or.h File Reference

Master header file for Tor-specific functionality. More...

#include "orconfig.h"
#include <unistd.h>
#include <signal.h>
#include <netdb.h>
#include <sys/param.h>
#include "torint.h"
#include <sys/wait.h>
#include <sys/fcntl.h>
#include <fcntl.h>
#include <sys/ioctl.h>
#include <sys/un.h>
#include <sys/stat.h>
#include <arpa/inet.h>
#include <errno.h>
#include <assert.h>
#include <time.h>
#include "crypto.h"
#include "tortls.h"
#include "../common/log.h"
#include "compat.h"
#include "container.h"
#include "util.h"
#include "torgzip.h"
#include "address.h"
#include "compat_libevent.h"
#include "ht.h"

Go to the source code of this file.

Data Structures
struct	rend_service_authorization_t
struct	rend_data_t
struct	cell_t
struct	var_cell_t
struct	packed_cell_t
struct	insertion_time_elem_t
struct	insertion_time_queue_t
struct	cell_queue_t
struct	relay_header_t
struct	connection_t
struct	or_handshake_state_t
struct	or_connection_t
struct	edge_connection_t
struct	dir_connection_t
struct	control_connection_t
struct	addr_policy_t
struct	cached_dir_t
struct	download_status_t
struct	signed_descriptor_t
struct	routerinfo_t
struct	extrainfo_t
struct	routerstatus_t
struct	microdesc_t
struct	networkstatus_v2_t
struct	vote_microdesc_hash_t
struct	vote_routerstatus_t
struct	document_signature_t
struct	networkstatus_voter_info_t
struct	networkstatus_t
struct	ns_detached_signatures_t
struct	desc_store_t
struct	routerlist_t
struct	extend_info_t
struct	authority_cert_t
struct	crypt_path_t
struct	cpath_build_state_t
struct	cell_ewma_t
struct	circuit_t
struct	origin_circuit_t
struct	or_circuit_t
struct	config_line_t
struct	or_options_t
struct	or_state_t
struct	socks_request_t
struct	network_liveness_t
struct	circuit_build_times_t
struct	fp_pair_t
struct	vote_timing_t
struct	rend_authorized_client_t
struct	rend_encoded_v2_service_descriptor_t
struct	rend_intro_point_t
struct	rend_service_descriptor_t
struct	rend_cache_entry_t
struct	trusted_dir_server_t
struct	tor_version_t
Defines
#define	SIGHUP   1
#define	SIGINT   2
#define	SIGUSR1   10
#define	SIGUSR2   12
#define	SIGTERM   15
#define	SIGNEWNYM   129
#define	SIGCLEARDNSCACHE   130
#define	MAX_NICKNAME_LEN   19
#define	MAX_HEX_NICKNAME_LEN   (HEX_DIGEST_LEN+1)
#define	MAX_VERBOSE_NICKNAME_LEN   (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)
#define	MAX_BUF_SIZE   ((1<<24)-1)
#define	MAX_DIR_DL_SIZE   MAX_BUF_SIZE
#define	MAX_HEADERS_SIZE   50000
#define	MAX_DIR_UL_SIZE   MAX_BUF_SIZE
#define	MAX_DESCRIPTOR_UPLOAD_SIZE   20000
#define	MAX_EXTRAINFO_UPLOAD_SIZE   50000
#define	MAX_DNS_ENTRY_AGE   (30*60)
#define	DEFAULT_DNS_TTL   (30*60)
#define	MAX_DNS_TTL   (3*60*60)
#define	MIN_DNS_TTL   (60)
#define	MIN_ONION_KEY_LIFETIME   (7*24*60*60)
#define	MAX_SSL_KEY_LIFETIME   (2*60*60)
#define	ROUTER_MAX_AGE   (60*60*48)
#define	ROUTER_MAX_AGE_TO_PUBLISH   (60*60*20)
#define	OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)
#define	_CONN_TYPE_MIN   3
#define	CONN_TYPE_OR_LISTENER   3
#define	CONN_TYPE_OR   4
#define	CONN_TYPE_EXIT   5
#define	CONN_TYPE_AP_LISTENER   6
#define	CONN_TYPE_AP   7
#define	CONN_TYPE_DIR_LISTENER   8
#define	CONN_TYPE_DIR   9
#define	CONN_TYPE_CPUWORKER   10
#define	CONN_TYPE_CONTROL_LISTENER   11
#define	CONN_TYPE_CONTROL   12
#define	CONN_TYPE_AP_TRANS_LISTENER   13
#define	CONN_TYPE_AP_NATD_LISTENER   14
#define	CONN_TYPE_AP_DNS_LISTENER   15
#define	_CONN_TYPE_MAX   15
#define	PROXY_NONE   0
#define	PROXY_CONNECT   1
#define	PROXY_SOCKS4   2
#define	PROXY_SOCKS5   3
#define	PROXY_HTTPS_WANT_CONNECT_OK   1
#define	PROXY_SOCKS4_WANT_CONNECT_OK   2
#define	PROXY_SOCKS5_WANT_AUTH_METHOD_NONE   3
#define	PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929   4
#define	PROXY_SOCKS5_WANT_AUTH_RFC1929_OK   5
#define	PROXY_SOCKS5_WANT_CONNECT_OK   6
#define	PROXY_CONNECTED   7
#define	CONN_IS_EDGE(x)   ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
#define	LISTENER_STATE_READY   0
#define	_CPUWORKER_STATE_MIN   1
#define	CPUWORKER_STATE_IDLE   1
#define	CPUWORKER_STATE_BUSY_ONION   2
#define	_CPUWORKER_STATE_MAX   2
#define	CPUWORKER_TASK_ONION   CPUWORKER_STATE_BUSY_ONION
#define	_OR_CONN_STATE_MIN   1
#define	OR_CONN_STATE_CONNECTING   1
#define	OR_CONN_STATE_PROXY_HANDSHAKING   2
#define	OR_CONN_STATE_TLS_HANDSHAKING   3
#define	OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING   4
#define	OR_CONN_STATE_TLS_SERVER_RENEGOTIATING   5
#define	OR_CONN_STATE_OR_HANDSHAKING   6
#define	OR_CONN_STATE_OPEN   7
#define	_OR_CONN_STATE_MAX   7
#define	_EXIT_CONN_STATE_MIN   1
#define	EXIT_CONN_STATE_RESOLVING   1
#define	EXIT_CONN_STATE_CONNECTING   2
#define	EXIT_CONN_STATE_OPEN   3
#define	EXIT_CONN_STATE_RESOLVEFAILED   4
#define	_EXIT_CONN_STATE_MAX   4
#define	_AP_CONN_STATE_MIN   5
#define	AP_CONN_STATE_SOCKS_WAIT   5
#define	AP_CONN_STATE_RENDDESC_WAIT   6
#define	AP_CONN_STATE_CONTROLLER_WAIT   7
#define	AP_CONN_STATE_CIRCUIT_WAIT   8
#define	AP_CONN_STATE_CONNECT_WAIT   9
#define	AP_CONN_STATE_RESOLVE_WAIT   10
#define	AP_CONN_STATE_OPEN   11
#define	AP_CONN_STATE_NATD_WAIT   12
#define	_AP_CONN_STATE_MAX   12
#define	AP_CONN_STATE_IS_UNATTACHED(s)   ((s) <= AP_CONN_STATE_CIRCUIT_WAIT || (s) == AP_CONN_STATE_NATD_WAIT)
#define	_DIR_CONN_STATE_MIN   1
#define	DIR_CONN_STATE_CONNECTING   1
#define	DIR_CONN_STATE_CLIENT_SENDING   2
#define	DIR_CONN_STATE_CLIENT_READING   3
#define	DIR_CONN_STATE_CLIENT_FINISHED   4
#define	DIR_CONN_STATE_SERVER_COMMAND_WAIT   5
#define	DIR_CONN_STATE_SERVER_WRITING   6
#define	_DIR_CONN_STATE_MAX   6
#define	DIR_CONN_IS_SERVER(conn)   ((conn)->purpose == DIR_PURPOSE_SERVER)
#define	_CONTROL_CONN_STATE_MIN   1
#define	CONTROL_CONN_STATE_OPEN   1
#define	CONTROL_CONN_STATE_NEEDAUTH   2
#define	_CONTROL_CONN_STATE_MAX   2
#define	_DIR_PURPOSE_MIN   3
#define	DIR_PURPOSE_FETCH_RENDDESC   3
#define	DIR_PURPOSE_HAS_FETCHED_RENDDESC   4
#define	DIR_PURPOSE_FETCH_V2_NETWORKSTATUS   5
#define	DIR_PURPOSE_FETCH_SERVERDESC   6
#define	DIR_PURPOSE_FETCH_EXTRAINFO   7
#define	DIR_PURPOSE_UPLOAD_DIR   8
#define	DIR_PURPOSE_UPLOAD_RENDDESC   9
#define	DIR_PURPOSE_UPLOAD_VOTE   10
#define	DIR_PURPOSE_UPLOAD_SIGNATURES   11
#define	DIR_PURPOSE_FETCH_STATUS_VOTE   12
#define	DIR_PURPOSE_FETCH_DETACHED_SIGNATURES   13
#define	DIR_PURPOSE_FETCH_CONSENSUS   14
#define	DIR_PURPOSE_FETCH_CERTIFICATE   15
#define	DIR_PURPOSE_SERVER   16
#define	DIR_PURPOSE_UPLOAD_RENDDESC_V2   17
#define	DIR_PURPOSE_FETCH_RENDDESC_V2   18
#define	_DIR_PURPOSE_MAX   18
#define	DIR_PURPOSE_IS_UPLOAD(p)
#define	_EXIT_PURPOSE_MIN   1
#define	EXIT_PURPOSE_CONNECT   1
#define	EXIT_PURPOSE_RESOLVE   2
#define	_EXIT_PURPOSE_MAX   2
#define	CIRCUIT_STATE_BUILDING   0
#define	CIRCUIT_STATE_ONIONSKIN_PENDING   1
#define	CIRCUIT_STATE_OR_WAIT   2
#define	CIRCUIT_STATE_OPEN   3
#define	_CIRCUIT_PURPOSE_MIN   1
#define	_CIRCUIT_PURPOSE_OR_MIN   1
#define	CIRCUIT_PURPOSE_OR   1
#define	CIRCUIT_PURPOSE_INTRO_POINT   2
#define	CIRCUIT_PURPOSE_REND_POINT_WAITING   3
#define	CIRCUIT_PURPOSE_REND_ESTABLISHED   4
#define	_CIRCUIT_PURPOSE_OR_MAX   4
#define	CIRCUIT_PURPOSE_C_GENERAL   5
#define	CIRCUIT_PURPOSE_C_INTRODUCING   6
#define	CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT   7
#define	CIRCUIT_PURPOSE_C_INTRODUCE_ACKED   8
#define	CIRCUIT_PURPOSE_C_ESTABLISH_REND   9
#define	CIRCUIT_PURPOSE_C_REND_READY   10
#define	CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED   11
#define	CIRCUIT_PURPOSE_C_REND_JOINED   12
#define	_CIRCUIT_PURPOSE_C_MAX   12
#define	CIRCUIT_PURPOSE_S_ESTABLISH_INTRO   13
#define	CIRCUIT_PURPOSE_S_INTRO   14
#define	CIRCUIT_PURPOSE_S_CONNECT_REND   15
#define	CIRCUIT_PURPOSE_S_REND_JOINED   16
#define	CIRCUIT_PURPOSE_TESTING   17
#define	CIRCUIT_PURPOSE_CONTROLLER   18
#define	_CIRCUIT_PURPOSE_MAX   18
#define	CIRCUIT_PURPOSE_UNKNOWN   255
#define	CIRCUIT_PURPOSE_IS_ORIGIN(p)   ((p)>_CIRCUIT_PURPOSE_OR_MAX)
#define	CIRCUIT_PURPOSE_IS_CLIENT(p)
#define	CIRCUIT_IS_ORIGIN(c)   (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))
#define	CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(p)
#define	MIN_CIRCUITS_HANDLING_STREAM   2
#define	RELAY_COMMAND_BEGIN   1
#define	RELAY_COMMAND_DATA   2
#define	RELAY_COMMAND_END   3
#define	RELAY_COMMAND_CONNECTED   4
#define	RELAY_COMMAND_SENDME   5
#define	RELAY_COMMAND_EXTEND   6
#define	RELAY_COMMAND_EXTENDED   7
#define	RELAY_COMMAND_TRUNCATE   8
#define	RELAY_COMMAND_TRUNCATED   9
#define	RELAY_COMMAND_DROP   10
#define	RELAY_COMMAND_RESOLVE   11
#define	RELAY_COMMAND_RESOLVED   12
#define	RELAY_COMMAND_BEGIN_DIR   13
#define	RELAY_COMMAND_ESTABLISH_INTRO   32
#define	RELAY_COMMAND_ESTABLISH_RENDEZVOUS   33
#define	RELAY_COMMAND_INTRODUCE1   34
#define	RELAY_COMMAND_INTRODUCE2   35
#define	RELAY_COMMAND_RENDEZVOUS1   36
#define	RELAY_COMMAND_RENDEZVOUS2   37
#define	RELAY_COMMAND_INTRO_ESTABLISHED   38
#define	RELAY_COMMAND_RENDEZVOUS_ESTABLISHED   39
#define	RELAY_COMMAND_INTRODUCE_ACK   40
#define	END_OR_CONN_REASON_DONE   1
#define	END_OR_CONN_REASON_REFUSED   2
#define	END_OR_CONN_REASON_OR_IDENTITY   3
#define	END_OR_CONN_REASON_CONNRESET   4
#define	END_OR_CONN_REASON_TIMEOUT   5
#define	END_OR_CONN_REASON_NO_ROUTE   6
#define	END_OR_CONN_REASON_IO_ERROR   7
#define	END_OR_CONN_REASON_RESOURCE_LIMIT   8
#define	END_OR_CONN_REASON_MISC   9
#define	END_STREAM_REASON_MISC   1
#define	END_STREAM_REASON_RESOLVEFAILED   2
#define	END_STREAM_REASON_CONNECTREFUSED   3
#define	END_STREAM_REASON_EXITPOLICY   4
#define	END_STREAM_REASON_DESTROY   5
#define	END_STREAM_REASON_DONE   6
#define	END_STREAM_REASON_TIMEOUT   7
#define	END_STREAM_REASON_HIBERNATING   9
#define	END_STREAM_REASON_INTERNAL   10
#define	END_STREAM_REASON_RESOURCELIMIT   11
#define	END_STREAM_REASON_CONNRESET   12
#define	END_STREAM_REASON_TORPROTOCOL   13
#define	END_STREAM_REASON_NOTDIRECTORY   14
#define	END_STREAM_REASON_ENTRYPOLICY   15
#define	END_STREAM_REASON_CANT_ATTACH   257
#define	END_STREAM_REASON_NET_UNREACHABLE   258
#define	END_STREAM_REASON_SOCKSPROTOCOL   259
#define	END_STREAM_REASON_CANT_FETCH_ORIG_DEST   260
#define	END_STREAM_REASON_INVALID_NATD_DEST   261
#define	END_STREAM_REASON_MASK   511
#define	END_STREAM_REASON_FLAG_REMOTE   512
#define	END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED   1024
#define	END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED   2048
#define	REMAP_STREAM_SOURCE_CACHE   1
#define	REMAP_STREAM_SOURCE_EXIT   2
#define	RESOLVED_TYPE_HOSTNAME   0
#define	RESOLVED_TYPE_IPV4   4
#define	RESOLVED_TYPE_IPV6   6
#define	RESOLVED_TYPE_ERROR_TRANSIENT   0xF0
#define	RESOLVED_TYPE_ERROR   0xF1
#define	END_CIRC_REASON_NOPATH   -2
#define	END_CIRC_AT_ORIGIN   -1
#define	_END_CIRC_REASON_MIN   0
#define	END_CIRC_REASON_NONE   0
#define	END_CIRC_REASON_TORPROTOCOL   1
#define	END_CIRC_REASON_INTERNAL   2
#define	END_CIRC_REASON_REQUESTED   3
#define	END_CIRC_REASON_HIBERNATING   4
#define	END_CIRC_REASON_RESOURCELIMIT   5
#define	END_CIRC_REASON_CONNECTFAILED   6
#define	END_CIRC_REASON_OR_IDENTITY   7
#define	END_CIRC_REASON_OR_CONN_CLOSED   8
#define	END_CIRC_REASON_FINISHED   9
#define	END_CIRC_REASON_TIMEOUT   10
#define	END_CIRC_REASON_DESTROYED   11
#define	END_CIRC_REASON_NOSUCHSERVICE   12
#define	_END_CIRC_REASON_MAX   12
#define	END_CIRC_REASON_FLAG_REMOTE   512
#define	REND_SERVICE_ID_LEN_BASE32   16
#define	REND_SERVICE_ADDRESS_LEN   (16+1+5)
#define	REND_SERVICE_ID_LEN   10
#define	REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)
#define	REND_TIME_PERIOD_OVERLAPPING_V2_DESCS   (60*60)
#define	REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS   2
#define	REND_NUMBER_OF_CONSECUTIVE_REPLICAS   3
#define	REND_DESC_ID_V2_LEN_BASE32   32
#define	REND_SECRET_ID_PART_LEN_BASE32   32
#define	REND_INTRO_POINT_ID_LEN_BASE32   32
#define	REND_DESC_COOKIE_LEN   16
#define	REND_DESC_COOKIE_LEN_BASE64   22
#define	REND_BASIC_AUTH_CLIENT_ID_LEN   4
#define	REND_BASIC_AUTH_CLIENT_MULTIPLE   16
#define	REND_BASIC_AUTH_CLIENT_ENTRY_LEN
#define	REND_DESC_MAX_SIZE   (20 * 1024)
#define	REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"
#define	REND_CLIENTNAME_MAX_LEN   16
#define	REND_COOKIE_LEN   DIGEST_LEN
#define	REND_REPLAY_TIME_INTERVAL   (60 * 60)
#define	CIRCWINDOW_START   1000
#define	CIRCWINDOW_INCREMENT   100
#define	STREAMWINDOW_START   500
#define	STREAMWINDOW_INCREMENT   50
#define	CELL_PADDING   0
#define	CELL_CREATE   1
#define	CELL_CREATED   2
#define	CELL_RELAY   3
#define	CELL_DESTROY   4
#define	CELL_CREATE_FAST   5
#define	CELL_CREATED_FAST   6
#define	CELL_VERSIONS   7
#define	CELL_NETINFO   8
#define	CELL_RELAY_EARLY   9
#define	CELL_COMMAND_IS_VAR_LENGTH(x)   ((x) == CELL_VERSIONS)
#define	TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT   (20*60)
#define	LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
#define	DEFAULT_CLIENT_NICKNAME   "client"
#define	SOCKS4_NETWORK_LEN   8
#define	CELL_PAYLOAD_SIZE   509
#define	CELL_NETWORK_SIZE   512
#define	VAR_CELL_HEADER_SIZE   5
#define	RELAY_HEADER_SIZE   (1+2+2+4+2)
#define	RELAY_PAYLOAD_SIZE   (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
#define	BASE_CONNECTION_MAGIC   0x7C3C304Eu
#define	OR_CONNECTION_MAGIC   0x7D31FF03u
#define	EDGE_CONNECTION_MAGIC   0xF0374013u
#define	DIR_CONNECTION_MAGIC   0x9988ffeeu
#define	CONTROL_CONNECTION_MAGIC   0x8abc765du
#define	TO_CONN(c)   (&(((c)->_base)))
#define	DOWNCAST(to, ptr)   ((to*)SUBTYPE_P(ptr, to, _base))
#define	IMPOSSIBLE_TO_DOWNLOAD   255
#define	ROUTER_ANNOTATION_BUF_LEN   256
#define	ROUTER_PURPOSE_GENERAL   0
#define	ROUTER_PURPOSE_CONTROLLER   1
#define	ROUTER_PURPOSE_BRIDGE   2
#define	ROUTER_PURPOSE_UNKNOWN   255
#define	MAX_ROUTERDESC_DOWNLOAD_FAILURES   8
#define	USABLE_CONSENSUS_FLAVOR   FLAV_NS
#define	N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)
#define	CRYPT_PATH_MAGIC   0x70127012u
#define	CPATH_STATE_CLOSED   0
#define	CPATH_STATE_AWAITING_KEYS   1
#define	CPATH_STATE_OPEN   2
#define	CPATH_KEY_MATERIAL_LEN   (20*2+16*2)
#define	DH_KEY_LEN   DH_BYTES
#define	ONIONSKIN_CHALLENGE_LEN
#define	ONIONSKIN_REPLY_LEN   (DH_KEY_LEN+DIGEST_LEN)
#define	ORIGIN_CIRCUIT_MAGIC   0x35315243u
#define	OR_CIRCUIT_MAGIC   0x98ABC04Fu
#define	MAX_RELAY_EARLY_CELLS_PER_CIRCUIT   8
#define	REND_TOKEN_LEN   REND_COOKIE_LEN
#define	TO_CIRCUIT(x)   (&((x)->_base))
#define	MIN_CONSTRAINED_TCP_BUFFER   2048
#define	MAX_CONSTRAINED_TCP_BUFFER   262144
#define	LOG_PROTOCOL_WARN
#define	MAX_SOCKS_REPLY_LEN   1024
#define	MAX_SOCKS_ADDR_LEN   256
#define	SOCKS_COMMAND_CONNECT   0x01
#define	SOCKS_COMMAND_RESOLVE   0xF0
#define	SOCKS_COMMAND_RESOLVE_PTR   0xF1
#define	SOCKS_COMMAND_IS_CONNECT(c)   ((c)==SOCKS_COMMAND_CONNECT)
#define	SOCKS_COMMAND_IS_RESOLVE(c)
#define	CBT_NCIRCUITS_TO_OBSERVE   1000
#define	CBT_MAX_SYNTHETIC_QUANTILE   0.985
#define	CBT_BIN_WIDTH   ((build_time_t)50)
#define	CBT_BUILD_TIME_MAX   ((build_time_t)(INT32_MAX))
#define	CBT_SAVE_STATE_EVERY   10
#define	CBT_NETWORK_NONLIVE_TIMEOUT_COUNT   (3)
#define	CBT_NETWORK_NONLIVE_DISCARD_COUNT   (CBT_NETWORK_NONLIVE_TIMEOUT_COUNT*2)
#define	CBT_DEFAULT_RECENT_CIRCUITS   20
#define	CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT   (CBT_DEFAULT_RECENT_CIRCUITS*9/10)
#define	CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE   100
#define	CBT_DEFAULT_QUANTILE_CUTOFF   80
#define	CBT_DEFAULT_TEST_FREQUENCY   60
#define	CBT_DEFAULT_TIMEOUT_MIN_VALUE   (2*1000)
#define	CBT_DEFAULT_TIMEOUT_INITIAL_VALUE   (60*1000)
#define	circuit_mark_for_close(c, reason)   _circuit_mark_for_close((c), (reason), __LINE__, _SHORT_FILE_)
#define	CIRCLAUNCH_ONEHOP_TUNNEL   (1<<0)
#define	CIRCLAUNCH_NEED_UPTIME   (1<<1)
#define	CIRCLAUNCH_NEED_CAPACITY   (1<<2)
#define	CIRCLAUNCH_IS_INTERNAL   (1<<3)
#define	get_datadir_fname2_suffix(sub1, sub2, suffix)   options_get_datadir_fname2_suffix(get_options(), (sub1), (sub2), (suffix))
#define	get_datadir_fname(sub1)   get_datadir_fname2_suffix((sub1), NULL, NULL)
#define	get_datadir_fname2(sub1, sub2)   get_datadir_fname2_suffix((sub1), (sub2), NULL)
#define	get_datadir_fname_suffix(sub1, suffix)   get_datadir_fname2_suffix((sub1), NULL, (suffix))
#define	connection_mark_for_close(c)   _connection_mark_for_close((c), __LINE__, _SHORT_FILE_)
#define	connection_speaks_cells(conn)   ((conn)->type == CONN_TYPE_OR)
#define	connection_mark_unattached_ap(conn, endreason)   _connection_mark_unattached_ap((conn), (endreason), __LINE__, _SHORT_FILE_)
#define	CONN_LOG_PROTECT(conn, stmt)
#define	LOG_FN_CONN(conn, args)   CONN_LOG_PROTECT(conn, log_fn args)
#define	EVENT_AUTHDIR_NEWDESCS   0x000D
#define	EVENT_NS   0x000F
#define	DSR_HEX   (1<<0)
#define	DSR_BASE64   (1<<1)
#define	DSR_DIGEST256   (1<<2)
#define	DSR_SORT_UNIQ   (1<<3)
#define	download_status_failed(dls, sc)
#define	MAX_EXITPOLICY_SUMMARY_LEN   (1000)
#define	MAX_V_LINE_LEN   128
#define	MAX_FLAG_LINE_LEN   96
#define	MAX_WEIGHT_LINE_LEN   (12+10+10+10+1)
#define	MAX_POLICY_LINE_LEN   (3+MAX_EXITPOLICY_SUMMARY_LEN)
#define	RS_ENTRY_LEN
#define	UNNAMED_ROUTER_NICKNAME   "Unnamed"
#define	directory_caches_v1_dir_info(o)   directory_caches_v2_dir_info(o)
#define	MIN_VOTE_SECONDS   20
#define	MIN_DIST_SECONDS   20
#define	MIN_VOTE_INTERVAL   300
#define	BW_WEIGHT_SCALE   10000
#define	DGV_BY_ID   1
#define	DGV_INCLUDE_PENDING   2
#define	DGV_INCLUDE_PREVIOUS   4
#define	DIR_RECORD_USAGE_GRANULARITY   8
#define	DIR_ENTRY_RECORD_USAGE_RETAIN_IPS   (24*60*60)
#define	DIR_RECORD_USAGE_MIN_OBSERVATION_TIME   (12*60*60)
#define	GEOIP_NS_RESPONSE_NUM   6
#define	MAX_NETWORKSTATUS_AGE   (10*24*60*60)
#define	NSSET_FROM_CACHE   1
#define	NSSET_WAS_WAITING_FOR_CERTS   2
#define	NSSET_DONT_DOWNLOAD_CERTS   4
#define	NSSET_ACCEPT_OBSOLETE   8
#define	NSSET_REQUIRE_FLAVOR   16
#define	nt_service_is_stopping()   (0)
#define	POLICY_BUF_LEN   52
#define	ROUTER_REQUIRED_MIN_BANDWIDTH   (20*1024)
#define	ROUTER_MAX_DECLARED_BANDWIDTH   INT32_MAX
#define	PDS_ALLOW_SELF   (1<<0)
#define	PDS_RETRY_IF_NO_SERVERS   (1<<1)
#define	PDS_IGNORE_FASCISTFIREWALL   (1<<2)
#define	PDS_NO_EXISTING_SERVERDESC_FETCH   (1<<3)
#define	_PDS_PREFER_TUNNELED_DIR_CONNS   (1<<16)
#define	router_digest_is_trusted_dir(d)   router_digest_is_trusted_dir_type((d), NO_AUTHORITY)
#define	MAX_STATUS_TAG_LEN   32
Typedefs
typedef uint16_t	circid_t
typedef uint16_t	streamid_t
typedef struct buf_t	buf_t
typedef struct socks_request_t	socks_request_t
typedef int16_t	country_t
typedef struct routerset_t	routerset_t
typedef uint32_t	build_time_t
typedef enum watchable_events	watchable_events_t
typedef struct microdesc_cache_t	microdesc_cache_t
Enumerations
enum	circ_id_type_t { CIRC_ID_TYPE_LOWER = 0, CIRC_ID_TYPE_HIGHER = 1, CIRC_ID_TYPE_NEITHER = 2 }
enum	rend_auth_type_t { REND_NO_AUTH = 0, REND_BASIC_AUTH = 1, REND_STEALTH_AUTH = 2 }
enum	cell_direction_t { CELL_DIRECTION_IN = 1, CELL_DIRECTION_OUT = 2 }
enum	addr_policy_action_t { ADDR_POLICY_ACCEPT = 1, ADDR_POLICY_REJECT = 2 }
enum	saved_location_t { SAVED_NOWHERE = 0, SAVED_IN_CACHE, SAVED_IN_JOURNAL }
enum	download_schedule_t { DL_SCHED_GENERIC = 0, DL_SCHED_CONSENSUS = 1, DL_SCHED_BRIDGE = 2 }
enum	networkstatus_type_t { NS_TYPE_VOTE, NS_TYPE_CONSENSUS, NS_TYPE_OPINION }
enum	consensus_flavor_t { FLAV_NS = 0, FLAV_MICRODESC = 1 }
enum	store_type_t { ROUTER_STORE = 0, EXTRAINFO_STORE = 1 }
enum	authority_type_t {   NO_AUTHORITY = 0, V1_AUTHORITY = 1 << 0, V2_AUTHORITY = 1 << 1, V3_AUTHORITY = 1 << 2,   HIDSERV_AUTHORITY = 1 << 3, BRIDGE_AUTHORITY = 1 << 4, EXTRAINFO_CACHE = 1 << 5 }
enum	invalid_router_usage_t {   ALLOW_INVALID_ENTRY = 1, ALLOW_INVALID_EXIT = 2, ALLOW_INVALID_MIDDLE = 4, ALLOW_INVALID_RENDEZVOUS = 8,   ALLOW_INVALID_INTRODUCTION = 16 }
enum	setopt_err_t {   SETOPT_OK = 0, SETOPT_ERR_MISC = -1, SETOPT_ERR_PARSE = -2, SETOPT_ERR_TRANSITION = -3,   SETOPT_ERR_SETTING = -4 }
enum	addressmap_entry_source_t { ADDRMAPSRC_CONTROLLER, ADDRMAPSRC_TORRC, ADDRMAPSRC_TRACKEXIT, ADDRMAPSRC_DNS }
enum	hostname_type_t { NORMAL_HOSTNAME, ONION_HOSTNAME, EXIT_HOSTNAME, BAD_HOSTNAME }
enum	circuit_status_event_t {   CIRC_EVENT_LAUNCHED = 0, CIRC_EVENT_BUILT = 1, CIRC_EVENT_EXTENDED = 2, CIRC_EVENT_FAILED = 3,   CIRC_EVENT_CLOSED = 4 }
enum	stream_status_event_t {   STREAM_EVENT_SENT_CONNECT = 0, STREAM_EVENT_SENT_RESOLVE = 1, STREAM_EVENT_SUCCEEDED = 2, STREAM_EVENT_FAILED = 3,   STREAM_EVENT_CLOSED = 4, STREAM_EVENT_NEW = 5, STREAM_EVENT_NEW_RESOLVE = 6, STREAM_EVENT_FAILED_RETRIABLE = 7,   STREAM_EVENT_REMAP = 8 }
enum	or_conn_status_event_t {   OR_CONN_EVENT_LAUNCHED = 0, OR_CONN_EVENT_CONNECTED = 1, OR_CONN_EVENT_FAILED = 2, OR_CONN_EVENT_CLOSED = 3,   OR_CONN_EVENT_NEW = 4 }
enum	buildtimeout_set_event_t {   BUILDTIMEOUT_SET_EVENT_COMPUTED = 0, BUILDTIMEOUT_SET_EVENT_RESET = 1, BUILDTIMEOUT_SET_EVENT_SUSPENDED = 2, BUILDTIMEOUT_SET_EVENT_DISCARD = 3,   BUILDTIMEOUT_SET_EVENT_RESUME = 4 }
enum	bootstrap_status_t {   BOOTSTRAP_STATUS_UNDEF = -1, BOOTSTRAP_STATUS_STARTING = 0, BOOTSTRAP_STATUS_CONN_DIR = 5, BOOTSTRAP_STATUS_HANDSHAKE = -2,   BOOTSTRAP_STATUS_HANDSHAKE_DIR = 10, BOOTSTRAP_STATUS_ONEHOP_CREATE = 15, BOOTSTRAP_STATUS_REQUESTING_STATUS = 20, BOOTSTRAP_STATUS_LOADING_STATUS = 25,   BOOTSTRAP_STATUS_LOADING_KEYS = 40, BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS = 45, BOOTSTRAP_STATUS_LOADING_DESCRIPTORS = 50, BOOTSTRAP_STATUS_CONN_OR = 80,   BOOTSTRAP_STATUS_HANDSHAKE_OR = 85, BOOTSTRAP_STATUS_CIRCUIT_CREATE = 90, BOOTSTRAP_STATUS_DONE = 100 }
enum	routerstatus_format_type_t {   NS_V2, NS_V3_CONSENSUS, NS_V3_VOTE, NS_CONTROL_PORT,   NS_V3_CONSENSUS_MICRODESC }
enum	geoip_client_action_t { GEOIP_CLIENT_CONNECT = 0, GEOIP_CLIENT_NETWORKSTATUS = 1, GEOIP_CLIENT_NETWORKSTATUS_V2 = 2 }
enum	geoip_ns_response_t {   GEOIP_SUCCESS = 0, GEOIP_REJECT_NOT_ENOUGH_SIGS = 1, GEOIP_REJECT_UNAVAILABLE = 2, GEOIP_REJECT_NOT_FOUND = 3,   GEOIP_REJECT_NOT_MODIFIED = 4, GEOIP_REJECT_BUSY = 5 }
enum	dirreq_type_t { DIRREQ_DIRECT = 0, DIRREQ_TUNNELED = 1 }
enum	dirreq_state_t {   DIRREQ_IS_FOR_NETWORK_STATUS = 0, DIRREQ_FLUSHING_DIR_CONN_FINISHED = 1, DIRREQ_END_CELL_SENT = 2, DIRREQ_CIRC_QUEUE_FLUSHED = 3,   DIRREQ_OR_CONN_BUFFER_FLUSHED = 4 }
enum	watchable_events { READ_EVENT = 0x02, WRITE_EVENT = 0x04 }
enum	v2_networkstatus_source_t { NS_FROM_CACHE, NS_FROM_DIR_BY_FP, NS_FROM_DIR_ALL, NS_GENERATED }
enum	version_status_t {   VS_RECOMMENDED = 0, VS_OLD = 1, VS_NEW = 2, VS_NEW_IN_SERIES = 3,   VS_UNRECOMMENDED = 4, VS_EMPTY = 5, VS_UNKNOWN }
enum	addr_policy_result_t { ADDR_POLICY_ACCEPTED = 0, ADDR_POLICY_REJECTED = -1, ADDR_POLICY_PROBABLY_ACCEPTED = 1, ADDR_POLICY_PROBABLY_REJECTED = 2 }
enum	pk_op_t {   SIGN_DIR, SIGN_RTR, VERIFY_DIR, VERIFY_RTR,   ENC_ONIONSKIN, DEC_ONIONSKIN, TLS_HANDSHAKE_C, TLS_HANDSHAKE_S,   REND_CLIENT, REND_MID, REND_SERVER }
enum	bandwidth_weight_rule_t {   NO_WEIGHTING, WEIGHT_FOR_EXIT, WEIGHT_FOR_MID, WEIGHT_FOR_GUARD,   WEIGHT_FOR_DIR }
enum	router_crn_flags_t {   CRN_NEED_UPTIME = 1<<0, CRN_NEED_CAPACITY = 1<<1, CRN_NEED_GUARD = 1<<2, CRN_ALLOW_INVALID = 1<<3,   CRN_WEIGHT_AS_EXIT = 1<<5 }
enum	was_router_added_t {   ROUTER_ADDED_SUCCESSFULLY = 1, ROUTER_ADDED_NOTIFY_GENERATOR = 0, ROUTER_BAD_EI = -1, ROUTER_WAS_NOT_NEW = -2,   ROUTER_NOT_IN_CONSENSUS = -3, ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS = -4, ROUTER_AUTHDIR_REJECTS = -5 }
Functions
static or_connection_t *	TO_OR_CONN (connection_t *)
static dir_connection_t *	TO_DIR_CONN (connection_t *)
static edge_connection_t *	TO_EDGE_CONN (connection_t *)
static control_connection_t *	TO_CONTROL_CONN (connection_t *)
static or_circuit_t *	TO_OR_CIRCUIT (circuit_t *)
static origin_circuit_t *	TO_ORIGIN_CIRCUIT (circuit_t *)
static INLINE void	or_state_mark_dirty (or_state_t *state, time_t when)
buf_t *	buf_new (void)
buf_t *	buf_new_with_capacity (size_t size)
void	buf_free (buf_t *buf)
void	buf_clear (buf_t *buf)
void	buf_shrink (buf_t *buf)
void	buf_shrink_freelists (int free_all)
void	buf_dump_freelist_sizes (int severity)
size_t	buf_datalen (const buf_t *buf)
size_t	buf_allocation (const buf_t *buf)
size_t	buf_slack (const buf_t *buf)
const char *	_buf_peek_raw_buffer (const buf_t *buf)
int	read_to_buf (int s, size_t at_most, buf_t *buf, int *reached_eof, int *socket_error)
int	read_to_buf_tls (tor_tls_t *tls, size_t at_most, buf_t *buf)
int	flush_buf (int s, buf_t *buf, size_t sz, size_t *buf_flushlen)
int	flush_buf_tls (tor_tls_t *tls, buf_t *buf, size_t sz, size_t *buf_flushlen)
int	write_to_buf (const char *string, size_t string_len, buf_t *buf)
int	write_to_buf_zlib (buf_t *buf, tor_zlib_state_t *state, const char *data, size_t data_len, int done)
int	move_buf_to_buf (buf_t *buf_out, buf_t *buf_in, size_t *buf_flushlen)
int	fetch_from_buf (char *string, size_t string_len, buf_t *buf)
int	fetch_var_cell_from_buf (buf_t *buf, var_cell_t **out, int linkproto)
int	fetch_from_buf_http (buf_t *buf, char **headers_out, size_t max_headerlen, char **body_out, size_t *body_used, size_t max_bodylen, int force_complete)
int	fetch_from_buf_socks (buf_t *buf, socks_request_t *req, int log_sockstype, int safe_socks)
int	fetch_from_buf_socks_client (buf_t *buf, int state, char **reason)
int	fetch_from_buf_line (buf_t *buf, char *data_out, size_t *data_len)
int	peek_buf_has_control0_command (buf_t *buf)
void	assert_buf_ok (buf_t *buf)
char *	circuit_list_path (origin_circuit_t *circ, int verbose)
char *	circuit_list_path_for_controller (origin_circuit_t *circ)
void	circuit_log_path (int severity, unsigned int domain, origin_circuit_t *circ)
void	circuit_rep_hist_note_result (origin_circuit_t *circ)
origin_circuit_t *	origin_circuit_init (uint8_t purpose, int flags)
origin_circuit_t *	circuit_establish_circuit (uint8_t purpose, extend_info_t *exit, int flags)
int	circuit_handle_first_hop (origin_circuit_t *circ)
void	circuit_n_conn_done (or_connection_t *or_conn, int status)
int	inform_testing_reachability (void)
int	circuit_send_next_onion_skin (origin_circuit_t *circ)
void	circuit_note_clock_jumped (int seconds_elapsed)
int	circuit_extend (cell_t *cell, circuit_t *circ)
int	circuit_init_cpath_crypto (crypt_path_t *cpath, const char *key_data, int reverse)
int	circuit_finish_handshake (origin_circuit_t *circ, uint8_t cell_type, const char *reply)
int	circuit_truncated (origin_circuit_t *circ, crypt_path_t *layer)
int	onionskin_answer (or_circuit_t *circ, uint8_t cell_type, const char *payload, const char *keys)
int	circuit_all_predicted_ports_handled (time_t now, int *need_uptime, int *need_capacity)
int	circuit_append_new_exit (origin_circuit_t *circ, extend_info_t *info)
int	circuit_extend_to_new_exit (origin_circuit_t *circ, extend_info_t *info)
void	onion_append_to_cpath (crypt_path_t **head_ptr, crypt_path_t *new_hop)
extend_info_t *	extend_info_alloc (const char *nickname, const char *digest, crypto_pk_env_t *onion_key, const tor_addr_t *addr, uint16_t port)
extend_info_t *	extend_info_from_router (routerinfo_t *r)
extend_info_t *	extend_info_dup (extend_info_t *info)
void	extend_info_free (extend_info_t *info)
routerinfo_t *	build_state_get_exit_router (cpath_build_state_t *state)
const char *	build_state_get_exit_nickname (cpath_build_state_t *state)
void	entry_guards_compute_status (void)
int	entry_guard_register_connect_status (const char *digest, int succeeded, int mark_relay_status, time_t now)
void	entry_nodes_should_be_added (void)
int	entry_list_is_constrained (or_options_t *options)
routerinfo_t *	choose_random_entry (cpath_build_state_t *state)
int	entry_guards_parse_state (or_state_t *state, int set, char **msg)
void	entry_guards_update_state (or_state_t *state)
int	getinfo_helper_entry_guards (control_connection_t *conn, const char *question, char **answer)
void	clear_bridge_list (void)
int	routerinfo_is_a_configured_bridge (routerinfo_t *ri)
void	bridge_add_from_config (const tor_addr_t *addr, uint16_t port, char *digest)
void	retry_bridge_descriptor_fetch_directly (const char *digest)
void	fetch_bridge_descriptors (time_t now)
void	learned_bridge_descriptor (routerinfo_t *ri, int from_cache)
int	any_bridge_descriptors_known (void)
int	any_pending_bridge_descriptor_fetches (void)
int	bridges_known_but_down (void)
void	bridges_retry_all (void)
void	entry_guards_free_all (void)
double	circuit_build_times_quantile_cutoff (void)
int32_t	circuit_build_times_initial_timeout (void)
void	circuit_build_times_update_state (circuit_build_times_t *cbt, or_state_t *state)
int	circuit_build_times_parse_state (circuit_build_times_t *cbt, or_state_t *state, char **msg)
int	circuit_build_times_add_timeout (circuit_build_times_t *cbt, int did_onehop, time_t start_time)
void	circuit_build_times_set_timeout (circuit_build_times_t *cbt)
int	circuit_build_times_add_time (circuit_build_times_t *cbt, build_time_t time)
int	circuit_build_times_needs_circuits (circuit_build_times_t *cbt)
int	circuit_build_times_needs_circuits_now (circuit_build_times_t *cbt)
void	circuit_build_times_init (circuit_build_times_t *cbt)
void	circuit_build_times_new_consensus_params (circuit_build_times_t *cbt, networkstatus_t *ns)
void	circuit_build_times_network_is_live (circuit_build_times_t *cbt)
int	circuit_build_times_network_check_live (circuit_build_times_t *cbt)
void	circuit_build_times_network_circ_success (circuit_build_times_t *cbt)
circuit_t *	_circuit_get_global_list (void)
const char *	circuit_state_to_string (int state)
const char *	circuit_purpose_to_controller_string (uint8_t purpose)
void	circuit_dump_by_conn (connection_t *conn, int severity)
void	circuit_set_p_circid_orconn (or_circuit_t *circ, circid_t id, or_connection_t *conn)
void	circuit_set_n_circid_orconn (circuit_t *circ, circid_t id, or_connection_t *conn)
void	circuit_set_state (circuit_t *circ, uint8_t state)
void	circuit_close_all_marked (void)
int32_t	circuit_initial_package_window (void)
origin_circuit_t *	origin_circuit_new (void)
or_circuit_t *	or_circuit_new (circid_t p_circ_id, or_connection_t *p_conn)
circuit_t *	circuit_get_by_circid_orconn (circid_t circ_id, or_connection_t *conn)
int	circuit_id_in_use_on_orconn (circid_t circ_id, or_connection_t *conn)
circuit_t *	circuit_get_by_edge_conn (edge_connection_t *conn)
void	circuit_unlink_all_from_or_conn (or_connection_t *conn, int reason)
origin_circuit_t *	circuit_get_by_global_id (uint32_t id)
origin_circuit_t *	circuit_get_by_rend_query_and_purpose (const char *rend_query, uint8_t purpose)
origin_circuit_t *	circuit_get_next_by_pk_and_purpose (origin_circuit_t *start, const char *digest, uint8_t purpose)
or_circuit_t *	circuit_get_rendezvous (const char *cookie)
or_circuit_t *	circuit_get_intro_point (const char *digest)
origin_circuit_t *	circuit_find_to_cannibalize (uint8_t purpose, extend_info_t *info, int flags)
void	circuit_mark_all_unused_circs (void)
void	circuit_expire_all_dirty_circs (void)
void	_circuit_mark_for_close (circuit_t *circ, int reason, int line, const char *file)
int	circuit_get_cpath_len (origin_circuit_t *circ)
crypt_path_t *	circuit_get_cpath_hop (origin_circuit_t *circ, int hopnum)
void	circuit_get_all_pending_on_or_conn (smartlist_t *out, or_connection_t *or_conn)
int	circuit_count_pending_on_or_conn (or_connection_t *or_conn)
void	assert_cpath_layer_ok (const crypt_path_t *cp)
void	assert_circuit_ok (const circuit_t *c)
void	circuit_free_all (void)
void	circuit_expire_building (time_t now)
void	circuit_remove_handled_ports (smartlist_t *needed_ports)
int	circuit_stream_is_being_handled (edge_connection_t *conn, uint16_t port, int min)
int	circuit_conforms_to_options (const origin_circuit_t *circ, const or_options_t *options)
void	circuit_build_needed_circs (time_t now)
void	circuit_detach_stream (circuit_t *circ, edge_connection_t *conn)
void	circuit_expire_old_circuits_serverside (time_t now)
void	reset_bandwidth_test (void)
int	circuit_enough_testing_circs (void)
void	circuit_has_opened (origin_circuit_t *circ)
void	circuit_build_failed (origin_circuit_t *circ)
origin_circuit_t *	circuit_launch_by_extend_info (uint8_t purpose, extend_info_t *info, int flags)
origin_circuit_t *	circuit_launch_by_router (uint8_t purpose, routerinfo_t *exit, int flags)
void	circuit_reset_failure_count (int timeout)
int	connection_ap_handshake_attach_chosen_circuit (edge_connection_t *conn, origin_circuit_t *circ, crypt_path_t *cpath)
int	connection_ap_handshake_attach_circuit (edge_connection_t *conn)
void	command_process_cell (cell_t *cell, or_connection_t *conn)
void	command_process_var_cell (var_cell_t *cell, or_connection_t *conn)
const char *	get_dirportfrontpage (void)
or_options_t *	get_options (void)
int	set_options (or_options_t *new_val, char **msg)
void	config_free_all (void)
const char *	safe_str_client (const char *address)
const char *	safe_str (const char *address)
const char *	escaped_safe_str_client (const char *address)
const char *	escaped_safe_str (const char *address)
const char *	get_version (void)
int	config_get_lines (const char *string, config_line_t **result)
void	config_free_lines (config_line_t *front)
setopt_err_t	options_trial_assign (config_line_t *list, int use_defaults, int clear_first, char **msg)
int	resolve_my_address (int warn_severity, or_options_t *options, uint32_t *addr, char **hostname_out)
int	is_local_addr (const tor_addr_t *addr) ATTR_PURE
void	options_init (or_options_t *options)
char *	options_dump (or_options_t *options, int minimal)
int	options_init_from_torrc (int argc, char **argv)
setopt_err_t	options_init_from_string (const char *cf, int command, const char *command_arg, char **msg)
int	option_is_recognized (const char *key)
const char *	option_get_canonical_name (const char *key)
config_line_t *	option_get_assignment (or_options_t *options, const char *key)
int	options_save_current (void)
const char *	get_torrc_fname (void)
char *	options_get_datadir_fname2_suffix (or_options_t *options, const char *sub1, const char *sub2, const char *suffix)
or_state_t *	get_or_state (void)
int	or_state_save (time_t now)
int	options_need_geoip_info (or_options_t *options, const char **reason_out)
int	getinfo_helper_config (control_connection_t *conn, const char *question, char **answer)
const char *	tor_get_digests (void)
uint32_t	get_effective_bwrate (or_options_t *options)
uint32_t	get_effective_bwburst (or_options_t *options)
const char *	conn_type_to_string (int type)
const char *	conn_state_to_string (int type, int state)
dir_connection_t *	dir_connection_new (int socket_family)
or_connection_t *	or_connection_new (int socket_family)
edge_connection_t *	edge_connection_new (int type, int socket_family)
control_connection_t *	control_connection_new (int socket_family)
connection_t *	connection_new (int type, int socket_family)
void	connection_link_connections (connection_t *conn_a, connection_t *conn_b)
void	connection_free (connection_t *conn)
void	connection_free_all (void)
void	connection_about_to_close_connection (connection_t *conn)
void	connection_close_immediate (connection_t *conn)
void	_connection_mark_for_close (connection_t *conn, int line, const char *file)
void	connection_expire_held_open (void)
int	connection_connect (connection_t *conn, const char *address, const tor_addr_t *addr, uint16_t port, int *socket_error)
int	connection_proxy_connect (connection_t *conn, int type)
int	connection_read_proxy_handshake (connection_t *conn)
int	retry_all_listeners (smartlist_t *replaced_conns, smartlist_t *new_conns)
ssize_t	connection_bucket_write_limit (connection_t *conn, time_t now)
int	global_write_bucket_low (connection_t *conn, size_t attempt, int priority)
void	connection_bucket_init (void)
void	connection_bucket_refill (int seconds_elapsed, time_t now)
int	connection_handle_read (connection_t *conn)
int	connection_fetch_from_buf (char *string, size_t len, connection_t *conn)
int	connection_wants_to_flush (connection_t *conn)
int	connection_outbuf_too_full (connection_t *conn)
int	connection_handle_write (connection_t *conn, int force)
void	_connection_write_to_buf_impl (const char *string, size_t len, connection_t *conn, int zlib)
static void	connection_write_to_buf (const char *string, size_t len, connection_t *conn)
static void	connection_write_to_buf_zlib (const char *string, size_t len, dir_connection_t *conn, int done)
connection_t *	connection_get_by_global_id (uint64_t id)
connection_t *	connection_get_by_type (int type)
connection_t *	connection_get_by_type_purpose (int type, int purpose)
connection_t *	connection_get_by_type_addr_port_purpose (int type, const tor_addr_t *addr, uint16_t port, int purpose)
connection_t *	connection_get_by_type_state (int type, int state)
connection_t *	connection_get_by_type_state_rendquery (int type, int state, const char *rendquery)
int	connection_is_listener (connection_t *conn)
int	connection_state_is_open (connection_t *conn)
int	connection_state_is_connecting (connection_t *conn)
char *	alloc_http_authenticator (const char *authenticator)
void	assert_connection_ok (connection_t *conn, time_t now)
int	connection_or_nonopen_was_started_here (or_connection_t *conn)
void	connection_dump_buffer_mem_stats (int severity)
void	remove_file_if_very_old (const char *fname, time_t now)
void	_connection_mark_unattached_ap (edge_connection_t *conn, int endreason, int line, const char *file)
int	connection_edge_reached_eof (edge_connection_t *conn)
int	connection_edge_process_inbuf (edge_connection_t *conn, int package_partial)
int	connection_edge_destroy (circid_t circ_id, edge_connection_t *conn)
int	connection_edge_end (edge_connection_t *conn, uint8_t reason)
int	connection_edge_end_errno (edge_connection_t *conn)
int	connection_edge_finished_flushing (edge_connection_t *conn)
int	connection_edge_finished_connecting (edge_connection_t *conn)
int	connection_ap_handshake_send_begin (edge_connection_t *ap_conn)
int	connection_ap_handshake_send_resolve (edge_connection_t *ap_conn)
edge_connection_t *	connection_ap_make_link (char *address, uint16_t port, const char *digest, int use_begindir, int want_onehop)
void	connection_ap_handshake_socks_reply (edge_connection_t *conn, char *reply, size_t replylen, int endreason)
void	connection_ap_handshake_socks_resolved (edge_connection_t *conn, int answer_type, size_t answer_len, const char *answer, int ttl, time_t expires)
int	connection_exit_begin_conn (cell_t *cell, circuit_t *circ)
int	connection_exit_begin_resolve (cell_t *cell, or_circuit_t *circ)
void	connection_exit_connect (edge_connection_t *conn)
int	connection_edge_is_rendezvous_stream (edge_connection_t *conn)
int	connection_ap_can_use_exit (edge_connection_t *conn, routerinfo_t *exit, int excluded_means_no)
void	connection_ap_expire_beginning (void)
void	connection_ap_attach_pending (void)
void	connection_ap_fail_onehop (const char *failed_digest, cpath_build_state_t *build_state)
void	circuit_discard_optional_exit_enclaves (extend_info_t *info)
int	connection_ap_detach_retriable (edge_connection_t *conn, origin_circuit_t *circ, int reason)
int	connection_ap_process_transparent (edge_connection_t *conn)
int	address_is_invalid_destination (const char *address, int client)
void	addressmap_init (void)
void	addressmap_clean (time_t now)
void	addressmap_clear_configured (void)
void	addressmap_clear_transient (void)
void	addressmap_free_all (void)
int	addressmap_rewrite (char *address, size_t maxlen, time_t *expires_out)
int	addressmap_have_mapping (const char *address, int update_timeout)
void	addressmap_register (const char *address, char *new_address, time_t expires, addressmap_entry_source_t source)
int	parse_virtual_addr_network (const char *val, int validate_only, char **msg)
int	client_dns_incr_failures (const char *address)
void	client_dns_clear_failures (const char *address)
void	client_dns_set_addressmap (const char *address, uint32_t val, const char *exitname, int ttl)
const char *	addressmap_register_virtual_address (int type, char *new_address)
void	addressmap_get_mappings (smartlist_t *sl, time_t min_expires, time_t max_expires, int want_expiry)
int	connection_ap_handshake_rewrite_and_attach (edge_connection_t *conn, origin_circuit_t *circ, crypt_path_t *cpath)
int	hostname_is_noconnect_address (const char *address)
hostname_type_t	parse_extended_hostname (char *address, int allowdotexit)
void	connection_or_remove_from_identity_map (or_connection_t *conn)
void	connection_or_clear_identity_map (void)
or_connection_t *	connection_or_get_for_extend (const char *digest, const tor_addr_t *target_addr, const char **msg_out, int *launch_out)
void	connection_or_set_bad_connections (void)
int	connection_or_reached_eof (or_connection_t *conn)
int	connection_or_process_inbuf (or_connection_t *conn)
int	connection_or_flushed_some (or_connection_t *conn)
int	connection_or_finished_flushing (or_connection_t *conn)
int	connection_or_finished_connecting (or_connection_t *conn)
int	connection_or_digest_is_known_relay (const char *id_digest)
void	connection_or_connect_failed (or_connection_t *conn, int reason, const char *msg)
or_connection_t *	connection_or_connect (const tor_addr_t *addr, uint16_t port, const char *id_digest)
int	connection_tls_start_handshake (or_connection_t *conn, int receiving)
int	connection_tls_continue_handshake (or_connection_t *conn)
void	or_handshake_state_free (or_handshake_state_t *state)
int	connection_or_set_state_open (or_connection_t *conn)
void	connection_or_write_cell_to_buf (const cell_t *cell, or_connection_t *conn)
void	connection_or_write_var_cell_to_buf (const var_cell_t *cell, or_connection_t *conn)
int	connection_or_send_destroy (circid_t circ_id, or_connection_t *conn, int reason)
int	connection_or_send_netinfo (or_connection_t *conn)
int	connection_or_send_cert (or_connection_t *conn)
int	connection_or_send_link_auth (or_connection_t *conn)
int	connection_or_compute_link_auth_hmac (or_connection_t *conn, char *hmac_out)
int	is_or_protocol_version_known (uint16_t version)
void	cell_pack (packed_cell_t *dest, const cell_t *src)
void	var_cell_pack_header (const var_cell_t *cell, char *hdr_out)
var_cell_t *	var_cell_new (uint16_t payload_len)
void	var_cell_free (var_cell_t *cell)
void	control_update_global_event_mask (void)
void	control_adjust_event_log_severity (void)
int	connection_control_finished_flushing (control_connection_t *conn)
int	connection_control_reached_eof (control_connection_t *conn)
int	connection_control_process_inbuf (control_connection_t *conn)
int	control_event_is_interesting (int event)
int	control_event_circuit_status (origin_circuit_t *circ, circuit_status_event_t e, int reason)
int	control_event_stream_status (edge_connection_t *conn, stream_status_event_t e, int reason)
int	control_event_or_conn_status (or_connection_t *conn, or_conn_status_event_t e, int reason)
int	control_event_bandwidth_used (uint32_t n_read, uint32_t n_written)
int	control_event_stream_bandwidth (edge_connection_t *edge_conn)
int	control_event_stream_bandwidth_used (void)
void	control_event_logmsg (int severity, unsigned int domain, const char *msg)
int	control_event_descriptors_changed (smartlist_t *routers)
int	control_event_address_mapped (const char *from, const char *to, time_t expires, const char *error)
int	control_event_or_authdir_new_descriptor (const char *action, const char *desc, size_t desclen, const char *msg)
int	control_event_my_descriptor_changed (void)
int	control_event_networkstatus_changed (smartlist_t *statuses)
int	control_event_newconsensus (const networkstatus_t *consensus)
int	control_event_networkstatus_changed_single (routerstatus_t *rs)
int	control_event_general_status (int severity, const char *format,...) CHECK_PRINTF(2
int int	control_event_client_status (int severity, const char *format,...) CHECK_PRINTF(2
int int int	control_event_server_status (int severity, const char *format,...) CHECK_PRINTF(2
int int int int	control_event_guard (const char *nickname, const char *digest, const char *status)
int	control_event_buildtimeout_set (const circuit_build_times_t *cbt, buildtimeout_set_event_t type)
int	init_cookie_authentication (int enabled)
smartlist_t *	decode_hashed_passwords (config_line_t *passwords)
void	disable_control_logging (void)
void	enable_control_logging (void)
void	control_event_bootstrap (bootstrap_status_t status, int progress)
void	control_event_bootstrap_problem (const char *warn, int reason)
void	control_event_clients_seen (const char *controller_str)
void	cpu_init (void)
void	cpuworkers_rotate (void)
int	connection_cpu_finished_flushing (connection_t *conn)
int	connection_cpu_reached_eof (connection_t *conn)
int	connection_cpu_process_inbuf (connection_t *conn)
int	assign_onionskin_to_cpuworker (connection_t *cpuworker, or_circuit_t *circ, char *onionskin)
int	directories_have_accepted_server_descriptor (void)
char *	authority_type_to_string (authority_type_t auth)
void	directory_post_to_dirservers (uint8_t dir_purpose, uint8_t router_purpose, authority_type_t type, const char *payload, size_t payload_len, size_t extrainfo_len)
void	directory_get_from_dirserver (uint8_t dir_purpose, uint8_t router_purpose, const char *resource, int pds_flags)
void	directory_get_from_all_authorities (uint8_t dir_purpose, uint8_t router_purpose, const char *resource)
void	directory_initiate_command_routerstatus (routerstatus_t *status, uint8_t dir_purpose, uint8_t router_purpose, int anonymized_connection, const char *resource, const char *payload, size_t payload_len, time_t if_modified_since)
void	directory_initiate_command_routerstatus_rend (routerstatus_t *status, uint8_t dir_purpose, uint8_t router_purpose, int anonymized_connection, const char *resource, const char *payload, size_t payload_len, time_t if_modified_since, const rend_data_t *rend_query)
int	parse_http_response (const char *headers, int *code, time_t *date, compress_method_t *compression, char **response)
int	connection_dir_is_encrypted (dir_connection_t *conn)
int	connection_dir_reached_eof (dir_connection_t *conn)
int	connection_dir_process_inbuf (dir_connection_t *conn)
int	connection_dir_finished_flushing (dir_connection_t *conn)
int	connection_dir_finished_connecting (dir_connection_t *conn)
void	connection_dir_request_failed (dir_connection_t *conn)
void	directory_initiate_command (const char *address, const tor_addr_t *addr, uint16_t or_port, uint16_t dir_port, int supports_conditional_consensus, int supports_begindir, const char *digest, uint8_t dir_purpose, uint8_t router_purpose, int anonymized_connection, const char *resource, const char *payload, size_t payload_len, time_t if_modified_since)
int	dir_split_resource_into_fingerprints (const char *resource, smartlist_t *fp_out, int *compressed_out, int flags)
int	dir_split_resource_into_fingerprint_pairs (const char *res, smartlist_t *pairs_out)
char *	directory_dump_request_log (void)
void	note_request (const char *key, size_t bytes)
int	router_supports_extrainfo (const char *identity_digest, int is_authority)
time_t	download_status_increment_failure (download_status_t *dls, int status_code, const char *item, int server, time_t now)
void	download_status_reset (download_status_t *dls)
static int	download_status_is_ready (download_status_t *dls, time_t now, int max_failures)
static void	download_status_mark_impossible (download_status_t *dl)
int	connection_dirserv_flushed_some (dir_connection_t *conn)
int	dirserv_add_own_fingerprint (const char *nickname, crypto_pk_env_t *pk)
int	dirserv_load_fingerprint_file (void)
void	dirserv_free_fingerprint_list (void)
const char *	dirserv_get_nickname_by_digest (const char *digest)
enum was_router_added_t	dirserv_add_multiple_descriptors (const char *desc, uint8_t purpose, const char *source, const char **msg)
enum was_router_added_t	dirserv_add_descriptor (routerinfo_t *ri, const char **msg, const char *source)
void	dirserv_free_descriptors (void)
void	dirserv_set_router_is_running (routerinfo_t *router, time_t now)
int	list_server_status_v1 (smartlist_t *routers, char **router_status_out, int for_controller)
int	dirserv_dump_directory_to_string (char **dir_out, crypto_pk_env_t *private_key)
int	directory_fetches_from_authorities (or_options_t *options)
int	directory_fetches_dir_info_early (or_options_t *options)
int	directory_fetches_dir_info_later (or_options_t *options)
int	directory_caches_v2_dir_info (or_options_t *options)
int	directory_caches_dir_info (or_options_t *options)
int	directory_permits_begindir_requests (or_options_t *options)
int	directory_permits_controller_requests (or_options_t *options)
int	directory_too_idle_to_fetch_descriptors (or_options_t *options, time_t now)
void	directory_set_dirty (void)
cached_dir_t *	dirserv_get_directory (void)
cached_dir_t *	dirserv_get_runningrouters (void)
cached_dir_t *	dirserv_get_consensus (const char *flavor_name)
void	dirserv_set_cached_directory (const char *directory, time_t when, int is_running_routers)
void	dirserv_set_cached_networkstatus_v2 (const char *directory, const char *identity, time_t published)
void	dirserv_set_cached_consensus_networkstatus (const char *consensus, const char *flavor_name, const digests_t *digests, time_t published)
void	dirserv_clear_old_networkstatuses (time_t cutoff)
void	dirserv_clear_old_v1_info (time_t now)
void	dirserv_get_networkstatus_v2 (smartlist_t *result, const char *key)
void	dirserv_get_networkstatus_v2_fingerprints (smartlist_t *result, const char *key)
int	dirserv_get_routerdesc_fingerprints (smartlist_t *fps_out, const char *key, const char **msg, int for_unencrypted_conn, int is_extrainfo)
int	dirserv_get_routerdescs (smartlist_t *descs_out, const char *key, const char **msg)
void	dirserv_orconn_tls_done (const char *address, uint16_t or_port, const char *digest_rcvd, int as_advertised)
void	dirserv_single_reachability_test (time_t now, routerinfo_t *router)
void	dirserv_test_reachability (time_t now)
int	authdir_wants_to_reject_router (routerinfo_t *ri, const char **msg, int complain)
int	dirserv_would_reject_router (routerstatus_t *rs)
int	dirserv_remove_old_statuses (smartlist_t *fps, time_t cutoff)
int	dirserv_have_any_serverdesc (smartlist_t *fps, int spool_src)
int	dirserv_have_any_microdesc (const smartlist_t *fps)
size_t	dirserv_estimate_data_size (smartlist_t *fps, int is_serverdescs, int compressed)
size_t	dirserv_estimate_microdesc_size (const smartlist_t *fps, int compressed)
int	routerstatus_format_entry (char *buf, size_t buf_len, routerstatus_t *rs, const char *platform, routerstatus_format_type_t format)
void	dirserv_free_all (void)
void	cached_dir_decref (cached_dir_t *d)
cached_dir_t *	new_cached_dir (char *s, time_t published)
int	dirserv_read_measured_bandwidths (const char *from_file, smartlist_t *routerstatuses)
void	dirvote_free_all (void)
char *	networkstatus_compute_consensus (smartlist_t *votes, int total_authorities, crypto_pk_env_t *identity_key, crypto_pk_env_t *signing_key, const char *legacy_identity_key_digest, crypto_pk_env_t *legacy_signing_key, consensus_flavor_t flavor)
int	networkstatus_add_detached_signatures (networkstatus_t *target, ns_detached_signatures_t *sigs, const char **msg_out)
char *	networkstatus_get_detached_signatures (smartlist_t *consensuses)
void	ns_detached_signatures_free (ns_detached_signatures_t *s)
authority_cert_t *	authority_cert_dup (authority_cert_t *cert)
void	dirvote_get_preferred_voting_intervals (vote_timing_t *timing_out)
time_t	dirvote_get_start_of_next_interval (time_t now, int interval)
void	dirvote_recalculate_timing (or_options_t *options, time_t now)
void	dirvote_act (or_options_t *options, time_t now)
struct pending_vote_t *	dirvote_add_vote (const char *vote_body, const char **msg_out, int *status_out)
int	dirvote_add_signatures (const char *detached_signatures_body, const char *source, const char **msg_out)
const char *	dirvote_get_pending_consensus (consensus_flavor_t flav)
const char *	dirvote_get_pending_detached_signatures (void)
const cached_dir_t *	dirvote_get_vote (const char *fp, int flags)
void	set_routerstatus_from_routerinfo (routerstatus_t *rs, routerinfo_t *ri, time_t now, int naming, int exits_can_be_guards, int listbadexits, int listbaddirs)
void	router_clear_status_flags (routerinfo_t *ri)
networkstatus_t *	dirserv_generate_networkstatus_vote_obj (crypto_pk_env_t *private_key, authority_cert_t *cert)
microdesc_t *	dirvote_create_microdescriptor (const routerinfo_t *ri)
ssize_t	dirvote_format_microdesc_vote_line (char *out, size_t out_len, const microdesc_t *md)
int	vote_routerstatus_find_microdesc_hash (char *digest256_out, const vote_routerstatus_t *vrs, int method, digest_algorithm_t alg)
document_signature_t *	voter_get_sig_by_algorithm (const networkstatus_voter_info_t *voter, digest_algorithm_t alg)
int	dns_init (void)
int	has_dns_init_failed (void)
void	dns_free_all (void)
uint32_t	dns_clip_ttl (uint32_t ttl)
int	dns_reset (void)
void	connection_dns_remove (edge_connection_t *conn)
void	assert_connection_edge_not_dns_pending (edge_connection_t *conn)
void	assert_all_pending_dns_resolves_ok (void)
void	dns_cancel_pending_resolve (const char *question)
int	dns_resolve (edge_connection_t *exitconn)
void	dns_launch_correctness_checks (void)
int	dns_seems_to_be_broken (void)
void	dns_reset_correctness_checks (void)
void	dump_dns_mem_usage (int severity)
void	dnsserv_configure_listener (connection_t *conn)
void	dnsserv_close_listener (connection_t *conn)
void	dnsserv_resolved (edge_connection_t *conn, int answer_type, size_t answer_len, const char *answer, int ttl)
void	dnsserv_reject_request (edge_connection_t *conn)
int	dnsserv_launch_request (const char *name, int is_reverse)
int	should_record_bridge_info (or_options_t *options)
int	geoip_load_file (const char *filename, or_options_t *options)
int	geoip_get_country_by_ip (uint32_t ipaddr)
int	geoip_get_n_countries (void)
const char *	geoip_get_country_name (country_t num)
int	geoip_is_loaded (void)
country_t	geoip_get_country (const char *countrycode)
void	geoip_note_client_seen (geoip_client_action_t action, uint32_t addr, time_t now)
void	geoip_remove_old_clients (time_t cutoff)
void	geoip_note_ns_response (geoip_client_action_t action, geoip_ns_response_t response)
time_t	geoip_get_history_start (void)
char *	geoip_get_client_history_dirreq (time_t now, geoip_client_action_t action)
char *	geoip_get_client_history_bridge (time_t now, geoip_client_action_t action)
char *	geoip_get_request_history (time_t now, geoip_client_action_t action)
int	getinfo_helper_geoip (control_connection_t *control_conn, const char *question, char **answer)
void	geoip_free_all (void)
void	geoip_start_dirreq (uint64_t dirreq_id, size_t response_size, geoip_client_action_t action, dirreq_type_t type)
void	geoip_change_dirreq_state (uint64_t dirreq_id, dirreq_type_t type, dirreq_state_t new_state)
void	geoip_dirreq_stats_init (time_t now)
void	geoip_dirreq_stats_write (time_t now)
void	geoip_entry_stats_init (time_t now)
void	geoip_entry_stats_write (time_t now)
void	geoip_bridge_stats_init (time_t now)
time_t	geoip_bridge_stats_write (time_t now)
const char *	geoip_get_bridge_stats_extrainfo (time_t)
const char *	geoip_get_bridge_stats_controller (time_t)
int	accounting_parse_options (or_options_t *options, int validate_only)
int	accounting_is_enabled (or_options_t *options)
void	configure_accounting (time_t now)
void	accounting_run_housekeeping (time_t now)
void	accounting_add_bytes (size_t n_read, size_t n_written, int seconds)
int	accounting_record_bandwidth_usage (time_t now, or_state_t *state)
void	hibernate_begin_shutdown (void)
int	we_are_hibernating (void)
void	consider_hibernation (time_t now)
int	getinfo_helper_accounting (control_connection_t *conn, const char *question, char **answer)
void	accounting_set_bandwidth_usage_from_state (or_state_t *state)
int	connection_add (connection_t *conn)
int	connection_remove (connection_t *conn)
void	connection_unregister_events (connection_t *conn)
int	connection_in_array (connection_t *conn)
void	add_connection_to_closeable_list (connection_t *conn)
int	connection_is_on_closeable_list (connection_t *conn)
smartlist_t *	get_connection_array (void)
void	connection_watch_events (connection_t *conn, watchable_events_t events)
int	connection_is_reading (connection_t *conn)
void	connection_stop_reading (connection_t *conn)
void	connection_start_reading (connection_t *conn)
int	connection_is_writing (connection_t *conn)
void	connection_stop_writing (connection_t *conn)
void	connection_start_writing (connection_t *conn)
void	connection_stop_reading_from_linked_conn (connection_t *conn)
void	directory_all_unreachable (time_t now)
void	directory_info_has_arrived (time_t now, int from_cache)
void	ip_address_changed (int at_interface)
void	dns_servers_relaunch_checks (void)
void	control_signal_act (int the_signal)
void	handle_signals (int is_parent)
int	try_locking (or_options_t *options, int err_if_locked)
int	have_lockfile (void)
void	release_lockfile (void)
void	tor_cleanup (void)
void	tor_free_all (int postfork)
int	tor_main (int argc, char *argv[])
microdesc_cache_t *	get_microdesc_cache (void)
smartlist_t *	microdescs_add_to_cache (microdesc_cache_t *cache, const char *s, const char *eos, saved_location_t where, int no_save)
smartlist_t *	microdescs_add_list_to_cache (microdesc_cache_t *cache, smartlist_t *descriptors, saved_location_t where, int no_save)
int	microdesc_cache_rebuild (microdesc_cache_t *cache)
int	microdesc_cache_reload (microdesc_cache_t *cache)
void	microdesc_cache_clear (microdesc_cache_t *cache)
microdesc_t *	microdesc_cache_lookup_by_digest256 (microdesc_cache_t *cache, const char *d)
size_t	microdesc_average_size (microdesc_cache_t *cache)
void	microdesc_free (microdesc_t *md)
void	microdesc_free_all (void)
void	networkstatus_reset_warnings (void)
void	networkstatus_reset_download_failures (void)
int	router_reload_v2_networkstatus (void)
int	router_reload_consensus_networkstatus (void)
void	routerstatus_free (routerstatus_t *rs)
void	networkstatus_v2_free (networkstatus_v2_t *ns)
void	networkstatus_vote_free (networkstatus_t *ns)
networkstatus_voter_info_t *	networkstatus_get_voter_by_id (networkstatus_t *vote, const char *identity)
int	networkstatus_check_consensus_signature (networkstatus_t *consensus, int warn)
int	networkstatus_check_document_signature (const networkstatus_t *consensus, document_signature_t *sig, const authority_cert_t *cert)
char *	networkstatus_get_cache_filename (const char *identity_digest)
int	router_set_networkstatus_v2 (const char *s, time_t arrived_at, v2_networkstatus_source_t source, smartlist_t *requested_fingerprints)
void	networkstatus_v2_list_clean (time_t now)
int	compare_digest_to_routerstatus_entry (const void *_key, const void **_member)
routerstatus_t *	networkstatus_v2_find_entry (networkstatus_v2_t *ns, const char *digest)
routerstatus_t *	networkstatus_vote_find_entry (networkstatus_t *ns, const char *digest)
int	networkstatus_vote_find_entry_idx (networkstatus_t *ns, const char *digest, int *found_out)
const smartlist_t *	networkstatus_get_v2_list (void)
download_status_t *	router_get_dl_status_by_descriptor_digest (const char *d)
routerstatus_t *	router_get_consensus_status_by_id (const char *digest)
routerstatus_t *	router_get_consensus_status_by_descriptor_digest (const char *digest)
routerstatus_t *	router_get_consensus_status_by_nickname (const char *nickname, int warn_if_unnamed)
const char *	networkstatus_get_router_digest_by_nickname (const char *nickname)
int	networkstatus_nickname_is_unnamed (const char *nickname)
void	networkstatus_consensus_download_failed (int status_code)
void	update_consensus_networkstatus_fetch_time (time_t now)
int	should_delay_dir_fetches (or_options_t *options)
void	update_networkstatus_downloads (time_t now)
void	update_certificate_downloads (time_t now)
int	consensus_is_waiting_for_certs (void)
networkstatus_v2_t *	networkstatus_v2_get_by_digest (const char *digest)
networkstatus_t *	networkstatus_get_latest_consensus (void)
networkstatus_t *	networkstatus_get_live_consensus (time_t now)
networkstatus_t *	networkstatus_get_reasonably_live_consensus (time_t now)
int	networkstatus_set_current_consensus (const char *consensus, const char *flavor, unsigned flags)
void	networkstatus_note_certs_arrived (void)
void	routers_update_all_from_networkstatus (time_t now, int dir_version)
void	routerstatus_list_update_from_consensus_networkstatus (time_t now)
void	routers_update_status_from_consensus_networkstatus (smartlist_t *routers, int reset_failures)
void	signed_descs_update_status_from_consensus_networkstatus (smartlist_t *descs)
char *	networkstatus_getinfo_helper_single (routerstatus_t *rs)
char *	networkstatus_getinfo_by_purpose (const char *purpose_string, time_t now)
void	networkstatus_dump_bridge_status_to_file (time_t now)
int32_t	get_net_param_from_list (smartlist_t *net_params, const char *name, int default_val)
int32_t	networkstatus_get_param (networkstatus_t *ns, const char *param_name, int32_t default_val)
int	getinfo_helper_networkstatus (control_connection_t *conn, const char *question, char **answer)
int32_t	networkstatus_get_bw_weight (networkstatus_t *ns, const char *weight, int32_t default_val)
const char *	networkstatus_get_flavor_name (consensus_flavor_t flav)
int	networkstatus_parse_flavor_name (const char *flavname)
void	document_signature_free (document_signature_t *sig)
document_signature_t *	document_signature_dup (const document_signature_t *sig)
void	networkstatus_free_all (void)
int	onion_pending_add (or_circuit_t *circ, char *onionskin)
or_circuit_t *	onion_next_task (char **onionskin_out)
void	onion_pending_remove (or_circuit_t *circ)
int	onion_skin_create (crypto_pk_env_t *router_key, crypto_dh_env_t **handshake_state_out, char *onion_skin_out)
int	onion_skin_server_handshake (const char *onion_skin, crypto_pk_env_t *private_key, crypto_pk_env_t *prev_private_key, char *handshake_reply_out, char *key_out, size_t key_out_len)
int	onion_skin_client_handshake (crypto_dh_env_t *handshake_state, const char *handshake_reply, char *key_out, size_t key_out_len)
int	fast_server_handshake (const char *key_in, char *handshake_reply_out, char *key_out, size_t key_out_len)
int	fast_client_handshake (const char *handshake_state, const char *handshake_reply_out, char *key_out, size_t key_out_len)
void	clear_pending_onions (void)
int	firewall_is_fascist_or (void)
int	fascist_firewall_allows_address_or (const tor_addr_t *addr, uint16_t port)
int	fascist_firewall_allows_or (routerinfo_t *ri)
int	fascist_firewall_allows_address_dir (const tor_addr_t *addr, uint16_t port)
int	dir_policy_permits_address (const tor_addr_t *addr)
int	socks_policy_permits_address (const tor_addr_t *addr)
int	authdir_policy_permits_address (uint32_t addr, uint16_t port)
int	authdir_policy_valid_address (uint32_t addr, uint16_t port)
int	authdir_policy_baddir_address (uint32_t addr, uint16_t port)
int	authdir_policy_badexit_address (uint32_t addr, uint16_t port)
int	validate_addr_policies (or_options_t *options, char **msg)
void	policy_expand_private (smartlist_t **policy)
int	policies_parse_from_options (or_options_t *options)
addr_policy_t *	addr_policy_get_canonical_entry (addr_policy_t *ent)
int	cmp_addr_policies (smartlist_t *a, smartlist_t *b)
addr_policy_result_t	compare_tor_addr_to_addr_policy (const tor_addr_t *addr, uint16_t port, const smartlist_t *policy)
addr_policy_result_t	compare_addr_to_addr_policy (uint32_t addr, uint16_t port, const smartlist_t *policy)
int	policies_parse_exit_policy (config_line_t *cfg, smartlist_t **dest, int rejectprivate, const char *local_address, int add_default_policy)
void	policies_set_router_exitpolicy_to_reject_all (routerinfo_t *exitrouter)
int	exit_policy_is_general_exit (smartlist_t *policy)
int	policy_is_reject_star (const smartlist_t *policy)
int	getinfo_helper_policies (control_connection_t *conn, const char *question, char **answer)
int	policy_write_item (char *buf, size_t buflen, addr_policy_t *item, int format_for_desc)
void	addr_policy_list_free (smartlist_t *p)
void	addr_policy_free (addr_policy_t *p)
void	policies_free_all (void)
char *	policy_summarize (smartlist_t *policy)
const char *	stream_end_reason_to_control_string (int reason)
const char *	stream_end_reason_to_string (int reason)
socks5_reply_status_t	stream_end_reason_to_socks5_response (int reason)
uint8_t	errno_to_stream_end_reason (int e)
const char *	orconn_end_reason_to_control_string (int r)
int	tls_error_to_orconn_end_reason (int e)
int	errno_to_orconn_end_reason (int e)
const char *	circuit_end_reason_to_control_string (int reason)
const char *	socks4_response_code_to_string (uint8_t code)
const char *	socks5_response_code_to_string (uint8_t code)
int	circuit_receive_relay_cell (cell_t *cell, circuit_t *circ, cell_direction_t cell_direction)
void	relay_header_pack (char *dest, const relay_header_t *src)
void	relay_header_unpack (relay_header_t *dest, const char *src)
int	relay_send_command_from_edge (streamid_t stream_id, circuit_t *circ, uint8_t relay_command, const char *payload, size_t payload_len, crypt_path_t *cpath_layer)
int	connection_edge_send_command (edge_connection_t *fromconn, uint8_t relay_command, const char *payload, size_t payload_len)
int	connection_edge_package_raw_inbuf (edge_connection_t *conn, int package_partial)
void	connection_edge_consider_sending_sendme (edge_connection_t *conn)
void	init_cell_pool (void)
void	free_cell_pool (void)
void	clean_cell_pool (void)
void	dump_cell_pool_usage (int severity)
void	cell_queue_clear (cell_queue_t *queue)
void	cell_queue_append (cell_queue_t *queue, packed_cell_t *cell)
void	cell_queue_append_packed_copy (cell_queue_t *queue, const cell_t *cell)
void	append_cell_to_circuit_queue (circuit_t *circ, or_connection_t *orconn, cell_t *cell, cell_direction_t direction)
void	connection_or_unlink_all_active_circs (or_connection_t *conn)
int	connection_or_flush_from_first_active_circuit (or_connection_t *conn, int max, time_t now)
void	assert_active_circuits_ok (or_connection_t *orconn)
void	make_circuit_inactive_on_conn (circuit_t *circ, or_connection_t *conn)
void	make_circuit_active_on_conn (circuit_t *circ, or_connection_t *conn)
int	append_address_to_payload (char *payload_out, const tor_addr_t *addr)
const char *	decode_address_from_payload (tor_addr_t *addr_out, const char *payload, int payload_len)
unsigned	cell_ewma_get_tick (void)
void	cell_ewma_set_scale_factor (or_options_t *options, networkstatus_t *consensus)
void	rep_hist_init (void)
void	rep_hist_note_connect_failed (const char *nickname, time_t when)
void	rep_hist_note_connect_succeeded (const char *nickname, time_t when)
void	rep_hist_note_disconnect (const char *nickname, time_t when)
void	rep_hist_note_connection_died (const char *nickname, time_t when)
void	rep_hist_note_extend_succeeded (const char *from_name, const char *to_name)
void	rep_hist_note_extend_failed (const char *from_name, const char *to_name)
void	rep_hist_dump_stats (time_t now, int severity)
void	rep_hist_note_bytes_read (size_t num_bytes, time_t when)
void	rep_hist_note_bytes_written (size_t num_bytes, time_t when)
void	rep_hist_note_exit_bytes_read (uint16_t port, size_t num_bytes)
void	rep_hist_note_exit_bytes_written (uint16_t port, size_t num_bytes)
void	rep_hist_note_exit_stream_opened (uint16_t port)
void	rep_hist_exit_stats_init (time_t now)
void	rep_hist_exit_stats_write (time_t now)
int	rep_hist_bandwidth_assess (void)
char *	rep_hist_get_bandwidth_lines (int for_extrainfo)
void	rep_hist_update_state (or_state_t *state)
int	rep_hist_load_state (or_state_t *state, char **err)
void	rep_history_clean (time_t before)
void	rep_hist_note_router_reachable (const char *id, time_t when)
void	rep_hist_note_router_unreachable (const char *id, time_t when)
int	rep_hist_record_mtbf_data (time_t now, int missing_means_down)
int	rep_hist_load_mtbf_data (time_t now)
time_t	rep_hist_downrate_old_runs (time_t now)
double	rep_hist_get_stability (const char *id, time_t when)
double	rep_hist_get_weighted_fractional_uptime (const char *id, time_t when)
long	rep_hist_get_weighted_time_known (const char *id, time_t when)
int	rep_hist_have_measured_enough_stability (void)
const char *	rep_hist_get_router_stability_doc (time_t now)
void	rep_hist_note_used_port (time_t now, uint16_t port)
smartlist_t *	rep_hist_get_predicted_ports (time_t now)
void	rep_hist_note_used_resolve (time_t now)
void	rep_hist_note_used_internal (time_t now, int need_uptime, int need_capacity)
int	rep_hist_get_predicted_internal (time_t now, int *need_uptime, int *need_capacity)
int	any_predicted_circuits (time_t now)
int	rep_hist_circbuilding_dormant (time_t now)
void	note_crypto_pk_op (pk_op_t operation)
void	dump_pk_ops (int severity)
void	rep_hist_free_all (void)
void	hs_usage_note_publish_total (const char *service_id, time_t now)
void	hs_usage_note_publish_novel (const char *service_id, time_t now)
void	hs_usage_note_fetch_total (const char *service_id, time_t now)
void	hs_usage_note_fetch_successful (const char *service_id, time_t now)
void	hs_usage_write_statistics_to_file (time_t now)
void	hs_usage_free_all (void)
void	rep_hist_buffer_stats_init (time_t now)
void	rep_hist_buffer_stats_add_circ (circuit_t *circ, time_t end_of_interval)
void	rep_hist_buffer_stats_write (time_t now)
void	rend_client_introcirc_has_opened (origin_circuit_t *circ)
void	rend_client_rendcirc_has_opened (origin_circuit_t *circ)
int	rend_client_introduction_acked (origin_circuit_t *circ, const char *request, size_t request_len)
void	rend_client_refetch_v2_renddesc (const rend_data_t *rend_query)
int	rend_client_remove_intro_point (extend_info_t *failed_intro, const rend_data_t *rend_query)
int	rend_client_rendezvous_acked (origin_circuit_t *circ, const char *request, size_t request_len)
int	rend_client_receive_rendezvous (origin_circuit_t *circ, const char *request, size_t request_len)
void	rend_client_desc_trynow (const char *query)
extend_info_t *	rend_client_get_random_intro (const rend_data_t *rend_query)
int	rend_client_send_introduction (origin_circuit_t *introcirc, origin_circuit_t *rendcirc)
int	rend_parse_service_authorization (or_options_t *options, int validate_only)
rend_service_authorization_t *	rend_client_lookup_service_authorization (const char *onion_address)
void	rend_service_authorization_free_all (void)
rend_data_t *	rend_data_dup (const rend_data_t *request)
static INLINE void	rend_data_free (rend_data_t *data)
int	rend_cmp_service_ids (const char *one, const char *two)
void	rend_process_relay_cell (circuit_t *circ, const crypt_path_t *layer_hint, int command, size_t length, const char *payload)
void	rend_service_descriptor_free (rend_service_descriptor_t *desc)
rend_service_descriptor_t *	rend_parse_service_descriptor (const char *str, size_t len)
int	rend_get_service_id (crypto_pk_env_t *pk, char *out)
void	rend_encoded_v2_service_descriptor_free (rend_encoded_v2_service_descriptor_t *desc)
void	rend_intro_point_free (rend_intro_point_t *intro)
void	rend_cache_init (void)
void	rend_cache_clean (void)
void	rend_cache_clean_v2_descs_as_dir (void)
void	rend_cache_free_all (void)
int	rend_valid_service_id (const char *query)
int	rend_cache_lookup_desc (const char *query, int version, const char **desc, size_t *desc_len)
int	rend_cache_lookup_entry (const char *query, int version, rend_cache_entry_t **entry_out)
int	rend_cache_lookup_v2_desc_as_dir (const char *query, const char **desc)
int	rend_cache_store (const char *desc, size_t desc_len, int published)
int	rend_cache_store_v2_desc_as_client (const char *desc, const rend_data_t *rend_query)
int	rend_cache_store_v2_desc_as_dir (const char *desc)
int	rend_cache_size (void)
int	rend_encode_v2_descriptors (smartlist_t *descs_out, rend_service_descriptor_t *desc, time_t now, uint8_t period, rend_auth_type_t auth_type, crypto_pk_env_t *client_key, smartlist_t *client_cookies)
int	rend_compute_v2_desc_id (char *desc_id_out, const char *service_id, const char *descriptor_cookie, time_t now, uint8_t replica)
int	rend_id_is_in_interval (const char *a, const char *b, const char *c)
void	rend_get_descriptor_id_bytes (char *descriptor_id_out, const char *service_id, const char *secret_id_part)
int	num_rend_services (void)
int	rend_config_services (or_options_t *options, int validate_only)
int	rend_service_load_keys (void)
void	rend_services_init (void)
void	rend_services_introduce (void)
void	rend_consider_services_upload (time_t now)
void	rend_hsdir_routers_changed (void)
void	rend_consider_descriptor_republication (void)
void	rend_service_intro_has_opened (origin_circuit_t *circuit)
int	rend_service_intro_established (origin_circuit_t *circuit, const char *request, size_t request_len)
void	rend_service_rendezvous_has_opened (origin_circuit_t *circuit)
int	rend_service_introduce (origin_circuit_t *circuit, const char *request, size_t request_len)
void	rend_service_relaunch_rendezvous (origin_circuit_t *oldcirc)
int	rend_service_set_connection_addr_port (edge_connection_t *conn, origin_circuit_t *circ)
void	rend_service_dump_stats (int severity)
void	rend_service_free_all (void)
int	rend_mid_establish_intro (or_circuit_t *circ, const char *request, size_t request_len)
int	rend_mid_introduce (or_circuit_t *circ, const char *request, size_t request_len)
int	rend_mid_establish_rendezvous (or_circuit_t *circ, const char *request, size_t request_len)
int	rend_mid_rendezvous (or_circuit_t *circ, const char *request, size_t request_len)
crypto_pk_env_t *	get_onion_key (void)
time_t	get_onion_key_set_at (void)
void	set_identity_key (crypto_pk_env_t *k)
crypto_pk_env_t *	get_identity_key (void)
int	identity_key_is_set (void)
authority_cert_t *	get_my_v3_authority_cert (void)
crypto_pk_env_t *	get_my_v3_authority_signing_key (void)
authority_cert_t *	get_my_v3_legacy_cert (void)
crypto_pk_env_t *	get_my_v3_legacy_signing_key (void)
void	dup_onion_keys (crypto_pk_env_t **key, crypto_pk_env_t **last)
void	rotate_onion_key (void)
crypto_pk_env_t *	init_key_from_file (const char *fname, int generate, int severity)
void	v3_authority_check_key_expiry (void)
int	init_keys (void)
int	check_whether_orport_reachable (void)
int	check_whether_dirport_reachable (void)
void	consider_testing_reachability (int test_or, int test_dir)
void	router_orport_found_reachable (void)
void	router_dirport_found_reachable (void)
void	router_perform_bandwidth_test (int num_circs, time_t now)
int	authdir_mode (or_options_t *options)
int	authdir_mode_v1 (or_options_t *options)
int	authdir_mode_v2 (or_options_t *options)
int	authdir_mode_v3 (or_options_t *options)
int	authdir_mode_any_main (or_options_t *options)
int	authdir_mode_any_nonhidserv (or_options_t *options)
int	authdir_mode_handles_descs (or_options_t *options, int purpose)
int	authdir_mode_publishes_statuses (or_options_t *options)
int	authdir_mode_tests_reachability (or_options_t *options)
int	authdir_mode_bridge (or_options_t *options)
int	server_mode (or_options_t *options)
int	advertised_server_mode (void)
int	proxy_mode (or_options_t *options)
void	consider_publishable_server (int force)
void	router_upload_dir_desc_to_dirservers (int force)
void	mark_my_descriptor_dirty_if_older_than (time_t when)
void	mark_my_descriptor_dirty (void)
void	check_descriptor_bandwidth_changed (time_t now)
void	check_descriptor_ipaddress_changed (time_t now)
void	router_new_address_suggestion (const char *suggestion, const dir_connection_t *d_conn)
int	router_compare_to_my_exit_policy (edge_connection_t *conn)
routerinfo_t *	router_get_my_routerinfo (void)
extrainfo_t *	router_get_my_extrainfo (void)
const char *	router_get_my_descriptor (void)
int	router_digest_is_me (const char *digest)
int	router_extrainfo_digest_is_me (const char *digest)
int	router_is_me (routerinfo_t *router)
int	router_fingerprint_is_me (const char *fp)
int	router_pick_published_address (or_options_t *options, uint32_t *addr)
int	router_rebuild_descriptor (int force)
int	router_dump_router_to_string (char *s, size_t maxlen, routerinfo_t *router, crypto_pk_env_t *ident_key)
int	extrainfo_dump_to_string (char *s, size_t maxlen, extrainfo_t *extrainfo, crypto_pk_env_t *ident_key)
int	is_legal_nickname (const char *s)
int	is_legal_nickname_or_hexdigest (const char *s)
int	is_legal_hexdigest (const char *s)
void	router_get_verbose_nickname (char *buf, const routerinfo_t *router)
void	routerstatus_get_verbose_nickname (char *buf, const routerstatus_t *router)
void	router_reset_warnings (void)
void	router_reset_reachability (void)
void	router_free_all (void)
const char *	router_purpose_to_string (uint8_t p)
uint8_t	router_purpose_from_string (const char *s)
int	get_n_authorities (authority_type_t type)
int	trusted_dirs_reload_certs (void)
int	trusted_dirs_load_certs_from_string (const char *contents, int from_store, int flush)
void	trusted_dirs_flush_certs_to_disk (void)
authority_cert_t *	authority_cert_get_newest_by_id (const char *id_digest)
authority_cert_t *	authority_cert_get_by_sk_digest (const char *sk_digest)
authority_cert_t *	authority_cert_get_by_digests (const char *id_digest, const char *sk_digest)
void	authority_cert_get_all (smartlist_t *certs_out)
void	authority_cert_dl_failed (const char *id_digest, int status)
void	authority_certs_fetch_missing (networkstatus_t *status, time_t now)
int	router_reload_router_list (void)
smartlist_t *	router_get_trusted_dir_servers (void)
routerstatus_t *	router_pick_directory_server (authority_type_t type, int flags)
trusted_dir_server_t *	router_get_trusteddirserver_by_digest (const char *d)
trusted_dir_server_t *	trusteddirserver_get_by_v3_auth_digest (const char *d)
routerstatus_t *	router_pick_trusteddirserver (authority_type_t type, int flags)
int	router_get_my_share_of_directory_requests (double *v2_share_out, double *v3_share_out)
void	router_reset_status_download_failures (void)
void	routerlist_add_family (smartlist_t *sl, routerinfo_t *router)
int	routers_in_same_family (routerinfo_t *r1, routerinfo_t *r2)
void	add_nickname_list_to_smartlist (smartlist_t *sl, const char *list, int must_be_running)
int	router_nickname_is_in_list (routerinfo_t *router, const char *list)
routerinfo_t *	routerlist_find_my_routerinfo (void)
routerinfo_t *	router_find_exact_exit_enclave (const char *address, uint16_t port)
int	router_is_unreliable (routerinfo_t *router, int need_uptime, int need_capacity, int need_guard)
uint32_t	router_get_advertised_bandwidth (routerinfo_t *router)
uint32_t	router_get_advertised_bandwidth_capped (routerinfo_t *router)
routerinfo_t *	routerlist_sl_choose_by_bandwidth (smartlist_t *sl, bandwidth_weight_rule_t rule)
routerstatus_t *	routerstatus_sl_choose_by_bandwidth (smartlist_t *sl, bandwidth_weight_rule_t rule)
const char *	bandwidth_weight_rule_to_string (enum bandwidth_weight_rule_t rule)
routerinfo_t *	router_choose_random_node (smartlist_t *excludedsmartlist, struct routerset_t *excludedset, router_crn_flags_t flags)
routerinfo_t *	router_get_by_nickname (const char *nickname, int warn_if_unnamed)
int	router_digest_version_as_new_as (const char *digest, const char *cutoff)
int	router_digest_is_trusted_dir_type (const char *digest, authority_type_t type)
int	router_addr_is_trusted_dir (uint32_t addr)
int	hexdigest_to_digest (const char *hexdigest, char *digest)
routerinfo_t *	router_get_by_hexdigest (const char *hexdigest)
routerinfo_t *	router_get_by_digest (const char *digest)
signed_descriptor_t *	router_get_by_descriptor_digest (const char *digest)
signed_descriptor_t *	router_get_by_extrainfo_digest (const char *digest)
signed_descriptor_t *	extrainfo_get_by_descriptor_digest (const char *digest)
const char *	signed_descriptor_get_body (signed_descriptor_t *desc)
const char *	signed_descriptor_get_annotations (signed_descriptor_t *desc)
routerlist_t *	router_get_routerlist (void)
void	routerinfo_free (routerinfo_t *router)
void	extrainfo_free (extrainfo_t *extrainfo)
void	routerlist_free (routerlist_t *rl)
void	dump_routerlist_mem_usage (int severity)
void	routerlist_remove (routerlist_t *rl, routerinfo_t *ri, int make_old, time_t now)
void	routerlist_free_all (void)
void	routerlist_reset_warnings (void)
void	router_set_status (const char *digest, int up)
static int	WRA_WAS_ADDED (was_router_added_t s)
static int	WRA_WAS_OUTDATED (was_router_added_t s)
static int	WRA_WAS_REJECTED (was_router_added_t s)
was_router_added_t	router_add_to_routerlist (routerinfo_t *router, const char **msg, int from_cache, int from_fetch)
was_router_added_t	router_add_extrainfo_to_routerlist (extrainfo_t *ei, const char **msg, int from_cache, int from_fetch)
void	routerlist_remove_old_routers (void)
int	router_load_single_router (const char *s, uint8_t purpose, int cache, const char **msg)
int	router_load_routers_from_string (const char *s, const char *eos, saved_location_t saved_location, smartlist_t *requested_fingerprints, int descriptor_digests, const char *prepend_annotations)
void	router_load_extrainfo_from_string (const char *s, const char *eos, saved_location_t saved_location, smartlist_t *requested_fingerprints, int descriptor_digests)
void	routerlist_retry_directory_downloads (time_t now)
int	router_exit_policy_all_routers_reject (uint32_t addr, uint16_t port, int need_uptime)
int	router_exit_policy_rejects_all (routerinfo_t *router)
trusted_dir_server_t *	add_trusted_dir_server (const char *nickname, const char *address, uint16_t dir_port, uint16_t or_port, const char *digest, const char *v3_auth_digest, authority_type_t type)
void	authority_cert_free (authority_cert_t *cert)
void	clear_trusted_dir_servers (void)
int	any_trusted_dir_is_v1_authority (void)
void	update_consensus_router_descriptor_downloads (time_t now, int is_vote, networkstatus_t *consensus)
void	update_router_descriptor_downloads (time_t now)
void	update_extrainfo_downloads (time_t now)
int	router_have_minimum_dir_info (void)
void	router_dir_info_changed (void)
const char *	get_dir_info_status_string (void)
int	count_loading_descriptors_progress (void)
void	router_reset_descriptor_download_failures (void)
int	router_differences_are_cosmetic (routerinfo_t *r1, routerinfo_t *r2)
int	routerinfo_incompatible_with_extrainfo (routerinfo_t *ri, extrainfo_t *ei, signed_descriptor_t *sd, const char **msg)
void	routerlist_assert_ok (routerlist_t *rl)
const char *	esc_router_info (routerinfo_t *router)
void	routers_sort_by_identity (smartlist_t *routers)
routerset_t *	routerset_new (void)
int	routerset_parse (routerset_t *target, const char *s, const char *description)
void	routerset_union (routerset_t *target, const routerset_t *source)
int	routerset_is_list (const routerset_t *set)
int	routerset_needs_geoip (const routerset_t *set)
int	routerset_contains_router (const routerset_t *set, routerinfo_t *ri)
int	routerset_contains_routerstatus (const routerset_t *set, routerstatus_t *rs)
int	routerset_contains_extendinfo (const routerset_t *set, const extend_info_t *ei)
void	routerset_get_all_routers (smartlist_t *out, const routerset_t *routerset, int running_only)
void	routersets_get_disjunction (smartlist_t *target, const smartlist_t *source, const routerset_t *include, const routerset_t *exclude, int running_only)
void	routerset_subtract_routers (smartlist_t *out, const routerset_t *routerset)
char *	routerset_to_string (const routerset_t *routerset)
void	routerset_refresh_countries (routerset_t *target)
int	routerset_equal (const routerset_t *old, const routerset_t *new)
void	routerset_free (routerset_t *routerset)
void	routerinfo_set_country (routerinfo_t *ri)
void	routerlist_refresh_countries (void)
void	refresh_all_country_info (void)
int	hid_serv_get_responsible_directories (smartlist_t *responsible_dirs, const char *id)
int	hid_serv_acting_as_directory (void)
int	hid_serv_responsible_for_desc_id (const char *id)
int	router_get_router_hash (const char *s, size_t s_len, char *digest)
int	router_get_dir_hash (const char *s, char *digest)
int	router_get_runningrouters_hash (const char *s, char *digest)
int	router_get_networkstatus_v2_hash (const char *s, char *digest)
int	router_get_networkstatus_v3_hash (const char *s, char *digest, digest_algorithm_t algorithm)
int	router_get_networkstatus_v3_hashes (const char *s, digests_t *digests)
int	router_get_extrainfo_hash (const char *s, char *digest)
int	router_append_dirobj_signature (char *buf, size_t buf_len, const char *digest, size_t digest_len, crypto_pk_env_t *private_key)
int	router_parse_list_from_string (const char **s, const char *eos, smartlist_t *dest, saved_location_t saved_location, int is_extrainfo, int allow_annotations, const char *prepend_annotations)
int	router_parse_routerlist_from_directory (const char *s, routerlist_t **dest, crypto_pk_env_t *pkey, int check_version, int write_to_cache)
int	router_parse_runningrouters (const char *str)
int	router_parse_directory (const char *str)
routerinfo_t *	router_parse_entry_from_string (const char *s, const char *end, int cache_copy, int allow_annotations, const char *prepend_annotations)
extrainfo_t *	extrainfo_parse_entry_from_string (const char *s, const char *end, int cache_copy, struct digest_ri_map_t *routermap)
addr_policy_t *	router_parse_addr_policy_item_from_string (const char *s, int assume_action)
version_status_t	tor_version_is_obsolete (const char *myversion, const char *versionlist)
int	tor_version_parse (const char *s, tor_version_t *out)
int	tor_version_as_new_as (const char *platform, const char *cutoff)
int	tor_version_compare (tor_version_t *a, tor_version_t *b)
void	sort_version_list (smartlist_t *lst, int remove_duplicates)
void	assert_addr_policy_ok (smartlist_t *t)
void	dump_distinct_digest_count (int severity)
int	compare_routerstatus_entries (const void **_a, const void **_b)
networkstatus_v2_t *	networkstatus_v2_parse_from_string (const char *s)
int	networkstatus_verify_bw_weights (networkstatus_t *ns)
networkstatus_t *	networkstatus_parse_vote_from_string (const char *s, const char **eos_out, networkstatus_type_t ns_type)
ns_detached_signatures_t *	networkstatus_parse_detached_signatures (const char *s, const char *eos)
smartlist_t *	microdescs_parse_from_string (const char *s, const char *eos, int allow_annotations, int copy_body)
authority_cert_t *	authority_cert_parse_from_string (const char *s, const char **end_of_string)
int	rend_parse_v2_service_descriptor (rend_service_descriptor_t **parsed_out, char *desc_id_out, char **intro_points_encrypted_out, size_t *intro_points_encrypted_size_out, size_t *encoded_size_out, const char **next_out, const char *desc)
int	rend_decrypt_introduction_points (char **ipos_decrypted, size_t *ipos_decrypted_size, const char *descriptor_cookie, const char *ipos_encrypted, size_t ipos_encrypted_size)
int	rend_parse_introduction_points (rend_service_descriptor_t *parsed, const char *intro_points_encoded, size_t intro_points_encoded_size)
int	rend_parse_client_keys (strmap_t *parsed_clients, const char *str)
void	tor_gettimeofday_cache_clear (void)
Variables
circuit_build_times_t	circ_times
uint64_t	stats_n_padding_cells_processed
uint64_t	stats_n_create_cells_processed
uint64_t	stats_n_created_cells_processed
uint64_t	stats_n_relay_cells_processed
uint64_t	stats_n_destroy_cells_processed
int	has_completed_circuit
uint64_t	stats_n_relay_cells_relayed
uint64_t	stats_n_relay_cells_delivered
uint64_t	stats_n_data_cells_packaged
uint64_t	stats_n_data_bytes_packaged
uint64_t	stats_n_data_cells_received
uint64_t	stats_n_data_bytes_received

---

Detailed Description

Master header file for Tor-specific functionality.

---

Define Documentation

#define AP_CONN_STATE_CIRCUIT_WAIT   8

State for a SOCKS connection: waiting for a completed circuit.

Referenced by ap_stream_wants_exit_attention(), circuit_discard_optional_exit_enclaves(), circuit_get_open_circ_or_launch(), conn_state_to_string(), connection_ap_attach_pending(), connection_ap_detach_retriable(), connection_ap_fail_onehop(), connection_ap_handshake_attach_chosen_circuit(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_ap_make_link(), connection_ap_process_natd(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_init_accepted_conn(), directory_all_unreachable(), getinfo_helper_events(), rend_client_desc_trynow(), and rend_client_remove_intro_point().

#define AP_CONN_STATE_CONNECT_WAIT   9

State for a SOCKS connection: sent BEGIN, waiting for CONNECTED.

Referenced by conn_state_to_string(), connection_ap_handshake_send_begin(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_edge_process_relay_cell_not_open(), getinfo_helper_events(), and handle_control_attachstream().

#define AP_CONN_STATE_CONTROLLER_WAIT   7

The controller will attach this connection to a circuit; it isn't our job to do so.

Referenced by conn_state_to_string(), connection_ap_detach_retriable(), connection_ap_handshake_attach_chosen_circuit(), connection_ap_handshake_process_socks(), connection_ap_process_natd(), connection_ap_process_transparent(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), getinfo_helper_events(), and handle_control_attachstream().

#define AP_CONN_STATE_IS_UNATTACHED

(

s

)

((s) <= AP_CONN_STATE_CIRCUIT_WAIT || (s) == AP_CONN_STATE_NATD_WAIT)

True iff the AP_CONN_STATE_* value s means that the corresponding edge connection is not attached to any circuit.

Referenced by connection_ap_expire_beginning().

#define AP_CONN_STATE_NATD_WAIT   12

State for a transparent natd connection: waiting for original destination.

Referenced by conn_state_to_string(), connection_ap_process_natd(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_init_accepted_conn(), and getinfo_helper_events().

#define AP_CONN_STATE_OPEN   11

State for a SOCKS connection: ready to send and receive.

Referenced by assert_connection_ok(), conn_state_to_string(), connection_ap_expire_beginning(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_edge_process_relay_cell_not_open(), connection_state_is_open(), and getinfo_helper_events().

#define AP_CONN_STATE_RENDDESC_WAIT   6

State for a SOCKS connection: got a y.onion URL; waiting to receive rendezvous descriptor.

Referenced by circuit_get_open_circ_or_launch(), conn_state_to_string(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), getinfo_helper_events(), rend_client_desc_trynow(), and rend_client_remove_intro_point().

#define AP_CONN_STATE_RESOLVE_WAIT   10

State for a SOCKS connection: sent RESOLVE, waiting for RESOLVED.

Referenced by conn_state_to_string(), connection_ap_handshake_send_resolve(), connection_edge_process_inbuf(), connection_edge_process_relay_cell_not_open(), dnsserv_launch_request(), evdns_server_callback(), getinfo_helper_events(), and handle_control_attachstream().

#define AP_CONN_STATE_SOCKS_WAIT   5

State for a SOCKS connection: waiting for SOCKS request.

Referenced by conn_state_to_string(), connection_ap_handshake_process_socks(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_init_accepted_conn(), and getinfo_helper_events().

#define BW_WEIGHT_SCALE   10000

Precision multiplier for the Bw weights

Referenced by networkstatus_verify_bw_weights(), and smartlist_choose_by_bandwidth_weights().

#define CBT_BIN_WIDTH   ((build_time_t)50)

Width of the histogram bins in milliseconds

Referenced by circuit_build_times_create_histogram(), circuit_build_times_mode(), and circuit_build_times_update_state().

#define CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT   (CBT_DEFAULT_RECENT_CIRCUITS*9/10)

Maximum count of timeouts that finish the first hop in the past RECENT_CIRCUITS before calculating a new timeout.

This tells us to abandon timeout history and set the timeout back to BUILD_TIMEOUT_INITIAL_VALUE.

#define CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE   100

Minimum circuits before estimating a timeout

#define CBT_DEFAULT_QUANTILE_CUTOFF   80

Cutoff percentile on the CDF for our timeout estimation.

#define CBT_DEFAULT_RECENT_CIRCUITS   20

How many circuits count as recent when considering if the connection has gone gimpy or changed.

Referenced by circuit_build_times_new_consensus_params().

#define CBT_DEFAULT_TEST_FREQUENCY   60

How often in seconds should we build a test circuit

#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE   (60*1000)

Initial circuit build timeout in milliseconds

#define CBT_DEFAULT_TIMEOUT_MIN_VALUE   (2*1000)

Lowest allowable value for CircuitBuildTimeout in milliseconds

#define CBT_MAX_SYNTHETIC_QUANTILE   0.985

Maximum quantile to use to generate synthetic timeouts. We want to stay a bit short of 1.0, because longtail is loooooooooooooooooooooooooooooooooooooooooooooooooooong.

Referenced by circuit_build_times_add_timeout_worker(), and circuit_build_times_count_pretimeouts().

#define CBT_NCIRCUITS_TO_OBSERVE   1000

Total size of the circuit timeout history to accumulate. 1000 is approx 2.5 days worth of continual-use circuits.

Referenced by circuit_build_times_add_time(), circuit_build_times_max(), and circuit_build_times_rewind_history().

#define CBT_NETWORK_NONLIVE_DISCARD_COUNT   (CBT_NETWORK_NONLIVE_TIMEOUT_COUNT*2)

This tells us when to toss out the last streak of N timeouts.

If instead we start getting cells, we switch back to computing the timeout from our saved history.

Referenced by circuit_build_times_network_check_live().

#define CBT_NETWORK_NONLIVE_TIMEOUT_COUNT   (3)

Have we received a cell in the last N circ attempts?

This tells us when to temporarily switch back to BUILD_TIMEOUT_INITIAL_VALUE until we start getting cells, at which point we switch back to computing the timeout from our saved history.

Referenced by circuit_build_times_network_check_live().

#define CBT_SAVE_STATE_EVERY   10

Save state every 10 circuits

Referenced by circuit_build_times_add_time().

#define CELL_COMMAND_IS_VAR_LENGTH

(

x

)

((x) == CELL_VERSIONS)

True iff the cell command x is one that implies a variable-length cell.

Referenced by fetch_var_cell_from_buf().

#define CELL_NETWORK_SIZE   512

Number of bytes in a cell transmitted over the network.

Referenced by connection_bucket_read_limit(), connection_bucket_write_limit(), connection_or_flush_from_first_active_circuit(), connection_or_flushed_some(), connection_or_process_cells_from_inbuf(), connection_or_write_cell_to_buf(), and router_perform_bandwidth_test().

#define CELL_PAYLOAD_SIZE   509

Number of bytes in a cell, minus cell header.

Referenced by cell_pack(), cell_unpack(), command_process_netinfo_cell(), connection_ap_handshake_send_begin(), connection_edge_package_raw_inbuf(), connection_outbuf_too_full(), relay_crypt_one_payload(), relay_digest_matches(), and relay_set_digest().

#define CIRCLAUNCH_IS_INTERNAL   (1<<3)

Flag to set when the last hop of a circuit doesn't need to be an exit node.

Referenced by circuit_find_to_cannibalize(), circuit_get_open_circ_or_launch(), circuit_predict_and_launch_new(), consider_testing_reachability(), origin_circuit_init(), rend_client_introduction_acked(), rend_service_introduce(), rend_service_launch_establish_intro(), and rend_service_relaunch_rendezvous().

#define CIRCLAUNCH_NEED_CAPACITY   (1<<2)

Flag to set when a circuit needs to be built of high-capacity nodes

Referenced by circuit_find_to_cannibalize(), circuit_get_open_circ_or_launch(), circuit_predict_and_launch_new(), consider_testing_reachability(), handle_control_extendcircuit(), origin_circuit_init(), rend_service_introduce(), and rend_service_relaunch_rendezvous().

#define CIRCLAUNCH_NEED_UPTIME   (1<<1)

Flag to set when a circuit needs to be built of high-uptime nodes

Referenced by circuit_find_to_cannibalize(), circuit_get_open_circ_or_launch(), circuit_predict_and_launch_new(), origin_circuit_init(), rend_service_introduce(), and rend_service_launch_establish_intro().

#define CIRCLAUNCH_ONEHOP_TUNNEL   (1<<0)

Flag to set when a circuit should have only a single hop.

Referenced by circuit_get_open_circ_or_launch(), circuit_launch_by_extend_info(), and origin_circuit_init().

#define CIRCUIT_IS_ORIGIN

(

c

)

(CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))

True iff the circuit_t c is actually an origin_circuit_t.

Referenced by _circuit_mark_for_close(), assert_circuit_ok(), circuit_deliver_create_cell(), circuit_detach_stream(), circuit_dump_by_conn(), circuit_dump_details(), circuit_enough_testing_circs(), circuit_expire_all_dirty_circs(), circuit_expire_building(), circuit_expire_old_circuits_clientside(), circuit_expire_old_circuits_serverside(), circuit_find_to_cannibalize(), circuit_free(), circuit_free_all(), circuit_get_by_circid_orconn_impl(), circuit_get_by_edge_conn(), circuit_get_by_global_id(), circuit_is_acceptable(), circuit_is_better(), circuit_mark_all_unused_circs(), circuit_n_conn_done(), circuit_package_relay_cell(), circuit_predict_and_launch_new(), circuit_receive_relay_cell(), circuit_resume_edge_reading(), circuit_stream_is_being_handled(), circuit_unlink_all_from_or_conn(), command_process_created_cell(), command_process_destroy_cell(), command_process_relay_cell(), connection_ap_handshake_attach_circuit(), connection_cpu_process_inbuf(), connection_edge_process_relay_cell_not_open(), connection_exit_begin_conn(), connection_or_flush_from_first_active_circuit(), control_event_stream_status(), dns_found_answer(), dump_cell_pool_usage(), getinfo_helper_events(), relay_crypt(), relay_lookup_conn(), relay_send_command_from_edge(), rend_process_relay_cell(), rep_hist_buffer_stats_add_circ(), and set_streams_blocked_on_circ().

#define CIRCUIT_PURPOSE_C_ESTABLISH_REND   9

Client-side circuit purpose: at Alice, waiting for ack.

Referenced by choose_good_exit_server(), circuit_build_failed(), circuit_expire_building(), circuit_get_open_circ_or_launch(), circuit_has_opened(), circuit_is_acceptable(), circuit_launch_by_extend_info(), circuit_purpose_to_controller_string(), rend_client_rendcirc_has_opened(), rend_client_rendezvous_acked(), rend_client_send_establish_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_GENERAL   5

Client-side circuit purpose: Normal circuit, with cpath.

Referenced by add_an_entry_guard(), choose_good_exit_server(), circuit_build_failed(), circuit_build_needed_circs(), circuit_expire_old_circuits_clientside(), circuit_find_to_cannibalize(), circuit_get_best(), circuit_get_open_circ_or_launch(), circuit_has_opened(), circuit_is_acceptable(), circuit_is_better(), circuit_launch_by_extend_info(), circuit_predict_and_launch_new(), circuit_purpose_from_string(), circuit_purpose_to_controller_string(), circuit_stream_is_being_handled(), connection_ap_expire_beginning(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), handle_control_extendcircuit(), rend_service_intro_has_opened(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT   7

Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point, waiting for ACK/NAK.

Referenced by _circuit_mark_for_close(), circuit_expire_building(), circuit_get_best(), circuit_get_open_circ_or_launch(), circuit_is_acceptable(), circuit_is_better(), circuit_purpose_to_controller_string(), connection_ap_handshake_attach_circuit(), rend_client_introduction_acked(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED   8

Client-side circuit purpose: at Alice, introduced and acked, closing.

Referenced by circuit_purpose_to_controller_string(), rend_client_introduction_acked(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_INTRODUCING   6

Client-side circuit purpose: at Alice, connecting to intro point.

Referenced by circuit_build_failed(), circuit_expire_building(), circuit_get_open_circ_or_launch(), circuit_has_opened(), circuit_is_acceptable(), circuit_launch_by_extend_info(), circuit_purpose_to_controller_string(), connection_ap_handshake_attach_circuit(), rend_client_introcirc_has_opened(), rend_client_introduction_acked(), rend_client_send_introduction(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_REND_JOINED   12

Client-side circuit purpose: at Alice, rendezvous established.

Referenced by circuit_get_best(), circuit_get_open_circ_or_launch(), circuit_is_acceptable(), circuit_is_better(), circuit_purpose_to_controller_string(), connection_ap_expire_beginning(), connection_ap_handshake_attach_circuit(), rend_client_receive_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_REND_READY   10

Client-side circuit purpose: at Alice, waiting for Bob.

Referenced by circuit_expire_building(), circuit_is_acceptable(), circuit_purpose_to_controller_string(), connection_ap_handshake_attach_circuit(), rend_client_introduction_acked(), rend_client_receive_rendezvous(), rend_client_rendezvous_acked(), rend_client_send_introduction(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED   11

Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE has been acknowledged.

Referenced by circuit_expire_building(), circuit_is_acceptable(), circuit_purpose_to_controller_string(), connection_ap_handshake_attach_circuit(), rend_client_introduction_acked(), rend_client_receive_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_CONTROLLER   18

A controller made this circuit and Tor should not use it.

Referenced by circuit_purpose_from_string(), circuit_purpose_to_controller_string(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_INTRO_POINT   2

OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices.

Referenced by circuit_get_intro_point(), circuit_purpose_to_controller_string(), rend_mid_establish_intro(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_IS_CLIENT

(

p

)

Value:

((p)> _CIRCUIT_PURPOSE_OR_MAX &&    \
   (p)<=_CIRCUIT_PURPOSE_C_MAX)

True iff the circuit purpose p is for a circuit that originated here to serve as a client. (Hidden services don't count here.)

Referenced by connection_edge_end(), and relay_send_end_cell_from_edge().

#define CIRCUIT_PURPOSE_IS_ESTABLISHED_REND

(

p

)

Value:

((p) == CIRCUIT_PURPOSE_C_REND_JOINED ||     \
   (p) == CIRCUIT_PURPOSE_S_REND_JOINED)

True iff the circuit purpose p is for an established rendezvous circuit.

Referenced by relay_send_command_from_edge().

#define CIRCUIT_PURPOSE_IS_ORIGIN

(

p

)

((p)>_CIRCUIT_PURPOSE_OR_MAX)

True iff the circuit purpose p is for a circuit that originated at this node.

Referenced by circuit_get_by_rend_query_and_purpose(), and circuit_get_next_by_pk_and_purpose().

#define CIRCUIT_PURPOSE_OR   1

OR-side circuit purpose: normal circuit, at OR.

Referenced by circuit_purpose_to_controller_string(), command_process_create_cell(), connection_edge_process_relay_cell(), connection_exit_begin_conn(), rend_mid_establish_intro(), rend_mid_establish_rendezvous(), rend_mid_introduce(), rend_mid_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_REND_ESTABLISHED   4

OR-side circuit purpose: At OR, both circuits have this purpose.

Referenced by assert_circuit_ok(), circuit_purpose_to_controller_string(), circuit_receive_relay_cell(), rend_mid_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_REND_POINT_WAITING   3

OR-side circuit purpose: At OR, from Alice, waiting for Bob.

Referenced by circuit_get_rendezvous(), circuit_purpose_to_controller_string(), rend_mid_establish_rendezvous(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_S_CONNECT_REND   15

Hidden-service-side circuit purpose: at Bob, connecting to rend point.

Referenced by circuit_build_failed(), circuit_has_opened(), circuit_launch_by_extend_info(), circuit_purpose_to_controller_string(), rend_service_introduce(), rend_service_relaunch_rendezvous(), rend_service_rendezvous_has_opened(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO   13

Hidden-service-side circuit purpose: at Bob, waiting for introductions.

Referenced by circuit_build_failed(), circuit_expire_building(), circuit_has_opened(), circuit_launch_by_extend_info(), circuit_purpose_to_controller_string(), count_established_intro_points(), find_intro_circuit(), new_route_len(), rend_config_services(), rend_service_intro_established(), rend_service_intro_has_opened(), rend_service_launch_establish_intro(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_S_INTRO   14

Hidden-service-side circuit purpose: at Bob, successfully established intro.

Referenced by circuit_purpose_to_controller_string(), count_established_intro_points(), find_intro_circuit(), rend_config_services(), rend_service_intro_established(), rend_service_introduce(), and rend_service_update_descriptor().

#define CIRCUIT_PURPOSE_S_REND_JOINED   16

Hidden-service-side circuit purpose: at Bob, rendezvous established.

Referenced by circuit_purpose_to_controller_string(), connection_edge_process_relay_cell(), connection_exit_begin_conn(), rend_service_rendezvous_has_opened(), rend_service_set_connection_addr_port(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_TESTING   17

A testing circuit; not meant to be used for actual traffic.

Referenced by choose_good_entry_server(), circuit_build_failed(), circuit_enough_testing_circs(), circuit_has_opened(), circuit_launch_by_extend_info(), circuit_purpose_to_controller_string(), consider_testing_reachability(), new_route_len(), router_perform_bandwidth_test(), and warn_if_last_router_excluded().

#define CIRCUIT_PURPOSE_UNKNOWN   255

A catch-all for unrecognized purposes. Currently we don't expect to make or see any circuits with this purpose.

Referenced by circuit_purpose_from_string(), handle_control_extendcircuit(), and handle_control_setcircuitpurpose().

#define CIRCUIT_STATE_BUILDING   0

Circuit state: I'm the origin, still haven't done all my handshakes.

Referenced by circuit_extend_to_new_exit(), circuit_send_next_onion_skin(), circuit_state_to_string(), and handle_control_extendcircuit().

#define CIRCUIT_STATE_ONIONSKIN_PENDING   1

Circuit state: Waiting to process the onionskin.

Referenced by _circuit_mark_for_close(), circuit_state_to_string(), command_process_create_cell(), and command_process_relay_cell().

#define CIRCUIT_STATE_OPEN   3

Circuit state: onionskin(s) processed, ready to send/receive cells.

Referenced by _circuit_mark_for_close(), assert_circuit_ok(), circuit_build_failed(), circuit_dump_by_conn(), circuit_enough_testing_circs(), circuit_expire_building(), circuit_expire_old_circuits_clientside(), circuit_find_to_cannibalize(), circuit_get_best(), circuit_get_open_circ_or_launch(), circuit_is_acceptable(), circuit_list_path_impl(), circuit_n_conn_done(), circuit_send_next_onion_skin(), circuit_set_state(), circuit_state_to_string(), connection_ap_handshake_attach_chosen_circuit(), connection_ap_handshake_attach_circuit(), count_established_intro_points(), getinfo_helper_events(), handle_control_attachstream(), handle_control_extendcircuit(), onionskin_answer(), rend_config_services(), rend_service_launch_establish_intro(), and router_perform_bandwidth_test().

#define CIRCUIT_STATE_OR_WAIT   2

Circuit state: I'd like to deliver a create, but my n_conn is still connecting.

Referenced by _circuit_mark_for_close(), assert_circuit_ok(), circuit_extend(), circuit_get_all_pending_on_or_conn(), circuit_n_conn_done(), circuit_set_state(), circuit_state_to_string(), and origin_circuit_init().

#define CIRCWINDOW_INCREMENT   100

Amount to increment a circuit window when we get a circuit SENDME.

Referenced by circuit_consider_sending_sendme(), and connection_edge_process_relay_cell().

#define CIRCWINDOW_START   1000

Initial value for both sides of a circuit transmission window when the circuit is initialized. Measured in cells.

Referenced by circuit_consider_sending_sendme(), circuit_initial_package_window(), init_circuit_base(), onion_append_hop(), rend_client_receive_rendezvous(), rend_service_rendezvous_has_opened(), and router_perform_bandwidth_test().

#define CONN_IS_EDGE

(

x

)

((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)

True iff x is an edge connection.

Referenced by _connection_free(), _connection_write_to_buf_impl(), assert_connection_ok(), conn_read_callback(), conn_write_callback(), connection_about_to_close_connection(), connection_get_by_type_state_rendquery(), connection_handle_read_impl(), connection_handle_write_impl(), and hibernate_go_dormant().

#define CONN_LOG_PROTECT	(	conn,
		stmt		)

Value:

STMT_BEGIN                                                            \
    int _log_conn_is_control = (conn && conn->type == CONN_TYPE_CONTROL); \
    if (_log_conn_is_control)                                           \
      disable_control_logging();                                        \
  STMT_BEGIN stmt; STMT_END;                                            \
    if (_log_conn_is_control)                                           \
      enable_control_logging();                                         \
  STMT_END

Execute the statement stmt, which may log events concerning the connection conn. To prevent infinite loops, disable log messages being sent to controllers if conn is a control connection.

Stmt must not contain any return or goto statements.

Referenced by _connection_write_to_buf_impl(), connection_handle_write_impl(), and connection_read_to_buf().

#define CONN_TYPE_AP   7

A SOCKS proxy connection from the user application to the onion proxy.

Referenced by _connection_free(), _connection_mark_unattached_ap(), ap_stream_wants_exit_attention(), assert_connection_ok(), circuit_discard_optional_exit_enclaves(), conn_state_to_string(), conn_type_to_string(), connection_about_to_close_connection(), connection_add(), connection_ap_attach_pending(), connection_ap_can_use_exit(), connection_ap_expire_beginning(), connection_ap_fail_onehop(), connection_ap_handshake_process_socks(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_ap_make_link(), connection_ap_process_natd(), connection_ap_process_transparent(), connection_edge_destroy(), connection_edge_process_relay_cell_not_open(), connection_edge_send_command(), connection_finished_flushing(), connection_get_by_type_state_rendquery(), connection_handle_listener_read(), connection_handle_read_impl(), connection_handle_write_impl(), connection_init(), connection_init_accepted_conn(), connection_new(), connection_process_inbuf(), connection_reached_eof(), connection_read_to_buf(), connection_state_is_open(), control_event_stream_bandwidth_used(), directory_all_unreachable(), dnsserv_launch_request(), edge_connection_new(), evdns_server_callback(), get_stream(), getinfo_helper_events(), hibernate_go_dormant(), rend_client_desc_trynow(), and rend_client_remove_intro_point().

#define CONN_TYPE_AP_DNS_LISTENER   15

Type for sockets listening for DNS requests.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_create_listener(), connection_handle_read_impl(), connection_is_listener(), dnsserv_close_listener(), dnsserv_configure_listener(), hibernate_begin(), and retry_all_listeners().

#define CONN_TYPE_AP_LISTENER   6

Type for sockets listening for SOCKS connections.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_handle_read_impl(), connection_init_accepted_conn(), connection_is_listener(), hibernate_begin(), and retry_all_listeners().

#define CONN_TYPE_AP_NATD_LISTENER   14

Type for sockets listening for transparent connections redirected by natd.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_handle_read_impl(), connection_init_accepted_conn(), connection_is_listener(), hibernate_begin(), and retry_all_listeners().

#define CONN_TYPE_AP_TRANS_LISTENER   13

Type for sockets listening for transparent connections redirected by pf or netfilter.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_handle_read_impl(), connection_init_accepted_conn(), connection_is_listener(), hibernate_begin(), and retry_all_listeners().

#define CONN_TYPE_CONTROL   12

Type for connections from user interface process.

Referenced by _connection_free(), _connection_write_to_buf_impl(), assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_finished_flushing(), connection_free(), connection_free_all(), connection_handle_read_impl(), connection_init(), connection_init_accepted_conn(), connection_new(), connection_process_inbuf(), connection_reached_eof(), connection_state_is_open(), control_connection_new(), control_update_global_event_mask(), and send_control_event_string().

#define CONN_TYPE_CONTROL_LISTENER   11

Type for listening for connections from user interface process.

Referenced by _connection_free(), assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_create_listener(), connection_handle_listener_read(), connection_handle_read_impl(), connection_is_listener(), and retry_all_listeners().

#define CONN_TYPE_CPUWORKER   10

Connection from the main process to a CPU worker process.

Referenced by assert_connection_ok(), assign_onionskin_to_cpuworker(), conn_state_to_string(), conn_type_to_string(), connection_cpu_finished_flushing(), connection_cpu_process_inbuf(), connection_finished_flushing(), connection_process_inbuf(), connection_reached_eof(), cpuworkers_rotate(), cull_wedged_cpuworkers(), and spawn_cpuworker().

#define CONN_TYPE_DIR   9

Type for HTTP connections to the directory server.

Referenced by _connection_free(), any_pending_bridge_descriptor_fetches(), assert_connection_ok(), circuit_get_open_circ_or_launch(), conn_close_if_marked(), conn_state_to_string(), conn_type_to_string(), connection_about_to_close_connection(), connection_bucket_read_limit(), connection_bucket_write_limit(), connection_counts_as_relayed_traffic(), connection_dir_finished_connecting(), connection_dir_finished_flushing(), connection_dir_process_inbuf(), connection_edge_process_relay_cell_not_open(), connection_exit_connect_dir(), connection_expire_held_open(), connection_finished_connecting(), connection_finished_flushing(), connection_flushed_some(), connection_get_by_type_state_rendquery(), connection_handle_listener_read(), connection_handle_read_impl(), connection_init(), connection_init_accepted_conn(), connection_new(), connection_process_inbuf(), connection_reached_eof(), connection_state_is_connecting(), consider_testing_reachability(), control_event_stream_status(), dir_connection_new(), directory_handle_command(), directory_send_command(), launch_direct_bridge_descriptor_fetch(), list_pending_downloads(), router_pick_trusteddirserver_impl(), run_connection_housekeeping(), update_consensus_networkstatus_downloads(), and update_v2_networkstatus_cache_downloads().

#define CONN_TYPE_DIR_LISTENER   8

Type for sockets listening for HTTP connections to the directory server.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_handle_read_impl(), connection_is_listener(), hibernate_begin(), and retry_all_listeners().

#define CONN_TYPE_EXIT   5

A TCP connection from an onion router to a stream's destination.

Referenced by _connection_free(), assert_circuit_ok(), assert_connection_ok(), conn_close_if_marked(), conn_state_to_string(), conn_type_to_string(), connection_about_to_close_connection(), connection_buckets_decrement(), connection_dns_remove(), connection_edge_finished_connecting(), connection_exit_begin_conn(), connection_exit_begin_resolve(), connection_expire_held_open(), connection_finished_connecting(), connection_finished_flushing(), connection_get_by_type_state_rendquery(), connection_init(), connection_new(), connection_process_inbuf(), connection_reached_eof(), connection_state_is_connecting(), connection_state_is_open(), connection_unlink(), edge_connection_new(), and hibernate_go_dormant().

#define CONN_TYPE_OR   4

A bidirectional TLS connection transmitting a sequence of cells. May be from an OR to an OR, or from an OP to an OR.

Referenced by _connection_free(), _connection_write_to_buf_impl(), assert_connection_ok(), circuit_dump_by_conn(), conn_close_if_marked(), conn_state_to_string(), conn_type_to_string(), connection_about_to_close_connection(), connection_counts_as_relayed_traffic(), connection_cpu_process_inbuf(), connection_finished_connecting(), connection_finished_flushing(), connection_flushed_some(), connection_handle_read_impl(), connection_handle_write_impl(), connection_init(), connection_init_accepted_conn(), connection_new(), connection_or_clear_identity_map(), connection_or_get_for_extend(), connection_or_nonopen_was_started_here(), connection_process_inbuf(), connection_reached_eof(), connection_state_is_connecting(), connection_state_is_open(), connection_unlink(), dumpstats(), getinfo_helper_events(), hibernate_go_dormant(), or_connection_new(), and run_connection_housekeeping().

#define CONN_TYPE_OR_LISTENER   3

Type for sockets listening for OR connections.

Referenced by assert_connection_ok(), conn_state_to_string(), conn_type_to_string(), connection_handle_read_impl(), connection_is_listener(), hibernate_begin(), and retry_all_listeners().

#define CONTROL_CONN_STATE_NEEDAUTH   2

State for a control connection: Waiting for authentication; speaking protocol v1.

Referenced by conn_state_to_string(), connection_control_process_inbuf(), and connection_init_accepted_conn().

#define CONTROL_CONN_STATE_OPEN   1

State for a control connection: Authenticated and accepting v1 commands.

Referenced by conn_state_to_string(), connection_control_process_inbuf(), connection_state_is_open(), handle_control_authenticate(), is_valid_initial_command(), and send_control_event_string().

#define CPUWORKER_STATE_BUSY_ONION   2

State for a connection to a cpuworker process that's processing a handshake.

Referenced by assign_onionskin_to_cpuworker(), conn_state_to_string(), connection_cpu_process_inbuf(), and cull_wedged_cpuworkers().

#define CPUWORKER_STATE_IDLE   1

State for a connection to a cpuworker process that's idle.

Referenced by assign_onionskin_to_cpuworker(), conn_state_to_string(), connection_cpu_process_inbuf(), connection_cpu_reached_eof(), cpuworkers_rotate(), and spawn_cpuworker().

#define DEFAULT_CLIENT_NICKNAME   "client"

Name to use in client TLS certificates if no nickname is given. Once Tor 0.1.2.x is obsolete, we can remove this.

Referenced by dirserv_load_fingerprint_file().

#define DEFAULT_DNS_TTL   (30*60)

How long do we cache/tell clients to cache DNS records when no TTL is known?

Referenced by client_dns_set_addressmap_impl(), and dns_resolve_impl().

#define DIR_CONN_IS_SERVER

(

conn

)

((conn)->purpose == DIR_PURPOSE_SERVER)

True iff the purpose of conn means that it's a server-side directory connection.

Referenced by connection_counts_as_relayed_traffic(), and run_connection_housekeeping().

#define DIR_CONN_STATE_CLIENT_FINISHED   4

State for connection to directory server: happy and finished.

Referenced by conn_state_to_string(), connection_about_to_close_connection(), and connection_dir_reached_eof().

#define DIR_CONN_STATE_CLIENT_READING   3

State for connection to directory server: reading HTTP response.

Referenced by conn_state_to_string(), connection_dir_finished_flushing(), and connection_dir_reached_eof().

#define DIR_CONN_STATE_CLIENT_SENDING   2

State for connection to directory server: sending HTTP request.

Referenced by conn_state_to_string(), connection_dir_finished_connecting(), connection_dir_finished_flushing(), and directory_initiate_command_rend().

#define DIR_CONN_STATE_CONNECTING   1

State for connection to directory server: waiting for connect().

Referenced by conn_state_to_string(), connection_dir_finished_connecting(), connection_state_is_connecting(), and directory_initiate_command_rend().

#define DIR_CONN_STATE_SERVER_COMMAND_WAIT   5

State for connection at directory server: waiting for HTTP request.

Referenced by conn_state_to_string(), connection_dir_process_inbuf(), connection_exit_connect_dir(), and connection_init_accepted_conn().

#define DIR_CONN_STATE_SERVER_WRITING   6

State for connection at directory server: sending HTTP response.

Referenced by conn_state_to_string(), connection_dir_finished_flushing(), connection_dirserv_flushed_some(), connection_flushed_some(), directory_handle_command_get(), and directory_handle_command_post().

#define DIR_ENTRY_RECORD_USAGE_RETAIN_IPS   (24*60*60)

Time interval: Flush geoip data to disk this often.

Referenced by geoip_bridge_stats_write().

#define DIR_PURPOSE_FETCH_CERTIFICATE   15

A connection to a directory server: download one or more directory authority certificates.

Referenced by authority_certs_fetch_missing(), connection_dir_client_reached_eof(), connection_dir_download_cert_failed(), connection_dir_request_failed(), connection_edge_process_relay_cell_not_open(), dir_conn_purpose_to_string(), directory_get_from_dirserver(), directory_send_command(), and purpose_needs_anonymity().

#define DIR_PURPOSE_FETCH_CONSENSUS   14

A connection to a directory server: download a v3 networkstatus consensus.

Referenced by connection_dir_client_reached_eof(), connection_dir_request_failed(), connection_edge_process_relay_cell_not_open(), dir_conn_purpose_to_string(), directory_get_from_dirserver(), directory_send_command(), purpose_needs_anonymity(), and update_consensus_networkstatus_downloads().

#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES   13

A connection to a directory server: download a v3 detached signatures object for a consensus.

Referenced by connection_dir_client_reached_eof(), connection_dir_request_failed(), dir_conn_purpose_to_string(), directory_get_from_all_authorities(), directory_get_from_dirserver(), directory_send_command(), dirvote_fetch_missing_signatures(), and purpose_needs_anonymity().

#define DIR_PURPOSE_FETCH_EXTRAINFO   7

A connection to a directory server: download one or more extra-info documents.

Referenced by connection_dir_client_reached_eof(), connection_dir_download_routerdesc_failed(), connection_dir_request_failed(), dir_conn_purpose_to_string(), directory_get_from_dirserver(), directory_send_command(), list_pending_descriptor_downloads(), purpose_needs_anonymity(), router_pick_trusteddirserver_impl(), and update_extrainfo_downloads().

#define DIR_PURPOSE_FETCH_RENDDESC   3

A connection to a directory server: download a rendezvous descriptor.

Referenced by body_is_plausible(), connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), and directory_get_from_dirserver().

#define DIR_PURPOSE_FETCH_RENDDESC_V2   18

A connection to a hidden service directory server: download a v2 rendezvous descriptor.

Referenced by connection_about_to_close_connection(), connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), directory_get_from_hs_dir(), and directory_send_command().

#define DIR_PURPOSE_FETCH_SERVERDESC   6

A connection to a directory server: download one or more server descriptors.

Referenced by any_pending_bridge_descriptor_fetches(), connection_dir_client_reached_eof(), connection_dir_download_routerdesc_failed(), connection_dir_request_failed(), connection_edge_process_relay_cell_not_open(), consider_testing_reachability(), dir_conn_purpose_to_string(), directory_get_from_dirserver(), directory_send_command(), fetch_bridge_descriptors(), launch_direct_bridge_descriptor_fetch(), launch_router_descriptor_downloads(), list_pending_descriptor_downloads(), purpose_needs_anonymity(), router_pick_trusteddirserver_impl(), run_connection_housekeeping(), and update_router_descriptor_downloads().

#define DIR_PURPOSE_FETCH_STATUS_VOTE   12

A connection to a directory server: download one or more v3 networkstatus votes.

Referenced by connection_dir_client_reached_eof(), connection_dir_request_failed(), dir_conn_purpose_to_string(), directory_get_from_all_authorities(), directory_get_from_dirserver(), directory_send_command(), and purpose_needs_anonymity().

#define DIR_PURPOSE_FETCH_V2_NETWORKSTATUS   5

A connection to a directory server: download one or more v2 network-status objects

Referenced by connection_dir_client_reached_eof(), connection_dir_request_failed(), dir_conn_purpose_to_string(), directory_get_from_dirserver(), directory_send_command(), purpose_needs_anonymity(), and update_v2_networkstatus_cache_downloads().

#define DIR_PURPOSE_HAS_FETCHED_RENDDESC   4

A connection to a directory server: set after a rendezvous descriptor is downloaded.

Referenced by connection_dir_client_reached_eof().

#define DIR_PURPOSE_IS_UPLOAD

(

p

)

Value:

((p)==DIR_PURPOSE_UPLOAD_DIR ||               \
   (p)==DIR_PURPOSE_UPLOAD_RENDDESC ||          \
   (p)==DIR_PURPOSE_UPLOAD_VOTE ||              \
   (p)==DIR_PURPOSE_UPLOAD_SIGNATURES)

True iff p is a purpose corresponding to uploading data to a directory server.

Referenced by control_event_stream_status().

#define DIR_PURPOSE_SERVER   16

Purpose for connection at a directory server.

Referenced by conn_close_if_marked(), connection_exit_connect_dir(), connection_expire_held_open(), and connection_init_accepted_conn().

#define DIR_PURPOSE_UPLOAD_DIR   8

A connection to a directory server: upload a server descriptor.

Referenced by connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), directory_post_to_dirservers(), directory_send_command(), purpose_needs_anonymity(), and router_upload_dir_desc_to_dirservers().

#define DIR_PURPOSE_UPLOAD_RENDDESC   9

A connection to a directory server: upload a rendezvous descriptor.

Referenced by connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), and directory_send_command().

#define DIR_PURPOSE_UPLOAD_RENDDESC_V2   17

A connection to a hidden service directory server: upload a v2 rendezvous descriptor.

Referenced by connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), directory_post_to_hs_dir(), and directory_send_command().

#define DIR_PURPOSE_UPLOAD_SIGNATURES   11

A connection to a directory server: upload a v3 consensus signature

Referenced by connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), directory_send_command(), dirvote_compute_consensuses(), and purpose_needs_anonymity().

#define DIR_PURPOSE_UPLOAD_VOTE   10

A connection to a directory server: upload a v3 networkstatus vote.

Referenced by connection_dir_client_reached_eof(), dir_conn_purpose_to_string(), directory_send_command(), dirvote_perform_vote(), and purpose_needs_anonymity().

#define DIR_RECORD_USAGE_GRANULARITY   8

Round all GeoIP results to the next multiple of this value, to avoid leaking information.

Referenced by geoip_get_client_history_dirreq().

#define DIR_RECORD_USAGE_MIN_OBSERVATION_TIME   (12*60*60)

How long do we have to have observed per-country request history before we are willing to talk about it?

Referenced by geoip_get_client_history_dirreq().

#define DOWNCAST	(	to,
		ptr		)	((to*)SUBTYPE_P(ptr, to, _base))

Helper macro: Given a pointer to to._base, of type from*, return &to.

Referenced by TO_CONTROL_CONN(), TO_DIR_CONN(), TO_EDGE_CONN(), TO_OR_CIRCUIT(), TO_OR_CONN(), and TO_ORIGIN_CIRCUIT().

#define download_status_failed	(	dls,
		sc		)

Value:

download_status_increment_failure((dls), (sc), NULL,                  \
                                    get_options()->DirPort, time(NULL))

Increment the failure count of the download_status_t dls, with the optional status code sc.

Referenced by authority_cert_dl_failed(), connection_dir_download_networkstatus_failed(), dir_networkstatus_download_failed(), fetch_bridge_descriptors(), networkstatus_consensus_download_failed(), networkstatus_set_current_consensus(), router_set_networkstatus_v2(), and update_consensus_networkstatus_downloads().

#define END_CIRC_AT_ORIGIN   -1

Catch-all "other" reason for closing origin circuits.

Referenced by _circuit_mark_for_close(), circuit_end_reason_to_control_string(), and circuit_testing_opened().

#define END_CIRC_REASON_FLAG_REMOTE   512

Bitwise-OR this with the argument to circuit_mark_for_close() or control_event_circuit_status() to indicate that the reason was passed through from a destroy or truncate cell.

Referenced by _circuit_mark_for_close(), circuit_end_reason_to_control_string(), circuit_truncated(), command_process_destroy_cell(), and control_event_circuit_status().

#define END_CIRC_REASON_NOPATH   -2

We couldn't build a path for this circuit.

Referenced by circuit_end_reason_to_control_string(), and circuit_establish_circuit().

#define END_STREAM_REASON_CANT_ATTACH   257

We were unable to attach the connection to any circuit at all.

Referenced by connection_ap_attach_pending(), connection_ap_expire_beginning(), connection_ap_make_link(), connection_edge_package_raw_inbuf(), rend_client_desc_trynow(), stream_end_reason_to_control_string(), and stream_end_reason_to_socks5_response().

#define END_STREAM_REASON_CANT_FETCH_ORIG_DEST   260

This is a transparent proxy connection, but we can't extract the original target address:port.

Referenced by connection_ap_process_transparent().

#define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED   1024

Bitwise-or this with the argument to control_event_stream_status to indicate that we already sent a CLOSED stream event.

Referenced by _circuit_mark_for_close(), connection_edge_destroy(), and control_event_stream_status().

#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED   2048

Bitwise-or this with endreason to indicate that we already sent a socks reply, and no further reply needs to be sent from connection_mark_unattached_ap().

Referenced by _connection_mark_unattached_ap(), connection_ap_handshake_process_socks(), and connection_edge_process_relay_cell_not_open().

#define END_STREAM_REASON_FLAG_REMOTE   512

Bitwise-or this with the argument to control_event_stream_status to indicate that the reason came from an END cell.

Referenced by connection_ap_process_end_not_open(), connection_edge_process_relay_cell(), connection_edge_process_relay_cell_not_open(), and control_event_stream_status().

#define END_STREAM_REASON_INVALID_NATD_DEST   261

This is a connection on the NATD port, and the destination IP:Port was either ill-formed or out-of-range.

Referenced by connection_ap_process_natd().

#define END_STREAM_REASON_MASK   511

Bitwise-and this value with endreason to mask out all flags.

Referenced by stream_end_reason_to_control_string(), and stream_end_reason_to_socks5_response().

#define END_STREAM_REASON_NET_UNREACHABLE   258

We can't connect to any directories at all, so we killed our streams before they can time out.

Referenced by directory_all_unreachable(), stream_end_reason_to_control_string(), and stream_end_reason_to_socks5_response().

#define END_STREAM_REASON_SOCKSPROTOCOL   259

This is a SOCKS connection, and the client used (or misused) the SOCKS protocol in a way we couldn't handle.

Referenced by connection_ap_handshake_process_socks(), stream_end_reason_to_control_string(), and stream_end_reason_to_socks5_response().

#define EXIT_CONN_STATE_CONNECTING   2

State for an exit connection: waiting for connect() to finish.

Referenced by conn_state_to_string(), connection_edge_finished_connecting(), connection_edge_process_inbuf(), connection_exit_begin_conn(), connection_exit_connect(), connection_state_is_connecting(), and dns_found_answer().

#define EXIT_CONN_STATE_OPEN   3

State for an exit connection: open and ready to transmit data.

Referenced by conn_state_to_string(), connection_edge_finished_connecting(), connection_edge_finished_flushing(), connection_edge_process_inbuf(), connection_exit_connect(), connection_exit_connect_dir(), and connection_state_is_open().

#define EXIT_CONN_STATE_RESOLVEFAILED   4

State for an exit connection: waiting to be removed.

Referenced by conn_state_to_string(), connection_exit_begin_conn(), connection_exit_begin_resolve(), dns_cancel_pending_resolve(), and dns_found_answer().

#define EXIT_CONN_STATE_RESOLVING   1

State for an exit connection: waiting for response from DNS farm.

Referenced by conn_state_to_string(), connection_about_to_close_connection(), connection_dns_remove(), and dns_resolve().

#define EXIT_PURPOSE_CONNECT   1

This exit stream wants to do an ordinary connect.

Referenced by assert_connection_ok(), connection_exit_begin_conn(), and dns_found_answer().

#define EXIT_PURPOSE_RESOLVE   2

This exit stream wants to do a resolve (either normal or reverse).

Referenced by assert_connection_ok(), connection_exit_begin_resolve(), and dns_resolve().

#define get_datadir_fname

(

sub1

)

get_datadir_fname2_suffix((sub1), NULL, NULL)

Return a newly allocated string containing datadir/sub1. See get_datadir_fname2_suffix.

Referenced by dirserv_load_fingerprint_file(), dirvote_compute_consensuses(), dump_desc(), geoip_bridge_stats_write(), geoip_dirreq_stats_write(), geoip_entry_stats_write(), get_cookie_file(), get_microdesc_cache(), init_keys(), load_bridge_stats(), load_stats_file(), networkstatus_set_current_consensus(), or_state_load(), or_state_save(), read_bandwidth_usage(), rep_hist_buffer_stats_write(), rep_hist_exit_stats_write(), rep_hist_load_mtbf_data(), rep_hist_record_mtbf_data(), router_rebuild_store(), router_reload_consensus_networkstatus(), router_reload_router_list_impl(), router_reload_v2_networkstatus(), and trusted_dirs_reload_certs().

#define get_datadir_fname2	(	sub1,
		sub2		)	get_datadir_fname2_suffix((sub1), (sub2), NULL)

Return a newly allocated string containing datadir/sub1/sub2. See get_datadir_fname2_suffix.

Referenced by geoip_bridge_stats_write(), geoip_dirreq_stats_write(), geoip_entry_stats_write(), init_keys(), load_authority_keyset(), load_bridge_stats(), networkstatus_get_cache_filename(), rep_hist_buffer_stats_write(), rep_hist_exit_stats_write(), rotate_onion_key(), and router_reload_v2_networkstatus().

#define get_datadir_fname_suffix	(	sub1,
		suffix		)	get_datadir_fname2_suffix((sub1), NULL, (suffix))

Return a newly allocated string containing datadir/sub1suffix. See get_datadir_fname2_suffix.

Referenced by router_rebuild_store(), router_reload_router_list_impl(), and signed_desc_append_to_journal().

#define IMPOSSIBLE_TO_DOWNLOAD   255

If n_download_failures is this high, the download can never happen.

Referenced by download_status_increment_failure(), download_status_mark_impossible(), and fetch_bridge_descriptors().

#define LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Legal characters in a nickname.

Referenced by get_default_nickname(), and is_legal_nickname().

#define LISTENER_STATE_READY   0

State for any listener connection.

Referenced by assert_connection_ok(), conn_state_to_string(), and connection_create_listener().

#define LOG_FN_CONN	(	conn,
		args		)	CONN_LOG_PROTECT(conn, log_fn args)

Log information about the connection conn, protecting it as with CONN_LOG_PROTECT. Example:

LOG_FN_CONN(conn, (LOG_DEBUG, "Socket %d wants to write", conn->s));

Referenced by conn_close_if_marked(), conn_write_callback(), connection_bucket_refill(), connection_consider_empty_read_buckets(), and connection_consider_empty_write_buckets().

#define LOG_PROTOCOL_WARN

Value:

(get_options()->ProtocolWarnings ? \
                           LOG_WARN : LOG_INFO)

#define MAX_BUF_SIZE   ((1<<24)-1)

Maximum size, in bytes, for resized buffers.

#define MAX_DESCRIPTOR_UPLOAD_SIZE   20000

Maximum size, in bytes, of a single router descriptor uploaded to us as a directory authority. Caches and clients fetch whatever descriptors the authorities tell them to fetch, and don't care about size.

Referenced by dirserv_add_descriptor().

#define MAX_DIR_DL_SIZE   MAX_BUF_SIZE

Maximum size, in bytes, for any directory object that we've downloaded.

Referenced by connection_dir_client_reached_eof().

#define MAX_DIR_UL_SIZE   MAX_BUF_SIZE

Maximum size, in bytes, for any directory object that we're accepting as an upload.

Referenced by directory_handle_command().

#define MAX_DNS_ENTRY_AGE   (30*60)

How long do we keep DNS cache entries before purging them (regardless of their TTL)?

Referenced by client_dns_incr_failures(), and dns_get_expiry_ttl().

#define MAX_DNS_TTL   (3*60*60)

How long can a TTL be before we stop believing it?

Referenced by dns_clip_ttl().

#define MAX_EXITPOLICY_SUMMARY_LEN   (1000)

Maximum length of an exit policy summary.

Referenced by policy_summarize().

#define MAX_EXTRAINFO_UPLOAD_SIZE   50000

Maximum size of a single extrainfo document, as above.

Referenced by dirserv_add_extrainfo(), and router_rebuild_descriptor().

#define MAX_FLAG_LINE_LEN   96

Length of "r Authority BadDirectory BadExit Exit Fast Guard HSDir Named Running Stable Unnamed V2Dir Valid
".

#define MAX_HEADERS_SIZE   50000

For HTTP parsing: Maximum number of bytes we'll accept in the headers of an HTTP request or response.

Referenced by connection_dir_client_reached_eof(), connection_read_https_proxy_response(), and directory_handle_command().

#define MAX_HEX_NICKNAME_LEN   (HEX_DIGEST_LEN+1)

Length of a router identity encoded as a hexadecimal digest, plus possible dollar sign.

Referenced by rend_service_introduce().

#define MAX_NETWORKSTATUS_AGE   (10*24*60*60)

How old do we allow a v2 network-status to get before removing it completely?

Referenced by networkstatus_v2_list_clean(), and update_router_descriptor_cache_downloads_v2().

#define MAX_NICKNAME_LEN   19

Length of longest allowable configured nickname.

Referenced by circuit_list_path_impl(), dirserv_load_fingerprint_file(), entry_guards_parse_state(), entry_guards_update_state(), get_default_nickname(), init_keys(), is_legal_nickname(), list_single_server_status(), rend_mid_introduce(), rend_service_introduce(), router_get_verbose_nickname(), and routerstatus_get_verbose_nickname().

#define MAX_POLICY_LINE_LEN   (3+MAX_EXITPOLICY_SUMMARY_LEN)

Maximum length of an exit policy summary line.

#define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT   8

Largest number of relay_early cells that we can send on a given circuit.

Referenced by or_circuit_new(), and origin_circuit_new().

#define MAX_ROUTERDESC_DOWNLOAD_FAILURES   8

How many times will we try to download a router's descriptor before giving up?

Referenced by dir_routerdesc_download_failed(), and update_extrainfo_downloads().

#define MAX_SSL_KEY_LIFETIME   (2*60*60)

How often do we rotate TLS contexts?

Referenced by init_keys(), and run_scheduled_events().

#define MAX_V_LINE_LEN   128

Maximum allowable length of a version line in a networkstatus.

Referenced by routerstatus_format_entry().

#define MAX_VERBOSE_NICKNAME_LEN   (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)

Maximum length of verbose router identifier: dollar sign, hex ID digest, equal sign or tilde, nickname.

Referenced by circuit_list_path_impl(), client_dns_set_addressmap_impl(), control_event_descriptors_changed(), control_event_guard(), getinfo_helper_entry_guards(), list_server_status_v1(), and orconn_target_get_name().

#define MAX_WEIGHT_LINE_LEN   (12+10+10+10+1)

Length of "w" line for weighting. Currently at most "w Bandwidth=<uint32t> Measured=<uint32t>\n"

#define MIN_CIRCUITS_HANDLING_STREAM   2

How many circuits do we want simultaneously in-progress to handle a given stream?

Referenced by ap_stream_wants_exit_attention(), and circuit_remove_handled_ports().

#define MIN_DIST_SECONDS   20

Lowest allowable value for DistSeconds.

Referenced by networkstatus_compute_consensus(), and networkstatus_parse_vote_from_string().

#define MIN_DNS_TTL   (60)

How small can a TTL be before we stop believing it? Provides rudimentary pinning.

Referenced by dns_clip_ttl(), and dns_get_expiry_ttl().

#define MIN_ONION_KEY_LIFETIME   (7*24*60*60)

How often do we rotate onion keys?

Referenced by run_scheduled_events().

#define MIN_VOTE_INTERVAL   300

Smallest allowable voting interval.

Referenced by networkstatus_compute_consensus(), and networkstatus_parse_vote_from_string().

#define MIN_VOTE_SECONDS   20

Lowest allowable value for VoteSeconds.

Referenced by networkstatus_compute_consensus(), and networkstatus_parse_vote_from_string().

#define N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)

How many different consensus flavors are there?

Referenced by dirvote_clear_pending_consensuses(), dirvote_compute_consensuses(), and dirvote_fetch_missing_signatures().

#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)

How old do we let a saved descriptor get before force-removing it?

Referenced by client_would_use_router(), networkstatus_set_current_consensus(), router_add_to_routerlist(), and routerlist_remove_old_routers().

#define ONIONSKIN_CHALLENGE_LEN

Value:

(PKCS1_OAEP_PADDING_OVERHEAD+\
                                 CIPHER_KEY_LEN+\
                                 DH_KEY_LEN)

#define OR_CONN_STATE_CONNECTING   1

State for a connection to an OR: waiting for connect() to finish.

Referenced by conn_state_to_string(), connection_handle_read_impl(), connection_or_connect(), connection_or_finished_connecting(), connection_state_is_connecting(), and run_connection_housekeeping().

#define OR_CONN_STATE_OPEN   7

State for a connection to an OR: Ready to send/receive cells.

Referenced by assert_connection_ok(), conn_close_if_marked(), conn_state_to_string(), connection_about_to_close_connection(), connection_bucket_read_limit(), connection_bucket_refill(), connection_bucket_should_increase(), connection_bucket_write_limit(), connection_buckets_decrement(), connection_consider_empty_read_buckets(), connection_consider_empty_write_buckets(), connection_or_finished_flushing(), connection_or_get_for_extend(), connection_or_group_set_badness(), connection_or_process_inbuf(), connection_or_set_state_open(), connection_state_is_open(), and getinfo_helper_events().

#define OR_CONN_STATE_OR_HANDSHAKING   6

State for a connection to an OR: We're done with our SSL handshake, but we haven't yet negotiated link protocol versions and sent a netinfo cell.

Referenced by command_process_cell(), command_process_netinfo_cell(), command_process_var_cell(), command_process_versions_cell(), conn_state_to_string(), connection_or_finished_flushing(), connection_or_process_inbuf(), and connection_tls_finish_handshake().

#define OR_CONN_STATE_PROXY_HANDSHAKING   2

State for a connection to an OR: waiting for proxy handshake to complete

Referenced by assert_connection_ok(), conn_state_to_string(), connection_handle_write_impl(), connection_or_finished_connecting(), connection_or_finished_flushing(), connection_or_process_inbuf(), and connection_read_to_buf().

#define OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING   4

State for a connection to an OR: We're doing a second SSL handshake for renegotiation purposes.

Referenced by conn_state_to_string(), connection_handle_write_impl(), connection_read_to_buf(), and connection_tls_continue_handshake().

#define OR_CONN_STATE_TLS_HANDSHAKING   3

State for a connection to an OR or client: SSL is handshaking, not done yet.

Referenced by conn_state_to_string(), connection_about_to_close_connection(), connection_handle_write_impl(), connection_read_to_buf(), connection_tls_continue_handshake(), and connection_tls_start_handshake().

#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING   5

State for a connection at an OR: We're waiting for the client to renegotiate.

Referenced by conn_state_to_string(), connection_handle_write_impl(), and connection_tls_continue_handshake().

#define PDS_ALLOW_SELF   (1<<0)

Flag to indicate that we should not automatically be willing to use ourself to answer a directory request. Passed to router_pick_directory_server (et al).

Referenced by directory_get_from_dirserver(), router_get_my_share_of_directory_requests(), router_pick_directory_server_impl(), and router_pick_trusteddirserver_impl().

#define PDS_IGNORE_FASCISTFIREWALL   (1<<2)

Flag to indicate that we should not exclude directory servers that our ReachableAddress settings would exclude. This usually means that we're going to connect to the server over Tor, and so we don't need to worry about our firewall telling us we can't. Passed to router_pick_directory_server (et al).

Referenced by directory_get_from_dirserver(), router_get_my_share_of_directory_requests(), router_pick_directory_server_impl(), and router_pick_trusteddirserver_impl().

#define PDS_NO_EXISTING_SERVERDESC_FETCH   (1<<3)

Flag to indicate that we should not use any directory authority to which we have an existing directory connection for downloading server descriptors or extrainfo documents.

Passed to router_pick_directory_server (et al)

[XXXX NOTE: This option is only implemented for pick_trusteddirserver, not pick_directory_server. If we make it work on pick_directory_server too, we could conservatively make it only prevent multiple fetches to the same authority, or we could aggressively make it prevent multiple fetches to _any_ single directory server.]

Referenced by directory_get_from_dirserver(), launch_router_descriptor_downloads(), router_pick_trusteddirserver(), router_pick_trusteddirserver_impl(), and update_extrainfo_downloads().

#define PDS_RETRY_IF_NO_SERVERS   (1<<1)

Flag to indicate that if no servers seem to be up, we should mark all directory servers as up and try again. Passed to router_pick_directory_server (et al).

Referenced by launch_router_descriptor_downloads(), router_pick_directory_server(), router_pick_trusteddirserver(), update_consensus_networkstatus_downloads(), update_extrainfo_downloads(), update_router_descriptor_downloads(), and update_v2_networkstatus_cache_downloads().

#define RELAY_HEADER_SIZE   (1+2+2+4+2)

Number of bytes in a relay cell's header (not including general cell header).

Referenced by circuit_extend(), connection_ap_process_end_not_open(), connection_edge_process_relay_cell(), connection_edge_process_relay_cell_not_open(), connection_exit_begin_conn(), connection_exit_begin_resolve(), and relay_send_command_from_edge().

#define RELAY_PAYLOAD_SIZE   (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)

Largest number of bytes that can fit in a relay cell payload.

Referenced by connection_ap_handshake_send_begin(), connection_bucket_read_limit(), connection_bucket_write_limit(), connection_edge_end(), connection_edge_package_raw_inbuf(), connection_edge_process_relay_cell(), dumpstats(), relay_send_command_from_edge(), rend_client_send_introduction(), rend_service_intro_has_opened(), rend_service_introduce(), rend_service_rendezvous_has_opened(), send_resolved_cell(), and send_resolved_hostname_cell().

#define REMAP_STREAM_SOURCE_CACHE   1

Reason for remapping an AP connection's address: we have a cached answer.

Referenced by control_event_stream_status().

#define REMAP_STREAM_SOURCE_EXIT   2

Reason for remapping an AP connection's address: the exit node told us an answer.

Referenced by control_event_stream_status(), and remap_event_helper().

#define REND_BASIC_AUTH_CLIENT_ENTRY_LEN

Value:

(REND_BASIC_AUTH_CLIENT_ID_LEN \
                                          + CIPHER_KEY_LEN)

Length of client entry consisting of client identifier and encrypted session key for hidden service authorization type 'basic'.

Referenced by rend_decrypt_introduction_points(), and rend_encrypt_v2_intro_points_basic().

#define REND_BASIC_AUTH_CLIENT_ID_LEN   4

Length of client identifier in encrypted introduction points for hidden service authorization type 'basic'.

Referenced by rend_decrypt_introduction_points(), and rend_encrypt_v2_intro_points_basic().

#define REND_BASIC_AUTH_CLIENT_MULTIPLE   16

Multiple of the number of clients to which the real number of clients is padded with fake clients for hidden service authorization type 'basic'.

Referenced by rend_decrypt_introduction_points(), and rend_encrypt_v2_intro_points_basic().

#define REND_CLIENTNAME_MAX_LEN   16

Maximum length of authorized client names for a hidden service.

Referenced by rend_config_services().

#define REND_COOKIE_LEN   DIGEST_LEN

Length of the rendezvous cookie that is used to connect circuits at the rendezvous point.

Referenced by circuit_get_rendezvous(), rend_client_send_establish_rendezvous(), rend_mid_establish_rendezvous(), rend_mid_introduce(), rend_mid_rendezvous(), rend_service_introduce(), and rend_service_rendezvous_has_opened().

#define REND_DESC_COOKIE_LEN   16

Length of the descriptor cookie that is used for client authorization to hidden services.

Referenced by directory_get_from_hs_dir(), get_secret_id_part_bytes(), rend_check_authorization(), rend_decrypt_introduction_points(), rend_encrypt_v2_intro_points_basic(), rend_parse_client_keys(), rend_parse_service_authorization(), rend_service_introduce(), and rend_service_load_keys().

#define REND_DESC_COOKIE_LEN_BASE64   22

Length of the base64-encoded descriptor cookie that is used for exchanging client authorization between hidden service and client.

Referenced by directory_get_from_hs_dir(), rend_parse_client_keys(), rend_parse_service_authorization(), and rend_service_load_keys().

#define REND_DESC_ID_V2_LEN_BASE32   32

Length of v2 descriptor ID (32 base32 chars = 160 bits).

Referenced by directory_get_from_hs_dir(), directory_handle_command_get(), directory_post_to_hs_dir(), directory_send_command(), lookup_last_hid_serv_request(), rend_cache_clean_v2_descs_as_dir(), rend_cache_lookup_v2_desc_as_dir(), rend_cache_store_v2_desc_as_dir(), rend_encode_v2_descriptors(), and rend_parse_v2_service_descriptor().

#define REND_DESC_MAX_SIZE   (20 * 1024)

Maximum size of v2 hidden service descriptors.

Referenced by rend_parse_v2_service_descriptor().

#define REND_INTRO_POINT_ID_LEN_BASE32   32

Length of the base32-encoded hash of an introduction point's identity key.

Referenced by rend_encode_v2_intro_points(), and rend_parse_introduction_points().

#define REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"

Legal characters for use in authorized client names for a hidden service.

Referenced by rend_config_services(), and rend_parse_client_keys().

#define REND_NUMBER_OF_CONSECUTIVE_REPLICAS   3

Number of consecutive replicas for a descriptor.

Referenced by hid_serv_get_responsible_directories().

#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS   2

Number of non-consecutive replicas (i.e. distributed somewhere in the ring) for a descriptor.

Referenced by rend_client_refetch_v2_renddesc(), rend_compute_v2_desc_id(), and rend_encode_v2_descriptors().

#define REND_REPLAY_TIME_INTERVAL   (60 * 60)

Time interval for tracking possible replays of INTRODUCE2 cells. Incoming cells with timestamps half of this interval in the past or future are dropped immediately.

Referenced by clean_accepted_intros(), and rend_service_introduce().

#define REND_SECRET_ID_PART_LEN_BASE32   32

Length of the base32-encoded secret ID part of versioned hidden service descriptors.

Referenced by rend_encode_v2_descriptors(), and rend_parse_v2_service_descriptor().

#define REND_SERVICE_ADDRESS_LEN   (16+1+5)

Length of 'y.onion' including '.onion' URL.

Referenced by rend_parse_service_authorization().

#define REND_SERVICE_ID_LEN   10

Length of a binary-encoded rendezvous service ID.

Referenced by rend_compute_v2_desc_id(), rend_get_descriptor_id_bytes(), rend_get_service_id(), rend_mid_establish_intro(), rend_mid_introduce(), rend_service_intro_established(), rend_service_intro_has_opened(), rend_service_introduce(), rend_service_rendezvous_has_opened(), and rend_service_set_connection_addr_port().

#define REND_SERVICE_ID_LEN_BASE32   16

Length of 'y' portion of 'y.onion' URL.

Referenced by connection_about_to_close_connection(), parse_extended_hostname(), rend_cache_lookup_entry(), rend_cache_store(), rend_cache_store_v2_desc_as_client(), rend_compute_v2_desc_id(), rend_get_service_id(), rend_mid_establish_intro(), rend_mid_introduce(), rend_parse_service_authorization(), rend_service_intro_established(), rend_service_intro_has_opened(), rend_service_introduce(), rend_service_rendezvous_has_opened(), rend_service_set_connection_addr_port(), rend_valid_service_id(), and upload_service_descriptor().

#define REND_TIME_PERIOD_OVERLAPPING_V2_DESCS   (60*60)

Time period within which two sets of v2 descriptors will be uploaded in parallel.

Referenced by upload_service_descriptor().

#define REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)

Time period for which a v2 descriptor will be valid.

Referenced by get_seconds_valid(), get_time_period(), and rend_encode_v2_descriptors().

#define ROUTER_ANNOTATION_BUF_LEN   256

The max size we expect router descriptor annotations we create to be. We'll accept larger ones if we see them on disk, but we won't create any that are larger than this.

Referenced by dirserv_add_multiple_descriptors(), and router_load_single_router().

#define ROUTER_MAX_AGE   (60*60*48)

How old do we allow a router to get before removing it from the router list? In seconds.

Referenced by routerlist_remove_old_routers().

#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*20)

How old can a router get before we (as a server) will no longer consider it live? In seconds.

Referenced by authdir_wants_to_reject_router(), connection_dirserv_add_servers_to_outbuf(), dirserv_generate_networkstatus_vote_obj(), dirserv_get_routerdescs(), dirserv_have_any_serverdesc(), generate_v2_networkstatus_opinion(), list_server_status_v1(), networkstatus_getinfo_by_purpose(), router_is_active(), and set_cached_dir().

#define ROUTER_PURPOSE_BRIDGE   2

Tor should use this router only for bridge positions in circuits.

Referenced by any_pending_bridge_descriptor_fetches(), authdir_mode_handles_descs(), bridges_retry_helper(), dir_routerdesc_download_failed(), directory_command_should_use_begindir(), directory_get_from_dirserver(), directory_handle_command_post(), dirserv_orconn_tls_done(), dirserv_test_reachability(), entry_guard_set_status(), entry_is_live(), fetch_bridge_descriptors(), launch_direct_bridge_descriptor_fetch(), learned_bridge_descriptor(), networkstatus_getinfo_by_purpose(), purpose_needs_anonymity(), router_purpose_from_string(), router_purpose_to_string(), router_rebuild_descriptor(), router_upload_dir_desc_to_dirservers(), and routerlist_descriptors_added().

#define ROUTER_PURPOSE_CONTROLLER   1

Tor should avoid using this router for circuit-building.

Referenced by router_purpose_from_string(), and router_purpose_to_string().

#define ROUTER_PURPOSE_GENERAL   0

Tor can use this router for general positions in circuits.

Referenced by authdir_mode_handles_descs(), consider_testing_reachability(), directory_get_from_hs_dir(), directory_handle_command_post(), directory_post_to_hs_dir(), dirserv_add_multiple_descriptors(), dirvote_compute_consensuses(), dirvote_perform_vote(), entry_is_live(), handle_control_postdescriptor(), initiate_descriptor_downloads(), load_downloaded_routers(), router_add_running_routers_to_smartlist(), router_add_to_routerlist(), router_parse_entry_from_string(), router_purpose_from_string(), router_purpose_to_string(), router_rebuild_descriptor(), router_upload_dir_desc_to_dirservers(), routerlist_insert_old(), routerlist_remove(), routerlist_replace(), routers_update_status_from_consensus_networkstatus(), update_consensus_networkstatus_downloads(), update_router_descriptor_downloads(), and update_v2_networkstatus_cache_downloads().

#define ROUTER_PURPOSE_UNKNOWN   255

Tor should not use this router; it was marked in cached-descriptors with a purpose we didn't recognize.

Referenced by handle_control_postdescriptor(), networkstatus_getinfo_by_purpose(), and router_purpose_from_string().

#define RS_ENTRY_LEN

Value:

( /* first line */                                                    \
   MAX_NICKNAME_LEN+BASE64_DIGEST_LEN*2+ISO_TIME_LEN+INET_NTOA_BUF_LEN+ \
   5*2 /* ports */ + 10 /* punctuation */ +                             \
   /* second line */                                                    \
   MAX_FLAG_LINE_LEN +                                                  \
   /* weight line */                                                    \
   MAX_WEIGHT_LINE_LEN +                                                \
   /* p line. */                                                        \
   MAX_POLICY_LINE_LEN +                                                \
   /* v line. */                                                        \
   MAX_V_LINE_LEN                                                       \
   )

Amount of space to allocate for each entry: r, s, and v lines.

Referenced by format_networkstatus_vote(), generate_v2_networkstatus_opinion(), and networkstatus_getinfo_helper_single().

#define SOCKS4_NETWORK_LEN   8

Number of bytes in a SOCKS4 header.

Referenced by connection_ap_handshake_socks_reply(), connection_ap_handshake_socks_resolved(), and fetch_from_buf_socks().

#define SOCKS_COMMAND_CONNECT   0x01

Please open a TCP connection to this addr:port.

Referenced by circuit_get_open_circ_or_launch(), connection_ap_can_use_exit(), connection_ap_handshake_attach_chosen_circuit(), connection_ap_make_link(), connection_ap_process_natd(), connection_ap_process_transparent(), connection_proxy_connect(), connection_send_socks5_connect(), and fetch_from_buf_socks().

#define SOCKS_COMMAND_IS_RESOLVE

(

c

)

Value:

((c)==SOCKS_COMMAND_RESOLVE || \
                                     (c)==SOCKS_COMMAND_RESOLVE_PTR)

#define SOCKS_COMMAND_RESOLVE   0xF0

Please turn this FQDN into an IP address, privately.

Referenced by connection_ap_handshake_rewrite_and_attach(), connection_ap_handshake_send_resolve(), dnsserv_launch_request(), dnsserv_resolved(), evdns_server_callback(), and fetch_from_buf_socks().

#define SOCKS_COMMAND_RESOLVE_PTR   0xF1

Please turn this IP address into an FQDN, privately.

Referenced by connection_ap_can_use_exit(), dnsserv_launch_request(), dnsserv_resolved(), evdns_server_callback(), and fetch_from_buf_socks().

#define STREAMWINDOW_INCREMENT   50

Amount to increment a stream window when we get a stream SENDME.

Referenced by connection_edge_consider_sending_sendme(), and connection_edge_process_relay_cell().

#define STREAMWINDOW_START   500

Initial value on both sides of a stream transmission window when the stream is initialized. Measured in cells.

Referenced by connection_ap_handshake_send_begin(), connection_edge_consider_sending_sendme(), and connection_exit_begin_conn().

#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT   (20*60)

How long to test reachability before complaining to the user.

Referenced by inform_testing_reachability(), run_scheduled_events(), and second_elapsed_callback().

#define TO_CIRCUIT

(

x

)

(&((x)->_base))

Convert a circuit subtype to a circuit_t.

Referenced by _circuit_mark_for_close(), cell_ewma_to_circuit(), circuit_establish_circuit(), circuit_extend_to_new_exit(), circuit_get_next_by_pk_and_purpose(), circuit_has_opened(), circuit_receive_relay_cell(), circuit_send_next_onion_skin(), circuit_set_p_circid_orconn(), circuit_testing_opened(), circuit_truncated(), command_process_create_cell(), connection_ap_detach_retriable(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_exit_begin_resolve(), handle_control_closecircuit(), handle_control_extendcircuit(), link_apconn_to_circ(), onion_pending_add(), onionskin_answer(), or_circuit_new(), origin_circuit_init(), origin_circuit_new(), rend_client_introduction_acked(), rend_client_receive_rendezvous(), rend_client_rendezvous_acked(), rend_client_send_establish_rendezvous(), rend_mid_establish_intro(), rend_mid_establish_rendezvous(), rend_mid_introduce(), rend_mid_rendezvous(), rend_service_intro_established(), rend_service_intro_has_opened(), rend_service_introduce(), rend_service_rendezvous_has_opened(), and router_perform_bandwidth_test().

#define TO_CONN

(

c

)

(&(((c)->_base)))

Cast a connection_t subtype pointer to a connection_t

Referenced by _circuit_mark_for_close(), _connection_mark_unattached_ap(), assert_all_pending_dns_resolves_ok(), circuit_consider_stop_edge_reading(), circuit_dump_by_conn(), circuit_free_all(), circuit_resume_edge_reading_helper(), command_process_netinfo_cell(), command_process_versions_cell(), connection_ap_handshake_process_socks(), connection_ap_handshake_socks_reply(), connection_ap_make_link(), connection_control_finished_flushing(), connection_control_process_inbuf(), connection_control_reached_eof(), connection_dir_finished_flushing(), connection_dir_is_encrypted(), connection_dir_process_inbuf(), connection_dir_reached_eof(), connection_dirserv_add_dir_bytes_to_outbuf(), connection_dirserv_add_microdescs_to_outbuf(), connection_dirserv_add_servers_to_outbuf(), connection_dns_remove(), connection_edge_consider_sending_sendme(), connection_edge_destroy(), connection_edge_finished_connecting(), connection_edge_finished_flushing(), connection_edge_package_raw_inbuf(), connection_edge_process_inbuf(), connection_edge_process_relay_cell(), connection_edge_process_relay_cell_not_open(), connection_edge_reached_eof(), connection_edge_send_command(), connection_exit_begin_conn(), connection_exit_begin_resolve(), connection_exit_connect(), connection_exit_connect_dir(), connection_new(), connection_or_connect(), connection_or_finished_connecting(), connection_or_finished_flushing(), connection_or_flush_from_first_active_circuit(), connection_or_process_cells_from_inbuf(), connection_or_process_inbuf(), connection_or_reached_eof(), connection_or_set_state_open(), connection_or_tls_renegotiated_cb(), connection_or_write_cell_to_buf(), connection_or_write_var_cell_to_buf(), connection_printf_to_buf(), connection_tls_continue_handshake(), connection_tls_start_handshake(), connection_write_str_to_buf(), control_connection_new(), control_event_stream_status(), dir_connection_new(), directory_handle_command(), directory_handle_command_get(), directory_initiate_command_rend(), directory_send_command(), dns_cancel_pending_resolve(), dns_found_answer(), dns_resolve(), dns_resolve_impl(), dnsserv_launch_request(), edge_connection_new(), evdns_server_callback(), handle_control_authenticate(), handle_control_getconf(), handle_control_getinfo(), handle_control_mapaddress(), handle_control_protocolinfo(), handle_control_signal(), or_connection_new(), purge_expired_resolves(), rend_client_desc_trynow(), send_control_event_string(), set_streams_blocked_on_circ(), write_http_response_header_impl(), and write_http_status_line().

#define USABLE_CONSENSUS_FLAVOR   FLAV_NS

Which consensus flavor do we actually want to use to build circuits?

Referenced by consensus_is_waiting_for_certs(), and networkstatus_set_current_consensus().

#define VAR_CELL_HEADER_SIZE   5

Length of a header on a variable-length cell.

Referenced by connection_or_write_var_cell_to_buf(), and fetch_var_cell_from_buf().

---

Typedef Documentation

typedef uint32_t build_time_t

A build_time_t is milliseconds

typedef uint16_t circid_t

Identifies a circuit on an or_connection

typedef int16_t country_t

A signed integer representing a country code.

typedef uint16_t streamid_t

Identifies a stream on a circuit

---

Enumeration Type Documentation

enum addr_policy_action_t

What action type does an address policy indicate: accept or reject?

enum addr_policy_result_t

Outcome of applying an address policy to an address.

Enumerator:

ADDR_POLICY_ACCEPTED	The address was accepted
ADDR_POLICY_REJECTED	The address was rejected
ADDR_POLICY_PROBABLY_ACCEPTED	Part of the address was unknown, but as far as we can tell, it was accepted.
ADDR_POLICY_PROBABLY_REJECTED	Part of the address was unknown, but as far as we can tell, it was rejected.

enum addressmap_entry_source_t

Enumerates possible origins of a client-side address mapping.

Enumerator:

ADDRMAPSRC_CONTROLLER	We're remapping this address because the controller told us to.
ADDRMAPSRC_TORRC	We're remapping this address because our configuration (via torrc, the command line, or a SETCONF command) told us to.
ADDRMAPSRC_TRACKEXIT	We're remapping this address because we have TrackHostExit configured, and we want to remember to use the same exit next time.
ADDRMAPSRC_DNS	We're remapping this address because we got a DNS resolution from a Tor server that told us what its value was.

enum authority_type_t

Bitfield enum type listing types of directory authority/directory server.

Enumerator:

V1_AUTHORITY	Serves/signs v1 directory information: Big lists of routers, and short routerstatus documents.
V2_AUTHORITY	Serves/signs v2 directory information: i.e. v2 networkstatus documents
V3_AUTHORITY	Serves/signs v3 directory information: votes, consensuses, certs
HIDSERV_AUTHORITY	Serves hidden service descriptors.
BRIDGE_AUTHORITY	Serves bridge descriptors.
EXTRAINFO_CACHE	Serves extrainfo documents. (XXX Not precisely an authority type)

enum bandwidth_weight_rule_t

Possible ways to weight routers when choosing one randomly. See routerlist_sl_choose_by_bandwidth() for more information.

enum bootstrap_status_t

Enum describing various stages of bootstrapping, for use with controller bootstrap status events. The values range from 0 to 100.

enum buildtimeout_set_event_t

Used to indicate the type of a buildtime event

enum cell_direction_t

Used to indicate which way a cell is going on a circuit.

Enumerator:

CELL_DIRECTION_IN	The cell is moving towards the origin.
CELL_DIRECTION_OUT	The cell is moving away from the origin.

enum circ_id_type_t

Possible rules for generating circuit IDs on an OR connection.

Enumerator:

CIRC_ID_TYPE_LOWER	Pick from 0..1<<15-1.
CIRC_ID_TYPE_HIGHER	Pick from 1<<15..1<<16-1.
CIRC_ID_TYPE_NEITHER	The other side of a connection is an OP: never create circuits to it, and let it use any circuit ID it wants.

enum circuit_status_event_t

Used to indicate the type of a circuit event passed to the controller. The various types are defined in control-spec.txt

enum consensus_flavor_t

Enumerates recognized flavors of a consensus networkstatus document. All flavors of a consensus are generated from the same set of votes, but they present different types information to different versions of Tor.

enum dirreq_state_t

Possible states for either direct or tunneled directory requests that are relevant for determining network status download times.

Enumerator:

DIRREQ_IS_FOR_NETWORK_STATUS	Found that the client requests a network status; applies to both direct and tunneled requests; initial state of a request that we are measuring.
DIRREQ_FLUSHING_DIR_CONN_FINISHED	Finished writing a network status to the directory connection; applies to both direct and tunneled requests; completes a direct request.
DIRREQ_END_CELL_SENT	END cell sent to circuit that initiated a tunneled request.
DIRREQ_CIRC_QUEUE_FLUSHED	Flushed last cell from queue of the circuit that initiated a tunneled request to the outbuf of the OR connection.
DIRREQ_OR_CONN_BUFFER_FLUSHED	Flushed last byte from buffer of the OR connection belonging to the circuit that initiated a tunneled request; completes a tunneled request.

enum dirreq_type_t

Directory requests that we are measuring can be either direct or tunneled.

enum download_schedule_t

Enumeration: what kind of download schedule are we using for a given object?

enum geoip_client_action_t

Indicates an action that we might be noting geoip statistics on. Note that if we're noticing CONNECT, we're a bridge, and if we're noticing the others, we're not.

Enumerator:

GEOIP_CLIENT_CONNECT	We've noticed a connection as a bridge relay or entry guard.
GEOIP_CLIENT_NETWORKSTATUS	We've served a networkstatus consensus as a directory server.
GEOIP_CLIENT_NETWORKSTATUS_V2	We've served a v2 networkstatus consensus as a directory server.

enum geoip_ns_response_t

Indicates either a positive reply or a reason for rejectng a network status request that will be included in geoip statistics.

Enumerator:

GEOIP_SUCCESS	Request is answered successfully.
GEOIP_REJECT_NOT_ENOUGH_SIGS	V3 network status is not signed by a sufficient number of requested authorities.
GEOIP_REJECT_UNAVAILABLE	Requested network status object is unavailable.
GEOIP_REJECT_NOT_FOUND	Requested network status not found.
GEOIP_REJECT_NOT_MODIFIED	Network status has not been modified since If-Modified-Since time.
GEOIP_REJECT_BUSY	Directory is busy.

enum hostname_type_t

Possible return values for parse_extended_hostname.

enum invalid_router_usage_t

Bitfield type: things that we're willing to use invalid routers for.

enum networkstatus_type_t

Enumerates the possible seriousness values of a networkstatus document.

enum or_conn_status_event_t

Used to indicate the type of an OR connection event passed to the controller. The various types are defined in control-spec.txt

enum pk_op_t

Possible public/private key operations in Tor: used to keep track of where we're spending our time.

enum rend_auth_type_t

Client authorization type that a hidden service performs.

enum router_crn_flags_t

Flags to be passed to control router_choose_random_node() to indicate what kind of nodes to pick according to what algorithm.

enum saved_location_t

Enum used to remember where a signed_descriptor_t is stored and how to manage the memory for signed_descriptor_body.

Enumerator:

SAVED_NOWHERE	The descriptor isn't stored on disk at all: the copy in memory is canonical; the saved_offset field is meaningless.
SAVED_IN_CACHE	The descriptor is stored in the cached_routers file: the signed_descriptor_body is meaningless; the signed_descriptor_len and saved_offset are used to index into the mmaped cache file.
SAVED_IN_JOURNAL	The descriptor is stored in the cached_routers.new file: the signed_descriptor_body and saved_offset fields are both set.

enum setopt_err_t

An error from options_trial_assign() or options_init_from_string().

enum store_type_t

Allowable types of desc_store_t.

enum stream_status_event_t

Used to indicate the type of a stream event passed to the controller. The various types are defined in control-spec.txt

enum v2_networkstatus_source_t

Location where we found a v2 networkstatus.

enum version_status_t

Possible statuses of a version of Tor, given opinions from the directory servers.

Enumerator:

VS_RECOMMENDED	This version is listed as recommended.
VS_OLD	This version is older than any recommended version.
VS_NEW	This version is newer than any recommended version.
VS_NEW_IN_SERIES	This version is newer than any recommended version in its series, but later recommended versions exist.
VS_UNRECOMMENDED	This version is not recommended (general case).
VS_EMPTY	The version list was empty; no agreed-on versions.
VS_UNKNOWN	We have no idea.

enum was_router_added_t

Return value for router_add_to_routerlist() and dirserv_add_descriptor()

---

Function Documentation

circuit_t* _circuit_get_global_list

(

void

)

Return the head of the global linked list of circuits.

Referenced by count_established_intro_points(), dump_cell_pool_usage(), getinfo_helper_events(), rend_config_services(), and rep_hist_buffer_stats_write().

void _circuit_mark_for_close	(	circuit_t *	circ,
		int	reason,
		int	line,
		const char *	file
	)

Mark circ to be closed next time we call circuit_close_all_marked(). Do any cleanup needed:

• If state is onionskin_pending, remove circ from the onion_pending list.
• If circ isn't open yet: call circuit_build_failed() if we're the origin, and in either case call circuit_rep_hist_note_result() to note stats.
• If purpose is C_INTRODUCE_ACK_WAIT, remove the intro point we just tried from our list of intro points for that service descriptor.
• Send appropriate destroys and edge_destroys for conns and streams attached to circ.
• If circ->rend_splice is set (we are the midpoint of a joined rendezvous stream), then mark the other circuit to close as well.

References or_circuit_t::_base, edge_connection_t::_base, assert_circuit_ok(), origin_circuit_t::build_state, build_state_get_exit_nickname(), cpath_build_state_t::chosen_exit, circuit_build_failed(), CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, circuit_rep_hist_note_result(), CIRCUIT_STATE_ONIONSKIN_PENDING, CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, connection_edge_destroy(), connection_or_send_destroy(), control_event_circuit_status(), edge_connection_t::edge_has_sent_end, END_CIRC_AT_ORIGIN, END_CIRC_REASON_FLAG_REMOTE, edge_connection_t::end_reason, END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED, LD_BUG, LD_REND, connection_t::marked_for_close, circuit_t::marked_for_close, circuit_t::marked_for_close_file, circuit_t::n_circ_id, circuit_t::n_conn, or_circuit_t::n_streams, edge_connection_t::next_stream, edge_connection_t::on_circuit, rend_data_t::onion_address, onion_pending_remove(), or_circuit_t::p_circ_id, or_circuit_t::p_conn, origin_circuit_t::p_streams, circuit_t::purpose, rend_client_remove_intro_point(), origin_circuit_t::rend_data, or_circuit_t::rend_splice, or_circuit_t::resolving_streams, safe_str_client(), smartlist_remove(), circuit_t::state, TO_CIRCUIT, TO_CONN, TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), and tor_assert.

void _connection_mark_for_close	(	connection_t *	conn,
		int	line,
		const char *	file
	)

Mark conn to be closed next time we loop through conn_close_if_marked() in main.c.

References add_connection_to_closeable_list(), assert_connection_ok(), LD_BUG, connection_t::marked_for_close, connection_t::marked_for_close_file, connection_t::timestamp_lastwritten, tor_assert, and tor_fragile_assert.

Referenced by _connection_mark_unattached_ap().

void _connection_mark_unattached_ap	(	edge_connection_t *	conn,
		int	endreason,
		int	line,
		const char *	file
	)

An AP stream has failed/finished. If it hasn't already sent back a socks reply, send one now (based on endreason). Also set has_sent_end to 1, and mark the conn.

References edge_connection_t::_base, _connection_mark_for_close(), socks_request_t::command, CONN_TYPE_AP, connection_ap_handshake_socks_reply(), connection_ap_handshake_socks_resolved(), edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED, socks_request_t::has_finished, connection_t::hold_open_until_flushed, LD_BUG, connection_t::marked_for_close, edge_connection_t::socks_request, TO_CONN, tor_assert, and connection_t::type.

void _connection_write_to_buf_impl	(	const char *	string,
		size_t	len,
		connection_t *	conn,
		int	zlib
	)

Append len bytes of string onto conn's outbuf, and ask it to start writing.

If zlib is nonzero, this is a directory connection that should get its contents compressed or decompressed as they're written. If zlib is negative, this is the last data to be compressed, and the connection's zlib state should be flushed.

If it's an OR conn and an entire TLS record is ready, then try to flush the record now. Similarly, if it's a local control connection and a 64k chunk is ready, try to flush it all, so we don't end up with many megabytes of controller info queued at once.

References buf_datalen(), circuit_get_by_edge_conn(), CONN_IS_EDGE, CONN_LOG_PROTECT, CONN_TYPE_CONTROL, CONN_TYPE_OR, connection_close_immediate(), connection_is_rate_limited(), connection_start_writing(), connection_t::hold_open_until_flushed, connection_t::in_flushed_some, LD_BUG, LD_NET, connection_t::marked_for_close, MIN_TLS_FLUSHLEN, connection_t::outbuf, connection_t::outbuf_flushlen, connection_t::s, TO_DIR_CONN(), TO_EDGE_CONN(), tor_fragile_assert, connection_t::type, write_to_buf(), write_to_buf_zlib(), and dir_connection_t::zlib_state.

void accounting_add_bytes	(	size_t	n_read,
		size_t	n_written,
		int	seconds
	)

Called from main.c to tell us that seconds seconds have passed, n_read bytes have been read, and n_written bytes have been written.

References n_bytes_read_in_interval, n_bytes_written_in_interval, and n_seconds_active_in_interval.

Referenced by second_elapsed_callback().

int accounting_is_enabled

(

or_options_t *

options

)

If we want to manage the accounting system and potentially hibernate, return 1, else return 0.

References or_options_t::AccountingMax.

Referenced by decide_to_advertise_dirport(), do_hup(), getinfo_helper_accounting(), options_act(), or_state_save(), run_scheduled_events(), second_elapsed_callback(), and tor_cleanup().

int accounting_parse_options	(	or_options_t *	options,
		int	validate_only
	)

Configure accounting start/end time settings based on options->AccountingStart. Return 0 on success, -1 on failure. If validate_only is true, do not change the current settings.

References or_options_t::AccountingStart, cfg_start_day, cfg_unit, LD_CONFIG, smartlist_create(), smartlist_free(), smartlist_split_string(), tor_assert, tor_free, and tor_parse_long().

Referenced by options_act().

int accounting_record_bandwidth_usage	(	time_t	now,
		or_state_t *	state
	)

Save all our bandwidth tracking information to disk. Return 0 on success, -1 on failure.

References or_state_t::AccountingBytesReadInInterval, or_state_t::AccountingBytesWrittenInInterval, or_state_t::AccountingExpectedUsage, or_state_t::AccountingIntervalStart, or_state_t::AccountingSecondsActive, expected_bandwidth_usage, get_options(), interval_start_time, n_bytes_read_in_interval, n_bytes_written_in_interval, n_seconds_active_in_interval, and or_state_mark_dirty().

Referenced by accounting_run_housekeeping(), do_hup(), hibernate_begin(), hibernate_go_dormant(), and tor_cleanup().

void accounting_run_housekeeping

(

time_t

now

)

Invoked once per second. Checks whether it is time to hibernate, record bandwidth used, etc.

References accounting_record_bandwidth_usage(), configure_accounting(), get_or_state(), interval_end_time, LD_FS, and time_to_record_bandwidth_usage().

Referenced by hibernate_end_time_elapsed(), or_state_save(), and run_scheduled_events().

void add_connection_to_closeable_list

(

connection_t *

conn

)

Schedule conn to be closed.

References assert_connection_ok(), connection_t::marked_for_close, smartlist_add(), smartlist_isin(), and tor_assert.

Referenced by _connection_mark_for_close().

void add_nickname_list_to_smartlist	(	smartlist_t *	sl,
		const char *	list,
		int	must_be_running
	)

Given a (possibly NULL) comma-and-whitespace separated list of nicknames, see which nicknames in list name routers in our routerlist, and add the routerinfos for those routers to sl. If must_be_running, only include routers that we think are running. Warn if any non-Named routers are specified by nickname.

References is_legal_nickname_or_hexdigest(), routerinfo_t::is_running, LD_CONFIG, router_get_by_nickname(), router_get_consensus_status_by_nickname(), router_have_minimum_dir_info(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_split_string(), smartlist_string_isin(), tor_assert, tor_free, and warned_nicknames.

trusted_dir_server_t* add_trusted_dir_server	(	const char *	nickname,
		const char *	address,
		uint16_t	dir_port,
		uint16_t	or_port,
		const char *	digest,
		const char *	v3_auth_digest,
		authority_type_t	type
	)

Add to the list of authoritative directory servers one at address:port, with identity key digest. If address is NULL, add ourself. Return the new trusted directory server entry on success or NULL if we couldn't add it.

References routerstatus_t::addr, trusted_dir_server_t::addr, trusted_dir_server_t::address, trusted_dir_server_t::description, trusted_dir_server_t::digest, DIGEST_LEN, routerstatus_t::dir_port, trusted_dir_server_t::dir_port, trusted_dir_server_t::fake_status, get_options(), routerstatus_t::identity_digest, trusted_dir_server_t::is_running, LD_CONFIG, routerstatus_t::nickname, trusted_dir_server_t::nickname, routerstatus_t::or_port, trusted_dir_server_t::or_port, resolve_my_address(), router_dir_info_changed(), smartlist_add(), smartlist_create(), tor_lookup_hostname(), tor_snprintf(), trusted_dir_servers, trusted_dir_server_t::type, V3_AUTHORITY, trusted_dir_server_t::v3_identity_digest, routerstatus_t::version_supports_begindir, and routerstatus_t::version_supports_conditional_consensus.

Referenced by init_keys(), and parse_dir_server_line().

void addr_policy_free

(

addr_policy_t *

p

)

Release all storage held by p.

References addr_policy_t::is_canonical, addr_policy_t::refcnt, tor_assert, and tor_free.

Referenced by addr_policy_list_free(), exit_policy_remove_redundancies(), load_policy_from_option(), policy_expand_private(), router_add_exit_policy(), and routerset_free().

void addr_policy_list_free

(

smartlist_t *

lst

)

Release all storage held by p.

References addr_policy_free(), and smartlist_free().

Referenced by load_policy_from_option(), parse_addr_policy(), parse_reachable_addresses(), policies_free_all(), policies_set_router_exitpolicy_to_reject_all(), routerinfo_free(), and validate_addr_policies().

int address_is_invalid_destination	(	const char *	address,
		int	client
	)

Return 1 if address has funny characters in it like colons. Return 0 if it's fine, or if we're configured to allow it anyway. client should be true if we're using this address as a client; false if we're using it as a server.

References get_options().

Referenced by config_register_addressmaps(), dns_resolve_impl(), and handle_control_mapaddress().

void addressmap_clean

(

time_t

now

)

Clean out entries from the addressmap cache that were added long enough ago that they are no longer valid.

References addressmap_get_mappings().

Referenced by circuit_build_needed_circs().

void addressmap_clear_configured

(

void

)

Remove all entries from the addressmap that were set via the configuration file or the command line.

References addressmap_get_mappings().

Referenced by config_register_addressmaps().

void addressmap_clear_transient

(

void

)

Remove all entries from the addressmap that are set to expire, ever.

References addressmap_get_mappings().

Referenced by do_hup(), signal_callback(), and signewnym_impl().

void addressmap_free_all

(

void

)

Free all the elements in the addressmap, and free the addressmap itself.

References addressmap, addressmap_ent_free(), addressmap_virtaddress_ent_free(), strmap_free(), and virtaddress_reversemap.

Referenced by tor_free_all().

void addressmap_get_mappings	(	smartlist_t *	sl,
		time_t	min_expires,
		time_t	max_expires,
		int	want_expiry
	)

Iterate over all address mappings which have expiry times between min_expires and max_expires, inclusive. If sl is provided, add an "old-addr new-addr expiry" string to sl for each mapping, omitting the expiry time if want_expiry is false. If sl is NULL, remove the mappings.

References addressmap, addressmap_ent_remove(), addressmap_init(), addressmap_entry_t::expires, format_iso_time(), addressmap_entry_t::new_address, smartlist_add(), strmap_iter_done(), strmap_iter_get(), strmap_iter_init(), strmap_iter_next(), strmap_iter_next_rmv(), and tor_snprintf().

Referenced by addressmap_clean(), addressmap_clear_configured(), addressmap_clear_transient(), and getinfo_helper_events().

int addressmap_have_mapping	(	const char *	address,
		int	update_expiry
	)

Return 1 if address is already registered, else return 0. If address is already registered, and update_expires is non-zero, then update the expiry time on the mapping with update_expires if it is a mapping created by TrackHostExits.

References addressmap, ADDRMAPSRC_TRACKEXIT, addressmap_entry_t::expires, addressmap_entry_t::source, and strmap_get_lc().

Referenced by consider_recording_trackhost(), and fetch_from_buf_socks().

void addressmap_init

(

void

)

Initialize addressmap.

References addressmap, and virtaddress_reversemap.

Referenced by addressmap_get_mappings(), and tor_init().

void addressmap_register	(	const char *	address,
		char *	new_address,
		time_t	expires,
		addressmap_entry_source_t	source
	)

Register a request to map address to new_address, which will expire on expires (or 0 if never expires from config file, 1 if never expires from controller, 2 if never expires (virtual address mapping) from the controller.)

new_address should be a newly dup'ed string, which we'll use or free as appropriate. We will leave address alone.

If new_address is NULL, or equal to address, remove any mappings that exist from address.

References address_is_in_virtual_range(), addressmap, addressmap_ent_remove(), addressmap_virtaddress_remove(), control_event_address_mapped(), addressmap_entry_t::expires, LD_APP, LD_CONFIG, addressmap_entry_t::new_address, addressmap_entry_t::num_resolve_failures, safe_str_client(), addressmap_entry_t::source, strmap_get(), strmap_remove(), strmap_set(), and tor_free.

Referenced by addressmap_register_virtual_address(), client_dns_set_addressmap_impl(), config_register_addressmaps(), and handle_control_mapaddress().

const char* addressmap_register_virtual_address	(	int	type,
		char *	new_address
	)

A controller has requested that we map some address of type type to the address new_address. Choose an address that is unlikely to be used, and map it, and return it in a newly allocated string. If another address of the same type is already mapped to new_address, try to return a copy of that address.

The string in new_address may be freed, or inserted into a map as appropriate.

References addressmap, addressmap_get_virtual_address(), addressmap_register(), ADDRMAPSRC_CONTROLLER, virtaddress_entry_t::hostname_address, virtaddress_entry_t::ipv4_address, LD_APP, LD_BUG, addressmap_entry_t::new_address, safe_str_client(), strmap_get(), strmap_set(), tor_assert, tor_free, and virtaddress_reversemap.

Referenced by connection_ap_handshake_rewrite_and_attach(), and handle_control_mapaddress().

int addressmap_rewrite	(	char *	address,
		size_t	maxlen,
		time_t *	expires_out
	)

Look at address, and rewrite it until it doesn't want any more rewrites; but don't get into an infinite loop. Don't write more than maxlen chars into address. Return true if the address changed; false otherwise. Set *expires_out to the expiry time of the result, or to time_max if the result does not expire.

References addressmap, escaped_safe_str_client(), addressmap_entry_t::expires, LD_APP, LD_CONFIG, addressmap_entry_t::new_address, strmap_get(), and tor_free.

Referenced by connection_ap_process_end_not_open().

int advertised_server_mode

(

void

)

Return true iff we have published our descriptor lately.

References server_is_advertised.

Referenced by directory_caches_dir_info(), directory_fetches_from_authorities(), and run_scheduled_events().

char* alloc_http_authenticator

(

const char *

authenticator

)

Allocates a base64'ed authenticator for use in http or https auth, based on the input string authenticator. Returns it if success, else returns NULL.

References base64_encode(), and tor_free.

Referenced by connection_proxy_connect(), directory_handle_command_get(), and directory_send_command().

int any_bridge_descriptors_known

(

void

)

Return 1 if any of our entry guards have descriptors that are marked with purpose 'bridge' and are running. Else return 0.

We use this function to decide if we're ready to start building circuits through our bridges, or if we need to wait until the directory "server/authority" requests finish.

References choose_random_entry(), get_options(), and tor_assert.

Referenced by circuit_get_open_circ_or_launch(), control_event_bootstrap_problem(), learned_bridge_descriptor(), and should_delay_dir_fetches().

int any_pending_bridge_descriptor_fetches

(

void

)

Return 1 if there are any directory conns fetching bridge descriptors that aren't marked for close. We use this to guess if we should tell the controller that we have a problem.

References CONN_TYPE_DIR, DIR_PURPOSE_FETCH_SERVERDESC, get_connection_array(), LD_DIR, ROUTER_PURPOSE_BRIDGE, and TO_DIR_CONN().

Referenced by control_event_bootstrap_problem().

int any_predicted_circuits

(

time_t

now

)

Any ports used lately? These are pre-seeded if we just started up or if we're running a hidden service.

References PREDICTED_CIRCS_RELEVANCE_TIME, and predicted_internal_time.

Referenced by directory_info_has_arrived(), options_act(), rep_hist_circbuilding_dormant(), and run_scheduled_events().

int any_trusted_dir_is_v1_authority

(

void

)

Return 1 if any trusted dir server supports v1 directories, else return 0.

References get_n_authorities(), trusted_dir_servers, and V1_AUTHORITY.

int append_address_to_payload	(	char *	payload_out,
		const tor_addr_t *	addr
	)

Append an encoded value of addr to payload_out, which must have at least 18 bytes of free space. The encoding is, as specified in tor-spec.txt: RESOLVED_TYPE_IPV4 or RESOLVED_TYPE_IPV6 [1 byte] LENGTH [1 byte] ADDRESS [length bytes] Return the number of bytes added, or -1 on error

References tor_addr_family(), and tor_addr_to_ipv4n().

Referenced by connection_or_send_netinfo().

void append_cell_to_circuit_queue	(	circuit_t *	circ,
		or_connection_t *	orconn,
		cell_t *	cell,
		cell_direction_t	direction
	)

Add cell to the queue of circ writing to orconn transmitting in direction.

References or_connection_t::_base, approx_time(), buf_datalen(), CELL_DIRECTION_OUT, cell_queue_append_packed_copy(), CELL_QUEUE_HIGHWATER_SIZE, cell_t::command, connection_or_flush_from_first_active_circuit(), LD_GENERAL, or_connection_t::link_proto, make_circuit_active_on_conn(), cell_queue_t::n, circuit_t::n_conn_cells, connection_t::outbuf, or_circuit_t::p_conn_cells, set_streams_blocked_on_circ(), circuit_t::streams_blocked_on_n_conn, circuit_t::streams_blocked_on_p_conn, and TO_OR_CIRCUIT().

Referenced by circuit_deliver_create_cell(), circuit_package_relay_cell(), circuit_receive_relay_cell(), and onionskin_answer().

void assert_active_circuits_ok

(

or_connection_t *

orconn

)

Fail with an assert if the active circuits ring on orconn is corrupt.

References or_connection_t::active_circuit_pqueue, or_connection_t::active_circuits, cell_ewma_t::heap_index, cell_ewma_t::is_for_p_conn, circuit_t::n_cell_ewma, circuit_t::n_conn, next_circ_on_conn_p(), or_circuit_t::p_cell_ewma, prev_circ_on_conn_p(), TO_OR_CIRCUIT(), and tor_assert.

void assert_addr_policy_ok

(

smartlist_t *

lst

)

Log and exit if t is malformed

References tor_assert.

void assert_all_pending_dns_resolves_ok

(

void

)

Log an error and abort if any connection waiting for a DNS resolve is corrupted.

References edge_connection_t::_base, assert_connection_ok(), pending_connection_t::conn, connection_in_array(), pending_connection_t::next, connection_t::s, TO_CONN, and tor_assert.

void assert_buf_ok

(

buf_t *

buf

)

Log an error and exit if buf is corrupted.

References BUFFER_MAGIC, chunk_t::data, chunk_t::datalen, buf_t::datalen, buf_t::head, buf_t::magic, chunk_t::mem, chunk_t::memlen, chunk_t::next, buf_t::tail, and tor_assert.

Referenced by assert_connection_ok().

void assert_circuit_ok

(

const circuit_t *

c

)

Verify that circuit c has all of its invariants correct. Trigger an assert if anything is invalid.

References edge_connection_t::_base, assert_cpath_ok(), circuit_get_by_circid_orconn_impl(), CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_REND_ESTABLISHED, CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, CONN_TYPE_EXIT, origin_circuit_t::cpath, circuit_t::deliver_window, circuit_t::magic, circuit_t::marked_for_close, circuit_t::n_circ_id, circuit_t::n_conn, circuit_t::n_conn_onionskin, or_circuit_t::n_crypto, or_circuit_t::n_digest, circuit_t::n_hop, or_circuit_t::n_streams, edge_connection_t::next_stream, or_circuit_t::p_circ_id, or_circuit_t::p_conn, or_circuit_t::p_crypto, or_circuit_t::p_digest, circuit_t::package_window, circuit_t::purpose, or_circuit_t::rend_splice, smartlist_isin(), circuit_t::state, TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), tor_assert, and connection_t::type.

Referenced by _circuit_mark_for_close(), circuit_package_relay_cell(), connection_ap_handshake_attach_circuit(), connection_exit_begin_conn(), and connection_exit_begin_resolve().

void assert_connection_edge_not_dns_pending

(

edge_connection_t *

conn

)

Log an error and abort if conn is waiting for a DNS resolve.

References edge_connection_t::_base, connection_t::address, pending_connection_t::conn, pending_connection_t::next, cached_resolve_t::pending_connections, and tor_assert.

Referenced by connection_unlink().

void assert_connection_ok	(	connection_t *	conn,
		time_t	now
	)

Verify that connection conn has all of its invariants correct. Trigger an assert if anything is invalid.

References connection_t::address, AP_CONN_STATE_OPEN, assert_buf_ok(), assert_cpath_layer_ok(), edge_connection_t::chosen_exit_name, edge_connection_t::chosen_exit_optional, edge_connection_t::chosen_exit_retries, CONN_IS_EDGE, CONN_TYPE_AP, CONN_TYPE_AP_DNS_LISTENER, CONN_TYPE_AP_LISTENER, CONN_TYPE_AP_NATD_LISTENER, CONN_TYPE_AP_TRANS_LISTENER, CONN_TYPE_CONTROL, CONN_TYPE_CONTROL_LISTENER, CONN_TYPE_CPUWORKER, CONN_TYPE_DIR, CONN_TYPE_DIR_LISTENER, CONN_TYPE_EXIT, CONN_TYPE_OR, CONN_TYPE_OR_LISTENER, connection_is_listener(), connection_is_writing(), edge_connection_t::cpath_layer, EXIT_PURPOSE_CONNECT, EXIT_PURPOSE_RESOLVE, socks_request_t::has_finished, connection_t::hold_open_until_flushed, connection_t::inbuf, connection_t::linked, connection_t::linked_conn, LISTENER_STATE_READY, connection_t::magic, connection_t::marked_for_close, OR_CONN_STATE_OPEN, OR_CONN_STATE_PROXY_HANDSHAKING, connection_t::outbuf, connection_t::outbuf_flushlen, connection_t::purpose, connection_t::s, edge_connection_t::socks_request, connection_t::state, or_connection_t::tls, TO_EDGE_CONN(), TO_OR_CONN(), tor_assert, connection_t::type, and connection_t::write_blocked_on_bw.

Referenced by _connection_mark_for_close(), add_connection_to_closeable_list(), assert_all_pending_dns_resolves_ok(), command_process_netinfo_cell(), conn_close_if_marked(), conn_read_callback(), conn_write_callback(), connection_close_immediate(), connection_dns_remove(), connection_or_finished_flushing(), dns_cancel_pending_resolve(), dns_found_answer(), dns_resolve_impl(), and rend_client_desc_trynow().

void assert_cpath_layer_ok

(

const crypt_path_t *

cp

)

Verify that cpath layer cp has all of its invariants correct. Trigger an assert if anything is invalid.

References crypt_path_t::b_crypto, crypt_path_t::deliver_window, crypt_path_t::dh_handshake_state, crypt_path_t::f_crypto, LD_BUG, crypt_path_t::magic, crypt_path_t::package_window, crypt_path_t::state, and tor_assert.

Referenced by assert_connection_ok(), and assert_cpath_ok().

int assign_onionskin_to_cpuworker	(	connection_t *	cpuworker,
		or_circuit_t *	circ,
		char *	onionskin
	)

Try to tell a cpuworker to perform the public key operations necessary to respond to onionskin for the circuit circ.

If cpuworker is defined, assert that he's idle, and use him. Else, look for an idle cpuworker and use him. If none idle, queue task onto the pending onion list and return. Return 0 if we successfully assign the task, or -1 on failure.

References or_connection_t::_base, CONN_TYPE_CPUWORKER, connection_get_by_type_state(), CPUWORKER_STATE_BUSY_ONION, CPUWORKER_STATE_IDLE, cull_wedged_cpuworkers(), connection_t::global_identifier, LD_OR, num_cpuworkers, num_cpuworkers_busy, onion_pending_add(), or_circuit_t::p_circ_id, or_circuit_t::p_conn, spawn_enough_cpuworkers(), connection_t::state, TAG_LEN, tag_pack(), connection_t::timestamp_lastwritten, tor_assert, and tor_free.

Referenced by command_process_create_cell(), and process_pending_task().

int authdir_mode

(

or_options_t *

options

)

Return true iff we believe ourselves to be an authoritative directory server.

References or_options_t::AuthoritativeDir.

Referenced by authdir_mode_bridge(), authdir_mode_v1(), authdir_mode_v2(), authdir_mode_v3(), decide_if_publishable_server(), decide_to_advertise_dirport(), directory_handle_command_post(), global_write_bucket_low(), init_keys(), options_validate(), rep_history_clean(), router_digest_is_trusted_dir_type(), router_rebuild_descriptor(), update_consensus_router_descriptor_downloads(), and update_router_descriptor_cache_downloads_v2().

int authdir_mode_any_main

(

or_options_t *

options

)

Return true iff we are a v1, v2, or v3 directory authority.

References or_options_t::V1AuthoritativeDir, or_options_t::V2AuthoritativeDir, and or_options_t::V3AuthoritativeDir.

Referenced by authdir_mode_any_nonhidserv(), authdir_mode_handles_descs(), and options_validate().

int authdir_mode_any_nonhidserv

(

or_options_t *

options

)

Return true if we believe ourselves to be any kind of authoritative directory beyond just a hidserv authority.

References authdir_mode_any_main(), and or_options_t::BridgeAuthoritativeDir.

Referenced by authdir_mode_handles_descs(), authdir_mode_publishes_statuses(), and launch_router_descriptor_downloads().

int authdir_mode_bridge

(

or_options_t *

options

)

Return true iff we believe ourselves to be a bridge authoritative directory server.

References authdir_mode(), and or_options_t::BridgeAuthoritativeDir.

Referenced by authdir_mode_publishes_statuses(), directory_handle_command_post(), dirserv_orconn_tls_done(), dirserv_pick_cached_dir_obj(), dirserv_test_reachability(), and networkstatus_getinfo_by_purpose().

int authdir_mode_handles_descs	(	or_options_t *	options,
		int	purpose
	)

Return true iff we are an authoritative directory server that is authoritative about receiving and serving descriptors of type purpose its dirport. Use -1 for "any purpose".

References authdir_mode_any_main(), authdir_mode_any_nonhidserv(), or_options_t::BridgeAuthoritativeDir, ROUTER_PURPOSE_BRIDGE, and ROUTER_PURPOSE_GENERAL.

Referenced by authdir_mode_tests_reachability(), directory_handle_command_post(), do_hup(), and router_add_to_routerlist().

int authdir_mode_publishes_statuses

(

or_options_t *

options

)

Return true iff we are an authoritative directory server that publishes its own network statuses.

References authdir_mode_any_nonhidserv(), and authdir_mode_bridge().

Referenced by list_server_status_v1().

int authdir_mode_tests_reachability

(

or_options_t *

options

)

Return true iff we are an authoritative directory server that tests reachability of the descriptors it learns about.

References authdir_mode_handles_descs().

Referenced by connection_about_to_close_connection(), connection_or_check_valid_tls_handshake(), connection_or_connect_failed(), directory_handle_command_get(), run_scheduled_events(), and tor_cleanup().

int authdir_mode_v1

(

or_options_t *

options

)

Return true iff we believe ourselves to be a v1 authoritative directory server.

References authdir_mode(), and or_options_t::V1AuthoritativeDir.

Referenced by dirserv_pick_cached_dir_obj(), router_parse_directory(), and router_parse_runningrouters().

int authdir_mode_v2

(

or_options_t *

options

)

Return true iff we believe ourselves to be a v2 authoritative directory server.

References authdir_mode(), and or_options_t::V2AuthoritativeDir.

Referenced by dirserv_get_networkstatus_v2_fingerprints(), dirserv_pick_cached_dir_obj(), routers_update_status_from_consensus_networkstatus(), should_generate_v2_networkstatus(), and update_v2_networkstatus_cache_downloads().

int authdir_mode_v3

(

or_options_t *

options

)

Return true iff we believe ourselves to be a v3 authoritative directory server.

References authdir_mode(), and or_options_t::V3AuthoritativeDir.

Referenced by directory_handle_command_post(), dirvote_act(), dirvote_recalculate_timing(), init_keys(), options_act(), routers_update_status_from_consensus_networkstatus(), run_scheduled_events(), update_consensus_networkstatus_downloads(), and v3_authority_check_key_expiry().

int authdir_policy_baddir_address	(	uint32_t	addr,
		uint16_t	port
	)

Return 1 if addr:port should be marked as a bad dir, based on authdir_baddir_policy. Else return 0.

References addr_policy_permits_address().

Referenced by dirserv_get_status_impl().

int authdir_policy_badexit_address	(	uint32_t	addr,
		uint16_t	port
	)

Return 1 if addr:port should be marked as a bad exit, based on authdir_badexit_policy. Else return 0.

References addr_policy_permits_address().

Referenced by dirserv_get_status_impl().

int authdir_policy_permits_address	(	uint32_t	addr,
		uint16_t	port
	)

Return 1 if addr:port is permitted to publish to our directory, based on authdir_reject_policy. Else return 0.

References addr_policy_permits_address().

Referenced by dirserv_get_status_impl().

int authdir_policy_valid_address	(	uint32_t	addr,
		uint16_t	port
	)

Return 1 if addr:port is considered valid in our directory, based on authdir_invalid_policy. Else return 0.

References addr_policy_permits_address().

Referenced by dirserv_get_status_impl().

int authdir_wants_to_reject_router	(	routerinfo_t *	ri,
		const char **	msg,
		int	complain
	)

Check whether we, as a directory server, want to accept ri. If so, set its is_valid,named,running fields and return 0. Otherwise, return -1.

If the router is rejected, set *msg to an explanation of why.

If complain then explain at log-level 'notice' why we refused a descriptor; else explain at log-level 'info'.

References routerinfo_t::address, routerinfo_t::cache_info, routerinfo_t::contact_info, dirserv_router_get_status(), dirserv_router_has_valid_address(), esc_router_info(), FP_BADDIR, FP_BADEXIT, FP_INVALID, FP_NAMED, FP_REJECT, routerinfo_t::is_bad_directory, routerinfo_t::is_bad_exit, routerinfo_t::is_named, routerinfo_t::is_valid, LD_DIRSERV, routerinfo_t::nickname, signed_descriptor_t::published_on, ROUTER_ALLOW_SKEW, ROUTER_MAX_AGE_TO_PUBLISH, and tor_assert.

Referenced by router_add_to_routerlist().

void authority_cert_dl_failed	(	const char *	id_digest,
		int	status
	)

Called when an attempt to download a certificate with the authority with ID id_digest fails with HTTP response code status: remember the failure, so we don't try again immediately.

References digestmap_get(), cert_list_t::dl_status, download_status_failed, and trusted_dir_certs.

Referenced by connection_dir_download_cert_failed(), and trusted_dirs_load_certs_from_string().

authority_cert_t* authority_cert_dup

(

authority_cert_t *

cert

)

Allocate and return a new authority_cert_t with the same contents as cert.

References authority_cert_t::cache_info, crypto_pk_dup_key(), authority_cert_t::identity_key, signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_len, authority_cert_t::signing_key, and tor_assert.

void authority_cert_free

(

authority_cert_t *

cert

)

Free storage held in cert.

References authority_cert_t::cache_info, crypto_free_pk_env(), authority_cert_t::identity_key, signed_descriptor_t::signed_descriptor_body, authority_cert_t::signing_key, and tor_free.

Referenced by authority_cert_parse_from_string(), load_authority_keyset(), networkstatus_vote_free(), router_free_all(), routerlist_free_all(), trusted_dirs_load_certs_from_string(), and trusted_dirs_remove_old_certs().

void authority_cert_get_all

(

smartlist_t *

certs_out

)

Add every known authority_cert_t to certs_out.

References smartlist_add(), tor_assert, and trusted_dir_certs.

Referenced by directory_handle_command_get().

authority_cert_t* authority_cert_get_by_digests	(	const char *	id_digest,
		const char *	sk_digest
	)

Return the v3 authority certificate with signing key matching sk_digest, for the authority with identity digest id_digest. Return NULL if no such authority is known.

References cert_list_t::certs, DIGEST_LEN, digestmap_get(), and trusted_dir_certs.

Referenced by authority_cert_parse_from_string(), authority_certs_fetch_missing(), directory_handle_command_get(), dirvote_add_vote(), networkstatus_add_detached_signatures(), and networkstatus_check_consensus_signature().

authority_cert_t* authority_cert_get_by_sk_digest

(

const char *

sk_digest

)

Return the newest v3 authority certificate whose directory signing key has digest sk_digest. Return NULL if no such certificate is known.

References DIGEST_LEN, get_my_v3_authority_cert(), get_my_v3_legacy_cert(), authority_cert_t::signing_key_digest, and trusted_dir_certs.

Referenced by directory_handle_command_get().

authority_cert_t* authority_cert_get_newest_by_id

(

const char *

id_digest

)

Return the newest v3 authority certificate whose v3 authority identity key has digest id_digest. Return NULL if no such authority is known, or it has no certificate.

References authority_cert_t::cache_info, cert_list_t::certs, digestmap_get(), signed_descriptor_t::published_on, and trusted_dir_certs.

Referenced by directory_handle_command_get().

authority_cert_t* authority_cert_parse_from_string	(	const char *	s,
		const char **	end_of_string
	)

Parse a key certificate from s; point end-of-string to the first character after the certificate.

References authority_cert_t::addr, directory_token_t::args, authority_cert_free(), authority_cert_get_by_digests(), base16_decode(), authority_cert_t::cache_info, check_signature_token(), crypto_pk_get_digest(), DIGEST_LEN, authority_cert_t::dir_port, dump_desc(), eat_whitespace(), escaped(), authority_cert_t::expires, find_opt_by_keyword(), signed_descriptor_t::identity_digest, authority_cert_t::identity_key, authority_cert_t::is_cross_certified, directory_token_t::key, LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, parse_addr_port(), parse_iso_time(), signed_descriptor_t::published_on, router_get_hash_impl(), signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, authority_cert_t::signing_key, authority_cert_t::signing_key_digest, smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, tor_free, tor_inet_aton(), and directory_token_t::tp.

Referenced by load_authority_keyset(), networkstatus_parse_vote_from_string(), and trusted_dirs_load_certs_from_string().

void authority_certs_fetch_missing	(	networkstatus_t *	status,
		time_t	now
	)

Try to download any v3 authority certificates that we may be missing. If status is provided, try to get all the ones that were used to sign status. Additionally, try to have a non-expired certificate for every V3 authority in trusted_dir_servers. Don't fetch certificates we already have.

References authority_cert_get_by_digests(), cert_list_t::certs, DIGEST_LEN, digestmap_get(), digestmap_new(), DIR_PURPOSE_FETCH_CERTIFICATE, directory_caches_dir_info(), cert_list_t::dl_status, download_status_is_ready(), download_status_reset(), authority_cert_t::expires, ftime_definitely_after(), get_cert_list(), get_options(), hex_str(), LD_DIR, list_pending_downloads(), MAX_CERT_DL_FAILURES, should_delay_dir_fetches(), smartlist_add(), smartlist_create(), smartlist_digest_isin(), trusted_dir_servers, trusteddirserver_get_by_v3_auth_digest(), V3_AUTHORITY, and networkstatus_t::voters.

Referenced by networkstatus_set_current_consensus(), and update_certificate_downloads().

char* authority_type_to_string

(

authority_type_t

auth

)

Return a newly allocated string describing auth.

References BRIDGE_AUTHORITY, HIDSERV_AUTHORITY, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), V1_AUTHORITY, V2_AUTHORITY, and V3_AUTHORITY.

Referenced by directory_post_to_dirservers().

const char* bandwidth_weight_rule_to_string

(

bandwidth_weight_rule_t

rule

)

Return a string corresponding to a bandwidht_weight_rule_t

Referenced by smartlist_choose_by_bandwidth(), and smartlist_choose_by_bandwidth_weights().

void bridge_add_from_config	(	const tor_addr_t *	addr,
		uint16_t	port,
		char *	digest
	)

Remember a new bridge at addr:port. If digest is set, it tells us the identity key too.

References bridge_info_t::addr, DIGEST_LEN, bridge_info_t::fetch_status, bridge_info_t::identity, bridge_info_t::port, download_status_t::schedule, smartlist_add(), smartlist_create(), and tor_addr_copy().

Referenced by parse_bridge_line().

int bridges_known_but_down

(

void

)

Do we know any descriptors for our bridges, and are they all down?

References bridges_retry_helper().

Referenced by circuit_get_open_circ_or_launch().

void bridges_retry_all

(

void

)

Mark all down known bridges up.

References bridges_retry_helper().

Referenced by circuit_get_open_circ_or_launch().

size_t buf_allocation

(

const buf_t *

buf

)

Return the total length of all chunks used in buf.

References buf_t::head, chunk_t::memlen, and chunk_t::next.

Referenced by connection_dump_buffer_mem_stats(), and dumpstats().

void buf_clear

(

buf_t *

buf

)

Remove all data from buf.

References chunk_free_unchecked(), buf_t::datalen, buf_t::head, chunk_t::next, and buf_t::tail.

Referenced by buf_free(), connection_close_immediate(), fetch_from_buf_socks(), and fetch_from_buf_socks_client().

size_t buf_datalen

(

const buf_t *

buf

)

Return the number of bytes stored in buf

References buf_t::datalen.

Referenced by _connection_free(), _connection_write_to_buf_impl(), append_cell_to_circuit_queue(), conn_close_if_marked(), connection_cpu_process_inbuf(), connection_dir_process_inbuf(), connection_dirserv_add_dir_bytes_to_outbuf(), connection_dirserv_add_microdescs_to_outbuf(), connection_dirserv_add_networkstatus_bytes_to_outbuf(), connection_dirserv_add_servers_to_outbuf(), connection_dirserv_flushed_some(), connection_dump_buffer_mem_stats(), connection_edge_package_raw_inbuf(), connection_edge_reached_eof(), connection_handle_read_impl(), connection_handle_write_impl(), connection_or_flushed_some(), connection_or_process_cells_from_inbuf(), connection_read_to_buf(), connection_should_read_from_linked_conn(), dumpstats(), and run_connection_housekeeping().

void buf_dump_freelist_sizes

(

int

severity

)

Describe the current status of the freelists at log level severity.

References chunk_freelist_t::alloc_size, LD_MM, and n_freelist_miss.

Referenced by dumpmemusage().

void buf_free

(

buf_t *

buf

)

Release storage held by buf.

References buf_clear(), buf_t::magic, and tor_free.

Referenced by _connection_free().

buf_t* buf_new

(

void

)

Allocate and return a new buffer with default capacity.

References BUFFER_MAGIC, buf_t::default_chunk_size, and buf_t::magic.

Referenced by buf_new_with_capacity(), and connection_init().

buf_t* buf_new_with_capacity

(

size_t

size

)

Create and return a new buf with default chunk capacity size.

References buf_new(), buf_t::default_chunk_size, and preferred_chunk_size().

void buf_shrink

(

buf_t *

buf

)

Resize buf so it won't hold extra memory that we haven't been using lately.

Referenced by run_scheduled_events().

void buf_shrink_freelists

(

int

free_all

)

Remove from the freelists most chunks that have not been used since the last call to buf_shrink_freelists().

References chunk_freelist_t::alloc_size, assert_freelist_ok(), chunk_freelist_t::cur_length, chunk_freelist_t::head, LD_BUG, LD_MM, chunk_freelist_t::lowest_length, chunk_freelist_t::n_free, chunk_t::next, chunk_freelist_t::slack, tor_assert, and tor_free.

Referenced by run_scheduled_events(), and tor_free_all().

size_t buf_slack

(

const buf_t *

buf

)

Return the number of bytes that can be added to buf without performing any additional allocation.

References CHUNK_REMAINING_CAPACITY(), and buf_t::tail.

Referenced by connection_read_to_buf().

const char* build_state_get_exit_nickname

(

cpath_build_state_t *

state

)

Return the nickname for the chosen exit router in state. If there is no chosen exit, or if we don't know the routerinfo_t for the chosen exit, return NULL.

References cpath_build_state_t::chosen_exit, and extend_info_t::nickname.

Referenced by _circuit_mark_for_close(), circuit_build_failed(), circuit_launch_by_extend_info(), circuit_list_path_impl(), and onion_extend_cpath().

routerinfo_t* build_state_get_exit_router

(

cpath_build_state_t *

state

)

Return the routerinfo_t for the chosen exit router in state. If there is no chosen exit, or if we don't know the routerinfo_t for the chosen exit, return NULL.

References cpath_build_state_t::chosen_exit, extend_info_t::identity_digest, and router_get_by_digest().

Referenced by choose_good_entry_server(), choose_good_middle_server(), choose_random_entry(), circuit_is_acceptable(), and circuit_stream_is_being_handled().

void cached_dir_decref

(

cached_dir_t *

d

)

Decrement the reference count on d, and free it if it no longer has any references.

References clear_cached_dir(), cached_dir_t::refcnt, and tor_free.

Referenced by _connection_free(), _free_cached_dir(), connection_dirserv_add_dir_bytes_to_outbuf(), dirserv_clear_old_networkstatuses(), dirserv_clear_old_v1_info(), dirserv_free_all(), dirserv_regenerate_directory(), dirserv_set_cached_consensus_networkstatus(), dirserv_set_cached_directory(), dirserv_set_cached_networkstatus_v2(), dirvote_add_vote(), and dirvote_clear_votes().

unsigned cell_ewma_get_tick

(

void

)

Compute and return the current cell_ewma tick.

References approx_time(), and EWMA_TICK_LEN.

Referenced by init_circuit_base(), or_circuit_new(), and or_connection_new().

void cell_ewma_set_scale_factor	(	or_options_t *	options,
		networkstatus_t *	consensus
	)

Adjust the global cell scale factor based on options

References or_options_t::CircuitPriorityHalflife, EWMA_DEFAULT_HALFLIFE, EWMA_TICK_LEN, LD_OR, and networkstatus_get_param().

Referenced by networkstatus_set_current_consensus(), and options_act().

void cell_pack	(	packed_cell_t *	dst,
		const cell_t *	src
	)

Pack the cell_t host-order structure src into network-order in the buffer dest. See tor-spec.txt for details about the wire format.

Note that this function doesn't touch dst->next: the caller should set it or clear it as appropriate.

References packed_cell_t::body, CELL_PAYLOAD_SIZE, cell_t::circ_id, cell_t::command, and cell_t::payload.

Referenced by connection_or_write_cell_to_buf(), and packed_cell_copy().

void cell_queue_append	(	cell_queue_t *	queue,
		packed_cell_t *	cell
	)

Append cell to the end of queue.

References cell_queue_t::head, cell_queue_t::n, packed_cell_t::next, cell_queue_t::tail, and tor_assert.

Referenced by cell_queue_append_packed_copy().

void cell_queue_append_packed_copy	(	cell_queue_t *	queue,
		const cell_t *	cell
	)

Append a newly allocated copy of cell to the end of queue

References cell_queue_append(), insertion_time_elem_t::counter, insertion_time_queue_t::first, get_options(), insertion_time_elem_t::insertion_time, cell_queue_t::insertion_times, insertion_time_queue_t::last, insertion_time_elem_t::next, and packed_cell_copy().

Referenced by append_cell_to_circuit_queue().

void cell_queue_clear

(

cell_queue_t *

queue

)

Remove and free every cell in queue.

References insertion_time_queue_t::first, cell_queue_t::head, cell_queue_t::insertion_times, cell_queue_t::n, insertion_time_elem_t::next, packed_cell_t::next, packed_cell_free_unchecked(), cell_queue_t::tail, and tor_free.

Referenced by circuit_free().

void check_descriptor_bandwidth_changed

(

time_t

now

)

Check whether bandwidth has changed a lot since the last time we announced bandwidth. If so, mark our descriptor dirty.

References routerinfo_t::bandwidthcapacity, LD_GENERAL, mark_my_descriptor_dirty(), MAX_BANDWIDTH_CHANGE_FREQ, rep_hist_bandwidth_assess(), and we_are_hibernating().

Referenced by run_scheduled_events().

void check_descriptor_ipaddress_changed

(

time_t

now

)

Check whether our own address as defined by the Address configuration has changed. This is for routers that get their address from a service like dyndns. If our address has changed, mark our descriptor dirty.

References routerinfo_t::addr, get_options(), ip_address_changed(), LD_CONFIG, log_addr_has_changed(), and resolve_my_address().

Referenced by run_scheduled_events().

int check_whether_dirport_reachable

(

void

)

Return 1 if we don't have a dirport configured, or if it's reachable.

References or_options_t::AssumeReachable, can_reach_dir_port, or_options_t::DirPort, get_options(), and we_are_hibernating().

Referenced by consider_testing_reachability(), decide_to_advertise_dirport(), getinfo_helper_events(), rep_hist_circbuilding_dormant(), and second_elapsed_callback().

int check_whether_orport_reachable

(

void

)

Return 1 if ORPort is known reachable; else return 0.

References or_options_t::AssumeReachable, can_reach_or_port, and get_options().

Referenced by circuit_send_next_onion_skin(), circuit_testing_failed(), circuit_testing_opened(), consider_testing_reachability(), decide_if_publishable_server(), getinfo_helper_events(), rep_hist_circbuilding_dormant(), and second_elapsed_callback().

routerinfo_t* choose_random_entry

(

cpath_build_state_t *

state

)

Pick a live (up and listed) entry guard from entry_guards. If state is non-NULL, this is for a specific circuit -- make sure not to pick this circuit's exit or any node in the exit's family. If state is NULL, we're looking for a random guard (likely a bridge).

References add_an_entry_guard(), build_state_get_exit_router(), entry_guards_changed(), entry_guards_prepend_from_config(), entry_is_live(), entry_list_is_constrained(), or_options_t::EntryNodes, get_options(), LD_CIRC, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, or_options_t::NumEntryGuards, pick_entry_guards(), routerlist_add_family(), routerlist_sl_choose_by_bandwidth(), routerset_contains_router(), smartlist_add(), smartlist_choose(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_isin(), or_options_t::StrictNodes, and tor_fragile_assert.

Referenced by any_bridge_descriptors_known(), choose_good_entry_server(), and directory_get_from_dirserver().

int circuit_all_predicted_ports_handled	(	time_t	now,
		int *	need_uptime,
		int *	need_capacity
	)

Return 1 if we already have circuits present or on the way for all anticipated ports. Return 0 if we should make more.

If we're returning 0, set need_uptime and need_capacity to indicate any requirements that the unhandled ports have.

References circuit_get_unhandled_ports(), get_options(), or_options_t::LongLivedPorts, smartlist_free(), smartlist_string_num_isin(), tor_assert, and tor_free.

Referenced by circuit_predict_and_launch_new().

int circuit_append_new_exit	(	origin_circuit_t *	circ,
		extend_info_t *	exit
	)

Give circ a new exit destination to exit, and add a hop to the cpath reflecting this. Don't send the next extend cell -- the caller will do this if it wants to.

References origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, origin_circuit_t::cpath, cpath_build_state_t::desired_path_len, extend_info_dup(), extend_info_free(), onion_append_hop(), and tor_assert.

Referenced by circuit_extend_to_new_exit(), and handle_control_extendcircuit().

void circuit_build_failed

(

origin_circuit_t *

circ

)

Called whenever a circuit could not be successfully built.

References or_connection_t::_base, origin_circuit_t::_base, connection_t::address, origin_circuit_t::build_state, build_state_get_exit_nickname(), circuit_discard_optional_exit_enclaves(), circuit_increment_failure_count(), CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_TESTING, CIRCUIT_STATE_OPEN, circuit_testing_failed(), connection_ap_fail_onehop(), origin_circuit_t::cpath, entry_guard_register_connect_status(), escaped(), crypt_path_t::extend_info, extend_info_t::identity_digest, or_connection_t::is_bad_for_new_circs, LD_OR, LD_REND, circuit_t::n_conn, connection_t::port, crypt_path_t::prev, circuit_t::purpose, rend_service_relaunch_rendezvous(), circuit_t::state, and crypt_path_t::state.

Referenced by _circuit_mark_for_close().

void circuit_build_needed_circs

(

time_t

now

)

This function is called once a second, if router_have_min_dir_info() is true. Its job is to make sure all services we offer have enough circuits available. Some services just want enough circuits for current tasks, whereas others want a minimum set of idle circuits hanging around.

References addressmap_clean(), circuit_expire_old_circuits_clientside(), circuit_launch_by_router(), circuit_predict_and_launch_new(), CIRCUIT_PURPOSE_C_GENERAL, circuit_reset_failure_count(), connection_ap_attach_pending(), or_options_t::DisablePredictedCircuits, get_options(), or_options_t::NewCircuitPeriod, proxy_mode(), rend_services_introduce(), and TESTING_CIRCUIT_INTERVAL.

Referenced by run_scheduled_events().

int circuit_build_times_add_time	(	circuit_build_times_t *	cbt,
		build_time_t	time
	)

Add a new timeout value time to the set of build times. Time units are milliseconds.

circuit_build_times cbt is a circular array, so loop around when array is full.

References or_options_t::AvoidDiskWrites, circuit_build_times_t::build_times_idx, CBT_NCIRCUITS_TO_OBSERVE, CBT_SAVE_STATE_EVERY, circuit_build_times_t::circuit_build_times, get_options(), get_or_state(), LD_CIRC, or_state_mark_dirty(), tor_assert, circuit_build_times_t::total_build_times, and unit_tests.

Referenced by circuit_build_times_add_timeout_worker(), circuit_build_times_shuffle_and_store_array(), and circuit_send_next_onion_skin().

int circuit_build_times_add_timeout	(	circuit_build_times_t *	cbt,
		int	did_onehop,
		time_t	start_time
	)

Store a timeout as a synthetic value.

Returns true if the store was successful and we should possibly update our timeout estimate.

References circuit_build_times_add_timeout_worker(), circuit_build_times_count_pretimeouts(), circuit_build_times_network_check_changed(), circuit_build_times_network_check_live(), circuit_build_times_network_timeout(), circuit_build_times_t::have_computed_timeout, LD_CIRC, circuit_build_times_t::pre_timeouts, and circuit_build_times_t::total_build_times.

Referenced by circuit_expire_building().

void circuit_build_times_init

(

circuit_build_times_t *

cbt

)

Initialize the buildtimes structure for first use.

Sets the initial timeout value based to either the config setting or BUILD_TIMEOUT_INITIAL_VALUE.

References circuit_build_times_get_initial_timeout(), control_event_buildtimeout_set(), circuit_build_times_t::liveness, network_liveness_t::num_recent_circs, circuit_build_times_t::timeout_ms, and network_liveness_t::timeouts_after_firsthop.

Referenced by circuit_build_times_parse_state().

int circuit_build_times_needs_circuits

(

circuit_build_times_t *

cbt

)

Returns true if we need circuits to be built

References circuit_build_times_t::total_build_times.

Referenced by circuit_build_times_needs_circuits_now(), and circuit_expire_old_circuits_clientside().

int circuit_build_times_needs_circuits_now

(

circuit_build_times_t *

cbt

)

Returns true if we should build a timeout test circuit right now.

References approx_time(), circuit_build_times_needs_circuits(), and circuit_build_times_t::last_circ_at.

Referenced by circuit_predict_and_launch_new().

int circuit_build_times_network_check_live

(

circuit_build_times_t *

cbt

)

Returns false if the network has not received a cell or tls handshake in the past NETWORK_NOTLIVE_TIMEOUT_COUNT circuits.

Also has the side effect of rewinding the circuit time history in the case of recent liveness changes.

References approx_time(), CBT_NETWORK_NONLIVE_DISCARD_COUNT, CBT_NETWORK_NONLIVE_TIMEOUT_COUNT, circuit_build_times_get_initial_timeout(), circuit_build_times_rewind_history(), control_event_buildtimeout_set(), LD_CIRC, circuit_build_times_t::liveness, network_liveness_t::net_suspended, network_liveness_t::network_last_live, network_liveness_t::nonlive_discarded, network_liveness_t::nonlive_timeouts, circuit_build_times_t::timeout_ms, and tor_lround().

Referenced by circuit_build_times_add_timeout().

void circuit_build_times_network_circ_success

(

circuit_build_times_t *

cbt

)

Called to indicate that we completed a circuit. Because this circuit succeeded, it doesn't count as a timeout-after-the-first-hop.

References network_liveness_t::after_firsthop_idx, circuit_build_times_t::liveness, network_liveness_t::num_recent_circs, and network_liveness_t::timeouts_after_firsthop.

Referenced by circuit_send_next_onion_skin().

void circuit_build_times_network_is_live

(

circuit_build_times_t *

cbt

)

Called to indicate that the network showed some signs of liveness.

This function is called every time we receive a cell. Avoid syscalls, events, and other high-intensity work.

References approx_time(), circuit_build_times_t::liveness, network_liveness_t::network_last_live, network_liveness_t::nonlive_discarded, and network_liveness_t::nonlive_timeouts.

Referenced by connection_or_process_cells_from_inbuf(), connection_or_set_state_open(), and connection_tls_finish_handshake().

void circuit_build_times_new_consensus_params	(	circuit_build_times_t *	cbt,
		networkstatus_t *	ns
	)

This function is called when we get a consensus update.

It checks to see if we have changed any consensus parameters that require reallocation or discard of previous stats.

References network_liveness_t::after_firsthop_idx, CBT_DEFAULT_RECENT_CIRCUITS, LD_CIRC, circuit_build_times_t::liveness, networkstatus_get_param(), network_liveness_t::num_recent_circs, network_liveness_t::timeouts_after_firsthop, tor_assert, and tor_free.

Referenced by networkstatus_set_current_consensus().

int circuit_build_times_parse_state	(	circuit_build_times_t *	cbt,
		or_state_t *	state,
		char **	msg
	)

Load histogram from state, shuffling the resulting array after we do so. Use this result to estimate parameters and calculate the timeout.

Returns -1 and sets msg on error. Msg must be freed by the caller.

References or_state_t::BuildtimeHistogram, circuit_build_times_t::circuit_build_times, circuit_build_times_init(), circuit_build_times_set_timeout(), circuit_build_times_shuffle_and_store_array(), LD_CIRC, config_line_t::next, smartlist_create(), smartlist_free(), smartlist_split_string(), tor_assert, tor_free, tor_parse_ulong(), circuit_build_times_t::total_build_times, or_state_t::TotalBuildTimes, and config_line_t::value.

Referenced by or_state_set().

void circuit_build_times_set_timeout

(

circuit_build_times_t *

cbt

)

Estimate a new timeout based on history and set our timeout variable accordingly.

References circuit_build_times_t::alpha, circuit_build_times_calculate_timeout(), circuit_build_times_count_pretimeouts(), circuit_build_times_update_alpha(), control_event_buildtimeout_set(), circuit_build_times_t::have_computed_timeout, LD_CIRC, circuit_build_times_t::timeout_ms, tor_lround(), circuit_build_times_t::total_build_times, and circuit_build_times_t::Xm.

Referenced by circuit_build_times_parse_state(), circuit_expire_building(), and circuit_send_next_onion_skin().

void circuit_build_times_update_state	(	circuit_build_times_t *	cbt,
		or_state_t *	state
	)

Output a histogram of current circuit build times to the or_state_t state structure.

References or_options_t::AvoidDiskWrites, or_state_t::BuildtimeHistogram, CBT_BIN_WIDTH, circuit_build_times_create_histogram(), config_free_lines(), get_options(), get_or_state(), config_line_t::key, config_line_t::next, or_state_mark_dirty(), tor_free, tor_snprintf(), circuit_build_times_t::total_build_times, or_state_t::TotalBuildTimes, unit_tests, and config_line_t::value.

Referenced by or_state_save().

void circuit_close_all_marked

(

void

)

Detach from the global circuit list, and deallocate, all circuits that have been marked for close.

References circuit_free(), circuit_t::marked_for_close, and circuit_t::next.

Referenced by run_scheduled_events().

int circuit_conforms_to_options	(	const origin_circuit_t *	circ,
		const or_options_t *	options
	)

Check whether, according to the policies in options, the circuit circ makes sense.

References origin_circuit_t::cpath, or_options_t::ExcludeExitNodes, or_options_t::ExcludeNodes, crypt_path_t::extend_info, crypt_path_t::next, and routerset_contains_extendinfo().

int circuit_count_pending_on_or_conn

(

or_connection_t *

or_conn

)

Return the number of circuits in state OR_WAIT, waiting for the given connection.

References circuit_get_all_pending_on_or_conn(), LD_CIRC, or_connection_t::nickname, smartlist_create(), and smartlist_free().

Referenced by control_event_or_conn_status().

void circuit_detach_stream	(	circuit_t *	circ,
		edge_connection_t *	conn
	)

If the stream conn is a member of any of the linked lists of circ, then remove it from the list.

References CIRCUIT_IS_ORIGIN, edge_connection_t::cpath_layer, LD_BUG, or_circuit_t::n_streams, edge_connection_t::next_stream, edge_connection_t::on_circuit, origin_circuit_t::p_streams, or_circuit_t::resolving_streams, TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), tor_assert, and tor_fragile_assert.

Referenced by connection_about_to_close_connection(), connection_ap_detach_retriable(), connection_exit_connect(), dns_cancel_pending_resolve(), dns_found_answer(), handle_control_attachstream(), and purge_expired_resolves().

void circuit_discard_optional_exit_enclaves

(

extend_info_t *

info

)

A circuit failed to finish on its last hop info. If there are any streams waiting with this exit node in mind, but they don't absolutely require it, make them give up on it.

References socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, edge_connection_t::chosen_exit_name, edge_connection_t::chosen_exit_optional, edge_connection_t::chosen_exit_retries, clear_trackexithost_mappings(), CONN_TYPE_AP, consider_plaintext_ports(), escaped_safe_str_client(), get_connection_array(), LD_APP, extend_info_t::nickname, socks_request_t::port, router_get_by_nickname(), safe_str_client(), edge_connection_t::socks_request, TO_EDGE_CONN(), tor_assert, and tor_free.

Referenced by circuit_build_failed().

void circuit_dump_by_conn	(	connection_t *	conn,
		int	severity
	)

Log, at severity severity, information about each circuit that is connected to conn.

References connection_t::addr, extend_info_t::addr, circuit_dump_details(), CIRCUIT_IS_ORIGIN, CIRCUIT_STATE_OPEN, connection_t::conn_array_index, CONN_TYPE_OR, DIGEST_LEN, extend_info_t::identity_digest, circuit_t::marked_for_close, circuit_t::n_circ_id, circuit_t::n_conn, circuit_t::n_hop, circuit_t::next, edge_connection_t::next_stream, or_circuit_t::p_circ_id, connection_t::port, extend_info_t::port, circuit_t::state, TO_CONN, TO_OR_CIRCUIT(), TO_OR_CONN(), TO_ORIGIN_CIRCUIT(), tor_addr_eq, and connection_t::type.

Referenced by dumpstats().

const char* circuit_end_reason_to_control_string

(

int

reason

)

Convert a numeric reason for destroying a circuit into a string for a CIRCUIT event.

References END_CIRC_AT_ORIGIN, END_CIRC_REASON_FLAG_REMOTE, END_CIRC_REASON_NOPATH, and LD_BUG.

Referenced by control_event_circuit_status().

int circuit_enough_testing_circs

(

void

)

Return 1 if we've already exercised our bandwidth, or if we have fewer than NUM_PARALLEL_TESTING_CIRCS testing circuits established or on the way. Else return 0.

References CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_TESTING, CIRCUIT_STATE_OPEN, have_performed_bandwidth_test, circuit_t::marked_for_close, circuit_t::next, NUM_PARALLEL_TESTING_CIRCS, circuit_t::purpose, and circuit_t::state.

Referenced by circuit_testing_opened(), consider_testing_reachability(), and rep_hist_circbuilding_dormant().

origin_circuit_t* circuit_establish_circuit	(	uint8_t	purpose,
		extend_info_t *	exit,
		int	flags
	)

Build a new circuit for purpose. If exit is defined, then use that as your exit router, else choose a suitable exit node.

Also launch a connection to the first OR in the chosen path, if it's not open already.

References circuit_handle_first_hop(), control_event_circuit_status(), END_CIRC_REASON_NOPATH, onion_pick_cpath_exit(), onion_populate_cpath(), origin_circuit_init(), and TO_CIRCUIT.

Referenced by circuit_launch_by_extend_info().

void circuit_expire_all_dirty_circs

(

void

)

Go through the circuitlist; for each circuit that starts at us and is dirty, frob its timestamp_dirty so we won't use it for any new streams.

This is useful for letting the user change pseudonyms, so new streams will not be linkable to old streams.

References CIRCUIT_IS_ORIGIN, get_options(), circuit_t::marked_for_close, or_options_t::MaxCircuitDirtiness, circuit_t::next, and circuit_t::timestamp_dirty.

Referenced by circuit_note_clock_jumped(), do_hup(), options_act(), and signewnym_impl().

void circuit_expire_building

(

time_t

now

)

Close all circuits that start at us, aren't open, and were born at least CircuitBuildTimeout seconds ago.

References or_connection_t::_base, connection_t::address, origin_circuit_t::build_state, circ_times, circuit_build_times_add_timeout(), circuit_build_times_set_timeout(), CIRCUIT_IS_ORIGIN, circuit_log_path(), CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_STATE_OPEN, circuit_state_to_string(), origin_circuit_t::cpath, LD_CIRC, LD_REND, circuit_t::marked_for_close, circuit_t::n_circ_id, circuit_t::n_conn, circuit_t::next, cpath_build_state_t::onehop_tunnel, connection_t::port, circuit_t::purpose, crypt_path_t::state, circuit_t::state, circuit_build_times_t::timeout_ms, circuit_t::timestamp_created, circuit_t::timestamp_dirty, and TO_ORIGIN_CIRCUIT().

Referenced by run_scheduled_events().

void circuit_expire_old_circuits_serverside

(

time_t

now

)

Find each non-origin circuit that has been unused for too long, has no streams on it, used a create_fast, and ends here: mark it for close.

References CIRCUIT_IS_ORIGIN, IDLE_ONE_HOP_CIRC_TIMEOUT, or_circuit_t::is_first_hop, LD_CIRC, circuit_t::marked_for_close, circuit_t::n_conn, or_circuit_t::n_streams, circuit_t::next, or_circuit_t::p_circ_id, or_circuit_t::p_conn, or_circuit_t::resolving_streams, or_connection_t::timestamp_last_added_nonpadding, and TO_OR_CIRCUIT().

Referenced by run_scheduled_events().

int circuit_extend	(	cell_t *	cell,
		circuit_t *	circ
	)

Take the 'extend' cell, pull out addr/port plus the onion skin and identity digest for the next hop. If we're already connected, pass the onion skin to the next hop using a create cell; otherwise launch a new OR connection, and circ will notice when the connection succeeds or fails.

Return -1 if we want to warn and tear down the circuit, else return 0.

References or_connection_t::_base, connection_t::address, circuit_deliver_create_cell(), circuit_set_state(), CIRCUIT_STATE_OR_WAIT, connection_or_connect(), connection_or_get_for_extend(), DIGEST_LEN, extend_info_alloc(), fmt_addr(), get_options(), get_uint16(), get_uint32(), LD_CIRC, LD_OR, LD_PROTOCOL, relay_header_t::length, circuit_t::n_conn, circuit_t::n_conn_onionskin, circuit_t::n_hop, cell_t::payload, connection_t::port, RELAY_HEADER_SIZE, relay_header_unpack(), server_mode(), TO_OR_CIRCUIT(), tor_addr_from_ipv4h, tor_assert, and tor_digest_is_zero().

Referenced by connection_edge_process_relay_cell().

int circuit_extend_to_new_exit	(	origin_circuit_t *	circ,
		extend_info_t *	exit
	)

Take an open circ, and add a new hop at the end, based on info. Set its state back to CIRCUIT_STATE_BUILDING, and then send the next extend cell to begin connecting to that hop.

References circuit_append_new_exit(), circuit_send_next_onion_skin(), circuit_set_state(), CIRCUIT_STATE_BUILDING, LD_CIRC, extend_info_t::nickname, TO_CIRCUIT, and warn_if_last_router_excluded().

Referenced by circuit_launch_by_extend_info(), and rend_client_introduction_acked().

origin_circuit_t* circuit_find_to_cannibalize	(	uint8_t	purpose,
		extend_info_t *	info,
		int	flags
	)

Return a circuit that is open, is CIRCUIT_PURPOSE_C_GENERAL, has a timestamp_dirty value of 0, has flags matching the CIRCLAUNCH_* flags in flags, and if info is defined, does not already use info as any of its hops; or NULL if no circuit fits this description.

The purpose argument (currently ignored) refers to the purpose of the circuit we want to create, not the purpose of the circuit we want to cannibalize.

If !CIRCLAUNCH_NEED_UPTIME, prefer returning non-uptime circuits.

References origin_circuit_t::build_state, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, CIRCLAUNCH_NEED_UPTIME, CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_STATE_OPEN, origin_circuit_t::cpath, DIGEST_LEN, crypt_path_t::extend_info, extend_info_t::identity_digest, cpath_build_state_t::is_internal, LD_CIRC, circuit_t::marked_for_close, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, crypt_path_t::next, circuit_t::next, circuit_t::purpose, origin_circuit_t::remaining_relay_early_cells, router_get_by_digest(), routers_in_same_family(), circuit_t::state, circuit_t::timestamp_dirty, and TO_ORIGIN_CIRCUIT().

Referenced by circuit_launch_by_extend_info().

int circuit_finish_handshake	(	origin_circuit_t *	circ,
		uint8_t	reply_type,
		const char *	reply
	)

A created or extended cell came back to us on the circuit, and it included reply as its body. (If reply_type is CELL_CREATED, the body contains (the second DH key, plus KH). If reply_type is CELL_CREATED_FAST, the body contains a secret y and a hash H(x|y).)

Calculate the appropriate keys and digests, make sure KH is correct, and initialize this hop of the cpath.

Return - reason if we want to mark circ for close, else return 0.

References CIPHER_KEY_LEN, circuit_init_cpath_crypto(), circuit_log_path(), control_event_circuit_status(), origin_circuit_t::cpath, crypto_dh_free(), crypt_path_t::dh_handshake_state, DIGEST_LEN, fast_client_handshake(), crypt_path_t::fast_handshake_state, crypt_path_t::handshake_digest, LD_CIRC, LD_PROTOCOL, onion_next_hop_in_cpath(), onion_skin_client_handshake(), crypt_path_t::state, and tor_assert.

Referenced by command_process_created_cell(), and connection_edge_process_relay_cell().

void circuit_free_all

(

void

)

Release all storage held by circuits.

References circuit_free(), CIRCUIT_IS_ORIGIN, connection_free(), circuit_t::next, edge_connection_t::next_stream, or_circuit_t::resolving_streams, smartlist_free(), TO_CONN, and TO_OR_CIRCUIT().

Referenced by tor_free_all().

void circuit_get_all_pending_on_or_conn	(	smartlist_t *	out,
		or_connection_t *	or_conn
	)

Append to out all circuits in state OR_WAIT waiting for the given connection.

References or_connection_t::_base, connection_t::addr, CIRCUIT_STATE_OR_WAIT, DIGEST_LEN, or_connection_t::identity_digest, connection_t::port, smartlist_add(), tor_addr_eq, tor_assert, and tor_digest_is_zero().

Referenced by circuit_count_pending_on_or_conn(), and circuit_n_conn_done().

circuit_t* circuit_get_by_circid_orconn	(	circid_t	circ_id,
		or_connection_t *	conn
	)

Return a circ such that:

• circ->n_circ_id or circ->p_circ_id is equal to circ_id, and
• circ is attached to conn, either as p_conn or n_conn.
• circ is not marked for close. Return NULL if no such circuit exists.

References circuit_get_by_circid_orconn_impl(), and circuit_t::marked_for_close.

Referenced by command_process_created_cell(), command_process_destroy_cell(), command_process_relay_cell(), and connection_cpu_process_inbuf().

circuit_t* circuit_get_by_edge_conn

(

edge_connection_t *

conn

)

Return the circuit that a given edge connection is using.

References CIRCUIT_IS_ORIGIN, circuit_t::magic, edge_connection_t::on_circuit, and tor_assert.

Referenced by _connection_write_to_buf_impl(), connection_about_to_close_connection(), connection_ap_expire_beginning(), connection_edge_consider_sending_sendme(), connection_edge_end(), connection_edge_package_raw_inbuf(), connection_exit_connect(), control_event_stream_status(), dns_cancel_pending_resolve(), dns_found_answer(), getinfo_helper_events(), handle_control_attachstream(), and purge_expired_resolves().

origin_circuit_t* circuit_get_by_global_id

(

uint32_t

id

)

Return the circuit whose global ID is id, or NULL if no such circuit exists.

References CIRCUIT_IS_ORIGIN, circuit_t::marked_for_close, circuit_t::next, and TO_ORIGIN_CIRCUIT().

Referenced by get_circ().

origin_circuit_t* circuit_get_by_rend_query_and_purpose	(	const char *	rend_query,
		uint8_t	purpose
	)

Return a circ such that:

• circ->rend_data->query is equal to rend_query, and
• circ->purpose is equal to purpose.

Return NULL if no such circuit exists.

References CIRCUIT_PURPOSE_IS_ORIGIN, circuit_t::marked_for_close, circuit_t::next, rend_data_t::onion_address, circuit_t::purpose, rend_cmp_service_ids(), origin_circuit_t::rend_data, TO_ORIGIN_CIRCUIT(), and tor_assert.

Referenced by rend_client_introduction_acked().

crypt_path_t* circuit_get_cpath_hop	(	origin_circuit_t *	circ,
		int	hopnum
	)

Return the hopnumth hop in circ->cpath, or NULL if there aren't that many hops in the list.

References origin_circuit_t::cpath, and crypt_path_t::next.

Referenced by handle_control_attachstream().

int circuit_get_cpath_len

(

origin_circuit_t *

circ

)

Return the number of hops in circuit's path.

References origin_circuit_t::cpath, and crypt_path_t::next.

Referenced by handle_control_attachstream(), and onion_extend_cpath().

or_circuit_t* circuit_get_intro_point

(

const char *

digest

)

Return the circuit waiting for intro cells of the given digest. Return NULL if no such circuit is found.

References circuit_get_by_rend_token_and_purpose(), CIRCUIT_PURPOSE_INTRO_POINT, and DIGEST_LEN.

Referenced by rend_mid_establish_intro(), and rend_mid_introduce().

origin_circuit_t* circuit_get_next_by_pk_and_purpose	(	origin_circuit_t *	start,
		const char *	digest,
		uint8_t	purpose
	)

Return the first circuit originating here in global_circuitlist after start whose purpose is purpose, and where digest (if set) matches the rend_pk_digest field. Return NULL if no circuit is found. If start is NULL, begin at the start of the list.

References CIRCUIT_PURPOSE_IS_ORIGIN, DIGEST_LEN, circuit_t::marked_for_close, circuit_t::next, circuit_t::purpose, TO_CIRCUIT, TO_ORIGIN_CIRCUIT(), and tor_assert.

Referenced by find_intro_circuit(), and router_perform_bandwidth_test().

or_circuit_t* circuit_get_rendezvous

(

const char *

cookie

)

Return the circuit waiting for a rendezvous with the provided cookie. Return NULL if no such circuit is found.

References circuit_get_by_rend_token_and_purpose(), CIRCUIT_PURPOSE_REND_POINT_WAITING, and REND_COOKIE_LEN.

Referenced by rend_mid_establish_rendezvous(), and rend_mid_rendezvous().

int circuit_handle_first_hop

(

origin_circuit_t *

circ

)

Start establishing the first hop of our circuit. Figure out what OR we should connect to, and if necessary start the connection to it. If we're already connected, then send the 'create' cell. Return 0 for ok, -reason if circ should be marked-for-close.

References origin_circuit_t::_base, extend_info_t::addr, origin_circuit_t::build_state, circuit_send_next_onion_skin(), connection_or_connect(), connection_or_get_for_extend(), control_event_bootstrap(), origin_circuit_t::cpath, crypt_path_t::extend_info, extend_info_dup(), fmt_addr(), extend_info_t::identity_digest, LD_CIRC, circuit_t::n_conn, circuit_t::n_hop, extend_info_t::nickname, cpath_build_state_t::onehop_tunnel, onion_next_hop_in_cpath(), extend_info_t::port, safe_str_client(), and tor_assert.

Referenced by circuit_establish_circuit(), and handle_control_extendcircuit().

void circuit_has_opened

(

origin_circuit_t *

circ

)

The circuit circ has just become open. Take the next step: for rendezvous circuits, we pass circ to the appropriate function in rendclient or rendservice. For general circuits, we call connection_ap_attach_pending, which looks for pending streams that could use circ.

References CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_TESTING, circuit_testing_opened(), connection_ap_attach_pending(), control_event_circuit_status(), rend_client_introcirc_has_opened(), rend_client_rendcirc_has_opened(), rend_service_intro_has_opened(), rend_service_rendezvous_has_opened(), and TO_CIRCUIT.

Referenced by circuit_send_next_onion_skin(), and rend_service_intro_has_opened().

int circuit_id_in_use_on_orconn	(	circid_t	circ_id,
		or_connection_t *	conn
	)

Return true iff the circuit ID circ_id is currently used by a circuit, marked or not, on conn.

References circuit_get_by_circid_orconn_impl().

Referenced by command_process_create_cell(), and get_unique_circ_id_by_conn().

int circuit_init_cpath_crypto	(	crypt_path_t *	cpath,
		const char *	key_data,
		int	reverse
	)

Initialize cpath->{f|b}_{crypto|digest} from the key material in key_data. key_data must contain CPATH_KEY_MATERIAL bytes, which are used as follows:

• 20 to initialize f_digest
• 20 to initialize b_digest
• 16 to key f_crypto
• 16 to key b_crypto

(If 'reverse' is true, then f_XX and b_XX are swapped.)

References crypt_path_t::b_crypto, crypt_path_t::b_digest, CIPHER_KEY_LEN, crypto_create_init_cipher(), crypto_digest_add_bytes(), crypto_new_digest_env(), DIGEST_LEN, crypt_path_t::f_crypto, crypt_path_t::f_digest, LD_BUG, and tor_assert.

Referenced by circuit_finish_handshake(), onionskin_answer(), rend_client_receive_rendezvous(), and rend_service_introduce().

int32_t circuit_initial_package_window

(

void

)

Pick a reasonable package_window to start out for our circuits. Originally this was hard-coded at 1000, but now the consensus votes on the answer. See proposal 168.

References CIRCWINDOW_START, and networkstatus_get_param().

Referenced by init_circuit_base(), onion_append_hop(), rend_client_receive_rendezvous(), and rend_service_rendezvous_has_opened().

origin_circuit_t* circuit_launch_by_extend_info	(	uint8_t	purpose,
		extend_info_t *	extend_info,
		int	flags
	)

Launch a new circuit with purpose purpose and exit node extend_info (or NULL to select a random exit node). If flags contains CIRCLAUNCH_NEED_UPTIME, choose among routers with high uptime. If CIRCLAUNCH_NEED_CAPACITY is set, choose among routers with high bandwidth. If CIRCLAUNCH_IS_INTERNAL is true, the last hop need not be an exit node. If CIRCLAUNCH_ONEHOP_TUNNEL is set, the circuit will have only one hop. Return the newly allocated circuit on success, or NULL on failure.

References origin_circuit_t::_base, origin_circuit_t::build_state, build_state_get_exit_nickname(), CIRCLAUNCH_ONEHOP_TUNNEL, circuit_establish_circuit(), circuit_extend_to_new_exit(), circuit_find_to_cannibalize(), CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_TESTING, did_circs_fail_last_period, LD_BUG, LD_CIRC, MAX_CIRCUIT_FAILURES, n_circuit_failures, circuit_t::purpose, router_have_minimum_dir_info(), circuit_t::timestamp_created, tor_assert, and tor_fragile_assert.

Referenced by circuit_get_open_circ_or_launch(), circuit_launch_by_router(), rend_client_introduction_acked(), rend_service_introduce(), rend_service_launch_establish_intro(), and rend_service_relaunch_rendezvous().

origin_circuit_t* circuit_launch_by_router	(	uint8_t	purpose,
		routerinfo_t *	exit,
		int	flags
	)

Launch a new circuit; see circuit_launch_by_extend_info() for details on arguments.

References circuit_launch_by_extend_info(), extend_info_free(), and extend_info_from_router().

Referenced by circuit_build_needed_circs(), circuit_predict_and_launch_new(), consider_testing_reachability(), and handle_control_extendcircuit().

char* circuit_list_path	(	origin_circuit_t *	circ,
		int	verbose
	)

If verbose is false, allocate and return a comma-separated list of the currently built elements of circuit_t. If verbose is true, also list information about link status in a more verbose format using spaces.

References circuit_list_path_impl().

Referenced by circuit_log_path().

char* circuit_list_path_for_controller

(

origin_circuit_t *

circ

)

Allocate and return a comma-separated list of the currently built elements of circuit_t, giving each as a verbose nickname.

References circuit_list_path_impl().

Referenced by control_event_circuit_status(), and getinfo_helper_events().

void circuit_log_path	(	int	severity,
		unsigned int	domain,
		origin_circuit_t *	circ
	)

Log, at severity severity, the nicknames of each router in circ's cpath. Also log the length of the cpath, and the intended exit point.

References circuit_list_path(), tor_free, and tor_log().

Referenced by circuit_dump_details(), circuit_expire_building(), circuit_finish_handshake(), connection_ap_handshake_attach_circuit(), connection_ap_process_end_not_open(), connection_edge_process_relay_cell_not_open(), and warn_if_last_router_excluded().

void circuit_mark_all_unused_circs

(

void

)

Go through the circuitlist; mark-for-close each circuit that starts at us but has not yet been used.

References CIRCUIT_IS_ORIGIN, circuit_t::marked_for_close, circuit_t::next, and circuit_t::timestamp_dirty.

Referenced by circuit_note_clock_jumped(), and options_act().

void circuit_n_conn_done	(	or_connection_t *	or_conn,
		int	status
	)

Find any circuits that are waiting on or_conn to become open and get them to send their create cells forward.

Status is 1 if connect succeeded, or 0 if connect failed.

References or_connection_t::_base, connection_t::addr, connection_t::address, circuit_deliver_create_cell(), circuit_get_all_pending_on_or_conn(), CIRCUIT_IS_ORIGIN, circuit_send_next_onion_skin(), circuit_set_state(), CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, DIGEST_LEN, extend_info_free(), or_connection_t::identity_digest, LD_CIRC, or_connection_t::nickname, connection_t::port, smartlist_create(), smartlist_free(), TO_ORIGIN_CIRCUIT(), tor_addr_eq, tor_assert, tor_digest_is_zero(), and tor_free.

Referenced by connection_about_to_close_connection(), and connection_or_set_state_open().

void circuit_note_clock_jumped

(

int

seconds_elapsed

)

Our clock just jumped by seconds_elapsed. Assume something has also gone wrong with our network: notify the user, and abandon all not-yet-used circuits.

References circuit_expire_all_dirty_circs(), circuit_mark_all_unused_circs(), control_event_client_status(), control_event_general_status(), get_options(), has_completed_circuit, LD_GENERAL, server_mode(), and tor_log().

Referenced by second_elapsed_callback().

const char* circuit_purpose_to_controller_string

(

uint8_t

purpose

)

Map a circuit purpose to a string suitable to be displayed to a controller.

References CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, CIRCUIT_PURPOSE_C_INTRODUCE_ACKED, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_JOINED, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, CIRCUIT_PURPOSE_CONTROLLER, CIRCUIT_PURPOSE_INTRO_POINT, CIRCUIT_PURPOSE_OR, CIRCUIT_PURPOSE_REND_ESTABLISHED, CIRCUIT_PURPOSE_REND_POINT_WAITING, CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, CIRCUIT_PURPOSE_S_REND_JOINED, CIRCUIT_PURPOSE_TESTING, and tor_snprintf().

Referenced by control_event_circuit_status(), and getinfo_helper_events().

int circuit_receive_relay_cell	(	cell_t *	cell,
		circuit_t *	circ,
		cell_direction_t	cell_direction
	)

Receive a relay cell:

• Crypt it (encrypt if headed toward the origin or if we are the origin; decrypt if we're headed toward the exit).
• Check if recognized (if exitward).
• If recognized and the digest checks out, then find if there's a stream that the cell is intended for, and deliver it to the right connection_edge.
• If not recognized, then we need to relay it: append it to the appropriate cell_queue on circ.

Return -reason on failure.

References or_circuit_t::_base, append_cell_to_circuit_queue(), CELL_DIRECTION_IN, CELL_DIRECTION_OUT, cell_t::circ_id, CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_REND_ESTABLISHED, circuit_receive_relay_cell(), cell_t::command, connection_edge_process_relay_cell(), LD_BUG, LD_OR, LD_PROTOCOL, LD_REND, circuit_t::marked_for_close, circuit_t::n_circ_id, circuit_t::n_conn, or_circuit_t::p_circ_id, or_circuit_t::p_conn, circuit_t::purpose, relay_crypt(), relay_lookup_conn(), or_circuit_t::rend_splice, TO_CIRCUIT, TO_OR_CIRCUIT(), and tor_assert.

Referenced by circuit_receive_relay_cell(), and command_process_relay_cell().

void circuit_remove_handled_ports

(

smartlist_t *

needed_ports

)

Remove any elements in needed_ports that are handled by an open or in-progress circuit.

References circuit_stream_is_being_handled(), LD_CIRC, MIN_CIRCUITS_HANDLING_STREAM, smartlist_del(), tor_assert, and tor_free.

Referenced by circuit_get_unhandled_ports().

void circuit_rep_hist_note_result

(

origin_circuit_t *

circ

)

Tell the rep(utation)hist(ory) module about the status of the links in circ. Hops that have become OPEN are marked as successfully extended; the _first_ hop that isn't open (if any) is marked as unable to extend.

References routerinfo_t::cache_info, origin_circuit_t::cpath, crypt_path_t::extend_info, get_options(), extend_info_t::identity_digest, signed_descriptor_t::identity_digest, crypt_path_t::next, rep_hist_note_extend_failed(), rep_hist_note_extend_succeeded(), router_get_by_digest(), router_get_my_routerinfo(), server_mode(), and crypt_path_t::state.

Referenced by _circuit_mark_for_close(), and circuit_send_next_onion_skin().

void circuit_reset_failure_count

(

int

timeout

)

Reset the failure count for opening general circuits. This means we will try MAX_CIRCUIT_FAILURES times more (if necessary) before stopping again.

References did_circs_fail_last_period, MAX_CIRCUIT_FAILURES, and n_circuit_failures.

Referenced by circuit_build_needed_circs(), and circuit_send_next_onion_skin().

int circuit_send_next_onion_skin

(

origin_circuit_t *

circ

)

This is the backbone function for building circuits.

If circ's first hop is closed, then we need to build a create cell and send it forward.

Otherwise, we need to build a relay extend cell and send it forward.

Return -reason if we want to tear down circ, else return 0.

References origin_circuit_t::_base, extend_info_t::addr, origin_circuit_t::build_state, check_whether_orport_reachable(), circuit_build_times_add_time(), circuit_build_times_network_circ_success(), circuit_build_times_set_timeout(), circuit_deliver_create_cell(), circuit_has_opened(), circuit_rep_hist_note_result(), circuit_reset_failure_count(), circuit_set_state(), CIRCUIT_STATE_BUILDING, CIRCUIT_STATE_OPEN, consider_testing_reachability(), control_event_bootstrap(), control_event_client_status(), origin_circuit_t::cpath, crypto_rand(), crypt_path_t::dh_handshake_state, DIGEST_LEN, crypt_path_t::extend_info, crypt_path_t::fast_handshake_state, get_options(), has_completed_circuit, circuit_t::highres_created, extend_info_t::identity_digest, or_connection_t::identity_digest, inform_testing_reachability(), LD_BUG, LD_CIRC, LD_GENERAL, circuit_t::n_conn, routerinfo_t::nickname, cpath_build_state_t::onehop_tunnel, extend_info_t::onion_key, onion_next_hop_in_cpath(), onion_skin_create(), extend_info_t::port, crypt_path_t::prev, relay_send_command_from_edge(), router_get_by_digest(), server_mode(), set_uint16(), set_uint32(), should_use_create_fast_for_circuit(), circuit_t::state, crypt_path_t::state, TO_CIRCUIT, tor_addr_family(), tor_addr_to_ipv4n(), tor_assert, tor_gettimeofday(), and tv_mdiff().

Referenced by circuit_extend_to_new_exit(), circuit_handle_first_hop(), circuit_n_conn_done(), command_process_created_cell(), connection_edge_process_relay_cell(), and handle_control_extendcircuit().

void circuit_set_n_circid_orconn	(	circuit_t *	circ,
		circid_t	id,
		or_connection_t *	conn
	)

Set the n_conn field of a circuit circ, along with the corresponding circuit ID, and add the circuit as appropriate to the (orconn,id)->circuit map.

References bool_eq, CELL_DIRECTION_OUT, cell_queue_t::n, circuit_t::n_conn_cells, circuit_t::next_active_on_n_conn, and tor_assert.

Referenced by circuit_deliver_create_cell(), circuit_free(), circuit_unlink_all_from_or_conn(), command_process_destroy_cell(), and connection_edge_process_relay_cell().

void circuit_set_p_circid_orconn	(	or_circuit_t *	circ,
		circid_t	id,
		or_connection_t *	conn
	)

Set the p_conn field of a circuit circ, along with the corresponding circuit ID, and add the circuit as appropriate to the (orconn,id)->circuit map.

References bool_eq, CELL_DIRECTION_IN, cell_queue_t::n, or_circuit_t::next_active_on_p_conn, or_circuit_t::p_conn_cells, TO_CIRCUIT, and tor_assert.

Referenced by circuit_free(), circuit_unlink_all_from_or_conn(), command_process_destroy_cell(), and or_circuit_new().

void circuit_set_state	(	circuit_t *	circ,
		uint8_t	state
	)

Change the state of circ to state, adding it to or removing it from lists as appropriate.

References CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, circuit_t::n_conn_onionskin, smartlist_add(), smartlist_create(), smartlist_remove(), circuit_t::state, and tor_assert.

Referenced by circuit_extend(), circuit_extend_to_new_exit(), circuit_n_conn_done(), circuit_send_next_onion_skin(), command_process_create_cell(), handle_control_extendcircuit(), onionskin_answer(), and origin_circuit_init().

const char* circuit_state_to_string

(

int

state

)

Function to make circ->state human-readable

References CIRCUIT_STATE_BUILDING, CIRCUIT_STATE_ONIONSKIN_PENDING, CIRCUIT_STATE_OPEN, CIRCUIT_STATE_OR_WAIT, LD_BUG, and tor_snprintf().

Referenced by circuit_dump_details(), circuit_expire_building(), and rend_service_dump_stats().

int circuit_stream_is_being_handled	(	edge_connection_t *	conn,
		uint16_t	port,
		int	min
	)

Return 1 if at least min general-purpose non-internal circuits will have an acceptable exit node for exit stream conn if it is defined, else for "*:port". Else return 0.

References ADDR_POLICY_PROBABLY_REJECTED, ADDR_POLICY_REJECTED, origin_circuit_t::build_state, build_state_get_exit_router(), CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_C_GENERAL, compare_addr_to_addr_policy(), connection_ap_can_use_exit(), routerinfo_t::exit_policy, get_options(), cpath_build_state_t::is_internal, circuit_t::marked_for_close, cpath_build_state_t::need_uptime, circuit_t::next, cpath_build_state_t::onehop_tunnel, socks_request_t::port, circuit_t::purpose, smartlist_string_num_isin(), edge_connection_t::socks_request, circuit_t::timestamp_dirty, and TO_ORIGIN_CIRCUIT().

Referenced by ap_stream_wants_exit_attention(), and circuit_remove_handled_ports().

int circuit_truncated	(	origin_circuit_t *	circ,
		crypt_path_t *	layer
	)

We received a relay truncated cell on circ.

Since we don't ask for truncates currently, getting a truncated means that a connection broke or an extend failed. For now, just give up: for circ to close, and return 0.

References circuit_free_cpath_node(), origin_circuit_t::cpath, END_CIRC_REASON_FLAG_REMOTE, LD_APP, LD_CIRC, crypt_path_t::next, edge_connection_t::next_stream, origin_circuit_t::p_streams, TO_CIRCUIT, and tor_assert.

Referenced by connection_edge_process_relay_cell().

void circuit_unlink_all_from_or_conn	(	or_connection_t *	conn,
		int	reason
	)

For each circuit that has conn as n_conn or p_conn, unlink the circuit from the orconn,circid map, and mark it for close if it hasn't been marked already.

References CIRCUIT_IS_ORIGIN, circuit_set_n_circid_orconn(), circuit_set_p_circid_orconn(), connection_or_unlink_all_active_circs(), circuit_t::marked_for_close, circuit_t::n_conn, circuit_t::next, or_circuit_t::p_conn, and TO_OR_CIRCUIT().

Referenced by connection_about_to_close_connection().

void clean_cell_pool

(

void

)

Free excess storage in cell pool.

References tor_assert.

Referenced by run_scheduled_events().

void clear_bridge_list

(

void

)

Initialize the bridge list to empty, creating it if needed.

References smartlist_clear(), smartlist_create(), and tor_free.

Referenced by entry_guards_free_all(), and options_act().

void clear_pending_onions

(

void

)

Remove all circuits from the pending list. Called from tor_free_all.

References onion_queue_t::next, ol_length, onion_queue_t::onionskin, and tor_free.

Referenced by tor_free_all().

void clear_trusted_dir_servers

(

void

)

Remove all members from the list of trusted dir servers.

References router_dir_info_changed(), smartlist_clear(), smartlist_create(), trusted_dir_server_free(), and trusted_dir_servers.

Referenced by consider_adding_dir_authorities().

void client_dns_clear_failures

(

const char *

address

)

If address is in the client DNS addressmap, reset the number of resolve failures we have on record for it. This is used when we fail a stream because it won't resolve: otherwise future attempts on that address will only try once.

References addressmap, addressmap_entry_t::num_resolve_failures, and strmap_get().

Referenced by connection_ap_process_end_not_open().

int client_dns_incr_failures

(

const char *

address

)

An attempt to resolve address failed at some OR. Increment the number of resolve failures we have on record for it, and then return that number.

References addressmap, addressmap_entry_t::expires, LD_APP, MAX_DNS_ENTRY_AGE, addressmap_entry_t::num_resolve_failures, safe_str_client(), strmap_get(), and strmap_set().

Referenced by connection_ap_process_end_not_open().

void client_dns_set_addressmap	(	const char *	address,
		uint32_t	val,
		const char *	exitname,
		int	ttl
	)

Record the fact that address resolved to val. We can now use this in subsequent streams via addressmap_rewrite() so we can more correctly choose an exit that will allow address.

If exitname is defined, then append the addresses with ".exitname.exit" before registering the mapping.

If ttl is nonnegative, the mapping will be valid for ttlseconds; otherwise, we use the default.

References client_dns_set_addressmap_impl(), INET_NTOA_BUF_LEN, tor_assert, tor_inet_aton(), and tor_inet_ntoa().

Referenced by connection_ap_handshake_socks_resolved(), connection_ap_process_end_not_open(), and connection_edge_process_relay_cell_not_open().

int cmp_addr_policies	(	smartlist_t *	a,
		smartlist_t *	b
	)

Like cmp_single_addr_policy() above, but looks at the whole set of policies in each case.

References cmp_single_addr_policy().

Referenced by router_differences_are_cosmetic().

void command_process_cell	(	cell_t *	cell,
		or_connection_t *	conn
	)

Process a cell that was just received on conn. Keep internal statistics about how many of each cell we've processed so far this second, and the total number of microseconds it took to process each type of cell.

References or_connection_t::_base, cell_t::command, LD_OR, LD_PROTOCOL, OR_CONN_STATE_OR_HANDSHAKING, connection_t::state, stats_n_create_cells_processed, stats_n_created_cells_processed, stats_n_destroy_cells_processed, stats_n_netinfo_cells_processed, stats_n_padding_cells_processed, stats_n_relay_cells_processed, and tor_fragile_assert.

Referenced by connection_or_process_cells_from_inbuf().

void command_process_var_cell	(	var_cell_t *	cell,
		or_connection_t *	conn
	)

Process a cell that was just received on conn. Keep internal statistics about how many of each cell we've processed so far this second, and the total number of microseconds it took to process each type of cell.

References or_connection_t::_base, var_cell_t::command, LD_BUG, LD_OR, OR_CONN_STATE_OR_HANDSHAKING, connection_t::state, stats_n_versions_cells_processed, and tor_fragile_assert.

Referenced by connection_or_process_cells_from_inbuf().

addr_policy_result_t compare_addr_to_addr_policy	(	uint32_t	addr,
		uint16_t	port,
		const smartlist_t *	policy
	)

As compare_tor_addr_to_addr_policy, but instead of a tor_addr_t, takes in host order.

References compare_tor_addr_to_addr_policy(), and tor_addr_from_ipv4h.

Referenced by circuit_stream_is_being_handled(), connection_ap_can_use_exit(), router_exit_policy_all_routers_reject(), and router_handles_some_port().

int compare_digest_to_routerstatus_entry	(	const void *	_key,
		const void **	_member
	)

Helper for bsearching a list of routerstatus_t pointers: compare a digest in the key to the identity digest of a routerstatus_t.

References DIGEST_LEN, and routerstatus_t::identity_digest.

Referenced by measured_bw_line_apply(), networkstatus_v2_find_entry(), networkstatus_vote_find_entry(), networkstatus_vote_find_entry_idx(), and router_get_consensus_status_by_id().

int compare_routerstatus_entries	(	const void **	_a,
		const void **	_b
	)

Helper to sort a smartlist of pointers to routerstatus_t

References DIGEST_LEN, and routerstatus_t::identity_digest.

Referenced by dirserv_read_measured_bandwidths(), and networkstatus_v2_parse_from_string().

addr_policy_result_t compare_tor_addr_to_addr_policy	(	const tor_addr_t *	addr,
		uint16_t	port,
		const smartlist_t *	policy
	)

Decide whether a given addr:port is definitely accepted, definitely rejected, probably accepted, or probably rejected by a given policy. If addr is 0, we don't know the IP of the target address. If port is 0, we don't know the port of the target address. (At least one of addr and port must be provided. If you want to know whether a policy would definitely reject an unknown address:port, use policy_is_reject_star().)

We could do better by assuming that some ranges never match typical addresses (127.0.0.1, and so on). But we'll try this for now.

References ADDR_POLICY_ACCEPTED, compare_known_tor_addr_to_addr_policy(), compare_known_tor_addr_to_addr_policy_noport(), compare_unknown_tor_addr_to_addr_policy(), tor_addr_is_null(), and tor_assert.

Referenced by addr_policy_permits_tor_addr(), compare_addr_to_addr_policy(), router_compare_to_my_exit_policy(), router_find_exact_exit_enclave(), and routerset_contains().

void config_free_all

(

void

)

Release all memory and resources held by global configuration structures.

References config_free(), config_free_lines(), or_options_free(), and tor_free.

Referenced by tor_free_all().

void config_free_lines

(

config_line_t *

front

)

Free all the configuration lines on the linked list front.

References config_line_t::key, config_line_t::next, tor_free, and config_line_t::value.

Referenced by circuit_build_times_update_state(), config_dump(), config_free(), config_free_all(), config_get_commandlines(), config_get_lines(), control_setconf_helper(), dirserv_load_fingerprint_file(), entry_guards_update_state(), option_clear(), option_is_same(), option_reset(), options_dup(), options_init_from_string(), and or_state_load().

int config_get_lines	(	const char *	string,
		config_line_t **	result
	)

Helper: parse the config string and strdup into key/value strings. Set *result to the list, or NULL if parsing the string failed. Return 0 on success, -1 on failure. Warn and ignore any misformatted lines.

References config_free_lines(), parse_config_line_from_str(), and tor_free.

Referenced by control_setconf_helper(), dirserv_load_fingerprint_file(), options_init_from_string(), and or_state_load().

void configure_accounting

(

time_t

now

)

Initialize the accounting subsystem.

References accounting_set_wakeup_time(), interval_end_time, interval_start_time, LD_ACCT, read_bandwidth_usage(), reset_accounting(), start_of_accounting_period_after(), and start_of_accounting_period_containing().

Referenced by accounting_run_housekeeping(), and options_act().

const char* conn_state_to_string	(	int	type,
		int	state
	)

Return the human-readable name for the connection state state for the connection type type

References AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONNECT_WAIT, AP_CONN_STATE_CONTROLLER_WAIT, AP_CONN_STATE_NATD_WAIT, AP_CONN_STATE_OPEN, AP_CONN_STATE_RENDDESC_WAIT, AP_CONN_STATE_RESOLVE_WAIT, AP_CONN_STATE_SOCKS_WAIT, CONN_TYPE_AP, CONN_TYPE_AP_DNS_LISTENER, CONN_TYPE_AP_LISTENER, CONN_TYPE_AP_NATD_LISTENER, CONN_TYPE_AP_TRANS_LISTENER, CONN_TYPE_CONTROL, CONN_TYPE_CONTROL_LISTENER, CONN_TYPE_CPUWORKER, CONN_TYPE_DIR, CONN_TYPE_DIR_LISTENER, CONN_TYPE_EXIT, CONN_TYPE_OR, CONN_TYPE_OR_LISTENER, conn_type_to_string(), CONTROL_CONN_STATE_NEEDAUTH, CONTROL_CONN_STATE_OPEN, CPUWORKER_STATE_BUSY_ONION, CPUWORKER_STATE_IDLE, DIR_CONN_STATE_CLIENT_FINISHED, DIR_CONN_STATE_CLIENT_READING, DIR_CONN_STATE_CLIENT_SENDING, DIR_CONN_STATE_CONNECTING, DIR_CONN_STATE_SERVER_COMMAND_WAIT, DIR_CONN_STATE_SERVER_WRITING, EXIT_CONN_STATE_CONNECTING, EXIT_CONN_STATE_OPEN, EXIT_CONN_STATE_RESOLVEFAILED, EXIT_CONN_STATE_RESOLVING, LD_BUG, LISTENER_STATE_READY, OR_CONN_STATE_CONNECTING, OR_CONN_STATE_OPEN, OR_CONN_STATE_OR_HANDSHAKING, OR_CONN_STATE_PROXY_HANDSHAKING, OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING, OR_CONN_STATE_TLS_HANDSHAKING, OR_CONN_STATE_TLS_SERVER_RENEGOTIATING, and tor_snprintf().

Referenced by _connection_free(), connection_ap_expire_beginning(), connection_buckets_decrement(), connection_close_immediate(), connection_edge_process_inbuf(), connection_edge_process_relay_cell_not_open(), connection_expire_held_open(), and dumpstats().

const char* conn_type_to_string

(

int

type

)

Return the human-readable name for the connection type type

References CONN_TYPE_AP, CONN_TYPE_AP_DNS_LISTENER, CONN_TYPE_AP_LISTENER, CONN_TYPE_AP_NATD_LISTENER, CONN_TYPE_AP_TRANS_LISTENER, CONN_TYPE_CONTROL, CONN_TYPE_CONTROL_LISTENER, CONN_TYPE_CPUWORKER, CONN_TYPE_DIR, CONN_TYPE_DIR_LISTENER, CONN_TYPE_EXIT, CONN_TYPE_OR, CONN_TYPE_OR_LISTENER, LD_BUG, and tor_snprintf().

Referenced by _connection_free(), check_sockaddr_family_match(), conn_close_if_marked(), conn_read_callback(), conn_state_to_string(), conn_write_callback(), connection_add(), connection_buckets_decrement(), connection_close_immediate(), connection_create_listener(), connection_expire_held_open(), connection_remove(), dumpstats(), and options_act_reversible().

void connection_about_to_close_connection

(

connection_t *

conn

)

Do any cleanup needed:

• Directory conns that failed to fetch a rendezvous descriptor need to inform pending rendezvous streams.
• OR conns need to call rep_hist_note_*() to record status.
• AP conns need to send a socks reject if necessary.
• Exit conns need to call connection_dns_remove() if necessary.
• AP and Exit conns need to send an end cell if they can.
• DNS conns need to fail any resolves that are pending on them.
• OR and edge connections need to be unlinked from circuits.

References authdir_mode_tests_reachability(), circuit_detach_stream(), circuit_get_by_edge_conn(), circuit_n_conn_done(), circuit_unlink_all_from_or_conn(), CONN_IS_EDGE, CONN_TYPE_AP, CONN_TYPE_DIR, CONN_TYPE_EXIT, CONN_TYPE_OR, connection_dir_request_failed(), connection_dns_remove(), connection_or_nonopen_was_started_here(), control_event_bootstrap_problem(), control_event_or_conn_status(), control_event_stream_bandwidth(), control_event_stream_status(), DIR_CONN_STATE_CLIENT_FINISHED, DIR_PURPOSE_FETCH_RENDDESC_V2, edge_connection_t::dns_server_request, dnsserv_reject_request(), edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, entry_guard_register_connect_status(), EXIT_CONN_STATE_RESOLVING, get_options(), socks_request_t::has_finished, connection_t::hold_open_until_flushed, or_options_t::HttpsProxy, or_connection_t::identity_digest, LD_BUG, connection_t::marked_for_close, connection_t::marked_for_close_file, rend_data_t::onion_address, OR_CONN_STATE_OPEN, OR_CONN_STATE_TLS_HANDSHAKING, orconn_end_reason_to_control_string(), connection_t::purpose, rend_client_refetch_v2_renddesc(), dir_connection_t::rend_data, REND_SERVICE_ID_LEN_BASE32, rep_hist_note_connect_failed(), rep_hist_note_connection_died(), rep_hist_note_disconnect(), edge_connection_t::socks_request, connection_t::state, or_connection_t::tls_error, tls_error_to_orconn_end_reason(), TO_DIR_CONN(), TO_EDGE_CONN(), TO_OR_CONN(), tor_assert, tor_digest_is_zero(), tor_fragile_assert, and connection_t::type.

Referenced by connection_unlink().

int connection_add

(

connection_t *

conn

)

Add conn to the array of connections that we can poll on. The connection's socket must be set; the connection starts out non-reading and non-writing.

References connection_t::address, connection_t::conn_array_index, conn_read_callback(), CONN_TYPE_AP, conn_type_to_string(), conn_write_callback(), LD_NET, connection_t::linked, connection_t::read_event, connection_t::s, smartlist_add(), TO_EDGE_CONN(), tor_assert, tor_event_new(), tor_libevent_get_base(), connection_t::type, and connection_t::write_event.

Referenced by connection_ap_make_link(), connection_connect(), connection_create_listener(), connection_exit_connect_dir(), connection_handle_listener_read(), directory_initiate_command_rend(), dnsserv_launch_request(), evdns_server_callback(), and spawn_cpuworker().

void connection_ap_attach_pending

(

void

)

Tell any AP streams that are waiting for a new circuit to try again, either attaching to an available circ or launching a new one.

References edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, CONN_TYPE_AP, connection_ap_handshake_attach_circuit(), END_STREAM_REASON_CANT_ATTACH, get_connection_array(), connection_t::marked_for_close, and TO_EDGE_CONN().

Referenced by circuit_build_needed_circs(), circuit_has_opened(), rend_client_introcirc_has_opened(), rend_client_receive_rendezvous(), and rend_client_rendezvous_acked().

int connection_ap_can_use_exit	(	edge_connection_t *	conn,
		routerinfo_t *	exit,
		int	excluded_means_no
	)

Return 1 if router exit is likely to allow stream conn to exit from it, or 0 if it probably will not allow it. (We might be uncertain if conn's destination address has not yet been resolved.)

If excluded_means_no is 1 and Exclude*Nodes is set and excludes this relay, return 0.

References edge_connection_t::_base, or_options_t::_ExcludeExitNodesUnion, ADDR_POLICY_PROBABLY_REJECTED, ADDR_POLICY_REJECTED, socks_request_t::address, routerinfo_t::cache_info, edge_connection_t::chosen_exit_name, socks_request_t::command, compare_addr_to_addr_policy(), CONN_TYPE_AP, DIGEST_LEN, routerinfo_t::exit_policy, get_options(), routerinfo_t::has_old_dnsworkers, signed_descriptor_t::identity_digest, policy_is_reject_star(), socks_request_t::port, router_get_by_nickname(), routerset_contains_router(), SOCKS_COMMAND_CONNECT, SOCKS_COMMAND_RESOLVE_PTR, edge_connection_t::socks_request, or_options_t::StrictNodes, tor_assert, tor_inet_aton(), connection_t::type, and edge_connection_t::use_begindir.

Referenced by choose_good_exit_server_general(), circuit_get_open_circ_or_launch(), circuit_is_acceptable(), circuit_stream_is_being_handled(), and connection_ap_handshake_attach_circuit().

int connection_ap_detach_retriable	(	edge_connection_t *	conn,
		origin_circuit_t *	circ,
		int	reason
	)

The AP connection conn has just failed while attaching or sending a BEGIN or resolving on circ, but another circuit might work. Detach the circuit, and either reattach it, launch a new circuit, tell the controller, or give up as a appropriate.

Returns -1 on err, 1 on success, 0 on not-yet-sure.

References edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONTROLLER_WAIT, circuit_detach_stream(), connection_ap_handshake_attach_circuit(), control_event_stream_status(), get_options(), connection_t::state, connection_t::timestamp_lastread, TO_CIRCUIT, and edge_connection_t::use_begindir.

Referenced by connection_ap_expire_beginning(), and connection_ap_process_end_not_open().

void connection_ap_expire_beginning

(

void

)

Find all general-purpose AP streams waiting for a response that sent their begin/resolve cell too long ago. Detach from their current circuit, and mark their current circuit as unsuitable for new streams. Then call connection_ap_handshake_attach_circuit() to attach to a new circuit (if available) or launch a new one.

For rendezvous streams, simply give up after SocksTimeout seconds (with no retry attempt).

References edge_connection_t::_base, connection_t::addr, socks_request_t::address, AP_CONN_STATE_IS_UNATTACHED, AP_CONN_STATE_OPEN, circuit_get_by_edge_conn(), CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_REND_JOINED, compute_retry_timeout(), conn_state_to_string(), CONN_TYPE_AP, connection_ap_detach_retriable(), connection_edge_end(), edge_connection_t::cpath_layer, edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, END_STREAM_REASON_CANT_ATTACH, crypt_path_t::extend_info, get_connection_array(), get_options(), LD_APP, LD_REND, connection_t::marked_for_close, or_options_t::MaxCircuitDirtiness, extend_info_t::nickname, edge_connection_t::num_socks_retries, socks_request_t::port, connection_t::port, circuit_t::purpose, safe_str_client(), edge_connection_t::socks_request, or_options_t::SocksTimeout, connection_t::state, connection_t::timestamp_created, circuit_t::timestamp_dirty, connection_t::timestamp_lastread, TO_EDGE_CONN(), TO_ORIGIN_CIRCUIT(), tor_addr_is_null(), and tor_assert.

Referenced by run_scheduled_events().

void connection_ap_fail_onehop	(	const char *	failed_digest,
		cpath_build_state_t *	build_state
	)

Tell any AP streams that are waiting for a one-hop tunnel to failed_digest that they are going to fail.

References extend_info_t::addr, socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, cpath_build_state_t::chosen_exit, edge_connection_t::chosen_exit_name, CONN_TYPE_AP, DIGEST_LEN, get_connection_array(), hexdigest_to_digest(), LD_APP, socks_request_t::port, extend_info_t::port, edge_connection_t::socks_request, TO_EDGE_CONN(), tor_addr_eq, tor_addr_from_str(), tor_digest_is_zero(), and edge_connection_t::want_onehop.

Referenced by circuit_build_failed().

int connection_ap_handshake_attach_chosen_circuit	(	edge_connection_t *	conn,
		origin_circuit_t *	circ,
		crypt_path_t *	cpath
	)

Attempt to attach the connection conn to circ, and send a begin or resolve cell as appropriate. Return values are as for connection_ap_handshake_attach_circuit. The stream will exit from the hop indicated by cpath, or from the last hop in circ's cpath if cpath is NULL.

References origin_circuit_t::_base, edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONTROLLER_WAIT, CIRCUIT_STATE_OPEN, socks_request_t::command, connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), consider_recording_trackhost(), link_apconn_to_circ(), SOCKS_COMMAND_CONNECT, edge_connection_t::socks_request, circuit_t::state, connection_t::state, circuit_t::timestamp_dirty, tor_assert, and edge_connection_t::use_begindir.

Referenced by connection_ap_handshake_attach_circuit().

int connection_ap_handshake_attach_circuit

(

edge_connection_t *

conn

)

Try to find a safe live circuit for CONN_TYPE_AP connection conn. If we don't find one: if conn cannot be handled by any known nodes, warn and return -1 (conn needs to die, and is maybe already marked); else launch new circuit (if necessary) and return 0. Otherwise, associate conn with a safe live circuit, do the right next step, and return 1.

References origin_circuit_t::_base, edge_connection_t::_base, connection_t::addr, socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, assert_circuit_ok(), edge_connection_t::chosen_exit_name, edge_connection_t::chosen_exit_optional, circuit_get_open_circ_or_launch(), CIRCUIT_IS_ORIGIN, circuit_log_path(), CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_JOINED, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, CIRCUIT_STATE_OPEN, connection_ap_can_use_exit(), connection_ap_handshake_attach_chosen_circuit(), connection_ap_handshake_send_begin(), connection_edge_is_rendezvous_stream(), edge_connection_t::cpath_layer, get_options(), LD_APP, LD_CIRC, LD_REND, link_apconn_to_circ(), circuit_t::marked_for_close, circuit_t::n_circ_id, circuit_t::next, rend_data_t::onion_address, socks_request_t::port, connection_t::port, circuit_t::purpose, rend_client_send_introduction(), rend_cmp_service_ids(), edge_connection_t::rend_data, origin_circuit_t::rend_data, router_get_by_nickname(), safe_str_client(), edge_connection_t::socks_request, or_options_t::SocksTimeout, connection_t::state, connection_t::timestamp_created, circuit_t::timestamp_dirty, TO_CIRCUIT, TO_ORIGIN_CIRCUIT(), tor_addr_is_null(), tor_assert, tor_free, and edge_connection_t::want_onehop.

Referenced by connection_ap_attach_pending(), connection_ap_detach_retriable(), connection_ap_make_link(), and rend_client_desc_trynow().

int connection_ap_handshake_rewrite_and_attach	(	edge_connection_t *	conn,
		origin_circuit_t *	circ,
		crypt_path_t *	cpath
	)

Connection conn just finished its socks handshake, or the controller asked us to take care of it. If circ is defined, then that's where we'll want to attach it. Otherwise we have to figure it out ourselves.

First, parse whether it's a .exit address, remap it, and so on. Then if it's for a general circuit, try to attach it to a circuit (or launch one as needed), else if it's for a rendezvous circuit, fetch a rendezvous descriptor first (or attach/launch a circuit if the rendezvous descriptor is already here and fresh enough).

The stream will exit from the hop indicated by cpath, or from the last hop in circ's cpath if cpath is NULL.

References socks_request_t::address, addressmap_register_virtual_address(), or_options_t::AutomapHostsOnResolve, or_options_t::AutomapHostsSuffixes, socks_request_t::command, escaped_safe_str_client(), get_options(), LD_APP, socks_request_t::port, safe_str_client(), SOCKS_COMMAND_RESOLVE, edge_connection_t::socks_request, strcasecmpend(), tor_assert, tor_inet_aton(), and tor_strlower().

Referenced by connection_ap_handshake_process_socks(), connection_ap_process_natd(), connection_ap_process_transparent(), dnsserv_launch_request(), evdns_server_callback(), and handle_control_attachstream().

int connection_ap_handshake_send_begin

(

edge_connection_t *

ap_conn

)

Write a relay begin cell, using destaddr and destport from ap_conn's socks_request field, and send it down circ.

If ap_conn is broken, mark it for close and return -1. Else return 0.

References origin_circuit_t::_base, edge_connection_t::_base, socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONNECT_WAIT, origin_circuit_t::build_state, CELL_PAYLOAD_SIZE, CIRCUIT_PURPOSE_C_GENERAL, socks_request_t::command, CONN_TYPE_AP, connection_edge_send_command(), control_event_stream_status(), edge_connection_t::deliver_window, get_unique_stream_id_by_circ(), LD_APP, circuit_t::n_circ_id, edge_connection_t::on_circuit, cpath_build_state_t::onehop_tunnel, edge_connection_t::package_window, socks_request_t::port, circuit_t::purpose, RELAY_PAYLOAD_SIZE, connection_t::s, edge_connection_t::socks_request, connection_t::state, edge_connection_t::stream_id, STREAMWINDOW_START, TO_CIRCUIT, TO_ORIGIN_CIRCUIT(), tor_assert, tor_snprintf(), connection_t::type, and edge_connection_t::use_begindir.

Referenced by connection_ap_handshake_attach_chosen_circuit(), and connection_ap_handshake_attach_circuit().

int connection_ap_handshake_send_resolve

(

edge_connection_t *

ap_conn

)

Write a relay resolve cell, using destaddr and destport from ap_conn's socks_request field, and send it down circ.

If ap_conn is broken, mark it for close and return -1. Else return 0.

References origin_circuit_t::_base, edge_connection_t::_base, connection_t::address, socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_RESOLVE_WAIT, CIRCUIT_PURPOSE_C_GENERAL, socks_request_t::command, CONN_TYPE_AP, connection_edge_send_command(), control_event_stream_status(), get_unique_stream_id_by_circ(), LD_APP, LD_BUG, circuit_t::n_circ_id, edge_connection_t::on_circuit, circuit_t::purpose, REVERSE_LOOKUP_NAME_BUF_LEN, connection_t::s, safe_str_client(), SOCKS_COMMAND_RESOLVE, edge_connection_t::socks_request, connection_t::state, edge_connection_t::stream_id, TO_CIRCUIT, TO_ORIGIN_CIRCUIT(), tor_addr_parse_reverse_lookup_name(), tor_addr_to_reverse_lookup_name(), tor_assert, tor_free, and connection_t::type.

Referenced by connection_ap_handshake_attach_chosen_circuit().

void connection_ap_handshake_socks_reply	(	edge_connection_t *	conn,
		char *	reply,
		size_t	replylen,
		int	endreason
	)

Send a socks reply to stream conn, using the appropriate socks version, etc, and mark conn as completed with SOCKS handshaking.

If reply is defined, then write replylen bytes of it to conn and return, else reply based on endreason (one of END_STREAM_REASON_*). If reply is undefined, endreason can't be 0 or REASON_DONE. Send endreason to the controller, if appropriate.

References control_event_stream_status(), socks_request_t::has_finished, LD_BUG, SOCKS4_NETWORK_LEN, edge_connection_t::socks_request, socks_request_t::socks_version, stream_end_reason_to_socks5_response(), TO_CONN, and tor_assert.

Referenced by _connection_mark_unattached_ap(), connection_ap_handshake_process_socks(), connection_ap_handshake_socks_resolved(), and connection_edge_process_relay_cell_not_open().

void connection_ap_handshake_socks_resolved	(	edge_connection_t *	conn,
		int	answer_type,
		size_t	answer_len,
		const char *	answer,
		int	ttl,
		time_t	expires
	)

Send an answer to an AP connection that has requested a DNS lookup via SOCKS. The type should be one of RESOLVED_TYPE_(IPV4|IPV6|HOSTNAME) or -1 for unreachable; the answer should be in the format specified in the socks extensions document. ttl is the ttl for the answer, or -1 on certain errors or for values that didn't come via DNS. expires is a time when the answer expires, or -1 or TIME_MAX if there's a good TTL.

References socks_request_t::address, edge_connection_t::chosen_exit_name, client_dns_set_addressmap(), client_dns_set_reverse_addressmap(), connection_ap_handshake_socks_reply(), edge_connection_t::dns_server_request, dnsserv_resolved(), get_uint32(), socks_request_t::has_finished, edge_connection_t::is_dns_request, set_uint16(), SOCKS4_NETWORK_LEN, edge_connection_t::socks_request, socks_request_t::socks_version, tell_controller_about_resolved_result(), and tor_free.

Referenced by _connection_mark_unattached_ap(), and connection_edge_process_relay_cell_not_open().

edge_connection_t* connection_ap_make_link	(	char *	address,
		uint16_t	port,
		const char *	digest,
		int	use_begindir,
		int	want_onehop
	)

Make an AP connection_t, make a new linked connection pair, and attach one side to the conn, connection_add it, initialize it to circuit_wait, and call connection_ap_handshake_attach_circuit(conn) on it.

Return the other end of the linked connection pair, or -1 if error.

References edge_connection_t::_base, connection_t::addr, connection_t::address, socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, base16_encode(), edge_connection_t::chosen_exit_name, socks_request_t::command, CONN_TYPE_AP, connection_add(), connection_ap_handshake_attach_circuit(), connection_free(), control_event_stream_status(), DIGEST_LEN, edge_connection_new(), END_STREAM_REASON_CANT_ATTACH, socks_request_t::has_finished, HEX_DIGEST_LEN, LD_APP, connection_t::linked, connection_t::marked_for_close, connection_t::port, socks_request_t::port, safe_str_client(), SOCKS_COMMAND_CONNECT, edge_connection_t::socks_request, socks_request_t::socks_version, connection_t::state, TO_CONN, tor_addr_make_unspec(), tor_assert, edge_connection_t::use_begindir, and edge_connection_t::want_onehop.

Referenced by directory_initiate_command_rend().

int connection_ap_process_transparent

(

edge_connection_t *

conn

)

connection_init_accepted_conn() found a new trans AP conn. Get the original destination and send it to connection_ap_handshake_rewrite_and_attach().

Return -1 if an unexpected error with conn (and it should be marked for close), else return 0.

References edge_connection_t::_base, AP_CONN_STATE_CONTROLLER_WAIT, socks_request_t::command, CONN_TYPE_AP, connection_ap_get_original_destination(), connection_ap_handshake_rewrite_and_attach(), control_event_stream_status(), END_STREAM_REASON_CANT_FETCH_ORIG_DEST, get_options(), socks_request_t::has_finished, LD_APP, or_options_t::LeaveStreamsUnattached, SOCKS_COMMAND_CONNECT, edge_connection_t::socks_request, connection_t::state, tor_assert, and connection_t::type.

Referenced by connection_init_accepted_conn().

void connection_bucket_init

(

void

)

Initialize the global read bucket to options->BandwidthBurst.

References or_options_t::BandwidthBurst, get_options(), or_options_t::RelayBandwidthBurst, and or_options_t::RelayBandwidthRate.

Referenced by do_main_loop().

void connection_bucket_refill	(	int	seconds_elapsed,
		time_t	now
	)

A second has rolled over; increment buckets appropriately.

References or_connection_t::bandwidthburst, or_options_t::BandwidthBurst, or_connection_t::bandwidthrate, or_options_t::BandwidthRate, connection_bucket_refill_helper(), connection_bucket_should_increase(), connection_counts_as_relayed_traffic(), connection_start_reading(), connection_start_writing(), get_connection_array(), get_options(), LD_NET, LOG_FN_CONN, OR_CONN_STATE_OPEN, or_connection_t::read_bucket, or_options_t::RelayBandwidthBurst, or_options_t::RelayBandwidthRate, TO_OR_CONN(), tor_assert, and or_connection_t::write_bucket.

Referenced by second_elapsed_callback().

ssize_t connection_bucket_write_limit	(	connection_t *	conn,
		time_t	now
	)

How many bytes at most can we write onto this connection?

References CELL_NETWORK_SIZE, CONN_TYPE_DIR, connection_bucket_round_robin(), connection_counts_as_relayed_traffic(), connection_is_rate_limited(), OR_CONN_STATE_OPEN, connection_t::outbuf_flushlen, RELAY_PAYLOAD_SIZE, connection_t::state, TO_OR_CONN(), connection_t::type, and or_connection_t::write_bucket.

Referenced by conn_close_if_marked(), and connection_handle_write_impl().

void connection_close_immediate

(

connection_t *

conn

)

Close the underlying socket for conn, so we don't try to flush it. Must be used in conjunction with (right before) connection_mark_for_close().

References assert_connection_ok(), buf_clear(), CONN_IS_CLOSED, conn_state_to_string(), conn_type_to_string(), connection_is_listener(), connection_unregister_events(), LD_BUG, LD_NET, connection_t::linked, connection_t::linked_conn_is_closed, connection_t::outbuf, connection_t::outbuf_flushlen, connection_t::s, connection_t::state, tor_close_socket(), tor_fragile_assert, and connection_t::type.

Referenced by _connection_write_to_buf_impl(), conn_write_callback(), connection_dir_reached_eof(), connection_exit_connect_dir(), connection_handle_read_impl(), connection_handle_write_impl(), and options_act_reversible().

int connection_connect	(	connection_t *	conn,
		const char *	address,
		const tor_addr_t *	addr,
		uint16_t	port,
		int *	socket_error
	)

Take conn, make a nonblocking socket; try to connect to addr:port (they arrive in *host order*). If fail, return -1 and if applicable put your best guess about errno into *socket_error. Else assign s to conn->s: if connected return 1, if EAGAIN return 0.

address is used to make the logs useful.

On success, add conn to the list of polled connections.

References client_check_address_changed(), connection_add(), or_options_t::ConstrainedSockets, or_options_t::ConstrainedSockSize, escaped_safe_str_client(), get_n_open_sockets(), get_options(), LD_CONFIG, LD_NET, or_options_t::OutboundBindAddress, connection_t::s, server_mode(), set_constrained_socket_buffers(), set_socket_nonblocking(), tor_addr_family(), tor_addr_is_loopback(), tor_addr_to_sockaddr(), tor_assert, tor_close_socket(), tor_inet_aton(), tor_open_socket(), and warn_too_many_conns().

Referenced by connection_exit_connect(), connection_or_connect(), and directory_initiate_command_rend().

int connection_control_finished_flushing

(

control_connection_t *

conn

)

Called when conn has no more bytes left on its outbuf.

References connection_stop_writing(), TO_CONN, and tor_assert.

Referenced by connection_finished_flushing().

int connection_control_process_inbuf

(

control_connection_t *

conn

)

Called when data has arrived on a v1 control connection: Try to fetch commands from conn->inbuf, and execute them.

References control_connection_t::_base, connection_printf_to_buf(), connection_stop_reading(), connection_write_str_to_buf(), CONTROL_CONN_STATE_NEEDAUTH, CONTROL_CONN_STATE_OPEN, fetch_from_buf_line(), handle_control_attachstream(), handle_control_authenticate(), handle_control_closecircuit(), handle_control_closestream(), handle_control_extendcircuit(), handle_control_getconf(), handle_control_getinfo(), handle_control_loadconf(), handle_control_mapaddress(), handle_control_postdescriptor(), handle_control_protocolinfo(), handle_control_redirectstream(), handle_control_resetconf(), handle_control_resolve(), handle_control_saveconf(), handle_control_setcircuitpurpose(), handle_control_setconf(), handle_control_setevents(), handle_control_signal(), handle_control_usefeature(), connection_t::hold_open_until_flushed, connection_t::inbuf, control_connection_t::incoming_cmd, control_connection_t::incoming_cmd_cur_len, control_connection_t::incoming_cmd_len, is_valid_initial_command(), MAX_COMMAND_LINE_LENGTH, peek_buf_has_control0_command(), set_uint16(), connection_t::state, TO_CONN, and tor_assert.

Referenced by connection_process_inbuf().

int connection_control_reached_eof

(

control_connection_t *

conn

)

Called when conn has gotten its socket closed.

References LD_CONTROL, TO_CONN, and tor_assert.

Referenced by connection_reached_eof().

int connection_cpu_finished_flushing

(

connection_t *

conn

)

Called when we're done sending a request to a cpuworker.

References CONN_TYPE_CPUWORKER, connection_stop_writing(), tor_assert, and connection_t::type.

Referenced by connection_finished_flushing().

int connection_cpu_process_inbuf

(

connection_t *

conn

)

Called when we get data from a cpuworker. If the answer is not complete, wait for a complete answer. If the answer is complete, process it as appropriate.

References buf_datalen(), circuit_get_by_circid_orconn(), CIRCUIT_IS_ORIGIN, CONN_TYPE_CPUWORKER, CONN_TYPE_OR, connection_fetch_from_buf(), connection_get_by_global_id(), CPUWORKER_STATE_BUSY_ONION, CPUWORKER_STATE_IDLE, connection_t::inbuf, last_rotation_time, LD_OR, LEN_ONION_RESPONSE, connection_t::marked_for_close, num_cpuworkers, num_cpuworkers_busy, onionskin_answer(), process_pending_task(), spawn_enough_cpuworkers(), connection_t::state, TAG_LEN, tag_unpack(), connection_t::timestamp_created, TO_OR_CIRCUIT(), TO_OR_CONN(), tor_assert, and connection_t::type.

Referenced by connection_process_inbuf().

int connection_cpu_reached_eof

(

connection_t *

conn

)

If the cpuworker closes the connection, mark it as closed and spawn a new one as needed.

References CPUWORKER_STATE_IDLE, LD_GENERAL, num_cpuworkers, num_cpuworkers_busy, spawn_enough_cpuworkers(), and connection_t::state.

Referenced by connection_reached_eof().

int connection_dir_finished_connecting

(

dir_connection_t *

conn

)

Connected handler for directory connections: begin sending data to the server

References dir_connection_t::_base, connection_t::address, CONN_TYPE_DIR, DIR_CONN_STATE_CLIENT_SENDING, DIR_CONN_STATE_CONNECTING, LD_HTTP, connection_t::port, connection_t::state, tor_assert, and connection_t::type.

Referenced by connection_finished_connecting().

int connection_dir_finished_flushing

(

dir_connection_t *

conn

)

Write handler for directory connections; called when all data has been flushed. Close the connection or wait for a response as appropriate.

References dir_connection_t::_base, CONN_TYPE_DIR, connection_stop_writing(), DIR_CONN_STATE_CLIENT_READING, DIR_CONN_STATE_CLIENT_SENDING, DIR_CONN_STATE_SERVER_WRITING, DIRREQ_FLUSHING_DIR_CONN_FINISHED, geoip_change_dirreq_state(), LD_BUG, LD_DIR, LD_DIRSERV, connection_t::state, TO_CONN, tor_assert, tor_fragile_assert, and connection_t::type.

Referenced by connection_finished_flushing().

int connection_dir_is_encrypted

(

dir_connection_t *

conn

)

Return true iff anything we say on conn is being encrypted before we send it to the client/server.

References TO_CONN.

Referenced by connection_dirserv_add_servers_to_outbuf(), and directory_handle_command_get().

int connection_dir_process_inbuf

(

dir_connection_t *

conn

)

Read handler for directory connections. (That's connections to directory servers and connections at directory servers.)

References dir_connection_t::_base, buf_datalen(), CONN_TYPE_DIR, DIR_CONN_STATE_SERVER_COMMAND_WAIT, directory_handle_command(), connection_t::inbuf, connection_t::inbuf_reached_eof, LD_HTTP, MAX_DIRECTORY_OBJECT_SIZE, connection_t::state, TO_CONN, tor_assert, and connection_t::type.

Referenced by connection_process_inbuf().

int connection_dir_reached_eof

(

dir_connection_t *

conn

)

Called when a directory connection reaches EOF.

References dir_connection_t::_base, connection_close_immediate(), connection_dir_client_reached_eof(), DIR_CONN_STATE_CLIENT_FINISHED, DIR_CONN_STATE_CLIENT_READING, LD_HTTP, connection_t::state, and TO_CONN.

Referenced by connection_reached_eof(), and run_connection_housekeeping().

void connection_dir_request_failed

(

dir_connection_t *

conn

)

Called when we are unable to complete the client's request to a directory server due to a network error: Mark the router as down and try again if possible.

References dir_connection_t::_base, connection_t::address, connection_dir_download_cert_failed(), connection_dir_download_networkstatus_failed(), connection_dir_download_routerdesc_failed(), DIR_PURPOSE_FETCH_CERTIFICATE, DIR_PURPOSE_FETCH_CONSENSUS, DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, DIR_PURPOSE_FETCH_EXTRAINFO, DIR_PURPOSE_FETCH_SERVERDESC, DIR_PURPOSE_FETCH_STATUS_VOTE, DIR_PURPOSE_FETCH_V2_NETWORKSTATUS, directory_conn_is_self_reachability_test(), entry_list_is_constrained(), get_options(), dir_connection_t::identity_digest, LD_DIR, networkstatus_consensus_download_failed(), connection_t::purpose, and router_set_status().

Referenced by connection_about_to_close_connection(), and directory_initiate_command_rend().

int connection_dirserv_flushed_some

(

dir_connection_t *

conn

)

Called whenever we have flushed some directory data in state SERVER_WRITING.

References dir_connection_t::_base, buf_datalen(), connection_dirserv_add_dir_bytes_to_outbuf(), connection_dirserv_add_microdescs_to_outbuf(), connection_dirserv_add_networkstatus_bytes_to_outbuf(), connection_dirserv_add_servers_to_outbuf(), DIR_CONN_STATE_SERVER_WRITING, dir_connection_t::dir_spool_src, DIRSERV_BUFFER_MIN, connection_t::outbuf, connection_t::state, and tor_assert.

Referenced by connection_flushed_some(), and directory_handle_command_get().

void connection_dns_remove

(

edge_connection_t *

conn

)

Remove conn from the list of connections waiting for conn->address.

References edge_connection_t::_base, connection_t::address, assert_connection_ok(), pending_connection_t::conn, CONN_TYPE_EXIT, escaped_safe_str(), EXIT_CONN_STATE_RESOLVING, LD_BUG, pending_connection_t::next, cached_resolve_t::pending_connections, connection_t::s, connection_t::state, TO_CONN, tor_assert, tor_free, and connection_t::type.

Referenced by connection_about_to_close_connection().

void connection_dump_buffer_mem_stats

(

int

severity

)

Log how many bytes are used by buffers of different kinds and sizes.

References buf_allocation(), buf_datalen(), and get_connection_array().

Referenced by dumpmemusage().

void connection_edge_consider_sending_sendme

(

edge_connection_t *

conn

)

Called when we've just received a relay data cell, or when we've just finished flushing all bytes to stream conn.

If conn->outbuf is not too full, and our deliver window is low, send back a suitable number of stream-level sendme cells.

References edge_connection_t::_base, circuit_get_by_edge_conn(), connection_edge_send_command(), connection_outbuf_too_full(), edge_connection_t::cpath_layer, edge_connection_t::deliver_window, LD_APP, connection_t::outbuf_flushlen, STREAMWINDOW_INCREMENT, STREAMWINDOW_START, and TO_CONN.

Referenced by connection_edge_finished_flushing(), and connection_edge_process_relay_cell().

int connection_edge_destroy	(	circid_t	circ_id,
		edge_connection_t *	conn
	)

This edge needs to be closed, because its circuit has closed. Mark it for close and return 0.

References edge_connection_t::_base, CONN_TYPE_AP, control_event_stream_bandwidth(), control_event_stream_status(), edge_connection_t::cpath_layer, edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED, connection_t::hold_open_until_flushed, LD_EDGE, connection_t::marked_for_close, edge_connection_t::on_circuit, TO_CONN, and connection_t::type.

Referenced by _circuit_mark_for_close().

int connection_edge_end	(	edge_connection_t *	conn,
		uint8_t	reason
	)

Send a relay end cell from stream conn down conn's circuit, and remember that we've done so. If this is not a client connection, set the relay end cell's reason for closing as reason.

Return -1 if this function has already been called on this conn, else return 0.

References edge_connection_t::_base, connection_t::addr, edge_connection_t::address_ttl, circuit_get_by_edge_conn(), CIRCUIT_PURPOSE_IS_CLIENT, connection_edge_is_rendezvous_stream(), connection_edge_send_command(), dns_clip_ttl(), edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, LD_BUG, LD_EDGE, circuit_t::marked_for_close, connection_t::marked_for_close, connection_t::marked_for_close_file, circuit_t::purpose, RELAY_PAYLOAD_SIZE, connection_t::s, set_uint32(), tor_addr_family(), tor_addr_to_ipv4n(), and tor_fragile_assert.

Referenced by connection_ap_expire_beginning(), connection_edge_end_errno(), connection_edge_process_inbuf(), connection_edge_process_relay_cell(), connection_edge_process_relay_cell_not_open(), connection_edge_reached_eof(), connection_exit_connect(), connection_exit_connect_dir(), dns_cancel_pending_resolve(), dns_found_answer(), handle_control_attachstream(), hibernate_go_dormant(), and purge_expired_resolves().

int connection_edge_end_errno

(

edge_connection_t *

conn

)

An error has just occurred on an operation on an edge connection conn. Extract the errno; convert it to an end reason, and send an appropriate relay end cell to the other end of the connection's circuit.

References edge_connection_t::_base, connection_edge_end(), errno_to_stream_end_reason(), connection_t::s, and tor_assert.

Referenced by conn_read_callback(), connection_exit_connect(), connection_handle_read_impl(), and connection_handle_write_impl().

int connection_edge_finished_connecting

(

edge_connection_t *

edge_conn

)

Connected handler for exit connections: start writing pending data, deliver 'CONNECTED' relay cells as appropriate, and check any pending data that may have been received.

References edge_connection_t::_base, connection_t::addr, connection_t::address, edge_connection_t::address_ttl, CONN_TYPE_EXIT, connection_edge_is_rendezvous_stream(), connection_edge_process_inbuf(), connection_edge_send_command(), connection_start_writing(), connection_wants_to_flush(), connection_watch_events(), dns_clip_ttl(), escaped_safe_str(), EXIT_CONN_STATE_CONNECTING, EXIT_CONN_STATE_OPEN, fmt_addr(), edge_connection_t::package_window, connection_t::port, rep_hist_note_exit_stream_opened(), safe_str(), set_uint32(), connection_t::state, TO_CONN, tor_addr_family(), tor_addr_to_ipv4n(), tor_assert, and connection_t::type.

Referenced by connection_finished_connecting().

int connection_edge_finished_flushing

(

edge_connection_t *

conn

)

Connection conn has finished writing and has no bytes left on its outbuf.

If it's in state 'open', stop writing, consider responding with a sendme, and return. Otherwise, stop writing and return.

If conn is broken, mark it for close and return -1, else return 0.

References edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONNECT_WAIT, AP_CONN_STATE_CONTROLLER_WAIT, AP_CONN_STATE_NATD_WAIT, AP_CONN_STATE_OPEN, AP_CONN_STATE_RENDDESC_WAIT, AP_CONN_STATE_SOCKS_WAIT, connection_edge_consider_sending_sendme(), connection_stop_writing(), EXIT_CONN_STATE_OPEN, LD_BUG, connection_t::state, TO_CONN, tor_assert, and tor_fragile_assert.

Referenced by connection_finished_flushing().

int connection_edge_is_rendezvous_stream

(

edge_connection_t *

conn

)

Return 1 if conn is a rendezvous stream, or 0 if it is a general stream.

References edge_connection_t::rend_data, and tor_assert.

Referenced by ap_stream_wants_exit_attention(), circuit_get_open_circ_or_launch(), connection_ap_handshake_attach_circuit(), connection_ap_process_end_not_open(), connection_edge_end(), connection_edge_finished_connecting(), connection_exit_begin_conn(), connection_exit_connect(), relay_lookup_conn(), and write_stream_target_to_buf().

int connection_edge_package_raw_inbuf	(	edge_connection_t *	conn,
		int	package_partial
	)

While conn->inbuf has an entire relay payload of bytes on it, and the appropriate package windows aren't empty, grab a cell and send it down the circuit.

Return -1 (and send a RELAY_COMMAND_END cell if necessary) if conn should be marked for close, else return 0.

References edge_connection_t::_base, buf_datalen(), CELL_PAYLOAD_SIZE, circuit_consider_stop_edge_reading(), circuit_get_by_edge_conn(), connection_edge_send_command(), connection_fetch_from_buf(), connection_stop_reading(), edge_connection_t::cpath_layer, edge_connection_t::end_reason, END_STREAM_REASON_CANT_ATTACH, connection_t::inbuf, LD_APP, LD_BUG, connection_t::marked_for_close, connection_t::marked_for_close_file, crypt_path_t::package_window, circuit_t::package_window, edge_connection_t::package_window, RELAY_PAYLOAD_SIZE, connection_t::s, TO_CONN, and tor_assert.

Referenced by circuit_resume_edge_reading_helper(), connection_edge_process_inbuf(), connection_edge_process_relay_cell(), and connection_edge_process_relay_cell_not_open().

int connection_edge_process_inbuf	(	edge_connection_t *	conn,
		int	package_partial
	)

Handle new bytes on conn->inbuf based on state:

• If it's waiting for socks info, try to read another step of the socks handshake out of conn->inbuf.
• If it's waiting for the original destination, fetch it.
• If it's open, then package more relay cells from the stream.
• Else, leave the bytes on inbuf alone for now.

Mark and return -1 if there was an unexpected error with the conn, else return 0.

References edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_CONNECT_WAIT, AP_CONN_STATE_CONTROLLER_WAIT, AP_CONN_STATE_NATD_WAIT, AP_CONN_STATE_OPEN, AP_CONN_STATE_RENDDESC_WAIT, AP_CONN_STATE_RESOLVE_WAIT, AP_CONN_STATE_SOCKS_WAIT, conn_state_to_string(), connection_ap_handshake_process_socks(), connection_ap_process_natd(), connection_edge_end(), connection_edge_package_raw_inbuf(), EXIT_CONN_STATE_CONNECTING, EXIT_CONN_STATE_OPEN, LD_BUG, LD_EDGE, connection_t::state, TO_CONN, tor_assert, tor_fragile_assert, and connection_t::type.

Referenced by connection_edge_finished_connecting(), and connection_process_inbuf().

int connection_edge_reached_eof

(

edge_connection_t *

conn

)

There was an EOF. Send an end and mark the connection for close.

References edge_connection_t::_base, buf_datalen(), connection_edge_end(), connection_state_is_open(), socks_request_t::has_finished, connection_t::inbuf, LD_EDGE, connection_t::marked_for_close, connection_t::s, edge_connection_t::socks_request, and TO_CONN.

Referenced by connection_reached_eof().

int connection_edge_send_command	(	edge_connection_t *	fromconn,
		uint8_t	relay_command,
		const char *	payload,
		size_t	payload_len
	)

Make a relay cell out of relay_command and payload, and send it onto the open circuit circ. fromconn is the stream that's sending the relay cell, or NULL if it's a control cell. cpath_layer is NULL for OR->OP cells, or the destination hop for OP->OR cells.

If you can't send the cell, mark the circuit for close and return -1. Else return 0.

References edge_connection_t::_base, CONN_TYPE_AP, edge_connection_t::cpath_layer, edge_connection_t::edge_has_sent_end, edge_connection_t::end_reason, LD_APP, LD_BUG, connection_t::marked_for_close, connection_t::marked_for_close_file, edge_connection_t::on_circuit, relay_send_command_from_edge(), edge_connection_t::stream_id, TO_CONN, tor_assert, and connection_t::type.

Referenced by connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_edge_consider_sending_sendme(), connection_edge_end(), connection_edge_finished_connecting(), connection_edge_package_raw_inbuf(), connection_exit_connect(), connection_exit_connect_dir(), send_resolved_cell(), and send_resolved_hostname_cell().

int connection_exit_begin_conn	(	cell_t *	cell,
		circuit_t *	circ
	)

A relay 'begin' or 'begin_dir' cell has arrived, and either we are an exit hop for the circuit, or we are the origin and it is a rendezvous begin.

Launch a new exit connection and initialize things appropriately.

If it's a rendezvous stream, call connection_exit_connect() on it.

For general streams, call dns_resolve() on it first, and only call connection_exit_connect() if the dns answer is already known.

Note that we don't call connection_add() on the new stream! We wait for connection_exit_connect() to do that.

Return -(some circuit end reason) if we want to tear down circ. Else return 0.

References edge_connection_t::_base, or_connection_t::_base, connection_t::addr, connection_t::address, assert_circuit_ok(), CIRCUIT_IS_ORIGIN, CIRCUIT_PURPOSE_OR, CIRCUIT_PURPOSE_S_REND_JOINED, relay_header_t::command, CONN_TYPE_EXIT, connection_edge_is_rendezvous_stream(), connection_exit_connect(), connection_exit_connect_dir(), connection_free(), connection_or_digest_is_known_relay(), origin_circuit_t::cpath, edge_connection_t::cpath_layer, edge_connection_t::deliver_window, directory_permits_begindir_requests(), circuit_t::dirreq_id, dns_resolve(), edge_connection_new(), EXIT_CONN_STATE_CONNECTING, EXIT_CONN_STATE_RESOLVEFAILED, EXIT_PURPOSE_CONNECT, get_options(), or_connection_t::identity_digest, or_circuit_t::is_first_hop, LD_BUG, LD_PROTOCOL, LD_REND, relay_header_t::length, edge_connection_t::next_stream, edge_connection_t::on_circuit, or_circuit_t::p_conn, origin_circuit_t::p_streams, edge_connection_t::package_window, parse_addr_port(), cell_t::payload, connection_t::port, crypt_path_t::prev, connection_t::purpose, circuit_t::purpose, or_connection_t::real_addr, RELAY_HEADER_SIZE, relay_header_unpack(), relay_send_end_cell_from_edge(), origin_circuit_t::rend_data, edge_connection_t::rend_data, rend_data_dup(), rend_service_set_connection_addr_port(), safe_str(), server_mode(), connection_t::state, edge_connection_t::stream_id, relay_header_t::stream_id, STREAMWINDOW_START, TO_CONN, TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), tor_addr_copy(), tor_addr_is_null(), tor_assert, tor_dup_addr(), tor_free, tor_strlower(), and we_are_hibernating().

Referenced by connection_edge_process_relay_cell().

int connection_exit_begin_resolve	(	cell_t *	cell,
		or_circuit_t *	circ
	)

Called when we receive a RELAY_COMMAND_RESOLVE cell 'cell' along the circuit circ; begin resolving the hostname, and (eventually) reply with a RESOLVED cell.

References edge_connection_t::_base, connection_t::address, assert_circuit_ok(), CONN_TYPE_EXIT, connection_free(), dns_resolve(), edge_connection_new(), EXIT_CONN_STATE_RESOLVEFAILED, EXIT_PURPOSE_RESOLVE, relay_header_t::length, connection_t::marked_for_close, edge_connection_t::on_circuit, cell_t::payload, connection_t::port, connection_t::purpose, RELAY_HEADER_SIZE, relay_header_unpack(), connection_t::state, relay_header_t::stream_id, edge_connection_t::stream_id, TO_CIRCUIT, and TO_CONN.

Referenced by connection_edge_process_relay_cell().

void connection_exit_connect

(

edge_connection_t *

edge_conn

)

Connect to conn's specified addr and port. If it worked, conn has now been added to the connection_array.

Send back a connected cell. Include the resolved IP of the destination address, but only if it's a general exit stream. (Rendezvous streams must not reveal what IP they connected to.)

References connection_t::addr, connection_t::address, edge_connection_t::address_ttl, circuit_detach_stream(), circuit_get_by_edge_conn(), connection_connect(), connection_edge_end(), connection_edge_end_errno(), connection_edge_is_rendezvous_stream(), connection_edge_send_command(), connection_free(), connection_wants_to_flush(), connection_watch_events(), dns_clip_ttl(), escaped_safe_str_client(), EXIT_CONN_STATE_CONNECTING, EXIT_CONN_STATE_OPEN, LD_BUG, connection_t::port, router_compare_to_my_exit_policy(), set_uint32(), connection_t::state, TO_CONN, tor_addr_family(), and tor_addr_to_ipv4n().

Referenced by connection_exit_begin_conn(), and dns_found_answer().

void connection_expire_held_open

(

void

)

Find each connection that has hold_open_until_flushed set to 1 but hasn't written in the past 15 seconds, and set hold_open_until_flushed to 0. This means it will get cleaned up in the next loop through close_if_marked() in main.c.

References conn_state_to_string(), CONN_TYPE_DIR, CONN_TYPE_EXIT, conn_type_to_string(), DIR_PURPOSE_SERVER, get_connection_array(), LD_NET, and tor_assert.

Referenced by run_scheduled_events().

int connection_fetch_from_buf	(	char *	string,
		size_t	len,
		connection_t *	conn
	)

A pass-through to fetch_from_buf.

References fetch_from_buf(), and connection_t::inbuf.

Referenced by connection_cpu_process_inbuf(), connection_edge_package_raw_inbuf(), and connection_or_process_cells_from_inbuf().

void connection_free

(

connection_t *

conn

)

Make sure conn isn't in any of the global conn lists; then free it.

References _connection_free(), CONN_TYPE_CONTROL, connection_in_array(), connection_is_on_closeable_list(), connection_or_remove_from_identity_map(), connection_start_reading(), connection_unregister_events(), control_update_global_event_mask(), control_connection_t::event_mask, LD_BUG, connection_t::linked_conn, connection_t::marked_for_close, connection_t::reading_from_linked_conn, TO_CONTROL_CONN(), TO_OR_CONN(), tor_assert, tor_digest_is_zero(), tor_fragile_assert, and connection_t::type.

Referenced by circuit_free_all(), connection_ap_make_link(), connection_create_listener(), connection_exit_begin_conn(), connection_exit_begin_resolve(), connection_exit_connect(), connection_exit_connect_dir(), connection_handle_listener_read(), connection_or_connect(), connection_unlink(), directory_initiate_command_rend(), dns_cancel_pending_resolve(), dns_found_answer(), dns_resolve(), dnsserv_launch_request(), evdns_server_callback(), purge_expired_resolves(), and spawn_cpuworker().

void connection_free_all

(

void

)

Call _connection_free() on every connection in our array, and release all storage held by connection.c. This is used by cpuworkers and dnsworkers when they fork, so they don't keep resources held open (especially sockets).

Don't do the checks in connection_free(), because they will fail.

References _connection_free(), CONN_TYPE_CONTROL, connection_or_clear_identity_map(), control_update_global_event_mask(), get_connection_array(), smartlist_free(), TO_CONTROL_CONN(), and tor_free.

Referenced by tor_free_all().

connection_t* connection_get_by_global_id

(

uint64_t

id

)

Return the stream with id id if it is not already marked for close.

References get_connection_array().

Referenced by connection_cpu_process_inbuf(), and get_stream().

connection_t* connection_get_by_type

(

int

type

)

Return a connection of type type that is not marked for close.

References get_connection_array().

Referenced by circuit_get_open_circ_or_launch(), hibernate_begin(), and hibernate_go_dormant().

connection_t* connection_get_by_type_addr_port_purpose	(	int	type,
		const tor_addr_t *	addr,
		uint16_t	port,
		int	purpose
	)

Return a connection with given type, address, port, and purpose; or NULL if no such connection exists.

References get_connection_array(), and tor_addr_eq.

Referenced by consider_testing_reachability(), launch_direct_bridge_descriptor_fetch(), router_pick_trusteddirserver_impl(), and update_v2_networkstatus_cache_downloads().

connection_t* connection_get_by_type_purpose	(	int	type,
		int	purpose
	)

Return an open, non-marked connection of a given type and purpose, or NULL if no such connection exists.

References get_connection_array().

Referenced by update_consensus_networkstatus_downloads(), and update_v2_networkstatus_cache_downloads().

connection_t* connection_get_by_type_state	(	int	type,
		int	state
	)

Return a connection of type type that is in state state, and that is not marked for close.

References get_connection_array().

Referenced by assign_onionskin_to_cpuworker(), cpuworkers_rotate(), and directory_all_unreachable().

connection_t* connection_get_by_type_state_rendquery	(	int	type,
		int	state,
		const char *	rendquery
	)

Return a connection of type type that has rendquery equal to rendquery, and that is not marked for close. If state is non-zero, conn must be of that state too.

References CONN_IS_EDGE, CONN_TYPE_AP, CONN_TYPE_DIR, CONN_TYPE_EXIT, get_connection_array(), rend_cmp_service_ids(), TO_DIR_CONN(), TO_EDGE_CONN(), and tor_assert.

Referenced by rend_client_remove_intro_point().

int connection_in_array

(

connection_t *

conn

)

Return true iff conn is in the current poll array.

References smartlist_isin().

Referenced by assert_all_pending_dns_resolves_ok(), and connection_free().

int connection_is_listener

(

connection_t *

conn

)

Return 1 if conn is a listener conn, else return 0.

References CONN_TYPE_AP_DNS_LISTENER, CONN_TYPE_AP_LISTENER, CONN_TYPE_AP_NATD_LISTENER, CONN_TYPE_AP_TRANS_LISTENER, CONN_TYPE_CONTROL_LISTENER, CONN_TYPE_DIR_LISTENER, CONN_TYPE_OR_LISTENER, and connection_t::type.

Referenced by _connection_free(), assert_connection_ok(), connection_close_immediate(), connection_handle_write_impl(), connection_init(), and dumpstats().

int connection_is_on_closeable_list

(

connection_t *

conn

)

Return 1 if conn is on the closeable list, else return 0.

References smartlist_isin().

Referenced by connection_free().

int connection_is_reading

(

connection_t *

conn

)

Return true iff conn is listening for read events.

References connection_t::read_event, connection_t::reading_from_linked_conn, and tor_assert.

Referenced by connection_handle_read_impl(), connection_handle_write_impl(), and set_streams_blocked_on_circ().

int connection_is_writing

(

connection_t *

conn

)

Return true iff conn is listening for write events.

References tor_assert, connection_t::write_event, and connection_t::writing_to_linked_conn.

Referenced by assert_connection_ok(), and connection_read_to_buf().

void connection_link_connections	(	connection_t *	conn_a,
		connection_t *	conn_b
	)

Create a link between conn_a and conn_b.

References connection_t::linked, connection_t::linked_conn, connection_t::s, and tor_assert.

Referenced by connection_exit_connect_dir(), and directory_initiate_command_rend().

connection_t* connection_new	(	int	type,
		int	socket_family
	)

Allocate, initialize, and return a new connection_t subtype of type to make or receive connections of address family socket_family. The type should be one of the CONN_TYPE_* constants.

References CONN_TYPE_AP, CONN_TYPE_CONTROL, CONN_TYPE_DIR, CONN_TYPE_EXIT, CONN_TYPE_OR, connection_init(), control_connection_new(), dir_connection_new(), edge_connection_new(), or_connection_new(), and TO_CONN.

Referenced by connection_create_listener(), connection_handle_listener_read(), and spawn_cpuworker().

void connection_or_clear_identity_map

(

void

)

Remove all entries from the identity-to-orconn map, and clear all identities in OR conns.

References CONN_TYPE_OR, DIGEST_LEN, get_connection_array(), and TO_OR_CONN().

Referenced by connection_free_all().

or_connection_t* connection_or_connect	(	const tor_addr_t *	_addr,
		uint16_t	port,
		const char *	id_digest
	)

Launch a new OR connection to addr:port and expect to handshake with an OR with identity digest id_digest.

If id_digest is me, do nothing. If we're already connected to it, return that connection. If the connect() is in progress, set the new conn's state to 'connecting' and return it. If connect() succeeds, call connection_tls_start_handshake() on it.

This function is called from router_retry_connections(), for ORs connecting to ORs, and circuit_establish_circuit(), for OPs connecting to ORs.

Return the launched conn, or NULL if it failed.

References or_connection_t::_base, connection_t::address, connection_connect(), connection_free(), connection_or_connect_failed(), connection_or_finished_connecting(), connection_or_init_conn_from_address(), connection_watch_events(), control_event_or_conn_status(), entry_guard_register_connect_status(), errno_to_orconn_end_reason(), get_options(), or_options_t::HttpsProxy, or_options_t::HttpsProxyAddr, or_options_t::HttpsProxyPort, or_connection_t::identity_digest, LD_PROTOCOL, OR_CONN_STATE_CONNECTING, or_connection_new(), router_digest_is_me(), server_mode(), or_options_t::Socks4Proxy, or_options_t::Socks4ProxyAddr, or_options_t::Socks4ProxyPort, or_options_t::Socks5Proxy, or_options_t::Socks5ProxyAddr, or_options_t::Socks5ProxyPort, connection_t::state, TO_CONN, tor_addr_copy(), and tor_assert.

Referenced by circuit_extend(), circuit_handle_first_hop(), and dirserv_single_reachability_test().

void connection_or_connect_failed	(	or_connection_t *	conn,
		int	reason,
		const char *	msg
	)

conn is in the 'connecting' state, and it failed to complete a TCP connection. Send notifications appropriately.

reason specifies the or_conn_end_reason for the failure; msg specifies the strerror-style error message.

References authdir_mode_tests_reachability(), control_event_bootstrap_problem(), control_event_or_conn_status(), and get_options().

Referenced by connection_handle_read_impl(), connection_handle_write_impl(), connection_or_connect(), and run_connection_housekeeping().

int connection_or_digest_is_known_relay

(

const char *

id_digest

)

Return 1 if identity digest id_digest is known to be a currently or recently running relay. Otherwise return 0.

References router_get_by_digest(), and router_get_consensus_status_by_id().

Referenced by connection_exit_begin_conn(), and connection_or_init_conn_from_address().

int connection_or_finished_connecting

(

or_connection_t *

or_conn

)

Connected handler for OR connections: begin the TLS handshake.

References connection_t::address, connection_proxy_connect(), connection_start_reading(), connection_tls_start_handshake(), control_event_bootstrap(), get_options(), LD_HANDSHAKE, OR_CONN_STATE_CONNECTING, OR_CONN_STATE_PROXY_HANDSHAKING, connection_t::port, connection_t::state, TO_CONN, and tor_assert.

Referenced by connection_finished_connecting(), and connection_or_connect().

int connection_or_finished_flushing

(

or_connection_t *

conn

)

Connection conn has finished writing and has no bytes left on its outbuf.

Otherwise it's in state "open": stop writing and return.

If conn is broken, mark it for close and return -1, else return 0.

References or_connection_t::_base, assert_connection_ok(), connection_stop_writing(), LD_BUG, OR_CONN_STATE_OPEN, OR_CONN_STATE_OR_HANDSHAKING, OR_CONN_STATE_PROXY_HANDSHAKING, connection_t::state, TO_CONN, tor_assert, and tor_fragile_assert.

Referenced by connection_finished_flushing().

int connection_or_flush_from_first_active_circuit	(	or_connection_t *	conn,
		int	max,
		time_t	now
	)

Pull as many cells as possible (but no more than max) from the queue of the first active circuit on conn, and write them to conn->outbuf. Return the number of cells written. Advance the active circuit pointer to the next active circuit in the ring.

References or_connection_t::active_circuit_pqueue, or_connection_t::active_circuit_pqueue_last_recalibrated, or_connection_t::active_circuits, add_cell_ewma_to_conn(), packed_cell_t::body, cell_ewma_tick_from_timeval(), cell_ewma_to_circuit(), CELL_NETWORK_SIZE, CELL_QUEUE_LOWWATER_SIZE, cell_queue_pop(), CIRCUIT_IS_ORIGIN, insertion_time_elem_t::counter, DIRREQ_CIRC_QUEUE_FLUSHED, ewma_scale_factor, insertion_time_queue_t::first, geoip_change_dirreq_state(), get_options(), cell_queue_t::head, insertion_time_elem_t::insertion_time, cell_queue_t::insertion_times, insertion_time_queue_t::last, LD_BUG, LD_GENERAL, make_circuit_inactive_on_conn(), cell_queue_t::n, circuit_t::n_conn, circuit_t::n_conn_cells, insertion_time_elem_t::next, next_circ_on_conn_p(), or_circuit_t::p_conn_cells, packed_cell_free_unchecked(), pop_first_cell_ewma_from_conn(), or_circuit_t::processed_cells, scale_active_circuits(), set_streams_blocked_on_circ(), circuit_t::streams_blocked_on_n_conn, circuit_t::streams_blocked_on_p_conn, or_connection_t::timestamp_last_added_nonpadding, TO_CONN, TO_OR_CIRCUIT(), tor_assert, and or_circuit_t::total_cell_waiting_time.

Referenced by append_cell_to_circuit_queue(), and connection_or_flushed_some().

int connection_or_flushed_some

(

or_connection_t *

conn

)

Called whenever we have flushed some data on an or_conn: add more data from active circuits.

References or_connection_t::_base, or_connection_t::active_circuits, approx_time(), buf_datalen(), CELL_NETWORK_SIZE, connection_or_flush_from_first_active_circuit(), OR_CONN_HIGHWATER, OR_CONN_LOWWATER, and connection_t::outbuf.

Referenced by connection_flushed_some().

or_connection_t* connection_or_get_for_extend	(	const char *	digest,
		const tor_addr_t *	target_addr,
		const char **	msg_out,
		int *	launch_out
	)

Return the OR connection we should use to extend a circuit to the router whose identity is digest, and whose address we believe (or have been told in an extend cell) is target_addr. If there is no good connection, set *msg_out to a message describing the connection's state and our next action, and set launch_out to a boolean for whether we should launch a new connection or not.

References or_connection_t::_base, approx_time(), CONN_TYPE_OR, connection_or_is_better(), DIGEST_LEN, digestmap_get(), or_connection_t::identity_digest, or_connection_t::is_bad_for_new_circs, or_connection_t::is_canonical, or_connection_t::link_proto, connection_t::magic, connection_t::marked_for_close, or_connection_t::next_with_same_id, OR_CONN_STATE_OPEN, orconn_identity_map, or_connection_t::real_addr, connection_t::state, tor_addr_compare(), tor_assert, and connection_t::type.

Referenced by circuit_extend(), and circuit_handle_first_hop().

int connection_or_nonopen_was_started_here

(

or_connection_t *

conn

)

Return 1 if we initiated this connection, or 0 if it started out as an incoming connection.

References or_connection_t::_base, CONN_TYPE_OR, or_connection_t::handshake_state, or_handshake_state_t::started_here, or_connection_t::tls, tor_assert, tor_tls_is_server(), and connection_t::type.

Referenced by connection_about_to_close_connection(), connection_or_set_state_open(), connection_tls_finish_handshake(), and onionskin_answer().

int connection_or_process_inbuf

(

or_connection_t *

conn

)

Handle any new bytes that have come in on connection conn. If conn is in 'open' state, hand it to connection_or_process_cells_from_inbuf() (else do nothing).

References or_connection_t::_base, connection_or_process_cells_from_inbuf(), connection_read_proxy_handshake(), connection_tls_start_handshake(), OR_CONN_STATE_OPEN, OR_CONN_STATE_OR_HANDSHAKING, OR_CONN_STATE_PROXY_HANDSHAKING, connection_t::state, TO_CONN, and tor_assert.

Referenced by connection_process_inbuf().

int connection_or_reached_eof

(

or_connection_t *

conn

)

We've received an EOF from conn. Mark it for close and return.

References LD_OR, and TO_CONN.

Referenced by connection_reached_eof().

void connection_or_remove_from_identity_map

(

or_connection_t *

conn

)

If conn is listed in orconn_identity_map, remove it, and clear conn->identity_digest. Otherwise do nothing.

References DIGEST_LEN, digestmap_get(), digestmap_remove(), digestmap_set(), or_connection_t::identity_digest, LD_BUG, or_connection_t::next_with_same_id, or_connection_t::nickname, orconn_identity_map, tor_assert, and tor_digest_is_zero().

Referenced by _connection_free(), connection_free(), connection_or_set_identity_digest(), and connection_unlink().

int connection_or_send_destroy	(	circid_t	circ_id,
		or_connection_t *	conn,
		int	reason
	)

Write a destroy cell with circ ID circ_id and reason reason onto OR connection conn. Don't perform range-checking on reason: we may want to propagate reasons from other cells.

Return 0.

References cell_t::circ_id, cell_t::command, connection_or_write_cell_to_buf(), LD_OR, cell_t::payload, and tor_assert.

Referenced by _circuit_mark_for_close(), command_process_create_cell(), and connection_edge_process_relay_cell().

int connection_or_send_netinfo

(

or_connection_t *

conn

)

Send a NETINFO cell on conn, telling the other server what we know about their address, our address, and the current time.

References or_connection_t::_base, routerinfo_t::addr, connection_t::addr, append_address_to_payload(), cell_t::command, connection_or_write_cell_to_buf(), cell_t::payload, router_get_my_routerinfo(), set_uint32(), and tor_addr_from_ipv4h.

Referenced by command_process_versions_cell().

void connection_or_set_bad_connections

(

void

)

Go through all the OR connections, and set the is_bad_for_new_circs flag on:

• all connections that are too old.
• all open non-canonical connections for which a canonical connection exists to the same router.
• all open canonical connections for which a 'better' canonical connection exists to the same router.
• all open non-canonical connections for which a 'better' non-canonical connection exists to the same router at the same address.

See connection_or_is_better() for our idea of what makes one OR connection better than another.

References connection_or_group_set_badness(), and orconn_identity_map.

Referenced by run_scheduled_events().

int connection_or_set_state_open

(

or_connection_t *

conn

)

Set conn's state to OR_CONN_STATE_OPEN, and tell other subsystems as appropriate. Called when we are done with all TLS and OR handshaking.

References or_connection_t::_base, circ_times, circuit_build_times_network_is_live(), circuit_n_conn_done(), connection_or_nonopen_was_started_here(), connection_start_reading(), control_event_or_conn_status(), entry_guard_register_connect_status(), GEOIP_CLIENT_CONNECT, geoip_note_client_seen(), or_connection_t::handshake_state, or_connection_t::identity_digest, LD_OR, OR_CONN_STATE_OPEN, or_handshake_state_free(), rep_hist_note_connect_succeeded(), router_get_by_digest(), router_set_status(), connection_t::state, TO_CONN, tor_addr_family(), and tor_addr_to_ipv4h().

Referenced by command_process_netinfo_cell(), and connection_tls_finish_handshake().

void connection_or_unlink_all_active_circs

(

or_connection_t *

orconn

)

Remove all circuits from the list of circuits with pending cells on conn.

References or_connection_t::active_circuit_pqueue, or_connection_t::active_circuits, next_circ_on_conn_p(), prev_circ_on_conn_p(), and smartlist_clear().

Referenced by circuit_unlink_all_from_or_conn().

void connection_or_write_cell_to_buf	(	const cell_t *	cell,
		or_connection_t *	conn
	)

Pack cell into wire-format, and write it onto conn's outbuf. For cells that use or affect a circuit, this should only be called by connection_or_flush_from_first_active_circuit().

References approx_time(), packed_cell_t::body, CELL_NETWORK_SIZE, cell_pack(), cell_t::command, or_connection_t::timestamp_last_added_nonpadding, TO_CONN, and tor_assert.

Referenced by connection_or_send_destroy(), connection_or_send_netinfo(), and run_connection_housekeeping().

void connection_or_write_var_cell_to_buf	(	const var_cell_t *	cell,
		or_connection_t *	conn
	)

Pack a variable-length cell into wire-format, and write it onto conn's outbuf. Right now, this DOES NOT support cells that affect a circuit.

References approx_time(), var_cell_t::command, var_cell_t::payload, var_cell_t::payload_len, or_connection_t::timestamp_last_added_nonpadding, TO_CONN, tor_assert, VAR_CELL_HEADER_SIZE, and var_cell_pack_header().

Referenced by connection_or_send_versions().

int connection_outbuf_too_full

(

connection_t *

conn

)

Are there too many bytes on edge connection conn's outbuf to send back a relay-level sendme yet? Return 1 if so, 0 if not. Used by connection_edge_consider_sending_sendme().

References CELL_PAYLOAD_SIZE, and connection_t::outbuf_flushlen.

Referenced by connection_edge_consider_sending_sendme().

int connection_proxy_connect	(	connection_t *	conn,
		int	type
	)

Write a proxy request of type (socks4, socks5, https) to conn for conn->addr:conn->port, authenticating with the auth details given in the configuration (if available). SOCKS 5 and HTTP CONNECT proxies support authentication.

Returns -1 if conn->addr is incompatible with the proxy protocol, and 0 otherwise.

Use connection_read_proxy_handshake() to complete the handshake.

References connection_t::addr, alloc_http_authenticator(), connection_proxy_state_to_string(), fmt_addr(), get_options(), or_options_t::HttpsProxyAuthenticator, LD_BUG, LD_NET, LD_OR, connection_t::port, connection_t::proxy_state, or_options_t::Socks5ProxyUsername, SOCKS_COMMAND_CONNECT, tor_addr_family(), tor_addr_to_ipv4n(), tor_assert, tor_fragile_assert, tor_free, and tor_snprintf().

Referenced by connection_or_finished_connecting().

int connection_read_proxy_handshake

(

connection_t *

conn

)

Call this from connection_*_process_inbuf() to advance the proxy handshake.

No matter what proxy protocol is used, if this function returns 1, the handshake is complete, and the data remaining on inbuf may contain the start of the communication with the requested server.

Returns 0 if the current buffer contains an incomplete response, and -1 on error.

References connection_t::address, connection_proxy_state_to_string(), connection_read_https_proxy_response(), connection_send_socks5_connect(), escaped(), fetch_from_buf_socks_client(), get_options(), connection_t::inbuf, LD_BUG, LD_NET, connection_t::port, connection_t::proxy_state, or_options_t::Socks5ProxyPassword, or_options_t::Socks5ProxyUsername, tor_assert, tor_fragile_assert, and tor_free.

Referenced by connection_or_process_inbuf().

int connection_remove

(

connection_t *

conn

)

Remove the connection from the global list, and remove the corresponding poll entry. Calling this function will shift the last connection (if any) into the position occupied by conn.

References connection_t::conn_array_index, conn_type_to_string(), connection_unregister_events(), LD_NET, connection_t::s, smartlist_del(), tor_assert, and connection_t::type.

Referenced by connection_unlink().

void connection_start_reading

(

connection_t *

conn

)

Tell the main loop to start notifying conn of any read events.

References connection_should_read_from_linked_conn(), connection_start_reading_from_linked_conn(), LD_NET, connection_t::linked, connection_t::read_event, connection_t::reading_from_linked_conn, connection_t::s, and tor_assert.

Referenced by circuit_resume_edge_reading_helper(), connection_bucket_refill(), connection_create_listener(), connection_edge_process_relay_cell(), connection_exit_connect_dir(), connection_free(), connection_init_accepted_conn(), connection_or_finished_connecting(), connection_or_set_state_open(), connection_tls_continue_handshake(), connection_tls_start_handshake(), connection_unlink(), connection_watch_events(), directory_initiate_command_rend(), set_streams_blocked_on_circ(), and spawn_cpuworker().

void connection_start_writing

(

connection_t *

conn

)

Tell the main loop to start notifying conn of any write events.

References connection_should_read_from_linked_conn(), connection_start_reading_from_linked_conn(), LD_NET, connection_t::linked, connection_t::linked_conn, connection_t::s, tor_assert, connection_t::write_event, and connection_t::writing_to_linked_conn.

Referenced by _connection_write_to_buf_impl(), connection_bucket_refill(), connection_edge_finished_connecting(), connection_read_to_buf(), connection_tls_continue_handshake(), and connection_watch_events().

int connection_state_is_connecting

(

connection_t *

conn

)

Return 1 if conn is in 'connecting' state, else return 0.

References CONN_TYPE_DIR, CONN_TYPE_EXIT, CONN_TYPE_OR, DIR_CONN_STATE_CONNECTING, EXIT_CONN_STATE_CONNECTING, connection_t::marked_for_close, OR_CONN_STATE_CONNECTING, connection_t::state, tor_assert, and connection_t::type.

Referenced by connection_handle_write_impl().

int connection_state_is_open

(

connection_t *

conn

)

Return 1 if conn is in state "open" and is not marked for close, else return 0.

References AP_CONN_STATE_OPEN, CONN_TYPE_AP, CONN_TYPE_CONTROL, CONN_TYPE_EXIT, CONN_TYPE_OR, CONTROL_CONN_STATE_OPEN, EXIT_CONN_STATE_OPEN, connection_t::marked_for_close, OR_CONN_STATE_OPEN, connection_t::state, tor_assert, and connection_t::type.

Referenced by connection_edge_process_relay_cell(), connection_edge_reached_eof(), and run_connection_housekeeping().

void connection_stop_reading

(

connection_t *

conn

)

Tell the main loop to stop notifying conn of any read events.

References connection_stop_reading_from_linked_conn(), LD_NET, connection_t::linked, connection_t::read_event, connection_t::reading_from_linked_conn, connection_t::s, and tor_assert.

Referenced by circuit_consider_stop_edge_reading(), connection_consider_empty_read_buckets(), connection_control_process_inbuf(), connection_edge_package_raw_inbuf(), connection_watch_events(), and set_streams_blocked_on_circ().

void connection_stop_reading_from_linked_conn

(

connection_t *

conn

)

Tell the main loop to stop reading bytes into conn from its linked connection, if is currently doing so. Called by connection_stop_reading, connection_stop_writing, and connection_read.

References connection_t::active_on_link, connection_t::linked, smartlist_isin(), smartlist_remove(), and tor_assert.

Referenced by connection_handle_read_impl(), connection_stop_reading(), and connection_stop_writing().

void connection_stop_writing

(

connection_t *

conn

)

Tell the main loop to stop notifying conn of any write events.

References connection_stop_reading_from_linked_conn(), LD_NET, connection_t::linked, connection_t::linked_conn, connection_t::s, tor_assert, connection_t::write_event, and connection_t::writing_to_linked_conn.

Referenced by connection_consider_empty_write_buckets(), connection_control_finished_flushing(), connection_cpu_finished_flushing(), connection_dir_finished_flushing(), connection_edge_finished_flushing(), connection_handle_write_impl(), connection_or_finished_flushing(), connection_tls_continue_handshake(), and connection_watch_events().

int connection_tls_continue_handshake

(

or_connection_t *

conn

)

Move forward with the tls handshake. If it finishes, hand conn to connection_tls_finish_handshake().

Return -1 if conn is broken, else return 0.

References or_connection_t::_base, CASE_TOR_TLS_ERROR_ANY, connection_or_tls_renegotiated_cb(), connection_start_reading(), connection_start_writing(), connection_stop_writing(), connection_tls_finish_handshake(), LD_OR, OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING, OR_CONN_STATE_TLS_HANDSHAKING, OR_CONN_STATE_TLS_SERVER_RENEGOTIATING, connection_t::state, or_connection_t::tls, TO_CONN, tor_assert, tor_tls_err_to_string(), tor_tls_handshake(), tor_tls_is_server(), tor_tls_renegotiate(), tor_tls_set_renegotiate_callback(), and tor_tls_used_v1_handshake().

Referenced by connection_handle_write_impl(), connection_read_to_buf(), and connection_tls_start_handshake().

int connection_tls_start_handshake	(	or_connection_t *	conn,
		int	receiving
	)

Begin the tls handshake with conn. receiving is 0 if we initiated the connection, else it's 1.

Assign a new tls object to conn->tls, begin reading on conn, and pass conn to connection_tls_continue_handshake().

Return -1 if conn is broken, else return 0.

References or_connection_t::_base, connection_t::address, connection_start_reading(), connection_tls_continue_handshake(), escaped_safe_str(), LD_BUG, LD_HANDSHAKE, note_crypto_pk_op(), OR_CONN_STATE_TLS_HANDSHAKING, connection_t::s, connection_t::state, or_connection_t::tls, TO_CONN, tor_tls_new(), and tor_tls_set_logged_address().

Referenced by connection_init_accepted_conn(), connection_or_finished_connecting(), and connection_or_process_inbuf().

void connection_unregister_events

(

connection_t *

conn

)

Tell libevent that we don't care about conn any more.

References connection_t::dns_server_port, dnsserv_close_listener(), LD_BUG, connection_t::read_event, connection_t::s, tor_free, and connection_t::write_event.

Referenced by connection_close_immediate(), connection_free(), and connection_remove().

int connection_wants_to_flush

(

connection_t *

conn

)

Return conn->outbuf_flushlen: how many bytes conn wants to flush from its outbuf.

References connection_t::outbuf_flushlen.

Referenced by conn_close_if_marked(), connection_edge_finished_connecting(), connection_exit_connect(), connection_handle_read_impl(), and connection_handle_write_impl().

void connection_watch_events	(	connection_t *	conn,
		watchable_events_t	events
	)

Set the event mask on conn to events. (The event mask is a bitmask whose bits are READ_EVENT and WRITE_EVENT)

References connection_start_reading(), connection_start_writing(), connection_stop_reading(), and connection_stop_writing().

Referenced by connection_edge_finished_connecting(), connection_exit_connect(), connection_or_connect(), and directory_initiate_command_rend().

int consensus_is_waiting_for_certs

(

void

)

Return 1 if we have a consensus but we don't have enough certificates to start using it yet.

References consensus_waiting_for_certs_t::consensus, and USABLE_CONSENSUS_FLAVOR.

Referenced by connection_edge_process_relay_cell_not_open().

void consider_hibernation

(

time_t

now

)

Consider our environment and decide if it's time to start/stop hibernating.

References or_options_t::AccountingMax, format_local_iso_time(), get_options(), hibernate_begin(), hibernate_end_time, hibernate_end_time_elapsed(), hibernate_go_dormant(), hibernate_hard_limit_reached(), hibernate_soft_limit_reached(), hibernate_state, HIBERNATE_STATE_DORMANT, HIBERNATE_STATE_EXITING, HIBERNATE_STATE_LIVE, HIBERNATE_STATE_LOWBANDWIDTH, interval_wakeup_time, LD_ACCT, LD_GENERAL, shutdown_time, tor_assert, and tor_cleanup().

Referenced by run_scheduled_events().

void consider_publishable_server

(

int

force

)

Initiate server descriptor upload as reasonable (if server is publishable, etc). force is as for router_upload_dir_desc_to_dirservers.

We need to rebuild the descriptor if it's dirty even if we're not uploading, because our reachability testing *uses* our descriptor to determine what IP address and ports to test.

References decide_if_publishable_server(), get_options(), router_rebuild_descriptor(), router_upload_dir_desc_to_dirservers(), server_mode(), and set_server_advertised().

Referenced by run_scheduled_events().

void consider_testing_reachability	(	int	test_or,
		int	test_dir
	)

Some time has passed, or we just got new directory information. See if we currently believe our ORPort or DirPort to be unreachable. If so, launch a new test for it.

For ORPort, we simply try making a circuit that ends at ourselves. Success is noticed in onionskin_answer().

For DirPort, we make a connection via Tor to our DirPort and ask for our own server descriptor. Success is noticed in connection_dir_client_reached_eof().

References routerinfo_t::addr, routerinfo_t::address, routerinfo_t::cache_info, check_whether_dirport_reachable(), check_whether_orport_reachable(), CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, circuit_enough_testing_circs(), circuit_launch_by_router(), CIRCUIT_PURPOSE_TESTING, CONN_TYPE_DIR, connection_get_by_type_addr_port_purpose(), routerinfo_t::dir_port, DIR_PURPOSE_FETCH_SERVERDESC, directory_initiate_command(), signed_descriptor_t::identity_digest, LD_CIRC, routerinfo_t::or_port, router_get_my_routerinfo(), ROUTER_PURPOSE_GENERAL, and tor_addr_from_ipv4h.

Referenced by circuit_send_next_onion_skin(), circuit_testing_opened(), directory_info_has_arrived(), and run_scheduled_events().

void control_adjust_event_log_severity

(

void

)

Adjust the log severities that result in control_event_logmsg being called to match the severity of log messages that any controllers are interested in.

References change_callback_log_severity(), control_event_logmsg(), EVENT_IS_INTERESTING, and event_to_log_severity().

Referenced by options_act_reversible().

control_connection_t* control_connection_new

(

int

socket_family

)

Allocate and return a new control_connection_t, initialized as by connection_init().

References CONN_TYPE_CONTROL, connection_init(), LD_CONTROL, and TO_CONN.

Referenced by connection_new().

int control_event_address_mapped	(	const char *	from,
		const char *	to,
		time_t	expires,
		const char *	error
	)

Called when an address mapping on from from changes to to. expires values less than 3 are special; see connection_edge.c. If error is non-NULL, it is an error code describing the failure mode of the mapping.

References ALL_FORMATS, EVENT_IS_INTERESTING, format_iso_time(), format_local_iso_time(), and send_control_event().

Referenced by addressmap_register(), handle_control_resolve(), and tell_controller_about_resolved_result().

int control_event_bandwidth_used	(	uint32_t	n_read,
		uint32_t	n_written
	)

A second or more has elapsed: tell any interested control connections how much bandwidth we used.

References ALL_FORMATS, EVENT_IS_INTERESTING, and send_control_event().

Referenced by second_elapsed_callback().

void control_event_bootstrap	(	bootstrap_status_t	status,
		int	progress
	)

Called when Tor has made progress at bootstrapping its directory information and initial circuits.

status is the new status, that is, what task we will be doing next. percent is zero if we just started this task, else it represents progress on the task.

References BOOTSTRAP_MSG_LEN, bootstrap_status_to_string(), control_event_client_status(), last_sent_bootstrap_message, LD_CONTROL, and tor_snprintf().

Referenced by circuit_handle_first_hop(), circuit_send_next_onion_skin(), connection_edge_process_relay_cell_not_open(), connection_or_finished_connecting(), do_main_loop(), load_downloaded_routers(), and update_router_have_minimum_dir_info().

void control_event_bootstrap_problem	(	const char *	warn,
		int	reason
	)

Called when Tor has failed to make bootstrapping progress in a way that indicates a problem. warn gives a hint as to why, and reason provides an "or_conn_end_reason" tag.

References any_bridge_descriptors_known(), any_pending_bridge_descriptor_fetches(), BOOTSTRAP_MSG_LEN, bootstrap_status_to_string(), control_event_client_status(), get_options(), last_sent_bootstrap_message, LD_CONTROL, orconn_end_reason_to_control_string(), and tor_snprintf().

Referenced by connection_about_to_close_connection(), connection_or_check_valid_tls_handshake(), and connection_or_connect_failed().

int control_event_buildtimeout_set	(	const circuit_build_times_t *	cbt,
		buildtimeout_set_event_t	type
	)

Called when we compute a new circuitbuildtimeout

References ALL_FORMATS, circuit_build_times_t::alpha, control_event_is_interesting(), send_control_event(), circuit_build_times_t::timeout_ms, circuit_build_times_t::total_build_times, and circuit_build_times_t::Xm.

Referenced by circuit_build_times_init(), circuit_build_times_network_check_changed(), circuit_build_times_network_check_live(), and circuit_build_times_set_timeout().

int control_event_circuit_status	(	origin_circuit_t *	circ,
		circuit_status_event_t	tp,
		int	reason_code
	)

Something has happened to circuit circ: tell any interested control connections.

References origin_circuit_t::_base, ALL_FORMATS, circuit_end_reason_to_control_string(), circuit_list_path_for_controller(), circuit_purpose_to_controller_string(), END_CIRC_REASON_FLAG_REMOTE, EVENT_IS_INTERESTING, origin_circuit_t::global_identifier, LD_BUG, circuit_t::purpose, send_control_event(), tor_assert, tor_free, and tor_snprintf().

Referenced by _circuit_mark_for_close(), circuit_establish_circuit(), circuit_finish_handshake(), circuit_has_opened(), and handle_control_extendcircuit().

void control_event_clients_seen

(

const char *

controller_str

)

We just generated a new summary of which countries we've seen clients from recently. Send a copy to the controller in case it wants to display it for the user.

References send_control_event().

Referenced by geoip_bridge_stats_write().

int control_event_descriptors_changed

(

smartlist_t *

routers

)

Called whenever we receive new router descriptors: tell any interested control connections. routers is a list of routerinfo_t's.

References ALL_FORMATS, EVENT_IS_INTERESTING, MAX_VERBOSE_NICKNAME_LEN, router_get_verbose_nickname(), send_control_event_string(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_free, and tor_snprintf().

Referenced by dirserv_add_descriptor(), and routerlist_descriptors_added().

int int int int control_event_guard	(	const char *	nickname,
		const char *	digest,
		const char *	status
	)

Called when the status of an entry guard with the given nickname and identity digest has changed to status: tells any controllers that care.

References ALL_FORMATS, base16_encode(), DIGEST_LEN, EVENT_IS_INTERESTING, HEX_DIGEST_LEN, MAX_VERBOSE_NICKNAME_LEN, router_get_by_digest(), router_get_verbose_nickname(), send_control_event(), and tor_snprintf().

Referenced by add_an_entry_guard(), control_event_guard_deferred(), entry_guard_set_status(), remove_dead_entry_guards(), and remove_obsolete_entry_guards().

int control_event_is_interesting

(

int

event

)

Return true iff the event with code c is being sent to any current control connection. This is useful if the amount of work needed to prepare to call the appropriate control_event_...() function is high.

References EVENT_IS_INTERESTING.

Referenced by control_event_buildtimeout_set(), control_event_newconsensus(), and notify_control_networkstatus_changed().

int control_event_my_descriptor_changed

(

void

)

Our own router descriptor has changed; tell any controllers that care.

References ALL_FORMATS, and send_control_event().

Referenced by router_rebuild_descriptor().

int control_event_networkstatus_changed

(

smartlist_t *

statuses

)

Called when the routerstatus_ts statuses have changed: sends an NS event to any controller that cares.

References control_event_networkstatus_changed_helper().

Referenced by control_event_networkstatus_changed_single(), and notify_control_networkstatus_changed().

int control_event_networkstatus_changed_single

(

routerstatus_t *

rs

)

Called when a single local_routerstatus_t has changed: Sends an NS event to any controller that cares.

References control_event_networkstatus_changed(), EVENT_IS_INTERESTING, smartlist_add(), smartlist_create(), and smartlist_free().

Referenced by router_set_status().

int control_event_newconsensus

(

const networkstatus_t *

consensus

)

Called when we get a new consensus networkstatus. Sends a NEWCONSENSUS event consisting of an NS-style line for each relay in the consensus.

References control_event_is_interesting(), control_event_networkstatus_changed_helper(), and networkstatus_t::routerstatus_list.

Referenced by notify_control_networkstatus_changed().

int control_event_or_authdir_new_descriptor	(	const char *	action,
		const char *	desc,
		size_t	desclen,
		const char *	msg
	)

The authoritative dirserver has received a new descriptor that has passed basic syntax checks and is properly self-signed.

Notify any interested party of the new descriptor and what has been done with it, and also optionally give an explanation/reason.

References ALL_FORMATS, EVENT_IS_INTERESTING, send_control_event_string(), tor_free, tor_snprintf(), and write_escaped_data().

Referenced by dirserv_add_descriptor().

int control_event_or_conn_status	(	or_connection_t *	conn,
		or_conn_status_event_t	tp,
		int	reason
	)

Called when the status of an OR connection conn changes: tell any interested control connections. tp is the new status for the connection. If conn has just closed or failed, then reason may be the reason why.

References ALL_FORMATS, circuit_count_pending_on_or_conn(), EVENT_IS_INTERESTING, LD_BUG, or_connection_t::n_circuits, orconn_end_reason_to_control_string(), orconn_target_get_name(), send_control_event(), and tor_snprintf().

Referenced by connection_about_to_close_connection(), connection_init_accepted_conn(), connection_or_check_valid_tls_handshake(), connection_or_connect(), connection_or_connect_failed(), and connection_or_set_state_open().

int control_event_stream_bandwidth

(

edge_connection_t *

edge_conn

)

Print out STREAM_BW event for a single conn

References edge_connection_t::_base, ALL_FORMATS, EVENT_IS_INTERESTING, connection_t::global_identifier, edge_connection_t::n_read, edge_connection_t::n_written, and send_control_event().

Referenced by connection_about_to_close_connection(), and connection_edge_destroy().

int control_event_stream_bandwidth_used

(

void

)

A second or more has elapsed: tell any interested control connections how much bandwidth streams have used.

References edge_connection_t::_base, ALL_FORMATS, CONN_TYPE_AP, EVENT_IS_INTERESTING, get_connection_array(), connection_t::global_identifier, edge_connection_t::n_read, edge_connection_t::n_written, send_control_event(), and TO_EDGE_CONN().

Referenced by second_elapsed_callback().

int control_event_stream_status	(	edge_connection_t *	conn,
		stream_status_event_t	tp,
		int	reason_code
	)

Something has happened to the stream associated with AP connection conn: tell any interested control connections.

References edge_connection_t::_base, ALL_FORMATS, circuit_get_by_edge_conn(), CIRCUIT_IS_ORIGIN, socks_request_t::command, CONN_TYPE_DIR, DIR_PURPOSE_IS_UPLOAD, END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED, END_STREAM_REASON_FLAG_REMOTE, EVENT_IS_INTERESTING, origin_circuit_t::global_identifier, connection_t::global_identifier, edge_connection_t::is_dns_request, LD_BUG, connection_t::purpose, REMAP_STREAM_SOURCE_CACHE, REMAP_STREAM_SOURCE_EXIT, send_control_event(), edge_connection_t::socks_request, stream_end_reason_to_control_string(), TO_CONN, TO_ORIGIN_CIRCUIT(), tor_assert, tor_free, tor_snprintf(), connection_t::type, edge_connection_t::use_begindir, and write_stream_target_to_buf().

Referenced by connection_about_to_close_connection(), connection_ap_detach_retriable(), connection_ap_handshake_process_socks(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_ap_handshake_socks_reply(), connection_ap_make_link(), connection_ap_process_end_not_open(), connection_ap_process_natd(), connection_ap_process_transparent(), connection_edge_destroy(), evdns_server_callback(), and remap_event_helper().

void control_signal_act

(

int

the_signal

)

Used to implement the SIGNAL control command: if we accept the_signal as a remote pseudo-signal, act on it.

References LD_BUG, and signal_callback().

Referenced by handle_control_signal().

void control_update_global_event_mask

(

void

)

Set global_event_mask* to the bitwise OR of each live control connection's event_mask field.

References CONN_TYPE_CONTROL, get_connection_array(), global_event_mask, STATE_IS_OPEN, and TO_CONTROL_CONN().

Referenced by connection_free(), connection_free_all(), and handle_control_setevents().

int count_loading_descriptors_progress

(

void

)

We just fetched a new set of descriptors. Compute how far through the "loading descriptors" bootstrapping phase we are, so we can inform the controller of our progress.

References count_usable_descriptors(), get_options(), and networkstatus_get_reasonably_live_consensus().

Referenced by connection_edge_process_relay_cell_not_open(), and load_downloaded_routers().

void cpu_init

(

void

)

Initialize the cpuworker subsystem.

References cpuworkers_rotate().

Referenced by do_main_loop().

void cpuworkers_rotate

(

void

)

Called when the onion key has changed and we need to spawn new cpuworkers. Close all currently idle cpuworkers, and mark the last rotation time as now.

References CONN_TYPE_CPUWORKER, connection_get_by_type_state(), CPUWORKER_STATE_IDLE, get_options(), last_rotation_time, num_cpuworkers, server_mode(), and spawn_enough_cpuworkers().

Referenced by cpu_init(), do_hup(), options_act(), and run_scheduled_events().

const char* decode_address_from_payload	(	tor_addr_t *	addr_out,
		const char *	payload,
		int	payload_len
	)

Given payload_len bytes at payload, starting with an address encoded as by append_address_to_payload(), try to decode the address into *addr_out. Return the next byte in the payload after the address on success, or NULL on failure.

References get_uint32(), tor_addr_from_ipv4n(), tor_addr_from_ipv6_bytes(), and tor_addr_make_unspec().

Referenced by command_process_netinfo_cell().

smartlist_t* decode_hashed_passwords

(

config_line_t *

passwords

)

Decode the hashed, base64'd passwords stored in passwords. Return a smartlist of acceptable passwords (unterminated strings of length S2K_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on failure.

References base16_decode(), base64_decode(), DIGEST_LEN, config_line_t::next, S2K_SPECIFIER_LEN, smartlist_add(), smartlist_create(), smartlist_free(), strcmpstart(), tor_assert, tor_free, and config_line_t::value.

Referenced by handle_control_authenticate().

dir_connection_t* dir_connection_new

(

int

socket_family

)

Allocate and return a new dir_connection_t, initialized as by connection_init().

References CONN_TYPE_DIR, connection_init(), and TO_CONN.

Referenced by connection_exit_connect_dir(), connection_new(), and directory_initiate_command_rend().

int dir_policy_permits_address

(

const tor_addr_t *

addr

)

Return 1 if addr is permitted to connect to our dir port, based on dir_policy. Else return 0.

References addr_policy_permits_tor_addr().

Referenced by connection_handle_listener_read().

int dir_split_resource_into_fingerprint_pairs	(	const char *	res,
		smartlist_t *	pairs_out
	)

Divide a string res of the form FP1-FP2+FP3-FP4...[.z], where each FP is a hex-encoded fingerprint, into a sequence of distinct sorted fp_pair_t. Skip malformed pairs. On success, return 0 and add those fp_pair_t into pairs_out. On failure, return -1.

References _compare_pairs(), _tor_free(), base16_decode(), DIGEST_LEN, escaped(), fp_pair_t::first, HEX_DIGEST_LEN, LD_DIR, fp_pair_t::second, smartlist_add(), smartlist_add_all(), smartlist_create(), smartlist_free(), smartlist_sort(), smartlist_split_string(), smartlist_uniq(), and tor_free.

Referenced by directory_handle_command_get().

int dir_split_resource_into_fingerprints	(	const char *	resource,
		smartlist_t *	fp_out,
		int *	compressed_out,
		int	flags
	)

Given a directory resource request, containing zero or more strings separated by plus signs, followed optionally by ".z", store the strings, in order, into fp_out. If compressed_out is non-NULL, set it to 1 if the resource ends in ".z", else set it to 0.

If (flags & DSR_HEX), then delete all elements that aren't hex digests, and decode the rest. If (flags & DSR_BASE64), then use "-" rather than "+" as a separator, delete all the elements that aren't base64-encoded digests, and decode the rest. If (flags & DSR_DIGEST256), these digests should be 256 bits long; else they should be 160.

If (flags & DSR_SORT_UNIQ), then sort the list and remove all duplicates.

References base16_decode(), base64_decode(), BASE64_DIGEST256_LEN, BASE64_DIGEST_LEN, DIGEST256_LEN, DIGEST_LEN, escaped(), HEX_DIGEST256_LEN, HEX_DIGEST_LEN, LD_DIR, smartlist_add_all(), smartlist_create(), smartlist_del_keeporder(), smartlist_free(), smartlist_sort_digests(), smartlist_sort_digests256(), smartlist_sort_strings(), smartlist_split_string(), smartlist_uniq_digests(), smartlist_uniq_digests256(), smartlist_uniq_strings(), tor_assert, and tor_free.

Referenced by client_likes_consensus(), connection_dir_client_reached_eof(), connection_dir_download_cert_failed(), connection_dir_download_networkstatus_failed(), directory_handle_command_get(), dirserv_get_networkstatus_v2_fingerprints(), dirserv_get_routerdesc_fingerprints(), dirserv_get_routerdescs(), and list_pending_downloads().

int directories_have_accepted_server_descriptor

(

void

)

Return true iff any trusted directory authority has accepted our server descriptor.

We consider any authority sufficient because waiting for all of them means it never happens while any authority is down; we don't go for something more complex in the middle (like >1/3 or >1/2 or >=1/2) because that doesn't seem necessary yet.

References or_options_t::_PublishServerDescriptor, get_options(), and router_get_trusted_dir_servers().

Referenced by connection_dir_client_reached_eof(), and getinfo_helper_events().

void directory_all_unreachable

(

time_t

now

)

We've just tried every dirserver we know about, and none of them were reachable. Assume the network is down. Change state so next time an application connection arrives we'll delay it and try another directory fetch. Kill off all the circuit_wait streams that are waiting now, since they will all timeout anyway.

References socks_request_t::address, AP_CONN_STATE_CIRCUIT_WAIT, CONN_TYPE_AP, connection_get_by_type_state(), control_event_general_status(), END_STREAM_REASON_NET_UNREACHABLE, LD_NET, socks_request_t::port, safe_str_client(), edge_connection_t::socks_request, stats_n_seconds_working, and TO_EDGE_CONN().

Referenced by directory_get_from_dirserver().

int directory_caches_dir_info

(

or_options_t *

options

)

Return 1 if we want to keep descriptors, networkstatuses, etc around and we're willing to serve them to others. Else return 0.

References advertised_server_mode(), or_options_t::BridgeRelay, or_options_t::DirPort, or_options_t::RefuseUnknownExits, and server_mode().

Referenced by authority_certs_fetch_missing(), directory_too_idle_to_fetch_descriptors(), networkstatus_set_current_consensus(), routerlist_remove_old_cached_routers_with_id(), routerlist_remove_old_routers(), signed_desc_digest_is_recognized(), and trusted_dirs_load_certs_from_string().

int directory_caches_v2_dir_info

(

or_options_t *

options

)

Return 1 if we want to cache v2 dir info (each status file).

References or_options_t::DirPort.

Referenced by add_networkstatus_to_cache(), networkstatus_v2_list_clean(), options_act_reversible(), router_reload_v2_networkstatus(), and router_set_networkstatus_v2().

int directory_fetches_dir_info_early

(

or_options_t *

options

)

Return 1 if we should fetch new networkstatuses, descriptors, etc on the "mirror" schedule rather than the "client" schedule.

References directory_fetches_from_authorities().

Referenced by launch_router_descriptor_downloads(), options_act(), update_consensus_networkstatus_fetch_time(), update_networkstatus_downloads(), update_router_descriptor_cache_downloads_v2(), and update_router_descriptor_downloads().

int directory_fetches_dir_info_later

(

or_options_t *

options

)

Return 1 if we should fetch new networkstatuses, descriptors, etc on a very passive schedule -- waiting long enough for ordinary clients to probably have the info we want. These would include bridge users, and maybe others in the future e.g. if a Tor client uses another Tor client as a directory guard.

References or_options_t::UseBridges.

Referenced by options_act(), and update_consensus_networkstatus_fetch_time().

int directory_fetches_from_authorities

(

or_options_t *

options

)

Return 1 if we fetch our directory material directly from the authorities, rather than from a mirror.

References advertised_server_mode(), or_options_t::BridgeRelay, routerinfo_t::dir_port, or_options_t::DirPort, or_options_t::FetchDirInfoEarly, or_options_t::RefuseUnknownExits, router_get_my_routerinfo(), router_pick_published_address(), and server_mode().

Referenced by dir_routerdesc_download_failed(), directory_command_should_use_begindir(), directory_fetches_dir_info_early(), directory_get_from_dirserver(), and directory_info_has_arrived().

void directory_get_from_all_authorities	(	uint8_t	dir_purpose,
		uint8_t	router_purpose,
		const char *	resource
	)

As directory_get_from_dirserver, but initiates a request to every directory authority other than ourself. Only for use by authorities when searching for missing information while voting.

References DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, DIR_PURPOSE_FETCH_STATUS_VOTE, directory_initiate_command_routerstatus(), router_digest_is_me(), router_get_trusted_dir_servers(), tor_assert, and V3_AUTHORITY.

Referenced by dirvote_fetch_missing_signatures().

void directory_get_from_dirserver	(	uint8_t	dir_purpose,
		uint8_t	router_purpose,
		const char *	resource,
		int	pds_flags
	)

Start a connection to a random running directory server, using connection purpose dir_purpose, intending to fetch descriptors of purpose router_purpose, and requesting resource. Use pds_flags as arguments to router_pick_directory_server() or router_pick_trusteddirserver().

References routerinfo_t::addr, routerinfo_t::address, BRIDGE_AUTHORITY, routerinfo_t::cache_info, choose_random_entry(), dir_conn_purpose_to_string(), DIR_PURPOSE_FETCH_CERTIFICATE, DIR_PURPOSE_FETCH_CONSENSUS, DIR_PURPOSE_FETCH_DETACHED_SIGNATURES, DIR_PURPOSE_FETCH_EXTRAINFO, DIR_PURPOSE_FETCH_RENDDESC, DIR_PURPOSE_FETCH_SERVERDESC, DIR_PURPOSE_FETCH_STATUS_VOTE, DIR_PURPOSE_FETCH_V2_NETWORKSTATUS, directory_all_unreachable(), directory_fetches_from_authorities(), directory_initiate_command(), directory_initiate_command_routerstatus(), EXTRAINFO_CACHE, or_options_t::FetchServerDescriptors, get_options(), HIDSERV_AUTHORITY, signed_descriptor_t::identity_digest, LD_BUG, LD_DIR, networkstatus_get_latest_consensus(), routerinfo_t::or_port, PDS_ALLOW_SELF, PDS_IGNORE_FASCISTFIREWALL, PDS_NO_EXISTING_SERVERDESC_FETCH, purpose_needs_anonymity(), router_pick_directory_server(), router_pick_trusteddirserver(), ROUTER_PURPOSE_BRIDGE, tor_addr_from_ipv4h, or_options_t::UseBridges, V2_AUTHORITY, V3_AUTHORITY, and networkstatus_t::valid_after.

Referenced by connection_dir_download_networkstatus_failed(), fetch_bridge_descriptors(), initiate_descriptor_downloads(), update_consensus_networkstatus_downloads(), update_router_descriptor_downloads(), and update_v2_networkstatus_cache_downloads().

void directory_info_has_arrived	(	time_t	now,
		int	from_cache
	)

This function is called whenever we successfully pull down some new network statuses or server descriptors.

References any_predicted_circuits(), consider_testing_reachability(), directory_fetches_from_authorities(), directory_too_idle_to_fetch_descriptors(), or_options_t::DownloadExtraInfo, entry_guards_compute_status(), get_dir_info_status_string(), get_options(), has_completed_circuit, LD_DIR, router_have_minimum_dir_info(), server_mode(), update_extrainfo_downloads(), update_router_descriptor_downloads(), and we_are_hibernating().

Referenced by connection_dir_client_reached_eof(), and do_main_loop().

void directory_initiate_command	(	const char *	address,
		const tor_addr_t *	_addr,
		uint16_t	or_port,
		uint16_t	dir_port,
		int	supports_conditional_consensus,
		int	supports_begindir,
		const char *	digest,
		uint8_t	dir_purpose,
		uint8_t	router_purpose,
		int	anonymized_connection,
		const char *	resource,
		const char *	payload,
		size_t	payload_len,
		time_t	if_modified_since
	)

Helper for directory_initiate_command_routerstatus: send the command to a server whose address is address, whose IP is addr, whose directory port is dir_port, whose tor version supports_begindir, and whose identity key digest is digest.

References directory_initiate_command_rend().

Referenced by consider_testing_reachability(), directory_get_from_dirserver(), and launch_direct_bridge_descriptor_fetch().

void directory_initiate_command_routerstatus	(	routerstatus_t *	status,
		uint8_t	dir_purpose,
		uint8_t	router_purpose,
		int	anonymized_connection,
		const char *	resource,
		const char *	payload,
		size_t	payload_len,
		time_t	if_modified_since
	)

Launch a new connection to the directory server status to upload or download a server or rendezvous descriptor. dir_purpose determines what kind of directory connection we're launching, and must be one of DIR_PURPOSE_{FETCH|UPLOAD}_{DIR|RENDDESC|RENDDESC_V2}. router_purpose specifies the descriptor purposes we have in mind (currently only used for FETCH_DIR).

When uploading, payload and payload_len determine the content of the HTTP post. Otherwise, payload should be NULL.

When fetching a rendezvous descriptor, resource is the service ID we want to fetch.

References directory_initiate_command_routerstatus_rend().

Referenced by directory_get_from_all_authorities(), directory_get_from_dirserver(), directory_post_to_dirservers(), directory_post_to_hs_dir(), initiate_descriptor_downloads(), and update_v2_networkstatus_cache_downloads().

void directory_initiate_command_routerstatus_rend	(	routerstatus_t *	status,
		uint8_t	dir_purpose,
		uint8_t	router_purpose,
		int	anonymized_connection,
		const char *	resource,
		const char *	payload,
		size_t	payload_len,
		time_t	if_modified_since,
		const rend_data_t *	rend_query
	)

Same as directory_initiate_command_routerstatus(), but accepts rendezvous data to fetch a hidden service descriptor.

References routerstatus_t::addr, routerinfo_t::address, routerstatus_t::dir_port, directory_initiate_command_rend(), routerstatus_t::identity_digest, INET_NTOA_BUF_LEN, LD_DIR, routerstatus_t::nickname, routerstatus_t::or_port, router_get_by_digest(), tor_addr_from_ipv4h, tor_inet_ntoa(), routerstatus_t::version_supports_begindir, and routerstatus_t::version_supports_conditional_consensus.

Referenced by directory_get_from_hs_dir(), and directory_initiate_command_routerstatus().

int directory_permits_begindir_requests

(

or_options_t *

options

)

Return 1 if we want to allow remote people to ask us directory requests via the "begin_dir" interface, which doesn't require having any separate port open.

References or_options_t::BridgeRelay, and or_options_t::DirPort.

Referenced by connection_exit_begin_conn().

int directory_permits_controller_requests

(

or_options_t *

options

)

Return 1 if we want to allow controllers to ask us directory requests via the controller interface, which doesn't require having any separate port open.

References or_options_t::DirPort.

void directory_post_to_dirservers	(	uint8_t	dir_purpose,
		uint8_t	router_purpose,
		authority_type_t	type,
		const char *	payload,
		size_t	payload_len,
		size_t	extrainfo_len
	)

Start a connection to every suitable directory authority, using connection purpose 'purpose' and uploading the payload 'payload' (length 'payload_len'). dir_purpose should be one of 'DIR_PURPOSE_UPLOAD_DIR' or 'DIR_PURPOSE_UPLOAD_RENDDESC'.

type specifies what sort of dir authorities (V1, V2, HIDSERV, BRIDGE) we should upload to.

If extrainfo_len is nonzero, the first payload_len bytes of payload hold a router descriptor, and the next extrainfo_len bytes of payload hold an extra-info document. Upload the descriptor to all authorities, and the extra-info document to all authorities that support it.

References tor_addr_t::addr, authority_type_to_string(), DIR_PURPOSE_UPLOAD_DIR, directory_initiate_command_routerstatus(), fascist_firewall_allows_address_dir(), LD_DIR, purpose_needs_anonymity(), router_get_trusted_dir_servers(), router_supports_extrainfo(), tor_addr_from_ipv4h, tor_assert, and tor_free.

Referenced by dirvote_compute_consensuses(), dirvote_perform_vote(), and router_upload_dir_desc_to_dirservers().

void directory_set_dirty

(

void

)

Mark the directory as dirty -- when we're next asked for a directory, we will rebuild it instead of reusing the most recently generated one.

References cached_dir_t::dir, cached_dir_t::published, runningrouters_is_dirty, the_directory_is_dirty, and the_v2_networkstatus_is_dirty.

Referenced by connection_tls_finish_handshake(), directory_remove_invalid(), and router_add_to_routerlist().

int directory_too_idle_to_fetch_descriptors	(	or_options_t *	options,
		time_t	now
	)

Return 1 if we have no need to fetch new descriptors. This generally happens when we're not a dir cache and we haven't built any circuits lately.

References directory_caches_dir_info(), or_options_t::FetchUselessDescriptors, and rep_hist_circbuilding_dormant().

Referenced by directory_info_has_arrived(), update_consensus_router_descriptor_downloads(), and update_router_have_minimum_dir_info().

enum was_router_added_t dirserv_add_descriptor	(	routerinfo_t *	ri,
		const char **	msg,
		const char *	source
	)

Examine the parsed server descriptor in ri and maybe insert it into the list of server descriptors. Set *msg to a message that should be passed back to the origin of this descriptor, or NULL if there is no such message. Use source to produce better log messages.

Return the status of the operation

This function is only called when fresh descriptors are posted, not when we re-load the cache.

References routerinfo_t::cache_info, control_event_descriptors_changed(), control_event_or_authdir_new_descriptor(), signed_descriptor_t::identity_digest, routerinfo_t::is_valid, LD_DIR, LD_DIRSERV, MAX_DESCRIPTOR_UPLOAD_SIZE, routerinfo_t::nickname, signed_descriptor_t::published_on, router_add_to_routerlist(), router_differences_are_cosmetic(), router_get_by_digest(), router_is_me(), routerinfo_free(), signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_create(), smartlist_free(), tor_free, WRA_WAS_ADDED(), and WRA_WAS_REJECTED().

Referenced by dirserv_add_multiple_descriptors(), and init_keys().

enum was_router_added_t dirserv_add_multiple_descriptors	(	const char *	desc,
		uint8_t	purpose,
		const char *	source,
		const char **	msg
	)

As for dirserv_add_descriptor(), but accepts multiple documents, and returns the most severe error that occurred for any one of them.

References dirserv_add_descriptor(), dirserv_add_extrainfo(), escaped(), format_iso_time(), ROUTER_ANNOTATION_BUF_LEN, router_parse_list_from_string(), ROUTER_PURPOSE_GENERAL, router_purpose_to_string(), SAVED_NOWHERE, smartlist_clear(), smartlist_create(), smartlist_free(), tor_assert, tor_snprintf(), WRA_MORE_SEVERE(), and WRA_WAS_ADDED().

Referenced by directory_handle_command_post().

int dirserv_add_own_fingerprint	(	const char *	nickname,
		crypto_pk_env_t *	pk
	)

Add the nickname and fingerprint for this OR to the global list of recognized identity key fingerprints.

References add_fingerprint_to_dir(), authdir_config_new(), crypto_pk_get_fingerprint(), FINGERPRINT_LEN, and LD_BUG.

Referenced by init_keys().

void dirserv_clear_old_networkstatuses

(

time_t

cutoff

)

Remove any v2 networkstatus from the directory cache that was published before cutoff.

References cached_dir_decref(), cached_v2_networkstatus, file_status(), LD_DIR, networkstatus_get_cache_filename(), and tor_free.

Referenced by networkstatus_v2_list_clean().

void dirserv_clear_old_v1_info

(

time_t

now

)

Remove any v1 info from the directory cache that was published too long ago.

References cached_dir_decref(), clear_cached_dir(), MAX_V1_DIRECTORY_AGE, MAX_V1_RR_AGE, and cached_dir_t::published.

Referenced by networkstatus_v2_list_clean().

int dirserv_dump_directory_to_string	(	char **	dir_out,
		crypto_pk_env_t *	private_key
	)

Generate a new v1 directory and write it into a newly allocated string. Point *dir_out to the allocated string. Sign the directory with private_key. Return 0 on success, -1 on failure. If complete is set, give us all the descriptors; otherwise leave out non-running and non-valid ones.

References crypto_pk_write_public_key_to_string(), DIGEST_LEN, format_iso_time(), format_versions_list(), get_options(), LD_BUG, note_crypto_pk_op(), router_append_dirobj_signature(), router_get_dir_hash(), tor_assert, tor_free, and tor_snprintf().

Referenced by dirserv_regenerate_directory().

size_t dirserv_estimate_data_size	(	smartlist_t *	fps,
		int	is_serverdescs,
		int	compressed
	)

Return an approximate estimate of the number of bytes that will be needed to transmit the server descriptors (if is_serverdescs -- they can be either d/ or fp/ queries) or networkstatus objects (if !is_serverdescs) listed in fps. If compressed is set, we guess how large the data will be after compression.

The return value is an estimate; it might be larger or smaller.

References routerinfo_t::cache_info, cached_dir_t::dir_len, cached_dir_t::dir_z_len, lookup_cached_dir_by_fp(), router_get_my_routerinfo(), signed_descriptor_t::signed_descriptor_len, and tor_assert.

Referenced by directory_handle_command_get().

size_t dirserv_estimate_microdesc_size	(	const smartlist_t *	fps,
		int	compressed
	)

Given a list of microdescriptor hashes, guess how many bytes will be needed to transmit them, and return the guess.

Referenced by directory_handle_command_get().

void dirserv_free_all

(

void

)

Release all storage used by the directory server.

References _free_cached_dir(), cached_consensuses, cached_dir_decref(), cached_v2_networkstatus, clear_cached_dir(), digestmap_free(), dirserv_free_fingerprint_list(), and strmap_free().

Referenced by tor_free_all().

void dirserv_free_fingerprint_list

(

void

)

Clear the current fingerprint list.

References _tor_free(), digestmap_free(), authdir_config_t::fp_by_name, authdir_config_t::status_by_digest, strmap_free(), and tor_free.

Referenced by dirserv_free_all(), and dirserv_load_fingerprint_file().

networkstatus_t* dirserv_generate_networkstatus_vote_obj	(	crypto_pk_env_t *	private_key,
		authority_cert_t *	cert
	)

Return a new networkstatus_t* containing our current opinion. (For v3 authorities)

References or_options_t::AuthDirListBadDirs, or_options_t::AuthDirListBadExits, or_options_t::ContactInfo, crypto_pk_get_digest(), DIGEST_LEN, dirserv_set_router_is_running(), format_versions_list(), get_options(), authority_cert_t::identity_key, LD_BUG, LD_NET, or_options_t::NamingAuthoritativeDir, or_options_t::RecommendedClientVersions, or_options_t::RecommendedServerVersions, resolve_my_address(), router_get_routerlist(), ROUTER_MAX_AGE_TO_PUBLISH, routerlist_t::routers, tor_assert, tor_dup_ip(), tor_free, and or_options_t::VersioningAuthoritativeDir.

Referenced by dirvote_perform_vote().

cached_dir_t* dirserv_get_consensus

(

const char *

flavor_name

)

Return the latest downloaded consensus networkstatus in encoded, signed, optionally compressed format, suitable for sending to clients.

References cached_consensuses, and strmap_get().

Referenced by networkstatus_set_current_consensus().

cached_dir_t* dirserv_get_directory

(

void

)

Return the most recently generated encoded signed v1 directory, generating a new one as necessary. If not a v1 authoritative directory may return NULL if no directory is yet cached.

References dirserv_pick_cached_dir_obj(), dirserv_regenerate_directory(), the_directory_is_dirty, and V1_AUTHORITY.

Referenced by directory_handle_command_get(), and directory_handle_command_post().

void dirserv_get_networkstatus_v2	(	smartlist_t *	result,
		const char *	key
	)

Look for a network status object as specified by key, which should be either "authority" (to find a network status generated by us), a hex identity digest (to find a network status generated by given directory), or "all" (to return all the v2 network status objects we have).

References base16_encode(), cached_v2_networkstatus, DIGEST_LEN, digestmap_get(), digestmap_new(), dirserv_get_networkstatus_v2_fingerprints(), generate_v2_networkstatus_opinion(), HEX_DIGEST_LEN, LD_DIRSERV, router_digest_is_me(), should_generate_v2_networkstatus(), smartlist_add(), smartlist_create(), smartlist_free(), tor_assert, and tor_free.

void dirserv_get_networkstatus_v2_fingerprints	(	smartlist_t *	result,
		const char *	key
	)

Given the portion of a networkstatus request URL after "tor/status/" in key, append to result the digests of the identity keys of the networkstatus objects that the client has requested.

References authdir_mode_v2(), routerinfo_t::cache_info, cached_v2_networkstatus, DIGEST_LEN, digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), digestmap_new(), digestmap_size(), dir_split_resource_into_fingerprints(), generate_v2_networkstatus_opinion(), get_options(), signed_descriptor_t::identity_digest, LD_DIRSERV, router_get_my_routerinfo(), router_get_trusted_dir_servers(), should_generate_v2_networkstatus(), smartlist_add(), smartlist_sort_digests(), strcmpstart(), tor_assert, and V2_AUTHORITY.

Referenced by directory_handle_command_get(), and dirserv_get_networkstatus_v2().

const char* dirserv_get_nickname_by_digest

(

const char *

digest

)

If we are an authoritative dirserver, and the list of approved servers contains one whose identity key digest is digest, return that router's nickname. Otherwise return NULL.

References digestmap_get(), router_status_t::nickname, authdir_config_t::status_by_digest, and tor_assert.

Referenced by connection_or_init_conn_from_address().

int dirserv_get_routerdesc_fingerprints	(	smartlist_t *	fps_out,
		const char *	key,
		const char **	msg,
		int	for_unencrypted_conn,
		int	is_extrainfo
	)

As dirserv_get_routerdescs(), but instead of getting signed_descriptor_t pointers, adds copies of digests to fps_out, and doesn't use the /tor/server/ prefix. For a /d/ request, adds descriptor digests; for other requests, adds identity digests.

References routerinfo_t::cache_info, DIGEST_LEN, dir_split_resource_into_fingerprints(), extrainfo_get_by_descriptor_digest(), get_signed_descriptor_by_fp(), signed_descriptor_t::identity_digest, router_get_by_descriptor_digest(), router_get_my_routerinfo(), router_get_routerlist(), routerlist_t::routers, signed_descriptor_t::send_unencrypted, smartlist_add(), strcmpstart(), and tor_free.

Referenced by directory_handle_command_get().

int dirserv_get_routerdescs	(	smartlist_t *	descs_out,
		const char *	key,
		const char **	msg
	)

Add a signed_descriptor_t to descs_out for each router matching key. The key should be either

• "/tor/server/authority" for our own routerinfo;
• "/tor/server/all" for all the routerinfos we have, concatenated;
• "/tor/server/fp/FP" where FP is a plus-separated sequence of hex identity digests; or
• "/tor/server/d/D" where D is a plus-separated sequence of server descriptor digests, in hex.

Return 0 if we found some matching descriptors, or -1 if we do not have any descriptors, no matching descriptors, or if we did not recognize the key (URL). If -1 is returned *msg will be set to an appropriate error message.

XXXX rename this function. It's only called from the controller. XXXX in fact, refactor this function, merging as much as possible.

References routerinfo_t::cache_info, dir_split_resource_into_fingerprints(), signed_descriptor_t::published_on, router_digest_is_me(), router_get_by_descriptor_digest(), router_get_by_digest(), router_get_my_routerinfo(), router_get_routerlist(), ROUTER_MAX_AGE_TO_PUBLISH, routerlist_t::routers, smartlist_add(), smartlist_create(), smartlist_free(), strcmpstart(), and tor_free.

cached_dir_t* dirserv_get_runningrouters

(

void

)

Set *rr to the most recently generated encoded signed running-routers list, generating a new one as necessary. Return the size of the directory on success, and 0 on failure.

References dirserv_pick_cached_dir_obj(), generate_runningrouters(), runningrouters_is_dirty, and V1_AUTHORITY.

Referenced by directory_handle_command_get().

int dirserv_have_any_microdesc

(

const smartlist_t *

fps

)

Return true iff any of the 256-bit elements in fps is the digest of a microdescriptor we have.

Referenced by directory_handle_command_get().

int dirserv_have_any_serverdesc	(	smartlist_t *	fps,
		int	spool_src
	)

Return true iff we have any of the documents (extrainfo or routerdesc) specified by the fingerprints in fps and spool_src. Used to decide whether to send a 404.

References extrainfo_get_by_descriptor_digest(), get_signed_descriptor_by_fp(), router_get_by_descriptor_digest(), and ROUTER_MAX_AGE_TO_PUBLISH.

Referenced by directory_handle_command_get().

int dirserv_load_fingerprint_file

(

void

)

Load the nickname->fingerprint mappings stored in the approved-routers file. The file format is line-based, with each non-blank holding one nickname, some space, and a fingerprint for that nickname. On success, replace the current fingerprint list with the new list and return 0. On failure, leave the current fingerprint list untouched, and return -1.

References add_fingerprint_to_dir(), authdir_config_new(), base16_decode(), config_free_lines(), config_get_lines(), DEFAULT_CLIENT_NICKNAME, DIGEST_LEN, directory_remove_invalid(), dirserv_free_fingerprint_list(), get_datadir_fname, get_options(), HEX_DIGEST_LEN, is_legal_nickname(), LD_CONFIG, LD_FS, LD_GENERAL, MAX_NICKNAME_LEN, or_options_t::NamingAuthoritativeDir, config_line_t::next, read_file_to_str(), RFTS_IGNORE_MISSING, tor_free, and tor_strstrip().

Referenced by do_hup(), and init_keys().

void dirserv_orconn_tls_done	(	const char *	address,
		uint16_t	or_port,
		const char *	digest_rcvd,
		int	as_advertised
	)

Called when a TLS handshake has completed successfully with a router listening at address:or_port, and has yielded a certificate with digest digest_rcvd.

Also, if as_advertised is 1, then inform the reachability checker that we could get to this guy.

References authdir_mode_bridge(), DIGEST_LEN, get_options(), LD_DIRSERV, rep_hist_note_router_reachable(), router_get_routerlist(), ROUTER_PURPOSE_BRIDGE, routerlist_t::routers, and tor_assert.

Referenced by connection_or_check_valid_tls_handshake().

int dirserv_read_measured_bandwidths	(	const char *	from_file,
		smartlist_t *	routerstatuses
	)

Read the measured bandwidth file and apply it to the list of routerstatuses. Returns -1 on error, 0 otherwise.

References compare_routerstatus_entries(), escaped(), LD_CONFIG, LD_DIRSERV, measured_bw_line_apply(), measured_bw_line_parse(), smartlist_sort(), and tor_parse_ulong().

Referenced by options_validate().

int dirserv_remove_old_statuses	(	smartlist_t *	fps,
		time_t	cutoff
	)

Remove from fps every networkstatus key where both a) we have a networkstatus document and b) it is not newer than cutoff.

Return 1 if any items were present at all; else return 0.

References lookup_cached_dir_by_fp(), cached_dir_t::published, and tor_free.

Referenced by directory_handle_command_get().

void dirserv_set_cached_consensus_networkstatus	(	const char *	networkstatus,
		const char *	flavor_name,
		const digests_t *	digests,
		time_t	published
	)

Replace the v3 consensus networkstatus of type flavor_name that we're serving with networkstatus, published at published. No validation is performed.

References cached_consensuses, cached_dir_decref(), cached_dir_t::digests, new_cached_dir(), and strmap_set().

Referenced by networkstatus_set_current_consensus().

void dirserv_set_cached_directory	(	const char *	directory,
		time_t	published,
		int	is_running_routers
	)

If we have no cached v1 directory, or it is older than published, then replace it with directory, published at published.

If published is too old, do nothing.

If is_running_routers, this is really a v1 running_routers document rather than a v1 directory.

References cached_dir_decref(), MAX_V1_DIRECTORY_AGE, MAX_V1_RR_AGE, new_cached_dir(), and set_cached_dir().

Referenced by dirserv_regenerate_directory(), router_parse_directory(), and router_parse_runningrouters().

void dirserv_set_cached_networkstatus_v2	(	const char *	networkstatus,
		const char *	identity,
		time_t	published
	)

If networkstatus is non-NULL, we've just received a v2 network-status for an authoritative directory with identity digest identity published at published -- store it so we can serve it to others.

If networkstatus is NULL, remove the entry with the given identity fingerprint from the v2 cache.

References cached_dir_decref(), cached_v2_networkstatus, digestmap_get(), digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), digestmap_new(), digestmap_remove(), digestmap_set(), digestmap_size(), MAX_UNTRUSTED_NETWORKSTATUSES, new_cached_dir(), cached_dir_t::published, router_get_trusted_dir_servers(), and tor_assert.

Referenced by add_networkstatus_to_cache(), and networkstatus_v2_list_clean().

void dirserv_set_router_is_running	(	routerinfo_t *	router,
		time_t	now
	)

Treat a router as alive if

• It's me, and I'm not hibernating. or - We've found it reachable recently.

References or_options_t::AssumeReachable, routerinfo_t::cache_info, get_options(), signed_descriptor_t::identity_digest, routerinfo_t::is_running, routerinfo_t::last_reachable, REACHABLE_TIMEOUT, rep_hist_note_router_unreachable(), router_is_me(), and we_are_hibernating().

Referenced by dirserv_generate_networkstatus_vote_obj(), generate_v2_networkstatus_opinion(), list_server_status_v1(), and networkstatus_getinfo_by_purpose().

void dirserv_single_reachability_test	(	time_t	now,
		routerinfo_t *	router
	)

Helper function for dirserv_test_reachability(). Start a TLS connection to router, and annotate it with when we started the test.

References routerinfo_t::addr, routerinfo_t::address, routerinfo_t::cache_info, connection_or_connect(), signed_descriptor_t::identity_digest, LD_OR, routerinfo_t::nickname, routerinfo_t::or_port, routerinfo_t::testing_since, and tor_addr_from_ipv4h.

Referenced by dirserv_test_reachability(), and router_add_to_routerlist().

void dirserv_test_reachability

(

time_t

now

)

Auth dir server only: load balance such that we only try a few connections per call.

The load balancing is such that if we get called once every ten seconds, we will cycle through all the tests in 1280 seconds (a bit over 20 minutes).

References authdir_mode_bridge(), dirserv_single_reachability_test(), get_options(), router_get_routerlist(), router_is_me(), ROUTER_PURPOSE_BRIDGE, and routerlist_t::routers.

Referenced by run_scheduled_events().

int dirserv_would_reject_router

(

routerstatus_t *

rs

)

Return true if there is no point in downloading the router described by rs because this directory would reject it.

References routerstatus_t::addr, dirserv_get_status_impl(), FP_REJECT, routerstatus_t::identity_digest, routerstatus_t::nickname, and routerstatus_t::or_port.

Referenced by update_router_descriptor_cache_downloads_v2().

void dirvote_act	(	or_options_t *	options,
		time_t	now
	)

Entry point: Take whatever voting actions are pending as of now.

References authdir_mode_v3(), authority_cert_t::cache_info, DIGEST_LEN, dirvote_clear_votes(), dirvote_compute_consensuses(), dirvote_fetch_missing_signatures(), dirvote_fetch_missing_votes(), dirvote_perform_vote(), dirvote_publish_consensus(), dirvote_recalculate_timing(), get_my_v3_authority_cert(), hex_str(), signed_descriptor_t::identity_digest, LD_DIR, list_v3_auth_ids(), tor_free, and voting_schedule.

Referenced by run_scheduled_events().

int dirvote_add_signatures	(	const char *	detached_signatures_body,
		const char *	source,
		const char **	msg
	)

Helper: we just got the detached_signatures_body sent to us as signatures on the currently pending consensus. Add them to the pending consensus (if we have one); otherwise queue them until we have a consensus. Return negative on failure, nonnegative on success.

References LD_DIR, smartlist_add(), and smartlist_create().

Referenced by connection_dir_client_reached_eof(), and directory_handle_command_post().

struct pending_vote_t* dirvote_add_vote	(	const char *	vote_body,
		const char **	msg_out,
		int *	status_out
	)			[read]

Called when we have received a networkstatus vote in vote_body. Parse and validate it, and on success store it as a pending vote (which we then return). Return NULL on failure. Sets *msg_out and *status_out to an HTTP response and status code. (V3 authority only)

References networkstatus_voter_info_t::address, authority_cert_get_by_digests(), authority_cert_t::cache_info, cached_dir_decref(), networkstatus_t::cert, DIGEST_LEN, format_iso_time(), get_voter(), hex_str(), signed_descriptor_t::identity_digest, networkstatus_voter_info_t::identity_digest, LD_BUG, LD_DIR, list_v3_auth_ids(), networkstatus_parse_vote_from_string(), networkstatus_vote_free(), new_cached_dir(), networkstatus_voter_info_t::nickname, networkstatus_t::published, signed_descriptor_t::signed_descriptor_body, authority_cert_t::signing_key_digest, networkstatus_voter_info_t::sigs, smartlist_create(), strcmpstart(), tor_assert, tor_free, trusted_dirs_load_certs_from_string(), trusteddirserver_get_by_v3_auth_digest(), update_consensus_router_descriptor_downloads(), networkstatus_t::valid_after, networkstatus_voter_info_t::vote_digest, networkstatus_t::voters, and voting_schedule.

Referenced by connection_dir_client_reached_eof(), directory_handle_command_post(), and dirvote_perform_vote().

microdesc_t* dirvote_create_microdescriptor

(

const routerinfo_t *

ri

)

Construct and return a new microdescriptor from a routerinfo ri.

XXX Right now, there is only one way to generate microdescriptors from router descriptors. This may change in future consensus methods. If so, we'll need an internal way to remember which method we used, and ask for a particular method.

References crypto_pk_write_public_key_to_string(), routerinfo_t::declared_family, routerinfo_t::exit_policy, LD_DIR, microdescs_parse_from_string(), routerinfo_t::onion_pkey, policy_summarize(), smartlist_free(), smartlist_join_strings(), tor_free, and tor_snprintf().

ssize_t dirvote_format_microdesc_vote_line	(	char *	out,
		size_t	out_len,
		const microdesc_t *	md
	)

Format the appropriate vote line to describe the microdescriptor md in a consensus vote document. Write it into the out_len-byte buffer in out. Return -1 on failure and the number of characters written on success.

References BASE64_DIGEST256_LEN, microdesc_t::digest, digest256_to_base64(), make_consensus_method_list(), MAX_SUPPORTED_CONSENSUS_METHOD, MIN_METHOD_FOR_MICRODESC, tor_assert, and tor_snprintf().

void dirvote_free_all

(

void

)

Release all static storage held in dirvote.c

References dirvote_clear_pending_consensuses(), dirvote_clear_votes(), smartlist_free(), and tor_free.

Referenced by tor_free_all().

const char* dirvote_get_pending_consensus

(

consensus_flavor_t

flav

)

Return the body of the consensus that we're currently trying to build.

References pending_consensus_t::body, and tor_assert.

Referenced by directory_handle_command_get().

const char* dirvote_get_pending_detached_signatures

(

void

)

Return the signatures that we know for the consensus that we're currently trying to build.

Referenced by directory_handle_command_get().

void dirvote_get_preferred_voting_intervals

(

vote_timing_t *

timing_out

)

Set *timing_out to the intervals at which we would like to vote. Note that these aren't the intervals we'll use to vote; they're the ones that we'll vote to use.

References vote_timing_t::dist_delay, get_options(), vote_timing_t::n_intervals_valid, tor_assert, or_options_t::V3AuthDistDelay, or_options_t::V3AuthNIntervalsValid, or_options_t::V3AuthVoteDelay, or_options_t::V3AuthVotingInterval, vote_timing_t::vote_delay, and vote_timing_t::vote_interval.

time_t dirvote_get_start_of_next_interval	(	time_t	now,
		int	interval
	)

Return the start of the next interval of size interval (in seconds) after now. Midnight always starts a fresh interval, and if the last interval of a day would be truncated to less than half its size, it is rolled into the previous interval.

References tor_timegm().

Referenced by dirvote_recalculate_timing().

const cached_dir_t* dirvote_get_vote	(	const char *	fp,
		int	flags
	)

Return a given vote specified by fp. If by_id, return the vote for the authority with the v3 authority identity key digest fp; if by_id is false, return the vote whose digest is fp. If fp is NULL, return our own vote. If include_previous is false, do not consider any votes for a consensus that's already been built. If include_pending is false, do not consider any votes for the consensus that's in progress. May return NULL if we have no vote for the authority in question.

References authority_cert_t::cache_info, DIGEST_LEN, get_my_v3_authority_cert(), get_voter(), networkstatus_voter_info_t::identity_digest, and signed_descriptor_t::identity_digest.

Referenced by directory_handle_command_get(), and dirvote_fetch_missing_votes().

void dirvote_recalculate_timing	(	or_options_t *	options,
		time_t	now
	)

Set voting_schedule to hold the timing for the next vote we should be doing.

References authdir_mode_v3(), dirvote_get_start_of_next_interval(), networkstatus_t::dist_seconds, format_iso_time(), networkstatus_t::fresh_until, LD_DIR, networkstatus_get_live_consensus(), or_options_t::TestingV3AuthInitialDistDelay, or_options_t::TestingV3AuthInitialVoteDelay, or_options_t::TestingV3AuthInitialVotingInterval, tor_assert, networkstatus_t::valid_after, networkstatus_t::vote_seconds, and voting_schedule.

Referenced by dirvote_act(), networkstatus_set_current_consensus(), and options_act().

void disable_control_logging

(

void

)

Called when we are sending a log message to the controllers: suspend sending further log messages to the controllers until we're done. Used by CONN_LOG_PROTECT.

References disable_log_messages.

void dns_cancel_pending_resolve

(

const char *

address

)

Mark all connections waiting for address for close. Then cancel the resolve for address itself, and remove any cached results for address from the cache.

References edge_connection_t::_base, assert_connection_ok(), CACHE_STATE_DONE, CACHE_STATE_PENDING, circuit_detach_stream(), circuit_get_by_edge_conn(), pending_connection_t::conn, connection_edge_end(), connection_free(), escaped_safe_str(), EXIT_CONN_STATE_RESOLVEFAILED, LD_BUG, connection_t::marked_for_close, pending_connection_t::next, cached_resolve_t::pending_connections, connection_t::s, connection_t::state, cached_resolve_t::state, TO_CONN, tor_assert, tor_fragile_assert, and tor_free.

Referenced by dns_resolve().

uint32_t dns_clip_ttl

(

uint32_t

ttl

)

Helper: Given a TTL from a DNS response, determine what TTL to give the OP that asked us to resolve it.

References MAX_DNS_TTL, and MIN_DNS_TTL.

Referenced by client_dns_set_addressmap_impl(), connection_edge_end(), connection_edge_finished_connecting(), connection_exit_connect(), send_resolved_cell(), and send_resolved_hostname_cell().

void dns_free_all

(

void

)

Free all storage held in the DNS cache and related structures.

References _free_cached_resolve(), CACHE_STATE_DONE, resolv_conf_fname, smartlist_free(), and tor_free.

Referenced by tor_free_all().

int dns_init

(

void

)

Initialize the DNS subsystem; called by the OR process.

References _dns_randfn(), configure_nameservers(), get_options(), and server_mode().

Referenced by do_main_loop(), and run_scheduled_events().

void dns_launch_correctness_checks

(

void

)

If appropriate, start testing whether our DNS servers tend to lie to us.

References dns_launch_wildcard_checks(), get_options(), launch_test_addresses(), LD_BUG, tor_evtimer_new(), and tor_libevent_get_base().

Referenced by run_scheduled_events().

int dns_reset

(

void

)

Called when DNS-related options change (or may have changed). Returns -1 on failure, 0 on success.

References configure_nameservers(), get_options(), LD_BUG, nameservers_configured, resolv_conf_fname, resolv_conf_mtime, server_mode(), the_evdns_base, tor_free, and tor_libevent_get_base().

Referenced by do_hup(), and options_act().

void dns_reset_correctness_checks

(

void

)

Forget what we've previously learned about our DNS servers' correctness.

References _tor_free(), dns_is_completely_invalid, dns_wildcard_notice_given, dns_wildcard_one_notice_given, dns_wildcard_response_count, dns_wildcarded_test_address_notice_given, n_wildcard_requests, smartlist_clear(), strmap_free(), and tor_free.

Referenced by dns_servers_relaunch_checks().

int dns_resolve

(

edge_connection_t *

exitconn

)

See if we have a cache entry for exitconn->address. if so, if resolve valid, put it into exitconn->addr and return 1. If resolve failed, free exitconn and return -1.

(For EXIT_PURPOSE_RESOLVE connections, send back a RESOLVED error cell on returning -1. For EXIT_PURPOSE_CONNECT connections, there's no need to send back an END cell, since connection_exit_begin_conn will do that for us.)

If we have a cached answer, send the answer back along exitconn's circuit.

Else, if seen before and pending, add conn to the pending list, and return 0.

Else, if not seen before, add conn to pending list, hand to dns farm, and return 0.

Exitconn's on_circuit field must be set, but exitconn should not yet be linked onto the n_streams/resolving_streams list of that circuit. On success, link the connection to n_streams if it's an exit connection. On "pending", link the connection to resolving streams. Otherwise, clear its on_circuit field.

References edge_connection_t::_base, connection_t::address, connection_free(), dns_cancel_pending_resolve(), dns_resolve_impl(), EXIT_CONN_STATE_RESOLVING, EXIT_PURPOSE_RESOLVE, connection_t::marked_for_close, or_circuit_t::n_streams, edge_connection_t::next_stream, edge_connection_t::on_circuit, connection_t::purpose, or_circuit_t::resolving_streams, send_resolved_cell(), send_resolved_hostname_cell(), connection_t::state, TO_CONN, TO_OR_CIRCUIT(), tor_assert, and tor_free.

Referenced by connection_exit_begin_conn(), and connection_exit_begin_resolve().

int dns_seems_to_be_broken

(

void

)

Return true iff our DNS servers lie to us too much to be trusted.

References dns_is_completely_invalid.

Referenced by router_dump_router_to_string().

void dns_servers_relaunch_checks

(

void

)

Forget what we've learned about the correctness of our DNS servers, and start learning again.

References dns_reset_correctness_checks(), get_options(), server_mode(), and time_to_check_for_correct_dns.

Referenced by configure_nameservers(), and ip_address_changed().

void dnsserv_close_listener

(

connection_t *

conn

)

Free the evdns server port for conn, which must be an AP_DNS_LISTENER.

References CONN_TYPE_AP_DNS_LISTENER, connection_t::dns_server_port, tor_assert, and connection_t::type.

Referenced by connection_unregister_events().

void dnsserv_configure_listener

(

connection_t *

conn

)

Set up the evdns server port for the UDP socket on conn, which must be an AP_DNS_LISTENER

References CONN_TYPE_AP_DNS_LISTENER, connection_t::dns_server_port, evdns_server_callback(), connection_t::s, tor_assert, and connection_t::type.

Referenced by connection_create_listener().

int dnsserv_launch_request	(	const char *	name,
		int	reverse
	)

Helper function: called whenever the client sends a resolve request to our controller. We need to eventually answer the request req. Returns 0 if the controller will be getting (or has gotten) an event in response; -1 if we couldn't launch the request.

References edge_connection_t::_base, socks_request_t::address, AP_CONN_STATE_RESOLVE_WAIT, socks_request_t::command, CONN_TYPE_AP, connection_add(), connection_ap_handshake_rewrite_and_attach(), connection_free(), edge_connection_new(), escaped_safe_str_client(), edge_connection_t::is_dns_request, LD_APP, SOCKS_COMMAND_RESOLVE, SOCKS_COMMAND_RESOLVE_PTR, edge_connection_t::socks_request, connection_t::state, TO_CONN, and tor_free.

Referenced by handle_control_resolve().

void dnsserv_reject_request

(

edge_connection_t *

conn

)

If there is a pending request on conn that's waiting for an answer, send back an error and free the request.

References edge_connection_t::dns_server_request.

Referenced by connection_about_to_close_connection().

void dnsserv_resolved	(	edge_connection_t *	conn,
		int	answer_type,
		size_t	answer_len,
		const char *	answer,
		int	ttl
	)

Tell the dns request waiting for an answer on conn that we have an answer of type answer_type (RESOLVE_TYPE_IPV4/IPV6/ERR), of length answer_len, in answer, with TTL ttl. Doesn't do any caching; that's handled elsewhere.

References socks_request_t::address, socks_request_t::command, edge_connection_t::dns_server_request, evdns_get_orig_address(), LD_APP, SOCKS_COMMAND_RESOLVE, SOCKS_COMMAND_RESOLVE_PTR, edge_connection_t::socks_request, and tor_free.

Referenced by connection_ap_handshake_socks_resolved().

document_signature_t* document_signature_dup

(

const document_signature_t *

sig

)

Return a newly allocated copy of sig

References document_signature_t::signature, and document_signature_t::signature_len.

Referenced by networkstatus_add_detached_signatures().

void document_signature_free

(

document_signature_t *

sig

)

Free all storage held in sig

References document_signature_t::signature, and tor_free.

Referenced by networkstatus_add_detached_signatures(), networkstatus_parse_vote_from_string(), networkstatus_vote_free(), and ns_detached_signatures_free().

time_t download_status_increment_failure	(	download_status_t *	dls,
		int	status_code,
		const char *	item,
		int	server,
		time_t	now
	)

Called when an attempt to download dls has failed with HTTP status status_code. Increment the failure count (if the code indicates a real failure) and set dls->next_attempt_at to an appropriate time in the future.

References find_dl_schedule_and_len(), IMPOSSIBLE_TO_DOWNLOAD, LD_DIR, download_status_t::n_download_failures, download_status_t::next_attempt_at, and tor_assert.

Referenced by dir_routerdesc_download_failed().

static INLINE int download_status_is_ready	(	download_status_t *	dls,
		time_t	now,
		int	max_failures
	)			[static]

Return true iff, as of now, the resource tracked by dls is ready to get its download reattempted.

References download_status_t::n_download_failures, and download_status_t::next_attempt_at.

Referenced by authority_certs_fetch_missing(), fetch_bridge_descriptors(), update_consensus_networkstatus_downloads(), and update_extrainfo_downloads().

static INLINE void download_status_mark_impossible

(

download_status_t *

dl

)

[static]

Mark dl as never downloadable.

References IMPOSSIBLE_TO_DOWNLOAD, and download_status_t::n_download_failures.

Referenced by router_load_routers_from_string().

void download_status_reset

(

download_status_t *

dls

)

Reset dls so that it will be considered downloadable immediately, and/or to show that we don't need it anymore.

(We find the zeroth element of the download schedule, and set next_attempt_at to be the appropriate offset from 'now'. In most cases this means setting it to 'now', so the item will be immediately downloadable; in the case of bridge descriptors, the zeroth element is an hour from now.)

References find_dl_schedule_and_len(), get_options(), download_status_t::n_download_failures, and download_status_t::next_attempt_at.

Referenced by authority_certs_fetch_missing(), learned_bridge_descriptor(), networkstatus_set_current_consensus(), router_reset_descriptor_download_failures(), and router_set_networkstatus_v2().

void dump_cell_pool_usage

(

int

severity

)

Log current statistics for cell pool allocation at log level severity.

References _circuit_get_global_list(), CIRCUIT_IS_ORIGIN, LD_MM, cell_queue_t::n, circuit_t::n_conn_cells, circuit_t::next, or_circuit_t::p_conn_cells, and TO_OR_CIRCUIT().

Referenced by dumpmemusage().

void dump_distinct_digest_count

(

int

severity

)

Log the total count of the number of distinct router digests we've ever verified. When compared to the number of times we've verified routerdesc signatures in toto, this will tell us if we're doing too much multiple-verification.

References digestmap_new(), digestmap_size(), and LD_GENERAL.

Referenced by dumpstats().

void dump_dns_mem_usage

(

int

severity

)

Log memory information about our internal DNS cache at level 'severity'.

References dns_cache_entry_count(), and LD_MM.

Referenced by dumpmemusage().

void dump_pk_ops

(

int

severity

)

Log the number of times we've done each public/private-key operation.

References LD_HIST, and pk_op_counts.

Referenced by dumpstats().

void dump_routerlist_mem_usage

(

int

severity

)

Log information about how much memory is being used for routerlist, at log level severity.

References LD_DIR, routerlist_t::old_routers, routerlist, and routerlist_t::routers.

Referenced by dumpmemusage().

void dup_onion_keys	(	crypto_pk_env_t **	key,
		crypto_pk_env_t **	last
	)

Store a full copy of the current onion key into *key, and a full copy of the most recent onion key into *last.

References crypto_pk_copy_full(), tor_assert, tor_mutex_acquire(), and tor_mutex_release().

Referenced by cpuworker_main().

edge_connection_t* edge_connection_new	(	int	type,
		int	socket_family
	)

Allocate and return a new edge_connection_t, initialized as by connection_init().

References CONN_TYPE_AP, CONN_TYPE_EXIT, connection_init(), edge_connection_t::socks_request, TO_CONN, and tor_assert.

Referenced by connection_ap_make_link(), connection_exit_begin_conn(), connection_exit_begin_resolve(), connection_new(), dnsserv_launch_request(), and evdns_server_callback().

void enable_control_logging

(

void

)

We're done sending a log message to the controllers: re-enable controller logging. Used by CONN_LOG_PROTECT.

References disable_log_messages, and tor_assert.

int entry_guard_register_connect_status	(	const char *	digest,
		int	succeeded,
		int	mark_relay_status,
		time_t	now
	)

Called when a connection to an OR with the identity digest digest is established (succeeded==1) or has failed (succeeded==0). If the OR is an entry, change that entry's up/down status. Return 0 normally, or -1 if we want to tear down the new connection.

If mark_relay_status, also call router_set_status() on this relay.

XXX022 change succeeded and mark_relay_status into 'int flags'.

References DIGEST_LEN, and HEX_DIGEST_LEN.

Referenced by circuit_build_failed(), connection_about_to_close_connection(), connection_or_check_valid_tls_handshake(), connection_or_connect(), and connection_or_set_state_open().

void entry_guards_compute_status

(

void

)

A new directory or router-status has arrived; update the down/listed status of the entry guards.

An entry is 'down' if the directory lists it as nonrunning. An entry is 'unlisted' if the directory doesn't include it.

Don't call this on startup; only on a fresh download. Otherwise we'll think that things are unlisted.

References digestmap_free(), digestmap_get(), digestmap_new(), digestmap_set(), entry_guard_set_status(), entry_guards_changed(), entry_is_live(), entry_nodes_should_be_added(), or_options_t::EntryNodes, get_options(), LD_CIRC, log_entry_guards(), num_live_entry_guards(), remove_dead_entry_guards(), router_get_by_digest(), and tor_assert.

Referenced by directory_info_has_arrived().

void entry_guards_free_all

(

void

)

Release all storage held by the list of entry guards and related memory structs.

References bridge_list, clear_bridge_list(), entry_guard_free(), and smartlist_free().

Referenced by tor_free_all().

int entry_guards_parse_state	(	or_state_t *	state,
		int	set,
		char **	msg
	)

Parse state and learn about the entry guards it describes. If set is true, and there are no errors, replace the global entry_list with what we find. On success, return 0. On failure, alloc into *msg a string describing the error, and return -1.

References _tor_free(), entry_guard_t::bad_since, base16_decode(), crypto_rand_int(), DIGEST_LEN, digestmap_free(), digestmap_get(), digestmap_new(), digestmap_set(), entry_guard_free(), entry_guards_dirty, or_state_t::EntryGuards, escaped(), HEX_DIGEST_LEN, entry_guard_t::identity, is_legal_nickname(), config_line_t::key, entry_guard_t::last_attempted, LD_BUG, entry_guard_t::made_contact, MAX_NICKNAME_LEN, config_line_t::next, entry_guard_t::nickname, parse_iso_time(), remove_obsolete_entry_guards(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_split_string(), tor_free, or_state_t::TorVersion, entry_guard_t::unreachable_since, and config_line_t::value.

Referenced by or_state_set(), and or_state_validate().

void entry_guards_update_state

(

or_state_t *

state

)

If the entry guard info has not changed, do nothing and return. Otherwise, free the EntryGuards piece of state and create a new one out of the global entry_guards list, and then mark state dirty so it will get saved to disk.

References or_options_t::AvoidDiskWrites, base16_encode(), config_free_lines(), DIGEST_LEN, entry_guards_dirty, or_state_t::EntryGuards, format_iso_time(), get_options(), get_or_state(), HEX_DIGEST_LEN, config_line_t::key, MAX_NICKNAME_LEN, config_line_t::next, or_state_mark_dirty(), smartlist_create(), tor_snprintf(), and config_line_t::value.

Referenced by or_state_save().

int entry_list_is_constrained

(

or_options_t *

options

)

Return 0 if we're fine adding arbitrary routers out of the directory to our entry guard list, or return 1 if we have a list already and we'd prefer to stick to it.

References or_options_t::EntryNodes, and or_options_t::UseBridges.

Referenced by choose_random_entry(), and connection_dir_request_failed().

void entry_nodes_should_be_added

(

void

)

Called when the value of EntryNodes changes in our configuration.

References LD_CIRC.

Referenced by entry_guards_compute_status(), and options_act().

int errno_to_orconn_end_reason

(

int

e

)

Given an errno from a failed ORConn connection, return a reason code appropriate for use in the controller orconn events.

References LD_OR.

Referenced by connection_handle_read_impl(), connection_handle_write_impl(), and connection_or_connect().

uint8_t errno_to_stream_end_reason

(

int

e

)

Given an errno from a failed exit connection, return a reason code appropriate for use in a RELAY END cell.

Referenced by connection_edge_end_errno().

const char* esc_router_info

(

routerinfo_t *

router

)

Allocate and return a new string representing the contact info and platform string for router, surrounded by quotes and using standard C escapes.

THIS FUNCTION IS NOT REENTRANT. Don't call it from outside the main thread. Also, each call invalidates the last-returned value, so don't try log_warn(LD_GENERAL, "%s %s", esc_router_info(a), esc_router_info(b));

If router is NULL, it just frees its internal memory and returns.

References routerinfo_t::contact_info, esc_for_log(), routerinfo_t::platform, tor_free, and tor_snprintf().

Referenced by authdir_wants_to_reject_router(), and tor_free_all().

const char* escaped_safe_str

(

const char *

address

)

Equivalent to escaped(safe_str(address)). See reentrancy note on escaped(): don't use this outside the main thread, or twice in the same log statement.

References escaped(), and get_options().

Referenced by connection_dns_remove(), connection_edge_finished_connecting(), connection_tls_start_handshake(), dns_cancel_pending_resolve(), dns_found_answer(), dns_resolve_impl(), evdns_callback(), launch_resolve(), launch_test_addresses(), and purge_expired_resolves().

const char* escaped_safe_str_client

(

const char *

address

)

Equivalent to escaped(safe_str_client(address)). See reentrancy note on escaped(): don't use this outside the main thread, or twice in the same log statement.

References escaped(), and get_options().

Referenced by addressmap_rewrite(), addressmap_rewrite_reverse(), circuit_discard_optional_exit_enclaves(), circuit_get_open_circ_or_launch(), conn_close_if_marked(), connection_ap_handshake_rewrite_and_attach(), connection_connect(), connection_exit_connect(), directory_get_from_hs_dir(), dnsserv_launch_request(), evdns_server_callback(), rend_client_introduction_acked(), rend_client_remove_intro_point(), rend_client_send_introduction(), rend_service_introduce(), and rend_service_launch_establish_intro().

int exit_policy_is_general_exit

(

smartlist_t *

policy

)

Return true iff ri is "useful as an exit node", meaning it allows exit to at least one /8 address space for at least two of ports 80, 443, and 6667.

References exit_policy_is_general_exit_helper().

Referenced by dirserv_compute_performance_thresholds().

extend_info_t* extend_info_alloc	(	const char *	nickname,
		const char *	digest,
		crypto_pk_env_t *	onion_key,
		const tor_addr_t *	addr,
		uint16_t	port
	)

Allocate a new extend_info object based on the various arguments.

References extend_info_t::addr, crypto_pk_dup_key(), DIGEST_LEN, extend_info_t::identity_digest, extend_info_t::nickname, extend_info_t::onion_key, extend_info_t::port, and tor_addr_copy().

Referenced by circuit_extend(), circuit_get_open_circ_or_launch(), and extend_info_from_router().

extend_info_t* extend_info_dup

(

extend_info_t *

info

)

Allocate and return a new extend_info_t with the same contents as info.

References crypto_pk_dup_key(), extend_info_t::onion_key, and tor_assert.

Referenced by circuit_append_new_exit(), circuit_handle_first_hop(), onion_append_hop(), onion_extend_cpath(), onion_pick_cpath_exit(), rend_client_get_random_intro(), rend_service_launch_establish_intro(), and rend_service_update_descriptor().

void extend_info_free

(

extend_info_t *

info

)

Release storage held by an extend_info_t struct.

References crypto_free_pk_env(), extend_info_t::onion_key, and tor_free.

Referenced by circuit_append_new_exit(), circuit_free(), circuit_free_cpath_node(), circuit_get_open_circ_or_launch(), circuit_launch_by_router(), circuit_n_conn_done(), handle_control_extendcircuit(), onion_extend_cpath(), rend_client_get_random_intro(), rend_client_introduction_acked(), rend_intro_point_free(), rend_service_introduce(), and rend_service_launch_establish_intro().

extend_info_t* extend_info_from_router

(

routerinfo_t *

r

)

Allocate and return a new extend_info_t that can be used to build a circuit to or through the router r.

References routerinfo_t::addr, routerinfo_t::cache_info, extend_info_alloc(), signed_descriptor_t::identity_digest, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::or_port, tor_addr_from_ipv4h, and tor_assert.

Referenced by circuit_get_open_circ_or_launch(), circuit_launch_by_router(), handle_control_extendcircuit(), onion_extend_cpath(), onion_pick_cpath_exit(), rend_client_get_random_intro(), and rend_service_introduce().

int extrainfo_dump_to_string	(	char *	s,
		size_t	maxlen,
		extrainfo_t *	extrainfo,
		crypto_pk_env_t *	ident_key
	)

Write the contents of extrainfo to the maxlen-byte string s, signing them with ident_key. Return 0 on success, negative on failure.

References base16_encode(), extrainfo_t::cache_info, or_options_t::CellStatistics, DIGEST_LEN, or_options_t::DirReqStatistics, or_options_t::EntryStatistics, or_options_t::ExitPortStatistics, extrainfo_dump_to_string(), extrainfo_free(), extrainfo_parse_entry_from_string(), or_options_t::ExtraInfoStatistics, format_iso_time(), geoip_get_bridge_stats_extrainfo(), get_options(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, LD_BUG, LD_DIR, LD_GENERAL, load_stats_file(), extrainfo_t::nickname, signed_descriptor_t::published_on, rep_hist_get_bandwidth_lines(), router_append_dirobj_signature(), router_get_extrainfo_hash(), should_record_bridge_info(), tor_free, and tor_snprintf().

Referenced by extrainfo_dump_to_string(), and router_rebuild_descriptor().

void extrainfo_free

(

extrainfo_t *

extrainfo

)

Release all storage held by extrainfo

References extrainfo_t::cache_info, extrainfo_t::pending_sig, signed_descriptor_t::signed_descriptor_body, and tor_free.

Referenced by _extrainfo_free(), dirserv_add_extrainfo(), extrainfo_dump_to_string(), extrainfo_insert(), extrainfo_parse_entry_from_string(), router_free_all(), router_rebuild_descriptor(), routerlist_remove(), routerlist_remove_old(), and routerlist_replace().

signed_descriptor_t* extrainfo_get_by_descriptor_digest

(

const char *

digest

)

Return the signed descriptor for the extrainfo_t in our routerlist whose extra-info-digest is digest. Return NULL if no such extra-info document is known.

References extrainfo_t::cache_info, routerlist_t::extra_info_map, routerlist, and tor_assert.

Referenced by connection_dirserv_add_servers_to_outbuf(), dirserv_get_routerdesc_fingerprints(), dirserv_have_any_serverdesc(), and get_signed_descriptor_by_fp().

extrainfo_t* extrainfo_parse_entry_from_string	(	const char *	s,
		const char *	end,
		int	cache_copy,
		struct digest_ri_map_t *	routermap
	)

Parse a single extrainfo entry from the string s, ending at end. (If end is NULL, parse up to the end of s.) If cache_copy is true, make a copy of the extra-info document in the cache_info fields of the result. If routermap is provided, use it as a map from router identity to routerinfo_t when looking up signing keys.

References directory_token_t::args, base16_decode(), routerinfo_t::cache_info, extrainfo_t::cache_info, check_signature_token(), DIGEST_LEN, digestmap_get(), dump_desc(), escaped(), extrainfo_free(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, signed_descriptor_t::is_extrainfo, is_legal_nickname(), LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, extrainfo_t::nickname, note_crypto_pk_op(), directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), extrainfo_t::pending_sig, extrainfo_t::pending_sig_len, signed_descriptor_t::published_on, router_get_extrainfo_hash(), signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.

Referenced by extrainfo_dump_to_string(), and router_parse_list_from_string().

int fascist_firewall_allows_address_dir	(	const tor_addr_t *	addr,
		uint16_t	port
	)

Return true iff we think our firewall will let us make a directory connection to addr:port.

References addr_policy_permits_tor_addr().

Referenced by directory_post_to_dirservers(), router_pick_directory_server_impl(), and router_pick_trusteddirserver_impl().

int fascist_firewall_allows_address_or	(	const tor_addr_t *	addr,
		uint16_t	port
	)

Return true iff we think our firewall will let us make an OR connection to addr:port.

References addr_policy_permits_tor_addr().

Referenced by directory_command_should_use_begindir(), fascist_firewall_allows_or(), fetch_bridge_descriptors(), router_pick_directory_server_impl(), and router_pick_trusteddirserver_impl().

int fascist_firewall_allows_or

(

routerinfo_t *

ri

)

Return true iff we think our firewall will let us make an OR connection to ri.

References routerinfo_t::addr, fascist_firewall_allows_address_or(), routerinfo_t::or_port, and tor_addr_from_ipv4h.

Referenced by choose_good_entry_server(), and entry_is_live().

int fast_client_handshake	(	const char *	handshake_state,
		const char *	handshake_reply_out,
		char *	key_out,
		size_t	key_out_len
	)

Implement the second half of the client side of the CREATE_FAST handshake. We sent the server handshake_state ("x") already, and the server told us handshake_reply_out (y|H(x|y)). Make sure that the hash is correct, and generate key material in key_out. Return 0 on success, true on failure.

NOTE: The "CREATE_FAST" handshake path is distinguishable from regular "onionskin" handshakes, and is not secure if an adversary can see or modify the messages. Therefore, it should only be used by clients, and only as the first hop of a circuit (since the first hop is already authenticated and protected by TLS).

References crypto_expand_key_material(), DIGEST_LEN, LD_PROTOCOL, and tor_free.

Referenced by circuit_finish_handshake().

int fast_server_handshake	(	const char *	key_in,
		char *	handshake_reply_out,
		char *	key_out,
		size_t	key_out_len
	)

Implement the server side of the CREATE_FAST abbreviated handshake. The client has provided DIGEST_LEN key bytes in key_in ("x"). We generate a reply of DIGEST_LEN*2 bytes in key_out, consisting of a new random "y", followed by H(x|y) to check for correctness. We set key_out_len bytes of key material in key_out. Return 0 on success, <0 on failure.

References crypto_expand_key_material(), crypto_rand(), DIGEST_LEN, and tor_free.

Referenced by command_process_create_cell().

void fetch_bridge_descriptors

(

time_t

now

)

For each bridge in our list for which we don't currently have a descriptor, fetch a new copy of its descriptor -- either directly from the bridge or via a bridge authority.

References base16_encode(), BRIDGE_AUTHORITY, DIGEST_LEN, DIR_PURPOSE_FETCH_SERVERDESC, directory_get_from_dirserver(), download_status_failed, download_status_is_ready(), fascist_firewall_allows_address_or(), fmt_addr(), get_n_authorities(), get_options(), HEX_DIGEST_LEN, IMPOSSIBLE_TO_DOWNLOAD, launch_direct_bridge_descriptor_fetch(), LD_DIR, ROUTER_PURPOSE_BRIDGE, tor_digest_is_zero(), and or_options_t::UpdateBridgesFromAuthority.

Referenced by run_scheduled_events().

int fetch_from_buf	(	char *	string,
		size_t	string_len,
		buf_t *	buf
	)

Remove string_len bytes from the front of buf, and store them into string. Return the new buffer size. string_len must be <= the number of bytes on the buffer.

References buf_remove_from_front(), buf_t::datalen, peek_from_buf(), and tor_assert.

Referenced by connection_fetch_from_buf(), fetch_from_buf_http(), fetch_from_buf_line(), and move_buf_to_buf().

int fetch_from_buf_http	(	buf_t *	buf,
		char **	headers_out,
		size_t	max_headerlen,
		char **	body_out,
		size_t *	body_used,
		size_t	max_bodylen,
		int	force_complete
	)

There is a (possibly incomplete) http statement on buf, of the form "\%s\\r\\n\\r\\n\%s", headers, body. (body may contain NULs.) If a) the headers include a Content-Length field and all bytes in the body are present, or b) there's no Content-Length field and all headers are present, then:

• strdup headers into *headers_out, and NUL-terminate it.
• memdup body into *body_out, and NUL-terminate it.
• Then remove them from buf, and return 1.

• If headers or body is NULL, discard that part of the buf.
• If a headers or body doesn't fit in the arg, return -1. (We ensure that the headers or body don't exceed max len, _even if_ we're planning to discard them.)
• If force_complete is true, then succeed even if not all of the content has arrived.

Else, change nothing and return 0.

References buf_find_string_offset(), buf_pullup(), chunk_t::data, buf_t::datalen, chunk_t::datalen, fetch_from_buf(), buf_t::head, LD_HTTP, LD_PROTOCOL, and tor_assert.

Referenced by connection_dir_client_reached_eof(), connection_read_https_proxy_response(), and directory_handle_command().

int fetch_from_buf_line	(	buf_t *	buf,
		char *	data_out,
		size_t *	data_len
	)

Try to read a single LF-terminated line from buf, and write it, NUL-terminated, into the *data_len byte buffer at data_out. Set *data_len to the number of bytes in the line, not counting the terminating NUL. Return 1 if we read a whole line, return 0 if we don't have a whole line yet, and return -1 if the line length exceeds *data_len.

References buf_find_offset_of_char(), fetch_from_buf(), and buf_t::head.

Referenced by connection_ap_process_natd(), and connection_control_process_inbuf().

int fetch_from_buf_socks	(	buf_t *	buf,
		socks_request_t *	req,
		int	log_sockstype,
		int	safe_socks
	)

There is a (possibly incomplete) socks handshake on buf, of one of the forms

• socks4: "socksheader username\\0"
• socks4a: "socksheader username\\0 destaddr\\0"
• socks5 phase one: "version #methods methods"
• socks5 phase two: "version command 0 addresstype..." If it's a complete and valid handshake, and destaddr fits in MAX_SOCKS_ADDR_LEN bytes, then pull the handshake off the buf, assign to req, and return 1.

If it's invalid or too big, return -1.

Else it's not all there yet, leave buf alone and return 0.

If you want to specify the socks reply, write it into req->reply and set req->replylen, else leave req->replylen alone.

If log_sockstype is non-zero, then do a notice-level log of whether the connection is possibly leaking DNS requests locally or not.

If safe_socks is true, then reject unsafe socks protocols.

If returning 0 or -1, req->address and req->port are undefined.

References socks_request_t::address, addressmap_have_mapping(), buf_clear(), buf_pullup(), buf_remove_from_front(), CHUNK_WRITE_PTR(), socks_request_t::command, control_event_client_status(), chunk_t::data, chunk_t::datalen, buf_t::datalen, escaped(), get_uint16(), get_uint32(), buf_t::head, LD_APP, LD_PROTOCOL, socks_request_t::port, socks_request_t::reply, socks_request_t::replylen, safe_str_client(), SOCKS4_NETWORK_LEN, SOCKS_COMMAND_CONNECT, SOCKS_COMMAND_RESOLVE, SOCKS_COMMAND_RESOLVE_PTR, socks_request_t::socks_version, tor_addr_from_ipv4n(), tor_addr_from_ipv6_bytes(), tor_addr_to_str(), tor_assert, tor_free, tor_inet_ntoa(), and tor_strisprint().

Referenced by connection_ap_handshake_process_socks().

int fetch_from_buf_socks_client	(	buf_t *	buf,
		int	state,
		char **	reason
	)

Inspect a reply from SOCKS server stored in buf according to state, removing the protocol data upon success. Return 0 on incomplete response, 1 on success and -1 on error, in which case reason is set to a descriptive message (free() when finished with it).

As a special case, 2 is returned when user/pass is required during SOCKS5 handshake and user/pass is configured.

References buf_clear(), buf_pullup(), buf_remove_from_front(), chunk_t::data, chunk_t::datalen, buf_t::datalen, buf_t::head, LD_NET, socks4_response_code_to_string(), socks5_response_code_to_string(), and tor_assert.

Referenced by connection_read_proxy_handshake().

int fetch_var_cell_from_buf	(	buf_t *	buf,
		var_cell_t **	out,
		int	linkproto
	)

Check buf for a variable-length cell according to the rules of link protocol version linkproto. If one is found, pull it off the buffer and assign a newly allocated var_cell_t to *out, and return 1. Return 0 if whatever is on the start of buf_t is not a variable-length cell. Return 1 and set *out to NULL if there seems to be the start of a variable-length cell on buf, but the whole thing isn't there yet.

References buf_remove_from_front(), CELL_COMMAND_IS_VAR_LENGTH, var_cell_t::circ_id, var_cell_t::command, buf_t::datalen, get_uint16(), var_cell_t::payload, peek_from_buf(), VAR_CELL_HEADER_SIZE, and var_cell_new().

Referenced by connection_fetch_var_cell_from_buf().

int firewall_is_fascist_or

(

void

)

Return true iff the firewall options might block any address:port combination.

Referenced by choose_good_entry_server().

int flush_buf	(	int	s,
		buf_t *	buf,
		size_t	sz,
		size_t *	buf_flushlen
	)

Write data from buf to the socket s. Write at most sz bytes, decrement *buf_flushlen by the number of bytes actually written, and remove the written bytes from the buffer. Return the number of bytes written on success, -1 on failure. Return 0 if write() would block.

References chunk_t::datalen, flush_chunk(), buf_t::head, and tor_assert.

Referenced by conn_close_if_marked(), and connection_handle_write_impl().

int flush_buf_tls	(	tor_tls_t *	tls,
		buf_t *	buf,
		size_t	flushlen,
		size_t *	buf_flushlen
	)

As flush_buf(), but writes data to a TLS connection. Can write more than flushlen bytes.

References chunk_t::datalen, flush_chunk_tls(), buf_t::head, and tor_assert.

Referenced by conn_close_if_marked(), and connection_handle_write_impl().

void free_cell_pool

(

void

)

Free all storage used to hold cells (and insertion times if we measure cell statistics).

Referenced by tor_free_all().

void geoip_bridge_stats_init

(

time_t

now

)

Initialize bridge stats.

Referenced by run_scheduled_events().

time_t geoip_bridge_stats_write

(

time_t

now

)

Write bridge statistics to $DATADIR/stats/bridge-stats and return when we should next try to write statistics.

References check_private_dir(), control_event_clients_seen(), DIR_ENTRY_RECORD_USAGE_RETAIN_IPS, format_iso_time(), GEOIP_CLIENT_CONNECT, geoip_get_client_history_bridge(), geoip_remove_old_clients(), get_datadir_fname, get_datadir_fname2, parse_bridge_stats_controller(), tor_free, tor_snprintf(), and write_str_to_file().

Referenced by run_scheduled_events().

void geoip_change_dirreq_state	(	uint64_t	dirreq_id,
		dirreq_type_t	type,
		dirreq_state_t	new_state
	)

Change the state of the either direct or tunneled (see type) directory request with dirreq_id to new_state and possibly mark it as completed. If no entry can be found for the given key parts (e.g., if this is a directory request that we are not measuring, or one that was started in the previous measurement period), or if the state cannot be advanced to new_state, do nothing.

References _dirreq_map_get(), DIRREQ_FLUSHING_DIR_CONN_FINISHED, DIRREQ_IS_FOR_NETWORK_STATUS, DIRREQ_OR_CONN_BUFFER_FLUSHED, get_options(), and tor_gettimeofday().

Referenced by connection_dir_finished_flushing(), connection_handle_write_impl(), connection_or_flush_from_first_active_circuit(), and relay_send_command_from_edge().

void geoip_dirreq_stats_init

(

time_t

now

)

Initialize directory request stats.

Referenced by run_scheduled_events().

void geoip_dirreq_stats_write

(

time_t

now

)

Write dirreq statistics to $DATADIR/stats/dirreq-stats.

References abort_writing_to_file(), check_private_dir(), finish_writing_to_file(), format_iso_time(), GEOIP_CLIENT_NETWORKSTATUS, GEOIP_CLIENT_NETWORKSTATUS_V2, geoip_get_client_history_dirreq(), geoip_get_dirreq_history(), geoip_get_mean_shares(), geoip_get_request_history(), GEOIP_REJECT_BUSY, GEOIP_REJECT_NOT_ENOUGH_SIGS, GEOIP_REJECT_NOT_FOUND, GEOIP_REJECT_NOT_MODIFIED, GEOIP_REJECT_UNAVAILABLE, geoip_remove_old_clients(), GEOIP_SUCCESS, get_datadir_fname, get_datadir_fname2, get_options(), round_uint32_to_next_multiple_of(), start_writing_to_stdio_file(), and tor_free.

Referenced by run_scheduled_events().

void geoip_entry_stats_init

(

time_t

now

)

Initialize entry stats.

Referenced by run_scheduled_events().

void geoip_entry_stats_write

(

time_t

now

)

Write entry statistics to $DATADIR/stats/entry-stats.

References abort_writing_to_file(), check_private_dir(), finish_writing_to_file(), format_iso_time(), GEOIP_CLIENT_CONNECT, geoip_get_client_history_dirreq(), geoip_remove_old_clients(), get_datadir_fname, get_datadir_fname2, get_options(), start_writing_to_stdio_file(), and tor_free.

Referenced by run_scheduled_events().

void geoip_free_all

(

void

)

Release all storage held in this file.

References clear_geoip_db(), and tor_free.

Referenced by tor_free_all().

const char* geoip_get_bridge_stats_controller

(

time_t

now

)

Return most recent bridge statistics to be returned to controller clients, or NULL if we don't have recent bridge statistics.

References load_bridge_stats().

Referenced by getinfo_helper_events().

const char* geoip_get_bridge_stats_extrainfo

(

time_t

now

)

Return most recent bridge statistics for inclusion in extra-info descriptors, or NULL if we don't have recent bridge statistics.

References load_bridge_stats().

Referenced by extrainfo_dump_to_string().

char* geoip_get_client_history_bridge	(	time_t	now,
		geoip_client_action_t	action
	)

Return a newly allocated comma-separated string containing entries for all the countries from which we've seen enough clients connect as a bridge. The entry format is cc=num where num is the number of IPs we've seen connecting from that country, and cc is a lowercased country code. Returns NULL if we don't want to export geoip data yet.

References geoip_get_client_history(), GEOIP_MIN_OBSERVATION_TIME, and IP_GRANULARITY.

Referenced by geoip_bridge_stats_write().

char* geoip_get_client_history_dirreq	(	time_t	now,
		geoip_client_action_t	action
	)

Return a newly allocated comma-separated string containing entries for all the countries from which we've seen enough clients connect as a directory. The entry format is cc=num where num is the number of IPs we've seen connecting from that country, and cc is a lowercased country code. Returns NULL if we don't want to export geoip data yet.

References DIR_RECORD_USAGE_GRANULARITY, DIR_RECORD_USAGE_MIN_OBSERVATION_TIME, and geoip_get_client_history().

Referenced by geoip_dirreq_stats_write(), and geoip_entry_stats_write().

country_t geoip_get_country

(

const char *

country

)

Return the index of the country's entry in the GeoIP DB if it is a valid 2-letter country code, otherwise return -1.

References country_idxplus1_by_lc_code, and strmap_get_lc().

Referenced by routerset_refresh_countries().

int geoip_get_country_by_ip

(

uint32_t

ipaddr

)

Given an IP address in host order, return a number representing the country to which that address belongs, or -1 for unknown. The return value will always be less than geoip_get_n_countries(). To decode it, call geoip_get_country_name().

References _geoip_compare_key_to_entry(), geoip_entry_t::country, and smartlist_bsearch().

Referenced by geoip_get_client_history(), geoip_note_client_seen(), getinfo_helper_geoip(), routerinfo_set_country(), and routerset_contains().

const char* geoip_get_country_name

(

country_t

num

)

Return the two-letter country code associated with the number num, or "??" for an unknown value.

References geoip_country_t::countrycode.

Referenced by geoip_get_client_history(), and getinfo_helper_geoip().

time_t geoip_get_history_start

(

void

)

Return the time at which we started recording geoip data.

int geoip_get_n_countries

(

void

)

Return the number of countries recognized by the GeoIP database.

Referenced by geoip_get_client_history(), and routerset_refresh_countries().

char* geoip_get_request_history	(	time_t	now,
		geoip_client_action_t	action
	)

Return a newly allocated string holding the per-country request history for action in a format suitable for an extra-info document, or NULL on failure.

References _c_hist_compare(), GEOIP_CLIENT_NETWORKSTATUS, GEOIP_CLIENT_NETWORKSTATUS_V2, GEOIP_MIN_OBSERVATION_TIME, IP_GRANULARITY, REQUEST_HIST_LEN, round_to_next_multiple_of(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), smartlist_sort(), tor_asprintf(), and tor_free.

Referenced by geoip_dirreq_stats_write().

int geoip_is_loaded

(

void

)

Return true iff we have loaded a GeoIP database.

Referenced by geoip_get_client_history(), getinfo_helper_geoip(), options_act(), and routerset_refresh_countries().

int geoip_load_file	(	const char *	filename,
		or_options_t *	options
	)

Clear the GeoIP database and reload it from the file filename. Return 0 on success, -1 on failure.

Recognized line formats are: INTIPLOW,INTIPHIGH,CC and "INTIPLOW","INTIPHIGH","CC","CC3","COUNTRY NAME" where INTIPLOW and INTIPHIGH are IPv4 addresses encoded as 4-byte unsigned integers, and CC is a country code.

It also recognizes, and skips over, blank lines and lines that start with '#' (comments).

References _geoip_compare_entries(), clear_geoip_db(), country_idxplus1_by_lc_code, geoip_country_t::countrycode, geoip_parse_entry(), LD_GENERAL, options_need_geoip_info(), refresh_all_country_info(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_sort(), and tor_free.

Referenced by options_act().

void geoip_note_client_seen	(	geoip_client_action_t	action,
		uint32_t	addr,
		time_t	now
	)

Note that we've seen a client connect from the IP addr (host order) at time now. Ignored by all but bridges and directories if configured accordingly.

unresolved requests are stored at index 0.

References or_options_t::BridgeAuthoritativeDir, or_options_t::BridgeRecordUsageByCountry, or_options_t::BridgeRelay, or_options_t::DirReqStatistics, or_options_t::EntryStatistics, GEOIP_CLIENT_CONNECT, GEOIP_CLIENT_NETWORKSTATUS, GEOIP_CLIENT_NETWORKSTATUS_V2, geoip_determine_shares(), geoip_get_country_by_ip(), geoip_remove_old_clients(), get_options(), last_time_determined_shares, geoip_country_t::n_v2_ns_requests, geoip_country_t::n_v3_ns_requests, REQUEST_HIST_LEN, REQUEST_HIST_PERIOD, REQUEST_SHARE_INTERVAL, and smartlist_create().

Referenced by connection_or_set_state_open(), and directory_handle_command_get().

void geoip_note_ns_response	(	geoip_client_action_t	action,
		geoip_ns_response_t	response
	)

Note that we've rejected a client's request for a v2 or v3 network status, encoded in action for reason reason at time now.

References GEOIP_CLIENT_NETWORKSTATUS, GEOIP_CLIENT_NETWORKSTATUS_V2, get_options(), and tor_assert.

Referenced by directory_handle_command_get().

void geoip_remove_old_clients

(

time_t

cutoff

)

Forget about all clients that haven't connected since cutoff. If cutoff is in the future, clients won't be added to the history until this time is reached. This is useful to prevent relays that switch to bridges from reporting unbelievable numbers of clients.

References _remove_old_client_helper().

Referenced by geoip_bridge_stats_write(), geoip_dirreq_stats_write(), geoip_entry_stats_write(), geoip_note_client_seen(), and options_act().

void geoip_start_dirreq	(	uint64_t	dirreq_id,
		size_t	response_size,
		geoip_client_action_t	action,
		dirreq_type_t	type
	)

Note that an either direct or tunneled (see type) directory request for a network status with unique ID dirreq_id of size response_size and action action (either v2 or v3) has started.

References _dirreq_map_put(), get_options(), and tor_gettimeofday().

Referenced by directory_handle_command_get().

smartlist_t* get_connection_array

(

void

)

Set *array to an array of all connections, and *n to the length of the array. *array and *n must not be modified.

References smartlist_create().

Referenced by any_pending_bridge_descriptor_fetches(), choose_good_exit_server_general(), circuit_discard_optional_exit_enclaves(), connection_ap_attach_pending(), connection_ap_expire_beginning(), connection_ap_fail_onehop(), connection_bucket_refill(), connection_dump_buffer_mem_stats(), connection_expire_held_open(), connection_free_all(), connection_get_by_global_id(), connection_get_by_type(), connection_get_by_type_addr_port_purpose(), connection_get_by_type_purpose(), connection_get_by_type_state(), connection_get_by_type_state_rendquery(), connection_or_clear_identity_map(), control_event_stream_bandwidth_used(), control_update_global_event_mask(), cull_wedged_cpuworkers(), getinfo_helper_events(), list_pending_downloads(), rend_client_desc_trynow(), retry_listeners(), and send_control_event_string().

const char* get_dir_info_status_string

(

void

)

Return a string describing what we're missing before we have enough directory info.

Referenced by directory_info_has_arrived().

const char* get_dirportfrontpage

(

void

)

Return the contents of our frontpage string, or NULL if not configured.

Referenced by directory_handle_command_get().

uint32_t get_effective_bwburst

(

or_options_t *

options

)

Return the bandwidthburst that we are going to report to the authorities based on the config options.

References or_options_t::BandwidthBurst, and or_options_t::RelayBandwidthBurst.

Referenced by options_transition_affects_descriptor(), and router_rebuild_descriptor().

uint32_t get_effective_bwrate

(

or_options_t *

options

)

Return the bandwidthrate that we are going to report to the authorities based on the config options.

References or_options_t::BandwidthRate, or_options_t::MaxAdvertisedBandwidth, and or_options_t::RelayBandwidthRate.

Referenced by options_transition_affects_descriptor(), and router_rebuild_descriptor().

crypto_pk_env_t* get_identity_key

(

void

)

Returns the current identity key; requires that the identity key has been set.

References tor_assert.

Referenced by accounting_set_wakeup_time(), connection_or_check_valid_tls_handshake(), dirserv_regenerate_directory(), do_list_fingerprint(), generate_runningrouters(), generate_v2_networkstatus_opinion(), init_keys(), router_rebuild_descriptor(), and run_scheduled_events().

microdesc_cache_t* get_microdesc_cache

(

void

)

Return a pointer to the microdescriptor cache, loading it if necessary.

References get_datadir_fname.

authority_cert_t* get_my_v3_authority_cert

(

void

)

Return the key certificate for this v3 (voting) authority, or NULL if we have no such certificate.

Referenced by authority_cert_get_by_sk_digest(), directory_handle_command_get(), dirvote_act(), dirvote_compute_consensuses(), dirvote_get_vote(), dirvote_perform_vote(), and init_keys().

crypto_pk_env_t* get_my_v3_authority_signing_key

(

void

)

Return the v3 signing key for this v3 (voting) authority, or NULL if we have no such key.

Referenced by dirvote_compute_consensuses(), and dirvote_perform_vote().

authority_cert_t* get_my_v3_legacy_cert

(

void

)

If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return the certificate associated with that key.

Referenced by authority_cert_get_by_sk_digest(), and dirvote_compute_consensuses().

crypto_pk_env_t* get_my_v3_legacy_signing_key

(

void

)

If we're an authority, and we're using a legacy authority identity key for emergency migration purposes, return that key.

Referenced by dirvote_compute_consensuses().

int get_n_authorities

(

authority_type_t

type

)

Return the number of directory authorities whose type matches some bit set in type

Referenced by any_trusted_dir_is_v1_authority(), dirvote_compute_consensuses(), fetch_bridge_descriptors(), getinfo_helper_events(), and networkstatus_check_consensus_signature().

crypto_pk_env_t* get_onion_key

(

void

)

Return the current onion key. Requires that the onion key has been loaded or generated.

References tor_assert.

Referenced by router_rebuild_descriptor().

time_t get_onion_key_set_at

(

void

)

Return the time when the onion key was last set. This is either the time when the process launched, or the time of the most recent key rotation since the process launched.

References onionkey_set_at.

Referenced by run_scheduled_events().

or_options_t* get_options

(

void

)

Return the currently configured options.

References tor_assert.

Referenced by accounting_record_bandwidth_usage(), accounting_set_wakeup_time(), add_networkstatus_to_cache(), add_trusted_dir_server(), add_wildcarded_test_address(), address_is_invalid_destination(), any_bridge_descriptors_known(), authority_certs_fetch_missing(), cell_queue_append_packed_copy(), check_descriptor_ipaddress_changed(), check_whether_dirport_reachable(), check_whether_orport_reachable(), choose_good_entry_server(), choose_good_exit_server(), choose_good_exit_server_general(), choose_good_middle_server(), choose_random_entry(), circuit_all_predicted_ports_handled(), circuit_build_needed_circs(), circuit_build_times_add_time(), circuit_build_times_get_initial_timeout(), circuit_build_times_update_state(), circuit_expire_all_dirty_circs(), circuit_expire_old_circuits_clientside(), circuit_extend(), circuit_free(), circuit_get_open_circ_or_launch(), circuit_is_acceptable(), circuit_note_clock_jumped(), circuit_rep_hist_note_result(), circuit_send_next_onion_skin(), circuit_stream_is_being_handled(), circuit_testing_failed(), command_process_create_cell(), compute_retry_timeout(), configure_nameservers(), conn_close_if_marked(), connection_about_to_close_connection(), connection_ap_can_use_exit(), connection_ap_detach_retriable(), connection_ap_expire_beginning(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_process_socks(), connection_ap_handshake_rewrite_and_attach(), connection_ap_process_end_not_open(), connection_ap_process_natd(), connection_ap_process_transparent(), connection_bucket_init(), connection_bucket_refill(), connection_connect(), connection_create_listener(), connection_dir_client_reached_eof(), connection_dir_request_failed(), connection_edge_process_relay_cell_not_open(), connection_exit_begin_conn(), connection_handle_listener_read(), connection_or_check_valid_tls_handshake(), connection_or_connect(), connection_or_connect_failed(), connection_or_finished_connecting(), connection_or_flush_from_first_active_circuit(), connection_or_init_conn_from_address(), connection_proxy_connect(), connection_read_proxy_handshake(), consider_hibernation(), consider_plaintext_ports(), consider_publishable_server(), consider_recording_trackhost(), control_event_bootstrap_problem(), control_event_guard_deferred(), count_loading_descriptors_progress(), cpuworkers_rotate(), decide_if_publishable_server(), dir_routerdesc_download_failed(), directories_have_accepted_server_descriptor(), directory_get_from_dirserver(), directory_handle_command_get(), directory_handle_command_post(), directory_info_has_arrived(), directory_initiate_command_rend(), directory_send_command(), dirserv_dump_directory_to_string(), dirserv_generate_networkstatus_vote_obj(), dirserv_get_networkstatus_v2_fingerprints(), dirserv_get_status_impl(), dirserv_load_fingerprint_file(), dirserv_orconn_tls_done(), dirserv_pick_cached_dir_obj(), dirserv_router_has_valid_address(), dirserv_set_router_is_running(), dirserv_test_reachability(), dirserv_thinks_router_is_hs_dir(), dirvote_compute_consensuses(), dirvote_get_preferred_voting_intervals(), dns_init(), dns_launch_correctness_checks(), dns_reset(), dns_servers_relaunch_checks(), do_hash_password(), do_hup(), do_list_fingerprint(), do_main_loop(), download_status_reset(), entry_guards_changed(), entry_guards_compute_status(), entry_guards_prepend_from_config(), entry_guards_update_state(), entry_is_live(), escaped_safe_str(), escaped_safe_str_client(), evdns_log_cb(), extrainfo_dump_to_string(), fetch_bridge_descriptors(), generate_runningrouters(), generate_v2_networkstatus_opinion(), geoip_change_dirreq_state(), geoip_dirreq_stats_write(), geoip_entry_stats_write(), geoip_note_client_seen(), geoip_note_ns_response(), geoip_start_dirreq(), get_cookie_file(), get_possible_sybil_list(), getinfo_helper_accounting(), getinfo_helper_events(), getinfo_helper_misc(), global_write_bucket_low(), handle_control_attachstream(), handle_control_authenticate(), handle_control_getconf(), handle_control_protocolinfo(), hibernate_begin(), hibernate_go_dormant(), hibernate_hard_limit_reached(), hibernate_soft_limit_reached(), hid_serv_acting_as_directory(), hid_serv_get_responsible_directories(), init_cookie_authentication(), init_key_from_file(), init_keys(), init_libevent(), init_v3_authority_keys(), ip_address_changed(), is_local_addr(), is_test_address(), launch_resolve(), launch_router_descriptor_downloads(), launch_test_addresses(), learned_bridge_descriptor(), list_server_status_v1(), networkstatus_dump_bridge_status_to_file(), networkstatus_getinfo_by_purpose(), networkstatus_set_current_consensus(), networkstatus_v2_list_clean(), onion_pending_add(), options_act(), options_act_reversible(), options_save_current(), options_trial_assign(), or_state_save(), parse_reachable_addresses(), pick_entry_guards(), purpose_needs_anonymity(), refresh_all_country_info(), rend_client_refetch_v2_renddesc(), rend_consider_descriptor_republication(), rend_consider_services_upload(), rend_service_requires_uptime(), rend_services_introduce(), rep_hist_circbuilding_dormant(), rep_hist_dump_stats(), rep_hist_fill_bandwidth_history(), rep_hist_note_exit_bytes_read(), rep_hist_note_exit_bytes_written(), rep_hist_note_exit_stream_opened(), rep_hist_update_state(), rep_history_clean(), retry_all_listeners(), rotate_onion_key(), router_add_to_routerlist(), router_choose_random_node(), router_digest_is_trusted_dir_type(), router_dirport_found_reachable(), router_dump_router_to_string(), router_get_by_nickname(), router_get_my_extrainfo(), router_get_my_routerinfo(), router_new_address_suggestion(), router_orport_found_reachable(), router_parse_directory(), router_parse_runningrouters(), router_perform_bandwidth_test(), router_pick_directory_server(), router_pick_trusteddirserver(), router_rebuild_descriptor(), router_reload_consensus_networkstatus(), router_reload_v2_networkstatus(), router_set_networkstatus_v2(), router_upload_dir_desc_to_dirservers(), routerlist_add_family(), routerlist_remove_old_cached_routers_with_id(), routerlist_remove_old_routers(), routers_in_same_family(), routers_update_all_from_networkstatus(), routers_update_status_from_consensus_networkstatus(), run_connection_housekeeping(), run_scheduled_events(), safe_str(), safe_str_client(), second_elapsed_callback(), should_generate_v2_networkstatus(), should_use_create_fast_for_circuit(), signal_callback(), signed_desc_digest_is_recognized(), spawn_enough_cpuworkers(), tor_cleanup(), tor_init(), tor_main(), trusted_dirs_load_certs_from_string(), update_consensus_networkstatus_downloads(), update_consensus_networkstatus_fetch_time(), update_consensus_router_descriptor_downloads(), update_expected_bandwidth(), update_extrainfo_downloads(), update_networkstatus_downloads(), update_router_descriptor_cache_downloads_v2(), update_router_descriptor_downloads(), update_router_have_minimum_dir_info(), update_v2_networkstatus_cache_downloads(), upload_service_descriptor(), v3_authority_check_key_expiry(), and warn_if_last_router_excluded().

or_state_t* get_or_state

(

void

)

Return the persistent state struct for this Tor.

References tor_assert.

Referenced by accounting_run_housekeeping(), circuit_build_times_add_time(), circuit_build_times_update_state(), do_hup(), entry_guards_changed(), entry_guards_update_state(), hibernate_begin(), hibernate_go_dormant(), init_keys(), read_bandwidth_usage(), rep_hist_update_state(), rotate_onion_key(), and tor_cleanup().

const char* get_torrc_fname

(

void

)

Return the location for our configuration file.

References get_default_conf_file().

Referenced by getinfo_helper_misc(), options_save_current(), and parse_dir_server_line().

const char* get_version

(

void

)

Return the current Tor version.

References tor_snprintf().

Referenced by get_platform_str(), getinfo_helper_misc(), options_init_from_torrc(), or_state_save(), and tor_init().

int getinfo_helper_accounting	(	control_connection_t *	conn,
		const char *	question,
		char **	answer
	)

Helper function: called when we get a GETINFO request for an accounting-related key on the control connection conn. If we can answer the request for question, then set *answer to a newly allocated string holding the result. Otherwise, set *answer to NULL.

References accounting_is_enabled(), or_options_t::AccountingMax, format_iso_time(), get_options(), hibernate_state, HIBERNATE_STATE_DORMANT, HIBERNATE_STATE_LOWBANDWIDTH, interval_end_time, interval_start_time, interval_wakeup_time, n_bytes_read_in_interval, n_bytes_written_in_interval, and tor_snprintf().

int getinfo_helper_config	(	control_connection_t *	conn,
		const char *	question,
		char **	answer
	)

Helper to implement GETINFO functions about configuration variables (not their values). Given a "config/names" question, set *answer to a new string describing the supported configuration variables and their types.

References CONFIG_TYPE_BOOL, CONFIG_TYPE_CSV, CONFIG_TYPE_DOUBLE, CONFIG_TYPE_FILENAME, CONFIG_TYPE_INTERVAL, CONFIG_TYPE_ISOTIME, CONFIG_TYPE_LINELIST, CONFIG_TYPE_LINELIST_S, CONFIG_TYPE_LINELIST_V, CONFIG_TYPE_MEMUNIT, CONFIG_TYPE_OBSOLETE, CONFIG_TYPE_ROUTERSET, CONFIG_TYPE_STRING, CONFIG_TYPE_UINT, config_var_t::name, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_asprintf(), tor_free, and config_var_t::type.

int getinfo_helper_entry_guards	(	control_connection_t *	conn,
		const char *	question,
		char **	answer
	)

If question is the string "entry-guards", then dump to *answer a newly allocated string describing all of the nodes in the global entry_guards list. See control-spec.txt for details. For backward compatibility, we also handle the string "helper-nodes".

References base16_encode(), DIGEST_LEN, format_iso_time(), MAX_VERBOSE_NICKNAME_LEN, router_get_by_digest(), router_get_verbose_nickname(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_free, and tor_snprintf().

int getinfo_helper_geoip	(	control_connection_t *	control_conn,
		const char *	question,
		char **	answer
	)

Helper used to implement GETINFO ip-to-country/... controller command.

References geoip_get_country_by_ip(), geoip_get_country_name(), geoip_is_loaded(), strcmpstart(), and tor_inet_aton().

int getinfo_helper_networkstatus	(	control_connection_t *	conn,
		const char *	question,
		char **	answer
	)

If question is a string beginning with "ns/" in a format the control interface expects for a GETINFO question, set *answer to a newly-allocated string containing networkstatus lines for the appropriate ORs. Return 0 on success, -1 on unrecognized question format.

References networkstatus_getinfo_helper_single(), networkstatus_t::routerstatus_list, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), and tor_free.

int getinfo_helper_policies	(	control_connection_t *	conn,
		const char *	question,
		char **	answer
	)

Implementation for GETINFO control command: knows the answer for questions about "exit-policy/..."

int global_write_bucket_low	(	connection_t *	conn,
		size_t	attempt,
		int	priority
	)

Return 1 if the global write buckets are low enough that we shouldn't send attempt bytes of low-priority directory stuff out to conn. Else return 0.

Priority is 1 for v1 requests (directories and running-routers), and 2 for v2 requests (statuses and descriptors). But see FFFF in directory_handle_command_get() for why we don't use priority 2 yet.

There are a lot of parameters we could use here:

• global_relayed_write_bucket. Low is bad.
• global_write_bucket. Low is bad.
• bandwidthrate. Low is bad.
• bandwidthburst. Not a big factor?
• attempt. High is bad.
• total bytes queued on outbufs. High is bad. But I'm wary of using this, since a few slow-flushing queues will pump up the number without meaning what we meant to mean. What we really mean is "total directory bytes added to outbufs recently", but that's harder to quantify and harder to keep track of.

References authdir_mode(), or_options_t::BandwidthRate, connection_is_rate_limited(), get_options(), and or_options_t::RelayBandwidthRate.

Referenced by directory_handle_command_get().

void handle_signals

(

int

is_parent

)

Set up the signal handlers for either parent or child.

References LD_BUG, signal_callback(), tor_evsignal_new(), and tor_libevent_get_base().

Referenced by cpuworker_main(), and do_main_loop().

int has_dns_init_failed

(

void

)

Return true iff the most recent attempt to initialize the DNS subsystem failed.

References nameserver_config_failed.

Referenced by router_dump_router_to_string(), and run_scheduled_events().

int have_lockfile

(

void

)

Return true iff we've successfully acquired the lock file.

Referenced by init_key_from_file(), and options_act().

int hexdigest_to_digest	(	const char *	hexdigest,
		char *	digest
	)

If hexdigest is correctly formed, base16_decode it into digest, which must have DIGEST_LEN space in it. Return 0 on success, -1 on failure.

References base16_decode(), DIGEST_LEN, and HEX_DIGEST_LEN.

Referenced by circuit_is_acceptable(), connection_ap_fail_onehop(), and router_get_by_hexdigest().

void hibernate_begin_shutdown

(

void

)

A wrapper around hibernate_begin, for when we get SIGINT.

References hibernate_begin(), and HIBERNATE_STATE_EXITING.

Referenced by signal_callback().

int hid_serv_acting_as_directory

(

void

)

Return true if this node is currently acting as hidden service directory, false otherwise.

References routerinfo_t::cache_info, get_options(), signed_descriptor_t::identity_digest, routerstatus_t::is_hs_dir, LD_REND, networkstatus_get_latest_consensus(), networkstatus_vote_find_entry(), and router_get_my_routerinfo().

Referenced by hid_serv_responsible_for_desc_id(), and rend_cache_store_v2_desc_as_dir().

int hid_serv_get_responsible_directories	(	smartlist_t *	responsible_dirs,
		const char *	id
	)

Determine the routers that are responsible for id (binary) and add pointers to those routers' routerstatus_t to responsible_dirs. Return -1 if we're returning an empty smartlist, else return 0.

References routerstatus_t::dir_port, get_options(), routerstatus_t::is_hs_dir, LD_REND, networkstatus_get_latest_consensus(), networkstatus_vote_find_entry_idx(), routerstatus_t::nickname, REND_NUMBER_OF_CONSECUTIVE_REPLICAS, networkstatus_t::routerstatus_list, smartlist_add(), tor_assert, and or_options_t::TunnelDirConns.

Referenced by directory_get_from_hs_dir(), directory_post_to_hs_dir(), and hid_serv_responsible_for_desc_id().

int hid_serv_responsible_for_desc_id

(

const char *

query

)

Return true if this node is responsible for storing the descriptor ID in query and false otherwise.

References routerinfo_t::cache_info, hid_serv_acting_as_directory(), hid_serv_get_responsible_directories(), routerstatus_t::identity_digest, signed_descriptor_t::identity_digest, rend_id_is_in_interval(), router_get_my_routerinfo(), smartlist_create(), and smartlist_free().

Referenced by rend_cache_clean_v2_descs_as_dir(), rend_cache_lookup_v2_desc_as_dir(), and rend_cache_store_v2_desc_as_dir().

int identity_key_is_set

(

void

)

Return true iff the identity key has been set.

Referenced by accounting_set_wakeup_time(), and do_main_loop().

int inform_testing_reachability

(

void

)

We've decided to start our reachability testing. If all is set, log this to the user. Return 1 if we did, or 0 if we chose not to log anything.

References routerinfo_t::address, control_event_server_status(), routerinfo_t::dir_port, LD_OR, routerinfo_t::or_port, router_get_my_routerinfo(), TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT, and tor_snprintf().

Referenced by circuit_send_next_onion_skin(), and options_act().

void init_cell_pool

(

void

)

Allocate structures to hold cells.

References tor_assert.

Referenced by do_main_loop().

int init_cookie_authentication

(

int

enabled

)

Choose a random authentication cookie and write it to disk. Anybody who can read the cookie from disk will be considered authorized to use the control connection. Return -1 if we can't write the file, or 0 on success.

References authentication_cookie, authentication_cookie_is_set, AUTHENTICATION_COOKIE_LEN, crypto_rand(), escaped(), get_cookie_file(), get_options(), LD_FS, tor_free, and write_bytes_to_file().

Referenced by options_act().

crypto_pk_env_t* init_key_from_file	(	const char *	fname,
		int	generate,
		int	severity
	)

Try to read an RSA key from fname. If fname doesn't exist and generate is true, create a new RSA key and save it in fname. Return the read/created key, or NULL on error. Log all errors at level severity.

References crypto_free_pk_env(), crypto_new_pk_env(), crypto_pk_check_key(), crypto_pk_read_private_key_from_filename(), crypto_pk_write_private_key_to_filename(), file_status(), get_options(), have_lockfile(), LD_FS, LD_GENERAL, tor_assert, and try_locking().

Referenced by init_keys(), load_authority_keyset(), and rend_service_load_keys().

int init_keys

(

void

)

Initialize all OR private keys, and the TLS context, as necessary. On OPs, this only initializes the tls context. Return 0 on success, or -1 if Tor should die.

References add_trusted_dir_server(), authdir_mode(), authdir_mode_v3(), or_options_t::AvoidDiskWrites, BRIDGE_AUTHORITY, or_options_t::BridgeAuthoritativeDir, authority_cert_t::cache_info, check_private_dir(), or_options_t::command, crypto_free_pk_env(), crypto_global_init(), crypto_new_pk_env(), crypto_pk_get_digest(), crypto_pk_get_fingerprint(), or_options_t::DataDirectory, DIGEST_LEN, or_options_t::DirPort, dirserv_add_descriptor(), dirserv_add_own_fingerprint(), dirserv_load_fingerprint_file(), file_status(), FINGERPRINT_LEN, get_datadir_fname, get_datadir_fname2, get_identity_key(), get_my_v3_authority_cert(), get_options(), get_or_state(), HIDSERV_AUTHORITY, or_options_t::HSAuthoritativeDir, init_key_from_file(), init_v3_authority_keys(), or_state_t::LastRotatedOnionKey, LD_BUG, LD_DIR, LD_FS, LD_GENERAL, MAX_NICKNAME_LEN, MAX_SSL_KEY_LIFETIME, or_options_t::Nickname, onionkey_set_at, or_state_mark_dirty(), or_options_t::ORPort, read_file_to_str(), router_get_my_descriptor(), router_get_trusteddirserver_by_digest(), router_parse_entry_from_string(), server_mode(), set_identity_key(), set_onion_key(), signed_descriptor_t::signed_descriptor_body, tor_assert, tor_free, tor_mutex_new(), tor_snprintf(), tor_tls_context_new(), trusted_dirs_load_certs_from_string(), trusted_dir_server_t::type, V1_AUTHORITY, or_options_t::V1AuthoritativeDir, V2_AUTHORITY, or_options_t::V2AuthoritativeDir, V3_AUTHORITY, trusted_dir_server_t::v3_identity_digest, or_options_t::V3AuthoritativeDir, WRA_WAS_ADDED(), and write_str_to_file().

Referenced by accounting_set_wakeup_time(), do_list_fingerprint(), do_main_loop(), ip_address_changed(), and options_act().

void ip_address_changed

(

int

at_interface

)

Called when our IP address seems to have changed. at_interface should be true if we detected a change in our interface, and false if we detected a change in our published address.

References dns_servers_relaunch_checks(), get_options(), init_keys(), mark_my_descriptor_dirty(), reset_bandwidth_test(), router_reset_reachability(), server_mode(), and stats_n_seconds_working.

Referenced by check_descriptor_ipaddress_changed(), client_check_address_changed(), options_act(), resolve_my_address(), and router_new_address_suggestion().

int is_legal_hexdigest

(

const char *

s

)

Return true iff s is a legally valid hex-encoded identity-key digest.

References HEX_CHARACTERS, HEX_DIGEST_LEN, is_legal_nickname(), and tor_assert.

Referenced by is_legal_nickname_or_hexdigest(), router_rebuild_descriptor(), and routerset_parse().

int is_legal_nickname

(

const char *

s

)

Return true iff s is a legally valid server nickname.

References LEGAL_NICKNAME_CHARACTERS, MAX_NICKNAME_LEN, and tor_assert.

Referenced by circuit_list_path_impl(), dirserv_load_fingerprint_file(), entry_guards_parse_state(), extrainfo_parse_entry_from_string(), is_legal_hexdigest(), is_legal_nickname_or_hexdigest(), options_validate(), parse_dir_server_line(), rend_service_introduce(), router_parse_entry_from_string(), routerset_parse(), and routerstatus_parse_entry_from_string().

int is_legal_nickname_or_hexdigest

(

const char *

s

)

Return true iff s is a legally valid server nickname or hex-encoded identity-key digest.

References is_legal_hexdigest(), and is_legal_nickname().

Referenced by add_nickname_list_to_smartlist(), check_nickname_list(), microdescs_parse_from_string(), rend_service_introduce(), router_parse_entry_from_string(), and router_rebuild_descriptor().

int is_local_addr

(

const tor_addr_t *

addr

)

Return true iff addr is judged to be on the same network as us, or on a private network.

References get_options(), tor_addr_family(), tor_addr_is_internal(), and tor_addr_to_ipv4h().

Referenced by onionskin_answer(), and write_http_response_header_impl().

int is_or_protocol_version_known

(

uint16_t

v

)

Return true iff v is a link protocol version that this Tor implementation believes it can support.

References n_or_protocol_versions, and or_protocol_versions.

Referenced by command_process_versions_cell().

void learned_bridge_descriptor	(	routerinfo_t *	ri,
		int	from_cache
	)

We just learned a descriptor for a bridge. See if that digest is in our entry guard list, and add it if not.

References add_an_entry_guard(), any_bridge_descriptors_known(), download_status_reset(), bridge_info_t::fetch_status, get_options(), routerinfo_t::is_running, LD_DIR, routerinfo_t::nickname, routerinfo_t::purpose, ROUTER_PURPOSE_BRIDGE, routerinfo_get_configured_bridge(), routerlist_retry_directory_downloads(), and tor_assert.

Referenced by routerlist_descriptors_added().

int list_server_status_v1	(	smartlist_t *	routers,
		char **	router_status_out,
		int	for_controller
	)

Based on the routerinfo_ts in routers, allocate the contents of a v1-style router-status line, and store it in *router_status_out. Return 0 on success, -1 on failure.

If for_controller is true, include the routers with very old descriptors.

References authdir_mode_publishes_statuses(), dirserv_set_router_is_running(), get_options(), list_single_server_status(), MAX_VERBOSE_NICKNAME_LEN, router_get_verbose_nickname(), ROUTER_MAX_AGE_TO_PUBLISH, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_assert, and tor_free.

void make_circuit_active_on_conn	(	circuit_t *	circ,
		or_connection_t *	conn
	)

Add circ to the list of circuits with pending cells on conn. No effect if circ is already linked.

References or_connection_t::active_circuits, add_cell_ewma_to_conn(), circuit_t::n_cell_ewma, circuit_t::n_conn, next_circ_on_conn_p(), or_circuit_t::p_cell_ewma, or_circuit_t::p_conn, prev_circ_on_conn_p(), TO_OR_CIRCUIT(), and tor_assert.

Referenced by append_cell_to_circuit_queue(), and HT_HEAD().

void make_circuit_inactive_on_conn	(	circuit_t *	circ,
		or_connection_t *	conn
	)

Remove circ from the list of circuits with pending cells on conn. No effect if circ is already unlinked.

References or_connection_t::active_circuits, circuit_t::n_cell_ewma, circuit_t::n_conn, next_circ_on_conn_p(), or_circuit_t::p_cell_ewma, or_circuit_t::p_conn, prev_circ_on_conn_p(), remove_cell_ewma_from_conn(), TO_OR_CIRCUIT(), and tor_assert.

Referenced by connection_or_flush_from_first_active_circuit(), and HT_HEAD().

void mark_my_descriptor_dirty

(

void

)

Call when the current descriptor is out of date.

References desc_clean_since.

Referenced by add_wildcarded_test_address(), check_descriptor_bandwidth_changed(), configure_nameservers(), ip_address_changed(), mark_my_descriptor_dirty_if_older_than(), options_act(), rotate_onion_key(), router_dirport_found_reachable(), router_orport_found_reachable(), and set_onion_key().

void mark_my_descriptor_dirty_if_older_than

(

time_t

when

)

Mark descriptor out of date if it's older than when

References desc_clean_since, and mark_my_descriptor_dirty().

Referenced by run_scheduled_events().

size_t microdesc_average_size

(

microdesc_cache_t *

cache

)

Return the mean size of decriptors added to cache since it was last cleared. Used to estimate the size of large downloads.

void microdesc_cache_clear

(

microdesc_cache_t *

cache

)

Remove every microdescriptor in cache.

References tor_munmap_file().

microdesc_t* microdesc_cache_lookup_by_digest256	(	microdesc_cache_t *	cache,
		const char *	d
	)

If there is a microdescriptor in cache whose sha256 digest is d, return it. Otherwise return NULL.

References microdesc_t::digest, and DIGEST256_LEN.

int microdesc_cache_rebuild

(

microdesc_cache_t *

cache

)

Regenerate the main cache file for cache, clear the journal file, and update every microdesc_t in the cache with pointers to its new location.

References microdesc_t::body, finish_writing_to_file(), LD_DIR, microdesc_t::no_save, microdesc_t::off, SAVED_IN_CACHE, microdesc_t::saved_location, smartlist_add(), smartlist_create(), smartlist_free(), start_writing_to_stdio_file(), tor_assert, tor_free, tor_mmap_file(), tor_munmap_file(), and write_str_to_file().

int microdesc_cache_reload

(

microdesc_cache_t *

cache

)

Reload the contents of cache from disk. If it is empty, load it for the first time. Return 0 on success, -1 on failure.

References tor_mmap_t::data, LD_DIR, read_file_to_str(), RFTS_IGNORE_MISSING, SAVED_IN_CACHE, SAVED_IN_JOURNAL, tor_mmap_t::size, smartlist_free(), tor_free, and tor_mmap_file().

void microdesc_free

(

microdesc_t *

md

)

Deallocate a single microdescriptor. Note: the microdescriptor MUST have previously been removed from the cache if it had ever been inserted.

References microdesc_t::body, crypto_free_pk_env(), microdesc_t::exitsummary, microdesc_t::family, microdesc_t::onion_pkey, SAVED_IN_CACHE, microdesc_t::saved_location, smartlist_free(), and tor_free.

void microdesc_free_all

(

void

)

Free all storage held in the microdesc.c module.

References tor_free.

smartlist_t* microdescs_add_to_cache	(	microdesc_cache_t *	cache,
		const char *	s,
		const char *	eos,
		saved_location_t	where,
		int	no_save
	)

Decode the microdescriptors from the string starting at s and ending at eos, and store them in cache. If no-save, mark them as non-writable to disk. If where is SAVED_IN_CACHE, leave their bodies as pointers to the mmap'd cache. If where is SAVED_NOWHERE, do not allow annotations. Return a list of the added microdescriptors.

References microdescs_parse_from_string(), SAVED_IN_CACHE, SAVED_NOWHERE, and smartlist_free().

smartlist_t* microdescs_parse_from_string	(	const char *	s,
		const char *	eos,
		int	allow_annotations,
		int	copy_body
	)

Parse as many microdescriptors as are found from the string starting at s and ending at eos. If allow_annotations is set, read any annotations we recognize and ignore ones we don't. If copy_body is true, then strdup the bodies of the microdescriptors. Return all newly parsed microdescriptors in a newly allocated smartlist_t.

References directory_token_t::args, microdesc_t::body, microdesc_t::bodylen, microdesc_t::digest, eat_whitespace_eos(), escaped(), microdesc_t::exitsummary, microdesc_t::family, find_opt_by_keyword(), find_start_of_next_microdesc(), is_legal_nickname_or_hexdigest(), directory_token_t::key, microdesc_t::last_listed, LD_DIR, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, microdesc_t::off, microdesc_t::onion_pkey, parse_iso_time(), smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), tokenize_string(), and tor_assert.

Referenced by dirvote_create_microdescriptor(), and microdescs_add_to_cache().

int move_buf_to_buf	(	buf_t *	buf_out,
		buf_t *	buf_in,
		size_t *	buf_flushlen
	)

Move up to *buf_flushlen bytes from buf_in to buf_out, and modify *buf_flushlen appropriately. Return the number of bytes actually copied.

References buf_t::datalen, fetch_from_buf(), tor_assert, and write_to_buf().

Referenced by conn_close_if_marked(), and connection_read_to_buf().

int networkstatus_add_detached_signatures	(	networkstatus_t *	target,
		ns_detached_signatures_t *	sigs,
		const char **	msg_out
	)

Given a consensus vote target and a set of detached signatures in sigs that correspond to the same consensus, check whether there are any new signatures in src_voter_list that should be added to target. (A signature should be added if we have no signature for that voter in target yet, or if we have no verifiable signature and the new signature is verifiable.) Return the number of signatures added or changed, or -1 if the document signed by sigs isn't the same document as target.

Make sure all the digests we know match, and at least one matches.

References authority_cert_get_by_digests(), document_signature_t::bad_signature, base16_encode(), crypto_digest_algorithm_get_name(), digests_t::d, DIGEST256_LEN, DIGEST_LEN, networkstatus_t::digests, ns_detached_signatures_t::digests, document_signature_dup(), document_signature_free(), networkstatus_t::flavor, ns_detached_signatures_t::fresh_until, networkstatus_t::fresh_until, document_signature_t::good_signature, HEX_DIGEST_LEN, LD_DIR, networkstatus_check_document_signature(), networkstatus_get_flavor_name(), networkstatus_get_voter_by_id(), ns_detached_signatures_t::signatures, networkstatus_voter_info_t::sigs, smartlist_add(), smartlist_remove(), strmap_get(), tor_assert, tor_mem_is_zero(), networkstatus_t::type, ns_detached_signatures_t::valid_after, networkstatus_t::valid_after, ns_detached_signatures_t::valid_until, networkstatus_t::valid_until, and voter_get_sig_by_algorithm().

Referenced by dirvote_add_signatures_to_pending_consensus().

int networkstatus_check_consensus_signature	(	networkstatus_t *	consensus,
		int	warn
	)

Given a v3 networkstatus consensus in consensus, check every as-yet-unchecked signature on consensus. Return 1 if there is a signature from every recognized authority on it, 0 if there are enough good signatures from recognized authorities on it, -1 if we might get enough good signatures by fetching missing certificates, and -2 otherwise. Log messages at INFO or WARN: if warn is over 1, warn about every problem; if warn is at least 1, warn only if we can't get enough signatures; if warn is negative, log nothing at all.

References authority_cert_get_by_digests(), DIGEST_LEN, authority_cert_t::expires, get_n_authorities(), hex_str(), LD_DIR, networkstatus_check_document_signature(), networkstatus_get_voter_by_id(), router_get_trusted_dir_servers(), smartlist_add(), smartlist_create(), smartlist_free(), tor_assert, trusteddirserver_get_by_v3_auth_digest(), networkstatus_t::type, V3_AUTHORITY, and networkstatus_t::voters.

Referenced by dirvote_compute_consensuses(), dirvote_fetch_missing_signatures(), dirvote_publish_consensus(), networkstatus_note_certs_arrived(), and networkstatus_set_current_consensus().

int networkstatus_check_document_signature	(	const networkstatus_t *	consensus,
		document_signature_t *	sig,
		const authority_cert_t *	cert
	)

Check whether the signature sig is correctly signed with the signing key in cert. Return -1 if cert doesn't match the signing key; otherwise set the good_signature or bad_signature flag on voter, and return 0.

References document_signature_t::alg, document_signature_t::bad_signature, authority_cert_t::cache_info, crypto_pk_get_digest(), crypto_pk_keysize(), crypto_pk_public_checksig(), digests_t::d, DIGEST256_LEN, DIGEST_LEN, networkstatus_t::digests, document_signature_t::good_signature, signed_descriptor_t::identity_digest, document_signature_t::identity_digest, LD_DIR, document_signature_t::signature, document_signature_t::signature_len, authority_cert_t::signing_key, document_signature_t::signing_key_digest, and tor_free.

Referenced by networkstatus_add_detached_signatures(), and networkstatus_check_consensus_signature().

char* networkstatus_compute_consensus	(	smartlist_t *	votes,
		int	total_authorities,
		crypto_pk_env_t *	identity_key,
		crypto_pk_env_t *	signing_key,
		const char *	legacy_id_key_digest,
		crypto_pk_env_t *	legacy_signing_key,
		consensus_flavor_t	flavor
	)

Given a list of vote networkstatus_t in votes, our public authority identity_key, our private authority signing_key, and the number of total_authorities that we believe exist in our voting quorum, generate the text of a new v3 consensus vote, and return the value in a newly allocated string.

Note: this function DOES NOT check whether the votes are from recognized authorities. (dirvote_add_vote does that.)

References _compare_dir_src_ents_by_authority_id(), _compare_votes_by_authority_id(), networkstatus_voter_info_t::addr, networkstatus_voter_info_t::address, base16_encode(), compute_consensus_method(), compute_consensus_versions_list(), consensus_method_is_supported(), networkstatus_voter_info_t::contact, dir_src_ent_t::digest, DIGEST_LEN, networkstatus_voter_info_t::dir_port, dirvote_compute_params(), format_iso_time(), get_voter(), HEX_DIGEST_LEN, networkstatus_voter_info_t::identity_digest, INET_NTOA_BUF_LEN, dir_src_ent_t::is_legacy, LD_DIR, networkstatus_voter_info_t::legacy_id_digest, MIN_DIST_SECONDS, MIN_METHOD_FOR_PARAMS, MIN_VOTE_INTERVAL, MIN_VOTE_SECONDS, networkstatus_get_flavor_name(), networkstatus_voter_info_t::nickname, networkstatus_voter_info_t::or_port, smartlist_add(), smartlist_add_all(), smartlist_create(), smartlist_free(), smartlist_join_strings(), smartlist_sort(), smartlist_sort_strings(), smartlist_split_string(), smartlist_string_pos(), smartlist_uniq_strings(), sort_version_list(), strmap_get_lc(), strmap_set_lc(), tor_asprintf(), tor_assert, tor_digest_is_zero(), tor_free, tor_inet_ntoa(), dir_src_ent_t::v, and networkstatus_voter_info_t::vote_digest.

Referenced by dirvote_compute_consensuses().

void networkstatus_consensus_download_failed

(

int

status_code

)

Called when an attempt to download a consensus fails: note that the failure occurred, and possibly retry.

References download_status_failed, and update_consensus_networkstatus_downloads().

Referenced by connection_dir_client_reached_eof(), and connection_dir_request_failed().

void networkstatus_dump_bridge_status_to_file

(

time_t

now

)

Write out router status entries for all our bridge descriptors.

References or_options_t::DataDirectory, get_options(), networkstatus_getinfo_by_purpose(), tor_free, tor_snprintf(), and write_str_to_file().

Referenced by run_scheduled_events().

void networkstatus_free_all

(

void

)

Free all storage held locally in this module.

References _tor_free(), consensus_waiting_for_certs_t::body, consensus_waiting_for_certs_t::consensus, digestmap_free(), named_server_map, networkstatus_v2_free(), networkstatus_vote_free(), smartlist_free(), strmap_free(), tor_free, unnamed_server_map, and v2_download_status_map.

Referenced by tor_free_all().

int32_t networkstatus_get_bw_weight	(	networkstatus_t *	ns,
		const char *	weight_name,
		int32_t	default_val
	)

Return the value of a integer bw weight parameter from the networkstatus ns whose name is weight_name. If ns is NULL, try loading the latest consensus ourselves. Return default_val if no latest consensus, or if it has no parameter called param_name.

References networkstatus_get_latest_consensus(), and networkstatus_t::weight_params.

Referenced by networkstatus_verify_bw_weights(), and smartlist_choose_by_bandwidth_weights().

char* networkstatus_get_cache_filename

(

const char *

identity_digest

)

Helper: return a newly allocated string containing the name of the filename where we plan to cache the network status with the given identity digest.

References base16_encode(), DIGEST_LEN, get_datadir_fname2, and HEX_DIGEST_LEN.

Referenced by add_networkstatus_to_cache(), dirserv_clear_old_networkstatuses(), networkstatus_v2_list_clean(), and router_set_networkstatus_v2().

char* networkstatus_get_detached_signatures

(

smartlist_t *

consensuses

)

Return a newly allocated string holding the detached-signatures document corresponding to the signatures on consensuses, which must contain exactly one FLAV_NS consensus, and no more than one consensus for each other flavor.

References base16_encode(), crypto_digest_algorithm_get_name(), digests_t::d, DIGEST256_LEN, DIGEST_LEN, networkstatus_t::digests, format_iso_time(), networkstatus_t::fresh_until, HEX_DIGEST256_LEN, HEX_DIGEST_LEN, LD_BUG, LD_DIR, networkstatus_format_signatures(), networkstatus_get_flavor_name(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_assert, tor_free, tor_mem_is_zero(), tor_snprintf(), networkstatus_t::valid_after, and networkstatus_t::valid_until.

Referenced by get_detached_signatures_from_pending_consensuses().

const char* networkstatus_get_flavor_name

(

consensus_flavor_t

flav

)

Return the name of the consensus flavor flav as used to identify the flavor in directory documents.

References tor_fragile_assert.

Referenced by dirvote_add_signatures_to_pending_consensus(), dirvote_compute_consensuses(), dirvote_publish_consensus(), networkstatus_add_detached_signatures(), networkstatus_compute_consensus(), networkstatus_format_signatures(), networkstatus_get_detached_signatures(), networkstatus_note_certs_arrived(), networkstatus_set_current_consensus(), and router_reload_consensus_networkstatus().

networkstatus_t* networkstatus_get_latest_consensus

(

void

)

Return the most recent consensus that we have downloaded, or NULL if we don't have one.

Referenced by directory_get_from_dirserver(), directory_handle_command_get(), getinfo_helper_events(), hid_serv_acting_as_directory(), hid_serv_get_responsible_directories(), networkstatus_get_bw_weight(), networkstatus_get_param(), options_act(), router_add_to_routerlist(), router_pick_directory_server_impl(), routerlist_remove_old_routers(), run_scheduled_events(), signed_desc_digest_is_recognized(), update_router_have_minimum_dir_info(), and upload_service_descriptor().

networkstatus_t* networkstatus_get_live_consensus

(

time_t

now

)

Return the most recent consensus that we have downloaded, or NULL if it is no longer live.

References networkstatus_t::valid_after.

Referenced by dirvote_recalculate_timing(), routers_update_all_from_networkstatus(), update_consensus_networkstatus_downloads(), and update_consensus_networkstatus_fetch_time().

int32_t networkstatus_get_param	(	networkstatus_t *	ns,
		const char *	param_name,
		int32_t	default_val
	)

Return the value of a integer parameter from the networkstatus ns whose name is param_name. If ns is NULL, try loading the latest consensus ourselves. Return default_val if no latest consensus, or if it has no parameter called param_name.

References networkstatus_t::net_params, and networkstatus_get_latest_consensus().

Referenced by cell_ewma_set_scale_factor(), circuit_build_times_new_consensus_params(), circuit_initial_package_window(), connection_or_init_conn_from_address(), networkstatus_verify_bw_weights(), and smartlist_choose_by_bandwidth_weights().

networkstatus_t* networkstatus_get_reasonably_live_consensus

(

time_t

now

)

As networkstatus_get_live_consensus(), but is way more tolerant of expired consensuses.

References networkstatus_t::valid_after.

Referenced by count_loading_descriptors_progress(), update_router_descriptor_downloads(), and update_router_have_minimum_dir_info().

const char* networkstatus_get_router_digest_by_nickname

(

const char *

nickname

)

Return the identity digest that's mapped to officially by nickname.

References named_server_map, and strmap_get_lc().

Referenced by router_get_by_nickname().

const smartlist_t* networkstatus_get_v2_list

(

void

)

Return a list of the v2 networkstatus documents.

References smartlist_create().

Referenced by networkstatus_reset_download_failures(), router_add_to_routerlist(), routerlist_remove_old_routers(), signed_desc_digest_is_recognized(), and update_router_descriptor_cache_downloads_v2().

networkstatus_voter_info_t* networkstatus_get_voter_by_id	(	networkstatus_t *	vote,
		const char *	identity
	)

Return the voter info from vote for the voter whose identity digest is identity, or NULL if no such voter is associated with vote.

References DIGEST_LEN, and networkstatus_t::voters.

Referenced by networkstatus_add_detached_signatures(), networkstatus_check_consensus_signature(), and networkstatus_parse_vote_from_string().

char* networkstatus_getinfo_by_purpose	(	const char *	purpose_string,
		time_t	now
	)

Alloc and return a string describing routerstatuses for the most recent info of each router we know about that is of purpose purpose_string. Return NULL if unrecognized purpose.

Right now this function is oriented toward listing bridges (you shouldn't use this for general-purpose routers, since those should be listed from the consensus, not from the routers list).

References authdir_mode_bridge(), dirserv_set_router_is_running(), get_options(), LD_DIR, networkstatus_getinfo_helper_single(), router_get_routerlist(), ROUTER_MAX_AGE_TO_PUBLISH, ROUTER_PURPOSE_BRIDGE, router_purpose_from_string(), ROUTER_PURPOSE_UNKNOWN, routerlist_t::routers, set_routerstatus_from_routerinfo(), smartlist_add(), and smartlist_create().

Referenced by directory_handle_command_get(), and networkstatus_dump_bridge_status_to_file().

char* networkstatus_getinfo_helper_single

(

routerstatus_t *

rs

)

Generate networkstatus lines for a single routerstatus_t object, and return the result in a newly allocated string. Used only by controller interface (for now.)

References routerstatus_format_entry(), and RS_ENTRY_LEN.

Referenced by control_event_networkstatus_changed_helper(), getinfo_helper_networkstatus(), and networkstatus_getinfo_by_purpose().

int networkstatus_nickname_is_unnamed

(

const char *

nickname

)

Return true iff nickname is disallowed from being the nickname of any server.

References strmap_get_lc(), and unnamed_server_map.

Referenced by router_get_by_nickname().

void networkstatus_note_certs_arrived

(

void

)

Called when we have gotten more certificates: see whether we can now verify a pending consensus.

References consensus_waiting_for_certs_t::body, consensus_waiting_for_certs_t::consensus, networkstatus_check_consensus_signature(), networkstatus_get_flavor_name(), networkstatus_set_current_consensus(), and tor_free.

Referenced by trusted_dirs_load_certs_from_string().

ns_detached_signatures_t* networkstatus_parse_detached_signatures	(	const char *	s,
		const char *	eos
	)

Parse a detached v3 networkstatus signature document between s and eos and return the result. Return -1 on failure.

References directory_token_t::args, base16_decode(), crypto_digest_algorithm_parse_name(), digests_t::d, detached_get_digests(), detached_get_signatures(), DIGEST256_LEN, DIGEST_LEN, ns_detached_signatures_t::digests, escaped(), ns_detached_signatures_t::fresh_until, HEX_DIGEST256_LEN, HEX_DIGEST_LEN, LD_DIR, memarea_new(), directory_token_t::n_args, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), ns_detached_signatures_t::signatures, smartlist_add(), smartlist_create(), tokenize_string(), tor_assert, tor_free, tor_mem_is_zero(), directory_token_t::tp, ns_detached_signatures_t::valid_after, and ns_detached_signatures_t::valid_until.

int networkstatus_parse_flavor_name

(

const char *

flavname

)

Return the consensus_flavor_t value for the flavor called flavname, or -1 if the flavor is not recognized.

Referenced by networkstatus_parse_vote_from_string(), and networkstatus_set_current_consensus().

networkstatus_t* networkstatus_parse_vote_from_string	(	const char *	s,
		const char **	eos_out,
		networkstatus_type_t	ns_type
	)

Parse a v3 networkstatus vote, opinion, or consensus (depending on ns_type), from s, and return the result. Return NULL on failure.

References networkstatus_voter_info_t::addr, networkstatus_voter_info_t::address, document_signature_t::alg, directory_token_t::args, authority_cert_parse_from_string(), base16_decode(), authority_cert_t::cache_info, networkstatus_t::cert, check_signature_token(), networkstatus_t::client_versions, networkstatus_t::consensus_method, networkstatus_voter_info_t::contact, crypto_digest_algorithm_parse_name(), digests_t::d, DIGEST_LEN, networkstatus_t::digests, networkstatus_voter_info_t::dir_port, networkstatus_t::dist_seconds, document_signature_free(), dump_desc(), escaped(), find_opt_by_keyword(), find_start_of_next_routerstatus(), networkstatus_t::flavor, networkstatus_t::fresh_until, document_signature_t::good_signature, HEX_DIGEST_LEN, document_signature_t::identity_digest, routerstatus_t::identity_digest, signed_descriptor_t::identity_digest, networkstatus_voter_info_t::identity_digest, networkstatus_t::known_flags, LD_DIR, networkstatus_voter_info_t::legacy_id_digest, memarea_drop_all(), memarea_new(), MIN_DIST_SECONDS, MIN_VOTE_INTERVAL, MIN_VOTE_SECONDS, directory_token_t::n_args, networkstatus_t::net_params, networkstatus_get_voter_by_id(), networkstatus_parse_flavor_name(), networkstatus_vote_free(), networkstatus_voter_info_t::nickname, directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, networkstatus_voter_info_t::or_port, parse_iso_time(), networkstatus_t::published, router_get_networkstatus_v3_hashes(), networkstatus_t::routerstatus_list, routerstatus_parse_entry_from_string(), networkstatus_t::server_versions, document_signature_t::signature, document_signature_t::signature_len, authority_cert_t::signing_key, document_signature_t::signing_key_digest, networkstatus_voter_info_t::sigs, smartlist_add(), smartlist_create(), smartlist_free(), vote_routerstatus_t::status, strcmpstart(), networkstatus_t::supported_methods, token_clear(), tokenize_string(), tor_assert, tor_digest_is_zero(), tor_free, tor_inet_aton(), tor_parse_long(), directory_token_t::tp, networkstatus_t::type, networkstatus_t::valid_after, networkstatus_t::valid_until, vote_routerstatus_t::version, networkstatus_voter_info_t::vote_digest, networkstatus_t::vote_seconds, voter_get_sig_by_algorithm(), networkstatus_t::voters, and networkstatus_t::weight_params.

Referenced by dirvote_add_signatures_to_pending_consensus(), dirvote_add_vote(), dirvote_compute_consensuses(), format_networkstatus_vote(), and networkstatus_set_current_consensus().

void networkstatus_reset_download_failures

(

void

)

Reset the descriptor download failure count on all networkstatus docs, so that we can retry any long-failed documents immediately.

References networkstatus_get_v2_list(), and router_get_by_descriptor_digest().

Referenced by router_reset_descriptor_download_failures().

void networkstatus_reset_warnings

(

void

)

Forget that we've warned about anything networkstatus-related, so we will give fresh warnings if the same behavior happens again.

References have_warned_about_new_version, have_warned_about_old_version, and networkstatus_t::routerstatus_list.

Referenced by routerlist_reset_warnings().

int networkstatus_set_current_consensus	(	const char *	consensus,
		const char *	flavor,
		unsigned	flags
	)

Try to replace the current cached v3 networkstatus with the one in consensus. If we don't have enough certificates to validate it, store it in consensus_waiting_for_certs and launch a certificate fetch.

If flags & NSSET_FROM_CACHE, this networkstatus has come from the disk cache. If flags & NSSET_WAS_WAITING_FOR_CERTS, this networkstatus was already received, but we were waiting for certificates on it. If flags & NSSET_DONT_DOWNLOAD_CERTS, do not launch certificate downloads as needed. If flags & NSSET_ACCEPT_OBSOLETE, then we should be willing to take this consensus, even if it comes from many days in the past.

Return 0 on success, <0 on failure. On failure, caller should increment the failure count as appropriate.

We return -1 for mild failures that don't need to be reported to the user, and -2 for more serious problems.

References authority_certs_fetch_missing(), consensus_waiting_for_certs_t::body, cell_ewma_set_scale_factor(), circ_times, circuit_build_times_new_consensus_params(), consensus_waiting_for_certs_t::consensus, control_event_client_status(), control_event_general_status(), cached_dir_t::digests, networkstatus_t::digests, directory_caches_dir_info(), dirserv_get_consensus(), dirserv_set_cached_consensus_networkstatus(), dirvote_recalculate_timing(), consensus_waiting_for_certs_t::dl_failed, download_status_failed, download_status_reset(), networkstatus_t::flavor, format_iso_time(), format_time_interval(), ftime_definitely_before(), get_datadir_fname, get_options(), LD_BUG, LD_DIR, LD_GENERAL, networkstatus_check_consensus_signature(), networkstatus_copy_old_consensus_info(), networkstatus_get_flavor_name(), networkstatus_parse_flavor_name(), networkstatus_parse_vote_from_string(), networkstatus_vote_free(), notify_control_networkstatus_changed(), OLD_ROUTER_DESC_MAX_AGE, cached_dir_t::published, router_dir_info_changed(), routerstatus_list_update_named_server_map(), consensus_waiting_for_certs_t::set_at, tor_free, tor_snprintf(), update_consensus_networkstatus_fetch_time(), USABLE_CONSENSUS_FLAVOR, networkstatus_t::valid_after, networkstatus_t::valid_until, and write_str_to_file().

Referenced by connection_dir_client_reached_eof(), dirvote_publish_consensus(), networkstatus_note_certs_arrived(), and router_reload_consensus_networkstatus().

routerstatus_t* networkstatus_v2_find_entry	(	networkstatus_v2_t *	ns,
		const char *	digest
	)

Return the entry in ns for the identity digest digest, or NULL if none was found.

References compare_digest_to_routerstatus_entry(), networkstatus_v2_t::entries, and smartlist_bsearch().

Referenced by router_add_to_routerlist(), and signed_desc_digest_is_recognized().

void networkstatus_v2_free

(

networkstatus_v2_t *

ns

)

Free all storage held by the networkstatus object ns.

References networkstatus_v2_t::client_versions, networkstatus_v2_t::contact, crypto_free_pk_env(), networkstatus_v2_t::entries, routerstatus_free(), networkstatus_v2_t::server_versions, networkstatus_v2_t::signing_key, smartlist_free(), networkstatus_v2_t::source_address, and tor_free.

Referenced by networkstatus_free_all(), networkstatus_v2_list_clean(), networkstatus_v2_parse_from_string(), and router_set_networkstatus_v2().

networkstatus_v2_t* networkstatus_v2_get_by_digest

(

const char *

digest

)

Return the network status with a given identity digest.

References DIGEST_LEN.

void networkstatus_v2_list_clean

(

time_t

now

)

Remove all very-old network_status_t objects from memory and from the disk cache.

References directory_caches_v2_dir_info(), dirserv_clear_old_networkstatuses(), dirserv_clear_old_v1_info(), dirserv_set_cached_networkstatus_v2(), file_status(), get_options(), networkstatus_v2_t::identity_digest, LD_DIR, MAX_NETWORKSTATUS_AGE, networkstatus_get_cache_filename(), networkstatus_v2_free(), networkstatus_v2_t::published_on, smartlist_del(), and tor_free.

Referenced by router_reload_v2_networkstatus(), and run_scheduled_events().

networkstatus_v2_t* networkstatus_v2_parse_from_string

(

const char *

s

)

Given a v2 network-status object in s, try to parse it and return the result. Return NULL on failure. Check the signature of the network status, but do not (yet) check the signing key for authority.

References _free_duplicate_routerstatus_entry(), base16_decode(), networkstatus_v2_t::binds_names, check_signature_token(), networkstatus_v2_t::client_versions, compare_routerstatus_entries(), networkstatus_v2_t::contact, crypto_pk_get_digest(), DIGEST_LEN, dump_desc(), networkstatus_v2_t::entries, escaped(), find_opt_by_keyword(), find_start_of_next_routerstatus(), networkstatus_v2_t::identity_digest, crypto_pk_env_t::key, LD_BUG, LD_DIR, networkstatus_v2_t::lists_bad_directories, networkstatus_v2_t::lists_bad_exits, memarea_clear(), memarea_drop_all(), memarea_new(), networkstatus_v2_t::networkstatus_digest, networkstatus_v2_free(), note_crypto_pk_op(), parse_iso_time(), networkstatus_v2_t::published_on, networkstatus_v2_t::recommends_versions, router_get_networkstatus_v2_hash(), routerstatus_parse_entry_from_string(), networkstatus_v2_t::server_versions, networkstatus_v2_t::signing_key, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_sort(), smartlist_uniq(), networkstatus_v2_t::source_addr, networkstatus_v2_t::source_address, networkstatus_v2_t::source_dirport, strcmpstart(), token_clear(), tokenize_string(), tor_assert, tor_inet_aton(), and tor_parse_long().

Referenced by router_set_networkstatus_v2().

int networkstatus_verify_bw_weights

(

networkstatus_t *

ns

)

Verify the bandwidth weights of a network status document

References BW_WEIGHT_SCALE, LD_BUG, LD_DIR, networkstatus_get_bw_weight(), networkstatus_get_param(), networkstatus_t::routerstatus_list, and T.

routerstatus_t* networkstatus_vote_find_entry	(	networkstatus_t *	ns,
		const char *	digest
	)

Return the entry in ns for the identity digest digest, or NULL if none was found.

References compare_digest_to_routerstatus_entry(), networkstatus_t::routerstatus_list, and smartlist_bsearch().

Referenced by hid_serv_acting_as_directory(), router_add_to_routerlist(), router_get_consensus_status_by_nickname(), and signed_desc_digest_is_recognized().

int networkstatus_vote_find_entry_idx	(	networkstatus_t *	ns,
		const char *	digest,
		int *	found_out
	)

Search the routerstatuses in ns for one whose identity digest is digest. Return value and set *found_out as for smartlist_bsearch_idx().

References compare_digest_to_routerstatus_entry(), networkstatus_t::routerstatus_list, and smartlist_bsearch_idx().

Referenced by hid_serv_get_responsible_directories().

void networkstatus_vote_free

(

networkstatus_t *

ns

)

Free all storage held in ns.

References authority_cert_free(), networkstatus_t::cert, networkstatus_t::client_versions, networkstatus_t::desc_digest_map, digestmap_free(), document_signature_free(), networkstatus_t::known_flags, networkstatus_t::net_params, routerstatus_free(), networkstatus_t::routerstatus_list, networkstatus_t::server_versions, smartlist_free(), networkstatus_t::supported_methods, tor_free, networkstatus_t::type, vote_routerstatus_free(), and networkstatus_t::voters.

Referenced by dirvote_add_signatures_to_pending_consensus(), dirvote_add_vote(), dirvote_clear_pending_consensuses(), dirvote_clear_votes(), dirvote_compute_consensuses(), dirvote_perform_vote(), format_networkstatus_vote(), networkstatus_free_all(), networkstatus_parse_vote_from_string(), and networkstatus_set_current_consensus().

cached_dir_t* new_cached_dir	(	char *	s,
		time_t	published
	)

Allocate and return a new cached_dir_t containing the string s, published at published.

References cached_dir_t::dir, cached_dir_t::dir_len, cached_dir_t::dir_z, cached_dir_t::dir_z_len, LD_BUG, cached_dir_t::published, cached_dir_t::refcnt, and tor_gzip_compress().

Referenced by dirserv_regenerate_directory(), dirserv_set_cached_consensus_networkstatus(), dirserv_set_cached_directory(), dirserv_set_cached_networkstatus_v2(), and dirvote_add_vote().

void note_crypto_pk_op

(

pk_op_t

operation

)

Increment the count of the number of times we've done operation.

References LD_BUG, and pk_op_counts.

Referenced by connection_tls_start_handshake(), dirserv_dump_directory_to_string(), extrainfo_parse_entry_from_string(), format_networkstatus_vote(), generate_runningrouters(), networkstatus_v2_parse_from_string(), onion_skin_create(), onion_skin_server_handshake(), rend_mid_establish_intro(), rend_parse_service_descriptor(), rend_parse_v2_service_descriptor(), rend_service_intro_has_opened(), rend_service_introduce(), router_dump_router_to_string(), router_parse_directory(), router_parse_entry_from_string(), and router_parse_runningrouters().

void ns_detached_signatures_free

(

ns_detached_signatures_t *

s

)

Release all storage held in s.

References _tor_free(), ns_detached_signatures_t::digests, document_signature_free(), ns_detached_signatures_t::signatures, smartlist_free(), strmap_free(), and tor_free.

int num_rend_services

(

void

)

Return the number of rendezvous services we have configured.

Referenced by circuit_predict_and_launch_new().

void onion_append_to_cpath	(	crypt_path_t **	head_ptr,
		crypt_path_t *	new_hop
	)

Add new_hop to the end of the doubly-linked-list head_ptr. This function is used to extend cpath by another hop.

References crypt_path_t::next, and crypt_path_t::prev.

Referenced by onion_append_hop(), rend_client_receive_rendezvous(), and rend_service_rendezvous_has_opened().

or_circuit_t* onion_next_task

(

char **

onionskin_out

)

Remove the first item from ol_list and return it, or return NULL if the list is empty.

References onion_queue_t::circ, ol_length, onion_pending_remove(), onion_queue_t::onionskin, or_circuit_t::p_conn, and tor_assert.

Referenced by process_pending_task().

int onion_pending_add	(	or_circuit_t *	circ,
		char *	onionskin
	)

Add circ to the end of ol_list and return 0, except if ol_list is too long, in which case do nothing and return -1.

References onion_queue_t::circ, get_options(), LD_CIRC, LD_GENERAL, onion_queue_t::next, ol_length, onion_pending_remove(), ONIONQUEUE_WAIT_CUTOFF, onion_queue_t::onionskin, TO_CIRCUIT, tor_assert, tor_free, and onion_queue_t::when_added.

Referenced by assign_onionskin_to_cpuworker().

void onion_pending_remove

(

or_circuit_t *

circ

)

Go through ol_list, find the onion_queue_t element which points to circ, remove and free that element. Leave circ itself alone.

References onion_queue_t::circ, LD_GENERAL, onion_queue_t::next, ol_length, onion_queue_t::onionskin, or_circuit_t::p_circ_id, and tor_free.

Referenced by _circuit_mark_for_close(), onion_next_task(), and onion_pending_add().

int onion_skin_client_handshake	(	crypto_dh_env_t *	handshake_state,
		const char *	handshake_reply,
		char *	key_out,
		size_t	key_out_len
	)

Finish the client side of the DH handshake. Given the 128 byte DH reply + 20 byte hash as generated by onion_skin_server_handshake and the handshake state generated by onion_skin_create, verify H(K) with the first 20 bytes of shared key material, then generate key_out_len more bytes of shared key material and store them in key_out.

After the invocation, call crypto_dh_free on handshake_state.

References crypto_dh_compute_secret(), crypto_dh_get_bytes(), DIGEST_LEN, LD_PROTOCOL, tor_assert, and tor_free.

Referenced by circuit_finish_handshake().

int onion_skin_create	(	crypto_pk_env_t *	dest_router_key,
		crypto_dh_env_t **	handshake_state_out,
		char *	onion_skin_out
	)

Given a router's 128 byte public key, stores the following in onion_skin_out:

• [42 bytes] OAEP padding
• [16 bytes] Symmetric key for encrypting blob past RSA
• [70 bytes] g^x part 1 (inside the RSA)
• [58 bytes] g^x part 2 (symmetrically encrypted)

Stores the DH private key into handshake_state_out for later completion of the handshake.

The meeting point/cookies and auth are zeroed out for now.

References crypto_dh_free(), crypto_dh_get_bytes(), crypto_dh_get_public(), crypto_dh_new(), crypto_pk_keysize(), crypto_pk_public_hybrid_encrypt(), note_crypto_pk_op(), PK_PKCS1_OAEP_PADDING, and tor_assert.

Referenced by circuit_send_next_onion_skin().

int onion_skin_server_handshake	(	const char *	onion_skin,
		crypto_pk_env_t *	private_key,
		crypto_pk_env_t *	prev_private_key,
		char *	handshake_reply_out,
		char *	key_out,
		size_t	key_out_len
	)

Given an encrypted DH public key as generated by onion_skin_create, and the private key for this onion router, generate the reply (128-byte DH plus the first 20 bytes of shared key material), and store the next key_out_len bytes of key material in key_out.

References crypto_dh_compute_secret(), crypto_dh_free(), crypto_dh_get_public(), crypto_dh_new(), crypto_pk_private_hybrid_decrypt(), DIGEST_LEN, LD_GENERAL, LD_PROTOCOL, note_crypto_pk_op(), PK_PKCS1_OAEP_PADDING, and tor_free.

Referenced by cpuworker_main().

int onionskin_answer	(	or_circuit_t *	circ,
		uint8_t	cell_type,
		const char *	payload,
		const char *	keys
	)

Given a response payload and keys, initialize, then send a created cell back.

References or_connection_t::_base, connection_t::addr, append_cell_to_circuit_queue(), crypt_path_t::b_crypto, crypt_path_t::b_digest, CELL_DIRECTION_IN, cell_t::circ_id, circuit_init_cpath_crypto(), circuit_set_state(), CIRCUIT_STATE_OPEN, cell_t::command, connection_or_nonopen_was_started_here(), DIGEST_LEN, crypt_path_t::f_crypto, crypt_path_t::f_digest, or_circuit_t::handshake_digest, or_circuit_t::is_first_hop, is_local_addr(), LD_BUG, LD_CIRC, crypt_path_t::magic, or_circuit_t::n_crypto, or_circuit_t::n_digest, or_circuit_t::p_circ_id, or_circuit_t::p_conn, or_circuit_t::p_crypto, or_circuit_t::p_digest, cell_t::payload, router_orport_found_reachable(), TO_CIRCUIT, and tor_free.

Referenced by command_process_create_cell(), and connection_cpu_process_inbuf().

config_line_t* option_get_assignment	(	or_options_t *	options,
		const char *	key
	)

Return a canonical list of the options assigned for key.

References get_assigned_option().

Referenced by handle_control_getconf().

const char* option_get_canonical_name

(

const char *

key

)

Return the canonical name of a configuration option, or NULL if no such option exists.

References config_find_option(), and config_var_t::name.

Referenced by handle_control_getconf().

int option_is_recognized

(

const char *

key

)

Return true iff key is a valid configuration option.

References config_find_option().

Referenced by handle_control_getconf().

char* options_dump	(	or_options_t *	options,
		int	minimal
	)

Return a string containing a possible configuration file that would give the configuration in options. If minimal is true, do not include options that are the same as Tor's defaults.

References config_dump().

Referenced by getinfo_helper_misc(), and write_configuration_file().

char* options_get_datadir_fname2_suffix	(	or_options_t *	options,
		const char *	sub1,
		const char *	sub2,
		const char *	suffix
	)

Return a newly allocated string holding a filename relative to the data directory. If sub1 is present, it is the first path component after the data directory. If sub2 is also present, it is the second path component after the data directory. If suffix is present, it is appended to the filename.

Examples: get_datadir_fname2_suffix("a", NULL, NULL) -> $DATADIR/a get_datadir_fname2_suffix("a", NULL, ".tmp") -> $DATADIR/a.tmp get_datadir_fname2_suffix("a", "b", ".tmp") -> $DATADIR/a/b/.tmp get_datadir_fname2_suffix("a", "b", NULL) -> $DATADIR/a/b

Note: Consider using the get_datadir_fname* macros in or.h.

References or_options_t::DataDirectory, tor_assert, and tor_snprintf().

Referenced by try_locking().

void options_init

(

or_options_t *

options

)

Set options to hold reasonable defaults for most options. Each option defaults to zero.

References config_init().

Referenced by options_init_from_string().

setopt_err_t options_init_from_string	(	const char *	cf,
		int	command,
		const char *	command_arg,
		char **	msg
	)

Load the options from the configuration in cf, validate them for consistency and take actions based on them.

Return 0 if success, negative on error: * -1 for general errors. * -2 for failure to parse/validate, * -3 for transition not allowed * -4 for error while setting the new options

References or_options_t::_magic, or_options_t::command, or_options_t::command_arg, config_assign(), config_find_option(), config_free(), config_free_lines(), config_get_lines(), config_var_t::initvalue, config_var_t::name, options_init(), options_transition_allowed(), options_validate(), OR_OPTIONS_MAGIC, set_options(), or_options_t::TestingTorNetwork, tor_asprintf(), tor_assert, and tor_free.

Referenced by handle_control_loadconf(), and options_init_from_torrc().

int options_init_from_torrc	(	int	argc,
		char **	argv
	)

Read a configuration file into options, finding the configuration file location based on the command line. After loading the file call options_init_from_string() to load the config. Return 0 if success, -1 if failure.

References config_get_commandlines(), get_version(), LD_CONFIG, list_torrc_options(), load_torrc_from_disk(), options_init_from_string(), print_usage(), and tor_free.

Referenced by do_hup(), and tor_init().

int options_need_geoip_info	(	or_options_t *	options,
		const char **	reason_out
	)

If we need to have a GEOIP ip-to-country map to run with our configured options, return 1 and set *reason_out to a description of why.

References or_options_t::BridgeRecordUsageByCountry, or_options_t::BridgeRelay, or_options_t::EntryNodes, or_options_t::ExcludeExitNodes, or_options_t::ExcludeNodes, or_options_t::ExitNodes, and routerset_needs_geoip().

Referenced by geoip_load_file().

int options_save_current

(

void

)

Save the current configuration file value to disk. Return 0 on success, -1 on failure.

References get_options(), get_torrc_fname(), and write_configuration_file().

Referenced by handle_control_saveconf().

setopt_err_t options_trial_assign	(	config_line_t *	list,
		int	use_defaults,
		int	clear_first,
		char **	msg
	)

Try assigning list to the global options. You do this by duping options, assigning list to the new one, then validating it. If it's ok, then throw out the old one and stick with the new one. Else, revert to old and return failure. Return SETOPT_OK on success, or a setopt_err_t on failure.

If not success, point *msg to a newly allocated string describing what went wrong.

References config_assign(), config_free(), get_options(), options_dup(), options_transition_allowed(), options_validate(), and set_options().

Referenced by control_setconf_helper().

or_circuit_t* or_circuit_new	(	circid_t	p_circ_id,
		or_connection_t *	p_conn
	)

Allocate a new or_circuit_t, connected to p_conn as p_circ_id. If p_conn is NULL, the circuit is unattached.

References or_circuit_t::_base, cell_ewma_t::cell_count, cell_ewma_get_tick(), circuit_set_p_circid_orconn(), cell_ewma_t::heap_index, init_circuit_base(), cell_ewma_t::is_for_p_conn, cell_ewma_t::last_adjusted_tick, circuit_t::magic, MAX_RELAY_EARLY_CELLS_PER_CIRCUIT, or_circuit_t::p_cell_ewma, or_circuit_t::remaining_relay_early_cells, and TO_CIRCUIT.

Referenced by command_process_create_cell().

or_connection_t* or_connection_new

(

int

socket_family

)

Allocate and return a new or_connection_t, initialized as by connection_init().

References or_connection_t::active_circuit_pqueue, or_connection_t::active_circuit_pqueue_last_recalibrated, cell_ewma_get_tick(), CONN_TYPE_OR, connection_init(), crypto_rand_int(), or_connection_t::next_circ_id, smartlist_create(), or_connection_t::timestamp_last_added_nonpadding, and TO_CONN.

Referenced by connection_new(), and connection_or_connect().

void or_handshake_state_free

(

or_handshake_state_t *

state

)

Free all storage held by state.

References tor_free.

Referenced by _connection_free(), and connection_or_set_state_open().

static INLINE void or_state_mark_dirty	(	or_state_t *	state,
		time_t	when
	)			[static]

Change the next_write time of state to when, unless the state is already scheduled to be written to disk earlier than when.

References or_state_t::next_write.

Referenced by accounting_record_bandwidth_usage(), circuit_build_times_add_time(), circuit_build_times_update_state(), entry_guards_changed(), entry_guards_update_state(), hibernate_begin(), hibernate_go_dormant(), init_keys(), rep_hist_update_state(), rotate_onion_key(), and tor_cleanup().

int or_state_save

(

time_t

now

)

Write the persistent state to disk. Return 0 for success, <0 on failure.

References accounting_is_enabled(), accounting_run_housekeeping(), circ_times, circuit_build_times_update_state(), config_dump(), entry_guards_update_state(), format_local_iso_time(), get_datadir_fname, get_options(), get_version(), or_state_t::LastWritten, LD_FS, LD_GENERAL, or_state_t::next_write, rep_hist_update_state(), tor_asprintf(), tor_assert, tor_free, or_state_t::TorVersion, and write_str_to_file().

Referenced by or_state_load(), run_scheduled_events(), and tor_cleanup().

const char* orconn_end_reason_to_control_string

(

int

r

)

Convert the reason for ending an OR connection r into the format used in ORCONN events. Return "UNKNOWN" if the reason is unrecognized.

References LD_BUG.

Referenced by connection_about_to_close_connection(), control_event_bootstrap_problem(), and control_event_or_conn_status().

origin_circuit_t* origin_circuit_init	(	uint8_t	purpose,
		int	flags
	)

Create and return a new origin circuit. Initialize its purpose and build-state based on our arguments. The flags argument is a bitfield of CIRCLAUNCH_* flags.

References origin_circuit_t::_base, origin_circuit_t::build_state, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, CIRCLAUNCH_NEED_UPTIME, CIRCLAUNCH_ONEHOP_TUNNEL, circuit_set_state(), CIRCUIT_STATE_OR_WAIT, cpath_build_state_t::is_internal, cpath_build_state_t::need_capacity, cpath_build_state_t::need_uptime, cpath_build_state_t::onehop_tunnel, origin_circuit_new(), circuit_t::purpose, and TO_CIRCUIT.

Referenced by circuit_establish_circuit(), and handle_control_extendcircuit().

origin_circuit_t* origin_circuit_new

(

void

)

Allocate space for a new circuit, initializing with p_circ_id and p_conn. Add it to the global circuit list.

References origin_circuit_t::_base, approx_time(), circ_times, crypto_rand_int(), origin_circuit_t::global_identifier, init_circuit_base(), circuit_build_times_t::last_circ_at, circuit_t::magic, MAX_RELAY_EARLY_CELLS_PER_CIRCUIT, origin_circuit_t::next_stream_id, origin_circuit_t::remaining_relay_early_cells, and TO_CIRCUIT.

Referenced by origin_circuit_init().

hostname_type_t parse_extended_hostname	(	char *	address,
		int	allowdotexit
	)

If address is of the form "y.onion" with a well-formed handle y: Put a NUL after y, lower-case it, and return ONION_HOSTNAME.

If address is of the form "y.exit" and allowdotexit is true: Put a NUL after y and return EXIT_HOSTNAME.

Otherwise: Return NORMAL_HOSTNAME and change nothing.

References LD_APP, REND_SERVICE_ID_LEN_BASE32, and rend_valid_service_id().

int parse_http_response	(	const char *	headers,
		int *	code,
		time_t *	date,
		compress_method_t *	compression,
		char **	reason
	)

Parse an HTTP response string headers of the form

 * "HTTP/1.\%d \%d\%s\r\n...".
 * 

If it's well-formed, assign the status code to *code and return 0. Otherwise, return -1.

On success: If date is provided, set *date to the Date header in the http headers, or 0 if no such header is found. If compression is provided, set *compression to the compression method given in the Content-Encoding header, or 0 if no such header is found, or -1 if the value of the header is not recognized. If reason is provided, strdup the reason string into it.

References escaped(), LD_HTTP, parse_rfc1123_time(), smartlist_create(), smartlist_free(), smartlist_split_string(), strcmpstart(), tor_assert, tor_free, and tor_sscanf().

Referenced by connection_dir_client_reached_eof(), and connection_read_https_proxy_response().

int parse_virtual_addr_network	(	const char *	val,
		int	validate_only,
		char **	msg
	)

Read a netmask of the form 127.192.0.0/10 from "val", and check whether it's a valid set of virtual addresses to hand out in response to MAPADDRESS requests. Return 0 on success; set *msg (if provided) to a newly allocated string and return -1 on failure. If validate_only is false, sets the actual virtual address range to the parsed value.

References addr_mask_cmp_bits(), next_virtual_addr, parse_addr_and_port_range(), virtual_addr_netmask_bits, and virtual_addr_network.

Referenced by options_act().

int peek_buf_has_control0_command

(

buf_t *

buf

)

Return 1 iff buf looks more like it has an (obsolete) v0 controller command on it than any valid v1 controller command.

References buf_t::datalen, get_uint16(), and peek_from_buf().

Referenced by connection_control_process_inbuf().

void policies_free_all

(

void

)

Release all storage held by policy variables.

References addr_policy_list_free(), LD_MM, and policy_write_item().

Referenced by tor_free_all().

int policies_parse_exit_policy	(	config_line_t *	cfg,
		smartlist_t **	dest,
		int	rejectprivate,
		const char *	local_address,
		int	add_default_policy
	)

Parse the exit policy cfg into the linked list *dest. If cfg doesn't end in an absolute accept or reject and if add_default_policy is true, add the default exit policy afterwards. If rejectprivate is true, prepend "reject private:*" to the policy. Return -1 if we can't parse cfg, else return 0.

References append_exit_policy_string(), exit_policy_remove_redundancies(), parse_addr_policy(), and tor_snprintf().

Referenced by router_rebuild_descriptor(), and validate_addr_policies().

int policies_parse_from_options

(

or_options_t *

options

)

Set all policies based on options, which should have been validated first by validate_addr_policies.

References or_options_t::AuthDirBadDir, or_options_t::AuthDirBadExit, or_options_t::AuthDirInvalid, or_options_t::AuthDirReject, or_options_t::DirPolicy, load_policy_from_option(), parse_reachable_addresses(), and or_options_t::SocksPolicy.

Referenced by options_act().

void policies_set_router_exitpolicy_to_reject_all

(

routerinfo_t *

r

)

Replace the exit policy of r with reject *:*.

References addr_policy_list_free(), routerinfo_t::exit_policy, router_parse_addr_policy_item_from_string(), smartlist_add(), and smartlist_create().

Referenced by connection_ap_process_end_not_open().

void policy_expand_private

(

smartlist_t **

policy

)

Replace all "private" entries in *policy with their expanded equivalents.

References addr_policy_t::addr, addr_policy_free(), addr_policy_t::is_canonical, addr_policy_t::is_private, addr_policy_t::maskbits, private_nets, smartlist_add(), smartlist_create(), tor_addr_parse_mask_ports(), and tor_assert.

Referenced by parse_addr_policy(), and router_parse_entry_from_string().

int policy_is_reject_star

(

const smartlist_t *

policy

)

Return false if policy might permit access to some addr:port; otherwise if we are certain it rejects everything, return true.

Referenced by connection_ap_can_use_exit(), dns_resolve_impl(), and router_parse_entry_from_string().

char* policy_summarize

(

smartlist_t *

policy

)

Create a string representing a summary for an exit policy. The summary will either be an "accept" plus a comma-separated list of port ranges or a "reject" plus port-ranges, depending on which is shorter.

If no exits are allowed at all then NULL is returned, if no ports are blocked instead of "reject " we return "accept 1-65535" (this is an exception to the shorter-representation-wins rule).

References MAX_EXITPOLICY_SUMMARY_LEN, policy_summary_add_item(), policy_summary_create(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_assert, tor_free, and tor_snprintf().

Referenced by dirvote_create_microdescriptor(), and routerstatus_format_entry().

int policy_write_item	(	char *	buf,
		size_t	buflen,
		addr_policy_t *	policy,
		int	format_for_desc
	)

Write a single address policy to the buf_len byte buffer at buf. Return the number of characters written, or -1 on failure.

References addr_policy_t::addr, addr_policy_t::is_private, addr_policy_t::maskbits, addr_policy_t::policy_type, addr_policy_t::prt_max, addr_policy_t::prt_min, tor_addr_family(), tor_addr_to_str(), and tor_snprintf().

Referenced by exit_policy_remove_redundancies(), policies_free_all(), and router_dump_router_to_string().

int proxy_mode

(

or_options_t *

options

)

Return true iff we are trying to be a socks proxy.

References or_options_t::DNSListenAddress, or_options_t::DNSPort, or_options_t::NatdListenAddress, or_options_t::NatdPort, or_options_t::SocksListenAddress, or_options_t::SocksPort, or_options_t::TransListenAddress, and or_options_t::TransPort.

Referenced by circuit_build_needed_circs().

int read_to_buf	(	int	s,
		size_t	at_most,
		buf_t *	buf,
		int *	reached_eof,
		int *	socket_error
	)

Read from socket s, writing onto end of buf. Read at most at_most bytes, growing the buffer as necessary. If recv() returns 0 (because of EOF), set *reached_eof to 1 and return 0. Return -1 on error; else return the number of bytes read.

References buf_add_chunk_with_capacity(), CHUNK_REMAINING_CAPACITY(), chunk_t::memlen, MIN_READ_LEN, read_to_chunk(), buf_t::tail, and tor_assert.

Referenced by connection_read_to_buf().

int read_to_buf_tls	(	tor_tls_t *	tls,
		size_t	at_most,
		buf_t *	buf
	)

As read_to_buf, but reads from a TLS connection, and returns a TLS status value rather than the number of bytes read.

Using TLS on OR connections complicates matters in two ways.

First, a TLS stream has its own read buffer independent of the connection's read buffer. (TLS needs to read an entire frame from the network before it can decrypt any data. Thus, trying to read 1 byte from TLS can require that several KB be read from the network and decrypted. The extra data is stored in TLS's decrypt buffer.) Because the data hasn't been read by Tor (it's still inside the TLS), this means that sometimes a connection "has stuff to read" even when poll() didn't return POLLIN. The tor_tls_get_pending_bytes function is used in connection.c to detect TLS objects with non-empty internal buffers and read from them again.

Second, the TLS stream's events do not correspond directly to network events: sometimes, before a TLS stream can read, the network must be ready to write -- or vice versa.

References buf_add_chunk_with_capacity(), CHUNK_REMAINING_CAPACITY(), chunk_t::memlen, MIN_READ_LEN, read_to_chunk_tls(), buf_t::tail, and tor_assert.

Referenced by connection_read_to_buf().

void refresh_all_country_info

(

void

)

Called when we change a node set, or when we reload the geoip list: recompute all country info in all configuration node sets and in the routerlist.

References or_options_t::_ExcludeExitNodesUnion, or_options_t::EntryNodes, or_options_t::ExcludeExitNodes, or_options_t::ExcludeNodes, or_options_t::ExitNodes, get_options(), routerlist_refresh_countries(), and routerset_refresh_countries().

Referenced by geoip_load_file().

void relay_header_pack	(	char *	dest,
		const relay_header_t *	src
	)

Pack the relay_header_t host-order structure src into network-order in the buffer dest. See tor-spec.txt for details about the wire format.

References relay_header_t::command, relay_header_t::integrity, relay_header_t::length, relay_header_t::recognized, set_uint16(), and relay_header_t::stream_id.

Referenced by relay_digest_matches(), relay_send_command_from_edge(), and relay_set_digest().

void relay_header_unpack	(	relay_header_t *	dest,
		const char *	src
	)

Unpack the network-order buffer src into a host-order relay_header_t structure dest.

References relay_header_t::command, get_uint16(), relay_header_t::integrity, relay_header_t::length, relay_header_t::recognized, and relay_header_t::stream_id.

Referenced by circuit_extend(), connection_edge_process_relay_cell(), connection_exit_begin_conn(), connection_exit_begin_resolve(), relay_crypt(), relay_digest_matches(), relay_lookup_conn(), and relay_set_digest().

int relay_send_command_from_edge	(	uint16_t	stream_id,
		circuit_t *	circ,
		uint8_t	relay_command,
		const char *	payload,
		size_t	payload_len,
		crypt_path_t *	cpath_layer
	)

Make a relay cell out of relay_command and payload, and send it onto the open circuit circ. stream_id is the ID on circ for the stream that's sending the relay cell, or 0 if it's a control cell. cpath_layer is NULL for OR->OP cells, or the destination hop for OP->OR cells.

If you can't send the cell, mark the circuit for close and return -1. Else return 0.

References approx_time(), CELL_DIRECTION_IN, CELL_DIRECTION_OUT, cell_t::circ_id, CIRCUIT_IS_ORIGIN, circuit_package_relay_cell(), CIRCUIT_PURPOSE_IS_ESTABLISHED_REND, or_connection_t::client_used, relay_header_t::command, cell_t::command, origin_circuit_t::cpath, DIRREQ_END_CELL_SENT, circuit_t::dirreq_id, geoip_change_dirreq_state(), LD_BUG, LD_OR, relay_header_t::length, circuit_t::n_circ_id, circuit_t::n_conn, or_circuit_t::p_circ_id, cell_t::payload, circuit_t::purpose, relay_command_to_string(), origin_circuit_t::relay_early_cells_sent, origin_circuit_t::relay_early_commands, relay_header_pack(), RELAY_HEADER_SIZE, RELAY_PAYLOAD_SIZE, origin_circuit_t::remaining_relay_early_cells, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), relay_header_t::stream_id, TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), tor_assert, and tor_free.

Referenced by circuit_consider_sending_sendme(), circuit_send_next_onion_skin(), command_process_created_cell(), command_process_destroy_cell(), connection_edge_process_relay_cell(), connection_edge_send_command(), relay_send_end_cell_from_edge(), rend_client_send_establish_rendezvous(), rend_mid_establish_intro(), rend_mid_establish_rendezvous(), rend_mid_introduce(), rend_mid_rendezvous(), rend_service_intro_has_opened(), rend_service_rendezvous_has_opened(), and router_perform_bandwidth_test().

void release_lockfile

(

void

)

If we have successfully acquired the lock file, release it.

References tor_lockfile_unlock().

Referenced by tor_free_all().

void remove_file_if_very_old	(	const char *	fname,
		time_t	now
	)

Given a file name check to see whether the file exists but has not been modified for a very long time. If so, remove it.

References format_local_iso_time(), and LD_GENERAL.

Referenced by router_reload_router_list_impl(), and router_reload_v2_networkstatus().

void rend_cache_clean

(

void

)

Removes all old entries from the service descriptor cache.

References rend_cache_entry_t::parsed, rend_cache, rend_cache_entry_free(), REND_CACHE_MAX_AGE, REND_CACHE_MAX_SKEW, strmap_iter_done(), strmap_iter_get(), strmap_iter_init(), strmap_iter_next(), strmap_iter_next_rmv(), and rend_service_descriptor_t::timestamp.

Referenced by run_scheduled_events().

void rend_cache_clean_v2_descs_as_dir

(

void

)

Remove all old v2 descriptors and those for which this hidden service directory is not responsible for any more.

References base32_encode(), DIGEST_LEN, digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), digestmap_iter_next_rmv(), hid_serv_responsible_for_desc_id(), LD_REND, rend_cache_entry_t::parsed, rend_cache_entry_free(), REND_CACHE_MAX_AGE, REND_CACHE_MAX_SKEW, rend_cache_v2_dir, REND_DESC_ID_V2_LEN_BASE32, safe_str_client(), and rend_service_descriptor_t::timestamp.

Referenced by run_scheduled_events().

void rend_cache_free_all

(

void

)

Free all storage held by the service descriptor cache.

References digestmap_free(), rend_cache, rend_cache_v2_dir, and strmap_free().

Referenced by tor_free_all().

void rend_cache_init

(

void

)

Initializes the service descriptor cache.

References digestmap_new(), rend_cache, and rend_cache_v2_dir.

Referenced by tor_init().

int rend_cache_lookup_desc	(	const char *	query,
		int	version,
		const char **	desc,
		size_t *	desc_len
	)

query is a base-32'ed service id. If it's malformed, return -1. Else look it up.

• If it is found, point *desc to it, and write its length into *desc_len, and return 1.
• If it is not found, return 0. Note: calls to rend_cache_clean or rend_cache_store may invalidate *desc.

References rend_cache_entry_t::desc, rend_cache_entry_t::len, and rend_cache_lookup_entry().

Referenced by directory_handle_command_get().

int rend_cache_lookup_entry	(	const char *	query,
		int	version,
		rend_cache_entry_t **	e
	)

If we have a cached rend_cache_entry_t for the service ID query with version, set *e to that entry and return 1. Else return 0. If version is nonnegative, only return an entry in that descriptor format version. Otherwise (if version is negative), return the most recent format we have.

References rend_cache, REND_SERVICE_ID_LEN_BASE32, rend_valid_service_id(), strmap_get_lc(), tor_assert, and tor_snprintf().

Referenced by rend_cache_lookup_desc(), rend_client_desc_trynow(), rend_client_get_random_intro(), rend_client_refetch_v2_renddesc(), rend_client_remove_intro_point(), and rend_client_send_introduction().

int rend_cache_lookup_v2_desc_as_dir	(	const char *	desc_id,
		const char **	desc
	)

Lookup the v2 service descriptor with base32-encoded desc_id and copy the pointer to it to *desc. Return 1 on success, 0 on well-formed-but-not-found, and -1 on failure.

References base32_decode(), rend_cache_entry_t::desc, DIGEST_LEN, digestmap_get(), hid_serv_responsible_for_desc_id(), LD_REND, rend_cache_v2_dir, REND_DESC_ID_V2_LEN_BASE32, safe_str(), and tor_assert.

Referenced by directory_handle_command_get().

int rend_cache_size

(

void

)

Return the number of entries in our rendezvous descriptor cache.

References rend_cache, and strmap_size().

int rend_cache_store	(	const char *	desc,
		size_t	desc_len,
		int	published
	)

Parse *desc, calculate its service id, and store it in the cache. If we have a newer v0 descriptor with the same ID, ignore this one. If we have an older descriptor with the same ID, replace it. If we are acting as client due to the published flag and have any v2 descriptor with the same ID, reject this one in order to not get confused with having both versions for the same service.

Return -2 if it's malformed or otherwise rejected; return -1 if we already have a v2 descriptor here; return 0 if it's the same or older than one we've already got; return 1 if it's novel.

The published flag tells us if we store the descriptor in our role as directory (1) or if we cache it as client (0).

References rend_cache_entry_t::desc, LD_BUG, LD_PROTOCOL, LD_REND, rend_cache_entry_t::len, rend_cache_entry_t::parsed, rend_service_descriptor_t::pk, rend_cache_entry_t::received, rend_cache, REND_CACHE_MAX_AGE, REND_CACHE_MAX_SKEW, rend_get_service_id(), rend_parse_service_descriptor(), rend_service_descriptor_free(), REND_SERVICE_ID_LEN_BASE32, safe_str_client(), strmap_get_lc(), strmap_set_lc(), rend_service_descriptor_t::timestamp, tor_assert, tor_free, and tor_snprintf().

Referenced by connection_dir_client_reached_eof(), and directory_handle_command_post().

int rend_cache_store_v2_desc_as_client	(	const char *	desc,
		const rend_data_t *	rend_query
	)

Parse the v2 service descriptor in desc, decrypt the included list of introduction points with descriptor_cookie (which may also be NULL if decryption is not necessary), and store the descriptor to the local cache under its version and service id.

If we have a newer v2 descriptor with the same ID, ignore this one. If we have an older descriptor with the same ID, replace it. If we have any v0 descriptor with the same ID, reject this one in order to not get confused with having both versions for the same service. Return -2 if it's malformed or otherwise rejected; return -1 if we already have a v0 descriptor here; return 0 if it's the same or older than one we've already got; return 1 if it's novel.

References rend_data_t::auth_type, rend_cache_entry_t::desc, rend_data_t::descriptor_cookie, DIGEST_LEN, rend_service_descriptor_t::intro_nodes, LD_REND, rend_cache_entry_t::len, rend_cache_entry_t::parsed, rend_service_descriptor_t::pk, rend_cache_entry_t::received, rend_cache, REND_CACHE_MAX_AGE, REND_CACHE_MAX_SKEW, rend_decrypt_introduction_points(), rend_get_service_id(), rend_parse_introduction_points(), rend_parse_v2_service_descriptor(), rend_service_descriptor_free(), REND_SERVICE_ID_LEN_BASE32, safe_str_client(), smartlist_create(), strmap_get_lc(), strmap_set_lc(), rend_service_descriptor_t::timestamp, tor_assert, tor_free, tor_mem_is_zero(), and tor_snprintf().

Referenced by connection_dir_client_reached_eof().

int rend_cache_store_v2_desc_as_dir

(

const char *

desc

)

Parse the v2 service descriptor(s) in desc and store it/them to the local rend cache. Don't attempt to decrypt the included list of introduction points (as we don't have a descriptor cookie for it).

If we have a newer descriptor with the same ID, ignore this one. If we have an older descriptor with the same ID, replace it. Return -2 if we are not acting as hidden service directory; return -1 if the descriptor(s) were not parsable; return 0 if all descriptors are the same or older than those we've already got; return a positive number for the number of novel stored descriptors.

References base32_encode(), rend_cache_entry_t::desc, DIGEST_LEN, digestmap_get(), digestmap_set(), hid_serv_acting_as_directory(), hid_serv_responsible_for_desc_id(), LD_REND, rend_cache_entry_t::len, rend_cache_entry_t::parsed, rend_cache_entry_t::received, REND_CACHE_MAX_AGE, REND_CACHE_MAX_SKEW, rend_cache_v2_dir, REND_DESC_ID_V2_LEN_BASE32, rend_parse_v2_service_descriptor(), rend_service_descriptor_free(), safe_str(), safe_str_client(), strcmpstart(), rend_service_descriptor_t::timestamp, tor_assert, and tor_free.

Referenced by directory_handle_command_post().

void rend_client_desc_trynow

(

const char *

query

)

Find all the apconns in state AP_CONN_STATE_RENDDESC_WAIT that are waiting on query. If there's a working cache entry here with at least one intro point, move them to the next state.

References edge_connection_t::_base, AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_RENDDESC_WAIT, assert_connection_ok(), CONN_TYPE_AP, connection_ap_handshake_attach_circuit(), END_STREAM_REASON_CANT_ATTACH, get_connection_array(), rend_service_descriptor_t::intro_nodes, LD_REND, connection_t::marked_for_close, rend_data_t::onion_address, rend_cache_entry_t::parsed, rend_cache_lookup_entry(), rend_cmp_service_ids(), edge_connection_t::rend_data, safe_str_client(), connection_t::state, connection_t::timestamp_created, connection_t::timestamp_lastread, connection_t::timestamp_lastwritten, TO_CONN, and TO_EDGE_CONN().

Referenced by connection_dir_client_reached_eof(), and rend_client_refetch_v2_renddesc().

extend_info_t* rend_client_get_random_intro

(

const rend_data_t *

rend_query

)

Return a newly allocated extend_info_t* for a randomly chosen introduction point for the named hidden service. Return NULL if all introduction points have been tried and failed.

References crypto_rand_int(), rend_intro_point_t::extend_info, extend_info_dup(), extend_info_free(), extend_info_from_router(), rend_service_descriptor_t::intro_nodes, LD_REND, extend_info_t::nickname, rend_data_t::onion_address, extend_info_t::onion_key, rend_cache_entry_t::parsed, rend_cache_lookup_entry(), rend_intro_point_free(), router_get_by_nickname(), safe_str_client(), and smartlist_del().

Referenced by circuit_get_open_circ_or_launch(), and rend_client_introduction_acked().

void rend_client_introcirc_has_opened

(

origin_circuit_t *

circ

)

Called when we've established a circuit to an introduction point: send the introduction request.

References origin_circuit_t::_base, CIRCUIT_PURPOSE_C_INTRODUCING, connection_ap_attach_pending(), origin_circuit_t::cpath, LD_REND, circuit_t::purpose, and tor_assert.

Referenced by circuit_has_opened().

int rend_client_introduction_acked	(	origin_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Called when get an ACK or a NAK for a REND_INTRODUCE1 cell.

References origin_circuit_t::_base, origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, CIRCLAUNCH_IS_INTERNAL, circuit_extend_to_new_exit(), circuit_get_by_rend_query_and_purpose(), circuit_launch_by_extend_info(), CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, CIRCUIT_PURPOSE_C_INTRODUCE_ACKED, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, escaped_safe_str_client(), extend_info_free(), LD_PROTOCOL, LD_REND, circuit_t::n_circ_id, extend_info_t::nickname, rend_data_t::onion_address, circuit_t::purpose, origin_circuit_t::remaining_relay_early_cells, rend_client_get_random_intro(), rend_client_remove_intro_point(), origin_circuit_t::rend_data, TO_CIRCUIT, and tor_assert.

Referenced by rend_process_relay_cell().

rend_service_authorization_t* rend_client_lookup_service_authorization

(

const char *

onion_address

)

Look up the client-side authorization for the hidden service with onion_address. Return NULL if no authorization is available for that address.

References strmap_get(), and tor_assert.

int rend_client_receive_rendezvous	(	origin_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Bob sent us a rendezvous cell; join the circuits.

References origin_circuit_t::_base, origin_circuit_t::build_state, circuit_init_cpath_crypto(), circuit_initial_package_window(), CIRCUIT_PURPOSE_C_REND_JOINED, CIRCUIT_PURPOSE_C_REND_READY, CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED, CIRCWINDOW_START, connection_ap_attach_pending(), origin_circuit_t::cpath, crypto_dh_compute_secret(), crypto_dh_free(), crypt_path_t::deliver_window, crypt_path_t::dh_handshake_state, DIGEST_LEN, LD_GENERAL, LD_PROTOCOL, LD_REND, onion_append_to_cpath(), crypt_path_t::package_window, cpath_build_state_t::pending_final_cpath, circuit_t::purpose, crypt_path_t::state, TO_CIRCUIT, and tor_assert.

Referenced by rend_process_relay_cell().

void rend_client_refetch_v2_renddesc

(

const rend_data_t *

rend_query

)

Unless we already have a descriptor for rend_query with at least one (possibly) working introduction point in it, start a connection to a hidden service directory to fetch a v2 rendezvous service descriptor.

References rend_data_t::auth_type, crypto_rand_int(), rend_data_t::descriptor_cookie, DIGEST_LEN, directory_get_from_hs_dir(), get_options(), LD_REND, rend_data_t::onion_address, rend_cache_lookup_entry(), rend_client_desc_trynow(), rend_compute_v2_desc_id(), REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS, safe_str_client(), and tor_assert.

Referenced by circuit_get_open_circ_or_launch(), connection_about_to_close_connection(), and rend_client_remove_intro_point().

int rend_client_remove_intro_point	(	extend_info_t *	failed_intro,
		const rend_data_t *	rend_query
	)

Remove failed_intro from ent. If ent now has no intro points, or service is unrecognized, then launch a new renddesc fetch.

Return -1 if error, 0 if no intro points remain or service unrecognized, 1 if recognized and some intro points remain.

References AP_CONN_STATE_CIRCUIT_WAIT, AP_CONN_STATE_RENDDESC_WAIT, CONN_TYPE_AP, connection_get_by_type_state_rendquery(), DIGEST_LEN, escaped_safe_str_client(), rend_intro_point_t::extend_info, extend_info_t::identity_digest, rend_service_descriptor_t::intro_nodes, LD_BUG, LD_REND, rend_data_t::onion_address, rend_cache_entry_t::parsed, rend_cache_lookup_entry(), rend_client_refetch_v2_renddesc(), rend_intro_point_free(), smartlist_del(), and connection_t::state.

Referenced by _circuit_mark_for_close(), and rend_client_introduction_acked().

void rend_client_rendcirc_has_opened

(

origin_circuit_t *

circ

)

Called when a rendezvous circuit is open; sends a establish rendezvous circuit as appropriate.

References origin_circuit_t::_base, CIRCUIT_PURPOSE_C_ESTABLISH_REND, LD_REND, circuit_t::purpose, rend_client_send_establish_rendezvous(), and tor_assert.

Referenced by circuit_get_open_circ_or_launch(), and circuit_has_opened().

int rend_client_rendezvous_acked	(	origin_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Called when we receive a RENDEZVOUS_ESTABLISHED cell; changes the state of the circuit to C_REND_READY.

References origin_circuit_t::_base, CIRCUIT_PURPOSE_C_ESTABLISH_REND, CIRCUIT_PURPOSE_C_REND_READY, connection_ap_attach_pending(), LD_PROTOCOL, LD_REND, circuit_t::purpose, and TO_CIRCUIT.

Referenced by rend_process_relay_cell().

int rend_client_send_introduction	(	origin_circuit_t *	introcirc,
		origin_circuit_t *	rendcirc
	)

Called when we're trying to connect an ap conn; sends an INTRODUCE1 cell down introcirc if possible.

References origin_circuit_t::_base, origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, CIRCUIT_PURPOSE_C_INTRODUCING, CIRCUIT_PURPOSE_C_REND_READY, DIGEST_LEN, escaped_safe_str_client(), extend_info_t::identity_digest, rend_service_descriptor_t::intro_nodes, LD_REND, rend_data_t::onion_address, rend_cache_entry_t::parsed, circuit_t::purpose, RELAY_PAYLOAD_SIZE, rend_cache_lookup_entry(), rend_cmp_service_ids(), origin_circuit_t::rend_data, and tor_assert.

Referenced by connection_ap_handshake_attach_circuit().

int rend_cmp_service_ids	(	const char *	one,
		const char *	two
	)

Return 0 if one and two are the same service ids, else -1 or 1

Referenced by circuit_get_by_rend_query_and_purpose(), circuit_is_acceptable(), connection_ap_handshake_attach_circuit(), connection_get_by_type_state_rendquery(), count_established_intro_points(), rend_client_desc_trynow(), and rend_client_send_introduction().

int rend_compute_v2_desc_id	(	char *	desc_id_out,
		const char *	service_id,
		const char *	descriptor_cookie,
		time_t	now,
		uint8_t	replica
	)

Compute the binary desc_id_out (DIGEST_LEN bytes long) for a given base32-encoded service_id and optional unencoded descriptor_cookie of length REND_DESC_COOKIE_LEN, at time now for replica number replica. desc_id needs to have DIGEST_LEN bytes free. Return 0 for success, -1 otherwise.

References base32_decode(), DIGEST_LEN, get_secret_id_part_bytes(), get_time_period(), LD_REND, rend_get_descriptor_id_bytes(), REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS, REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, safe_str(), and safe_str_client().

Referenced by rend_client_refetch_v2_renddesc().

int rend_config_services	(	or_options_t *	options,
		int	validate_only
	)

Set up rend_service_list, based on the values of HiddenServiceDir and HiddenServicePort in options. Return 0 on success and -1 on failure. (If validate_only is set, parse, warn and return as normal, but don't actually change the configured services.)

References _circuit_get_global_list(), rend_service_t::auth_type, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, CIRCUIT_STATE_OPEN, rend_authorized_client_t::client_name, rend_service_t::clients, DIGEST_LEN, rend_service_t::directory, rend_service_t::intro_period_started, config_line_t::key, LD_BUG, LD_CONFIG, LD_REND, circuit_t::next, config_line_t::next, parse_port_config(), rend_service_t::ports, rend_add_service(), REND_CLIENTNAME_MAX_LEN, origin_circuit_t::rend_data, REND_LEGAL_CLIENTNAME_CHARACTERS, rend_data_t::rend_pk_digest, rend_service_free(), or_options_t::RendConfigLines, safe_str_client(), smartlist_add(), smartlist_add_all(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_sort_strings(), smartlist_split_string(), smartlist_uniq_strings(), TO_ORIGIN_CIRCUIT(), tor_assert, tor_free, and config_line_t::value.

Referenced by options_act().

void rend_consider_descriptor_republication

(

void

)

Consider republication of v2 rendezvous service descriptors that failed previously, but without regenerating descriptor contents.

References rend_service_descriptor_t::all_uploads_performed, rend_service_t::desc, get_options(), and upload_service_descriptor().

Referenced by run_scheduled_events().

void rend_consider_services_upload

(

time_t

now

)

Regenerate and upload rendezvous service descriptors for all services, if necessary. If the descriptor has been dirty enough for long enough, definitely upload; else only upload when the periodic timeout has expired.

For the first upload, pick a random time between now and two periods from now, and pick it independently for each service.

References crypto_rand_int(), rend_service_t::desc_is_dirty, get_options(), rend_service_t::next_upload_time, rend_service_update_descriptor(), or_options_t::RendPostPeriod, and upload_service_descriptor().

Referenced by run_scheduled_events().

rend_data_t* rend_data_dup

(

const rend_data_t *

data

)

Allocate and return a new rend_data_t with the same contents as query.

References tor_assert.

Referenced by circuit_get_open_circ_or_launch(), connection_exit_begin_conn(), directory_initiate_command_rend(), and rend_service_relaunch_rendezvous().

static INLINE void rend_data_free

(

rend_data_t *

data

)

[static]

Free all storage associated with data

References tor_free.

Referenced by _connection_free(), and circuit_free().

int rend_decrypt_introduction_points	(	char **	ipos_decrypted,
		size_t *	ipos_decrypted_size,
		const char *	descriptor_cookie,
		const char *	ipos_encrypted,
		size_t	ipos_encrypted_size
	)

Decrypt the encrypted introduction points in ipos_encrypted of length ipos_encrypted_size using descriptor_cookie and write the result to a newly allocated string that is pointed to by ipos_decrypted and its length to ipos_decrypted_size. Return 0 if decryption was successful and -1 otherwise.

References CIPHER_IV_LEN, CIPHER_KEY_LEN, crypto_cipher_decrypt(), crypto_cipher_decrypt_with_iv(), crypto_create_init_cipher(), crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_free_cipher_env(), crypto_free_digest_env(), crypto_new_digest_env(), LD_REND, memcmpstart(), REND_BASIC_AUTH_CLIENT_ENTRY_LEN, REND_BASIC_AUTH_CLIENT_ID_LEN, REND_BASIC_AUTH_CLIENT_MULTIPLE, REND_DESC_COOKIE_LEN, tor_assert, and tor_free.

Referenced by rend_cache_store_v2_desc_as_client().

int rend_encode_v2_descriptors	(	smartlist_t *	descs_out,
		rend_service_descriptor_t *	desc,
		time_t	now,
		uint8_t	period,
		rend_auth_type_t	auth_type,
		crypto_pk_env_t *	client_key,
		smartlist_t *	client_cookies
	)

Encode a set of rend_encoded_v2_service_descriptor_t's for desc at time now using service_key, depending on auth_type a descriptor_cookie and a list of client_cookies (which are both NULL if no client authorization is performed), and period (e.g. 0 for the current period, 1 for the next period, etc.) and add them to the existing list descs_out; return the number of seconds that the descriptors will be found by clients, or -1 if the encoding was not successful.

References base32_encode(), base64_encode(), crypto_digest(), crypto_pk_get_digest(), crypto_pk_write_public_key_to_string(), rend_encoded_v2_service_descriptor_t::desc_id, rend_encoded_v2_service_descriptor_t::desc_str, DIGEST_LEN, format_iso_time(), get_seconds_valid(), get_secret_id_part_bytes(), get_time_period(), rend_service_descriptor_t::intro_nodes, LD_BUG, LD_REND, rend_service_descriptor_t::pk, rend_service_descriptor_t::protocols, REND_DESC_ID_V2_LEN_BASE32, rend_desc_v2_is_parsable(), rend_encode_v2_intro_points(), rend_encoded_v2_service_descriptor_free(), rend_encrypt_v2_intro_points_basic(), rend_encrypt_v2_intro_points_stealth(), rend_get_descriptor_id_bytes(), REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS, REND_SECRET_ID_PART_LEN_BASE32, REND_TIME_PERIOD_V2_DESC_VALIDITY, router_append_dirobj_signature(), smartlist_add(), smartlist_clear(), rend_service_descriptor_t::timestamp, tor_assert, tor_free, and tor_snprintf().

Referenced by upload_service_descriptor().

void rend_encoded_v2_service_descriptor_free

(

rend_encoded_v2_service_descriptor_t *

desc

)

Free the storage held by an encoded v2 service descriptor.

References rend_encoded_v2_service_descriptor_t::desc_str, and tor_free.

Referenced by rend_encode_v2_descriptors(), and upload_service_descriptor().

void rend_get_descriptor_id_bytes	(	char *	descriptor_id_out,
		const char *	service_id,
		const char *	secret_id_part
	)

Compute the descriptor ID for service_id of length REND_SERVICE_ID_LEN and secret_id_part of length DIGEST_LEN, and write it to descriptor_id_out of length DIGEST_LEN.

References crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_free_digest_env(), crypto_new_digest_env(), DIGEST_LEN, and REND_SERVICE_ID_LEN.

Referenced by rend_compute_v2_desc_id(), rend_encode_v2_descriptors(), and rend_parse_v2_service_descriptor().

int rend_get_service_id	(	crypto_pk_env_t *	pk,
		char *	out
	)

Sets out to the first 10 bytes of the digest of pk, base32 encoded. NUL-terminates out. (We use this string to identify services in directory requests and .onion URLs.)

References base32_encode(), crypto_pk_get_digest(), DIGEST_LEN, REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, and tor_assert.

Referenced by rend_cache_store(), rend_cache_store_v2_desc_as_client(), rend_service_load_keys(), and upload_service_descriptor().

void rend_hsdir_routers_changed

(

void

)

Called when our internal view of the directory has changed, so that we might have router descriptors of hidden service directories available that we did not have before.

Referenced by router_dir_info_changed().

int rend_id_is_in_interval	(	const char *	a,
		const char *	b,
		const char *	c
	)

Determines whether a is in the interval of b (excluded) and c (included) in a circular digest ring; returns 1 if this is the case, and 0 otherwise.

References DIGEST_LEN, and tor_assert.

Referenced by hid_serv_responsible_for_desc_id().

void rend_intro_point_free

(

rend_intro_point_t *

intro

)

Free the storage held by an introduction point info.

References crypto_free_pk_env(), rend_intro_point_t::extend_info, extend_info_free(), rend_intro_point_t::intro_key, and tor_free.

Referenced by rend_client_get_random_intro(), rend_client_remove_intro_point(), rend_parse_introduction_points(), rend_service_descriptor_free(), rend_service_free(), and rend_services_introduce().

int rend_mid_establish_intro	(	or_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Respond to an ESTABLISH_INTRO cell by checking the signed data and setting the circuit's purpose and service pk digest.

References or_circuit_t::_base, base32_encode(), circuit_get_intro_point(), CIRCUIT_PURPOSE_INTRO_POINT, CIRCUIT_PURPOSE_OR, crypto_digest(), crypto_free_pk_env(), crypto_pk_asn1_decode(), crypto_pk_get_digest(), crypto_pk_public_checksig_digest(), DIGEST_LEN, get_uint16(), or_circuit_t::handshake_digest, LD_BUG, LD_GENERAL, LD_PROTOCOL, LD_REND, circuit_t::n_conn, note_crypto_pk_op(), or_circuit_t::p_circ_id, circuit_t::purpose, relay_send_command_from_edge(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, or_circuit_t::rend_token, safe_str(), and TO_CIRCUIT.

Referenced by rend_process_relay_cell().

int rend_mid_establish_rendezvous	(	or_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Process an ESTABLISH_RENDEZVOUS cell by setting the circuit's purpose and rendezvous cookie.

References or_circuit_t::_base, base16_encode(), circuit_get_rendezvous(), CIRCUIT_PURPOSE_OR, CIRCUIT_PURPOSE_REND_POINT_WAITING, LD_PROTOCOL, LD_REND, circuit_t::n_conn, or_circuit_t::p_circ_id, circuit_t::purpose, relay_send_command_from_edge(), REND_COOKIE_LEN, or_circuit_t::rend_token, and TO_CIRCUIT.

Referenced by rend_process_relay_cell().

int rend_mid_introduce	(	or_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Process an INTRODUCE1 cell by finding the corresponding introduction circuit, and relaying the body of the INTRODUCE1 cell inside an INTRODUCE2 cell.

References or_circuit_t::_base, base32_encode(), CIPHER_KEY_LEN, circuit_get_intro_point(), CIRCUIT_PURPOSE_OR, DIGEST_LEN, LD_GENERAL, LD_PROTOCOL, LD_REND, MAX_NICKNAME_LEN, circuit_t::n_conn, or_circuit_t::p_circ_id, PKCS1_OAEP_PADDING_OVERHEAD, circuit_t::purpose, relay_send_command_from_edge(), REND_COOKIE_LEN, REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, safe_str(), and TO_CIRCUIT.

Referenced by rend_process_relay_cell().

int rend_mid_rendezvous	(	or_circuit_t *	circ,
		const char *	request,
		size_t	request_len
	)

Process a RENDEZVOUS1 cell by looking up the correct rendezvous circuit by its relaying the cell's body in a RENDEZVOUS2 cell, and connecting the two circuits.

References or_circuit_t::_base, base16_encode(), circuit_get_rendezvous(), CIRCUIT_PURPOSE_OR, CIRCUIT_PURPOSE_REND_ESTABLISHED, DIGEST_LEN, LD_GENERAL, LD_PROTOCOL, LD_REND, circuit_t::n_conn, or_circuit_t::p_circ_id, circuit_t::purpose, relay_send_command_from_edge(), REND_COOKIE_LEN, or_circuit_t::rend_splice, or_circuit_t::rend_token, and TO_CIRCUIT.

Referenced by rend_process_relay_cell().

int rend_parse_client_keys	(	strmap_t *	parsed_clients,
		const char *	ckstr
	)

Parse the content of a client_key file in ckstr and add rend_authorized_client_t's for each parsed client to parsed_clients. Return the number of parsed clients as result or -1 for failure.

References directory_token_t::args, base64_decode(), rend_authorized_client_t::client_key, rend_authorized_client_t::client_name, rend_authorized_client_t::descriptor_cookie, eat_whitespace(), escaped(), find_opt_by_keyword(), directory_token_t::key, LD_CONFIG, LD_REND, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, REND_DESC_COOKIE_LEN, REND_DESC_COOKIE_LEN_BASE64, REND_LEGAL_CLIENTNAME_CHARACTERS, smartlist_clear(), smartlist_create(), smartlist_free(), strcmpstart(), strmap_get(), strmap_set(), strmap_size(), token_clear(), tokenize_string(), and tor_assert.

Referenced by rend_service_load_keys().

int rend_parse_introduction_points	(	rend_service_descriptor_t *	parsed,
		const char *	intro_points_encoded,
		size_t	intro_points_encoded_size
	)

Parse the encoded introduction points in intro_points_encoded of length intro_points_encoded_size and write the result to the descriptor in parsed; return the number of successfully parsed introduction points or -1 in case of a failure.

Function may only be invoked once.

References extend_info_t::addr, directory_token_t::args, base16_encode(), base32_decode(), DIGEST_LEN, escaped(), rend_intro_point_t::extend_info, extend_info_t::identity_digest, rend_intro_point_t::intro_key, rend_service_descriptor_t::intro_nodes, directory_token_t::key, LD_REND, memarea_clear(), memarea_drop_all(), memarea_new(), memcmpstart(), extend_info_t::nickname, extend_info_t::onion_key, extend_info_t::port, rend_intro_point_free(), REND_INTRO_POINT_ID_LEN_BASE32, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_addr_family(), tor_addr_from_str(), tor_assert, and tor_parse_long().

Referenced by rend_cache_store_v2_desc_as_client().

int rend_parse_service_authorization	(	or_options_t *	options,
		int	validate_only
	)

Parse config_line as a client-side authorization for a hidden service and add it to the local map of hidden service authorizations. Return 0 for success and -1 for failure.

References rend_service_authorization_t::auth_type, base64_decode(), rend_service_authorization_t::descriptor_cookie, or_options_t::HidServAuth, LD_CONFIG, config_line_t::next, rend_service_authorization_t::onion_address, REND_DESC_COOKIE_LEN, REND_DESC_COOKIE_LEN_BASE64, REND_SERVICE_ADDRESS_LEN, rend_service_authorization_free(), rend_service_authorization_free_all(), rend_service_authorization_strmap_item_free(), REND_SERVICE_ID_LEN_BASE32, rend_valid_service_id(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_split_string(), strcmpend(), strmap_free(), strmap_get(), strmap_set(), tor_free, tor_snprintf(), and config_line_t::value.

Referenced by options_act().

rend_service_descriptor_t* rend_parse_service_descriptor	(	const char *	str,
		size_t	len
	)

Parse a service descriptor at str (len bytes). On success, return a newly alloced service_descriptor_t. On failure, return NULL.

References crypto_pk_asn1_decode(), crypto_pk_keysize(), crypto_pk_public_checksig_digest(), rend_intro_point_t::extend_info, get_uint16(), get_uint32(), rend_service_descriptor_t::intro_nodes, LD_PROTOCOL, extend_info_t::nickname, note_crypto_pk_op(), rend_service_descriptor_t::pk, rend_service_descriptor_t::protocols, rend_service_descriptor_free(), smartlist_add(), smartlist_create(), rend_service_descriptor_t::timestamp, tor_assert, and rend_service_descriptor_t::version.

Referenced by rend_cache_store().

int rend_parse_v2_service_descriptor	(	rend_service_descriptor_t **	parsed_out,
		char *	desc_id_out,
		char **	intro_points_encrypted_out,
		size_t *	intro_points_encrypted_size_out,
		size_t *	encoded_size_out,
		const char **	next_out,
		const char *	desc
	)

Parse and validate the ASCII-encoded v2 descriptor in desc, write the parsed descriptor to the newly allocated *parsed_out, the binary descriptor ID of length DIGEST_LEN to desc_id_out, the encrypted introduction points to the newly allocated *intro_points_encrypted_out, their encrypted size to *intro_points_encrypted_size_out, the size of the encoded descriptor to *encoded_size_out, and a pointer to the possibly next descriptor to *next_out; return 0 for success (including validation) and -1 for failure.

References directory_token_t::args, BASE32_CHARS, base32_decode(), check_signature_token(), crypto_pk_get_digest(), DIGEST_LEN, escaped(), find_opt_by_keyword(), directory_token_t::key, LD_DIR, LD_REND, memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), directory_token_t::object_body, directory_token_t::object_size, directory_token_t::object_type, parse_iso_time(), rend_service_descriptor_t::pk, rend_service_descriptor_t::protocols, REND_DESC_ID_V2_LEN_BASE32, REND_DESC_MAX_SIZE, rend_get_descriptor_id_bytes(), REND_SECRET_ID_PART_LEN_BASE32, rend_service_descriptor_free(), router_get_hash_impl(), smartlist_create(), smartlist_free(), smartlist_split_string(), rend_service_descriptor_t::timestamp, token_clear(), tokenize_string(), tor_assert, tor_free, tor_parse_long(), and rend_service_descriptor_t::version.

Referenced by rend_cache_store_v2_desc_as_client(), rend_cache_store_v2_desc_as_dir(), and rend_desc_v2_is_parsable().

void rend_process_relay_cell	(	circuit_t *	circ,
		const crypt_path_t *	layer_hint,
		int	command,
		size_t	length,
		const char *	payload
	)

Called when we get a rendezvous-related relay cell on circuit circ. Dispatch on rendezvous relay command.

References CIRCUIT_IS_ORIGIN, origin_circuit_t::cpath, LD_APP, LD_PROTOCOL, crypt_path_t::prev, rend_client_introduction_acked(), rend_client_receive_rendezvous(), rend_client_rendezvous_acked(), rend_mid_establish_intro(), rend_mid_establish_rendezvous(), rend_mid_introduce(), rend_mid_rendezvous(), rend_service_intro_established(), rend_service_introduce(), TO_OR_CIRCUIT(), TO_ORIGIN_CIRCUIT(), and tor_fragile_assert.

Referenced by connection_edge_process_relay_cell().

void rend_service_authorization_free_all

(

void

)

Release all the storage held in auth_hid_servs.

References rend_service_authorization_strmap_item_free(), and strmap_free().

Referenced by rend_parse_service_authorization(), and tor_free_all().

void rend_service_descriptor_free

(

rend_service_descriptor_t *

desc

)

Free the storage held by the service descriptor desc.

References crypto_free_pk_env(), rend_service_descriptor_t::intro_nodes, rend_service_descriptor_t::pk, rend_intro_point_free(), smartlist_free(), rend_service_descriptor_t::successful_uploads, and tor_free.

Referenced by rend_cache_entry_free(), rend_cache_store(), rend_cache_store_v2_desc_as_client(), rend_cache_store_v2_desc_as_dir(), rend_desc_v2_is_parsable(), rend_parse_service_descriptor(), rend_parse_v2_service_descriptor(), rend_service_free(), and rend_service_update_descriptor().

void rend_service_dump_stats

(

int

severity

)

Log the status of introduction points for all rendezvous services at log severity severity.

References origin_circuit_t::_base, circuit_state_to_string(), rend_service_t::directory, rend_intro_point_t::extend_info, find_intro_circuit(), rend_service_t::intro_nodes, LD_GENERAL, extend_info_t::nickname, rend_service_t::pk_digest, safe_str_client(), and circuit_t::state.

Referenced by dumpstats().

void rend_service_free_all

(

void

)

Release all the storage held in rend_service_list.

References rend_service_free(), and smartlist_free().

Referenced by tor_free_all().

int rend_service_intro_established	(	origin_circuit_t *	circuit,
		const char *	request,
		size_t	request_len
	)

Called when we get an INTRO_ESTABLISHED cell; mark the circuit as a live introduction point, and note that the service descriptor is now out-of-date.

References origin_circuit_t::_base, base32_encode(), CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, CIRCUIT_PURPOSE_S_INTRO, rend_service_t::desc_is_dirty, LD_PROTOCOL, LD_REND, circuit_t::n_circ_id, circuit_t::purpose, origin_circuit_t::rend_data, rend_data_t::rend_pk_digest, rend_service_get_by_pk_digest(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, TO_CIRCUIT, and tor_assert.

Referenced by rend_process_relay_cell().

void rend_service_intro_has_opened

(

origin_circuit_t *

circuit

)

Called when we're done building a circuit to an introduction point: sends a RELAY_ESTABLISH_INTRO cell.

References origin_circuit_t::_base, base32_encode(), circuit_has_opened(), CIRCUIT_PURPOSE_C_GENERAL, CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, count_established_intro_points(), origin_circuit_t::cpath, crypto_digest(), crypto_pk_asn1_encode(), crypto_pk_private_sign_digest(), DIGEST_LEN, crypt_path_t::handshake_digest, origin_circuit_t::intro_key, LD_BUG, LD_CIRC, LD_GENERAL, LD_REND, circuit_t::n_circ_id, note_crypto_pk_op(), NUM_INTRO_POINTS, crypt_path_t::prev, circuit_t::purpose, RELAY_PAYLOAD_SIZE, relay_send_command_from_edge(), origin_circuit_t::rend_data, rend_data_t::rend_pk_digest, rend_service_get_by_pk_digest(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, set_uint16(), TO_CIRCUIT, and tor_assert.

Referenced by circuit_has_opened(), and rend_service_launch_establish_intro().

int rend_service_introduce	(	origin_circuit_t *	circuit,
		const char *	request,
		size_t	request_len
	)

Respond to an INTRODUCE2 cell by launching a circuit to the chosen rendezvous point.

References origin_circuit_t::_base, rend_service_t::accepted_intros, extend_info_t::addr, base16_encode(), base32_encode(), origin_circuit_t::build_state, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, CIRCLAUNCH_NEED_UPTIME, circuit_init_cpath_crypto(), circuit_launch_by_extend_info(), CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_INTRO, clean_accepted_intros(), rend_service_t::clients, crypto_dh_compute_secret(), crypto_dh_free(), crypto_dh_generate_public(), crypto_dh_new(), crypto_digest_add_bytes(), crypto_digest_get_digest(), crypto_free_digest_env(), crypto_new_digest_env(), crypto_pk_asn1_decode(), crypto_pk_get_digest(), crypto_pk_keysize(), crypto_pk_private_hybrid_decrypt(), crypt_path_t::dh_handshake_state, DIGEST_LEN, digestmap_get(), digestmap_new(), digestmap_set(), escaped(), escaped_safe_str_client(), cpath_build_state_t::expiry_time, extend_info_free(), extend_info_from_router(), get_uint16(), get_uint32(), crypt_path_t::handshake_digest, extend_info_t::identity_digest, origin_circuit_t::intro_key, is_legal_nickname(), is_legal_nickname_or_hexdigest(), rend_service_t::last_cleaned_accepted_intros, LD_BUG, LD_PROTOCOL, LD_REND, crypt_path_t::magic, MAX_HEX_NICKNAME_LEN, MAX_NICKNAME_LEN, MAX_REND_FAILURES, MAX_REND_TIMEOUT, circuit_t::n_circ_id, extend_info_t::nickname, note_crypto_pk_op(), rend_data_t::onion_address, extend_info_t::onion_key, cpath_build_state_t::pending_final_cpath, PK_PKCS1_OAEP_PADDING, extend_info_t::port, circuit_t::purpose, RELAY_PAYLOAD_SIZE, rend_check_authorization(), rend_data_t::rend_cookie, REND_COOKIE_LEN, origin_circuit_t::rend_data, REND_DESC_COOKIE_LEN, rend_data_t::rend_pk_digest, REND_REPLAY_TIME_INTERVAL, rend_service_get_by_pk_digest(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, rend_service_requires_uptime(), rep_hist_note_used_internal(), router_get_by_nickname(), rend_service_t::service_id, TO_CIRCUIT, tor_addr_from_ipv4n(), and tor_assert.

Referenced by rend_process_relay_cell().

int rend_service_load_keys

(

void

)

Load and/or generate private keys for all hidden services, possibly including keys for client authorization. Return 0 on success, -1 on failure.

References abort_writing_to_file(), base64_encode(), check_private_dir(), rend_authorized_client_t::client_key, crypto_free_pk_env(), crypto_new_pk_env(), crypto_pk_check_key(), crypto_pk_dup_key(), crypto_pk_get_digest(), crypto_pk_write_private_key_to_string(), crypto_rand(), rend_authorized_client_t::descriptor_cookie, escaped(), finish_writing_to_file(), init_key_from_file(), LD_BUG, LD_CONFIG, LD_FS, LD_REND, read_file_to_str(), rend_authorized_client_strmap_item_free(), REND_DESC_COOKIE_LEN, REND_DESC_COOKIE_LEN_BASE64, rend_get_service_id(), rend_parse_client_keys(), RFTS_IGNORE_MISSING, start_writing_to_stdio_file(), strmap_free(), strmap_get(), strmap_size(), tor_free, tor_snprintf(), and write_str_to_file().

Referenced by options_act().

void rend_service_relaunch_rendezvous

(

origin_circuit_t *

oldcirc

)

Called when we fail building a rendezvous circuit at some point other than the last hop: launches a new circuit to the same rendezvous point.

References origin_circuit_t::_base, origin_circuit_t::build_state, cpath_build_state_t::chosen_exit, CIRCLAUNCH_IS_INTERNAL, CIRCLAUNCH_NEED_CAPACITY, circuit_launch_by_extend_info(), CIRCUIT_PURPOSE_S_CONNECT_REND, cpath_build_state_t::expiry_time, cpath_build_state_t::failure_count, LD_REND, MAX_REND_FAILURES, extend_info_t::nickname, cpath_build_state_t::pending_final_cpath, circuit_t::purpose, origin_circuit_t::rend_data, rend_data_dup(), and tor_assert.

Referenced by circuit_build_failed().

void rend_service_rendezvous_has_opened

(

origin_circuit_t *

circuit

)

Called once a circuit to a rendezvous point is established: sends a RELAY_COMMAND_RENDEZVOUS1 cell.

References origin_circuit_t::_base, base16_encode(), base32_encode(), origin_circuit_t::build_state, circuit_initial_package_window(), CIRCUIT_PURPOSE_S_CONNECT_REND, CIRCUIT_PURPOSE_S_REND_JOINED, CIRCWINDOW_START, origin_circuit_t::cpath, crypto_dh_free(), crypto_dh_get_public(), crypt_path_t::deliver_window, crypt_path_t::dh_handshake_state, DIGEST_LEN, crypt_path_t::handshake_digest, LD_GENERAL, LD_REND, circuit_t::n_circ_id, onion_append_to_cpath(), crypt_path_t::package_window, cpath_build_state_t::pending_final_cpath, crypt_path_t::prev, circuit_t::purpose, RELAY_PAYLOAD_SIZE, relay_send_command_from_edge(), rend_data_t::rend_cookie, REND_COOKIE_LEN, origin_circuit_t::rend_data, rend_data_t::rend_pk_digest, rend_service_get_by_pk_digest(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, crypt_path_t::state, TO_CIRCUIT, and tor_assert.

Referenced by circuit_has_opened().

int rend_service_set_connection_addr_port	(	edge_connection_t *	conn,
		origin_circuit_t *	circ
	)

Given conn, a rendezvous exit stream, look up the hidden service for 'circ', and look up the port and address based on conn->port. Assign the actual conn->addr and conn->port. Return -1 if failure, or 0 for success.

References edge_connection_t::_base, origin_circuit_t::_base, base32_encode(), CIRCUIT_PURPOSE_S_REND_JOINED, LD_REND, circuit_t::n_circ_id, connection_t::port, rend_service_t::ports, circuit_t::purpose, origin_circuit_t::rend_data, rend_data_t::rend_pk_digest, rend_service_get_by_pk_digest(), REND_SERVICE_ID_LEN, REND_SERVICE_ID_LEN_BASE32, smartlist_add(), smartlist_create(), and tor_assert.

Referenced by connection_exit_begin_conn().

void rend_services_introduce

(

void

)

For every service, check how many intro points it currently has, and:

• Pick new intro points as necessary.
• Launch circuits to any new intro points.

References rend_service_t::desc, rend_service_t::desc_is_dirty, DIGEST_LEN, rend_intro_point_t::extend_info, find_intro_circuit(), get_options(), extend_info_t::identity_digest, INTRO_CIRC_RETRY_PERIOD, rend_service_descriptor_t::intro_nodes, rend_service_t::intro_nodes, rend_service_t::intro_period_started, LD_REND, MAX_INTRO_CIRCS_PER_PERIOD, rend_service_t::n_intro_circuits_launched, extend_info_t::nickname, rend_service_t::pk_digest, rend_intro_point_free(), router_get_by_digest(), rend_service_t::service_id, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_del(), and tor_assert.

Referenced by circuit_build_needed_circs().

int rend_valid_service_id

(

const char *

query

)

Return true iff query is a syntactically valid service ID (as generated by rend_get_service_id).

References BASE32_CHARS, and REND_SERVICE_ID_LEN_BASE32.

Referenced by parse_extended_hostname(), rend_cache_lookup_entry(), and rend_parse_service_authorization().

int rep_hist_bandwidth_assess

(

void

)

Find the largest sums in the past NUM_SECS_BW_SUM_IS_VALID (roughly) seconds. Find one sum for reading and one for writing. They don't have to be at the same time.

Return the smaller of these sums, divided by NUM_SECS_ROLLING_MEASURE.

References find_largest_max(), and NUM_SECS_ROLLING_MEASURE.

Referenced by check_descriptor_bandwidth_changed(), and router_rebuild_descriptor().

void rep_hist_buffer_stats_add_circ	(	circuit_t *	circ,
		time_t	end_of_interval
	)

Remember cell statistics for circuit circ at time end_of_interval and reset cell counters in case the circuit remains open in the next measurement interval.

References CIRCUIT_IS_ORIGIN, or_circuit_t::processed_cells, smartlist_add(), smartlist_create(), start_of_buffer_stats_interval, circuit_t::timestamp_created, TO_OR_CIRCUIT(), and or_circuit_t::total_cell_waiting_time.

Referenced by circuit_free(), and rep_hist_buffer_stats_write().

void rep_hist_buffer_stats_init

(

time_t

now

)

Initialize buffer stats.

References start_of_buffer_stats_interval.

Referenced by run_scheduled_events().

void rep_hist_buffer_stats_write

(

time_t

now

)

Write buffer statistics to $DATADIR/stats/buffer-stats.

References _buffer_stats_compare_entries(), _circuit_get_global_list(), abort_writing_to_file(), check_private_dir(), finish_writing_to_file(), format_iso_time(), get_datadir_fname, get_datadir_fname2, LD_HIST, circuit_t::next, rep_hist_buffer_stats_add_circ(), smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_join_strings(), smartlist_sort(), start_of_buffer_stats_interval, start_writing_to_stdio_file(), tor_asprintf(), and tor_free.

Referenced by run_scheduled_events().

int rep_hist_circbuilding_dormant

(

time_t

now

)

Return 1 if we have no need for circuits currently, else return 0.

References any_predicted_circuits(), check_whether_dirport_reachable(), check_whether_orport_reachable(), circuit_enough_testing_circs(), get_options(), and server_mode().

Referenced by directory_too_idle_to_fetch_descriptors().

time_t rep_hist_downrate_old_runs

(

time_t

now

)

Helper: Discount all old MTBF data, if it is time to do so. Return the time at which we should next discount MTBF data.

References digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), digestmap_new(), history_map, LD_HIST, STABILITY_ALPHA, STABILITY_INTERVAL, stability_last_downrated, or_history_t::total_run_weights, or_history_t::total_weighted_time, or_history_t::weighted_run_length, and or_history_t::weighted_uptime.

Referenced by run_scheduled_events().

void rep_hist_dump_stats	(	time_t	now,
		int	severity
	)

Log all the reliability data we have remembered, with the chosen severity.

References base16_encode(), DIGEST_LEN, digestmap_isempty(), digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), or_history_t::downtime, get_options(), get_stability(), HEX_DIGEST_LEN, history_map, LD_HIST, or_history_t::link_history_map, or_history_t::n_conn_fail, or_history_t::n_conn_ok, link_history_t::n_extend_fail, link_history_t::n_extend_ok, routerinfo_t::nickname, rep_history_clean(), router_get_by_digest(), tor_snprintf(), update_or_history(), and or_history_t::uptime.

Referenced by dumpstats().

void rep_hist_exit_stats_init

(

time_t

now

)

Initialize exit port stats.

References exit_bytes_read, exit_bytes_written, EXIT_STATS_NUM_PORTS, exit_streams, and start_of_exit_stats_interval.

Referenced by run_scheduled_events().

void rep_hist_exit_stats_write

(

time_t

now

)

Write exit stats to $DATADIR/stats/exit-stats and reset counters.

References abort_writing_to_file(), check_private_dir(), exit_bytes_read, exit_bytes_written, EXIT_STATS_NUM_PORTS, EXIT_STATS_ROUND_UP_BYTES, EXIT_STATS_ROUND_UP_STREAMS, EXIT_STATS_THRESHOLD_RECIPROCAL, exit_streams, finish_writing_to_file(), format_iso_time(), get_datadir_fname, get_datadir_fname2, LD_HIST, round_uint32_to_next_multiple_of(), round_uint64_to_next_multiple_of(), start_of_exit_stats_interval, start_writing_to_stdio_file(), tor_assert, and tor_free.

Referenced by run_scheduled_events().

void rep_hist_free_all

(

void

)

Free all storage held by the OR/link history caches, by the bandwidth history arrays, or by the port history.

References built_last_stability_doc_at, digestmap_free(), exit_bytes_read, exit_bytes_written, exit_streams, free_or_history(), history_map, last_stability_doc, predicted_ports_free(), and tor_free.

Referenced by tor_free_all().

char* rep_hist_get_bandwidth_lines

(

int

for_extrainfo

)

Allocate and return lines for representing this server's bandwidth history in its descriptor.

References format_iso_time(), bw_array_t::next_period, NUM_SECS_BW_SUM_INTERVAL, NUM_TOTALS, rep_hist_fill_bandwidth_history(), tor_assert, and tor_snprintf().

Referenced by extrainfo_dump_to_string().

int rep_hist_get_predicted_internal	(	time_t	now,
		int *	need_uptime,
		int *	need_capacity
	)

Return 1 if we've used an internal circ recently; else return 0.

References PREDICTED_CIRCS_RELEVANCE_TIME, predicted_internal_capacity_time, predicted_internal_time, and predicted_internal_uptime_time.

Referenced by circuit_predict_and_launch_new().

smartlist_t* rep_hist_get_predicted_ports

(

time_t

now

)

Return a pointer to the list of port numbers that are likely to be asked for in the near future.

The caller promises not to mess with it.

References LD_CIRC, PREDICTED_CIRCS_RELEVANCE_TIME, rephist_total_alloc, smartlist_del(), tor_assert, and tor_free.

Referenced by circuit_get_unhandled_ports().

const char* rep_hist_get_router_stability_doc

(

time_t

now

)

Return a pointer to a NUL-terminated document describing our view of the stability of the routers we've been tracking. Return NULL on failure.

References routerinfo_t::addr, BASE64_DIGEST_LEN, built_last_stability_doc_at, routerinfo_t::cache_info, digest_to_base64(), format_iso_time(), history_map, routerinfo_t::is_hibernating, routerinfo_t::is_running, routerinfo_t::is_valid, last_stability_doc, MAX_STABILITY_DOC_BUILD_RATE, routerinfo_t::nickname, signed_descriptor_t::published_on, rep_hist_format_router_status(), rep_hist_have_measured_enough_stability(), router_get_by_digest(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_join_strings(), tor_dup_ip(), tor_free, tor_snprintf(), and routerinfo_t::uptime.

Referenced by directory_handle_command_get().

double rep_hist_get_stability	(	const char *	id,
		time_t	when
	)

Return an estimated MTBF for the router whose identity digest is id. Return 0 if the router is unknown.

References get_or_history(), and get_stability().

Referenced by dirserv_compute_performance_thresholds(), and dirserv_thinks_router_is_unreliable().

double rep_hist_get_weighted_fractional_uptime	(	const char *	id,
		time_t	when
	)

Return an estimated percent-of-time-online for the router whose identity digest is id. Return 0 if the router is unknown.

References get_or_history(), and get_weighted_fractional_uptime().

Referenced by set_routerstatus_from_routerinfo().

long rep_hist_get_weighted_time_known	(	const char *	id,
		time_t	when
	)

Return a number representing how long we've known about the router whose digest is id. Return 0 if the router is unknown.

Be careful: this measure increases monotonically as we know the router for longer and longer, but it doesn't increase linearly.

References get_or_history(), and get_total_weighted_time().

Referenced by dirserv_compute_performance_thresholds(), and set_routerstatus_from_routerinfo().

int rep_hist_have_measured_enough_stability

(

void

)

Return true if we've been measuring MTBFs for long enough to pronounce on Stability.

References started_tracking_stability.

Referenced by rep_hist_get_router_stability_doc().

void rep_hist_init

(

void

)

Initialize the static data structures for tracking history.

References bw_arrays_init(), digestmap_new(), history_map, and predicted_ports_init().

Referenced by tor_init().

int rep_hist_load_mtbf_data

(

time_t

now

)

Load MTBF data from disk. Returns 0 on success or recoverable error, -1 on failure.

References base16_decode(), correct_time(), DIGEST_LEN, escaped(), find_next_with(), get_datadir_fname, get_or_history(), HEX_DIGEST_LEN, LD_HIST, n_bogus_times, parse_iso_time(), parse_possibly_bad_iso_time(), read_file_to_str(), RFTS_IGNORE_MISSING, smartlist_create(), smartlist_free(), smartlist_split_string(), stability_last_downrated, or_history_t::start_of_downtime, or_history_t::start_of_run, started_tracking_stability, strcmpstart(), tor_free, tor_parse_long(), or_history_t::total_run_weights, or_history_t::total_weighted_time, or_history_t::weighted_run_length, and or_history_t::weighted_uptime.

Referenced by options_act().

int rep_hist_load_state	(	or_state_t *	state,
		char **	err
	)

Set bandwidth history from our saved state.

References add_obs(), bw_array_new(), or_state_t::BWHistoryReadEnds, or_state_t::BWHistoryReadInterval, or_state_t::BWHistoryReadValues, or_state_t::BWHistoryWriteEnds, or_state_t::BWHistoryWriteInterval, or_state_t::BWHistoryWriteValues, bw_array_t::cur_obs_time, LD_HIST, bw_array_t::max_total, bw_array_t::maxima, bw_array_t::next_period, NUM_SECS_BW_SUM_INTERVAL, NUM_SECS_ROLLING_MEASURE, NUM_TOTALS, bw_array_t::obs, tor_assert, tor_free, tor_parse_uint64(), and bw_array_t::total_obs.

Referenced by or_state_set().

void rep_hist_note_bytes_read	(	size_t	num_bytes,
		time_t	when
	)

We wrote num_bytes more bytes in second when. (like rep_hist_note_bytes_written() above)

References add_obs().

Referenced by connection_buckets_decrement().

void rep_hist_note_bytes_written	(	size_t	num_bytes,
		time_t	when
	)

We read num_bytes more bytes in second when.

Add num_bytes to the current running total for when.

when can go back to time, but it's safe to ignore calls earlier than the latest when you've heard of.

References add_obs().

Referenced by connection_buckets_decrement().

void rep_hist_note_connect_failed	(	const char *	id,
		time_t	when
	)

Remember that an attempt to connect to the OR with identity digest id failed at when.

References or_history_t::changed, get_or_history(), mark_or_down(), and or_history_t::n_conn_fail.

Referenced by connection_about_to_close_connection().

void rep_hist_note_connect_succeeded	(	const char *	id,
		time_t	when
	)

Remember that an attempt to connect to the OR with identity digest id succeeded at when.

References or_history_t::changed, get_or_history(), mark_or_up(), and or_history_t::n_conn_ok.

Referenced by connection_or_set_state_open().

void rep_hist_note_connection_died	(	const char *	id,
		time_t	when
	)

Remember that our connection to the OR with identity digest id had an error and stopped working at when.

References or_history_t::changed, get_or_history(), and mark_or_down().

Referenced by connection_about_to_close_connection().

void rep_hist_note_disconnect	(	const char *	id,
		time_t	when
	)

Remember that we intentionally closed our connection to the OR with identity digest id at when.

References or_history_t::changed, get_or_history(), and mark_or_down().

Referenced by connection_about_to_close_connection().

void rep_hist_note_exit_bytes_read	(	uint16_t	port,
		size_t	num_bytes
	)

Note that we read num_bytes from an exit connection to port.

References exit_bytes_read, get_options(), and LD_HIST.

Referenced by connection_buckets_decrement().

void rep_hist_note_exit_bytes_written	(	uint16_t	port,
		size_t	num_bytes
	)

Note that we wrote num_bytes to an exit connection to port.

References exit_bytes_written, get_options(), and LD_HIST.

Referenced by connection_buckets_decrement().

void rep_hist_note_exit_stream_opened

(

uint16_t

port

)

Note that we opened an exit stream to port.

References exit_streams, get_options(), and LD_HIST.

Referenced by connection_edge_finished_connecting().

void rep_hist_note_extend_failed	(	const char *	from_id,
		const char *	to_id
	)

Remember that we tried to extend from the OR with identity digest from_id to the OR with identity digest to_name, but failed.

References link_history_t::changed, get_link_history(), and link_history_t::n_extend_fail.

Referenced by circuit_rep_hist_note_result().

void rep_hist_note_extend_succeeded	(	const char *	from_id,
		const char *	to_id
	)

Remember that we successfully extended from the OR with identity digest from_id to the OR with identity digest to_name.

References link_history_t::changed, get_link_history(), and link_history_t::n_extend_ok.

Referenced by circuit_rep_hist_note_result().

void rep_hist_note_router_reachable	(	const char *	id,
		time_t	when
	)

We have just decided that this router with identity digest id is reachable, meaning we will give it a "Running" flag for the next while.

References DIGEST_LEN, format_local_iso_time(), get_or_history(), hex_str(), LD_HIST, or_history_t::start_of_downtime, or_history_t::start_of_run, started_tracking_stability, tor_assert, and or_history_t::total_weighted_time.

Referenced by dirserv_orconn_tls_done().

void rep_hist_note_router_unreachable	(	const char *	id,
		time_t	when
	)

We have just decided that this router is unreachable, meaning we are taking away its "Running" flag.

References DIGEST_LEN, format_local_iso_time(), get_or_history(), hex_str(), LD_HIST, or_history_t::start_of_downtime, or_history_t::start_of_run, started_tracking_stability, tor_assert, or_history_t::total_run_weights, or_history_t::total_weighted_time, or_history_t::weighted_run_length, and or_history_t::weighted_uptime.

Referenced by dirserv_set_router_is_running(), rep_hist_record_mtbf_data(), and routerlist_remove().

void rep_hist_note_used_internal	(	time_t	now,
		int	need_uptime,
		int	need_capacity
	)

Remember that we used an internal circ at time now.

References predicted_internal_capacity_time, predicted_internal_time, and predicted_internal_uptime_time.

Referenced by circuit_get_open_circ_or_launch(), directory_initiate_command_rend(), rend_service_introduce(), and rend_service_launch_establish_intro().

void rep_hist_note_used_port	(	time_t	now,
		uint16_t	port
	)

Remember that port has been asked for as of time now. This is used for predicting what sorts of streams we'll make in the future and making exit circuits to anticipate that.

References add_predicted_port(), and tor_assert.

Referenced by directory_initiate_command_rend(), and rep_hist_note_used_resolve().

void rep_hist_note_used_resolve

(

time_t

now

)

The user asked us to do a resolve. Rather than keeping track of timings and such of resolves, we fake it for now by treating it the same way as a connection to port 80. This way we will continue to have circuits lying around if the user only uses Tor for resolves.

References rep_hist_note_used_port().

int rep_hist_record_mtbf_data	(	time_t	now,
		int	missing_means_down
	)

Write MTBF data to disk. Return 0 on success, negative on failure.

If missing_means_down, then if we're about to write an entry that is still considered up but isn't in our routerlist, consider it to be down.

References abort_writing_to_file(), base16_encode(), DIGEST_LEN, digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), finish_writing_to_file(), format_iso_time(), get_datadir_fname, HEX_DIGEST_LEN, history_map, LD_HIST, rep_hist_note_router_unreachable(), router_get_by_digest(), stability_last_downrated, or_history_t::start_of_downtime, or_history_t::start_of_run, start_writing_to_stdio_file(), started_tracking_stability, tor_free, or_history_t::total_run_weights, or_history_t::total_weighted_time, or_history_t::weighted_run_length, and or_history_t::weighted_uptime.

Referenced by run_scheduled_events(), and tor_cleanup().

void rep_hist_update_state

(

or_state_t *

state

)

Update state with the newest bandwidth history.

References or_options_t::AvoidDiskWrites, or_state_t::BWHistoryReadEnds, or_state_t::BWHistoryReadInterval, or_state_t::BWHistoryReadValues, or_state_t::BWHistoryWriteEnds, or_state_t::BWHistoryWriteInterval, or_state_t::BWHistoryWriteValues, get_options(), get_or_state(), bw_array_t::next_period, NUM_SECS_BW_SUM_INTERVAL, NUM_TOTALS, or_state_mark_dirty(), rep_hist_fill_bandwidth_history(), server_mode(), smartlist_create(), smartlist_free(), smartlist_split_string(), tor_free, tor_snprintf(), and bw_array_t::total_in_period.

Referenced by or_state_save().

void rep_history_clean

(

time_t

before

)

Remove history info for routers/links that haven't changed since before.

References authdir_mode(), link_history_t::changed, or_history_t::changed, digestmap_iter_done(), digestmap_iter_get(), digestmap_iter_init(), digestmap_iter_next(), digestmap_iter_next_rmv(), free_or_history(), get_options(), history_map, or_history_t::link_history_map, rephist_total_alloc, STABILITY_EPSILON, or_history_t::start_of_run, tor_free, and or_history_t::total_run_weights.

Referenced by rep_hist_dump_stats(), and run_scheduled_events().

void reset_bandwidth_test

(

void

)

Reset have_performed_bandwidth_test, so we'll start building testing circuits again so we can exercise our bandwidth.

References have_performed_bandwidth_test.

Referenced by ip_address_changed(), and run_scheduled_events().

int resolve_my_address	(	int	warn_severity,
		or_options_t *	options,
		uint32_t *	addr_out,
		char **	hostname_out
	)

Based on options->Address, guess our public IP address and put it (in host order) into *addr_out. If hostname_out is provided, set *hostname_out to a new string holding the hostname we used to get the address. Return 0 if all is well, or -1 if we can't find a suitable public IP address.

References or_options_t::_PublishServerDescriptor, or_options_t::Address, or_options_t::AlternateDirAuthority, control_event_server_status(), or_options_t::DirServers, get_interface_address(), INET_NTOA_BUF_LEN, ip_address_changed(), is_internal_IP(), LD_CONFIG, LD_NET, tor_assert, tor_inet_aton(), tor_inet_ntoa(), and tor_lookup_hostname().

Referenced by add_trusted_dir_server(), check_descriptor_ipaddress_changed(), dirserv_generate_networkstatus_vote_obj(), generate_v2_networkstatus_opinion(), options_validate(), router_new_address_suggestion(), and router_pick_published_address().

int retry_all_listeners	(	smartlist_t *	replaced_conns,
		smartlist_t *	new_conns
	)

Launch listeners for each port you should have open. Only launch listeners who are not already open, and only close listeners we no longer want.

Add all old conns that should be closed to replaced_conns. Add all new connections to new_conns.

References or_options_t::ClientOnly, CONN_TYPE_AP_DNS_LISTENER, CONN_TYPE_AP_LISTENER, CONN_TYPE_AP_NATD_LISTENER, CONN_TYPE_AP_TRANS_LISTENER, CONN_TYPE_CONTROL_LISTENER, CONN_TYPE_DIR_LISTENER, CONN_TYPE_OR_LISTENER, or_options_t::ControlListenAddress, or_options_t::ControlPort, or_options_t::ControlSocket, or_options_t::DirListenAddress, or_options_t::DirPort, or_options_t::DNSListenAddress, or_options_t::DNSPort, get_options(), or_options_t::NatdListenAddress, or_options_t::NatdPort, or_options_t::ORListenAddress, or_options_t::ORPort, retry_listeners(), or_options_t::SocksListenAddress, or_options_t::SocksPort, or_options_t::TransListenAddress, and or_options_t::TransPort.

Referenced by options_act_reversible(), and run_scheduled_events().

void retry_bridge_descriptor_fetch_directly

(

const char *

digest

)

Fetching the bridge descriptor from the bridge authority returned a "not found". Fall back to trying a direct fetch.

References find_bridge_by_digest(), and launch_direct_bridge_descriptor_fetch().

Referenced by dir_routerdesc_download_failed().

void rotate_onion_key

(

void

)

Replace the previous onion key with the current onion key, and generate a new previous onion key. Immediately after calling this function, the OR should:

• schedule all previous cpuworkers to shut down _after_ processing pending work. (This will cause fresh cpuworkers to be generated.)
• generate and upload a fresh routerinfo.

References crypto_free_pk_env(), crypto_new_pk_env(), crypto_pk_write_private_key_to_filename(), file_status(), get_datadir_fname2, get_options(), get_or_state(), or_state_t::LastRotatedOnionKey, LD_BUG, LD_FS, LD_GENERAL, mark_my_descriptor_dirty(), onionkey_set_at, or_state_mark_dirty(), replace_file(), tor_free, tor_mutex_acquire(), and tor_mutex_release().

Referenced by run_scheduled_events().

was_router_added_t router_add_extrainfo_to_routerlist	(	extrainfo_t *	ei,
		const char **	msg,
		int	from_cache,
		int	from_fetch
	)

Insert ei into the routerlist, or free it. Other arguments are as for router_add_to_routerlist(). Return ROUTER_ADDED_SUCCESSFULLY iff we actually inserted it, ROUTER_BAD_EI otherwise.

References extrainfo_t::cache_info, extrainfo_insert(), routerlist_t::extrainfo_store, router_get_routerlist(), routerlist, and signed_desc_append_to_journal().

Referenced by dirserv_add_extrainfo(), and router_load_extrainfo_from_string().

was_router_added_t router_add_to_routerlist	(	routerinfo_t *	router,
		const char **	msg,
		int	from_cache,
		int	from_fetch
	)

Add router to the routerlist, if we don't already have it. Replace older entries (if any) with the same key. Note: Callers should not hold their pointers to router if this function fails; router will either be inserted into the routerlist or freed. Similarly, even if this call succeeds, they should not hold their pointers to router after subsequent calls with other routerinfo's -- they might cause the original routerinfo to get freed.

Returns the status for the operation. Might set *msg if it wants the poster of the router to know something.

If from_cache, this descriptor came from our disk cache. If from_fetch, we received it in response to a request we made. (If both are false, that means it was uploaded to us as an auth dir server or via the controller.)

This function should be called *after* routers_update_status_from_consensus_networkstatus; subsequently, you should call router_rebuild_store and routerlist_descriptors_added.

References routerinfo_t::addr, authdir_mode_handles_descs(), authdir_wants_to_reject_router(), routerinfo_t::cache_info, routerlist_t::desc_digest_map, routerlist_t::desc_store, routerstatus_t::descriptor_digest, DIGEST_LEN, directory_set_dirty(), dirserv_single_reachability_test(), get_options(), hex_str(), signed_descriptor_t::identity_digest, routerlist_t::identity_map, routerinfo_t::is_valid, routerinfo_t::last_reachable, LD_DIR, routerstatus_t::need_to_mirror, networkstatus_get_latest_consensus(), networkstatus_get_v2_list(), networkstatus_v2_find_entry(), networkstatus_v2_list, networkstatus_vote_find_entry(), routerinfo_t::nickname, OLD_ROUTER_DESC_MAX_AGE, routerinfo_t::or_port, signed_descriptor_t::published_on, routerinfo_t::purpose, router_get_routerlist(), ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerinfo_is_a_configured_bridge(), routerlist, routerlist_insert(), routerlist_insert_old(), routerlist_replace(), signed_desc_append_to_journal(), signed_desc_digest_is_recognized(), signed_descriptor_t::signed_descriptor_digest, routerinfo_t::testing_since, and tor_assert.

Referenced by dirserv_add_descriptor(), router_load_routers_from_string(), and router_load_single_router().

int router_addr_is_trusted_dir

(

uint32_t

addr

)

Return true iff addr is the address of one of our trusted directory authorities.

References trusted_dir_servers.

Referenced by get_possible_sybil_list().

int router_append_dirobj_signature	(	char *	buf,
		size_t	buf_len,
		const char *	digest,
		size_t	digest_len,
		crypto_pk_env_t *	private_key
	)

Helper: used to generate signatures for routers, directories and network-status objects. Given a digest in digest and a secret private_key, generate an PKCS1-padded signature, BASE64-encode it, surround it with -----BEGIN/END----- pairs, and write it to the buf_len-byte buffer at buf. Return 0 on success, -1 on failure.

References base64_encode(), crypto_pk_keysize(), crypto_pk_private_sign(), LD_BUG, and tor_free.

Referenced by dirserv_dump_directory_to_string(), extrainfo_dump_to_string(), format_networkstatus_vote(), generate_runningrouters(), rend_encode_v2_descriptors(), and router_dump_router_to_string().

routerinfo_t* router_choose_random_node	(	smartlist_t *	excludedsmartlist,
		routerset_t *	excludedset,
		router_crn_flags_t	flags
	)

Return a random running router from the routerlist. Never pick a node whose routerinfo is in excludedsmartlist, or whose routerinfo matches excludedset, even if they are the only nodes available. If CRN_NEED_UPTIME is set in flags and any router has more than a minimum uptime, return one of those. If CRN_NEED_CAPACITY is set in flags, weight your choice by the advertised capacity of each router. If CRN_ALLOW_INVALID is not set in flags, consider only Valid routers. If CRN_NEED_GUARD is set in flags, consider only Guard routers. If CRN_WEIGHT_AS_EXIT is set in flags, we weight bandwidths as if picking an exit node, otherwise we weight bandwidths for picking a relay node (that is, possibly discounting exit nodes).

References or_options_t::ExcludeSingleHopRelays, get_options(), router_get_routerlist(), routerlist_t::routers, smartlist_add(), smartlist_create(), and tor_assert.

Referenced by choose_good_exit_server(), and choose_good_middle_server().

void router_clear_status_flags

(

routerinfo_t *

router

)

Clear all the status flags in routerinfo router. We put this function here because it's eerily similar to clear_status_flags_on_sybil() above. One day we should merge them.

References routerinfo_t::is_bad_directory, routerinfo_t::is_bad_exit, routerinfo_t::is_exit, routerinfo_t::is_fast, routerinfo_t::is_hs_dir, routerinfo_t::is_possible_guard, routerinfo_t::is_running, routerinfo_t::is_stable, and routerinfo_t::is_valid.

Referenced by routers_update_status_from_consensus_networkstatus().

int router_compare_to_my_exit_policy

(

edge_connection_t *

conn

)

OR only: Check whether my exit policy says to allow connection to conn. Return 0 if we accept; non-0 if we reject.

References edge_connection_t::_base, connection_t::addr, ADDR_POLICY_ACCEPTED, compare_tor_addr_to_addr_policy(), routerinfo_t::exit_policy, connection_t::port, router_get_my_routerinfo(), tor_addr_family(), and tor_addr_is_null().

Referenced by connection_exit_connect().

int router_differences_are_cosmetic	(	routerinfo_t *	r1,
		routerinfo_t *	r2
	)

Return true iff the only differences between r1 and r2 are such that would not cause a recent (post 0.1.1.6) dirserver to republish.

References routerinfo_t::address, routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, routerinfo_t::cache_info, cmp_addr_policies(), routerinfo_t::contact_info, crypto_pk_cmp_keys(), routerinfo_t::declared_family, routerinfo_t::dir_port, routerinfo_t::exit_policy, routerinfo_t::has_old_dnsworkers, routerinfo_t::identity_pkey, routerinfo_t::is_hibernating, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::or_port, routerinfo_t::platform, signed_descriptor_t::published_on, routerinfo_t::purpose, ROUTER_ALLOW_UPTIME_DRIFT, ROUTER_MAX_COSMETIC_TIME_DIFFERENCE, tor_assert, and routerinfo_t::uptime.

Referenced by dirserv_add_descriptor().

int router_digest_is_me

(

const char *

digest

)

Return true iff I'm a server and digest is equal to my identity digest.

References DIGEST_LEN, and identitykey_digest.

Referenced by connection_or_connect(), directory_conn_is_self_reachability_test(), directory_get_from_all_authorities(), dirserv_get_networkstatus_v2(), dirserv_get_routerdescs(), get_signed_descriptor_by_fp(), lookup_cached_dir_by_fp(), router_digest_is_trusted_dir_type(), router_fingerprint_is_me(), router_is_me(), router_pick_directory_server_impl(), router_pick_trusteddirserver_impl(), router_set_networkstatus_v2(), smartlist_choose_by_bandwidth(), and update_v2_networkstatus_cache_downloads().

int router_digest_is_trusted_dir_type	(	const char *	digest,
		authority_type_t	type
	)

Return true iff digest is the digest of the identity key of a trusted directory matching at least one bit of type. If type is zero, any authority is okay.

References authdir_mode(), DIGEST_LEN, get_options(), router_digest_is_me(), and trusted_dir_servers.

Referenced by router_pick_directory_server_impl().

int router_digest_version_as_new_as	(	const char *	digest,
		const char *	cutoff
	)

Try to find a routerinfo for digest. If we don't have one, return 1. If we do, ask tor_version_as_new_as() for the answer.

References routerinfo_t::platform, router_get_by_digest(), and tor_version_as_new_as().

void router_dir_info_changed

(

void

)

Called when our internal view of the directory has changed. This can be when the authorities change, networkstatuses change, the list of routerdescs changes, or number of running routers changes.

References rend_hsdir_routers_changed().

Referenced by add_trusted_dir_server(), clear_trusted_dir_servers(), networkstatus_set_current_consensus(), options_act(), router_set_status(), routerlist_free(), routerlist_insert(), routerlist_remove(), routerlist_replace(), and run_scheduled_events().

void router_dirport_found_reachable

(

void

)

Annotate that we found our DirPort reachable.

References routerinfo_t::address, can_reach_dir_port, control_event_server_status(), decide_to_advertise_dirport(), routerinfo_t::dir_port, get_options(), LD_BUG, LD_DIRSERV, mark_my_descriptor_dirty(), and router_get_my_routerinfo().

Referenced by connection_dir_client_reached_eof().

int router_dump_router_to_string	(	char *	s,
		size_t	maxlen,
		routerinfo_t *	router,
		crypto_pk_env_t *	ident_key
	)

OR only: Given a routerinfo for this router, and an identity key to sign with, encode the routerinfo as a signed server descriptor and write the result into s, using at most maxlen bytes. Return -1 on failure, and the number of bytes used on success.

References routerinfo_t::address, or_options_t::AllowSingleHopExits, routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_encode(), routerinfo_t::cache_info, or_options_t::ContactInfo, crypto_pk_cmp_keys(), crypto_pk_get_fingerprint(), crypto_pk_write_public_key_to_string(), decide_to_advertise_dirport(), routerinfo_t::declared_family, DIGEST_LEN, routerinfo_t::dir_port, dns_seems_to_be_broken(), or_options_t::DownloadExtraInfo, escaped(), routerinfo_t::exit_policy, signed_descriptor_t::extra_info_digest, FINGERPRINT_LEN, format_iso_time(), get_options(), has_dns_init_failed(), HEX_DIGEST_LEN, or_options_t::HidServDirectoryV2, routerinfo_t::identity_pkey, LD_BUG, routerinfo_t::nickname, note_crypto_pk_op(), routerinfo_t::onion_pkey, routerinfo_t::or_port, routerinfo_t::platform, policy_write_item(), signed_descriptor_t::published_on, router_append_dirobj_signature(), router_get_router_hash(), router_parse_entry_from_string(), routerinfo_free(), smartlist_join_strings(), stats_n_seconds_working, tor_assert, tor_free, tor_snprintf(), and we_are_hibernating().

Referenced by router_rebuild_descriptor().

int router_exit_policy_all_routers_reject	(	uint32_t	addr,
		uint16_t	port,
		int	need_uptime
	)

Return 1 if all running sufficiently-stable routers will reject addr:port, return 0 if any might accept it.

References ADDR_POLICY_PROBABLY_REJECTED, ADDR_POLICY_REJECTED, compare_addr_to_addr_policy(), router_is_unreliable(), routerlist, and routerlist_t::routers.

Referenced by circuit_get_open_circ_or_launch().

int router_exit_policy_rejects_all

(

routerinfo_t *

router

)

Return true iff router does not permit exit streams.

References routerinfo_t::policy_is_reject_star.

Referenced by choose_good_exit_server_general(), and dirserv_compute_performance_thresholds().

int router_extrainfo_digest_is_me

(

const char *

digest

)

Return true iff I'm a server and digest is equal to my identity digest.

References extrainfo_t::cache_info, DIGEST_LEN, router_get_my_extrainfo(), and signed_descriptor_t::signed_descriptor_digest.

routerinfo_t* router_find_exact_exit_enclave	(	const char *	address,
		uint16_t	port
	)

Find a router that's up, that has this IP address, and that allows exit to this address:port, or return NULL if there isn't a good one.

References ADDR_POLICY_ACCEPTED, compare_tor_addr_to_addr_policy(), routerlist, routerlist_t::routers, tor_addr_from_ipv4h, and tor_inet_aton().

int router_fingerprint_is_me

(

const char *

fp

)

Return true iff fp is a hex fingerprint of my identity digest.

References base16_decode(), DIGEST_LEN, HEX_DIGEST_LEN, and router_digest_is_me().

void router_free_all

(

void

)

Release all static resources held in router.c

References authority_cert_free(), crypto_free_pk_env(), extrainfo_free(), routerinfo_free(), smartlist_free(), tor_free, and tor_mutex_free().

Referenced by tor_free_all().

uint32_t router_get_advertised_bandwidth

(

routerinfo_t *

router

)

Return the smaller of the router's configured BandwidthRate and its advertised capacity.

References routerinfo_t::bandwidthcapacity, and routerinfo_t::bandwidthrate.

Referenced by _compare_routerinfo_by_ip_and_bw(), dirserv_compute_performance_thresholds(), dirserv_thinks_router_is_unreliable(), and set_routerstatus_from_routerinfo().

uint32_t router_get_advertised_bandwidth_capped

(

routerinfo_t *

router

)

Return the smaller of the router's configured BandwidthRate and its advertised capacity, capped by max-believe-bw.

References routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, and DEFAULT_MAX_BELIEVABLE_BANDWIDTH.

Referenced by routerstatus_format_entry(), smartlist_choose_by_bandwidth(), and smartlist_choose_by_bandwidth_weights().

signed_descriptor_t* router_get_by_descriptor_digest

(

const char *

digest

)

Return the router in our routerlist whose 20-byte descriptor is digest. Return NULL if no such router is known.

References routerlist_t::desc_digest_map, routerlist, and tor_assert.

Referenced by connection_dirserv_add_servers_to_outbuf(), count_usable_descriptors(), dirserv_get_routerdesc_fingerprints(), dirserv_get_routerdescs(), dirserv_have_any_serverdesc(), networkstatus_reset_download_failures(), router_set_networkstatus_v2(), update_consensus_router_descriptor_downloads(), and update_router_descriptor_cache_downloads_v2().

routerinfo_t* router_get_by_digest

(

const char *

digest

)

Return the router in our routerlist whose 20-byte key digest is digest. Return NULL if no such router is known.

References routerlist_t::identity_map, routerlist, and tor_assert.

Referenced by bridges_retry_helper(), build_state_get_exit_router(), choose_good_entry_server(), choose_good_middle_server(), circuit_find_to_cannibalize(), circuit_list_path_impl(), circuit_rep_hist_note_result(), circuit_send_next_onion_skin(), command_process_create_cell(), command_process_netinfo_cell(), connection_ap_process_end_not_open(), connection_or_digest_is_known_relay(), connection_or_init_conn_from_address(), connection_or_set_state_open(), control_event_guard(), directory_get_from_hs_dir(), directory_initiate_command_routerstatus_rend(), directory_post_to_hs_dir(), dirserv_add_descriptor(), dirserv_add_extrainfo(), dirserv_get_routerdescs(), entry_guards_compute_status(), entry_is_live(), get_signed_descriptor_by_fp(), getinfo_helper_entry_guards(), handle_control_attachstream(), orconn_target_get_name(), rend_services_introduce(), rep_hist_dump_stats(), rep_hist_get_router_stability_doc(), rep_hist_record_mtbf_data(), router_digest_version_as_new_as(), router_get_by_hexdigest(), router_set_status(), router_supports_extrainfo(), routerstatus_format_entry(), smartlist_choose_by_bandwidth(), update_consensus_router_descriptor_downloads(), and update_extrainfo_downloads().

signed_descriptor_t* router_get_by_extrainfo_digest

(

const char *

digest

)

Return the signed descriptor for the router in our routerlist whose 20-byte extra-info digest is digest. Return NULL if no such router is known.

References routerlist_t::desc_by_eid_map, routerlist, and tor_assert.

Referenced by dir_routerdesc_download_failed().

routerinfo_t* router_get_by_hexdigest

(

const char *

hexdigest

)

Return the router in our routerlist whose hexadecimal key digest is hexdigest. Return NULL if no such router is known.

References DIGEST_LEN, HEX_DIGEST_LEN, hexdigest_to_digest(), routerinfo_t::is_named, routerinfo_t::nickname, router_get_by_digest(), routerlist, and tor_assert.

Referenced by getinfo_helper_dir(), and router_get_by_nickname().

routerinfo_t* router_get_by_nickname	(	const char *	nickname,
		int	warn_if_unnamed
	)

Return the router in our routerlist whose (case-insensitive) nickname or (case-sensitive) hexadecimal key digest is nickname. Return NULL if no such router is known.

References base16_decode(), DIGEST_LEN, get_options(), HEX_DIGEST_LEN, routerlist_t::identity_map, networkstatus_get_router_digest_by_nickname(), networkstatus_nickname_is_unnamed(), router_get_by_hexdigest(), router_get_my_routerinfo(), routerlist, routerlist_t::routers, server_mode(), and tor_assert.

Referenced by add_nickname_list_to_smartlist(), circuit_discard_optional_exit_enclaves(), circuit_get_open_circ_or_launch(), connection_ap_can_use_exit(), connection_ap_handshake_attach_circuit(), getinfo_helper_dir(), handle_control_extendcircuit(), rend_client_get_random_intro(), rend_service_introduce(), router_rebuild_descriptor(), routerlist_add_family(), and routerset_get_all_routers().

routerstatus_t* router_get_consensus_status_by_descriptor_digest

(

const char *

digest

)

Return the consensus view of the status of the router whose current descriptor digest is digest, or NULL if no such router is known.

References networkstatus_t::desc_digest_map, digestmap_new(), digestmap_set(), and networkstatus_t::routerstatus_list.

Referenced by router_get_dl_status_by_descriptor_digest(), and signed_descs_update_status_from_consensus_networkstatus().

routerstatus_t* router_get_consensus_status_by_id

(

const char *

digest

)

Return the consensus view of the status of the router whose identity digest is digest, or NULL if we don't know about any such router.

References compare_digest_to_routerstatus_entry(), networkstatus_t::routerstatus_list, and smartlist_bsearch().

Referenced by circuit_list_path_impl(), connection_dir_client_reached_eof(), connection_or_digest_is_known_relay(), router_get_my_share_of_directory_requests(), router_set_status(), router_supports_extrainfo(), smartlist_choose_by_bandwidth(), and smartlist_choose_by_bandwidth_weights().

routerstatus_t* router_get_consensus_status_by_nickname	(	const char *	nickname,
		int	warn_if_unnamed
	)

Given a nickname (possibly verbose, possibly a hexadecimal digest), return the corresponding routerstatus_t, or NULL if none exists. Warn the user if warn_if_unnamed is set, and they have specified a router by nickname, but the Named flag isn't set for that router.

References base16_decode(), DIGEST_LEN, escaped(), HEX_DIGEST_LEN, LD_GENERAL, named_server_map, networkstatus_vote_find_entry(), networkstatus_t::routerstatus_list, smartlist_create(), smartlist_free(), strmap_get_lc(), tor_fragile_assert, and unnamed_server_map.

Referenced by add_nickname_list_to_smartlist().

int router_get_dir_hash	(	const char *	s,
		char *	digest
	)

Set digest to the SHA-1 digest of the hash of the directory in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by dirserv_dump_directory_to_string(), and router_parse_directory().

download_status_t* router_get_dl_status_by_descriptor_digest

(

const char *

d

)

Given the digest of a router descriptor, return its current download status, or NULL if the digest is unrecognized.

References digestmap_get(), routerstatus_t::dl_status, router_get_consensus_status_by_descriptor_digest(), and v2_download_status_map.

Referenced by dir_routerdesc_download_failed(), and router_load_routers_from_string().

int router_get_extrainfo_hash	(	const char *	s,
		char *	digest
	)

Set digest to the SHA-1 digest of the hash of the extrainfo string in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by extrainfo_dump_to_string(), extrainfo_parse_entry_from_string(), and router_rebuild_descriptor().

const char* router_get_my_descriptor

(

void

)

OR only: Return a signed server descriptor for this OR, rebuilding a fresh one if necessary. Return NULL on error.

References routerinfo_t::cache_info, LD_GENERAL, router_get_my_routerinfo(), signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_get_body(), signed_descriptor_t::signed_descriptor_len, and tor_assert.

Referenced by init_keys().

extrainfo_t* router_get_my_extrainfo

(

void

)

Return the extrainfo document for this OR, or NULL if we have none. Rebuilt it (and the server descriptor) if necessary.

References get_options(), router_rebuild_descriptor(), and server_mode().

Referenced by extrainfo_insert(), get_signed_descriptor_by_fp(), router_extrainfo_digest_is_me(), and router_upload_dir_desc_to_dirservers().

routerinfo_t* router_get_my_routerinfo

(

void

)

Return a routerinfo for this OR, rebuilding a fresh one if necessary. Return NULL on error, or if called on an OP.

References get_options(), router_rebuild_descriptor(), and server_mode().

Referenced by circuit_rep_hist_note_result(), connection_or_send_netinfo(), consider_testing_reachability(), directory_conn_is_self_reachability_test(), directory_fetches_from_authorities(), dirserv_estimate_data_size(), dirserv_get_networkstatus_v2_fingerprints(), dirserv_get_routerdesc_fingerprints(), dirserv_get_routerdescs(), dns_resolve_impl(), get_signed_descriptor_by_fp(), getinfo_helper_misc(), hid_serv_acting_as_directory(), hid_serv_responsible_for_desc_id(), inform_testing_reachability(), router_compare_to_my_exit_policy(), router_dirport_found_reachable(), router_get_by_nickname(), router_get_my_descriptor(), router_get_my_share_of_directory_requests(), router_orport_found_reachable(), router_pick_trusteddirserver_impl(), router_upload_dir_desc_to_dirservers(), routerlist_insert(), routerlist_insert_old(), routerlist_replace(), run_scheduled_events(), and second_elapsed_callback().

int router_get_my_share_of_directory_requests	(	double *	v2_share_out,
		double *	v3_share_out
	)

Try to determine which fraction of v2 and v3 directory requests aimed at caches will be sent to us. Set *v2_share_out and *v3_share_out to the fractions of v2 and v3 protocol shares we expect to see, respectively. Return 0 on success, negative on failure.

References routerinfo_t::cache_info, signed_descriptor_t::identity_digest, routerstatus_t::is_v2_dir, PDS_ALLOW_SELF, PDS_IGNORE_FASCISTFIREWALL, router_get_consensus_status_by_id(), router_get_my_routerinfo(), router_pick_directory_server(), sl_last_total_weighted_bw, V2_AUTHORITY, V3_AUTHORITY, and routerstatus_t::version_supports_v3_dir.

Referenced by geoip_determine_shares().

int router_get_networkstatus_v2_hash	(	const char *	s,
		char *	digest
	)

Set digest to the SHA-1 digest of the hash of the network-status string in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by networkstatus_v2_parse_from_string().

int router_get_networkstatus_v3_hash	(	const char *	s,
		char *	digest,
		digest_algorithm_t	alg
	)

Set digest to the SHA-1 digest of the hash of the network-status string in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by format_networkstatus_vote().

int router_get_networkstatus_v3_hashes	(	const char *	s,
		digests_t *	digests
	)

Set digests to all the digests of the consensus document in s

References router_get_hashes_impl().

Referenced by networkstatus_parse_vote_from_string().

int router_get_router_hash	(	const char *	s,
		size_t	s_len,
		char *	digest
	)

Set digest to the SHA-1 digest of the hash of the first router in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by router_dump_router_to_string(), router_parse_entry_from_string(), and router_rebuild_descriptor().

routerlist_t* router_get_routerlist

(

void

)

Return the current list of all known routers.

References routerlist_t::desc_by_eid_map, routerlist_t::desc_digest_map, routerlist_t::desc_store, desc_store_t::description, routerlist_t::extra_info_map, routerlist_t::extrainfo_store, desc_store_t::fname_alt_base, desc_store_t::fname_base, routerlist_t::identity_map, routerlist_t::old_routers, routerlist, routerlist_t::routers, smartlist_create(), and desc_store_t::type.

Referenced by choose_good_entry_server(), directory_remove_invalid(), dirserv_generate_networkstatus_vote_obj(), dirserv_get_routerdesc_fingerprints(), dirserv_get_routerdescs(), dirserv_orconn_tls_done(), dirserv_test_reachability(), format_networkstatus_vote(), generate_v2_networkstatus_opinion(), getinfo_helper_dir(), networkstatus_getinfo_by_purpose(), onion_pick_cpath_exit(), router_add_extrainfo_to_routerlist(), router_add_to_routerlist(), router_choose_random_node(), router_load_extrainfo_from_string(), router_parse_list_from_string(), router_reload_router_list(), routerlist_refresh_countries(), routers_update_all_from_networkstatus(), signed_descriptor_get_body_impl(), and update_extrainfo_downloads().

int router_get_runningrouters_hash	(	const char *	s,
		char *	digest
	)

Set digest to the SHA-1 digest of the hash of the running-routers string in s. Return 0 on success, -1 on failure.

References router_get_hash_impl().

Referenced by generate_runningrouters(), and router_parse_runningrouters().

smartlist_t* router_get_trusted_dir_servers

(

void

)

Return a smartlist containing a list of trusted_dir_server_t * for all known trusted dirservers. Callers must not modify the list or its contents.

References smartlist_create(), and trusted_dir_servers.

Referenced by connection_dir_client_reached_eof(), connection_dir_download_networkstatus_failed(), consider_adding_dir_authorities(), directories_have_accepted_server_descriptor(), directory_get_consensus_url(), directory_get_from_all_authorities(), directory_post_to_dirservers(), dirserv_get_networkstatus_v2_fingerprints(), dirserv_set_cached_networkstatus_v2(), dirvote_fetch_missing_votes(), list_v3_auth_ids(), networkstatus_check_consensus_signature(), and update_v2_networkstatus_cache_downloads().

trusted_dir_server_t* router_get_trusteddirserver_by_digest

(

const char *

digest

)

Return the trusted_dir_server_t for the directory authority whose identity key hashes to digest, or NULL if no such authority is known.

References DIGEST_LEN, and trusted_dir_servers.

Referenced by connection_dir_client_reached_eof(), dir_networkstatus_download_failed(), init_keys(), router_set_networkstatus_v2(), and update_router_descriptor_cache_downloads_v2().

void router_get_verbose_nickname	(	char *	buf,
		const routerinfo_t *	router
	)

Set buf (which must have MAX_VERBOSE_NICKNAME_LEN+1 bytes) to the verbose representation of the identity of router. The format is: A dollar sign. The upper-case hexadecimal encoding of the SHA1 hash of router's identity. A "=" if the router is named; a "~" if it is not. The router's nickname.

References base16_encode(), routerinfo_t::cache_info, DIGEST_LEN, HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::is_named, MAX_NICKNAME_LEN, and routerinfo_t::nickname.

Referenced by circuit_list_path_impl(), control_event_descriptors_changed(), control_event_guard(), getinfo_helper_entry_guards(), list_server_status_v1(), and orconn_target_get_name().

int router_have_minimum_dir_info

(

void

)

Return true iff we have enough networkstatus and router information to start building circuits. Right now, this means "more than half the networkstatus documents, and at least 1/4 of expected routers."

References update_router_have_minimum_dir_info().

Referenced by add_nickname_list_to_smartlist(), circuit_get_open_circ_or_launch(), circuit_launch_by_extend_info(), directory_info_has_arrived(), getinfo_helper_events(), run_scheduled_events(), and update_extrainfo_downloads().

int router_is_me

(

routerinfo_t *

router

)

A wrapper around router_digest_is_me().

References routerinfo_t::cache_info, signed_descriptor_t::identity_digest, and router_digest_is_me().

Referenced by choose_good_exit_server_general(), dirserv_add_descriptor(), dirserv_set_router_is_running(), dirserv_test_reachability(), router_load_single_router(), router_rebuild_descriptor(), router_set_status(), and routerlist_find_my_routerinfo().

int router_is_unreliable	(	routerinfo_t *	router,
		int	need_uptime,
		int	need_capacity,
		int	need_guard
	)

Return 1 if router is not suitable for these parameters, else 0. If need_uptime is non-zero, we require a minimum uptime. If need_capacity is non-zero, we require a minimum advertised bandwidth. If need_guard, we require that the router is a possible entry guard.

References routerinfo_t::is_fast, routerinfo_t::is_possible_guard, and routerinfo_t::is_stable.

Referenced by choose_good_exit_server_general(), entry_is_live(), router_add_running_routers_to_smartlist(), and router_exit_policy_all_routers_reject().

void router_load_extrainfo_from_string	(	const char *	s,
		const char *	eos,
		saved_location_t	saved_location,
		smartlist_t *	requested_fingerprints,
		int	descriptor_digests
	)

Parse one or more extrainfos from s (ending immediately before eos if eos is present). Other arguments are as for router_load_routers_from_string().

References base16_encode(), DIGEST_LEN, HEX_DIGEST_LEN, LD_DIR, router_add_extrainfo_to_routerlist(), router_get_routerlist(), router_parse_list_from_string(), router_rebuild_store(), routerlist, routerlist_assert_ok(), SAVED_NOWHERE, smartlist_create(), smartlist_free(), smartlist_string_remove(), and WRA_WAS_ADDED().

Referenced by connection_dir_client_reached_eof(), and router_reload_router_list_impl().

int router_load_routers_from_string	(	const char *	s,
		const char *	eos,
		saved_location_t	saved_location,
		smartlist_t *	requested_fingerprints,
		int	descriptor_digests,
		const char *	prepend_annotations
	)

Given a string s containing some routerdescs, parse it and put the routers into our directory. If saved_location is SAVED_NOWHERE, the routers are in response to a query to the network: cache them by adding them to the journal.

Return the number of routers actually added.

If requested_fingerprints is provided, it must contain a list of uppercased fingerprints. Do not update any router whose fingerprint is not on the list; after updating a router, remove its fingerprint from the list.

If descriptor_digests is non-zero, then the requested_fingerprints are descriptor digests. Otherwise they are identity digests.

References base16_encode(), routerlist_t::desc_store, DIGEST_LEN, download_status_mark_impossible(), HEX_DIGEST_LEN, hex_str(), LD_DIR, LD_GENERAL, router_add_to_routerlist(), router_get_dl_status_by_descriptor_digest(), router_parse_list_from_string(), router_rebuild_store(), routerinfo_free(), routerlist, routerlist_assert_ok(), routerlist_descriptors_added(), routers_update_status_from_consensus_networkstatus(), SAVED_NOWHERE, smartlist_add(), smartlist_clear(), smartlist_create(), smartlist_free(), smartlist_join_strings(), smartlist_string_isin(), smartlist_string_remove(), tor_free, WRA_WAS_ADDED(), and WRA_WAS_REJECTED().

Referenced by load_downloaded_routers(), and router_reload_router_list_impl().

int router_load_single_router	(	const char *	s,
		uint8_t	purpose,
		int	cache,
		const char **	msg
	)

Code to parse a single router descriptor and insert it into the routerlist. Return -1 if the descriptor was ill-formed; 0 if the descriptor was well-formed but could not be added; and 1 if the descriptor was added.

If we don't add it and msg is not NULL, then assign to *msg a static string describing the reason for refusing the descriptor.

This is used only by the controller.

References routerinfo_t::cache_info, signed_descriptor_t::do_not_cache, LD_DIR, routerinfo_t::purpose, router_add_to_routerlist(), ROUTER_ANNOTATION_BUF_LEN, router_is_me(), router_parse_entry_from_string(), router_purpose_to_string(), routerinfo_free(), routerlist_descriptors_added(), routers_update_status_from_consensus_networkstatus(), smartlist_add(), smartlist_create(), smartlist_free(), tor_assert, tor_snprintf(), and WRA_WAS_ADDED().

Referenced by handle_control_postdescriptor().

void router_new_address_suggestion	(	const char *	suggestion,
		const dir_connection_t *	d_conn
	)

A directory server d_conn told us our IP address is suggestion. If this address is different from the one we think we are now, and if our computer doesn't actually know its IP address, then switch.

References dir_connection_t::_base, connection_t::addr, connection_t::address, control_event_server_status(), escaped(), get_options(), ip_address_changed(), is_internal_IP(), last_guessed_ip, LD_DIR, log_addr_has_changed(), resolve_my_address(), server_mode(), tor_addr_eq_ipv4h(), and tor_inet_aton().

Referenced by connection_dir_client_reached_eof().

int router_nickname_is_in_list	(	routerinfo_t *	router,
		const char *	list
	)

Return 1 iff any member of the (possibly NULL) comma-separated list list is an acceptable nickname or hexdigest for router. Else return 0.

References router_nickname_matches(), smartlist_create(), smartlist_free(), smartlist_split_string(), tor_assert, and tor_free.

Referenced by routers_in_same_family().

void router_orport_found_reachable

(

void

)

Annotate that we found our ORPort reachable.

References routerinfo_t::address, can_reach_or_port, control_event_server_status(), get_options(), LD_BUG, LD_OR, mark_my_descriptor_dirty(), routerinfo_t::or_port, and router_get_my_routerinfo().

Referenced by onionskin_answer().

addr_policy_t* router_parse_addr_policy_item_from_string	(	const char *	s,
		int	assume_action
	)

Parse the addr policy in the string s and return it. If assume_action is nonnegative, then insert its action (ADDR_POLICY_ACCEPT or ADDR_POLICY_REJECT) for items that specify no action.

References eat_whitespace(), directory_token_t::error, escaped(), get_next_token(), LD_DIR, memarea_drop_all(), memarea_new(), router_parse_addr_policy(), token_clear(), tor_snprintf(), tor_strlower(), and directory_token_t::tp.

Referenced by parse_addr_policy(), policies_set_router_exitpolicy_to_reject_all(), and routerset_parse().

int router_parse_directory

(

const char *

str

)

Read a signed directory from str. If it's well-formed, return 0. Otherwise, return -1. If we're a directory cache, cache it.

References directory_token_t::args, authdir_mode_v1(), check_signature_token(), crypto_free_pk_env(), DIGEST_LEN, dirserv_set_cached_directory(), dump_desc(), find_dir_signing_key(), get_options(), hex_str(), LD_DIR, memarea_clear(), memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), parse_iso_time(), router_get_dir_hash(), smartlist_clear(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.

routerinfo_t* router_parse_entry_from_string	(	const char *	s,
		const char *	end,
		int	cache_copy,
		int	allow_annotations,
		const char *	prepend_annotations
	)

Helper function: reads a single router entry from *s ... *end. Mallocs a new router and returns it if all goes well, else returns NULL. If cache_copy is true, duplicate the contents of s through end into the signed_descriptor_body of the resulting routerinfo_t.

If end is NULL, s must be properly NULL-terminated.

If allow_annotations, it's okay to encounter annotations in s before the router; if it's false, reject the router if it's annotated. If prepend_annotations is set, it should contain some annotations: append them to the front of the router before parsing it, and keep them around when caching the router.

Only one of allow_annotations and prepend_annotations may be set.

References routerinfo_t::addr, routerinfo_t::address, routerinfo_t::allow_single_hop_exits, signed_descriptor_t::annotations_len, directory_token_t::args, routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_decode(), routerinfo_t::cache_info, routerinfo_t::caches_extra_info, check_signature_token(), routerinfo_t::contact_info, routerinfo_t::country, crypto_pk_get_digest(), routerinfo_t::declared_family, DIGEST_LEN, digestmap_new(), digestmap_set(), routerinfo_t::dir_port, dump_desc(), escaped(), routerinfo_t::exit_policy, signed_descriptor_t::extra_info_digest, find_all_exitpolicy(), find_opt_by_keyword(), routerinfo_t::has_old_dnsworkers, HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, routerinfo_t::is_hibernating, is_legal_nickname(), is_legal_nickname_or_hexdigest(), directory_token_t::key, LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, routerinfo_t::nickname, note_crypto_pk_op(), routerinfo_t::onion_pkey, routerinfo_t::or_port, parse_iso_time(), routerinfo_t::platform, policy_expand_private(), routerinfo_t::policy_is_reject_star, policy_is_reject_star(), signed_descriptor_t::published_on, routerinfo_t::purpose, router_add_exit_policy(), router_get_router_hash(), router_purpose_from_string(), ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerinfo_set_country(), signed_descriptor_t::routerlist_index, signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_create(), smartlist_free(), strcmpstart(), token_clear(), tokenize_string(), tor_assert, tor_inet_aton(), tor_parse_long(), tor_strstrip(), tor_version_as_new_as(), routerinfo_t::uptime, and routerinfo_t::wants_to_be_hs_dir.

Referenced by init_keys(), router_dump_router_to_string(), router_load_single_router(), router_parse_list_from_string(), and routerlist_reparse_old().

int router_parse_list_from_string	(	const char **	s,
		const char *	eos,
		smartlist_t *	dest,
		saved_location_t	saved_location,
		int	want_extrainfo,
		int	allow_annotations,
		const char *	prepend_annotations
	)

Given a string *s containing a concatenated sequence of router descriptors (or extra-info documents if is_extrainfo is set), parses them and stores the result in dest. All routers are marked running and valid. Advances *s to a point immediately following the last router entry. Ignore any trailing router entries that are not complete.

If saved_location isn't SAVED_IN_CACHE, make a local copy of each descriptor in the signed_descriptor_body field of each routerinfo_t. If it isn't SAVED_NOWHERE, remember the offset of each descriptor.

Returns 0 on success and -1 on failure.

References routerinfo_t::cache_info, extrainfo_t::cache_info, extrainfo_parse_entry_from_string(), find_start_of_next_router_or_extrainfo(), routerlist_t::identity_map, LD_DIR, routerinfo_t::nickname, routerinfo_t::purpose, router_get_routerlist(), router_parse_entry_from_string(), router_purpose_to_string(), SAVED_IN_CACHE, signed_descriptor_t::saved_location, SAVED_NOWHERE, signed_descriptor_t::saved_offset, smartlist_add(), and tor_assert.

Referenced by dirserv_add_multiple_descriptors(), router_load_extrainfo_from_string(), and router_load_routers_from_string().

int router_parse_runningrouters

(

const char *

str

)

Read a signed router status statement from str. If it's well-formed, return 0. Otherwise, return -1. If we're a directory cache, cache it.

References directory_token_t::args, authdir_mode_v1(), check_signature_token(), crypto_free_pk_env(), DIGEST_LEN, dirserv_set_cached_directory(), dump_desc(), find_dir_signing_key(), find_opt_by_keyword(), get_options(), LD_DIR, memarea_drop_all(), memarea_new(), directory_token_t::n_args, note_crypto_pk_op(), parse_iso_time(), router_get_runningrouters_hash(), smartlist_create(), smartlist_free(), token_clear(), tokenize_string(), tor_assert, and directory_token_t::tp.

void router_perform_bandwidth_test	(	int	num_circs,
		time_t	now
	)

We have enough testing circuits open. Send a bunch of "drop" cells down each of them, to exercise our bandwidth.

References origin_circuit_t::_base, or_options_t::BandwidthRate, CELL_NETWORK_SIZE, circuit_get_next_by_pk_and_purpose(), CIRCUIT_PURPOSE_TESTING, CIRCUIT_STATE_OPEN, CIRCWINDOW_START, origin_circuit_t::cpath, get_options(), LD_OR, crypt_path_t::prev, relay_send_command_from_edge(), circuit_t::state, circuit_t::timestamp_dirty, and TO_CIRCUIT.

Referenced by circuit_testing_opened().

routerstatus_t* router_pick_directory_server	(	authority_type_t	type,
		int	flags
	)

Try to find a running dirserver that supports operations of type.

If there are no running dirservers in our routerlist and the PDS_RETRY_IF_NO_SERVERS flag is set, set all the authoritative ones as running again, and pick one.

If the PDS_IGNORE_FASCISTFIREWALL flag is set, then include dirservers that we can't reach.

If the PDS_ALLOW_SELF flag is not set, then don't include ourself (if we're a dirserver).

Don't pick an authority if any non-authority is viable; try to avoid using servers that have returned 503 recently.

References get_options(), LD_DIR, mark_all_trusteddirservers_up(), PDS_RETRY_IF_NO_SERVERS, router_pick_directory_server_impl(), and routerlist.

Referenced by directory_get_from_dirserver(), and router_get_my_share_of_directory_requests().

int router_pick_published_address	(	or_options_t *	options,
		uint32_t *	addr
	)

Make a current best guess at our address, either because it's configured in torrc, or because we've learned it from dirserver headers. Place the answer in *addr and return 0 on success, else return -1 if we have no guess.

References LD_CONFIG, resolve_my_address(), and router_guess_address_from_dir_headers().

Referenced by directory_fetches_from_authorities(), getinfo_helper_misc(), and router_rebuild_descriptor().

routerstatus_t* router_pick_trusteddirserver	(	authority_type_t	type,
		int	flags
	)

Try to find a running trusted dirserver. Flags are as for router_pick_directory_server.

References get_options(), LD_DIR, mark_all_trusteddirservers_up(), PDS_NO_EXISTING_SERVERDESC_FETCH, PDS_RETRY_IF_NO_SERVERS, router_pick_trusteddirserver_impl(), and tor_assert.

Referenced by directory_get_from_dirserver().

uint8_t router_purpose_from_string

(

const char *

s

)

Given a string, convert it to a router purpose.

References ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_CONTROLLER, ROUTER_PURPOSE_GENERAL, and ROUTER_PURPOSE_UNKNOWN.

Referenced by handle_control_postdescriptor(), networkstatus_getinfo_by_purpose(), and router_parse_entry_from_string().

const char* router_purpose_to_string

(

uint8_t

p

)

Given a router purpose, convert it to a string. Don't call this on ROUTER_PURPOSE_UNKNOWN: The whole point of that value is that we don't know its string representation.

References ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_CONTROLLER, ROUTER_PURPOSE_GENERAL, and tor_assert.

Referenced by dirserv_add_multiple_descriptors(), load_downloaded_routers(), router_load_single_router(), and router_parse_list_from_string().

int router_rebuild_descriptor

(

int

force

)

If force is true, or our descriptor is out-of-date, rebuild a fresh routerinfo, signed server descriptor, and extra-info document for this OR. Return 0 on success, -1 on temporary error.

References routerinfo_t::addr, routerinfo_t::address, authdir_mode(), routerinfo_t::bandwidthburst, routerinfo_t::bandwidthcapacity, routerinfo_t::bandwidthrate, base16_encode(), or_options_t::BridgeRelay, extrainfo_t::cache_info, routerinfo_t::cache_info, control_event_my_descriptor_changed(), crypto_pk_dup_key(), crypto_pk_get_digest(), routerinfo_t::declared_family, desc_clean_since, desc_needs_upload, DIGEST_LEN, routerinfo_t::dir_port, or_options_t::DirPort, escaped(), routerinfo_t::exit_policy, or_options_t::ExitPolicy, or_options_t::ExitPolicyRejectPrivate, signed_descriptor_t::extra_info_digest, extrainfo_dump_to_string(), extrainfo_free(), or_options_t::ExtraInfoStatistics, get_effective_bwburst(), get_effective_bwrate(), get_identity_key(), get_onion_key(), get_options(), get_platform_str(), HEX_DIGEST_LEN, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, signed_descriptor_t::is_extrainfo, is_legal_hexdigest(), is_legal_nickname_or_hexdigest(), routerinfo_t::is_named, routerinfo_t::is_running, routerinfo_t::is_valid, LD_BUG, LD_CONFIG, MAX_EXTRAINFO_UPLOAD_SIZE, or_options_t::MyFamily, extrainfo_t::nickname, or_options_t::Nickname, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::or_port, or_options_t::ORPort, routerinfo_t::platform, policies_parse_exit_policy(), signed_descriptor_t::published_on, routerinfo_t::purpose, rep_hist_bandwidth_assess(), router_dump_router_to_string(), router_get_by_nickname(), router_get_extrainfo_hash(), router_get_router_hash(), router_is_me(), router_pick_published_address(), ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerinfo_incompatible_with_extrainfo(), routerinfo_set_country(), signed_descriptor_t::routerlist_index, signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_create(), smartlist_free(), smartlist_sort_strings(), smartlist_split_string(), smartlist_string_isin(), smartlist_string_remove(), smartlist_uniq_strings(), tor_assert, tor_dup_ip(), tor_free, and we_are_hibernating().

Referenced by consider_publishable_server(), router_get_my_extrainfo(), router_get_my_routerinfo(), and run_scheduled_events().

int router_reload_consensus_networkstatus

(

void

)

Read every cached v3 consensus networkstatus from the disk.

References get_datadir_fname, get_options(), LD_FS, named_server_map, networkstatus_get_flavor_name(), networkstatus_set_current_consensus(), read_file_to_str(), RFTS_IGNORE_MISSING, routers_update_all_from_networkstatus(), tor_free, tor_snprintf(), unnamed_server_map, update_certificate_downloads(), and networkstatus_t::valid_after.

Referenced by do_main_loop().

int router_reload_router_list

(

void

)

Load all cached router descriptors and extra-info documents from the store. Return 0 on success and -1 on failure.

References routerlist_t::desc_store, routerlist_t::extrainfo_store, router_get_routerlist(), and router_reload_router_list_impl().

Referenced by do_main_loop().

int router_reload_v2_networkstatus

(

void

)

Repopulate our list of network_status_t objects from the list cached on disk. Return 0 on success, -1 on failure.

References base16_decode(), DIGEST_LEN, directory_caches_v2_dir_info(), get_datadir_fname, get_datadir_fname2, get_options(), HEX_DIGEST_LEN, LD_DIR, LD_FS, networkstatus_v2_list_clean(), read_file_to_str(), remove_file_if_very_old(), router_set_networkstatus_v2(), routers_update_all_from_networkstatus(), smartlist_create(), smartlist_free(), tor_free, and tor_listdir().

Referenced by do_main_loop().

void router_reset_descriptor_download_failures

(

void

)

Reset the descriptor download failure count on all routers, so that we can retry any long-failed routers immediately.

References download_status_reset(), last_routerdesc_download_attempted, networkstatus_reset_download_failures(), routerlist, and routerlist_t::routers.

Referenced by do_hup(), routerlist_retry_directory_downloads(), and run_scheduled_events().

void router_reset_reachability

(

void

)

Forget what we have learned about our reachability status.

References can_reach_dir_port, and can_reach_or_port.

Referenced by ip_address_changed().

void router_reset_status_download_failures

(

void

)

Reset all internal variables used to count failed downloads of network status objects.

References mark_all_trusteddirservers_up().

Referenced by do_hup(), and routerlist_retry_directory_downloads().

void router_reset_warnings

(

void

)

Forget that we have issued any router-related warnings, so that we'll warn again if we see the same errors.

References smartlist_clear(), and tor_free.

Referenced by do_hup().

int router_set_networkstatus_v2	(	const char *	s,
		time_t	arrived_at,
		v2_networkstatus_source_t	source,
		smartlist_t *	requested_fingerprints
	)

Given a string s containing a network status that we received at arrived_at from source, try to parse it, see if we want to store it, and put it into our cache as necessary.

If source is NS_FROM_DIR or NS_FROM_CACHE, do not replace our own networkstatus_t (if we're an authoritative directory server).

If source is NS_FROM_CACHE, do not write our networkstatus_t to the cache.

If requested_fingerprints is provided, it must contain a list of uppercased identity fingerprints. Do not update any networkstatus whose fingerprint is not on the list; after updating a networkstatus, remove its fingerprint from the list.

Return 0 on success, -1 on failure.

Callers should make sure that routers_update_all_from_networkstatus() is invoked after this function succeeds.

Retain any routerinfo mentioned in a V2 networkstatus for at least this long.

References add_networkstatus_to_cache(), base16_encode(), control_event_general_status(), trusted_dir_server_t::description, DIGEST_LEN, directory_caches_v2_dir_info(), download_status_failed, download_status_reset(), networkstatus_v2_t::entries, format_iso_time(), format_time_interval(), get_options(), HEX_DIGEST_LEN, networkstatus_v2_t::identity_digest, signed_descriptor_t::last_listed_as_valid_until, LD_DIR, LD_GENERAL, NETWORKSTATUS_ALLOW_SKEW, networkstatus_v2_t::networkstatus_digest, networkstatus_get_cache_filename(), networkstatus_v2_free(), networkstatus_v2_parse_from_string(), networkstatus_v2_t::published_on, networkstatus_v2_t::received_on, router_digest_is_me(), router_get_by_descriptor_digest(), router_get_trusteddirserver_by_digest(), smartlist_add(), smartlist_create(), smartlist_join_strings(), smartlist_string_isin(), smartlist_string_remove(), networkstatus_v2_t::source_address, networkstatus_v2_t::source_dirport, tor_assert, tor_free, touch_file(), trusted_dir_server_t::type, V2_AUTHORITY, and trusted_dir_server_t::v2_ns_dl_status.

Referenced by connection_dir_client_reached_eof(), and router_reload_v2_networkstatus().

void router_set_status	(	const char *	digest,
		int	up
	)

Mark the router with ID digest as running or non-running in our routerlist.

References routerinfo_t::address, control_event_networkstatus_changed_single(), DIGEST_LEN, routerstatus_t::is_running, routerinfo_t::is_running, LD_DIR, LD_NET, routerinfo_t::nickname, router_dir_info_changed(), router_get_by_digest(), router_get_consensus_status_by_id(), router_is_me(), tor_assert, trusted_dir_servers, and we_are_hibernating().

Referenced by connection_dir_request_failed(), and connection_or_set_state_open().

int router_supports_extrainfo	(	const char *	identity_digest,
		int	is_authority
	)

Return true iff identity_digest is the digest of a router we believe to support extrainfo downloads. (If is_authority we do additional checking that's only valid for authorities.)

References routerinfo_t::caches_extra_info, routerinfo_t::platform, router_get_by_digest(), router_get_consensus_status_by_id(), tor_version_as_new_as(), and routerstatus_t::version_supports_extrainfo_upload.

Referenced by directory_post_to_dirservers(), router_pick_directory_server_impl(), and router_pick_trusteddirserver_impl().

void router_upload_dir_desc_to_dirservers

(

int

force

)

OR only: If force is true, or we haven't uploaded this descriptor successfully yet, try to upload our signed descriptor to all the directory servers we know about.

References or_options_t::_PublishServerDescriptor, BRIDGE_AUTHORITY, extrainfo_t::cache_info, routerinfo_t::cache_info, desc_needs_upload, DIR_PURPOSE_UPLOAD_DIR, directory_post_to_dirservers(), get_options(), LD_GENERAL, router_get_my_extrainfo(), router_get_my_routerinfo(), ROUTER_PURPOSE_BRIDGE, ROUTER_PURPOSE_GENERAL, signed_descriptor_t::signed_descriptor_body, signed_descriptor_t::signed_descriptor_len, and tor_free.

Referenced by consider_publishable_server(), and run_scheduled_events().

void routerinfo_free

(

routerinfo_t *

router

)

Free all storage held by router.

References addr_policy_list_free(), routerinfo_t::address, routerinfo_t::cache_info, routerinfo_t::contact_info, crypto_free_pk_env(), routerinfo_t::declared_family, routerinfo_t::exit_policy, routerinfo_t::identity_pkey, routerinfo_t::nickname, routerinfo_t::onion_pkey, routerinfo_t::platform, signed_descriptor_t::signed_descriptor_body, smartlist_free(), and tor_free.

Referenced by dirserv_add_descriptor(), router_add_to_routerlist(), router_dump_router_to_string(), router_free_all(), router_load_routers_from_string(), router_load_single_router(), router_parse_entry_from_string(), router_rebuild_descriptor(), routerlist_free(), routerlist_insert_old(), routerlist_remove(), routerlist_replace(), and signed_descriptor_from_routerinfo().

int routerinfo_incompatible_with_extrainfo	(	routerinfo_t *	ri,
		extrainfo_t *	ei,
		signed_descriptor_t *	sd,
		const char **	msg
	)

Check whether ri (a.k.a. sd) is a router compatible with the extrainfo document ei. If no router is compatible with ei, ei should be dropped. Return 0 for "compatible", return 1 for "reject, and inform whoever uploaded ei, and return -1 for "reject silently.". If msg is present, set *msg to a description of the incompatibility (if any).

References extrainfo_t::bad_sig, extrainfo_t::cache_info, routerinfo_t::cache_info, crypto_pk_public_checksig(), DIGEST_LEN, signed_descriptor_t::extra_info_digest, signed_descriptor_t::extrainfo_is_bogus, signed_descriptor_t::identity_digest, routerinfo_t::identity_pkey, extrainfo_t::pending_sig, extrainfo_t::pending_sig_len, signed_descriptor_t::published_on, signed_descriptor_t::send_unencrypted, signed_descriptor_t::signed_descriptor_digest, tor_assert, and tor_free.

Referenced by dirserv_add_extrainfo(), extrainfo_insert(), and router_rebuild_descriptor().

int routerinfo_is_a_configured_bridge

(

routerinfo_t *

ri

)

Return 1 if ri is one of our known bridges, else 0.

References routerinfo_get_configured_bridge().

Referenced by router_add_to_routerlist().

void routerinfo_set_country

(

routerinfo_t *

ri

)

Refresh the country code of ri. This function MUST be called on each router when the GeoIP database is reloaded, and on all new routers.

References routerinfo_t::addr, routerinfo_t::country, and geoip_get_country_by_ip().

Referenced by router_parse_entry_from_string(), router_rebuild_descriptor(), and routerlist_refresh_countries().

void routerlist_add_family	(	smartlist_t *	sl,
		routerinfo_t *	router
	)

Add all the family of router to the smartlist sl. This is used to make sure we don't pick siblings in a single path, or pick more than one relay from a family for our entry guard list.

References routerinfo_t::declared_family, or_options_t::EnforceDistinctSubnets, get_options(), router_get_by_nickname(), router_nickname_matches(), routerlist_add_network_family(), and smartlist_add().

Referenced by choose_good_entry_server(), choose_good_middle_server(), and choose_random_entry().

void routerlist_assert_ok

(

routerlist_t *

rl

)

Assert that the internal representation of rl is self-consistent.

References routerlist_t::desc_digest_map, routerlist_t::identity_map, routerlist_t::routers, and tor_assert.

Referenced by directory_remove_invalid(), extrainfo_insert(), router_load_extrainfo_from_string(), router_load_routers_from_string(), routerlist_insert(), routerlist_insert_old(), routerlist_remove(), routerlist_remove_old(), and routerlist_replace().

routerinfo_t* routerlist_find_my_routerinfo

(

void

)

Look through the routerlist until we find a router that has my key. Return it.

References router_is_me(), routerlist, and routerlist_t::routers.

void routerlist_free

(

routerlist_t *

rl

)

Free all storage held by a routerlist rl.

References _extrainfo_free(), routerlist_t::desc_by_eid_map, routerlist_t::desc_digest_map, routerlist_t::desc_store, routerlist_t::extra_info_map, routerlist_t::extrainfo_store, routerlist_t::identity_map, desc_store_t::mmap, routerlist_t::old_routers, router_dir_info_changed(), routerinfo_free(), routerlist, routerlist_t::routers, signed_descriptor_free(), smartlist_free(), tor_free, and tor_munmap_file().

Referenced by routerlist_free_all().

void routerlist_free_all

(

void

)

Free all memory held by the routerlist module.

References authority_cert_free(), digestmap_free(), routerlist, routerlist_free(), smartlist_free(), tor_free, trusted_dir_certs, trusted_dir_server_free(), trusted_dir_servers, and warned_nicknames.

Referenced by tor_free_all().

void routerlist_refresh_countries

(

void

)

Set the country code of all routers in the routerlist.

References router_get_routerlist(), routerinfo_set_country(), and routerlist_t::routers.

Referenced by refresh_all_country_info().

void routerlist_remove	(	routerlist_t *	rl,
		routerinfo_t *	ri,
		int	make_old,
		time_t	now
	)

Remove an item ri from the routerlist rl, updating indices as needed. If idx is nonnegative and smartlist_get(rl->routers, idx) == ri, we don't need to do a linear search over the list to decide which to remove. We fill the gap in rl->routers with a later element in the list, if any exists. ri is freed.

If make_old is true, instead of deleting the router, we try adding it to rl->old_routers.

References desc_store_t::bytes_dropped, extrainfo_t::cache_info, routerinfo_t::cache_info, routerlist_t::desc_by_eid_map, routerlist_t::desc_digest_map, routerlist_t::desc_store, signed_descriptor_t::extra_info_digest, routerlist_t::extra_info_map, extrainfo_free(), routerlist_t::extrainfo_store, signed_descriptor_t::identity_digest, routerlist_t::identity_map, routerlist_t::old_routers, routerinfo_t::purpose, rep_hist_note_router_unreachable(), router_dir_info_changed(), ROUTER_PURPOSE_GENERAL, routerinfo_free(), routerlist_assert_ok(), signed_descriptor_t::routerlist_index, routerlist_t::routers, signed_descriptor_t::signed_descriptor_digest, signed_descriptor_from_routerinfo(), signed_descriptor_t::signed_descriptor_len, smartlist_add(), smartlist_del(), tor_assert, and tor_digest_is_zero().

Referenced by directory_remove_invalid(), and routerlist_remove_old_routers().

void routerlist_remove_old_routers

(

void

)

Deactivate any routers from the routerlist that are more than ROUTER_MAX_AGE seconds old and not recommended by any networkstatuses; remove old routers from the list of cached routers if we have too many.

References _compare_old_routers_by_identity(), routerinfo_t::cache_info, routerlist_t::desc_store, DIGEST_LEN, digestset_free(), digestset_new(), directory_caches_dir_info(), routerlist_t::extrainfo_store, get_options(), signed_descriptor_t::identity_digest, signed_descriptor_t::last_listed_as_valid_until, LD_DIR, networkstatus_get_latest_consensus(), networkstatus_get_v2_list(), networkstatus_v2_list, routerinfo_t::nickname, OLD_ROUTER_DESC_MAX_AGE, routerlist_t::old_routers, signed_descriptor_t::published_on, ROUTER_MAX_AGE, router_rebuild_store(), routerlist, signed_descriptor_t::routerlist_index, routerlist_remove(), routerlist_remove_old(), routerlist_remove_old_cached_routers_with_id(), routerlist_t::routers, networkstatus_t::routerstatus_list, signed_descriptor_t::signed_descriptor_digest, smartlist_sort(), and trusted_dirs_remove_old_certs().

Referenced by router_rebuild_store(), router_reload_router_list_impl(), and run_scheduled_events().

void routerlist_reset_warnings

(

void

)

Forget that we have issued any router-related warnings, so that we'll warn again if we see the same errors.

References networkstatus_reset_warnings(), smartlist_clear(), smartlist_create(), tor_free, and warned_nicknames.

Referenced by do_hup().

void routerlist_retry_directory_downloads

(

time_t

now

)

Clear all our timeouts for fetching v2 and v3 directory stuff, and then give it all a try again.

References router_reset_descriptor_download_failures(), router_reset_status_download_failures(), update_networkstatus_downloads(), and update_router_descriptor_downloads().

Referenced by circuit_get_open_circ_or_launch(), and learned_bridge_descriptor().

routerinfo_t* routerlist_sl_choose_by_bandwidth	(	smartlist_t *	sl,
		bandwidth_weight_rule_t	rule
	)

Choose a random element of router list sl, weighted by the advertised bandwidth of each router.

References smartlist_choose_by_bandwidth(), and smartlist_choose_by_bandwidth_weights().

Referenced by choose_good_exit_server_general(), and choose_random_entry().

int routers_in_same_family	(	routerinfo_t *	r1,
		routerinfo_t *	r2
	)

Return true iff r1 and r2 are in the same family, but not the same router.

References routerinfo_t::declared_family, or_options_t::EnforceDistinctSubnets, get_options(), config_line_t::next, or_options_t::NodeFamilies, router_in_nickname_smartlist(), router_nickname_is_in_list(), routers_in_same_network_family(), and config_line_t::value.

Referenced by circuit_find_to_cannibalize().

void routers_sort_by_identity

(

smartlist_t *

routers

)

Sort a list of routerinfo_t in ascending order of identity digest.

References _compare_routerinfo_by_id_digest(), and smartlist_sort().

Referenced by routers_update_status_from_consensus_networkstatus().

void routers_update_all_from_networkstatus	(	time_t	now,
		int	dir_version
	)

If the network-status list has changed since the last time we called this function, update the status of every routerinfo from the network-status list. If dir_version is 2, it's a v2 networkstatus that changed. If dir_version is 3, it's a v3 consensus that changed.

References networkstatus_t::client_versions, control_event_general_status(), download_status_map_update_from_v2_networkstatus(), get_options(), have_warned_about_new_version, have_warned_about_old_version, LD_GENERAL, networkstatus_get_live_consensus(), networkstatus_v2_list_has_changed, routerlist_t::old_routers, router_get_routerlist(), routerlist_t::routers, routers_update_status_from_consensus_networkstatus(), server_mode(), networkstatus_t::server_versions, signed_descs_update_status_from_consensus_networkstatus(), tor_version_is_obsolete(), VS_EMPTY, VS_NEW, VS_NEW_IN_SERIES, VS_OLD, and VS_RECOMMENDED.

Referenced by connection_dir_client_reached_eof(), router_reload_consensus_networkstatus(), and router_reload_v2_networkstatus().

void routers_update_status_from_consensus_networkstatus	(	smartlist_t *	routers,
		int	reset_failures
	)

Given a list routers of routerinfo_t *, update each status field according to our current consensus networkstatus. May re-order routers.

References authdir_mode_v2(), authdir_mode_v3(), DIGEST_LEN, get_options(), or_options_t::NamingAuthoritativeDir, router_clear_status_flags(), ROUTER_PURPOSE_GENERAL, routers_sort_by_identity(), networkstatus_t::routerstatus_list, and smartlist_create().

Referenced by router_load_routers_from_string(), router_load_single_router(), and routers_update_all_from_networkstatus().

int routerset_contains_extendinfo	(	const routerset_t *	set,
		const extend_info_t *	ei
	)

Return true iff we can tell that ei is a member of set.

References extend_info_t::addr, extend_info_t::identity_digest, extend_info_t::nickname, extend_info_t::port, and routerset_contains().

Referenced by circuit_conforms_to_options(), and warn_if_last_router_excluded().

int routerset_contains_router	(	const routerset_t *	set,
		routerinfo_t *	ri
	)

Return true iff ri is in set.

References routerinfo_t::addr, routerinfo_t::cache_info, routerinfo_t::country, signed_descriptor_t::identity_digest, routerinfo_t::is_named, routerinfo_t::nickname, routerinfo_t::or_port, routerset_contains(), and tor_addr_from_ipv4h.

Referenced by choose_good_exit_server_general(), choose_random_entry(), connection_ap_can_use_exit(), entry_guard_set_status(), entry_is_live(), routerset_subtract_routers(), and routersets_get_disjunction().

int routerset_contains_routerstatus	(	const routerset_t *	set,
		routerstatus_t *	rs
	)

Return true iff rs is in set.

References routerstatus_t::addr, routerstatus_t::identity_digest, routerstatus_t::is_named, routerstatus_t::nickname, routerstatus_t::or_port, routerset_contains(), and tor_addr_from_ipv4h.

int routerset_equal	(	const routerset_t *	old,
		const routerset_t *	new
	)

Helper: return true iff old and new are both NULL, or both non-NULL equal routersets.

References routerset_t::list.

Referenced by options_act().

void routerset_free

(

routerset_t *

routerset

)

Free all storage held in routerset.

References addr_policy_free(), routerset_t::countries, routerset_t::country_names, digestmap_free(), routerset_t::digests, routerset_t::list, routerset_t::names, routerset_t::policies, smartlist_free(), strmap_free(), and tor_free.

Referenced by config_assign_value(), option_clear(), and or_options_free().

void routerset_get_all_routers	(	smartlist_t *	out,
		const routerset_t *	routerset,
		int	running_only
	)

Add every known routerinfo_t that is a member of routerset to out. If running_only, only add the running ones.

References routerset_t::list, router_get_by_nickname(), routerset_is_list(), smartlist_add(), smartlist_create(), tor_assert, and warned_nicknames.

Referenced by entry_guards_prepend_from_config().

int routerset_is_list

(

const routerset_t *

set

)

Return true iff set lists only nicknames and digests, and includes no IP ranges or countries.

Referenced by options_validate(), and routerset_get_all_routers().

int routerset_needs_geoip

(

const routerset_t *

set

)

Return true iff we need a GeoIP IP-to-country database to make sense of set.

Referenced by options_need_geoip_info().

routerset_t* routerset_new

(

void

)

Return a new empty routerset.

References routerset_t::country_names, digestmap_new(), routerset_t::digests, routerset_t::list, routerset_t::names, routerset_t::policies, and smartlist_create().

Referenced by config_assign_value(), and options_validate().

int routerset_parse	(	routerset_t *	target,
		const char *	s,
		const char *	description
	)

Parse the string s to create a set of routerset entries, and add them to target. In log messages, refer to the string as description. Return 0 on success, -1 on failure.

Three kinds of elements are allowed in routersets: nicknames, IP address patterns, and fingerprints. They may be surrounded by optional space, and must be separated by commas.

References base16_decode(), routerset_t::country_names, DIGEST_LEN, digestmap_set(), routerset_t::digests, HEX_DIGEST_LEN, is_legal_hexdigest(), is_legal_nickname(), LD_CONFIG, routerset_t::list, routerset_t::names, routerset_t::policies, router_parse_addr_policy_item_from_string(), routerset_get_countryname(), routerset_refresh_countries(), smartlist_add(), smartlist_add_all(), smartlist_create(), smartlist_free(), smartlist_split_string(), strmap_set_lc(), and tor_free.

Referenced by config_assign_value(), and routerset_union().

void routerset_refresh_countries

(

routerset_t *

target

)

Update the routerset's countries bitarray_t. Called whenever the GeoIP database is reloaded.

References routerset_t::countries, routerset_t::country_names, geoip_get_country(), geoip_get_n_countries(), geoip_is_loaded(), LD_CONFIG, routerset_t::n_countries, and tor_assert.

Referenced by refresh_all_country_info(), and routerset_parse().

void routerset_subtract_routers	(	smartlist_t *	lst,
		const routerset_t *	routerset
	)

Remove every routerinfo_t from lst that is in routerset.

References routerset_contains_router(), and tor_assert.

char* routerset_to_string

(

const routerset_t *

set

)

Return a new string that when parsed by routerset_parse_string() will yield set.

References smartlist_join_strings().

Referenced by entry_guards_prepend_from_config(), get_assigned_option(), and routerset_union().

void routerset_union	(	routerset_t *	target,
		const routerset_t *	source
	)

Add all members of the set source to target.

References routerset_t::list, routerset_parse(), routerset_to_string(), tor_assert, and tor_free.

Referenced by options_validate().

void routersets_get_disjunction	(	smartlist_t *	target,
		const smartlist_t *	source,
		const routerset_t *	include,
		const routerset_t *	exclude,
		int	running_only
	)

Add to target every routerinfo_t from source except:

1) Don't add it if include is non-empty and the relay isn't in include; and 2) Don't add it if exclude is non-empty and the relay is excluded in a more specific fashion by exclude. 3) If running_only, don't add non-running routers.

References routerset_contains_router(), routerset_is_empty(), and smartlist_add().

Referenced by choose_good_exit_server_general().

int routerstatus_format_entry	(	char *	buf,
		size_t	buf_len,
		routerstatus_t *	rs,
		const char *	version,
		routerstatus_format_type_t	format
	)

Helper: write the router-status information in rs into buf, which has at least buf_len free characters. Do NUL-termination. Use the same format as in network-status documents. If version is non-NULL, add a "v" line for the platform. Return 0 on success, -1 on failure.

The format argument has three possible values: NS_V2 - Output an entry suitable for a V2 NS opinion document NS_V3_CONSENSUS - Output the first portion of a V3 NS consensus entry NS_V3_CONSENSUS_MICRODESC - Output the first portion of a V3 microdesc consensus entry. NS_V3_VOTE - Output a complete V3 NS vote NS_CONTROL_PORT - Output a NS document for the control port

References routerstatus_t::addr, routerstatus_t::bandwidth, base16_encode(), BASE64_DIGEST_LEN, routerinfo_t::cache_info, routerstatus_t::descriptor_digest, DIGEST_LEN, digest_to_base64(), routerstatus_t::dir_port, routerinfo_t::exit_policy, format_iso_time(), routerstatus_t::has_bandwidth, routerstatus_t::has_measured_bw, HEX_DIGEST_LEN, routerstatus_t::identity_digest, INET_NTOA_BUF_LEN, routerstatus_t::is_authority, routerstatus_t::is_bad_directory, routerstatus_t::is_bad_exit, routerstatus_t::is_exit, routerstatus_t::is_fast, routerstatus_t::is_hs_dir, routerstatus_t::is_named, routerstatus_t::is_possible_guard, routerstatus_t::is_running, routerstatus_t::is_stable, routerstatus_t::is_unnamed, routerstatus_t::is_v2_dir, routerstatus_t::is_valid, LD_BUG, MAX_V_LINE_LEN, routerstatus_t::measured_bw, routerstatus_t::nickname, routerstatus_t::or_port, policy_summarize(), routerstatus_t::published_on, router_get_advertised_bandwidth_capped(), router_get_by_digest(), signed_descriptor_t::signed_descriptor_digest, tor_assert, tor_free, tor_inet_ntoa(), and tor_snprintf().

Referenced by format_networkstatus_vote(), and networkstatus_getinfo_helper_single().

void routerstatus_free

(

routerstatus_t *

rs

)

Free all storage held by the routerstatus object rs.

References routerstatus_t::exitsummary, and tor_free.

Referenced by _free_duplicate_routerstatus_entry(), networkstatus_v2_free(), networkstatus_vote_free(), and routerstatus_parse_entry_from_string().

void routerstatus_get_verbose_nickname	(	char *	buf,
		const routerstatus_t *	router
	)

Set buf (which must have MAX_VERBOSE_NICKNAME_LEN+1 bytes) to the verbose representation of the identity of router. The format is: A dollar sign. The upper-case hexadecimal encoding of the SHA1 hash of router's identity. A "=" if the router is named; a "~" if it is not. The router's nickname.

References base16_encode(), DIGEST_LEN, HEX_DIGEST_LEN, routerstatus_t::identity_digest, routerstatus_t::is_named, MAX_NICKNAME_LEN, and routerstatus_t::nickname.

Referenced by circuit_list_path_impl().

routerstatus_t* routerstatus_sl_choose_by_bandwidth	(	smartlist_t *	sl,
		bandwidth_weight_rule_t	rule
	)

Choose a random element of status list sl, weighted by the advertised bandwidth of each status.

References smartlist_choose_by_bandwidth(), and smartlist_choose_by_bandwidth_weights().

Referenced by router_pick_directory_server_impl().

const char* safe_str

(

const char *

address

)

Make address -- a piece of information of unspecified sensitivity -- safe to log according to the settings in options->SafeLogging, and return it.

(We return "[scrubbed]" if SafeLogging is anything besides "0", and address otherwise.)

References get_options(), and tor_assert.

Referenced by command_process_relay_cell(), connection_ap_process_end_not_open(), connection_edge_finished_connecting(), connection_exit_begin_conn(), directory_handle_command(), directory_handle_command_get(), evdns_callback(), rend_cache_lookup_v2_desc_as_dir(), rend_cache_store_v2_desc_as_dir(), rend_compute_v2_desc_id(), rend_mid_establish_intro(), and rend_mid_introduce().

const char* safe_str_client

(

const char *

address

)

Make address -- a piece of information related to our operation as a client -- safe to log according to the settings in options->SafeLogging, and return it.

(We return "[scrubbed]" if SafeLogging is "1", and address otherwise.)

References get_options(), and tor_assert.

Referenced by _circuit_mark_for_close(), addressmap_register(), addressmap_register_virtual_address(), circuit_discard_optional_exit_enclaves(), circuit_get_open_circ_or_launch(), circuit_handle_first_hop(), client_dns_incr_failures(), command_process_netinfo_cell(), command_process_versions_cell(), connection_ap_expire_beginning(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_rewrite_and_attach(), connection_ap_handshake_send_resolve(), connection_ap_make_link(), connection_or_check_valid_tls_handshake(), connection_tls_finish_handshake(), directory_all_unreachable(), directory_post_to_hs_dir(), dumpstats(), fetch_from_buf_socks(), handle_control_mapaddress(), rend_cache_clean_v2_descs_as_dir(), rend_cache_store(), rend_cache_store_v2_desc_as_client(), rend_cache_store_v2_desc_as_dir(), rend_client_desc_trynow(), rend_client_get_random_intro(), rend_client_refetch_v2_renddesc(), rend_compute_v2_desc_id(), rend_config_services(), and rend_service_dump_stats().

int server_mode

(

or_options_t *

options

)

Return true iff we are trying to be a server.

References or_options_t::ClientOnly, or_options_t::ORListenAddress, and or_options_t::ORPort.

Referenced by circuit_extend(), circuit_note_clock_jumped(), circuit_rep_hist_note_result(), circuit_send_next_onion_skin(), circuit_testing_failed(), command_process_create_cell(), conn_close_if_marked(), connection_connect(), connection_exit_begin_conn(), connection_or_check_valid_tls_handshake(), connection_or_connect(), consider_publishable_server(), cpuworkers_rotate(), decide_if_publishable_server(), directory_caches_dir_info(), directory_command_should_use_begindir(), directory_fetches_from_authorities(), directory_info_has_arrived(), dns_init(), dns_reset(), dns_servers_relaunch_checks(), do_hup(), do_list_fingerprint(), do_main_loop(), getinfo_helper_events(), init_keys(), ip_address_changed(), options_act(), options_validate(), rep_hist_circbuilding_dormant(), rep_hist_update_state(), router_get_by_nickname(), router_get_my_extrainfo(), router_get_my_routerinfo(), router_new_address_suggestion(), routers_update_all_from_networkstatus(), run_scheduled_events(), second_elapsed_callback(), should_use_create_fast_for_circuit(), signal_callback(), and update_router_descriptor_downloads().

void set_identity_key

(

crypto_pk_env_t *

k

)

Set the current identity key to k.

References crypto_free_pk_env(), crypto_pk_get_digest(), and identitykey_digest.

Referenced by init_keys().

int set_options	(	or_options_t *	new_val,
		char **	msg
	)

Change the current global options to contain new_val instead of their current value; take action based on the new value; free the old value as necessary. Returns 0 on success, -1 on failure.

References config_free(), LD_BUG, options_act(), options_act_reversible(), and tor_assert.

Referenced by options_init_from_string(), and options_trial_assign().

void set_routerstatus_from_routerinfo	(	routerstatus_t *	rs,
		routerinfo_t *	ri,
		time_t	now,
		int	naming,
		int	exits_can_be_guards,
		int	listbadexits,
		int	listbaddirs
	)

Extract status information from ri and from other authority functions and store it in rs>. If naming, consider setting the named flag in rs. If not exits_can_be_guards, never mark an exit as a guard. If listbadexits, consider setting the badexit flag.

We assume that ri->is_running has already been set, e.g. by dirserv_set_router_is_running(ri, now);

References routerinfo_t::addr, routerstatus_t::addr, BANDWIDTH_TO_GUARANTEE_GUARD, routerinfo_t::cache_info, routerstatus_t::descriptor_digest, DIGEST_LEN, routerstatus_t::dir_port, routerinfo_t::dir_port, dirserv_get_name_status(), dirserv_thinks_router_is_hs_dir(), dirserv_thinks_router_is_unreliable(), FP_NAMED, FP_UNNAMED, routerstatus_t::identity_digest, signed_descriptor_t::identity_digest, routerstatus_t::is_authority, routerinfo_t::is_bad_directory, routerstatus_t::is_bad_directory, routerinfo_t::is_bad_exit, routerstatus_t::is_bad_exit, routerinfo_t::is_exit, routerstatus_t::is_exit, routerinfo_t::is_fast, routerstatus_t::is_fast, routerstatus_t::is_hs_dir, routerinfo_t::is_hs_dir, routerstatus_t::is_named, routerstatus_t::is_possible_guard, routerinfo_t::is_running, routerstatus_t::is_running, routerinfo_t::is_stable, routerstatus_t::is_stable, routerstatus_t::is_unnamed, routerstatus_t::is_v2_dir, routerinfo_t::is_valid, routerstatus_t::is_valid, routerstatus_t::nickname, routerinfo_t::nickname, routerinfo_t::or_port, routerstatus_t::or_port, routerinfo_t::platform, signed_descriptor_t::published_on, routerstatus_t::published_on, rep_hist_get_weighted_fractional_uptime(), rep_hist_get_weighted_time_known(), router_get_advertised_bandwidth(), router_is_active(), signed_descriptor_t::signed_descriptor_digest, and tor_version_as_new_as().

Referenced by networkstatus_getinfo_by_purpose().

int should_delay_dir_fetches

(

or_options_t *

options

)

Return 1 if there's a reason we shouldn't try any directory fetches yet (e.g. we demand bridges and none are yet known). Else return 0.

References any_bridge_descriptors_known(), LD_DIR, and or_options_t::UseBridges.

Referenced by authority_certs_fetch_missing(), update_extrainfo_downloads(), update_networkstatus_downloads(), update_router_descriptor_downloads(), and update_router_have_minimum_dir_info().

int should_record_bridge_info

(

or_options_t *

options

)

Return 1 if we should collect geoip stats on bridge users, and include them in our extrainfo descriptor. Else return 0.

References or_options_t::BridgeRecordUsageByCountry, and or_options_t::BridgeRelay.

Referenced by extrainfo_dump_to_string(), options_act(), and run_scheduled_events().

const char* signed_descriptor_get_annotations

(

signed_descriptor_t *

desc

)

As signed_descriptor_get_body(), but points to the beginning of the annotations section rather than the beginning of the descriptor.

References signed_descriptor_get_body_impl().

Referenced by routerlist_reparse_old().

const char* signed_descriptor_get_body

(

signed_descriptor_t *

desc

)

Return a pointer to the signed textual representation of a descriptor. The returned string is not guaranteed to be NUL-terminated: the string's length will be in desc->signed_descriptor_len.

The caller must not free the string returned.

References signed_descriptor_get_body_impl().

Referenced by connection_dirserv_add_servers_to_outbuf(), getinfo_helper_dir(), munge_extrainfo_into_routerinfo(), router_get_my_descriptor(), and router_rebuild_store().

void signed_descs_update_status_from_consensus_networkstatus

(

smartlist_t *

descs

)

Given a list of signed_descriptor_t, update their fields (mainly, when they were last listed) from the most recent consensus.

References networkstatus_t::desc_digest_map, DIGEST_LEN, digestmap_get(), router_get_consensus_status_by_descriptor_digest(), and networkstatus_t::valid_until.

Referenced by routers_update_all_from_networkstatus().

const char* socks4_response_code_to_string

(

uint8_t

code

)

Return a string corresponding to a SOCKS4 reponse code.

Referenced by fetch_from_buf_socks_client().

const char* socks5_response_code_to_string

(

uint8_t

code

)

Return a string corresponding to a SOCKS5 reponse code.

Referenced by fetch_from_buf_socks_client().

int socks_policy_permits_address

(

const tor_addr_t *

addr

)

Return 1 if addr is permitted to connect to our socks port, based on socks_policy. Else return 0.

References addr_policy_permits_tor_addr().

Referenced by connection_handle_listener_read(), and evdns_server_callback().

void sort_version_list	(	smartlist_t *	versions,
		int	remove_duplicates
	)

Sort a list of string-representations of versions in ascending order.

References _compare_tor_version_str_ptr(), _tor_free(), smartlist_sort(), and smartlist_uniq().

Referenced by compute_consensus_versions_list(), format_versions_list(), and networkstatus_compute_consensus().

const char* stream_end_reason_to_control_string

(

int

reason

)

Convert the reason for ending a stream reason into the format used in STREAM events. Return NULL if the reason is unrecognized.

References END_STREAM_REASON_CANT_ATTACH, END_STREAM_REASON_MASK, END_STREAM_REASON_NET_UNREACHABLE, and END_STREAM_REASON_SOCKSPROTOCOL.

Referenced by control_event_stream_status().

socks5_reply_status_t stream_end_reason_to_socks5_response

(

int

reason

)

Translate reason (as from a relay 'end' cell) into an appropriate SOCKS5 reply code.

A reason of 0 means that we're not actually expecting to send this code back to the socks client; we just call it 'succeeded' to keep things simple.

References END_STREAM_REASON_CANT_ATTACH, END_STREAM_REASON_MASK, END_STREAM_REASON_NET_UNREACHABLE, END_STREAM_REASON_SOCKSPROTOCOL, and LD_PROTOCOL.

Referenced by connection_ap_handshake_socks_reply().

const char* stream_end_reason_to_string

(

int

reason

)

Translate reason, which came from a relay 'end' cell, into a static const string describing why the stream is closing. reason is -1 if no reason was provided.

References LD_PROTOCOL.

Referenced by connection_ap_process_end_not_open(), and connection_edge_process_relay_cell().

int tls_error_to_orconn_end_reason

(

int

e

)

Convert a TOR_TLS_* error code into an END_OR_CONN_* reason.

Referenced by connection_about_to_close_connection().

static INLINE control_connection_t * TO_CONTROL_CONN

(

connection_t *

c

)

[static]

Convert a connection_t* to an control_connection_t*; assert if the cast is invalid.

References DOWNCAST, connection_t::magic, and tor_assert.

Referenced by _connection_free(), connection_finished_flushing(), connection_free(), connection_free_all(), connection_process_inbuf(), connection_reached_eof(), control_update_global_event_mask(), and send_control_event_string().

static INLINE dir_connection_t * TO_DIR_CONN

(

connection_t *

c

)

[static]

Convert a connection_t* to a dir_connection_t*; assert if the cast is invalid.

References DOWNCAST, connection_t::magic, and tor_assert.

Referenced by _connection_free(), _connection_write_to_buf_impl(), any_pending_bridge_descriptor_fetches(), connection_about_to_close_connection(), connection_finished_connecting(), connection_finished_flushing(), connection_flushed_some(), connection_get_by_type_state_rendquery(), connection_process_inbuf(), connection_reached_eof(), list_pending_downloads(), and run_connection_housekeeping().

static INLINE edge_connection_t * TO_EDGE_CONN

(

connection_t *

c

)

[static]

Convert a connection_t* to an edge_connection_t*; assert if the cast is invalid.

References DOWNCAST, connection_t::magic, and tor_assert.

Referenced by _connection_free(), _connection_write_to_buf_impl(), ap_stream_wants_exit_attention(), assert_connection_ok(), choose_good_exit_server_general(), circuit_discard_optional_exit_enclaves(), conn_read_callback(), conn_write_callback(), connection_about_to_close_connection(), connection_add(), connection_ap_attach_pending(), connection_ap_expire_beginning(), connection_ap_fail_onehop(), connection_finished_connecting(), connection_finished_flushing(), connection_get_by_type_state_rendquery(), connection_handle_read_impl(), connection_handle_write_impl(), connection_init_accepted_conn(), connection_process_inbuf(), connection_reached_eof(), connection_read_to_buf(), connection_unlink(), control_event_stream_bandwidth_used(), directory_all_unreachable(), get_stream(), getinfo_helper_events(), hibernate_go_dormant(), and rend_client_desc_trynow().

static INLINE or_circuit_t * TO_OR_CIRCUIT

(

circuit_t *

x

)

[static]

Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Asserts if the cast is impossible.

References DOWNCAST, circuit_t::magic, and tor_assert.

Referenced by _circuit_mark_for_close(), append_cell_to_circuit_queue(), assert_active_circuits_ok(), assert_circuit_ok(), circuit_consider_stop_edge_reading(), circuit_detach_stream(), circuit_dump_by_conn(), circuit_expire_old_circuits_serverside(), circuit_extend(), circuit_free(), circuit_free_all(), circuit_get_by_circid_orconn_impl(), circuit_get_by_rend_token_and_purpose(), circuit_package_relay_cell(), circuit_receive_relay_cell(), circuit_resume_edge_reading(), circuit_unlink_all_from_or_conn(), command_process_destroy_cell(), command_process_relay_cell(), connection_cpu_process_inbuf(), connection_edge_process_relay_cell(), connection_exit_begin_conn(), connection_exit_connect_dir(), connection_or_flush_from_first_active_circuit(), dns_found_answer(), dns_resolve(), dump_cell_pool_usage(), HT_HEAD(), make_circuit_active_on_conn(), make_circuit_inactive_on_conn(), next_circ_on_conn_p(), prev_circ_on_conn_p(), relay_crypt(), relay_lookup_conn(), relay_send_command_from_edge(), rend_process_relay_cell(), rep_hist_buffer_stats_add_circ(), and set_streams_blocked_on_circ().

static INLINE or_connection_t * TO_OR_CONN

(

connection_t *

c

)

[static]

Convert a connection_t* to an or_connection_t*; assert if the cast is invalid.

References DOWNCAST, connection_t::magic, and tor_assert.

Referenced by _connection_free(), assert_connection_ok(), circuit_dump_by_conn(), conn_close_if_marked(), connection_about_to_close_connection(), connection_bucket_read_limit(), connection_bucket_refill(), connection_bucket_write_limit(), connection_buckets_decrement(), connection_consider_empty_read_buckets(), connection_consider_empty_write_buckets(), connection_counts_as_relayed_traffic(), connection_cpu_process_inbuf(), connection_finished_connecting(), connection_finished_flushing(), connection_flushed_some(), connection_free(), connection_handle_read_impl(), connection_handle_write_impl(), connection_init_accepted_conn(), connection_or_clear_identity_map(), connection_process_inbuf(), connection_reached_eof(), connection_read_to_buf(), connection_unlink(), dumpstats(), getinfo_helper_events(), and run_connection_housekeeping().

static INLINE origin_circuit_t * TO_ORIGIN_CIRCUIT

(

circuit_t *

x

)

[static]

Convert a circuit_t* to a pointer to the enclosing origin_circuit_t. Asserts if the cast is impossible.

References DOWNCAST, circuit_t::magic, and tor_assert.

Referenced by _circuit_mark_for_close(), assert_circuit_ok(), circuit_consider_stop_edge_reading(), circuit_detach_stream(), circuit_dump_by_conn(), circuit_dump_details(), circuit_expire_building(), circuit_expire_old_circuits_clientside(), circuit_find_to_cannibalize(), circuit_free(), circuit_get_best(), circuit_get_by_global_id(), circuit_get_by_rend_query_and_purpose(), circuit_get_next_by_pk_and_purpose(), circuit_is_acceptable(), circuit_is_better(), circuit_n_conn_done(), circuit_package_relay_cell(), circuit_predict_and_launch_new(), circuit_resume_edge_reading(), circuit_stream_is_being_handled(), command_process_created_cell(), connection_ap_expire_beginning(), connection_ap_handshake_attach_circuit(), connection_ap_handshake_send_begin(), connection_ap_handshake_send_resolve(), connection_edge_process_relay_cell(), connection_edge_process_relay_cell_not_open(), connection_exit_begin_conn(), control_event_stream_status(), count_established_intro_points(), getinfo_helper_events(), relay_crypt(), relay_lookup_conn(), relay_send_command_from_edge(), rend_config_services(), rend_process_relay_cell(), and set_streams_blocked_on_circ().

void tor_cleanup

(

void

)

Do whatever cleanup is necessary before shutting Tor down.

References accounting_is_enabled(), accounting_record_bandwidth_usage(), authdir_mode_tests_reachability(), or_options_t::command, crypto_global_cleanup(), get_options(), get_or_state(), or_state_mark_dirty(), or_state_save(), or_options_t::PidFile, rep_hist_record_mtbf_data(), and tor_free_all().

Referenced by consider_hibernation(), hibernate_begin(), signal_callback(), and tor_main().

void tor_free_all

(

int

postfork

)

Free all memory that we might have allocated somewhere. If postfork, we are a worker process and we want to free only the parts of memory that we won't touch. If !postfork, Tor is shutting down and we should free everything.

Helps us find the real leaks with dmalloc and the like. Also valgrind should then report 0 reachable in its leak report (in an ideal world -- in practice libevent, SSL, libc etc never quite free everything).

References addressmap_free_all(), buf_shrink_freelists(), circuit_free_all(), clear_pending_onions(), config_free_all(), connection_free_all(), dirserv_free_all(), dirvote_free_all(), dns_free_all(), entry_guards_free_all(), esc_router_info(), escaped(), free_cell_pool(), geoip_free_all(), logs_free_all(), memarea_clear_freelist(), networkstatus_free_all(), policies_free_all(), release_lockfile(), rend_cache_free_all(), rend_service_authorization_free_all(), rend_service_free_all(), rep_hist_free_all(), router_free_all(), routerlist_free_all(), smartlist_free(), timeout_event, tor_free, and tor_tls_free_all().

Referenced by cpuworker_main(), and tor_cleanup().

int tor_main	(	int	argc,
		char *	argv[]
	)

Main entry point for the Tor process. Called from main().

int tor_version_as_new_as	(	const char *	platform,
		const char *	cutoff
	)

Parse the Tor version of the platform string platform, and compare it to the version in cutoff. Return 1 if the router is at least as new as the cutoff, else return 0.

References eat_whitespace(), find_whitespace(), LD_BUG, LD_DIR, strcmpstart(), tor_assert, tor_version_compare(), and tor_version_parse().

Referenced by dirserv_get_status_impl(), remove_obsolete_entry_guards(), router_digest_version_as_new_as(), router_parse_entry_from_string(), router_supports_extrainfo(), routerstatus_parse_entry_from_string(), and set_routerstatus_from_routerinfo().

int tor_version_compare	(	tor_version_t *	a,
		tor_version_t *	b
	)

Compare two tor versions; Return <0 if a < b; 0 if a ==b, >0 if a > b.

References tor_version_t::git_tag, tor_version_t::git_tag_len, tor_version_t::major, tor_version_t::micro, tor_version_t::minor, tor_version_t::patchlevel, tor_version_t::status, tor_version_t::status_tag, tor_version_t::svn_revision, and tor_assert.

Referenced by _compare_tor_version_str_ptr(), tor_version_as_new_as(), and tor_version_is_obsolete().

version_status_t tor_version_is_obsolete	(	const char *	myversion,
		const char *	versionlist
	)

Return VS_RECOMMENDED if myversion is contained in versionlist. Else, return VS_EMPTY if versionlist has no entries. Else, return VS_OLD if every member of versionlist is newer than myversion. Else, return VS_NEW_IN_SERIES if there is at least one member of versionlist in the same series (major.minor.micro) as myversion, but no such member is newer than myversion.. Else, return VS_NEW if every member of versionlist is older than myversion. Else, return VS_UNRECOMMENDED.

(versionlist is a comma-separated list of version strings, optionally prefixed with "Tor". Versions that can't be parsed are ignored.)

References LD_BUG, LD_CONFIG, smartlist_create(), smartlist_free(), smartlist_split_string(), strcmpstart(), tor_assert, tor_free, tor_version_compare(), tor_version_parse(), tor_version_same_series(), VS_EMPTY, VS_NEW, VS_NEW_IN_SERIES, VS_OLD, VS_RECOMMENDED, and VS_UNRECOMMENDED.

Referenced by getinfo_helper_events(), and routers_update_all_from_networkstatus().

int tor_version_parse	(	const char *	s,
		tor_version_t *	out
	)

Parse a tor version from s, and store the result in out. Return 0 on success, -1 on failure.

References base16_decode(), DIGEST_LEN, eat_whitespace(), find_whitespace(), tor_version_t::git_tag, tor_version_t::git_tag_len, HEX_DIGEST_LEN, tor_version_t::major, tor_version_t::micro, tor_version_t::minor, tor_version_t::patchlevel, tor_version_t::status, tor_version_t::status_tag, strcasecmpstart(), strcmpstart(), tor_version_t::svn_revision, and tor_assert.

Referenced by _compare_tor_version_str_ptr(), remove_obsolete_entry_guards(), tor_version_as_new_as(), and tor_version_is_obsolete().

void trusted_dirs_flush_certs_to_disk

(

void

)

Save all v3 key certificates to the cached-certs file.

References smartlist_add(), smartlist_create(), trusted_dir_certs, and trusted_dir_servers_certs_changed.

Referenced by trusted_dirs_load_certs_from_string(), and trusted_dirs_remove_old_certs().

int trusted_dirs_load_certs_from_string	(	const char *	contents,
		int	from_store,
		int	flush
	)

Load a bunch of new key certificates from the string contents. If from_store is true, the certificates are from the cache, and we don't need to flush them to disk. If flush is true, we need to flush any changed certificates to disk now. Return 0 on success, -1 if any certs fail to parse.

References trusted_dir_server_t::addr, authority_cert_t::addr, trusted_dir_server_t::addr_current_at, trusted_dir_server_t::address, already_have_cert(), authority_cert_dl_failed(), authority_cert_free(), authority_cert_parse_from_string(), authority_cert_t::cache_info, cert_list_t::certs, DIGEST_LEN, trusted_dir_server_t::dir_port, authority_cert_t::dir_port, directory_caches_dir_info(), get_cert_list(), get_options(), hex_str(), signed_descriptor_t::identity_digest, LD_DIR, networkstatus_note_certs_arrived(), trusted_dir_server_t::nickname, signed_descriptor_t::published_on, authority_cert_t::signing_key_digest, smartlist_add(), tor_dup_ip(), tor_free, trusted_dir_servers_certs_changed, trusted_dirs_flush_certs_to_disk(), and trusteddirserver_get_by_v3_auth_digest().

Referenced by connection_dir_client_reached_eof(), dirvote_add_vote(), init_keys(), and trusted_dirs_reload_certs().

int trusted_dirs_reload_certs

(

void

)

Reload the cached v3 key certificates from the cached-certs file in the data directory. Return 0 on success, -1 on failure.

References get_datadir_fname, read_file_to_str(), RFTS_IGNORE_MISSING, tor_free, and trusted_dirs_load_certs_from_string().

Referenced by do_main_loop().

trusted_dir_server_t* trusteddirserver_get_by_v3_auth_digest

(

const char *

digest

)

Return the trusted_dir_server_t for the directory authority whose v3 identity key hashes to digest, or NULL if no such authority is known.

References DIGEST_LEN, trusted_dir_servers, and V3_AUTHORITY.

Referenced by authority_certs_fetch_missing(), dirvote_add_vote(), networkstatus_check_consensus_signature(), trusted_dirs_load_certs_from_string(), and update_consensus_router_descriptor_downloads().

int try_locking	(	or_options_t *	options,
		int	err_if_locked
	)

Try to grab the lock file described in options, if we do not already have it. If err_if_locked is true, warn if somebody else is holding the lock, and exit if we can't get it after waiting. Otherwise, return -1 if we can't get the lockfile. Return 0 on success.

References LD_GENERAL, options_get_datadir_fname2_suffix(), tor_free, tor_lockfile_lock(), and try_locking().

Referenced by init_key_from_file(), options_act(), and try_locking().

void update_certificate_downloads

(

time_t

now

)

Launch requests as appropriate for missing directory authority certificates.

References authority_certs_fetch_missing().

Referenced by connection_dir_download_cert_failed(), router_reload_consensus_networkstatus(), and update_networkstatus_downloads().

void update_consensus_networkstatus_fetch_time

(

time_t

now

)

Update the time at which we'll consider replacing the current consensus.

References CONSENSUS_MIN_SECONDS_BEFORE_CACHING, crypto_rand_int(), directory_fetches_dir_info_early(), directory_fetches_dir_info_later(), or_options_t::FetchDirInfoExtraEarly, format_local_iso_time(), networkstatus_t::fresh_until, get_options(), LD_DIR, networkstatus_get_live_consensus(), time_to_download_next_consensus, tor_assert, networkstatus_t::valid_after, and networkstatus_t::valid_until.

Referenced by networkstatus_set_current_consensus(), and options_act().

void update_consensus_router_descriptor_downloads	(	time_t	now,
		int	is_vote,
		networkstatus_t *	consensus
	)

For any descriptor that we want that's currently listed in consensus, download it as appropriate.

References authdir_mode(), DIGEST_LEN, digestmap_new(), directory_too_idle_to_fetch_descriptors(), trusted_dir_server_t::fake_status, get_options(), networkstatus_voter_info_t::identity_digest, LD_DIR, list_pending_descriptor_downloads(), router_get_by_descriptor_digest(), router_get_by_digest(), networkstatus_t::routerstatus_list, smartlist_add(), smartlist_create(), tor_assert, trusteddirserver_get_by_v3_auth_digest(), and networkstatus_t::voters.

Referenced by dirvote_add_vote(), and update_router_descriptor_downloads().

void update_extrainfo_downloads

(

time_t

now

)

Launch extrainfo downloads as needed.

References digestmap_free(), digestmap_get(), digestmap_new(), DIR_PURPOSE_FETCH_EXTRAINFO, download_status_is_ready(), or_options_t::DownloadExtraInfo, signed_descriptor_t::ei_dl_status, signed_descriptor_t::extra_info_digest, routerlist_t::extra_info_map, signed_descriptor_t::extrainfo_is_bogus, get_options(), signed_descriptor_t::identity_digest, initiate_descriptor_downloads(), signed_descriptor_t::is_extrainfo, LD_DIR, list_pending_descriptor_downloads(), MAX_DL_PER_REQUEST, MAX_ROUTERDESC_DOWNLOAD_FAILURES, routerlist_t::old_routers, PDS_NO_EXISTING_SERVERDESC_FETCH, PDS_RETRY_IF_NO_SERVERS, router_get_by_digest(), router_get_routerlist(), router_have_minimum_dir_info(), routerlist_t::routers, should_delay_dir_fetches(), smartlist_add(), smartlist_create(), smartlist_free(), smartlist_shuffle(), and tor_digest_is_zero().

Referenced by directory_info_has_arrived(), and run_scheduled_events().

void update_networkstatus_downloads

(

time_t

now

)

Launch requests for networkstatus documents and authority certificates as appropriate.

References directory_fetches_dir_info_early(), get_options(), should_delay_dir_fetches(), update_certificate_downloads(), update_consensus_networkstatus_downloads(), and update_v2_networkstatus_cache_downloads().

Referenced by do_hup(), routerlist_retry_directory_downloads(), and run_scheduled_events().

void update_router_descriptor_downloads

(

time_t

now

)

Launch downloads for router status as needed.

References or_options_t::Address, DIR_PURPOSE_FETCH_SERVERDESC, directory_fetches_dir_info_early(), directory_get_from_dirserver(), DUMMY_DOWNLOAD_INTERVAL, get_options(), last_routerdesc_download_attempted, networkstatus_get_reasonably_live_consensus(), PDS_RETRY_IF_NO_SERVERS, ROUTER_PURPOSE_GENERAL, server_mode(), should_delay_dir_fetches(), update_consensus_router_descriptor_downloads(), and update_router_descriptor_cache_downloads_v2().

Referenced by directory_info_has_arrived(), routerlist_retry_directory_downloads(), and run_scheduled_events().

void v3_authority_check_key_expiry

(

void

)

If we're a v3 authority, check whether we have a certificate that's likely to expire soon. Warn if we do, but not too often.

References authdir_mode_v3(), authority_cert_t::expires, get_options(), and LD_DIR.

Referenced by run_scheduled_events().

int validate_addr_policies	(	or_options_t *	options,
		char **	msg
	)

Config helper: If there's any problem with the policy configuration options in options, return -1 and set msg to a newly allocated description of the error. Else return 0.

References addr_policy_list_free(), or_options_t::AuthDirBadDir, or_options_t::AuthDirBadExit, or_options_t::AuthDirInvalid, or_options_t::AuthDirReject, or_options_t::BridgeRelay, or_options_t::DirPolicy, or_options_t::ExitPolicy, or_options_t::ExitPolicyRejectPrivate, parse_addr_policy(), policies_parse_exit_policy(), or_options_t::ReachableAddresses, or_options_t::ReachableDirAddresses, or_options_t::ReachableORAddresses, and or_options_t::SocksPolicy.

void var_cell_free

(

var_cell_t *

cell

)

Release all space held by cell.

References tor_free.

Referenced by connection_or_process_cells_from_inbuf(), and connection_or_send_versions().

var_cell_t* var_cell_new

(

uint16_t

payload_len

)

Allocate and return a new var_cell_t with payload_len bytes of payload space.

References var_cell_t::circ_id, var_cell_t::command, and var_cell_t::payload_len.

Referenced by connection_or_send_versions(), and fetch_var_cell_from_buf().

void var_cell_pack_header	(	const var_cell_t *	cell,
		char *	hdr_out
	)

Write the header of cell into the first VAR_CELL_HEADER_SIZE bytes of hdr_out.

References var_cell_t::circ_id, var_cell_t::command, var_cell_t::payload_len, and set_uint16().

Referenced by connection_or_write_var_cell_to_buf().

int vote_routerstatus_find_microdesc_hash	(	char *	digest256_out,
		const vote_routerstatus_t *	vrs,
		int	method,
		digest_algorithm_t	alg
	)

If vrs has a hash made for the consensus method method with the digest algorithm alg, decode it and copy it into digest256_out and return 0. Otherwise return -1.

References BASE64_DIGEST256_LEN, crypto_digest_algorithm_get_name(), digest256_from_base64(), vote_routerstatus_t::microdesc, and tor_snprintf().

document_signature_t* voter_get_sig_by_algorithm	(	const networkstatus_voter_info_t *	voter,
		digest_algorithm_t	alg
	)

Return the signature made by voter using the algorithm alg, or NULL if none is found.

References networkstatus_voter_info_t::sigs.

Referenced by networkstatus_add_detached_signatures(), and networkstatus_parse_vote_from_string().

int we_are_hibernating

(

void

)

Return true iff we are currently hibernating.

References hibernate_state, and HIBERNATE_STATE_LIVE.

Referenced by check_descriptor_bandwidth_changed(), check_whether_dirport_reachable(), command_process_create_cell(), connection_exit_begin_conn(), decide_to_advertise_dirport(), directory_info_has_arrived(), dirserv_set_router_is_running(), router_dump_router_to_string(), router_rebuild_descriptor(), router_set_status(), run_connection_housekeeping(), run_scheduled_events(), and second_elapsed_callback().

static INLINE int WRA_WAS_ADDED

(

was_router_added_t

s

)

[static]

Return true iff the descriptor was added. It might still be necessary to check whether the descriptor generator should be notified.

Referenced by directory_handle_command_post(), dirserv_add_descriptor(), dirserv_add_multiple_descriptors(), init_keys(), router_load_extrainfo_from_string(), router_load_routers_from_string(), and router_load_single_router().

static INLINE int WRA_WAS_OUTDATED

(

was_router_added_t

s

)

[static]

Return true iff the descriptor was not added because it was either:

• not in the consensus
• neither in the consensus nor in any networkstatus document
• it was outdated.

Referenced by directory_handle_command_post().

static INLINE int WRA_WAS_REJECTED

(

was_router_added_t

s

)

[static]

Return true iff the descriptor rejected because it was malformed.

Referenced by dirserv_add_descriptor(), and router_load_routers_from_string().

int write_to_buf	(	const char *	string,
		size_t	string_len,
		buf_t *	buf
	)

Append string_len bytes from string to the end of buf.

Return the new length of the buffer on success, -1 on failure.

References buf_add_chunk_with_capacity(), CHUNK_REMAINING_CAPACITY(), CHUNK_WRITE_PTR(), chunk_t::datalen, buf_t::datalen, buf_t::tail, and tor_assert.

Referenced by _connection_write_to_buf_impl(), and move_buf_to_buf().

int write_to_buf_zlib	(	buf_t *	buf,
		tor_zlib_state_t *	state,
		const char *	data,
		size_t	data_len,
		int	done
	)

Compress on uncompress the data_len bytes in data using the zlib state state, appending the result to buf. If done is true, flush the data in the state and finish the compression/uncompression. Return -1 on failure, 0 on success.

References buf_add_chunk_with_capacity(), CHUNK_REMAINING_CAPACITY(), CHUNK_WRITE_PTR(), chunk_t::datalen, buf_t::datalen, buf_t::tail, and tor_zlib_process().

Referenced by _connection_write_to_buf_impl().

---

Variable Documentation

circuit_build_times_t circ_times

Global list of circuit build times

Referenced by circuit_expire_building(), circuit_expire_old_circuits_clientside(), circuit_predict_and_launch_new(), connection_or_process_cells_from_inbuf(), connection_or_set_state_open(), connection_tls_finish_handshake(), networkstatus_set_current_consensus(), or_state_save(), or_state_set(), and origin_circuit_new().

int has_completed_circuit

We set this to 1 when we've opened a circuit, so we can print a log entry to inform the user that Tor is working.

Referenced by circuit_note_clock_jumped(), circuit_send_next_onion_skin(), directory_info_has_arrived(), getinfo_helper_events(), options_act(), purpose_needs_anonymity(), run_scheduled_events(), and second_elapsed_callback().

uint64_t stats_n_create_cells_processed

How many CELL_CREATE cells have we received, ever?

Referenced by command_process_cell(), and dumpstats().

uint64_t stats_n_created_cells_processed

How many CELL_CREATED cells have we received, ever?

Referenced by command_process_cell(), and dumpstats().

uint64_t stats_n_data_bytes_packaged

How many bytes of data have we put in relay_data cells have we built, ever? This would be RELAY_PAYLOAD_SIZE*stats_n_data_cells_packaged if every relay cell we ever sent were completely full of data.

Referenced by dumpstats().

uint64_t stats_n_data_bytes_received

How many bytes of data have we received relay_data cells, ever? This would be RELAY_PAYLOAD_SIZE*stats_n_data_cells_packaged if every relay cell we ever received were completely full of data.

Referenced by connection_edge_process_relay_cell(), and dumpstats().

uint64_t stats_n_data_cells_packaged

How many relay_data cells have we built, ever?

Referenced by dumpstats().

uint64_t stats_n_data_cells_received

How many relay_data cells have we received, ever?

Referenced by connection_edge_process_relay_cell(), and dumpstats().

uint64_t stats_n_destroy_cells_processed

How many CELL_DESTROY cells have we received, ever?

Referenced by command_process_cell(), and dumpstats().

uint64_t stats_n_padding_cells_processed

How many CELL_PADDING cells have we received, ever?

Referenced by command_process_cell(), and dumpstats().

uint64_t stats_n_relay_cells_delivered

Stats: how many relay cells have been delivered to streams at this hop?

Referenced by dumpstats().

uint64_t stats_n_relay_cells_processed

How many CELL_RELAY cells have we received, ever?

Referenced by command_process_cell(), and dumpstats().

uint64_t stats_n_relay_cells_relayed

Stats: how many relay cells have originated at this hop, or have been relayed onward (not recognized at this hop)?

Referenced by dumpstats().