and tor_assert.
Referenced by command_process_created_cell(), and connection_edge_process_relay_cell().
| static smartlist_t* circuit_get_unhandled_ports | ( | time_t | now | ) | [static] |
Fetch the list of predicted ports, dup it into a smartlist of uint16_t's, remove the ones that are already handled by an existing circuit, and return it.
References circuit_remove_handled_ports(), rep_hist_get_predicted_ports(), smartlist_add(), and smartlist_create().
Referenced by choose_good_exit_server_general(), and circuit_all_predicted_ports_handled().
| int circuit_handle_first_hop | ( | origin_circuit_t * | circ | ) |
Start establishing the first hop of our circuit. Figure out what OR we should connect to, and if necessary start the connection to it. If we're already connected, then send the 'create' cell. Return 0 for ok, -reason if circ should be marked-for-close.
References origin_circuit_t::_base, extend_info_t::addr, origin_circuit_t::build_state, circuit_send_next_onion_skin(), connection_or_connect(), connection_or_get_for_extend(), control_event_bootstrap(), origin_circuit_t::cpath, crypt_path_t::extend_info, extend_info_dup(), fmt_addr(), extend_info_t::identity_digest, LD_CIRC, circuit_t::n_conn, circuit_t::n_hop, extend_info_t::nickname, cpath_build_state_t::onehop_tunnel, onion_next_hop_in_cpath(), extend_info_t::port, safe_str_client(), and tor_assert.
Referenced by circuit_establish_circuit(), and handle_control_extendcircuit().
| int circuit_init_cpath_crypto | ( | crypt_path_t * | cpath, | |
| const char * | key_data, | |||
| int | reverse | |||
| ) |
Initialize cpath->{f|b}_{crypto|digest} from the key material in key_data. key_data must contain CPATH_KEY_MATERIAL bytes, which are used as follows:
(If 'reverse' is true, then f_XX and b_XX are swapped.)
References crypt_path_t::b_crypto, crypt_path_t::b_digest, CIPHER_KEY_LEN, crypto_create_init_cipher(), crypto_digest_add_bytes(), crypto_new_digest_env(), DIGEST_LEN, crypt_path_t::f_crypto, crypt_path_t::f_digest, LD_BUG, and tor_assert.
Referenced by circuit_finish_handshake(), onionskin_answer(), rend_client_receive_rendezvous(), and rend_service_introduce().
| char* circuit_list_path | ( | origin_circuit_t * | circ, | |
| int | verbose | |||
| ) |
If verbose is false, allocate and return a comma-separated list of the currently built elements of circuit_t. If verbose is true, also list information about link status in a more verbose format using spaces.
References circuit_list_path_impl().
Referenced by circuit_log_path().
| char* circuit_list_path_for_controller | ( | origin_circuit_t * | circ | ) |
Allocate and return a comma-separated list of the currently built elements of circuit_t, giving each as a verbose nickname.
References circuit_list_path_impl().
Referenced by control_event_circuit_status(), and getinfo_helper_events().
| static char* circuit_list_path_impl | ( | origin_circuit_t * | circ, | |
| int | verbose, | |||
| int | verbose_names | |||
| ) | [static] |
If verbose is false, allocate and return a comma-separated list of the currently built elements of circuit_t. If verbose is true, also list information about link status in a more verbose format using spaces. If verbose_names is false, give nicknames for Named routers and hex digests for others; if verbose_names is true, use $DIGEST=Name style names.
References origin_circuit_t::_base, base16_encode(), origin_circuit_t::build_state, build_state_get_exit_nickname(), CIRCUIT_STATE_OPEN, origin_circuit_t::cpath, cpath_build_state_t::desired_path_len, DIGEST_LEN, crypt_path_t::extend_info, HEX_DIGEST_LEN, extend_info_t::identity_digest, cpath_build_state_t::is_internal, is_legal_nickname(), routerinfo_t::is_named, MAX_NICKNAME_LEN, MAX_VERBOSE_NICKNAME_LEN, cpath_build_state_t::need_uptime, crypt_path_t::next, extend_info_t::nickname, router_get_by_digest(), router_get_consensus_status_by_id(), router_get_verbose_nickname(), routerstatus_get_verbose_nickname(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), crypt_path_t::state, circuit_t::state, tor_asprintf(), tor_assert, tor_free, and tor_snprintf().
Referenced by circuit_list_path(), and circuit_list_path_for_controller().
| void circuit_log_path | ( | int | severity, | |
| unsigned int | domain, | |||
| origin_circuit_t * | circ | |||
| ) |
Log, at severity severity, the nicknames of each router in circ's cpath. Also log the length of the cpath, and the intended exit point.
References circuit_list_path(), tor_free, and tor_log().
Referenced by circuit_dump_details(), circuit_expire_building(), circuit_finish_handshake(), connection_ap_handshake_attach_circuit(), connection_ap_process_end_not_open(), connection_edge_process_relay_cell_not_open(), and warn_if_last_router_excluded().
| void circuit_n_conn_done | ( | or_connection_t * | or_conn, | |
| int | status | |||
| ) |
Find any circuits that are waiting on or_conn to become open and get them to send their create cells forward.
Status is 1 if connect succeeded, or 0 if connect failed.
References or_connection_t::_base, connection_t::addr, connection_t::address, circuit_deliver_create_cell(), circuit_get_all_pending_on_or_conn(), CIRCUIT_IS_ORIGIN, circuit_send_next_onion_skin(), circuit_set_state(), CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, DIGEST_LEN, extend_info_free(), or_connection_t::identity_digest, LD_CIRC, or_connection_t::nickname, connection_t::port, smartlist_create(), smartlist_free(), TO_ORIGIN_CIRCUIT(), tor_addr_eq, tor_assert, tor_digest_is_zero(), and tor_free.
Referenced by connection_about_to_close_connection(), and connection_or_set_state_open().
| void circuit_note_clock_jumped | ( | int | seconds_elapsed | ) |
Our clock just jumped by seconds_elapsed. Assume something has also gone wrong with our network: notify the user, and abandon all not-yet-used circuits.
References circuit_expire_all_dirty_circs(), circuit_mark_all_unused_circs(), control_event_client_status(), control_event_general_status(), get_options(), has_completed_circuit, LD_GENERAL, server_mode(), and tor_log().
Referenced by second_elapsed_callback().
| void circuit_rep_hist_note_result | ( | origin_circuit_t * | circ | ) |
Tell the rep(utation)hist(ory) module about the status of the links in circ. Hops that have become OPEN are marked as successfully extended; the _first_ hop that isn't open (if any) is marked as unable to extend.
References routerinfo_t::cache_info, origin_circuit_t::cpath, crypt_path_t::extend_info, get_options(), extend_info_t::identity_digest, signed_descriptor_t::identity_digest, crypt_path_t::next, rep_hist_note_extend_failed(), rep_hist_note_extend_succeeded(), router_get_by_digest(), router_get_my_routerinfo(), server_mode(), and crypt_path_t::state.
Referenced by _circuit_mark_for_close(), and circuit_send_next_onion_skin().
| int circuit_send_next_onion_skin | ( | origin_circuit_t * | circ | ) |
This is the backbone function for building circuits.
If circ's first hop is closed, then we need to build a create cell and send it forward.
Otherwise, we need to build a relay extend cell and send it forward.
Return -reason if we want to tear down circ, else return 0.
References origin_circuit_t::_base, extend_info_t::addr, origin_circuit_t::build_state, check_whether_orport_reachable(), circuit_build_times_add_time(), circuit_build_times_network_circ_success(), circuit_build_times_set_timeout(), circuit_deliver_create_cell(), circuit_has_opened(), circuit_rep_hist_note_result(), circuit_reset_failure_count(), circuit_set_state(), CIRCUIT_STATE_BUILDING, CIRCUIT_STATE_OPEN, consider_testing_reachability(), control_event_bootstrap(), control_event_client_status(), origin_circuit_t::cpath, crypto_rand(), crypt_path_t::dh_handshake_state, DIGEST_LEN, crypt_path_t::extend_info, crypt_path_t::fast_handshake_state, get_options(), has_completed_circuit, circuit_t::highres_created, extend_info_t::identity_digest, or_connection_t::identity_digest, inform_testing_reachability(), LD_BUG, LD_CIRC, LD_GENERAL, circuit_t::n_conn, routerinfo_t::nickname, cpath_build_state_t::onehop_tunnel, extend_info_t::onion_key, onion_next_hop_in_cpath(), onion_skin_create(), extend_info_t::port, crypt_path_t::prev, relay_send_command_from_edge(), router_get_by_digest(), server_mode(), set_uint16(), set_uint32(), should_use_create_fast_for_circuit(), circuit_t::state, crypt_path_t::state, TO_CIRCUIT, tor_addr_family(), tor_addr_to_ipv4n(), tor_assert, tor_gettimeofday(), and tv_mdiff().
Referenced by circuit_extend_to_new_exit(), circuit_handle_first_hop(), circuit_n_conn_done(), command_process_created_cell(), connection_edge_process_relay_cell(), and handle_control_extendcircuit().
| int circuit_truncated | ( | origin_circuit_t * | circ, | |
| crypt_path_t * | layer | |||
| ) |
We received a relay truncated cell on circ.
Since we don't ask for truncates currently, getting a truncated means that a connection broke or an extend failed. For now, just give up: for circ to close, and return 0.
References circuit_free_cpath_node(), origin_circuit_t::cpath, END_CIRC_REASON_FLAG_REMOTE, LD_APP, LD_CIRC, crypt_path_t::next, edge_connection_t::next_stream, origin_circuit_t::p_streams, TO_CIRCUIT, and tor_assert.
Referenced by connection_edge_process_relay_cell().
| void circuitbuild_running_unit_tests | ( | void | ) |
Make a note that we're running unit tests (rather than running Tor itself), so we avoid clobbering our state file.
References unit_tests.
| void clear_bridge_list | ( | void | ) |
Initialize the bridge list to empty, creating it if needed.
References smartlist_clear(), smartlist_create(), and tor_free.
Referenced by entry_guards_free_all(), and options_act().
| static void control_event_guard_deferred | ( | void | ) | [static] |
Called when one or more guards that we would previously have used for some purpose are no longer in use because a higher-priority guard has become usable again.
References control_event_guard(), entry_is_live(), get_options(), and or_options_t::NumEntryGuards.
Referenced by add_an_entry_guard().
| static int count_acceptable_routers | ( | smartlist_t * | routers | ) | [static] |
Return the number of routers in routers that are currently up and available for building circuits through.
References routerinfo_t::is_running, and routerinfo_t::is_valid.
Referenced by new_route_len().
| static void entry_guard_free | ( | entry_guard_t * | e | ) | [static] |
Release all storage held by e.
References entry_guard_t::chosen_by_version, and tor_free.
Referenced by entry_guards_free_all(), entry_guards_parse_state(), remove_dead_entry_guards(), and remove_obsolete_entry_guards().
| int entry_guard_register_connect_status | ( | const char * | digest, | |
| int | succeeded, | |||
| int | mark_relay_status, | |||
| time_t | now | |||
| ) |
Called when a connection to an OR with the identity digest digest is established (succeeded==1) or has failed (succeeded==0). If the OR is an entry, change that entry's up/down status. Return 0 normally, or -1 if we want to tear down the new connection.
If mark_relay_status, also call router_set_status() on this relay.
XXX022 change succeeded and mark_relay_status into 'int flags'.
References DIGEST_LEN, and HEX_DIGEST_LEN.
Referenced by circuit_build_failed(), connection_about_to_close_connection(), connection_or_check_valid_tls_handshake(), connection_or_connect(), and connection_or_set_state_open().
| static int entry_guard_set_status | ( | entry_guard_t * | e, | |
| routerinfo_t * | ri, | |||
| time_t | now, | |||
| or_options_t * | options, | |||
| const char ** | reason | |||
| ) | [static] |
Check whether the entry guard e is usable, given the directory authorities' opinion about the router (stored in ri) and the user's configuration (in options). Set e->bad_since accordingly. Return true iff the entry guard's status changes.
If it's not usable, set *reason to a static string explaining why.
References entry_guard_t::bad_since, base16_encode(), control_event_guard(), DIGEST_LEN, or_options_t::EntryNodes, or_options_t::ExcludeNodes, HEX_DIGEST_LEN, entry_guard_t::identity, routerinfo_t::is_possible_guard, routerinfo_t::is_running, LD_CIRC, entry_guard_t::nickname, routerinfo_t::purpose, ROUTER_PURPOSE_BRIDGE, routerset_contains_router(), tor_assert, and or_options_t::UseBridges.
Referenced by entry_guards_compute_status().
| static void entry_guards_changed | ( | void | ) | [static] |
Our list of entry guards has changed, or some element of one of our entry guards has changed. Write the changes to disk within the next few minutes.
References or_options_t::AvoidDiskWrites, entry_guards_dirty, get_options(), get_or_state(), and or_state_mark_dirty().
Referenced by choose_random_entry(), entry_guards_compute_status(), and pick_entry_guards().
| void entry_guards_compute_status | ( | void | ) |
A new directory or router-status has arrived; update the down/listed status of the entry guards.
An entry is 'down' if the directory lists it as nonrunning. An entry is 'unlisted' if the directory doesn't include it.
Don't call this on startup; only on a fresh download. Otherwise we'll think that things are unlisted.
References digestmap_free(), digestmap_get(), digestmap_new(), digestmap_set(), entry_guard_set_status(), entry_guards_changed(), entry_is_live(), entry_nodes_should_be_added(), or_options_t::EntryNodes, get_options(), LD_CIRC, log_entry_guards(), num_live_entry_guards(), remove_dead_entry_guards(), router_get_by_digest(), and tor_assert.
Referenced by directory_info_has_arrived().
| void entry_guards_free_all | ( | void | ) |
Release all storage held by the list of entry guards and related memory structs.
References bridge_list, clear_bridge_list(), entry_guard_free(), and smartlist_free().
Referenced by tor_free_all().
| int entry_guards_parse_state | ( | or_state_t * | state, | |
| int | set, | |||
| char ** | msg | |||
| ) |
Parse state and learn about the entry guards it describes. If set is true, and there are no errors, replace the global entry_list with what we find. On success, return 0. On failure, alloc into *msg a string describing the error, and return -1.
References _tor_free(), entry_guard_t::bad_since, base16_decode(), crypto_rand_int(), DIGEST_LEN, digestmap_free(), digestmap_get(), digestmap_new(), digestmap_set(), entry_guard_free(), entry_guards_dirty, or_state_t::EntryGuards, escaped(), HEX_DIGEST_LEN, entry_guard_t::identity, is_legal_nickname(), config_line_t::key, entry_guard_t::last_attempted, LD_BUG, entry_guard_t::made_contact, MAX_NICKNAME_LEN, config_line_t::next, entry_guard_t::nickname, parse_iso_time(), remove_obsolete_entry_guards(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_split_string(), tor_free, or_state_t::TorVersion, entry_guard_t::unreachable_since, and config_line_t::value.
Referenced by or_state_set(), and or_state_validate().
| static void entry_guards_prepend_from_config | ( | void | ) | [static] |
Add all nodes in EntryNodes that aren't currently guard nodes to the list of guard nodes, at the front.
References or_options_t::EntryNodes, get_options(), is_an_entry_guard(), LD_CIRC, routerset_get_all_routers(), routerset_to_string(), smartlist_add(), smartlist_create(), smartlist_digest_isin(), tor_assert, and tor_free.
Referenced by choose_random_entry().
| void entry_guards_update_state | ( | or_state_t * | state | ) |
If the entry guard info has not changed, do nothing and return. Otherwise, free the EntryGuards piece of state and create a new one out of the global entry_guards list, and then mark state dirty so it will get saved to disk.
References or_options_t::AvoidDiskWrites, base16_encode(), config_free_lines(), DIGEST_LEN, entry_guards_dirty, or_state_t::EntryGuards, format_iso_time(), get_options(), get_or_state(), HEX_DIGEST_LEN, config_line_t::key, MAX_NICKNAME_LEN, config_line_t::next, or_state_mark_dirty(), smartlist_create(), tor_snprintf(), and config_line_t::value.
Referenced by or_state_save().
| static INLINE routerinfo_t* entry_is_live | ( | entry_guard_t * | e, | |
| int | need_uptime, | |||
| int | need_capacity, | |||
| int | assume_reachable, | |||
| const char ** | msg | |||
| ) | [static] |
Return the router corresponding to e, if e is working well enough that we are willing to use it as an entry right now. (Else return NULL.) In particular, it must be
If the answer is no, set *msg to an explanation of why.
References entry_guard_t::bad_since, entry_guard_t::can_retry, entry_is_time_to_retry(), or_options_t::EntryNodes, fascist_firewall_allows_or(), get_options(), entry_guard_t::identity, routerinfo_t::purpose, router_get_by_digest(), router_is_unreliable(), ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_GENERAL, routerset_contains_router(), tor_assert, and entry_guard_t::unreachable_since.
Referenced by choose_random_entry(), control_event_guard_deferred(), entry_guards_compute_status(), log_entry_guards(), and num_live_entry_guards().
| static int entry_is_time_to_retry | ( | entry_guard_t * | e, | |
| time_t | now | |||
| ) | [static] |
Return true iff enough time has passed since we last tried to connect to the unreachable guard e that we're willing to try again.
References entry_guard_t::last_attempted, and entry_guard_t::unreachable_since.
Referenced by entry_is_live().
| int entry_list_is_constrained | ( | or_options_t * | options | ) |
Return 0 if we're fine adding arbitrary routers out of the directory to our entry guard list, or return 1 if we have a list already and we'd prefer to stick to it.
References or_options_t::EntryNodes, and or_options_t::UseBridges.
Referenced by choose_random_entry(), and connection_dir_request_failed().
| void entry_nodes_should_be_added | ( | void | ) |
Called when the value of EntryNodes changes in our configuration.
References LD_CIRC.
Referenced by entry_guards_compute_status(), and options_act().
| extend_info_t* extend_info_alloc | ( | const char * | nickname, | |
| const char * | digest, | |||
| crypto_pk_env_t * | onion_key, | |||
| const tor_addr_t * | addr, | |||
| uint16_t | port | |||
| ) |
Allocate a new extend_info object based on the various arguments.
References extend_info_t::addr, crypto_pk_dup_key(), DIGEST_LEN, extend_info_t::identity_digest, extend_info_t::nickname, extend_info_t::onion_key, extend_info_t::port, and tor_addr_copy().
Referenced by circuit_extend(), circuit_get_open_circ_or_launch(), and extend_info_from_router().
| extend_info_t* extend_info_dup | ( | extend_info_t * | info | ) |
Allocate and return a new extend_info_t with the same contents as info.
References crypto_pk_dup_key(), extend_info_t::onion_key, and tor_assert.
Referenced by circuit_append_new_exit(), circuit_handle_first_hop(), onion_append_hop(), onion_extend_cpath(), onion_pick_cpath_exit(), rend_client_get_random_intro(), rend_service_launch_establish_intro(), and rend_service_update_descriptor().
| void extend_info_free | ( | extend_info_t * | info | ) |
Release storage held by an extend_info_t struct.
References crypto_free_pk_env(), extend_info_t::onion_key, and tor_free.
Referenced by circuit_append_new_exit(), circuit_free(), circuit_free_cpath_node(), circuit_get_open_circ_or_launch(), circuit_launch_by_router(), circuit_n_conn_done(), handle_control_extendcircuit(), onion_extend_cpath(), rend_client_get_random_intro(), rend_client_introduction_acked(), rend_intro_point_free(), rend_service_introduce(), and rend_service_launch_establish_intro().
| extend_info_t* extend_info_from_router | ( | routerinfo_t * | r | ) |
Allocate and return a new extend_info_t that can be used to build a circuit to or through the router r.
References routerinfo_t::addr, routerinfo_t::cache_info, extend_info_alloc(), signed_descriptor_t::identity_digest, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::or_port, tor_addr_from_ipv4h, and tor_assert.
Referenced by circuit_get_open_circ_or_launch(), circuit_launch_by_router(), handle_control_extendcircuit(), onion_extend_cpath(), onion_pick_cpath_exit(), rend_client_get_random_intro(), and rend_service_introduce().
| void fetch_bridge_descriptors | ( | time_t | now | ) |
For each bridge in our list for which we don't currently have a descriptor, fetch a new copy of its descriptor -- either directly from the bridge or via a bridge authority.
References base16_encode(), BRIDGE_AUTHORITY, DIGEST_LEN, DIR_PURPOSE_FETCH_SERVERDESC, directory_get_from_dirserver(), download_status_failed, download_status_is_ready(), fascist_firewall_allows_address_or(), fmt_addr(), get_n_authorities(), get_options(), HEX_DIGEST_LEN, IMPOSSIBLE_TO_DOWNLOAD, launch_direct_bridge_descriptor_fetch(), LD_DIR, ROUTER_PURPOSE_BRIDGE, tor_digest_is_zero(), and or_options_t::UpdateBridgesFromAuthority.
Referenced by run_scheduled_events().
| static bridge_info_t* find_bridge_by_digest | ( | const char * | digest | ) | [static] |
If digest is one of our known bridges, return it.
References DIGEST_LEN.
Referenced by retry_bridge_descriptor_fetch_directly().
| static circid_t get_unique_circ_id_by_conn | ( | or_connection_t * | conn | ) | [static] |
Iterate over values of circ_id, starting from conn->next_circ_id, and with the high bit specified by conn->circ_id_type, until we get a circ_id that is not in use by any other circuit on that conn.
Return it, or 0 if can't get a unique circ_id.
References or_connection_t::circ_id_type, CIRC_ID_TYPE_HIGHER, CIRC_ID_TYPE_NEITHER, circuit_id_in_use_on_orconn(), LD_BUG, LD_CIRC, or_connection_t::next_circ_id, and tor_assert.
Referenced by circuit_deliver_create_cell().
| int getinfo_helper_entry_guards | ( | control_connection_t * | conn, | |
| const char * | question, | |||
| char ** | answer | |||
| ) |
If question is the string "entry-guards", then dump to *answer a newly allocated string describing all of the nodes in the global entry_guards list. See control-spec.txt for details. For backward compatibility, we also handle the string "helper-nodes".
References base16_encode(), DIGEST_LEN, format_iso_time(), MAX_VERBOSE_NICKNAME_LEN, router_get_by_digest(), router_get_verbose_nickname(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_free, and tor_snprintf().
| int inform_testing_reachability | ( | void | ) |
We've decided to start our reachability testing. If all is set, log this to the user. Return 1 if we did, or 0 if we chose not to log anything.
References routerinfo_t::address, control_event_server_status(), routerinfo_t::dir_port, LD_OR, routerinfo_t::or_port, router_get_my_routerinfo(), TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT, and tor_snprintf().
Referenced by circuit_send_next_onion_skin(), and options_act().
| static INLINE entry_guard_t* is_an_entry_guard | ( | const char * | digest | ) | [static] |
If digest matches the identity of any node in the entry_guards list, return that node. Else return NULL.
References DIGEST_LEN.
Referenced by add_an_entry_guard(), and entry_guards_prepend_from_config().
| static void launch_direct_bridge_descriptor_fetch | ( | bridge_info_t * | bridge | ) | [static] |
We need to ask bridge for its server descriptor. address is a helpful string describing this bridge.
References bridge_info_t::addr, CONN_TYPE_DIR, connection_get_by_type_addr_port_purpose(), DIR_PURPOSE_FETCH_SERVERDESC, directory_initiate_command(), bridge_info_t::identity, bridge_info_t::port, ROUTER_PURPOSE_BRIDGE, tor_dup_addr(), and tor_free.
Referenced by fetch_bridge_descriptors(), and retry_bridge_descriptor_fetch_directly().
| void learned_bridge_descriptor | ( | routerinfo_t * | ri, | |
| int | from_cache | |||
| ) |
We just learned a descriptor for a bridge. See if that digest is in our entry guard list, and add it if not.
References add_an_entry_guard(), any_bridge_descriptors_known(), download_status_reset(), bridge_info_t::fetch_status, get_options(), routerinfo_t::is_running, LD_DIR, routerinfo_t::nickname, routerinfo_t::purpose, ROUTER_PURPOSE_BRIDGE, routerinfo_get_configured_bridge(), routerlist_retry_directory_downloads(), and tor_assert.
Referenced by routerlist_descriptors_added().
| static void log_entry_guards | ( | int | severity | ) | [static] |
Dump a description of our list of entry guards to the log at level severity.
References entry_is_live(), LD_CIRC, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_asprintf(), and tor_free.
Referenced by add_an_entry_guard(), entry_guards_compute_status(), remove_dead_entry_guards(), and remove_obsolete_entry_guards().
| static int new_route_len | ( | uint8_t | purpose, | |
| extend_info_t * | exit, | |||
| smartlist_t * | routers | |||
| ) | [static] |
Choose a length for a circuit of purpose purpose. Default length is 3 + the number of endpoints that would give something away. If the routerlist routers doesn't have enough routers to handle the desired path length, return as large a path length as is feasible, except if it's less than 2, in which case return -1.
References CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_TESTING, count_acceptable_routers(), LD_CIRC, and tor_assert.
Referenced by onion_pick_cpath_exit().
| static int num_live_entry_guards | ( | void | ) | [static] |
Return the number of entry guards that we think are usable.
References entry_is_live().
Referenced by entry_guards_compute_status(), and pick_entry_guards().
| static int onion_append_hop | ( | crypt_path_t ** | head_ptr, | |
| extend_info_t * | choice | |||
| ) | [static] |
Create a new hop, annotate it with information about its corresponding router choice, and append it to the end of the cpath head_ptr.
References circuit_initial_package_window(), CIRCWINDOW_START, crypt_path_t::deliver_window, crypt_path_t::extend_info, extend_info_dup(), crypt_path_t::magic, onion_append_to_cpath(), crypt_path_t::package_window, and crypt_path_t::state.
Referenced by circuit_append_new_exit(), and onion_extend_cpath().
| void onion_append_to_cpath | ( | crypt_path_t ** | head_ptr, | |
| crypt_path_t * | new_hop | |||
| ) |
Add new_hop to the end of the doubly-linked-list head_ptr. This function is used to extend cpath by another hop.
References crypt_path_t::next, and crypt_path_t::prev.
Referenced by onion_append_hop(), rend_client_receive_rendezvous(), and rend_service_rendezvous_has_opened().
| static int onion_extend_cpath | ( | origin_circuit_t * | circ | ) | [static] |
Choose a suitable next hop in the cpath head_ptr, based on state. Append the hop info to head_ptr.
References origin_circuit_t::_base, origin_circuit_t::build_state, build_state_get_exit_nickname(), choose_good_entry_server(), choose_good_middle_server(), cpath_build_state_t::chosen_exit, circuit_get_cpath_len(), origin_circuit_t::cpath, cpath_build_state_t::desired_path_len, extend_info_dup(), extend_info_free(), extend_info_from_router(), LD_CIRC, extend_info_t::nickname, onion_append_hop(), and circuit_t::purpose.
Referenced by onion_populate_cpath().
| static crypt_path_t * onion_next_hop_in_cpath | ( | crypt_path_t * | cpath | ) | [static] |
Return the first non-open hop in cpath, or return NULL if all hops are open.
References crypt_path_t::next, and crypt_path_t::state.
Referenced by circuit_finish_handshake(), circuit_handle_first_hop(), and circuit_send_next_onion_skin().
| static int onion_pick_cpath_exit | ( | origin_circuit_t * | circ, | |
| extend_info_t * | exit | |||
| ) | [static] |
Decide a suitable length for circ's cpath, and pick an exit router (or use exit if provided). Store these in the cpath. Return 0 if ok, -1 if circuit should be closed.
References origin_circuit_t::_base, origin_circuit_t::build_state, choose_good_exit_server(), cpath_build_state_t::chosen_exit, cpath_build_state_t::desired_path_len, extend_info_dup(), extend_info_from_router(), cpath_build_state_t::is_internal, LD_CIRC, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, new_route_len(), extend_info_t::nickname, cpath_build_state_t::onehop_tunnel, circuit_t::purpose, router_get_routerlist(), routerlist_t::routers, and warn_if_last_router_excluded().
Referenced by circuit_establish_circuit().
| static int onion_populate_cpath | ( | origin_circuit_t * | circ | ) | [static] |
Pick all the entries in our cpath. Stop and return 0 when we're happy, or return -1 if an error occurs.
References LD_CIRC, and onion_extend_cpath().
Referenced by circuit_establish_circuit().
| int onionskin_answer | ( | or_circuit_t * | circ, | |
| uint8_t | cell_type, | |||
| const char * | payload, | |||
| const char * | keys | |||
| ) |
Given a response payload and keys, initialize, then send a created cell back.
References or_connection_t::_base, connection_t::addr, append_cell_to_circuit_queue(), crypt_path_t::b_crypto, crypt_path_t::b_digest, CELL_DIRECTION_IN, cell_t::circ_id, circuit_init_cpath_crypto(), circuit_set_state(), CIRCUIT_STATE_OPEN, cell_t::command, connection_or_nonopen_was_started_here(), DIGEST_LEN, crypt_path_t::f_crypto, crypt_path_t::f_digest, or_circuit_t::handshake_digest, or_circuit_t::is_first_hop, is_local_addr(), LD_BUG, LD_CIRC, crypt_path_t::magic, or_circuit_t::n_crypto, or_circuit_t::n_digest, or_circuit_t::p_circ_id, or_circuit_t::p_conn, or_circuit_t::p_crypto, or_circuit_t::p_digest, cell_t::payload, router_orport_found_reachable(), TO_CIRCUIT, and tor_free.
Referenced by command_process_create_cell(), and connection_cpu_process_inbuf().
| origin_circuit_t* origin_circuit_init | ( | uint8_t | purpose, | |
| int | flags | |||
| ) |
Create and return a new origin circuit. Initialize its purpose and build-state based on our arguments. The flags argument is a bitfield of CIRCLAUNCH_* flags.
References origin_circuit_t::_base, origin_circuit_t::build_state, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, CIRCLAUNCH_NEED_UPTIME, CIRCLAUNCH_ONEHOP_TUNNEL, circuit_set_state(), CIRCUIT_STATE_OR_WAIT, cpath_build_state_t::is_internal, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, cpath_build_state_t::onehop_tunnel, origin_circuit_new(), circuit_t::purpose, and TO_CIRCUIT.
Referenced by circuit_establish_circuit(), and handle_control_extendcircuit().
| static void pick_entry_guards | ( | void | ) | [static] |
If the use of entry guards is configured, choose more entry guards until we have enough in the list.
References add_an_entry_guard(), entry_guards_changed(), get_options(), num_live_entry_guards(), or_options_t::NumEntryGuards, and tor_assert.
Referenced by choose_random_entry().
| static int remove_dead_entry_guards | ( | void | ) | [static] |
Remove all entry guards that have been down or unlisted for so long that we don't think they'll come up again. Return 1 if we removed any, or 0 if we did nothing.
References entry_guard_t::bad_since, base16_encode(), control_event_guard(), DIGEST_LEN, entry_guard_free(), ENTRY_GUARD_REMOVE_AFTER, format_local_iso_time(), HEX_DIGEST_LEN, entry_guard_t::identity, LD_CIRC, log_entry_guards(), entry_guard_t::nickname, and smartlist_del_keeporder().
Referenced by entry_guards_compute_status().
| static int remove_obsolete_entry_guards | ( | void | ) | [static] |
Remove any entry guard which was selected by an unknown version of Tor, or which was selected by a version of Tor that's known to select entry guards badly.
References base16_encode(), entry_guard_t::chosen_by_version, entry_guard_t::chosen_on_date, control_event_guard(), DIGEST_LEN, entry_guard_free(), escaped(), HEX_DIGEST_LEN, entry_guard_t::identity, LD_CIRC, log_entry_guards(), entry_guard_t::nickname, smartlist_del_keeporder(), tor_assert, tor_free, tor_snprintf(), tor_version_as_new_as(), and tor_version_parse().
Referenced by entry_guards_parse_state().
| void retry_bridge_descriptor_fetch_directly | ( | const char * | digest | ) |
Fetching the bridge descriptor from the bridge authority returned a "not found". Fall back to trying a direct fetch.
References find_bridge_by_digest(), and launch_direct_bridge_descriptor_fetch().
Referenced by dir_routerdesc_download_failed().
| static int router_handles_some_port | ( | routerinfo_t * | router, | |
| smartlist_t * | needed_ports | |||
| ) | [static] |
Return 1 if router can handle one or more of the ports in needed_ports, else return 0.
References ADDR_POLICY_PROBABLY_REJECTED, ADDR_POLICY_REJECTED, compare_addr_to_addr_policy(), routerinfo_t::exit_policy, and tor_assert.
Referenced by choose_good_exit_server_general().
| static bridge_info_t* routerinfo_get_configured_bridge | ( | routerinfo_t * | ri | ) | [static] |
Return a bridge pointer if ri is one of our known bridges (either by comparing keys if possible, else by comparing addr/port). Else return NULL.
References routerinfo_t::addr, routerinfo_t::cache_info, DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::or_port, tor_addr_eq_ipv4h(), and tor_digest_is_zero().
Referenced by learned_bridge_descriptor(), and routerinfo_is_a_configured_bridge().
| int routerinfo_is_a_configured_bridge | ( | routerinfo_t * | ri | ) |
Return 1 if ri is one of our known bridges, else 0.
References routerinfo_get_configured_bridge().
Referenced by router_add_to_routerlist().
| static INLINE int should_use_create_fast_for_circuit | ( | origin_circuit_t * | circ | ) | [static] |
Return true iff we should send a create_fast cell to start building a given circuit
References origin_circuit_t::cpath, crypt_path_t::extend_info, or_options_t::FastFirstHopPK, get_options(), extend_info_t::onion_key, server_mode(), and tor_assert.
Referenced by circuit_send_next_onion_skin().
| static void warn_if_last_router_excluded | ( | origin_circuit_t * | circ, | |
| const extend_info_t * | exit | |||
| ) | [static] |
Log a warning if the user specified an exit for the circuit that has been excluded from use by ExcludeNodes or ExcludeExitNodes.
References origin_circuit_t::_base, or_options_t::_ExcludeExitNodesUnion, origin_circuit_t::build_state, circuit_log_path(), CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, CIRCUIT_PURPOSE_C_INTRODUCE_ACKED, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_JOINED, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, CIRCUIT_PURPOSE_CONTROLLER, CIRCUIT_PURPOSE_INTRO_POINT, CIRCUIT_PURPOSE_OR, CIRCUIT_PURPOSE_REND_ESTABLISHED, CIRCUIT_PURPOSE_REND_POINT_WAITING, CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_REND_JOINED, CIRCUIT_PURPOSE_TESTING, or_options_t::ExcludeNodes, get_options(), cpath_build_state_t::is_internal, LD_BUG, LD_CIRC, extend_info_t::nickname, cpath_build_state_t::onehop_tunnel, circuit_t::purpose, and routerset_contains_extendinfo().
Referenced by circuit_extend_to_new_exit(), and onion_pick_cpath_exit().
smartlist_t* bridge_list = NULL [static] |
A list of configured bridges. Whenever we actually get a descriptor for one, we add it as an entry guard.
Referenced by entry_guards_free_all().
Global list of circuit build times
Referenced by circuit_expire_building(), circuit_expire_old_circuits_clientside(), circuit_predict_and_launch_new(), connection_or_process_cells_from_inbuf(), connection_or_set_state_open(), connection_tls_finish_handshake(), networkstatus_set_current_consensus(), or_state_save(), or_state_set(), and origin_circuit_new().
smartlist_t* entry_guards = NULL [static] |
A list of our chosen entry guards.
int entry_guards_dirty = 0 [static] |
A value of 1 means that the entry_guards list has changed and those changes need to be flushed to disk.
Referenced by entry_guards_changed(), entry_guards_parse_state(), and entry_guards_update_state().
A global list of all circuits at this hop.
int should_add_entry_nodes = 0 [static] |
When we try to choose an entry guard, should we parse and add config's EntryNodes first?
int unit_tests = 0 [static] |
If set, we're running the unit tests: we should avoid clobbering our state file or accessing get_options() or get_or_state()
Referenced by circuit_build_times_add_time(), circuit_build_times_get_initial_timeout(), circuit_build_times_update_state(), and circuitbuild_running_unit_tests().
1.5.6