Comments for nearly all non-tricky files

svn:r1796

src/or/buffers.c

@@ -219,8 +219,9 @@ int read_to_buf_tls(tor_tls *tls, size_t at_most, buf_t *buf) {
   tor_assert(tls);
   assert_buf_ok(buf);
 
-  log_fn(LOG_DEBUG,"start: %d on buf, %d pending, at_most %d.",(int)buf_datalen(buf),
-         tor_tls_get_pending_bytes(tls), at_most);
+  log_fn(LOG_DEBUG,"start: %d on buf, %d pending, at_most %d.",
+         (int)buf_datalen(buf), (int)tor_tls_get_pending_bytes(tls),
+         (int)at_most);
 
   if (buf_ensure_capacity(buf, at_most+buf->datalen))
     return TOR_TLS_ERROR;
@@ -231,8 +232,9 @@ int read_to_buf_tls(tor_tls *tls, size_t at_most, buf_t *buf) {
   if (at_most == 0)
     return 0;
 
-  log_fn(LOG_DEBUG,"before: %d on buf, %d pending, at_most %d.",(int)buf_datalen(buf),
-         tor_tls_get_pending_bytes(tls), at_most);
+  log_fn(LOG_DEBUG,"before: %d on buf, %d pending, at_most %d.",
+         (int)buf_datalen(buf), (int)tor_tls_get_pending_bytes(tls),
+         (int)at_most);
 
   assert_no_tls_errors();
   r = tor_tls_read(tls, buf->mem+buf->datalen, at_most);

src/or/cpuworker.c

@@ -2,6 +2,13 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * cpuworker.c: Run computation-intensive tasks (generally for crypto) in
+ * a separate execution context. [OR only.]
+ *
+ * Right now, we only use this for processing onionskins.
+ *****/
+
 #include "or.h"
 extern or_options_t options; /* command-line and config-file options */
 
@@ -14,6 +21,9 @@ extern or_options_t options; /* command-line and config-file options */
 
 static int num_cpuworkers=0;
 static int num_cpuworkers_busy=0;
+/* We need to spawn new cpuworkers whenever we rotate the onion keys
+ * on platforms where execution contexts==processes.  This variable stores
+ * the last time we got a key rotation event.*/
 static time_t last_rotation_time=0;
 
 int cpuworker_main(void *data);
@@ -21,34 +31,45 @@ static int spawn_cpuworker(void);
 static void spawn_enough_cpuworkers(void);
 static void process_pending_task(connection_t *cpuworker);
 
+/* Initialize the cpuworker subsystem.
+ */
 void cpu_init(void) {
   last_rotation_time=time(NULL);
   spawn_enough_cpuworkers();
 }
 
+/* Called when we're done sending a request to a cpuworker. */
 int connection_cpu_finished_flushing(connection_t *conn) {
   tor_assert(conn && conn->type == CONN_TYPE_CPUWORKER);
   connection_stop_writing(conn);
   return 0;
 }
 
+/* Pack addr,port,and circ_id; set *tag to the result. (See note on
+ * cpuworker_main for wire format.) */
 static void tag_pack(char *tag, uint32_t addr, uint16_t port, uint16_t circ_id) {
   *(uint32_t *)tag     = addr;
   *(uint16_t *)(tag+4) = port;
   *(uint16_t *)(tag+6) = circ_id;
 }
 
-static void tag_unpack(char *tag, uint32_t *addr, uint16_t *port, uint16_t *circ_id) {
+/* Unpack 'tag' into addr, port, and circ_id.
+ */
+static void tag_unpack(const char *tag, uint32_t *addr, uint16_t *port, uint16_t *circ_id) {
   struct in_addr in;
 
-  *addr    = *(uint32_t *)tag;
-  *port    = *(uint16_t *)(tag+4);
-  *circ_id = *(uint16_t *)(tag+6);
+  *addr    = *(const uint32_t *)tag;
+  *port    = *(const uint16_t *)(tag+4);
+  *circ_id = *(const uint16_t *)(tag+6);
 
   in.s_addr = htonl(*addr);
   log_fn(LOG_DEBUG,"onion was from %s:%d, circ_id %d.", inet_ntoa(in), *port, *circ_id);
 }
 
+/* Called when the onion key has changed and we need to spawn new
+ * cpuworkers.  Close all currently idle cpuworkers, and mark the last
+ * rotation time as now.
+ */
 void cpuworkers_rotate(void)
 {
   connection_t *cpuworker;
@@ -61,6 +82,11 @@ void cpuworkers_rotate(void)
   spawn_enough_cpuworkers();
 }
 
+/* Called when we get data from a cpuworker.  If the answer is not complete,
+ * wait for a complete answer.  If the cpuworker closes the connection,
+ * mark it as closed and spawn a new one as needed.  If the answer is complete,
+ * process it as appropriate.
+ */
 int connection_cpu_process_inbuf(connection_t *conn) {
   char success;
   unsigned char buf[LEN_ONION_RESPONSE];
@@ -136,6 +162,20 @@ done_processing:
   return 0;
 }
 
+
+/* Implement a cpuworker.  'data' is an fdarray as returned by socketpair.
+ * Read and writes from fdarray[1].  Reads requests, writes answers.
+ *
+ *   Request format:
+ *          Task type           [1 byte, always ONIONSKIN_CHALLENGE_LEN]
+ *          Opaque tag          TAG_LEN
+ *          Onionskin challenge ONIONSKIN_CHALLENGE_LEN
+ *   Response format:
+ *          Success/failure     [1 byte, boolean.]
+ *          Opaque tag          TAG_LEN
+ *          Onionskin challenge ONIONSKIN_REPLY_LEN
+ *          Negotiated keys     KEY_LEN*2+DIGEST_LEN*2
+ */
 int cpuworker_main(void *data) {
   unsigned char question[ONIONSKIN_CHALLENGE_LEN];
   unsigned char question_type;
@@ -209,6 +249,8 @@ int cpuworker_main(void *data) {
   return 0; /* windows wants this function to return an int */
 }
 
+/* Launch a new cpuworker.
+ */
 static int spawn_cpuworker(void) {
   int fd[2];
   connection_t *conn;
@@ -243,6 +285,9 @@ static int spawn_cpuworker(void) {
   return 0; /* success */
 }
 
+/* If we have too few or too many active cpuworkers, try to spawn new ones
+ * or kill idle ones.
+ */
 static void spawn_enough_cpuworkers(void) {
   int num_cpuworkers_needed = options.NumCpus;
 
@@ -260,6 +305,7 @@ static void spawn_enough_cpuworkers(void) {
   }
 }
 
+/* Take a pending task from the queue and assign it to 'cpuworker' */
 static void process_pending_task(connection_t *cpuworker) {
   circuit_t *circ;
 

src/or/dns.c

@@ -2,6 +2,10 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * dns.c: Resolve hostnames in separate processes.
+ *****/
+
 /* See http://elvin.dstc.com/ListArchive/elvin-dev/archive/2001/09/msg00027.html
  * for some approaches to asynchronous dns. We will want to switch once one of
  * them becomes more commonly available.
@@ -12,12 +16,19 @@
 
 extern or_options_t options; /* command-line and config-file options */
 
+/* Longest hostname we're willing to resolve. */
 #define MAX_ADDRESSLEN 256
 
+/* Maximum DNS processes to spawn. */
 #define MAX_DNSWORKERS 50
+/* Minimum DNS processes to spawn. */
 #define MIN_DNSWORKERS 3
+
+/* If more than this many processes are idle, shut down the extras. */
 #define MAX_IDLE_DNSWORKERS 10
 
+/* Possible outcomes from hostname lookup: permanent failure,
+ * transient (retryable) failure, and success */
 #define DNS_RESOLVE_FAILED_TRANSIENT 1
 #define DNS_RESOLVE_FAILED_PERMANENT 2
 #define DNS_RESOLVE_SUCCEEDED 3
@@ -25,11 +36,16 @@ extern or_options_t options; /* command-line and config-file options */
 int num_dnsworkers=0;
 int num_dnsworkers_busy=0;
 
+/* Linked list of connections waiting for a DNS answer. */
 struct pending_connection_t {
   struct connection_t *conn;
   struct pending_connection_t *next;
 };
 
+/* A DNS request: possibly completed, possibly pending; cached_resolve
+ * structs are stored at the OR side in a splay tree, and as a linked
+ * list from oldest to newest.
+ */
 struct cached_resolve {
   SPLAY_ENTRY(cached_resolve) node;
   char address[MAX_ADDRESSLEN]; /* the hostname to be resolved */
@@ -38,7 +54,7 @@ struct cached_resolve {
 #define CACHE_STATE_PENDING 0
 #define CACHE_STATE_VALID 1
 #define CACHE_STATE_FAILED 2
-  uint32_t expire; /* remove untouched items from cache after some time? */
+  uint32_t expire; /* remove items from cache after this time */
   struct pending_connection_t *pending_connections;
   struct cached_resolve *next;
 };
@@ -51,8 +67,11 @@ int dnsworker_main(void *data);
 static int spawn_dnsworker(void);
 static void spawn_enough_dnsworkers(void);
 
+/* Splay tree of cached_resolve objects */
 static SPLAY_HEAD(cache_tree, cached_resolve) cache_root;
 
+/* Function to compare hashed resolves on their addresses; used to
+ * implement splay trees. */
 static int compare_cached_resolves(struct cached_resolve *a,
                                    struct cached_resolve *b) {
   /* make this smarter one day? */
@@ -62,10 +81,12 @@ static int compare_cached_resolves(struct cached_resolve *a,
 SPLAY_PROTOTYPE(cache_tree, cached_resolve, node, compare_cached_resolves);
 SPLAY_GENERATE(cache_tree, cached_resolve, node, compare_cached_resolves);
 
+/* Initialize the DNS cache */
 static void init_cache_tree(void) {
   SPLAY_INIT(&cache_root);
 }
 
+/* Initialize the DNS subsystem; called by the OR process. */
 void dns_init(void) {
   init_cache_tree();
   spawn_enough_dnsworkers();
@@ -74,6 +95,8 @@ void dns_init(void) {
 static struct cached_resolve *oldest_cached_resolve = NULL; /* linked list, */
 static struct cached_resolve *newest_cached_resolve = NULL; /* oldest to newest */
 
+/* Remove every cached_resolve whose 'expire' time is before 'now'
+ * from the cache. */
 static void purge_expired_resolves(uint32_t now) {
   struct cached_resolve *resolve;
 
@@ -178,6 +201,9 @@ int dns_resolve(connection_t *exitconn) {
   return assign_to_dnsworker(exitconn);
 }
 
+/* Find or spawn a dns worker process to handle resolving
+ * exitconn->address; tell that dns worker to begin resolving.
+ */
 static int assign_to_dnsworker(connection_t *exitconn) {
   connection_t *dnsconn;
   unsigned char len;
@@ -210,6 +236,8 @@ static int assign_to_dnsworker(connection_t *exitconn) {
   return 0;
 }
 
+/* Remove 'conn' from the list of connections waiting for conn->address.
+ */
 void connection_dns_remove(connection_t *conn)
 {
   struct pending_connection_t *pend, *victim;
@@ -251,6 +279,8 @@ void connection_dns_remove(connection_t *conn)
   }
 }
 
+/* Log an error and abort if conn is waiting for a DNS resolve.
+ */
 void assert_connection_edge_not_dns_pending(connection_t *conn) {
   struct pending_connection_t *pend;
   struct cached_resolve *resolve;
@@ -264,6 +294,8 @@ void assert_connection_edge_not_dns_pending(connection_t *conn) {
   }
 }
 
+/* Log an error and abort if any connection waiting for a DNS resolve is
+ * corrupted. */
 void assert_all_pending_dns_resolves_ok(void) {
   struct pending_connection_t *pend;
   struct cached_resolve *resolve;
@@ -277,8 +309,9 @@ void assert_all_pending_dns_resolves_ok(void) {
   }
 }
 
-/* Cancel all pending connections. Then cancel the resolve itself,
- * and remove the 'struct cached_resolve' from the cache.
+/* Mark all connections waiting for 'address' for close.  Then cancel
+ * the resolve for 'address' itself, and remove any cached results for
+ * 'address' from the cache.
  */
 void dns_cancel_pending_resolve(char *address) {
   struct pending_connection_t *pend;
@@ -314,6 +347,8 @@ void dns_cancel_pending_resolve(char *address) {
   dns_purge_resolve(resolve);
 }
 
+/* Remove 'resolve' from the cache.
+ */
 static void dns_purge_resolve(struct cached_resolve *resolve) {
   struct cached_resolve *tmp;
 
@@ -338,6 +373,12 @@ static void dns_purge_resolve(struct cached_resolve *resolve) {
   tor_free(resolve);
 }
 
+/* Called on the OR side when a DNS worker tells us the outcome of a DNS
+ * resolve: tell all pending connections about the result of the lookup, and
+ * cache the value.  ('address' is a NUL-terminated string containing the
+ * address to look up; 'addr' is an IPv4 address in host order; 'outcome' is
+ * one of DNS_RESOLVE_{FAILED_TRANSIENT|FAILED_PERMANENT|SUCCEEDED}.
+ */
 static void dns_found_answer(char *address, uint32_t addr, char outcome) {
   struct pending_connection_t *pend;
   struct cached_resolve search;
@@ -356,6 +397,8 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) {
   }
 
   if (resolve->state != CACHE_STATE_PENDING) {
+    /* XXXX Maybe update addr? or check addr for consistency? Or let
+     * VALID replace FAILED? */
     log_fn(LOG_WARN, "Resolved '%s' which was already resolved; ignoring",
            address);
     tor_assert(resolve->pending_connections == NULL);
@@ -401,12 +444,21 @@ static void dns_found_answer(char *address, uint32_t addr, char outcome) {
 
 /******************************************************************/
 
+/*****
+ * Connection between OR and dnsworker
+ *****/
+
+/* Write handler: called when we've pushed a request to a dnsworker. */
 int connection_dns_finished_flushing(connection_t *conn) {
   tor_assert(conn && conn->type == CONN_TYPE_DNSWORKER);
   connection_stop_writing(conn);
   return 0;
 }
 
+/* Read handler: called when we get data from a dnsworker.  If the
+ * connection is closed, mark the dnsworker as dead.  Otherwise, see
+ * if we have a complete answer.  If so, call dns_found_answer on the
+ * result.  If not, wait.  Returns 0. */
 int connection_dns_process_inbuf(connection_t *conn) {
   char success;
   uint32_t addr;
@@ -447,6 +499,23 @@ int connection_dns_process_inbuf(connection_t *conn) {
   return 0;
 }
 
+/* Implementation for DNS workers; this code runs in a separate
+ * execution context.  It takes as its argument an fdarray as returned
+ * by socketpair(), and communicates via fdarray[1].  The protocol is
+ * as follows:
+ *     The OR says:
+ *           ADDRESSLEN [1 byte]
+ *           ADDRESS    [ADDRESSLEN bytes]
+ *     The DNS worker does the lookup, and replies:
+ *           OUTCOME    [1 byte]
+ *           IP         [4 bytes]
+ *
+ * OUTCOME is one of DNS_RESOLVE_{FAILED_TRANSIENT|FAILED_PERMANENT|SUCCEEDED}.
+ * IP is in host order.
+ *
+ * The dnsworker runs indefinitely, until its connection is closed or an error
+ * occurs.
+ */
 int dnsworker_main(void *data) {
   char address[MAX_ADDRESSLEN];
   unsigned char address_len;
@@ -498,6 +567,8 @@ int dnsworker_main(void *data) {
   return 0; /* windows wants this function to return an int */
 }
 
+/* Launch a new DNS worker; return 0 on success, -1 on failure.
+ */
 static int spawn_dnsworker(void) {
   int fd[2];
   connection_t *conn;
@@ -532,6 +603,8 @@ static int spawn_dnsworker(void) {
   return 0; /* success */
 }
 
+/* If we have too many or too few DNS workers, spawn or kill some.
+ */
 static void spawn_enough_dnsworkers(void) {
   int num_dnsworkers_needed; /* aim to have 1 more than needed,
                            * but no less than min and no more than max */

src/or/main.c

@@ -2,6 +2,10 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * main.c: Tor main loop and startup functions.
+ *****/
+
 #include "or.h"
 
 /********* PROTOTYPES **********/
@@ -11,18 +15,26 @@ static int init_from_config(int argc, char **argv);
 
 /********* START VARIABLES **********/
 
+/* declared in connection.c */
 extern char *conn_state_to_string[][_CONN_TYPE_MAX+1];
 
 or_options_t options; /* command-line and config-file options */
 int global_read_bucket; /* max number of bytes I can read this second */
 
+/* What was the read bucket before the last call to prepare_for_pool?
+ * (used to determine how many bytes we've read). */
 static int stats_prev_global_read_bucket;
+/* How many bytes have we read since we started the process? */
 static uint64_t stats_n_bytes_read = 0;
+/* How many seconds have we been running? */
 static long stats_n_seconds_reading = 0;
 
+/* Array of all open connections; each element corresponds to the element of
+ * poll_array in the same position.  The first nfds elements are valid. */
 static connection_t *connection_array[MAXCONNECTIONS] =
         { NULL };
 
+/* Array of pollfd objects for calls to poll(). */
 static struct pollfd poll_array[MAXCONNECTIONS];
 
 static int nfds=0; /* number of connections currently active */
@@ -33,14 +45,14 @@ static int please_reset=0; /* whether we just got a sighup */
 static int please_reap_children=0; /* whether we should waitpid for exited children */
 #endif /* signal stuff */
 
-int has_fetched_directory=0;
 /* we set this to 1 when we've fetched a dir, to know whether to complain
  * yet about unrecognized nicknames in entrynodes, exitnodes, etc.
  * Also, we don't try building circuits unless this is 1. */
+int has_fetched_directory=0;
 
-int has_completed_circuit=0;
 /* we set this to 1 when we've opened a circuit, so we can print a log
  * entry to inform the user that Tor is working. */
+int has_completed_circuit=0;
 
 /********* END VARIABLES ************/
 
@@ -52,6 +64,10 @@ int has_completed_circuit=0;
 *
 ****************************************************************************/
 
+/* Add 'conn' to the array of connections that we can poll on.  The
+ * connection's socket must be set; the connection starts out
+ * non-reading and non-writing.
+ */
 int connection_add(connection_t *conn) {
   tor_assert(conn);
   tor_assert(conn->s >= 0);
@@ -112,11 +128,17 @@ int connection_remove(connection_t *conn) {
   return 0;
 }
 
+/* Set *array to an array of all connections, and *n to the length
+ * of the array.  *array and *n must not be modified.
+ */
 void get_connection_array(connection_t ***array, int *n) {
   *array = connection_array;
   *n = nfds;
 }
 
+/* Set the event mask on 'conn' to 'events'.  (The form of the event mask is
+ * as for poll().)
+ */
 void connection_watch_events(connection_t *conn, short events) {
 
   tor_assert(conn && conn->poll_index < nfds);
@@ -124,10 +146,12 @@ void connection_watch_events(connection_t *conn, short events) {
   poll_array[conn->poll_index].events = events;
 }
 
+/* Return true iff the 'conn' is listening for read events. */
 int connection_is_reading(connection_t *conn) {
   return poll_array[conn->poll_index].events & POLLIN;
 }
 
+/* Tell the main loop to stop notifying 'conn' of any read events. */
 void connection_stop_reading(connection_t *conn) {
 
   tor_assert(conn && conn->poll_index < nfds);
@@ -137,6 +161,7 @@ void connection_stop_reading(connection_t *conn) {
     poll_array[conn->poll_index].events -= POLLIN;
 }
 
+/* Tell the main loop to start notifying 'conn' of any read events. */
 void connection_start_reading(connection_t *conn) {
 
   tor_assert(conn && conn->poll_index < nfds);
@@ -144,10 +169,12 @@ void connection_start_reading(connection_t *conn) {
   poll_array[conn->poll_index].events |= POLLIN;
 }
 
+/* Return true iff the 'conn' is listening for write events. */
 int connection_is_writing(connection_t *conn) {
   return poll_array[conn->poll_index].events & POLLOUT;
 }
 
+/* Tell the main loop to stop notifying 'conn' of any write events. */
 void connection_stop_writing(connection_t *conn) {
 
   tor_assert(conn && conn->poll_index < nfds);
@@ -156,6 +183,7 @@ void connection_stop_writing(connection_t *conn) {
     poll_array[conn->poll_index].events -= POLLOUT;
 }
 
+/* Tell the main loop to start notifying 'conn' of any write events. */
 void connection_start_writing(connection_t *conn) {
 
   tor_assert(conn && conn->poll_index < nfds);
@@ -163,6 +191,10 @@ void connection_start_writing(connection_t *conn) {
   poll_array[conn->poll_index].events |= POLLOUT;
 }
 
+/* Called when the connection at connection_array[i] has a read event:
+ * checks for validity, catches numerous errors, and dispatches to
+ * connection_handle_read.
+ */
 static void conn_read(int i) {
   connection_t *conn = connection_array[i];
 
@@ -200,6 +232,10 @@ static void conn_read(int i) {
   assert_all_pending_dns_resolves_ok();
 }
 
+/* Called when the connection at connection_array[i] has a write event:
+ * checks for validity, catches numerous errors, and dispatches to
+ * connection_handle_write.
+ */
 static void conn_write(int i) {
   connection_t *conn;
 
@@ -227,6 +263,15 @@ static void conn_write(int i) {
   assert_all_pending_dns_resolves_ok();
 }
 
+/* If the connection at connection_array[i] is marked for close, then:
+ *    - If it has data that it wants to flush, try to flush it.
+ *    - If it _still_ has data to flush, and conn->hold_open_until_flushed is
+ *      true, then leave the connection open and return.
+ *    - Otherwise, remove the connection from connection_array and from
+ *      all other lists, close it, and free it.
+ * If we remove the connection, then call conn_closed_if_marked at the new
+ * connection at position i.
+ */
 static void conn_close_if_marked(int i) {
   connection_t *conn;
   int retval;
@@ -280,8 +325,7 @@ static void conn_close_if_marked(int i) {
   }
 }
 
-/* This function is called whenever we successfully pull
- * down a directory */
+/* This function is called whenever we successfully pull down a directory */
 void directory_has_arrived(void) {
 
   log_fn(LOG_INFO, "A directory has arrived.");
@@ -304,11 +348,13 @@ static void run_connection_housekeeping(int i, time_t now) {
   cell_t cell;
   connection_t *conn = connection_array[i];
 
+  /* Expire any directory connections that haven't sent anything for 5 min */
   if(conn->type == CONN_TYPE_DIR &&
      !conn->marked_for_close &&
      conn->timestamp_lastwritten + 5*60 < now) {
     log_fn(LOG_WARN,"Expiring wedged directory conn (purpose %d)", conn->purpose);
     connection_mark_for_close(conn,0);
+    /* XXXX Does this next part make sense, really? */
     conn->hold_open_until_flushed = 1; /* give it a last chance */
     return;
   }
@@ -317,6 +363,8 @@ static void run_connection_housekeeping(int i, time_t now) {
   if(!connection_speaks_cells(conn))
     return;
 
+  /* If we haven't written to an OR connection for a while, then either nuke
+     the connection or send a keepalive, depending. */
   if(now >= conn->timestamp_lastwritten + options.KeepalivePeriod) {
     if((!options.ORPort && !circuit_get_by_conn(conn)) ||
        (!connection_state_is_open(conn))) {
@@ -450,6 +498,10 @@ static void run_scheduled_events(time_t now) {
     conn_close_if_marked(i);
 }
 
+/* Called every time we're about to call tor_poll.  Increments statistics,
+ * and adjusts token buckets.  Returns the number of milliseconds to use for
+ * the poll() timeout.
+ */
 static int prepare_for_poll(void) {
   static long current_second = 0; /* from previous calls to gettimeofday */
   connection_t *conn;
@@ -458,8 +510,8 @@ static int prepare_for_poll(void) {
 
   tor_gettimeofday(&now);
 
-  /* Check how much bandwidth we've consumed,
-   * and increment the token buckets. */
+  /* Check how much bandwidth we've consumed, and increment the token
+   * buckets. */
   stats_n_bytes_read += stats_prev_global_read_bucket-global_read_bucket;
   connection_bucket_refill(&now);
   stats_prev_global_read_bucket = global_read_bucket;
@@ -486,23 +538,30 @@ static int prepare_for_poll(void) {
   return (1000 - (now.tv_usec / 1000)); /* how many milliseconds til the next second? */
 }
 
+/* Configure the Tor process from the command line arguments and from the
+ * configuration file.
+ */
 static int init_from_config(int argc, char **argv) {
+  /* read the configuration file. */
   if(getconfig(argc,argv,&options)) {
     log_fn(LOG_ERR,"Reading config failed. For usage, try -h.");
     return -1;
   }
   close_logs(); /* we'll close, then open with correct loglevel if necessary */
 
+  /* Setuid/setgid as appropriate */
   if(options.User || options.Group) {
     if(switch_id(options.User, options.Group) != 0) {
       return -1;
     }
   }
 
+  /* Start backgrounding the process, if requested. */
   if (options.RunAsDaemon) {
     start_daemon(options.DataDirectory);
   }
 
+  /* Configure the log(s) */
   if(!options.LogFile && !options.RunAsDaemon)
     add_stream_log(options.loglevel, "<stdout>", stdout);
   if(options.LogFile) {
@@ -520,21 +579,26 @@ static int init_from_config(int argc, char **argv) {
     log_fn(LOG_DEBUG, "Successfully opened DebugLogFile '%s'.", options.DebugLogFile);
   }
 
+  /* Set up our buckets */
   connection_bucket_init();
   stats_prev_global_read_bucket = global_read_bucket;
 
+  /* Finish backgrounding the process */
   if(options.RunAsDaemon) {
     /* XXXX Can we delay this any more? */
     finish_daemon();
   }
 
-  /* write our pid to the pid file, if we do not have write permissions we will log a warning */
+  /* Write our pid to the pid file. if we do not have write permissions we
+   * will log a warning */
   if(options.PidFile)
     write_pidfile(options.PidFile);
 
   return 0;
 }
 
+/* Called when we get a SIGHUP: reload configuration files and keys,
+ * retry all connections, re-upload all descriptors, and so on. */
 static int do_hup(void) {
   char keydir[512];
 
@@ -580,6 +644,7 @@ static int do_hup(void) {
   return 0;
 }
 
+/* Tor main loop. */
 static int do_main_loop(void) {
   int i;
   int timeout;
@@ -675,6 +740,7 @@ static int do_main_loop(void) {
   }
 }
 
+/* Unix signal handler. */
 static void catch(int the_signal) {
 
 #ifndef MS_WINDOWS /* do signal stuff only on unix */

src/or/or.h

@@ -1046,8 +1046,8 @@ void rep_hist_dump_stats(time_t now, int severity);
 void rend_client_introcirc_is_open(circuit_t *circ);
 void rend_client_rendcirc_is_open(circuit_t *circ);
 int rend_client_introduction_acked(circuit_t *circ, const char *request, int request_len);
-void rend_client_refetch_renddesc(char *query);
-int rend_client_remove_intro_point(char *failed_intro, char *query);
+void rend_client_refetch_renddesc(const char *query);
+int rend_client_remove_intro_point(char *failed_intro, const char *query);
 int rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_len);
 int rend_client_receive_rendezvous(circuit_t *circ, const char *request, int request_len);
 void rend_client_desc_fetched(char *query, int success);
@@ -1088,10 +1088,10 @@ typedef struct rend_cache_entry_t {
 
 void rend_cache_init(void);
 void rend_cache_clean(void);
-int rend_valid_service_id(char *query);
-int rend_cache_lookup_desc(char *query, const char **desc, int *desc_len);
-int rend_cache_lookup_entry(char *query, rend_cache_entry_t **entry_out);
-int rend_cache_store(char *desc, int desc_len);
+int rend_valid_service_id(const char *query);
+int rend_cache_lookup_desc(const char *query, const char **desc, int *desc_len);
+int rend_cache_lookup_entry(const char *query, rend_cache_entry_t **entry_out);
+int rend_cache_store(const char *desc, int desc_len);
 
 /********************************* rendservice.c ***************************/
 

src/or/rendclient.c

@@ -2,9 +2,14 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * rendclient.c: Client code to access location-hiddenn services.
+ *****/
+
 #include "or.h"
 
-/* send the introduce cell */
+/* Called when we've established a circuit to an introduction point:
+ * send the introduction request. */
 void
 rend_client_introcirc_is_open(circuit_t *circ)
 {
@@ -15,8 +20,8 @@ rend_client_introcirc_is_open(circuit_t *circ)
   connection_ap_attach_pending();
 }
 
-/* send the establish-rendezvous cell. if it fails, mark
- * the circ for close and return -1. else return 0.
+/* Send the establish-rendezvous cell along a rendezvous circuit. if
+ * it fails, mark the circ for close and return -1. else return 0.
  */
 int
 rend_client_send_establish_rendezvous(circuit_t *circ)
@@ -124,7 +129,8 @@ err:
   return -1;
 }
 
-/* send the rendezvous cell */
+/* Called when a rendezvous circuit is open; sends a establish
+ * rendezvous circuit as appropriate. */
 void
 rend_client_rendcirc_is_open(circuit_t *circ)
 {
@@ -209,8 +215,13 @@ rend_client_introduction_acked(circuit_t *circ,
   return 0;
 }
 
+
+/* If we are not currently fetching a rendezvous service descriptor
+ * for the service ID 'query', start a directory connection to fetch a
+ * new one.
+ */
 void
-rend_client_refetch_renddesc(char *query)
+rend_client_refetch_renddesc(const char *query)
 {
   if(connection_get_by_type_rendquery(CONN_TYPE_DIR, query)) {
     log_fn(LOG_INFO,"Would fetch a new renddesc here (for %s), but one is already in progress.", query);
@@ -229,7 +240,7 @@ rend_client_refetch_renddesc(char *query)
  * unrecognized, 1 if recognized and some intro points remain.
  */
 int
-rend_client_remove_intro_point(char *failed_intro, char *query)
+rend_client_remove_intro_point(char *failed_intro, const char *query)
 {
   int i, r;
   rend_cache_entry_t *ent;
@@ -280,7 +291,7 @@ rend_client_rendezvous_acked(circuit_t *circ, const char *request, int request_l
   return 0;
 }
 
-/* bob sent us a rendezvous cell, join the circs. */
+/* Bob sent us a rendezvous cell; join the circuits. */
 int
 rend_client_receive_rendezvous(circuit_t *circ, const char *request, int request_len)
 {

src/or/rendcommon.c

@@ -2,9 +2,14 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * rendcommon.c: Rendezvous implementation: shared code between
+ * introducers, services, clients, and rendezvous points.
+ *****/
+
 #include "or.h"
 
-/* Free the storage held by 'desc'.
+/* Free the storage held by the service descriptor 'desc'.
  */
 void rend_service_descriptor_free(rend_service_descriptor_t *desc)
 {
@@ -66,8 +71,10 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
   return 0;
 }
 
-/* malloc a service_descriptor_t and return it.
- * return NULL if invalid descriptor or error */
+/* Parse a service descriptor at 'str' (len bytes).  On success,
+ * return a newly alloced service_descriptor_t.  On failure, return
+ * NULL.
+ */
 rend_service_descriptor_t *rend_parse_service_descriptor(
                            const char *str, int len)
 {
@@ -121,8 +128,9 @@ rend_service_descriptor_t *rend_parse_service_descriptor(
   return NULL;
 }
 
-/* Sets out to the first 10 bytes of the digest of 'pk', base32 encoded.
- * NUL-terminates out.
+/* Sets out to the first 10 bytes of the digest of 'pk', base32
+ * encoded.  NUL-terminates out.  (We use this string to identify
+ * services in directory requests and .onion URLs.)
  */
 int rend_get_service_id(crypto_pk_env_t *pk, char *out)
 {
@@ -139,6 +147,8 @@ int rend_get_service_id(crypto_pk_env_t *pk, char *out)
 #define REND_CACHE_MAX_AGE (24*60*60)
 #define REND_CACHE_MAX_SKEW (90*60)
 
+/* Map from service id (as generated by rend_get_service_id) to
+ * rend_cache_entry_t. */
 static strmap_t *rend_cache = NULL;
 
 /* Initializes the service descriptor cache.
@@ -172,8 +182,9 @@ void rend_cache_clean(void)
   }
 }
 
-/* return 1 if query is a valid service id, else return 0. */
-int rend_valid_service_id(char *query) {
+/* Return true iff 'query' is a syntactically valid service ID (as
+ * generated by rend_get_service_id).  */
+int rend_valid_service_id(const char *query) {
   if(strlen(query) != REND_SERVICE_ID_LEN)
     return 0;
 
@@ -183,7 +194,10 @@ int rend_valid_service_id(char *query) {
   return 1;
 }
 
-int rend_cache_lookup_entry(char *query, rend_cache_entry_t **e)
+/* If we have a cached rend_cache_entry_t for the service ID 'query', set
+ * *e to that entry and return 1.  Else return 0.
+ */
+int rend_cache_lookup_entry(const char *query, rend_cache_entry_t **e)
 {
   tor_assert(rend_cache);
   if (!rend_valid_service_id(query))
@@ -199,8 +213,10 @@ int rend_cache_lookup_entry(char *query, rend_cache_entry_t **e)
  *   If it is found, point *desc to it, and write its length into
  *   *desc_len, and return 1.
  *   If it is not found, return 0.
+ * Note: calls to rend_cache_clean or rend_cache_store may invalidate
+ * *desc.
  */
-int rend_cache_lookup_desc(char *query, const char **desc, int *desc_len)
+int rend_cache_lookup_desc(const char *query, const char **desc, int *desc_len)
 {
   rend_cache_entry_t *e;
   int r;
@@ -211,12 +227,12 @@ int rend_cache_lookup_desc(char *query, const char **desc, int *desc_len)
   return 1;
 }
 
-
-/* Calculate desc's service id, and store it.
- * Return -1 if it's malformed or otherwise rejected and you
- * want the caller to fail, else return 0.
+/* Parse *desc, calculate its service id, and store it in the cache.
+ * If we have a newer descriptor with the same ID, ignore this one.
+ * If we have an older descriptor with the same ID, replace it.
+ * Returns -1 if it's malformed or otherwise rejected, else return 0.
  */
-int rend_cache_store(char *desc, int desc_len)
+int rend_cache_store(const char *desc, int desc_len)
 {
   rend_cache_entry_t *e;
   rend_service_descriptor_t *parsed;
@@ -273,7 +289,8 @@ int rend_cache_store(char *desc, int desc_len)
   return 0;
 }
 
-/* Dispatch on rendezvous relay command. */
+/* Called when we get a rendezvous-related relay cell on circuit
+ * *circ.  Dispatch on rendezvous relay command. */
 void rend_process_relay_cell(circuit_t *circ, int command, int length,
                              const char *payload)
 {

src/or/rendmid.c

@@ -2,10 +2,14 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * rendmid.c: Implement introductions points and rendezvous points.
+ *****/
+
 #include "or.h"
 
-/* Respond to an ESTABLISH_INTRO cell by setting the circuit's purpose and
- * service pk digest..
+/* Respond to an ESTABLISH_INTRO cell by checking the signed data and
+ * setting the circuit's purpose and service pk digest.
  */
 int
 rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
@@ -219,8 +223,9 @@ rend_mid_establish_rendezvous(circuit_t *circ, const char *request, int request_
   return -1;
 }
 
-/* Process a RENDEZVOUS1 cell by looking up the correct rendezvous circuit by its
- * relaying the cell's body in a RENDEZVOUS2 cell, and connecting the two circuits.
+/* Process a RENDEZVOUS1 cell by looking up the correct rendezvous
+ * circuit by its relaying the cell's body in a RENDEZVOUS2 cell, and
+ * connecting the two circuits.
  */
 int
 rend_mid_rendezvous(circuit_t *circ, const char *request, int request_len)

src/or/rendservice.c

@@ -2,8 +2,9 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
-/* This module implements the hidden-service side of rendezvous functionality.
- */
+/*****
+ * rendservice.c: The hidden-service side of rendezvous functionality.
+ *****/
 
 #include "or.h"
 
@@ -27,14 +28,15 @@ typedef struct rend_service_port_config_t {
 typedef struct rend_service_t {
   /* Fields specified in config file */
   char *directory; /* where in the filesystem it stores it */
-  smartlist_t *ports;
-  char *intro_prefer_nodes;
-  char *intro_exclude_nodes;
+  smartlist_t *ports; /* List of rend_service_port_config_t */
+  char *intro_prefer_nodes; /* comma-separated list of nicknames */
+  char *intro_exclude_nodes; /* comma-separated list of nicknames */
   /* Other fields */
   crypto_pk_env_t *private_key;
   char service_id[REND_SERVICE_ID_LEN+1];
   char pk_digest[DIGEST_LEN];
-  smartlist_t *intro_nodes; /* list of nicknames for intro points we _want_ */
+  smartlist_t *intro_nodes; /* list of nicknames for intro points we have,
+                             * or are trying to establish. */
   rend_service_descriptor_t *desc;
   int desc_is_dirty;
 } rend_service_t;
@@ -457,7 +459,11 @@ rend_service_introduce(circuit_t *circuit, const char *request, int request_len)
   return -1;
 }
 
+
 #define MAX_REND_FAILURES 3
+/* Called when we fail building a rendezvous circuit at some point other
+ * than the last hop: launches a new circuit to the same rendezvous point.
+ */
 void
 rend_service_relaunch_rendezvous(circuit_t *oldcirc)
 {
@@ -495,10 +501,11 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
   memcpy(newcirc->rend_cookie, oldcirc->rend_cookie, REND_COOKIE_LEN);
 }
 
-/* Launch a circuit to serve as an introduction point.
+/* Launch a circuit to serve as an introduction point for the service
+ * 'service' at the introduction point 'nickname'
  */
 static int
-rend_service_launch_establish_intro(rend_service_t *service, char *nickname)
+rend_service_launch_establish_intro(rend_service_t *service, const char *nickname)
 {
   circuit_t *launched;
 
@@ -578,7 +585,9 @@ rend_service_intro_is_ready(circuit_t *circuit)
   circuit_mark_for_close(circuit);
 }
 
-/* Handle an INTRO_ESTABLISHED cell. */
+/* Called when we get an INTRO_ESTABLISHED cell; mark the circuit as a
+ * live introduction point, and note that the service descriptor is
+ * now out-of-date.*/
 int
 rend_service_intro_established(circuit_t *circuit, const char *request, int request_len)
 {
@@ -603,7 +612,7 @@ rend_service_intro_established(circuit_t *circuit, const char *request, int requ
   return -1;
 }
 
-/* Called once a circuit to a rendezvous point is ready: sends a
+/* Called once a circuit to a rendezvous point is established: sends a
  *  RELAY_COMMAND_RENDEZVOUS1 cell.
  */
 void
@@ -711,6 +720,10 @@ find_intro_circuit(routerinfo_t *router, const char *pk_digest)
   return NULL;
 }
 
+/* If the directory servers don't have an up-to-date descriptor for
+ * 'service', Encode and sign the service descriptor for 'service',
+ * and upload it to all the dirservers.
+ */
 static void
 upload_service_descriptor(rend_service_t *service)
 {
@@ -827,6 +840,11 @@ void rend_services_introduce(void) {
   smartlist_free(exclude_routers);
 }
 
+/* Regenerate and upload rendezvous service descriptors for all
+ * services.  If 'force' is false, skip services where we've already
+ * uploaded an up-to-date copy; if 'force' is true, regenerate and
+ * upload everything.
+ */
 void
 rend_services_upload(int force)
 {
@@ -842,6 +860,9 @@ rend_services_upload(int force)
   }
 }
 
+/* Log the status of introduction points for all rendezvous services
+ * at log severity 'serverity'.
+ */
 void
 rend_service_dump_stats(int severity)
 {
@@ -872,9 +893,10 @@ rend_service_dump_stats(int severity)
   }
 }
 
-/* This is a beginning rendezvous stream. Look up conn->port,
- * and assign the actual conn->addr and conn->port. Return -1
- * if failure, or 0 for success.
+/* 'conn' is a rendezvous exit stream. Look up the hidden service for
+ * 'circ', and look up the port and address based on conn->port.
+ * Assign the actual conn->addr and conn->port. Return -1 if failure,
+ * or 0 for success.
  */
 int
 rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ)

src/or/rephist.c

@@ -2,26 +2,47 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * rephist.c: Basic history functionality for reputation module.
+ *****/
+
 #include "or.h"
 
+/* History of an or->or link. */
 typedef struct link_history_t {
+  /* When did we start tracking this list? */
   time_t since;
+  /* How many times did extending from OR1 to OR2 succeeed? */
   unsigned long n_extend_ok;
+  /* How many times did extending from OR1 to OR2 fail? */
   unsigned long n_extend_fail;
 } link_history_t;
 
+/* History of an OR. */
 typedef struct or_history_t {
+  /* When did we start tracking this OR? */
   time_t since;
+  /* How many times did we successfully connect? */
   unsigned long n_conn_ok;
+  /*How many times did we try to connect and fail?*/
   unsigned long n_conn_fail;
+  /* How many seconds have we been connected to this OR before
+   * 'up_since'? */
   unsigned long uptime;
+  /* How many seconds have we been unable to connect to this OR before
+   * 'down_since'? */
   unsigned long downtime;
+  /* If nonzero, we have been connected since this time. */
   time_t up_since;
+  /* If nonzero, we have been unable to connect since this time. */
   time_t down_since;
+  /* Map from lowercased OR2 name to a link_history_t for the link
+   * from this OR to OR2. */
   strmap_t *link_history_map;
 } or_history_t;
 
-static strmap_t *history_map;
+/* Map from lowercased OR nickname to or_history_t. */
+static strmap_t *history_map = NULL;
 
 /* Return the or_history_t for the named OR, creating it if necessary.
  */
@@ -57,7 +78,7 @@ static link_history_t *get_link_history(const char *from_name,
 }
 
 /* Update an or_history_t object so that its uptime/downtime count is
- * up-to-date.
+ * up-to-date as of 'when'.
  */
 static void update_or_history(or_history_t *hist, time_t when)
 {
@@ -227,8 +248,6 @@ void rep_hist_dump_stats(time_t now, int severity)
   }
 }
 
-
-
 /*
   Local Variables:
   mode:c

src/or/tor_main.c

@@ -2,6 +2,11 @@
 /* See LICENSE for licensing information */
 /* $Id$ */
 
+/*****
+ * tor_main.c: Entry point for tor binary.  (We keep main() in a
+ * separate file so that our unit tests can use functions from main.c)
+ *****/
+
 int tor_main(int argc, char *argv[]);
 
 int main(int argc, char *argv[])