control.c 240 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187
  1. /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  2. * Copyright (c) 2007-2016, The Tor Project, Inc. */
  3. /* See LICENSE for licensing information */
  4. /**
  5. * \file control.c
  6. * \brief Implementation for Tor's control-socket interface.
  7. *
  8. * A "controller" is an external program that monitors and controls a Tor
  9. * instance via a text-based protocol. It connects to Tor via a connection
  10. * to a local socket.
  11. *
  12. * The protocol is line-driven. The controller sends commands terminated by a
  13. * CRLF. Tor sends lines that are either <em>replies</em> to what the
  14. * controller has said, or <em>events</em> that Tor sends to the controller
  15. * asynchronously based on occurrences in the Tor network model.
  16. *
  17. * See the control-spec.txt file in the torspec.git repository for full
  18. * details on protocol.
  19. *
  20. * This module generally has two kinds of entry points: those based on having
  21. * received a command on a controller socket, which are handled in
  22. * connection_control_process_inbuf(), and dispatched to individual functions
  23. * with names like control_handle_COMMANDNAME(); and those based on events
  24. * that occur elsewhere in Tor, which are handled by functions with names like
  25. * control_event_EVENTTYPE().
  26. *
  27. * Controller events are not sent immediately; rather, they are inserted into
  28. * the queued_control_events array, and flushed later from
  29. * flush_queued_events_cb(). Doing this simplifies our callgraph greatly,
  30. * by limiting the number of places in Tor that can call back into the network
  31. * stack.
  32. **/
  33. #define CONTROL_PRIVATE
  34. #include "or.h"
  35. #include "addressmap.h"
  36. #include "buffers.h"
  37. #include "channel.h"
  38. #include "channeltls.h"
  39. #include "circuitbuild.h"
  40. #include "circuitlist.h"
  41. #include "circuitstats.h"
  42. #include "circuituse.h"
  43. #include "command.h"
  44. #include "compat_libevent.h"
  45. #include "config.h"
  46. #include "confparse.h"
  47. #include "connection.h"
  48. #include "connection_edge.h"
  49. #include "connection_or.h"
  50. #include "control.h"
  51. #include "directory.h"
  52. #include "dirserv.h"
  53. #include "dnsserv.h"
  54. #include "entrynodes.h"
  55. #include "geoip.h"
  56. #include "hibernate.h"
  57. #include "main.h"
  58. #include "networkstatus.h"
  59. #include "nodelist.h"
  60. #include "policies.h"
  61. #include "reasons.h"
  62. #include "rendclient.h"
  63. #include "rendcommon.h"
  64. #include "rendservice.h"
  65. #include "rephist.h"
  66. #include "router.h"
  67. #include "routerlist.h"
  68. #include "routerparse.h"
  69. #ifndef _WIN32
  70. #include <pwd.h>
  71. #include <sys/resource.h>
  72. #endif
  73. #include <event2/event.h>
  74. #include "crypto_s2k.h"
  75. #include "procmon.h"
  76. /** Yield true iff <b>s</b> is the state of a control_connection_t that has
  77. * finished authentication and is accepting commands. */
  78. #define STATE_IS_OPEN(s) ((s) == CONTROL_CONN_STATE_OPEN)
  79. /** Bitfield: The bit 1&lt;&lt;e is set if <b>any</b> open control
  80. * connection is interested in events of type <b>e</b>. We use this
  81. * so that we can decide to skip generating event messages that nobody
  82. * has interest in without having to walk over the global connection
  83. * list to find out.
  84. **/
  85. typedef uint64_t event_mask_t;
  86. /** An event mask of all the events that any controller is interested in
  87. * receiving. */
  88. static event_mask_t global_event_mask = 0;
  89. /** True iff we have disabled log messages from being sent to the controller */
  90. static int disable_log_messages = 0;
  91. /** Macro: true if any control connection is interested in events of type
  92. * <b>e</b>. */
  93. #define EVENT_IS_INTERESTING(e) \
  94. (!! (global_event_mask & EVENT_MASK_(e)))
  95. /** If we're using cookie-type authentication, how long should our cookies be?
  96. */
  97. #define AUTHENTICATION_COOKIE_LEN 32
  98. /** If true, we've set authentication_cookie to a secret code and
  99. * stored it to disk. */
  100. static int authentication_cookie_is_set = 0;
  101. /** If authentication_cookie_is_set, a secret cookie that we've stored to disk
  102. * and which we're using to authenticate controllers. (If the controller can
  103. * read it off disk, it has permission to connect.) */
  104. static uint8_t *authentication_cookie = NULL;
  105. #define SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT \
  106. "Tor safe cookie authentication server-to-controller hash"
  107. #define SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT \
  108. "Tor safe cookie authentication controller-to-server hash"
  109. #define SAFECOOKIE_SERVER_NONCE_LEN DIGEST256_LEN
  110. /** The list of onion services that have been added via ADD_ONION that do not
  111. * belong to any particular control connection.
  112. */
  113. static smartlist_t *detached_onion_services = NULL;
  114. /** A sufficiently large size to record the last bootstrap phase string. */
  115. #define BOOTSTRAP_MSG_LEN 1024
  116. /** What was the last bootstrap phase message we sent? We keep track
  117. * of this so we can respond to getinfo status/bootstrap-phase queries. */
  118. static char last_sent_bootstrap_message[BOOTSTRAP_MSG_LEN];
  119. static void connection_printf_to_buf(control_connection_t *conn,
  120. const char *format, ...)
  121. CHECK_PRINTF(2,3);
  122. static void send_control_event_impl(uint16_t event,
  123. const char *format, va_list ap)
  124. CHECK_PRINTF(2,0);
  125. static int control_event_status(int type, int severity, const char *format,
  126. va_list args)
  127. CHECK_PRINTF(3,0);
  128. static void send_control_done(control_connection_t *conn);
  129. static void send_control_event(uint16_t event,
  130. const char *format, ...)
  131. CHECK_PRINTF(2,3);
  132. static int handle_control_setconf(control_connection_t *conn, uint32_t len,
  133. char *body);
  134. static int handle_control_resetconf(control_connection_t *conn, uint32_t len,
  135. char *body);
  136. static int handle_control_getconf(control_connection_t *conn, uint32_t len,
  137. const char *body);
  138. static int handle_control_loadconf(control_connection_t *conn, uint32_t len,
  139. const char *body);
  140. static int handle_control_setevents(control_connection_t *conn, uint32_t len,
  141. const char *body);
  142. static int handle_control_authenticate(control_connection_t *conn,
  143. uint32_t len,
  144. const char *body);
  145. static int handle_control_signal(control_connection_t *conn, uint32_t len,
  146. const char *body);
  147. static int handle_control_mapaddress(control_connection_t *conn, uint32_t len,
  148. const char *body);
  149. static char *list_getinfo_options(void);
  150. static int handle_control_getinfo(control_connection_t *conn, uint32_t len,
  151. const char *body);
  152. static int handle_control_extendcircuit(control_connection_t *conn,
  153. uint32_t len,
  154. const char *body);
  155. static int handle_control_setcircuitpurpose(control_connection_t *conn,
  156. uint32_t len, const char *body);
  157. static int handle_control_attachstream(control_connection_t *conn,
  158. uint32_t len,
  159. const char *body);
  160. static int handle_control_postdescriptor(control_connection_t *conn,
  161. uint32_t len,
  162. const char *body);
  163. static int handle_control_redirectstream(control_connection_t *conn,
  164. uint32_t len,
  165. const char *body);
  166. static int handle_control_closestream(control_connection_t *conn, uint32_t len,
  167. const char *body);
  168. static int handle_control_closecircuit(control_connection_t *conn,
  169. uint32_t len,
  170. const char *body);
  171. static int handle_control_resolve(control_connection_t *conn, uint32_t len,
  172. const char *body);
  173. static int handle_control_usefeature(control_connection_t *conn,
  174. uint32_t len,
  175. const char *body);
  176. static int handle_control_hsfetch(control_connection_t *conn, uint32_t len,
  177. const char *body);
  178. static int handle_control_hspost(control_connection_t *conn, uint32_t len,
  179. const char *body);
  180. static int handle_control_add_onion(control_connection_t *conn, uint32_t len,
  181. const char *body);
  182. static int handle_control_del_onion(control_connection_t *conn, uint32_t len,
  183. const char *body);
  184. static int write_stream_target_to_buf(entry_connection_t *conn, char *buf,
  185. size_t len);
  186. static void orconn_target_get_name(char *buf, size_t len,
  187. or_connection_t *conn);
  188. static int get_cached_network_liveness(void);
  189. static void set_cached_network_liveness(int liveness);
  190. static void flush_queued_events_cb(evutil_socket_t fd, short what, void *arg);
  191. static char * download_status_to_string(const download_status_t *dl);
  192. /** Given a control event code for a message event, return the corresponding
  193. * log severity. */
  194. static inline int
  195. event_to_log_severity(int event)
  196. {
  197. switch (event) {
  198. case EVENT_DEBUG_MSG: return LOG_DEBUG;
  199. case EVENT_INFO_MSG: return LOG_INFO;
  200. case EVENT_NOTICE_MSG: return LOG_NOTICE;
  201. case EVENT_WARN_MSG: return LOG_WARN;
  202. case EVENT_ERR_MSG: return LOG_ERR;
  203. default: return -1;
  204. }
  205. }
  206. /** Given a log severity, return the corresponding control event code. */
  207. static inline int
  208. log_severity_to_event(int severity)
  209. {
  210. switch (severity) {
  211. case LOG_DEBUG: return EVENT_DEBUG_MSG;
  212. case LOG_INFO: return EVENT_INFO_MSG;
  213. case LOG_NOTICE: return EVENT_NOTICE_MSG;
  214. case LOG_WARN: return EVENT_WARN_MSG;
  215. case LOG_ERR: return EVENT_ERR_MSG;
  216. default: return -1;
  217. }
  218. }
  219. /** Helper: clear bandwidth counters of all origin circuits. */
  220. static void
  221. clear_circ_bw_fields(void)
  222. {
  223. origin_circuit_t *ocirc;
  224. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  225. if (!CIRCUIT_IS_ORIGIN(circ))
  226. continue;
  227. ocirc = TO_ORIGIN_CIRCUIT(circ);
  228. ocirc->n_written_circ_bw = ocirc->n_read_circ_bw = 0;
  229. }
  230. SMARTLIST_FOREACH_END(circ);
  231. }
  232. /** Set <b>global_event_mask*</b> to the bitwise OR of each live control
  233. * connection's event_mask field. */
  234. void
  235. control_update_global_event_mask(void)
  236. {
  237. smartlist_t *conns = get_connection_array();
  238. event_mask_t old_mask, new_mask;
  239. old_mask = global_event_mask;
  240. global_event_mask = 0;
  241. SMARTLIST_FOREACH(conns, connection_t *, _conn,
  242. {
  243. if (_conn->type == CONN_TYPE_CONTROL &&
  244. STATE_IS_OPEN(_conn->state)) {
  245. control_connection_t *conn = TO_CONTROL_CONN(_conn);
  246. global_event_mask |= conn->event_mask;
  247. }
  248. });
  249. new_mask = global_event_mask;
  250. /* Handle the aftermath. Set up the log callback to tell us only what
  251. * we want to hear...*/
  252. control_adjust_event_log_severity();
  253. /* ...then, if we've started logging stream or circ bw, clear the
  254. * appropriate fields. */
  255. if (! (old_mask & EVENT_STREAM_BANDWIDTH_USED) &&
  256. (new_mask & EVENT_STREAM_BANDWIDTH_USED)) {
  257. SMARTLIST_FOREACH(conns, connection_t *, conn,
  258. {
  259. if (conn->type == CONN_TYPE_AP) {
  260. edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
  261. edge_conn->n_written = edge_conn->n_read = 0;
  262. }
  263. });
  264. }
  265. if (! (old_mask & EVENT_CIRC_BANDWIDTH_USED) &&
  266. (new_mask & EVENT_CIRC_BANDWIDTH_USED)) {
  267. clear_circ_bw_fields();
  268. }
  269. }
  270. /** Adjust the log severities that result in control_event_logmsg being called
  271. * to match the severity of log messages that any controllers are interested
  272. * in. */
  273. void
  274. control_adjust_event_log_severity(void)
  275. {
  276. int i;
  277. int min_log_event=EVENT_ERR_MSG, max_log_event=EVENT_DEBUG_MSG;
  278. for (i = EVENT_DEBUG_MSG; i <= EVENT_ERR_MSG; ++i) {
  279. if (EVENT_IS_INTERESTING(i)) {
  280. min_log_event = i;
  281. break;
  282. }
  283. }
  284. for (i = EVENT_ERR_MSG; i >= EVENT_DEBUG_MSG; --i) {
  285. if (EVENT_IS_INTERESTING(i)) {
  286. max_log_event = i;
  287. break;
  288. }
  289. }
  290. if (EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL)) {
  291. if (min_log_event > EVENT_NOTICE_MSG)
  292. min_log_event = EVENT_NOTICE_MSG;
  293. if (max_log_event < EVENT_ERR_MSG)
  294. max_log_event = EVENT_ERR_MSG;
  295. }
  296. if (min_log_event <= max_log_event)
  297. change_callback_log_severity(event_to_log_severity(min_log_event),
  298. event_to_log_severity(max_log_event),
  299. control_event_logmsg);
  300. else
  301. change_callback_log_severity(LOG_ERR, LOG_ERR,
  302. control_event_logmsg);
  303. }
  304. /** Return true iff the event with code <b>c</b> is being sent to any current
  305. * control connection. This is useful if the amount of work needed to prepare
  306. * to call the appropriate control_event_...() function is high.
  307. */
  308. int
  309. control_event_is_interesting(int event)
  310. {
  311. return EVENT_IS_INTERESTING(event);
  312. }
  313. /** Append a NUL-terminated string <b>s</b> to the end of
  314. * <b>conn</b>-\>outbuf.
  315. */
  316. static inline void
  317. connection_write_str_to_buf(const char *s, control_connection_t *conn)
  318. {
  319. size_t len = strlen(s);
  320. connection_write_to_buf(s, len, TO_CONN(conn));
  321. }
  322. /** Given a <b>len</b>-character string in <b>data</b>, made of lines
  323. * terminated by CRLF, allocate a new string in *<b>out</b>, and copy the
  324. * contents of <b>data</b> into *<b>out</b>, adding a period before any period
  325. * that appears at the start of a line, and adding a period-CRLF line at
  326. * the end. Replace all LF characters sequences with CRLF. Return the number
  327. * of bytes in *<b>out</b>.
  328. */
  329. STATIC size_t
  330. write_escaped_data(const char *data, size_t len, char **out)
  331. {
  332. size_t sz_out = len+8;
  333. char *outp;
  334. const char *start = data, *end;
  335. int i;
  336. int start_of_line;
  337. for (i=0; i<(int)len; ++i) {
  338. if (data[i]== '\n')
  339. sz_out += 2; /* Maybe add a CR; maybe add a dot. */
  340. }
  341. *out = outp = tor_malloc(sz_out+1);
  342. end = data+len;
  343. start_of_line = 1;
  344. while (data < end) {
  345. if (*data == '\n') {
  346. if (data > start && data[-1] != '\r')
  347. *outp++ = '\r';
  348. start_of_line = 1;
  349. } else if (*data == '.') {
  350. if (start_of_line) {
  351. start_of_line = 0;
  352. *outp++ = '.';
  353. }
  354. } else {
  355. start_of_line = 0;
  356. }
  357. *outp++ = *data++;
  358. }
  359. if (outp < *out+2 || fast_memcmp(outp-2, "\r\n", 2)) {
  360. *outp++ = '\r';
  361. *outp++ = '\n';
  362. }
  363. *outp++ = '.';
  364. *outp++ = '\r';
  365. *outp++ = '\n';
  366. *outp = '\0'; /* NUL-terminate just in case. */
  367. tor_assert((outp - *out) <= (int)sz_out);
  368. return outp - *out;
  369. }
  370. /** Given a <b>len</b>-character string in <b>data</b>, made of lines
  371. * terminated by CRLF, allocate a new string in *<b>out</b>, and copy
  372. * the contents of <b>data</b> into *<b>out</b>, removing any period
  373. * that appears at the start of a line, and replacing all CRLF sequences
  374. * with LF. Return the number of
  375. * bytes in *<b>out</b>. */
  376. STATIC size_t
  377. read_escaped_data(const char *data, size_t len, char **out)
  378. {
  379. char *outp;
  380. const char *next;
  381. const char *end;
  382. *out = outp = tor_malloc(len+1);
  383. end = data+len;
  384. while (data < end) {
  385. /* we're at the start of a line. */
  386. if (*data == '.')
  387. ++data;
  388. next = memchr(data, '\n', end-data);
  389. if (next) {
  390. size_t n_to_copy = next-data;
  391. /* Don't copy a CR that precedes this LF. */
  392. if (n_to_copy && *(next-1) == '\r')
  393. --n_to_copy;
  394. memcpy(outp, data, n_to_copy);
  395. outp += n_to_copy;
  396. data = next+1; /* This will point at the start of the next line,
  397. * or the end of the string, or a period. */
  398. } else {
  399. memcpy(outp, data, end-data);
  400. outp += (end-data);
  401. *outp = '\0';
  402. return outp - *out;
  403. }
  404. *outp++ = '\n';
  405. }
  406. *outp = '\0';
  407. return outp - *out;
  408. }
  409. /** If the first <b>in_len_max</b> characters in <b>start</b> contain a
  410. * double-quoted string with escaped characters, return the length of that
  411. * string (as encoded, including quotes). Otherwise return -1. */
  412. static inline int
  413. get_escaped_string_length(const char *start, size_t in_len_max,
  414. int *chars_out)
  415. {
  416. const char *cp, *end;
  417. int chars = 0;
  418. if (*start != '\"')
  419. return -1;
  420. cp = start+1;
  421. end = start+in_len_max;
  422. /* Calculate length. */
  423. while (1) {
  424. if (cp >= end) {
  425. return -1; /* Too long. */
  426. } else if (*cp == '\\') {
  427. if (++cp == end)
  428. return -1; /* Can't escape EOS. */
  429. ++cp;
  430. ++chars;
  431. } else if (*cp == '\"') {
  432. break;
  433. } else {
  434. ++cp;
  435. ++chars;
  436. }
  437. }
  438. if (chars_out)
  439. *chars_out = chars;
  440. return (int)(cp - start+1);
  441. }
  442. /** As decode_escaped_string, but does not decode the string: copies the
  443. * entire thing, including quotation marks. */
  444. static const char *
  445. extract_escaped_string(const char *start, size_t in_len_max,
  446. char **out, size_t *out_len)
  447. {
  448. int length = get_escaped_string_length(start, in_len_max, NULL);
  449. if (length<0)
  450. return NULL;
  451. *out_len = length;
  452. *out = tor_strndup(start, *out_len);
  453. return start+length;
  454. }
  455. /** Given a pointer to a string starting at <b>start</b> containing
  456. * <b>in_len_max</b> characters, decode a string beginning with one double
  457. * quote, containing any number of non-quote characters or characters escaped
  458. * with a backslash, and ending with a final double quote. Place the resulting
  459. * string (unquoted, unescaped) into a newly allocated string in *<b>out</b>;
  460. * store its length in <b>out_len</b>. On success, return a pointer to the
  461. * character immediately following the escaped string. On failure, return
  462. * NULL. */
  463. static const char *
  464. decode_escaped_string(const char *start, size_t in_len_max,
  465. char **out, size_t *out_len)
  466. {
  467. const char *cp, *end;
  468. char *outp;
  469. int len, n_chars = 0;
  470. len = get_escaped_string_length(start, in_len_max, &n_chars);
  471. if (len<0)
  472. return NULL;
  473. end = start+len-1; /* Index of last quote. */
  474. tor_assert(*end == '\"');
  475. outp = *out = tor_malloc(len+1);
  476. *out_len = n_chars;
  477. cp = start+1;
  478. while (cp < end) {
  479. if (*cp == '\\')
  480. ++cp;
  481. *outp++ = *cp++;
  482. }
  483. *outp = '\0';
  484. tor_assert((outp - *out) == (int)*out_len);
  485. return end+1;
  486. }
  487. /** Acts like sprintf, but writes its formatted string to the end of
  488. * <b>conn</b>-\>outbuf. */
  489. static void
  490. connection_printf_to_buf(control_connection_t *conn, const char *format, ...)
  491. {
  492. va_list ap;
  493. char *buf = NULL;
  494. int len;
  495. va_start(ap,format);
  496. len = tor_vasprintf(&buf, format, ap);
  497. va_end(ap);
  498. if (len < 0) {
  499. log_err(LD_BUG, "Unable to format string for controller.");
  500. tor_assert(0);
  501. }
  502. connection_write_to_buf(buf, (size_t)len, TO_CONN(conn));
  503. tor_free(buf);
  504. }
  505. /** Write all of the open control ports to ControlPortWriteToFile */
  506. void
  507. control_ports_write_to_file(void)
  508. {
  509. smartlist_t *lines;
  510. char *joined = NULL;
  511. const or_options_t *options = get_options();
  512. if (!options->ControlPortWriteToFile)
  513. return;
  514. lines = smartlist_new();
  515. SMARTLIST_FOREACH_BEGIN(get_connection_array(), const connection_t *, conn) {
  516. if (conn->type != CONN_TYPE_CONTROL_LISTENER || conn->marked_for_close)
  517. continue;
  518. #ifdef AF_UNIX
  519. if (conn->socket_family == AF_UNIX) {
  520. smartlist_add_asprintf(lines, "UNIX_PORT=%s\n", conn->address);
  521. continue;
  522. }
  523. #endif
  524. smartlist_add_asprintf(lines, "PORT=%s:%d\n", conn->address, conn->port);
  525. } SMARTLIST_FOREACH_END(conn);
  526. joined = smartlist_join_strings(lines, "", 0, NULL);
  527. if (write_str_to_file(options->ControlPortWriteToFile, joined, 0) < 0) {
  528. log_warn(LD_CONTROL, "Writing %s failed: %s",
  529. options->ControlPortWriteToFile, strerror(errno));
  530. }
  531. #ifndef _WIN32
  532. if (options->ControlPortFileGroupReadable) {
  533. if (chmod(options->ControlPortWriteToFile, 0640)) {
  534. log_warn(LD_FS,"Unable to make %s group-readable.",
  535. options->ControlPortWriteToFile);
  536. }
  537. }
  538. #endif
  539. tor_free(joined);
  540. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  541. smartlist_free(lines);
  542. }
  543. /** Send a "DONE" message down the control connection <b>conn</b>. */
  544. static void
  545. send_control_done(control_connection_t *conn)
  546. {
  547. connection_write_str_to_buf("250 OK\r\n", conn);
  548. }
  549. /** Represents an event that's queued to be sent to one or more
  550. * controllers. */
  551. typedef struct queued_event_s {
  552. uint16_t event;
  553. char *msg;
  554. } queued_event_t;
  555. /** Pointer to int. If this is greater than 0, we don't allow new events to be
  556. * queued. */
  557. static tor_threadlocal_t block_event_queue_flag;
  558. /** Holds a smartlist of queued_event_t objects that may need to be sent
  559. * to one or more controllers */
  560. static smartlist_t *queued_control_events = NULL;
  561. /** True if the flush_queued_events_event is pending. */
  562. static int flush_queued_event_pending = 0;
  563. /** Lock to protect the above fields. */
  564. static tor_mutex_t *queued_control_events_lock = NULL;
  565. /** An event that should fire in order to flush the contents of
  566. * queued_control_events. */
  567. static struct event *flush_queued_events_event = NULL;
  568. void
  569. control_initialize_event_queue(void)
  570. {
  571. if (queued_control_events == NULL) {
  572. queued_control_events = smartlist_new();
  573. }
  574. if (flush_queued_events_event == NULL) {
  575. struct event_base *b = tor_libevent_get_base();
  576. if (b) {
  577. flush_queued_events_event = tor_event_new(b,
  578. -1, 0, flush_queued_events_cb,
  579. NULL);
  580. tor_assert(flush_queued_events_event);
  581. }
  582. }
  583. if (queued_control_events_lock == NULL) {
  584. queued_control_events_lock = tor_mutex_new();
  585. tor_threadlocal_init(&block_event_queue_flag);
  586. }
  587. }
  588. static int *
  589. get_block_event_queue(void)
  590. {
  591. int *val = tor_threadlocal_get(&block_event_queue_flag);
  592. if (PREDICT_UNLIKELY(val == NULL)) {
  593. val = tor_malloc_zero(sizeof(int));
  594. tor_threadlocal_set(&block_event_queue_flag, val);
  595. }
  596. return val;
  597. }
  598. /** Helper: inserts an event on the list of events queued to be sent to
  599. * one or more controllers, and schedules the events to be flushed if needed.
  600. *
  601. * This function takes ownership of <b>msg</b>, and may free it.
  602. *
  603. * We queue these events rather than send them immediately in order to break
  604. * the dependency in our callgraph from code that generates events for the
  605. * controller, and the network layer at large. Otherwise, nearly every
  606. * interesting part of Tor would potentially call every other interesting part
  607. * of Tor.
  608. */
  609. MOCK_IMPL(STATIC void,
  610. queue_control_event_string,(uint16_t event, char *msg))
  611. {
  612. /* This is redundant with checks done elsewhere, but it's a last-ditch
  613. * attempt to avoid queueing something we shouldn't have to queue. */
  614. if (PREDICT_UNLIKELY( ! EVENT_IS_INTERESTING(event) )) {
  615. tor_free(msg);
  616. return;
  617. }
  618. int *block_event_queue = get_block_event_queue();
  619. if (*block_event_queue) {
  620. tor_free(msg);
  621. return;
  622. }
  623. queued_event_t *ev = tor_malloc(sizeof(*ev));
  624. ev->event = event;
  625. ev->msg = msg;
  626. /* No queueing an event while queueing an event */
  627. ++*block_event_queue;
  628. tor_mutex_acquire(queued_control_events_lock);
  629. tor_assert(queued_control_events);
  630. smartlist_add(queued_control_events, ev);
  631. int activate_event = 0;
  632. if (! flush_queued_event_pending && in_main_thread()) {
  633. activate_event = 1;
  634. flush_queued_event_pending = 1;
  635. }
  636. tor_mutex_release(queued_control_events_lock);
  637. --*block_event_queue;
  638. /* We just put an event on the queue; mark the queue to be
  639. * flushed. We only do this from the main thread for now; otherwise,
  640. * we'd need to incur locking overhead in Libevent or use a socket.
  641. */
  642. if (activate_event) {
  643. tor_assert(flush_queued_events_event);
  644. event_active(flush_queued_events_event, EV_READ, 1);
  645. }
  646. }
  647. /** Release all storage held by <b>ev</b>. */
  648. static void
  649. queued_event_free(queued_event_t *ev)
  650. {
  651. if (ev == NULL)
  652. return;
  653. tor_free(ev->msg);
  654. tor_free(ev);
  655. }
  656. /** Send every queued event to every controller that's interested in it,
  657. * and remove the events from the queue. If <b>force</b> is true,
  658. * then make all controllers send their data out immediately, since we
  659. * may be about to shut down. */
  660. static void
  661. queued_events_flush_all(int force)
  662. {
  663. if (PREDICT_UNLIKELY(queued_control_events == NULL)) {
  664. return;
  665. }
  666. smartlist_t *all_conns = get_connection_array();
  667. smartlist_t *controllers = smartlist_new();
  668. smartlist_t *queued_events;
  669. int *block_event_queue = get_block_event_queue();
  670. ++*block_event_queue;
  671. tor_mutex_acquire(queued_control_events_lock);
  672. /* No queueing an event while flushing events. */
  673. flush_queued_event_pending = 0;
  674. queued_events = queued_control_events;
  675. queued_control_events = smartlist_new();
  676. tor_mutex_release(queued_control_events_lock);
  677. /* Gather all the controllers that will care... */
  678. SMARTLIST_FOREACH_BEGIN(all_conns, connection_t *, conn) {
  679. if (conn->type == CONN_TYPE_CONTROL &&
  680. !conn->marked_for_close &&
  681. conn->state == CONTROL_CONN_STATE_OPEN) {
  682. control_connection_t *control_conn = TO_CONTROL_CONN(conn);
  683. smartlist_add(controllers, control_conn);
  684. }
  685. } SMARTLIST_FOREACH_END(conn);
  686. SMARTLIST_FOREACH_BEGIN(queued_events, queued_event_t *, ev) {
  687. const event_mask_t bit = ((event_mask_t)1) << ev->event;
  688. const size_t msg_len = strlen(ev->msg);
  689. SMARTLIST_FOREACH_BEGIN(controllers, control_connection_t *,
  690. control_conn) {
  691. if (control_conn->event_mask & bit) {
  692. connection_write_to_buf(ev->msg, msg_len, TO_CONN(control_conn));
  693. }
  694. } SMARTLIST_FOREACH_END(control_conn);
  695. queued_event_free(ev);
  696. } SMARTLIST_FOREACH_END(ev);
  697. if (force) {
  698. SMARTLIST_FOREACH_BEGIN(controllers, control_connection_t *,
  699. control_conn) {
  700. connection_flush(TO_CONN(control_conn));
  701. } SMARTLIST_FOREACH_END(control_conn);
  702. }
  703. smartlist_free(queued_events);
  704. smartlist_free(controllers);
  705. --*block_event_queue;
  706. }
  707. /** Libevent callback: Flushes pending events to controllers that are
  708. * interested in them */
  709. static void
  710. flush_queued_events_cb(evutil_socket_t fd, short what, void *arg)
  711. {
  712. (void) fd;
  713. (void) what;
  714. (void) arg;
  715. queued_events_flush_all(0);
  716. }
  717. /** Send an event to all v1 controllers that are listening for code
  718. * <b>event</b>. The event's body is given by <b>msg</b>.
  719. *
  720. * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behave similarly with
  721. * respect to the EXTENDED_EVENTS feature. */
  722. MOCK_IMPL(STATIC void,
  723. send_control_event_string,(uint16_t event,
  724. const char *msg))
  725. {
  726. tor_assert(event >= EVENT_MIN_ && event <= EVENT_MAX_);
  727. queue_control_event_string(event, tor_strdup(msg));
  728. }
  729. /** Helper for send_control_event and control_event_status:
  730. * Send an event to all v1 controllers that are listening for code
  731. * <b>event</b>. The event's body is created by the printf-style format in
  732. * <b>format</b>, and other arguments as provided. */
  733. static void
  734. send_control_event_impl(uint16_t event,
  735. const char *format, va_list ap)
  736. {
  737. char *buf = NULL;
  738. int len;
  739. len = tor_vasprintf(&buf, format, ap);
  740. if (len < 0) {
  741. log_warn(LD_BUG, "Unable to format event for controller.");
  742. return;
  743. }
  744. queue_control_event_string(event, buf);
  745. }
  746. /** Send an event to all v1 controllers that are listening for code
  747. * <b>event</b>. The event's body is created by the printf-style format in
  748. * <b>format</b>, and other arguments as provided. */
  749. static void
  750. send_control_event(uint16_t event,
  751. const char *format, ...)
  752. {
  753. va_list ap;
  754. va_start(ap, format);
  755. send_control_event_impl(event, format, ap);
  756. va_end(ap);
  757. }
  758. /** Given a text circuit <b>id</b>, return the corresponding circuit. */
  759. static origin_circuit_t *
  760. get_circ(const char *id)
  761. {
  762. uint32_t n_id;
  763. int ok;
  764. n_id = (uint32_t) tor_parse_ulong(id, 10, 0, UINT32_MAX, &ok, NULL);
  765. if (!ok)
  766. return NULL;
  767. return circuit_get_by_global_id(n_id);
  768. }
  769. /** Given a text stream <b>id</b>, return the corresponding AP connection. */
  770. static entry_connection_t *
  771. get_stream(const char *id)
  772. {
  773. uint64_t n_id;
  774. int ok;
  775. connection_t *conn;
  776. n_id = tor_parse_uint64(id, 10, 0, UINT64_MAX, &ok, NULL);
  777. if (!ok)
  778. return NULL;
  779. conn = connection_get_by_global_id(n_id);
  780. if (!conn || conn->type != CONN_TYPE_AP || conn->marked_for_close)
  781. return NULL;
  782. return TO_ENTRY_CONN(conn);
  783. }
  784. /** Helper for setconf and resetconf. Acts like setconf, except
  785. * it passes <b>use_defaults</b> on to options_trial_assign(). Modifies the
  786. * contents of body.
  787. */
  788. static int
  789. control_setconf_helper(control_connection_t *conn, uint32_t len, char *body,
  790. int use_defaults)
  791. {
  792. setopt_err_t opt_err;
  793. config_line_t *lines=NULL;
  794. char *start = body;
  795. char *errstring = NULL;
  796. const unsigned flags =
  797. CAL_CLEAR_FIRST | (use_defaults ? CAL_USE_DEFAULTS : 0);
  798. char *config;
  799. smartlist_t *entries = smartlist_new();
  800. /* We have a string, "body", of the format '(key(=val|="val")?)' entries
  801. * separated by space. break it into a list of configuration entries. */
  802. while (*body) {
  803. char *eq = body;
  804. char *key;
  805. char *entry;
  806. while (!TOR_ISSPACE(*eq) && *eq != '=')
  807. ++eq;
  808. key = tor_strndup(body, eq-body);
  809. body = eq+1;
  810. if (*eq == '=') {
  811. char *val=NULL;
  812. size_t val_len=0;
  813. if (*body != '\"') {
  814. char *val_start = body;
  815. while (!TOR_ISSPACE(*body))
  816. body++;
  817. val = tor_strndup(val_start, body-val_start);
  818. val_len = strlen(val);
  819. } else {
  820. body = (char*)extract_escaped_string(body, (len - (body-start)),
  821. &val, &val_len);
  822. if (!body) {
  823. connection_write_str_to_buf("551 Couldn't parse string\r\n", conn);
  824. SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
  825. smartlist_free(entries);
  826. tor_free(key);
  827. return 0;
  828. }
  829. }
  830. tor_asprintf(&entry, "%s %s", key, val);
  831. tor_free(key);
  832. tor_free(val);
  833. } else {
  834. entry = key;
  835. }
  836. smartlist_add(entries, entry);
  837. while (TOR_ISSPACE(*body))
  838. ++body;
  839. }
  840. smartlist_add(entries, tor_strdup(""));
  841. config = smartlist_join_strings(entries, "\n", 0, NULL);
  842. SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
  843. smartlist_free(entries);
  844. if (config_get_lines(config, &lines, 0) < 0) {
  845. log_warn(LD_CONTROL,"Controller gave us config lines we can't parse.");
  846. connection_write_str_to_buf("551 Couldn't parse configuration\r\n",
  847. conn);
  848. tor_free(config);
  849. return 0;
  850. }
  851. tor_free(config);
  852. opt_err = options_trial_assign(lines, flags, &errstring);
  853. {
  854. const char *msg;
  855. switch (opt_err) {
  856. case SETOPT_ERR_MISC:
  857. msg = "552 Unrecognized option";
  858. break;
  859. case SETOPT_ERR_PARSE:
  860. msg = "513 Unacceptable option value";
  861. break;
  862. case SETOPT_ERR_TRANSITION:
  863. msg = "553 Transition not allowed";
  864. break;
  865. case SETOPT_ERR_SETTING:
  866. default:
  867. msg = "553 Unable to set option";
  868. break;
  869. case SETOPT_OK:
  870. config_free_lines(lines);
  871. send_control_done(conn);
  872. return 0;
  873. }
  874. log_warn(LD_CONTROL,
  875. "Controller gave us config lines that didn't validate: %s",
  876. errstring);
  877. connection_printf_to_buf(conn, "%s: %s\r\n", msg, errstring);
  878. config_free_lines(lines);
  879. tor_free(errstring);
  880. return 0;
  881. }
  882. }
  883. /** Called when we receive a SETCONF message: parse the body and try
  884. * to update our configuration. Reply with a DONE or ERROR message.
  885. * Modifies the contents of body.*/
  886. static int
  887. handle_control_setconf(control_connection_t *conn, uint32_t len, char *body)
  888. {
  889. return control_setconf_helper(conn, len, body, 0);
  890. }
  891. /** Called when we receive a RESETCONF message: parse the body and try
  892. * to update our configuration. Reply with a DONE or ERROR message.
  893. * Modifies the contents of body. */
  894. static int
  895. handle_control_resetconf(control_connection_t *conn, uint32_t len, char *body)
  896. {
  897. return control_setconf_helper(conn, len, body, 1);
  898. }
  899. /** Called when we receive a GETCONF message. Parse the request, and
  900. * reply with a CONFVALUE or an ERROR message */
  901. static int
  902. handle_control_getconf(control_connection_t *conn, uint32_t body_len,
  903. const char *body)
  904. {
  905. smartlist_t *questions = smartlist_new();
  906. smartlist_t *answers = smartlist_new();
  907. smartlist_t *unrecognized = smartlist_new();
  908. char *msg = NULL;
  909. size_t msg_len;
  910. const or_options_t *options = get_options();
  911. int i, len;
  912. (void) body_len; /* body is NUL-terminated; so we can ignore len. */
  913. smartlist_split_string(questions, body, " ",
  914. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  915. SMARTLIST_FOREACH_BEGIN(questions, const char *, q) {
  916. if (!option_is_recognized(q)) {
  917. smartlist_add(unrecognized, (char*) q);
  918. } else {
  919. config_line_t *answer = option_get_assignment(options,q);
  920. if (!answer) {
  921. const char *name = option_get_canonical_name(q);
  922. smartlist_add_asprintf(answers, "250-%s\r\n", name);
  923. }
  924. while (answer) {
  925. config_line_t *next;
  926. smartlist_add_asprintf(answers, "250-%s=%s\r\n",
  927. answer->key, answer->value);
  928. next = answer->next;
  929. tor_free(answer->key);
  930. tor_free(answer->value);
  931. tor_free(answer);
  932. answer = next;
  933. }
  934. }
  935. } SMARTLIST_FOREACH_END(q);
  936. if ((len = smartlist_len(unrecognized))) {
  937. for (i=0; i < len-1; ++i)
  938. connection_printf_to_buf(conn,
  939. "552-Unrecognized configuration key \"%s\"\r\n",
  940. (char*)smartlist_get(unrecognized, i));
  941. connection_printf_to_buf(conn,
  942. "552 Unrecognized configuration key \"%s\"\r\n",
  943. (char*)smartlist_get(unrecognized, len-1));
  944. } else if ((len = smartlist_len(answers))) {
  945. char *tmp = smartlist_get(answers, len-1);
  946. tor_assert(strlen(tmp)>4);
  947. tmp[3] = ' ';
  948. msg = smartlist_join_strings(answers, "", 0, &msg_len);
  949. connection_write_to_buf(msg, msg_len, TO_CONN(conn));
  950. } else {
  951. connection_write_str_to_buf("250 OK\r\n", conn);
  952. }
  953. SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
  954. smartlist_free(answers);
  955. SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
  956. smartlist_free(questions);
  957. smartlist_free(unrecognized);
  958. tor_free(msg);
  959. return 0;
  960. }
  961. /** Called when we get a +LOADCONF message. */
  962. static int
  963. handle_control_loadconf(control_connection_t *conn, uint32_t len,
  964. const char *body)
  965. {
  966. setopt_err_t retval;
  967. char *errstring = NULL;
  968. const char *msg = NULL;
  969. (void) len;
  970. retval = options_init_from_string(NULL, body, CMD_RUN_TOR, NULL, &errstring);
  971. if (retval != SETOPT_OK)
  972. log_warn(LD_CONTROL,
  973. "Controller gave us config file that didn't validate: %s",
  974. errstring);
  975. switch (retval) {
  976. case SETOPT_ERR_PARSE:
  977. msg = "552 Invalid config file";
  978. break;
  979. case SETOPT_ERR_TRANSITION:
  980. msg = "553 Transition not allowed";
  981. break;
  982. case SETOPT_ERR_SETTING:
  983. msg = "553 Unable to set option";
  984. break;
  985. case SETOPT_ERR_MISC:
  986. default:
  987. msg = "550 Unable to load config";
  988. break;
  989. case SETOPT_OK:
  990. break;
  991. }
  992. if (msg) {
  993. if (errstring)
  994. connection_printf_to_buf(conn, "%s: %s\r\n", msg, errstring);
  995. else
  996. connection_printf_to_buf(conn, "%s\r\n", msg);
  997. } else {
  998. send_control_done(conn);
  999. }
  1000. tor_free(errstring);
  1001. return 0;
  1002. }
  1003. /** Helper structure: maps event values to their names. */
  1004. struct control_event_t {
  1005. uint16_t event_code;
  1006. const char *event_name;
  1007. };
  1008. /** Table mapping event values to their names. Used to implement SETEVENTS
  1009. * and GETINFO events/names, and to keep they in sync. */
  1010. static const struct control_event_t control_event_table[] = {
  1011. { EVENT_CIRCUIT_STATUS, "CIRC" },
  1012. { EVENT_CIRCUIT_STATUS_MINOR, "CIRC_MINOR" },
  1013. { EVENT_STREAM_STATUS, "STREAM" },
  1014. { EVENT_OR_CONN_STATUS, "ORCONN" },
  1015. { EVENT_BANDWIDTH_USED, "BW" },
  1016. { EVENT_DEBUG_MSG, "DEBUG" },
  1017. { EVENT_INFO_MSG, "INFO" },
  1018. { EVENT_NOTICE_MSG, "NOTICE" },
  1019. { EVENT_WARN_MSG, "WARN" },
  1020. { EVENT_ERR_MSG, "ERR" },
  1021. { EVENT_NEW_DESC, "NEWDESC" },
  1022. { EVENT_ADDRMAP, "ADDRMAP" },
  1023. { EVENT_AUTHDIR_NEWDESCS, "AUTHDIR_NEWDESCS" },
  1024. { EVENT_DESCCHANGED, "DESCCHANGED" },
  1025. { EVENT_NS, "NS" },
  1026. { EVENT_STATUS_GENERAL, "STATUS_GENERAL" },
  1027. { EVENT_STATUS_CLIENT, "STATUS_CLIENT" },
  1028. { EVENT_STATUS_SERVER, "STATUS_SERVER" },
  1029. { EVENT_GUARD, "GUARD" },
  1030. { EVENT_STREAM_BANDWIDTH_USED, "STREAM_BW" },
  1031. { EVENT_CLIENTS_SEEN, "CLIENTS_SEEN" },
  1032. { EVENT_NEWCONSENSUS, "NEWCONSENSUS" },
  1033. { EVENT_BUILDTIMEOUT_SET, "BUILDTIMEOUT_SET" },
  1034. { EVENT_GOT_SIGNAL, "SIGNAL" },
  1035. { EVENT_CONF_CHANGED, "CONF_CHANGED"},
  1036. { EVENT_CONN_BW, "CONN_BW" },
  1037. { EVENT_CELL_STATS, "CELL_STATS" },
  1038. { EVENT_TB_EMPTY, "TB_EMPTY" },
  1039. { EVENT_CIRC_BANDWIDTH_USED, "CIRC_BW" },
  1040. { EVENT_TRANSPORT_LAUNCHED, "TRANSPORT_LAUNCHED" },
  1041. { EVENT_HS_DESC, "HS_DESC" },
  1042. { EVENT_HS_DESC_CONTENT, "HS_DESC_CONTENT" },
  1043. { EVENT_NETWORK_LIVENESS, "NETWORK_LIVENESS" },
  1044. { 0, NULL },
  1045. };
  1046. /** Called when we get a SETEVENTS message: update conn->event_mask,
  1047. * and reply with DONE or ERROR. */
  1048. static int
  1049. handle_control_setevents(control_connection_t *conn, uint32_t len,
  1050. const char *body)
  1051. {
  1052. int event_code;
  1053. event_mask_t event_mask = 0;
  1054. smartlist_t *events = smartlist_new();
  1055. (void) len;
  1056. smartlist_split_string(events, body, " ",
  1057. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  1058. SMARTLIST_FOREACH_BEGIN(events, const char *, ev)
  1059. {
  1060. if (!strcasecmp(ev, "EXTENDED")) {
  1061. continue;
  1062. } else {
  1063. int i;
  1064. event_code = -1;
  1065. for (i = 0; control_event_table[i].event_name != NULL; ++i) {
  1066. if (!strcasecmp(ev, control_event_table[i].event_name)) {
  1067. event_code = control_event_table[i].event_code;
  1068. break;
  1069. }
  1070. }
  1071. if (event_code == -1) {
  1072. connection_printf_to_buf(conn, "552 Unrecognized event \"%s\"\r\n",
  1073. ev);
  1074. SMARTLIST_FOREACH(events, char *, e, tor_free(e));
  1075. smartlist_free(events);
  1076. return 0;
  1077. }
  1078. }
  1079. event_mask |= (((event_mask_t)1) << event_code);
  1080. }
  1081. SMARTLIST_FOREACH_END(ev);
  1082. SMARTLIST_FOREACH(events, char *, e, tor_free(e));
  1083. smartlist_free(events);
  1084. conn->event_mask = event_mask;
  1085. control_update_global_event_mask();
  1086. send_control_done(conn);
  1087. return 0;
  1088. }
  1089. /** Decode the hashed, base64'd passwords stored in <b>passwords</b>.
  1090. * Return a smartlist of acceptable passwords (unterminated strings of
  1091. * length S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on
  1092. * failure.
  1093. */
  1094. smartlist_t *
  1095. decode_hashed_passwords(config_line_t *passwords)
  1096. {
  1097. char decoded[64];
  1098. config_line_t *cl;
  1099. smartlist_t *sl = smartlist_new();
  1100. tor_assert(passwords);
  1101. for (cl = passwords; cl; cl = cl->next) {
  1102. const char *hashed = cl->value;
  1103. if (!strcmpstart(hashed, "16:")) {
  1104. if (base16_decode(decoded, sizeof(decoded), hashed+3, strlen(hashed+3))
  1105. != S2K_RFC2440_SPECIFIER_LEN + DIGEST_LEN
  1106. || strlen(hashed+3) != (S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN)*2) {
  1107. goto err;
  1108. }
  1109. } else {
  1110. if (base64_decode(decoded, sizeof(decoded), hashed, strlen(hashed))
  1111. != S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) {
  1112. goto err;
  1113. }
  1114. }
  1115. smartlist_add(sl,
  1116. tor_memdup(decoded, S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN));
  1117. }
  1118. return sl;
  1119. err:
  1120. SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
  1121. smartlist_free(sl);
  1122. return NULL;
  1123. }
  1124. /** Called when we get an AUTHENTICATE message. Check whether the
  1125. * authentication is valid, and if so, update the connection's state to
  1126. * OPEN. Reply with DONE or ERROR.
  1127. */
  1128. static int
  1129. handle_control_authenticate(control_connection_t *conn, uint32_t len,
  1130. const char *body)
  1131. {
  1132. int used_quoted_string = 0;
  1133. const or_options_t *options = get_options();
  1134. const char *errstr = "Unknown error";
  1135. char *password;
  1136. size_t password_len;
  1137. const char *cp;
  1138. int i;
  1139. int bad_cookie=0, bad_password=0;
  1140. smartlist_t *sl = NULL;
  1141. if (!len) {
  1142. password = tor_strdup("");
  1143. password_len = 0;
  1144. } else if (TOR_ISXDIGIT(body[0])) {
  1145. cp = body;
  1146. while (TOR_ISXDIGIT(*cp))
  1147. ++cp;
  1148. i = (int)(cp - body);
  1149. tor_assert(i>0);
  1150. password_len = i/2;
  1151. password = tor_malloc(password_len + 1);
  1152. if (base16_decode(password, password_len+1, body, i)
  1153. != (int) password_len) {
  1154. connection_write_str_to_buf(
  1155. "551 Invalid hexadecimal encoding. Maybe you tried a plain text "
  1156. "password? If so, the standard requires that you put it in "
  1157. "double quotes.\r\n", conn);
  1158. connection_mark_for_close(TO_CONN(conn));
  1159. tor_free(password);
  1160. return 0;
  1161. }
  1162. } else {
  1163. if (!decode_escaped_string(body, len, &password, &password_len)) {
  1164. connection_write_str_to_buf("551 Invalid quoted string. You need "
  1165. "to put the password in double quotes.\r\n", conn);
  1166. connection_mark_for_close(TO_CONN(conn));
  1167. return 0;
  1168. }
  1169. used_quoted_string = 1;
  1170. }
  1171. if (conn->safecookie_client_hash != NULL) {
  1172. /* The controller has chosen safe cookie authentication; the only
  1173. * acceptable authentication value is the controller-to-server
  1174. * response. */
  1175. tor_assert(authentication_cookie_is_set);
  1176. if (password_len != DIGEST256_LEN) {
  1177. log_warn(LD_CONTROL,
  1178. "Got safe cookie authentication response with wrong length "
  1179. "(%d)", (int)password_len);
  1180. errstr = "Wrong length for safe cookie response.";
  1181. goto err;
  1182. }
  1183. if (tor_memneq(conn->safecookie_client_hash, password, DIGEST256_LEN)) {
  1184. log_warn(LD_CONTROL,
  1185. "Got incorrect safe cookie authentication response");
  1186. errstr = "Safe cookie response did not match expected value.";
  1187. goto err;
  1188. }
  1189. tor_free(conn->safecookie_client_hash);
  1190. goto ok;
  1191. }
  1192. if (!options->CookieAuthentication && !options->HashedControlPassword &&
  1193. !options->HashedControlSessionPassword) {
  1194. /* if Tor doesn't demand any stronger authentication, then
  1195. * the controller can get in with anything. */
  1196. goto ok;
  1197. }
  1198. if (options->CookieAuthentication) {
  1199. int also_password = options->HashedControlPassword != NULL ||
  1200. options->HashedControlSessionPassword != NULL;
  1201. if (password_len != AUTHENTICATION_COOKIE_LEN) {
  1202. if (!also_password) {
  1203. log_warn(LD_CONTROL, "Got authentication cookie with wrong length "
  1204. "(%d)", (int)password_len);
  1205. errstr = "Wrong length on authentication cookie.";
  1206. goto err;
  1207. }
  1208. bad_cookie = 1;
  1209. } else if (tor_memneq(authentication_cookie, password, password_len)) {
  1210. if (!also_password) {
  1211. log_warn(LD_CONTROL, "Got mismatched authentication cookie");
  1212. errstr = "Authentication cookie did not match expected value.";
  1213. goto err;
  1214. }
  1215. bad_cookie = 1;
  1216. } else {
  1217. goto ok;
  1218. }
  1219. }
  1220. if (options->HashedControlPassword ||
  1221. options->HashedControlSessionPassword) {
  1222. int bad = 0;
  1223. smartlist_t *sl_tmp;
  1224. char received[DIGEST_LEN];
  1225. int also_cookie = options->CookieAuthentication;
  1226. sl = smartlist_new();
  1227. if (options->HashedControlPassword) {
  1228. sl_tmp = decode_hashed_passwords(options->HashedControlPassword);
  1229. if (!sl_tmp)
  1230. bad = 1;
  1231. else {
  1232. smartlist_add_all(sl, sl_tmp);
  1233. smartlist_free(sl_tmp);
  1234. }
  1235. }
  1236. if (options->HashedControlSessionPassword) {
  1237. sl_tmp = decode_hashed_passwords(options->HashedControlSessionPassword);
  1238. if (!sl_tmp)
  1239. bad = 1;
  1240. else {
  1241. smartlist_add_all(sl, sl_tmp);
  1242. smartlist_free(sl_tmp);
  1243. }
  1244. }
  1245. if (bad) {
  1246. if (!also_cookie) {
  1247. log_warn(LD_BUG,
  1248. "Couldn't decode HashedControlPassword: invalid base16");
  1249. errstr="Couldn't decode HashedControlPassword value in configuration.";
  1250. goto err;
  1251. }
  1252. bad_password = 1;
  1253. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1254. smartlist_free(sl);
  1255. sl = NULL;
  1256. } else {
  1257. SMARTLIST_FOREACH(sl, char *, expected,
  1258. {
  1259. secret_to_key_rfc2440(received,DIGEST_LEN,
  1260. password,password_len,expected);
  1261. if (tor_memeq(expected + S2K_RFC2440_SPECIFIER_LEN,
  1262. received, DIGEST_LEN))
  1263. goto ok;
  1264. });
  1265. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1266. smartlist_free(sl);
  1267. sl = NULL;
  1268. if (used_quoted_string)
  1269. errstr = "Password did not match HashedControlPassword value from "
  1270. "configuration";
  1271. else
  1272. errstr = "Password did not match HashedControlPassword value from "
  1273. "configuration. Maybe you tried a plain text password? "
  1274. "If so, the standard requires that you put it in double quotes.";
  1275. bad_password = 1;
  1276. if (!also_cookie)
  1277. goto err;
  1278. }
  1279. }
  1280. /** We only get here if both kinds of authentication failed. */
  1281. tor_assert(bad_password && bad_cookie);
  1282. log_warn(LD_CONTROL, "Bad password or authentication cookie on controller.");
  1283. errstr = "Password did not match HashedControlPassword *or* authentication "
  1284. "cookie.";
  1285. err:
  1286. tor_free(password);
  1287. connection_printf_to_buf(conn, "515 Authentication failed: %s\r\n", errstr);
  1288. connection_mark_for_close(TO_CONN(conn));
  1289. if (sl) { /* clean up */
  1290. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1291. smartlist_free(sl);
  1292. }
  1293. return 0;
  1294. ok:
  1295. log_info(LD_CONTROL, "Authenticated control connection ("TOR_SOCKET_T_FORMAT
  1296. ")", conn->base_.s);
  1297. send_control_done(conn);
  1298. conn->base_.state = CONTROL_CONN_STATE_OPEN;
  1299. tor_free(password);
  1300. if (sl) { /* clean up */
  1301. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1302. smartlist_free(sl);
  1303. }
  1304. return 0;
  1305. }
  1306. /** Called when we get a SAVECONF command. Try to flush the current options to
  1307. * disk, and report success or failure. */
  1308. static int
  1309. handle_control_saveconf(control_connection_t *conn, uint32_t len,
  1310. const char *body)
  1311. {
  1312. (void) len;
  1313. (void) body;
  1314. if (options_save_current()<0) {
  1315. connection_write_str_to_buf(
  1316. "551 Unable to write configuration to disk.\r\n", conn);
  1317. } else {
  1318. send_control_done(conn);
  1319. }
  1320. return 0;
  1321. }
  1322. struct signal_t {
  1323. int sig;
  1324. const char *signal_name;
  1325. };
  1326. static const struct signal_t signal_table[] = {
  1327. { SIGHUP, "RELOAD" },
  1328. { SIGHUP, "HUP" },
  1329. { SIGINT, "SHUTDOWN" },
  1330. { SIGUSR1, "DUMP" },
  1331. { SIGUSR1, "USR1" },
  1332. { SIGUSR2, "DEBUG" },
  1333. { SIGUSR2, "USR2" },
  1334. { SIGTERM, "HALT" },
  1335. { SIGTERM, "TERM" },
  1336. { SIGTERM, "INT" },
  1337. { SIGNEWNYM, "NEWNYM" },
  1338. { SIGCLEARDNSCACHE, "CLEARDNSCACHE"},
  1339. { SIGHEARTBEAT, "HEARTBEAT"},
  1340. { 0, NULL },
  1341. };
  1342. /** Called when we get a SIGNAL command. React to the provided signal, and
  1343. * report success or failure. (If the signal results in a shutdown, success
  1344. * may not be reported.) */
  1345. static int
  1346. handle_control_signal(control_connection_t *conn, uint32_t len,
  1347. const char *body)
  1348. {
  1349. int sig = -1;
  1350. int i;
  1351. int n = 0;
  1352. char *s;
  1353. (void) len;
  1354. while (body[n] && ! TOR_ISSPACE(body[n]))
  1355. ++n;
  1356. s = tor_strndup(body, n);
  1357. for (i = 0; signal_table[i].signal_name != NULL; ++i) {
  1358. if (!strcasecmp(s, signal_table[i].signal_name)) {
  1359. sig = signal_table[i].sig;
  1360. break;
  1361. }
  1362. }
  1363. if (sig < 0)
  1364. connection_printf_to_buf(conn, "552 Unrecognized signal code \"%s\"\r\n",
  1365. s);
  1366. tor_free(s);
  1367. if (sig < 0)
  1368. return 0;
  1369. send_control_done(conn);
  1370. /* Flush the "done" first if the signal might make us shut down. */
  1371. if (sig == SIGTERM || sig == SIGINT)
  1372. connection_flush(TO_CONN(conn));
  1373. activate_signal(sig);
  1374. return 0;
  1375. }
  1376. /** Called when we get a TAKEOWNERSHIP command. Mark this connection
  1377. * as an owning connection, so that we will exit if the connection
  1378. * closes. */
  1379. static int
  1380. handle_control_takeownership(control_connection_t *conn, uint32_t len,
  1381. const char *body)
  1382. {
  1383. (void)len;
  1384. (void)body;
  1385. conn->is_owning_control_connection = 1;
  1386. log_info(LD_CONTROL, "Control connection %d has taken ownership of this "
  1387. "Tor instance.",
  1388. (int)(conn->base_.s));
  1389. send_control_done(conn);
  1390. return 0;
  1391. }
  1392. /** Return true iff <b>addr</b> is unusable as a mapaddress target because of
  1393. * containing funny characters. */
  1394. static int
  1395. address_is_invalid_mapaddress_target(const char *addr)
  1396. {
  1397. if (!strcmpstart(addr, "*."))
  1398. return address_is_invalid_destination(addr+2, 1);
  1399. else
  1400. return address_is_invalid_destination(addr, 1);
  1401. }
  1402. /** Called when we get a MAPADDRESS command; try to bind all listed addresses,
  1403. * and report success or failure. */
  1404. static int
  1405. handle_control_mapaddress(control_connection_t *conn, uint32_t len,
  1406. const char *body)
  1407. {
  1408. smartlist_t *elts;
  1409. smartlist_t *lines;
  1410. smartlist_t *reply;
  1411. char *r;
  1412. size_t sz;
  1413. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  1414. lines = smartlist_new();
  1415. elts = smartlist_new();
  1416. reply = smartlist_new();
  1417. smartlist_split_string(lines, body, " ",
  1418. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  1419. SMARTLIST_FOREACH_BEGIN(lines, char *, line) {
  1420. tor_strlower(line);
  1421. smartlist_split_string(elts, line, "=", 0, 2);
  1422. if (smartlist_len(elts) == 2) {
  1423. const char *from = smartlist_get(elts,0);
  1424. const char *to = smartlist_get(elts,1);
  1425. if (address_is_invalid_mapaddress_target(to)) {
  1426. smartlist_add_asprintf(reply,
  1427. "512-syntax error: invalid address '%s'", to);
  1428. log_warn(LD_CONTROL,
  1429. "Skipping invalid argument '%s' in MapAddress msg", to);
  1430. } else if (!strcmp(from, ".") || !strcmp(from, "0.0.0.0") ||
  1431. !strcmp(from, "::")) {
  1432. const char type =
  1433. !strcmp(from,".") ? RESOLVED_TYPE_HOSTNAME :
  1434. (!strcmp(from, "0.0.0.0") ? RESOLVED_TYPE_IPV4 : RESOLVED_TYPE_IPV6);
  1435. const char *address = addressmap_register_virtual_address(
  1436. type, tor_strdup(to));
  1437. if (!address) {
  1438. smartlist_add_asprintf(reply,
  1439. "451-resource exhausted: skipping '%s'", line);
  1440. log_warn(LD_CONTROL,
  1441. "Unable to allocate address for '%s' in MapAddress msg",
  1442. safe_str_client(line));
  1443. } else {
  1444. smartlist_add_asprintf(reply, "250-%s=%s", address, to);
  1445. }
  1446. } else {
  1447. const char *msg;
  1448. if (addressmap_register_auto(from, to, 1,
  1449. ADDRMAPSRC_CONTROLLER, &msg) < 0) {
  1450. smartlist_add_asprintf(reply,
  1451. "512-syntax error: invalid address mapping "
  1452. " '%s': %s", line, msg);
  1453. log_warn(LD_CONTROL,
  1454. "Skipping invalid argument '%s' in MapAddress msg: %s",
  1455. line, msg);
  1456. } else {
  1457. smartlist_add_asprintf(reply, "250-%s", line);
  1458. }
  1459. }
  1460. } else {
  1461. smartlist_add_asprintf(reply, "512-syntax error: mapping '%s' is "
  1462. "not of expected form 'foo=bar'.", line);
  1463. log_info(LD_CONTROL, "Skipping MapAddress '%s': wrong "
  1464. "number of items.",
  1465. safe_str_client(line));
  1466. }
  1467. SMARTLIST_FOREACH(elts, char *, cp, tor_free(cp));
  1468. smartlist_clear(elts);
  1469. } SMARTLIST_FOREACH_END(line);
  1470. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  1471. smartlist_free(lines);
  1472. smartlist_free(elts);
  1473. if (smartlist_len(reply)) {
  1474. ((char*)smartlist_get(reply,smartlist_len(reply)-1))[3] = ' ';
  1475. r = smartlist_join_strings(reply, "\r\n", 1, &sz);
  1476. connection_write_to_buf(r, sz, TO_CONN(conn));
  1477. tor_free(r);
  1478. } else {
  1479. const char *response =
  1480. "512 syntax error: not enough arguments to mapaddress.\r\n";
  1481. connection_write_to_buf(response, strlen(response), TO_CONN(conn));
  1482. }
  1483. SMARTLIST_FOREACH(reply, char *, cp, tor_free(cp));
  1484. smartlist_free(reply);
  1485. return 0;
  1486. }
  1487. /** Implementation helper for GETINFO: knows the answers for various
  1488. * trivial-to-implement questions. */
  1489. static int
  1490. getinfo_helper_misc(control_connection_t *conn, const char *question,
  1491. char **answer, const char **errmsg)
  1492. {
  1493. (void) conn;
  1494. if (!strcmp(question, "version")) {
  1495. *answer = tor_strdup(get_version());
  1496. } else if (!strcmp(question, "bw-event-cache")) {
  1497. *answer = get_bw_samples();
  1498. } else if (!strcmp(question, "config-file")) {
  1499. const char *a = get_torrc_fname(0);
  1500. if (a)
  1501. *answer = tor_strdup(a);
  1502. } else if (!strcmp(question, "config-defaults-file")) {
  1503. const char *a = get_torrc_fname(1);
  1504. if (a)
  1505. *answer = tor_strdup(a);
  1506. } else if (!strcmp(question, "config-text")) {
  1507. *answer = options_dump(get_options(), OPTIONS_DUMP_MINIMAL);
  1508. } else if (!strcmp(question, "info/names")) {
  1509. *answer = list_getinfo_options();
  1510. } else if (!strcmp(question, "dormant")) {
  1511. int dormant = rep_hist_circbuilding_dormant(time(NULL));
  1512. *answer = tor_strdup(dormant ? "1" : "0");
  1513. } else if (!strcmp(question, "events/names")) {
  1514. int i;
  1515. smartlist_t *event_names = smartlist_new();
  1516. for (i = 0; control_event_table[i].event_name != NULL; ++i) {
  1517. smartlist_add(event_names, (char *)control_event_table[i].event_name);
  1518. }
  1519. *answer = smartlist_join_strings(event_names, " ", 0, NULL);
  1520. smartlist_free(event_names);
  1521. } else if (!strcmp(question, "signal/names")) {
  1522. smartlist_t *signal_names = smartlist_new();
  1523. int j;
  1524. for (j = 0; signal_table[j].signal_name != NULL; ++j) {
  1525. smartlist_add(signal_names, (char*)signal_table[j].signal_name);
  1526. }
  1527. *answer = smartlist_join_strings(signal_names, " ", 0, NULL);
  1528. smartlist_free(signal_names);
  1529. } else if (!strcmp(question, "features/names")) {
  1530. *answer = tor_strdup("VERBOSE_NAMES EXTENDED_EVENTS");
  1531. } else if (!strcmp(question, "address")) {
  1532. uint32_t addr;
  1533. if (router_pick_published_address(get_options(), &addr, 0) < 0) {
  1534. *errmsg = "Address unknown";
  1535. return -1;
  1536. }
  1537. *answer = tor_dup_ip(addr);
  1538. } else if (!strcmp(question, "traffic/read")) {
  1539. tor_asprintf(answer, U64_FORMAT, U64_PRINTF_ARG(get_bytes_read()));
  1540. } else if (!strcmp(question, "traffic/written")) {
  1541. tor_asprintf(answer, U64_FORMAT, U64_PRINTF_ARG(get_bytes_written()));
  1542. } else if (!strcmp(question, "process/pid")) {
  1543. int myPid = -1;
  1544. #ifdef _WIN32
  1545. myPid = _getpid();
  1546. #else
  1547. myPid = getpid();
  1548. #endif
  1549. tor_asprintf(answer, "%d", myPid);
  1550. } else if (!strcmp(question, "process/uid")) {
  1551. #ifdef _WIN32
  1552. *answer = tor_strdup("-1");
  1553. #else
  1554. int myUid = geteuid();
  1555. tor_asprintf(answer, "%d", myUid);
  1556. #endif
  1557. } else if (!strcmp(question, "process/user")) {
  1558. #ifdef _WIN32
  1559. *answer = tor_strdup("");
  1560. #else
  1561. int myUid = geteuid();
  1562. const struct passwd *myPwEntry = tor_getpwuid(myUid);
  1563. if (myPwEntry) {
  1564. *answer = tor_strdup(myPwEntry->pw_name);
  1565. } else {
  1566. *answer = tor_strdup("");
  1567. }
  1568. #endif
  1569. } else if (!strcmp(question, "process/descriptor-limit")) {
  1570. int max_fds = get_max_sockets();
  1571. tor_asprintf(answer, "%d", max_fds);
  1572. } else if (!strcmp(question, "limits/max-mem-in-queues")) {
  1573. tor_asprintf(answer, U64_FORMAT,
  1574. U64_PRINTF_ARG(get_options()->MaxMemInQueues));
  1575. } else if (!strcmp(question, "fingerprint")) {
  1576. crypto_pk_t *server_key;
  1577. if (!server_mode(get_options())) {
  1578. *errmsg = "Not running in server mode";
  1579. return -1;
  1580. }
  1581. server_key = get_server_identity_key();
  1582. *answer = tor_malloc(HEX_DIGEST_LEN+1);
  1583. crypto_pk_get_fingerprint(server_key, *answer, 0);
  1584. }
  1585. return 0;
  1586. }
  1587. /** Awful hack: return a newly allocated string based on a routerinfo and
  1588. * (possibly) an extrainfo, sticking the read-history and write-history from
  1589. * <b>ei</b> into the resulting string. The thing you get back won't
  1590. * necessarily have a valid signature.
  1591. *
  1592. * New code should never use this; it's for backward compatibility.
  1593. *
  1594. * NOTE: <b>ri_body</b> is as returned by signed_descriptor_get_body: it might
  1595. * not be NUL-terminated. */
  1596. static char *
  1597. munge_extrainfo_into_routerinfo(const char *ri_body,
  1598. const signed_descriptor_t *ri,
  1599. const signed_descriptor_t *ei)
  1600. {
  1601. char *out = NULL, *outp;
  1602. int i;
  1603. const char *router_sig;
  1604. const char *ei_body = signed_descriptor_get_body(ei);
  1605. size_t ri_len = ri->signed_descriptor_len;
  1606. size_t ei_len = ei->signed_descriptor_len;
  1607. if (!ei_body)
  1608. goto bail;
  1609. outp = out = tor_malloc(ri_len+ei_len+1);
  1610. if (!(router_sig = tor_memstr(ri_body, ri_len, "\nrouter-signature")))
  1611. goto bail;
  1612. ++router_sig;
  1613. memcpy(out, ri_body, router_sig-ri_body);
  1614. outp += router_sig-ri_body;
  1615. for (i=0; i < 2; ++i) {
  1616. const char *kwd = i ? "\nwrite-history " : "\nread-history ";
  1617. const char *cp, *eol;
  1618. if (!(cp = tor_memstr(ei_body, ei_len, kwd)))
  1619. continue;
  1620. ++cp;
  1621. if (!(eol = memchr(cp, '\n', ei_len - (cp-ei_body))))
  1622. continue;
  1623. memcpy(outp, cp, eol-cp+1);
  1624. outp += eol-cp+1;
  1625. }
  1626. memcpy(outp, router_sig, ri_len - (router_sig-ri_body));
  1627. *outp++ = '\0';
  1628. tor_assert(outp-out < (int)(ri_len+ei_len+1));
  1629. return out;
  1630. bail:
  1631. tor_free(out);
  1632. return tor_strndup(ri_body, ri->signed_descriptor_len);
  1633. }
  1634. /** Implementation helper for GETINFO: answers requests for information about
  1635. * which ports are bound. */
  1636. static int
  1637. getinfo_helper_listeners(control_connection_t *control_conn,
  1638. const char *question,
  1639. char **answer, const char **errmsg)
  1640. {
  1641. int type;
  1642. smartlist_t *res;
  1643. (void)control_conn;
  1644. (void)errmsg;
  1645. if (!strcmp(question, "net/listeners/or"))
  1646. type = CONN_TYPE_OR_LISTENER;
  1647. else if (!strcmp(question, "net/listeners/dir"))
  1648. type = CONN_TYPE_DIR_LISTENER;
  1649. else if (!strcmp(question, "net/listeners/socks"))
  1650. type = CONN_TYPE_AP_LISTENER;
  1651. else if (!strcmp(question, "net/listeners/trans"))
  1652. type = CONN_TYPE_AP_TRANS_LISTENER;
  1653. else if (!strcmp(question, "net/listeners/natd"))
  1654. type = CONN_TYPE_AP_NATD_LISTENER;
  1655. else if (!strcmp(question, "net/listeners/dns"))
  1656. type = CONN_TYPE_AP_DNS_LISTENER;
  1657. else if (!strcmp(question, "net/listeners/control"))
  1658. type = CONN_TYPE_CONTROL_LISTENER;
  1659. else
  1660. return 0; /* unknown key */
  1661. res = smartlist_new();
  1662. SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
  1663. struct sockaddr_storage ss;
  1664. socklen_t ss_len = sizeof(ss);
  1665. if (conn->type != type || conn->marked_for_close || !SOCKET_OK(conn->s))
  1666. continue;
  1667. if (getsockname(conn->s, (struct sockaddr *)&ss, &ss_len) < 0) {
  1668. smartlist_add_asprintf(res, "%s:%d", conn->address, (int)conn->port);
  1669. } else {
  1670. char *tmp = tor_sockaddr_to_str((struct sockaddr *)&ss);
  1671. smartlist_add(res, esc_for_log(tmp));
  1672. tor_free(tmp);
  1673. }
  1674. } SMARTLIST_FOREACH_END(conn);
  1675. *answer = smartlist_join_strings(res, " ", 0, NULL);
  1676. SMARTLIST_FOREACH(res, char *, cp, tor_free(cp));
  1677. smartlist_free(res);
  1678. return 0;
  1679. }
  1680. /** Implementation helper for GETINFO: knows the answers for questions about
  1681. * directory information. */
  1682. static int
  1683. getinfo_helper_dir(control_connection_t *control_conn,
  1684. const char *question, char **answer,
  1685. const char **errmsg)
  1686. {
  1687. (void) control_conn;
  1688. if (!strcmpstart(question, "desc/id/")) {
  1689. const routerinfo_t *ri = NULL;
  1690. const node_t *node = node_get_by_hex_id(question+strlen("desc/id/"));
  1691. if (node)
  1692. ri = node->ri;
  1693. if (ri) {
  1694. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1695. if (body)
  1696. *answer = tor_strndup(body, ri->cache_info.signed_descriptor_len);
  1697. }
  1698. } else if (!strcmpstart(question, "desc/name/")) {
  1699. const routerinfo_t *ri = NULL;
  1700. /* XXX Setting 'warn_if_unnamed' here is a bit silly -- the
  1701. * warning goes to the user, not to the controller. */
  1702. const node_t *node =
  1703. node_get_by_nickname(question+strlen("desc/name/"), 1);
  1704. if (node)
  1705. ri = node->ri;
  1706. if (ri) {
  1707. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1708. if (body)
  1709. *answer = tor_strndup(body, ri->cache_info.signed_descriptor_len);
  1710. }
  1711. } else if (!strcmp(question, "desc/all-recent")) {
  1712. routerlist_t *routerlist = router_get_routerlist();
  1713. smartlist_t *sl = smartlist_new();
  1714. if (routerlist && routerlist->routers) {
  1715. SMARTLIST_FOREACH(routerlist->routers, const routerinfo_t *, ri,
  1716. {
  1717. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1718. if (body)
  1719. smartlist_add(sl,
  1720. tor_strndup(body, ri->cache_info.signed_descriptor_len));
  1721. });
  1722. }
  1723. *answer = smartlist_join_strings(sl, "", 0, NULL);
  1724. SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
  1725. smartlist_free(sl);
  1726. } else if (!strcmp(question, "desc/all-recent-extrainfo-hack")) {
  1727. /* XXXX Remove this once Torstat asks for extrainfos. */
  1728. routerlist_t *routerlist = router_get_routerlist();
  1729. smartlist_t *sl = smartlist_new();
  1730. if (routerlist && routerlist->routers) {
  1731. SMARTLIST_FOREACH_BEGIN(routerlist->routers, const routerinfo_t *, ri) {
  1732. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1733. signed_descriptor_t *ei = extrainfo_get_by_descriptor_digest(
  1734. ri->cache_info.extra_info_digest);
  1735. if (ei && body) {
  1736. smartlist_add(sl, munge_extrainfo_into_routerinfo(body,
  1737. &ri->cache_info, ei));
  1738. } else if (body) {
  1739. smartlist_add(sl,
  1740. tor_strndup(body, ri->cache_info.signed_descriptor_len));
  1741. }
  1742. } SMARTLIST_FOREACH_END(ri);
  1743. }
  1744. *answer = smartlist_join_strings(sl, "", 0, NULL);
  1745. SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
  1746. smartlist_free(sl);
  1747. } else if (!strcmpstart(question, "hs/client/desc/id/")) {
  1748. rend_cache_entry_t *e = NULL;
  1749. question += strlen("hs/client/desc/id/");
  1750. if (strlen(question) != REND_SERVICE_ID_LEN_BASE32) {
  1751. *errmsg = "Invalid address";
  1752. return -1;
  1753. }
  1754. if (!rend_cache_lookup_entry(question, -1, &e)) {
  1755. /* Descriptor found in cache */
  1756. *answer = tor_strdup(e->desc);
  1757. } else {
  1758. *errmsg = "Not found in cache";
  1759. return -1;
  1760. }
  1761. } else if (!strcmpstart(question, "hs/service/desc/id/")) {
  1762. rend_cache_entry_t *e = NULL;
  1763. question += strlen("hs/service/desc/id/");
  1764. if (strlen(question) != REND_SERVICE_ID_LEN_BASE32) {
  1765. *errmsg = "Invalid address";
  1766. return -1;
  1767. }
  1768. if (!rend_cache_lookup_v2_desc_as_service(question, &e)) {
  1769. /* Descriptor found in cache */
  1770. *answer = tor_strdup(e->desc);
  1771. } else {
  1772. *errmsg = "Not found in cache";
  1773. return -1;
  1774. }
  1775. } else if (!strcmpstart(question, "md/id/")) {
  1776. const node_t *node = node_get_by_hex_id(question+strlen("md/id/"));
  1777. const microdesc_t *md = NULL;
  1778. if (node) md = node->md;
  1779. if (md && md->body) {
  1780. *answer = tor_strndup(md->body, md->bodylen);
  1781. }
  1782. } else if (!strcmpstart(question, "md/name/")) {
  1783. /* XXX Setting 'warn_if_unnamed' here is a bit silly -- the
  1784. * warning goes to the user, not to the controller. */
  1785. const node_t *node = node_get_by_nickname(question+strlen("md/name/"), 1);
  1786. /* XXXX duplicated code */
  1787. const microdesc_t *md = NULL;
  1788. if (node) md = node->md;
  1789. if (md && md->body) {
  1790. *answer = tor_strndup(md->body, md->bodylen);
  1791. }
  1792. } else if (!strcmpstart(question, "desc-annotations/id/")) {
  1793. const routerinfo_t *ri = NULL;
  1794. const node_t *node =
  1795. node_get_by_hex_id(question+strlen("desc-annotations/id/"));
  1796. if (node)
  1797. ri = node->ri;
  1798. if (ri) {
  1799. const char *annotations =
  1800. signed_descriptor_get_annotations(&ri->cache_info);
  1801. if (annotations)
  1802. *answer = tor_strndup(annotations,
  1803. ri->cache_info.annotations_len);
  1804. }
  1805. } else if (!strcmpstart(question, "dir/server/")) {
  1806. size_t answer_len = 0;
  1807. char *url = NULL;
  1808. smartlist_t *descs = smartlist_new();
  1809. const char *msg;
  1810. int res;
  1811. char *cp;
  1812. tor_asprintf(&url, "/tor/%s", question+4);
  1813. res = dirserv_get_routerdescs(descs, url, &msg);
  1814. if (res) {
  1815. log_warn(LD_CONTROL, "getinfo '%s': %s", question, msg);
  1816. smartlist_free(descs);
  1817. tor_free(url);
  1818. *errmsg = msg;
  1819. return -1;
  1820. }
  1821. SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
  1822. answer_len += sd->signed_descriptor_len);
  1823. cp = *answer = tor_malloc(answer_len+1);
  1824. SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
  1825. {
  1826. memcpy(cp, signed_descriptor_get_body(sd),
  1827. sd->signed_descriptor_len);
  1828. cp += sd->signed_descriptor_len;
  1829. });
  1830. *cp = '\0';
  1831. tor_free(url);
  1832. smartlist_free(descs);
  1833. } else if (!strcmpstart(question, "dir/status/")) {
  1834. *answer = tor_strdup("");
  1835. } else if (!strcmp(question, "dir/status-vote/current/consensus")) { /* v3 */
  1836. if (directory_caches_dir_info(get_options())) {
  1837. const cached_dir_t *consensus = dirserv_get_consensus("ns");
  1838. if (consensus)
  1839. *answer = tor_strdup(consensus->dir);
  1840. }
  1841. if (!*answer) { /* try loading it from disk */
  1842. char *filename = get_datadir_fname("cached-consensus");
  1843. *answer = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
  1844. tor_free(filename);
  1845. if (!*answer) { /* generate an error */
  1846. *errmsg = "Could not open cached consensus. "
  1847. "Make sure FetchUselessDescriptors is set to 1.";
  1848. return -1;
  1849. }
  1850. }
  1851. } else if (!strcmp(question, "network-status")) { /* v1 */
  1852. routerlist_t *routerlist = router_get_routerlist();
  1853. if (!routerlist || !routerlist->routers ||
  1854. list_server_status_v1(routerlist->routers, answer, 1) < 0) {
  1855. return -1;
  1856. }
  1857. } else if (!strcmpstart(question, "extra-info/digest/")) {
  1858. question += strlen("extra-info/digest/");
  1859. if (strlen(question) == HEX_DIGEST_LEN) {
  1860. char d[DIGEST_LEN];
  1861. signed_descriptor_t *sd = NULL;
  1862. if (base16_decode(d, sizeof(d), question, strlen(question))
  1863. == sizeof(d)) {
  1864. /* XXXX this test should move into extrainfo_get_by_descriptor_digest,
  1865. * but I don't want to risk affecting other parts of the code,
  1866. * especially since the rules for using our own extrainfo (including
  1867. * when it might be freed) are different from those for using one
  1868. * we have downloaded. */
  1869. if (router_extrainfo_digest_is_me(d))
  1870. sd = &(router_get_my_extrainfo()->cache_info);
  1871. else
  1872. sd = extrainfo_get_by_descriptor_digest(d);
  1873. }
  1874. if (sd) {
  1875. const char *body = signed_descriptor_get_body(sd);
  1876. if (body)
  1877. *answer = tor_strndup(body, sd->signed_descriptor_len);
  1878. }
  1879. }
  1880. }
  1881. return 0;
  1882. }
  1883. /** Given a smartlist of 20-byte digests, return a newly allocated string
  1884. * containing each of those digests in order, formatted in HEX, and terminated
  1885. * with a newline. */
  1886. static char *
  1887. digest_list_to_string(const smartlist_t *sl)
  1888. {
  1889. int len;
  1890. char *result, *s;
  1891. /* Allow for newlines, and a \0 at the end */
  1892. len = smartlist_len(sl) * (HEX_DIGEST_LEN + 1) + 1;
  1893. result = tor_malloc_zero(len);
  1894. s = result;
  1895. SMARTLIST_FOREACH_BEGIN(sl, const char *, digest) {
  1896. base16_encode(s, HEX_DIGEST_LEN + 1, digest, DIGEST_LEN);
  1897. s[HEX_DIGEST_LEN] = '\n';
  1898. s += HEX_DIGEST_LEN + 1;
  1899. } SMARTLIST_FOREACH_END(digest);
  1900. *s = '\0';
  1901. return result;
  1902. }
  1903. /** Turn a download_status_t into a human-readable description in a newly
  1904. * allocated string. The format is specified in control-spec.txt, under
  1905. * the documentation for "GETINFO download/..." . */
  1906. static char *
  1907. download_status_to_string(const download_status_t *dl)
  1908. {
  1909. char *rv = NULL, *tmp;
  1910. char tbuf[ISO_TIME_LEN+1];
  1911. const char *schedule_str, *want_authority_str;
  1912. const char *increment_on_str, *backoff_str;
  1913. if (dl) {
  1914. /* Get some substrings of the eventual output ready */
  1915. format_iso_time(tbuf, dl->next_attempt_at);
  1916. switch (dl->schedule) {
  1917. case DL_SCHED_GENERIC:
  1918. schedule_str = "DL_SCHED_GENERIC";
  1919. break;
  1920. case DL_SCHED_CONSENSUS:
  1921. schedule_str = "DL_SCHED_CONSENSUS";
  1922. break;
  1923. case DL_SCHED_BRIDGE:
  1924. schedule_str = "DL_SCHED_BRIDGE";
  1925. break;
  1926. default:
  1927. schedule_str = "unknown";
  1928. break;
  1929. }
  1930. switch (dl->want_authority) {
  1931. case DL_WANT_ANY_DIRSERVER:
  1932. want_authority_str = "DL_WANT_ANY_DIRSERVER";
  1933. break;
  1934. case DL_WANT_AUTHORITY:
  1935. want_authority_str = "DL_WANT_AUTHORITY";
  1936. break;
  1937. default:
  1938. want_authority_str = "unknown";
  1939. break;
  1940. }
  1941. switch (dl->increment_on) {
  1942. case DL_SCHED_INCREMENT_FAILURE:
  1943. increment_on_str = "DL_SCHED_INCREMENT_FAILURE";
  1944. break;
  1945. case DL_SCHED_INCREMENT_ATTEMPT:
  1946. increment_on_str = "DL_SCHED_INCREMENT_ATTEMPT";
  1947. break;
  1948. default:
  1949. increment_on_str = "unknown";
  1950. break;
  1951. }
  1952. switch (dl->backoff) {
  1953. case DL_SCHED_DETERMINISTIC:
  1954. backoff_str = "DL_SCHED_DETERMINISTIC";
  1955. break;
  1956. case DL_SCHED_RANDOM_EXPONENTIAL:
  1957. backoff_str = "DL_SCHED_RANDOM_EXPONENTIAL";
  1958. break;
  1959. default:
  1960. backoff_str = "unknown";
  1961. break;
  1962. }
  1963. /* Now assemble them */
  1964. tor_asprintf(&tmp,
  1965. "next-attempt-at %s\n"
  1966. "n-download-failures %u\n"
  1967. "n-download-attempts %u\n"
  1968. "schedule %s\n"
  1969. "want-authority %s\n"
  1970. "increment-on %s\n"
  1971. "backoff %s\n",
  1972. tbuf,
  1973. dl->n_download_failures,
  1974. dl->n_download_attempts,
  1975. schedule_str,
  1976. want_authority_str,
  1977. increment_on_str,
  1978. backoff_str);
  1979. if (dl->backoff == DL_SCHED_RANDOM_EXPONENTIAL) {
  1980. /* Additional fields become relevant in random-exponential mode */
  1981. tor_asprintf(&rv,
  1982. "%s"
  1983. "last-backoff-position %u\n"
  1984. "last-delay-used %d\n",
  1985. tmp,
  1986. dl->last_backoff_position,
  1987. dl->last_delay_used);
  1988. tor_free(tmp);
  1989. } else {
  1990. /* That was it */
  1991. rv = tmp;
  1992. }
  1993. }
  1994. return rv;
  1995. }
  1996. /** Handle the consensus download cases for getinfo_helper_downloads() */
  1997. STATIC void
  1998. getinfo_helper_downloads_networkstatus(const char *flavor,
  1999. download_status_t **dl_to_emit,
  2000. const char **errmsg)
  2001. {
  2002. /*
  2003. * We get the one for the current bootstrapped status by default, or
  2004. * take an extra /bootstrap or /running suffix
  2005. */
  2006. if (strcmp(flavor, "ns") == 0) {
  2007. *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS);
  2008. } else if (strcmp(flavor, "ns/bootstrap") == 0) {
  2009. *dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS);
  2010. } else if (strcmp(flavor, "ns/running") == 0 ) {
  2011. *dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS);
  2012. } else if (strcmp(flavor, "microdesc") == 0) {
  2013. *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC);
  2014. } else if (strcmp(flavor, "microdesc/bootstrap") == 0) {
  2015. *dl_to_emit =
  2016. networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC);
  2017. } else if (strcmp(flavor, "microdesc/running") == 0) {
  2018. *dl_to_emit =
  2019. networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC);
  2020. } else {
  2021. *errmsg = "Unknown flavor";
  2022. }
  2023. }
  2024. /** Handle the cert download cases for getinfo_helper_downloads() */
  2025. STATIC void
  2026. getinfo_helper_downloads_cert(const char *fp_sk_req,
  2027. download_status_t **dl_to_emit,
  2028. smartlist_t **digest_list,
  2029. const char **errmsg)
  2030. {
  2031. const char *sk_req;
  2032. char id_digest[DIGEST_LEN];
  2033. char sk_digest[DIGEST_LEN];
  2034. /*
  2035. * We have to handle four cases; fp_sk_req is the request with
  2036. * a prefix of "downloads/cert/" snipped off.
  2037. *
  2038. * Case 1: fp_sk_req = "fps"
  2039. * - We should emit a digest_list with a list of all the identity
  2040. * fingerprints that can be queried for certificate download status;
  2041. * get it by calling list_authority_ids_with_downloads().
  2042. *
  2043. * Case 2: fp_sk_req = "fp/<fp>" for some fingerprint fp
  2044. * - We want the default certificate for this identity fingerprint's
  2045. * download status; this is the download we get from URLs starting
  2046. * in /fp/ on the directory server. We can get it with
  2047. * id_only_download_status_for_authority_id().
  2048. *
  2049. * Case 3: fp_sk_req = "fp/<fp>/sks" for some fingerprint fp
  2050. * - We want a list of all signing key digests for this identity
  2051. * fingerprint which can be queried for certificate download status.
  2052. * Get it with list_sk_digests_for_authority_id().
  2053. *
  2054. * Case 4: fp_sk_req = "fp/<fp>/<sk>" for some fingerprint fp and
  2055. * signing key digest sk
  2056. * - We want the download status for the certificate for this specific
  2057. * signing key and fingerprint. These correspond to the ones we get
  2058. * from URLs starting in /fp-sk/ on the directory server. Get it with
  2059. * list_sk_digests_for_authority_id().
  2060. */
  2061. if (strcmp(fp_sk_req, "fps") == 0) {
  2062. *digest_list = list_authority_ids_with_downloads();
  2063. if (!(*digest_list)) {
  2064. *errmsg = "Failed to get list of authority identity digests (!)";
  2065. }
  2066. } else if (!strcmpstart(fp_sk_req, "fp/")) {
  2067. fp_sk_req += strlen("fp/");
  2068. /* Okay, look for another / to tell the fp from fp-sk cases */
  2069. sk_req = strchr(fp_sk_req, '/');
  2070. if (sk_req) {
  2071. /* okay, split it here and try to parse <fp> */
  2072. if (base16_decode(id_digest, DIGEST_LEN,
  2073. fp_sk_req, sk_req - fp_sk_req) == DIGEST_LEN) {
  2074. /* Skip past the '/' */
  2075. ++sk_req;
  2076. if (strcmp(sk_req, "sks") == 0) {
  2077. /* We're asking for the list of signing key fingerprints */
  2078. *digest_list = list_sk_digests_for_authority_id(id_digest);
  2079. if (!(*digest_list)) {
  2080. *errmsg = "Failed to get list of signing key digests for this "
  2081. "authority identity digest";
  2082. }
  2083. } else {
  2084. /* We've got a signing key digest */
  2085. if (base16_decode(sk_digest, DIGEST_LEN,
  2086. sk_req, strlen(sk_req)) == DIGEST_LEN) {
  2087. *dl_to_emit =
  2088. download_status_for_authority_id_and_sk(id_digest, sk_digest);
  2089. if (!(*dl_to_emit)) {
  2090. *errmsg = "Failed to get download status for this identity/"
  2091. "signing key digest pair";
  2092. }
  2093. } else {
  2094. *errmsg = "That didn't look like a signing key digest";
  2095. }
  2096. }
  2097. } else {
  2098. *errmsg = "That didn't look like an identity digest";
  2099. }
  2100. } else {
  2101. /* We're either in downloads/certs/fp/<fp>, or we can't parse <fp> */
  2102. if (strlen(fp_sk_req) == HEX_DIGEST_LEN) {
  2103. if (base16_decode(id_digest, DIGEST_LEN,
  2104. fp_sk_req, strlen(fp_sk_req)) == DIGEST_LEN) {
  2105. *dl_to_emit = id_only_download_status_for_authority_id(id_digest);
  2106. if (!(*dl_to_emit)) {
  2107. *errmsg = "Failed to get download status for this authority "
  2108. "identity digest";
  2109. }
  2110. } else {
  2111. *errmsg = "That didn't look like a digest";
  2112. }
  2113. } else {
  2114. *errmsg = "That didn't look like a digest";
  2115. }
  2116. }
  2117. } else {
  2118. *errmsg = "Unknown certificate download status query";
  2119. }
  2120. }
  2121. /** Handle the routerdesc download cases for getinfo_helper_downloads() */
  2122. STATIC void
  2123. getinfo_helper_downloads_desc(const char *desc_req,
  2124. download_status_t **dl_to_emit,
  2125. smartlist_t **digest_list,
  2126. const char **errmsg)
  2127. {
  2128. char desc_digest[DIGEST_LEN];
  2129. /*
  2130. * Two cases to handle here:
  2131. *
  2132. * Case 1: desc_req = "descs"
  2133. * - Emit a list of all router descriptor digests, which we get by
  2134. * calling router_get_descriptor_digests(); this can return NULL
  2135. * if we have no current ns-flavor consensus.
  2136. *
  2137. * Case 2: desc_req = <fp>
  2138. * - Check on the specified fingerprint and emit its download_status_t
  2139. * using router_get_dl_status_by_descriptor_digest().
  2140. */
  2141. if (strcmp(desc_req, "descs") == 0) {
  2142. *digest_list = router_get_descriptor_digests();
  2143. if (!(*digest_list)) {
  2144. *errmsg = "We don't seem to have a networkstatus-flavored consensus";
  2145. }
  2146. /*
  2147. * Microdescs don't use the download_status_t mechanism, so we don't
  2148. * answer queries about their downloads here; see microdesc.c.
  2149. */
  2150. } else if (strlen(desc_req) == HEX_DIGEST_LEN) {
  2151. if (base16_decode(desc_digest, DIGEST_LEN,
  2152. desc_req, strlen(desc_req)) == DIGEST_LEN) {
  2153. /* Okay we got a digest-shaped thing; try asking for it */
  2154. *dl_to_emit = router_get_dl_status_by_descriptor_digest(desc_digest);
  2155. if (!(*dl_to_emit)) {
  2156. *errmsg = "No such descriptor digest found";
  2157. }
  2158. } else {
  2159. *errmsg = "That didn't look like a digest";
  2160. }
  2161. } else {
  2162. *errmsg = "Unknown router descriptor download status query";
  2163. }
  2164. }
  2165. /** Handle the bridge download cases for getinfo_helper_downloads() */
  2166. STATIC void
  2167. getinfo_helper_downloads_bridge(const char *bridge_req,
  2168. download_status_t **dl_to_emit,
  2169. smartlist_t **digest_list,
  2170. const char **errmsg)
  2171. {
  2172. char bridge_digest[DIGEST_LEN];
  2173. /*
  2174. * Two cases to handle here:
  2175. *
  2176. * Case 1: bridge_req = "bridges"
  2177. * - Emit a list of all bridge identity digests, which we get by
  2178. * calling list_bridge_identities(); this can return NULL if we are
  2179. * not using bridges.
  2180. *
  2181. * Case 2: bridge_req = <fp>
  2182. * - Check on the specified fingerprint and emit its download_status_t
  2183. * using get_bridge_dl_status_by_id().
  2184. */
  2185. if (strcmp(bridge_req, "bridges") == 0) {
  2186. *digest_list = list_bridge_identities();
  2187. if (!(*digest_list)) {
  2188. *errmsg = "We don't seem to be using bridges";
  2189. }
  2190. } else if (strlen(bridge_req) == HEX_DIGEST_LEN) {
  2191. if (base16_decode(bridge_digest, DIGEST_LEN,
  2192. bridge_req, strlen(bridge_req)) == DIGEST_LEN) {
  2193. /* Okay we got a digest-shaped thing; try asking for it */
  2194. *dl_to_emit = get_bridge_dl_status_by_id(bridge_digest);
  2195. if (!(*dl_to_emit)) {
  2196. *errmsg = "No such bridge identity digest found";
  2197. }
  2198. } else {
  2199. *errmsg = "That didn't look like a digest";
  2200. }
  2201. } else {
  2202. *errmsg = "Unknown bridge descriptor download status query";
  2203. }
  2204. }
  2205. /** Implementation helper for GETINFO: knows the answers for questions about
  2206. * download status information. */
  2207. STATIC int
  2208. getinfo_helper_downloads(control_connection_t *control_conn,
  2209. const char *question, char **answer,
  2210. const char **errmsg)
  2211. {
  2212. download_status_t *dl_to_emit = NULL;
  2213. smartlist_t *digest_list = NULL;
  2214. /* Assert args are sane */
  2215. tor_assert(control_conn != NULL);
  2216. tor_assert(question != NULL);
  2217. tor_assert(answer != NULL);
  2218. tor_assert(errmsg != NULL);
  2219. /* We check for this later to see if we should supply a default */
  2220. *errmsg = NULL;
  2221. /* Are we after networkstatus downloads? */
  2222. if (!strcmpstart(question, "downloads/networkstatus/")) {
  2223. getinfo_helper_downloads_networkstatus(
  2224. question + strlen("downloads/networkstatus/"),
  2225. &dl_to_emit, errmsg);
  2226. /* Certificates? */
  2227. } else if (!strcmpstart(question, "downloads/cert/")) {
  2228. getinfo_helper_downloads_cert(
  2229. question + strlen("downloads/cert/"),
  2230. &dl_to_emit, &digest_list, errmsg);
  2231. /* Router descriptors? */
  2232. } else if (!strcmpstart(question, "downloads/desc/")) {
  2233. getinfo_helper_downloads_desc(
  2234. question + strlen("downloads/desc/"),
  2235. &dl_to_emit, &digest_list, errmsg);
  2236. /* Bridge descriptors? */
  2237. } else if (!strcmpstart(question, "downloads/bridge/")) {
  2238. getinfo_helper_downloads_bridge(
  2239. question + strlen("downloads/bridge/"),
  2240. &dl_to_emit, &digest_list, errmsg);
  2241. } else {
  2242. *errmsg = "Unknown download status query";
  2243. }
  2244. if (dl_to_emit) {
  2245. *answer = download_status_to_string(dl_to_emit);
  2246. return 0;
  2247. } else if (digest_list) {
  2248. *answer = digest_list_to_string(digest_list);
  2249. SMARTLIST_FOREACH(digest_list, void *, s, tor_free(s));
  2250. smartlist_free(digest_list);
  2251. return 0;
  2252. } else {
  2253. if (!(*errmsg)) {
  2254. *errmsg = "Unknown error";
  2255. }
  2256. return -1;
  2257. }
  2258. }
  2259. /** Allocate and return a description of <b>circ</b>'s current status,
  2260. * including its path (if any). */
  2261. static char *
  2262. circuit_describe_status_for_controller(origin_circuit_t *circ)
  2263. {
  2264. char *rv;
  2265. smartlist_t *descparts = smartlist_new();
  2266. {
  2267. char *vpath = circuit_list_path_for_controller(circ);
  2268. if (*vpath) {
  2269. smartlist_add(descparts, vpath);
  2270. } else {
  2271. tor_free(vpath); /* empty path; don't put an extra space in the result */
  2272. }
  2273. }
  2274. {
  2275. cpath_build_state_t *build_state = circ->build_state;
  2276. smartlist_t *flaglist = smartlist_new();
  2277. char *flaglist_joined;
  2278. if (build_state->onehop_tunnel)
  2279. smartlist_add(flaglist, (void *)"ONEHOP_TUNNEL");
  2280. if (build_state->is_internal)
  2281. smartlist_add(flaglist, (void *)"IS_INTERNAL");
  2282. if (build_state->need_capacity)
  2283. smartlist_add(flaglist, (void *)"NEED_CAPACITY");
  2284. if (build_state->need_uptime)
  2285. smartlist_add(flaglist, (void *)"NEED_UPTIME");
  2286. /* Only emit a BUILD_FLAGS argument if it will have a non-empty value. */
  2287. if (smartlist_len(flaglist)) {
  2288. flaglist_joined = smartlist_join_strings(flaglist, ",", 0, NULL);
  2289. smartlist_add_asprintf(descparts, "BUILD_FLAGS=%s", flaglist_joined);
  2290. tor_free(flaglist_joined);
  2291. }
  2292. smartlist_free(flaglist);
  2293. }
  2294. smartlist_add_asprintf(descparts, "PURPOSE=%s",
  2295. circuit_purpose_to_controller_string(circ->base_.purpose));
  2296. {
  2297. const char *hs_state =
  2298. circuit_purpose_to_controller_hs_state_string(circ->base_.purpose);
  2299. if (hs_state != NULL) {
  2300. smartlist_add_asprintf(descparts, "HS_STATE=%s", hs_state);
  2301. }
  2302. }
  2303. if (circ->rend_data != NULL) {
  2304. smartlist_add_asprintf(descparts, "REND_QUERY=%s",
  2305. circ->rend_data->onion_address);
  2306. }
  2307. {
  2308. char tbuf[ISO_TIME_USEC_LEN+1];
  2309. format_iso_time_nospace_usec(tbuf, &circ->base_.timestamp_created);
  2310. smartlist_add_asprintf(descparts, "TIME_CREATED=%s", tbuf);
  2311. }
  2312. // Show username and/or password if available.
  2313. if (circ->socks_username_len > 0) {
  2314. char* socks_username_escaped = esc_for_log_len(circ->socks_username,
  2315. (size_t) circ->socks_username_len);
  2316. smartlist_add_asprintf(descparts, "SOCKS_USERNAME=%s",
  2317. socks_username_escaped);
  2318. tor_free(socks_username_escaped);
  2319. }
  2320. if (circ->socks_password_len > 0) {
  2321. char* socks_password_escaped = esc_for_log_len(circ->socks_password,
  2322. (size_t) circ->socks_password_len);
  2323. smartlist_add_asprintf(descparts, "SOCKS_PASSWORD=%s",
  2324. socks_password_escaped);
  2325. tor_free(socks_password_escaped);
  2326. }
  2327. rv = smartlist_join_strings(descparts, " ", 0, NULL);
  2328. SMARTLIST_FOREACH(descparts, char *, cp, tor_free(cp));
  2329. smartlist_free(descparts);
  2330. return rv;
  2331. }
  2332. /** Implementation helper for GETINFO: knows how to generate summaries of the
  2333. * current states of things we send events about. */
  2334. static int
  2335. getinfo_helper_events(control_connection_t *control_conn,
  2336. const char *question, char **answer,
  2337. const char **errmsg)
  2338. {
  2339. const or_options_t *options = get_options();
  2340. (void) control_conn;
  2341. if (!strcmp(question, "circuit-status")) {
  2342. smartlist_t *status = smartlist_new();
  2343. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ_) {
  2344. origin_circuit_t *circ;
  2345. char *circdesc;
  2346. const char *state;
  2347. if (! CIRCUIT_IS_ORIGIN(circ_) || circ_->marked_for_close)
  2348. continue;
  2349. circ = TO_ORIGIN_CIRCUIT(circ_);
  2350. if (circ->base_.state == CIRCUIT_STATE_OPEN)
  2351. state = "BUILT";
  2352. else if (circ->cpath)
  2353. state = "EXTENDED";
  2354. else
  2355. state = "LAUNCHED";
  2356. circdesc = circuit_describe_status_for_controller(circ);
  2357. smartlist_add_asprintf(status, "%lu %s%s%s",
  2358. (unsigned long)circ->global_identifier,
  2359. state, *circdesc ? " " : "", circdesc);
  2360. tor_free(circdesc);
  2361. }
  2362. SMARTLIST_FOREACH_END(circ_);
  2363. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2364. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2365. smartlist_free(status);
  2366. } else if (!strcmp(question, "stream-status")) {
  2367. smartlist_t *conns = get_connection_array();
  2368. smartlist_t *status = smartlist_new();
  2369. char buf[256];
  2370. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  2371. const char *state;
  2372. entry_connection_t *conn;
  2373. circuit_t *circ;
  2374. origin_circuit_t *origin_circ = NULL;
  2375. if (base_conn->type != CONN_TYPE_AP ||
  2376. base_conn->marked_for_close ||
  2377. base_conn->state == AP_CONN_STATE_SOCKS_WAIT ||
  2378. base_conn->state == AP_CONN_STATE_NATD_WAIT)
  2379. continue;
  2380. conn = TO_ENTRY_CONN(base_conn);
  2381. switch (base_conn->state)
  2382. {
  2383. case AP_CONN_STATE_CONTROLLER_WAIT:
  2384. case AP_CONN_STATE_CIRCUIT_WAIT:
  2385. if (conn->socks_request &&
  2386. SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command))
  2387. state = "NEWRESOLVE";
  2388. else
  2389. state = "NEW";
  2390. break;
  2391. case AP_CONN_STATE_RENDDESC_WAIT:
  2392. case AP_CONN_STATE_CONNECT_WAIT:
  2393. state = "SENTCONNECT"; break;
  2394. case AP_CONN_STATE_RESOLVE_WAIT:
  2395. state = "SENTRESOLVE"; break;
  2396. case AP_CONN_STATE_OPEN:
  2397. state = "SUCCEEDED"; break;
  2398. default:
  2399. log_warn(LD_BUG, "Asked for stream in unknown state %d",
  2400. base_conn->state);
  2401. continue;
  2402. }
  2403. circ = circuit_get_by_edge_conn(ENTRY_TO_EDGE_CONN(conn));
  2404. if (circ && CIRCUIT_IS_ORIGIN(circ))
  2405. origin_circ = TO_ORIGIN_CIRCUIT(circ);
  2406. write_stream_target_to_buf(conn, buf, sizeof(buf));
  2407. smartlist_add_asprintf(status, "%lu %s %lu %s",
  2408. (unsigned long) base_conn->global_identifier,state,
  2409. origin_circ?
  2410. (unsigned long)origin_circ->global_identifier : 0ul,
  2411. buf);
  2412. } SMARTLIST_FOREACH_END(base_conn);
  2413. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2414. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2415. smartlist_free(status);
  2416. } else if (!strcmp(question, "orconn-status")) {
  2417. smartlist_t *conns = get_connection_array();
  2418. smartlist_t *status = smartlist_new();
  2419. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  2420. const char *state;
  2421. char name[128];
  2422. or_connection_t *conn;
  2423. if (base_conn->type != CONN_TYPE_OR || base_conn->marked_for_close)
  2424. continue;
  2425. conn = TO_OR_CONN(base_conn);
  2426. if (conn->base_.state == OR_CONN_STATE_OPEN)
  2427. state = "CONNECTED";
  2428. else if (conn->nickname)
  2429. state = "LAUNCHED";
  2430. else
  2431. state = "NEW";
  2432. orconn_target_get_name(name, sizeof(name), conn);
  2433. smartlist_add_asprintf(status, "%s %s", name, state);
  2434. } SMARTLIST_FOREACH_END(base_conn);
  2435. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2436. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2437. smartlist_free(status);
  2438. } else if (!strcmpstart(question, "address-mappings/")) {
  2439. time_t min_e, max_e;
  2440. smartlist_t *mappings;
  2441. question += strlen("address-mappings/");
  2442. if (!strcmp(question, "all")) {
  2443. min_e = 0; max_e = TIME_MAX;
  2444. } else if (!strcmp(question, "cache")) {
  2445. min_e = 2; max_e = TIME_MAX;
  2446. } else if (!strcmp(question, "config")) {
  2447. min_e = 0; max_e = 0;
  2448. } else if (!strcmp(question, "control")) {
  2449. min_e = 1; max_e = 1;
  2450. } else {
  2451. return 0;
  2452. }
  2453. mappings = smartlist_new();
  2454. addressmap_get_mappings(mappings, min_e, max_e, 1);
  2455. *answer = smartlist_join_strings(mappings, "\r\n", 0, NULL);
  2456. SMARTLIST_FOREACH(mappings, char *, cp, tor_free(cp));
  2457. smartlist_free(mappings);
  2458. } else if (!strcmpstart(question, "status/")) {
  2459. /* Note that status/ is not a catch-all for events; there's only supposed
  2460. * to be a status GETINFO if there's a corresponding STATUS event. */
  2461. if (!strcmp(question, "status/circuit-established")) {
  2462. *answer = tor_strdup(have_completed_a_circuit() ? "1" : "0");
  2463. } else if (!strcmp(question, "status/enough-dir-info")) {
  2464. *answer = tor_strdup(router_have_minimum_dir_info() ? "1" : "0");
  2465. } else if (!strcmp(question, "status/good-server-descriptor") ||
  2466. !strcmp(question, "status/accepted-server-descriptor")) {
  2467. /* They're equivalent for now, until we can figure out how to make
  2468. * good-server-descriptor be what we want. See comment in
  2469. * control-spec.txt. */
  2470. *answer = tor_strdup(directories_have_accepted_server_descriptor()
  2471. ? "1" : "0");
  2472. } else if (!strcmp(question, "status/reachability-succeeded/or")) {
  2473. *answer = tor_strdup(check_whether_orport_reachable(options) ?
  2474. "1" : "0");
  2475. } else if (!strcmp(question, "status/reachability-succeeded/dir")) {
  2476. *answer = tor_strdup(check_whether_dirport_reachable(options) ?
  2477. "1" : "0");
  2478. } else if (!strcmp(question, "status/reachability-succeeded")) {
  2479. tor_asprintf(answer, "OR=%d DIR=%d",
  2480. check_whether_orport_reachable(options) ? 1 : 0,
  2481. check_whether_dirport_reachable(options) ? 1 : 0);
  2482. } else if (!strcmp(question, "status/bootstrap-phase")) {
  2483. *answer = tor_strdup(last_sent_bootstrap_message);
  2484. } else if (!strcmpstart(question, "status/version/")) {
  2485. int is_server = server_mode(options);
  2486. networkstatus_t *c = networkstatus_get_latest_consensus();
  2487. version_status_t status;
  2488. const char *recommended;
  2489. if (c) {
  2490. recommended = is_server ? c->server_versions : c->client_versions;
  2491. status = tor_version_is_obsolete(VERSION, recommended);
  2492. } else {
  2493. recommended = "?";
  2494. status = VS_UNKNOWN;
  2495. }
  2496. if (!strcmp(question, "status/version/recommended")) {
  2497. *answer = tor_strdup(recommended);
  2498. return 0;
  2499. }
  2500. if (!strcmp(question, "status/version/current")) {
  2501. switch (status)
  2502. {
  2503. case VS_RECOMMENDED: *answer = tor_strdup("recommended"); break;
  2504. case VS_OLD: *answer = tor_strdup("obsolete"); break;
  2505. case VS_NEW: *answer = tor_strdup("new"); break;
  2506. case VS_NEW_IN_SERIES: *answer = tor_strdup("new in series"); break;
  2507. case VS_UNRECOMMENDED: *answer = tor_strdup("unrecommended"); break;
  2508. case VS_EMPTY: *answer = tor_strdup("none recommended"); break;
  2509. case VS_UNKNOWN: *answer = tor_strdup("unknown"); break;
  2510. default: tor_fragile_assert();
  2511. }
  2512. } else if (!strcmp(question, "status/version/num-versioning") ||
  2513. !strcmp(question, "status/version/num-concurring")) {
  2514. tor_asprintf(answer, "%d", get_n_authorities(V3_DIRINFO));
  2515. log_warn(LD_GENERAL, "%s is deprecated; it no longer gives useful "
  2516. "information", question);
  2517. }
  2518. } else if (!strcmp(question, "status/clients-seen")) {
  2519. char *bridge_stats = geoip_get_bridge_stats_controller(time(NULL));
  2520. if (!bridge_stats) {
  2521. *errmsg = "No bridge-client stats available";
  2522. return -1;
  2523. }
  2524. *answer = bridge_stats;
  2525. } else if (!strcmp(question, "status/fresh-relay-descs")) {
  2526. if (!server_mode(options)) {
  2527. *errmsg = "Only relays have descriptors";
  2528. return -1;
  2529. }
  2530. routerinfo_t *r;
  2531. extrainfo_t *e;
  2532. if (router_build_fresh_descriptor(&r, &e) < 0) {
  2533. *errmsg = "Error generating descriptor";
  2534. return -1;
  2535. }
  2536. size_t size = r->cache_info.signed_descriptor_len + 1;
  2537. if (e) {
  2538. size += e->cache_info.signed_descriptor_len + 1;
  2539. }
  2540. tor_assert(r->cache_info.signed_descriptor_len);
  2541. char *descs = tor_malloc(size);
  2542. char *cp = descs;
  2543. memcpy(cp, signed_descriptor_get_body(&r->cache_info),
  2544. r->cache_info.signed_descriptor_len);
  2545. cp += r->cache_info.signed_descriptor_len - 1;
  2546. if (e) {
  2547. if (cp[0] == '\0') {
  2548. cp[0] = '\n';
  2549. } else if (cp[0] != '\n') {
  2550. cp[1] = '\n';
  2551. cp++;
  2552. }
  2553. memcpy(cp, signed_descriptor_get_body(&e->cache_info),
  2554. e->cache_info.signed_descriptor_len);
  2555. cp += e->cache_info.signed_descriptor_len - 1;
  2556. }
  2557. if (cp[0] == '\n') {
  2558. cp[0] = '\0';
  2559. } else if (cp[0] != '\0') {
  2560. cp[1] = '\0';
  2561. }
  2562. *answer = descs;
  2563. routerinfo_free(r);
  2564. extrainfo_free(e);
  2565. } else {
  2566. return 0;
  2567. }
  2568. }
  2569. return 0;
  2570. }
  2571. /** Implementation helper for GETINFO: knows how to enumerate hidden services
  2572. * created via the control port. */
  2573. static int
  2574. getinfo_helper_onions(control_connection_t *control_conn,
  2575. const char *question, char **answer,
  2576. const char **errmsg)
  2577. {
  2578. smartlist_t *onion_list = NULL;
  2579. if (control_conn && !strcmp(question, "onions/current")) {
  2580. onion_list = control_conn->ephemeral_onion_services;
  2581. } else if (!strcmp(question, "onions/detached")) {
  2582. onion_list = detached_onion_services;
  2583. } else {
  2584. return 0;
  2585. }
  2586. if (!onion_list || smartlist_len(onion_list) == 0) {
  2587. if (errmsg) {
  2588. *errmsg = "No onion services of the specified type.";
  2589. }
  2590. return -1;
  2591. }
  2592. if (answer) {
  2593. *answer = smartlist_join_strings(onion_list, "\r\n", 0, NULL);
  2594. }
  2595. return 0;
  2596. }
  2597. /** Implementation helper for GETINFO: answers queries about network
  2598. * liveness. */
  2599. static int
  2600. getinfo_helper_liveness(control_connection_t *control_conn,
  2601. const char *question, char **answer,
  2602. const char **errmsg)
  2603. {
  2604. (void)control_conn;
  2605. (void)errmsg;
  2606. if (strcmp(question, "network-liveness") == 0) {
  2607. if (get_cached_network_liveness()) {
  2608. *answer = tor_strdup("up");
  2609. } else {
  2610. *answer = tor_strdup("down");
  2611. }
  2612. }
  2613. return 0;
  2614. }
  2615. /** Callback function for GETINFO: on a given control connection, try to
  2616. * answer the question <b>q</b> and store the newly-allocated answer in
  2617. * *<b>a</b>. If an internal error occurs, return -1 and optionally set
  2618. * *<b>error_out</b> to point to an error message to be delivered to the
  2619. * controller. On success, _or if the key is not recognized_, return 0. Do not
  2620. * set <b>a</b> if the key is not recognized.
  2621. */
  2622. typedef int (*getinfo_helper_t)(control_connection_t *,
  2623. const char *q, char **a,
  2624. const char **error_out);
  2625. /** A single item for the GETINFO question-to-answer-function table. */
  2626. typedef struct getinfo_item_t {
  2627. const char *varname; /**< The value (or prefix) of the question. */
  2628. getinfo_helper_t fn; /**< The function that knows the answer: NULL if
  2629. * this entry is documentation-only. */
  2630. const char *desc; /**< Description of the variable. */
  2631. int is_prefix; /** Must varname match exactly, or must it be a prefix? */
  2632. } getinfo_item_t;
  2633. #define ITEM(name, fn, desc) { name, getinfo_helper_##fn, desc, 0 }
  2634. #define PREFIX(name, fn, desc) { name, getinfo_helper_##fn, desc, 1 }
  2635. #define DOC(name, desc) { name, NULL, desc, 0 }
  2636. /** Table mapping questions accepted by GETINFO to the functions that know how
  2637. * to answer them. */
  2638. static const getinfo_item_t getinfo_items[] = {
  2639. ITEM("version", misc, "The current version of Tor."),
  2640. ITEM("bw-event-cache", misc, "Cached BW events for a short interval."),
  2641. ITEM("config-file", misc, "Current location of the \"torrc\" file."),
  2642. ITEM("config-defaults-file", misc, "Current location of the defaults file."),
  2643. ITEM("config-text", misc,
  2644. "Return the string that would be written by a saveconf command."),
  2645. ITEM("accounting/bytes", accounting,
  2646. "Number of bytes read/written so far in the accounting interval."),
  2647. ITEM("accounting/bytes-left", accounting,
  2648. "Number of bytes left to write/read so far in the accounting interval."),
  2649. ITEM("accounting/enabled", accounting, "Is accounting currently enabled?"),
  2650. ITEM("accounting/hibernating", accounting, "Are we hibernating or awake?"),
  2651. ITEM("accounting/interval-start", accounting,
  2652. "Time when the accounting period starts."),
  2653. ITEM("accounting/interval-end", accounting,
  2654. "Time when the accounting period ends."),
  2655. ITEM("accounting/interval-wake", accounting,
  2656. "Time to wake up in this accounting period."),
  2657. ITEM("helper-nodes", entry_guards, NULL), /* deprecated */
  2658. ITEM("entry-guards", entry_guards,
  2659. "Which nodes are we using as entry guards?"),
  2660. ITEM("fingerprint", misc, NULL),
  2661. PREFIX("config/", config, "Current configuration values."),
  2662. DOC("config/names",
  2663. "List of configuration options, types, and documentation."),
  2664. DOC("config/defaults",
  2665. "List of default values for configuration options. "
  2666. "See also config/names"),
  2667. PREFIX("downloads/networkstatus/", downloads,
  2668. "Download statuses for networkstatus objects"),
  2669. DOC("downloads/networkstatus/ns",
  2670. "Download status for current-mode networkstatus download"),
  2671. DOC("downloads/networkstatus/ns/bootstrap",
  2672. "Download status for bootstrap-time networkstatus download"),
  2673. DOC("downloads/networkstatus/ns/running",
  2674. "Download status for run-time networkstatus download"),
  2675. DOC("downloads/networkstatus/microdesc",
  2676. "Download status for current-mode microdesc download"),
  2677. DOC("downloads/networkstatus/microdesc/bootstrap",
  2678. "Download status for bootstrap-time microdesc download"),
  2679. DOC("downloads/networkstatus/microdesc/running",
  2680. "Download status for run-time microdesc download"),
  2681. PREFIX("downloads/cert/", downloads,
  2682. "Download statuses for certificates, by id fingerprint and "
  2683. "signing key"),
  2684. DOC("downloads/cert/fps",
  2685. "List of authority fingerprints for which any download statuses "
  2686. "exist"),
  2687. DOC("downloads/cert/fp/<fp>",
  2688. "Download status for <fp> with the default signing key; corresponds "
  2689. "to /fp/ URLs on directory server."),
  2690. DOC("downloads/cert/fp/<fp>/sks",
  2691. "List of signing keys for which specific download statuses are "
  2692. "available for this id fingerprint"),
  2693. DOC("downloads/cert/fp/<fp>/<sk>",
  2694. "Download status for <fp> with signing key <sk>; corresponds "
  2695. "to /fp-sk/ URLs on directory server."),
  2696. PREFIX("downloads/desc/", downloads,
  2697. "Download statuses for router descriptors, by descriptor digest"),
  2698. DOC("downloads/desc/descs",
  2699. "Return a list of known router descriptor digests"),
  2700. DOC("downloads/desc/<desc>",
  2701. "Return a download status for a given descriptor digest"),
  2702. PREFIX("downloads/bridge/", downloads,
  2703. "Download statuses for bridge descriptors, by bridge identity "
  2704. "digest"),
  2705. DOC("downloads/bridge/bridges",
  2706. "Return a list of configured bridge identity digests with download "
  2707. "statuses"),
  2708. DOC("downloads/bridge/<desc>",
  2709. "Return a download status for a given bridge identity digest"),
  2710. ITEM("info/names", misc,
  2711. "List of GETINFO options, types, and documentation."),
  2712. ITEM("events/names", misc,
  2713. "Events that the controller can ask for with SETEVENTS."),
  2714. ITEM("signal/names", misc, "Signal names recognized by the SIGNAL command"),
  2715. ITEM("features/names", misc, "What arguments can USEFEATURE take?"),
  2716. PREFIX("desc/id/", dir, "Router descriptors by ID."),
  2717. PREFIX("desc/name/", dir, "Router descriptors by nickname."),
  2718. ITEM("desc/all-recent", dir,
  2719. "All non-expired, non-superseded router descriptors."),
  2720. ITEM("desc/all-recent-extrainfo-hack", dir, NULL), /* Hack. */
  2721. PREFIX("md/id/", dir, "Microdescriptors by ID"),
  2722. PREFIX("md/name/", dir, "Microdescriptors by name"),
  2723. PREFIX("extra-info/digest/", dir, "Extra-info documents by digest."),
  2724. PREFIX("hs/client/desc/id", dir,
  2725. "Hidden Service descriptor in client's cache by onion."),
  2726. PREFIX("hs/service/desc/id/", dir,
  2727. "Hidden Service descriptor in services's cache by onion."),
  2728. PREFIX("net/listeners/", listeners, "Bound addresses by type"),
  2729. ITEM("ns/all", networkstatus,
  2730. "Brief summary of router status (v2 directory format)"),
  2731. PREFIX("ns/id/", networkstatus,
  2732. "Brief summary of router status by ID (v2 directory format)."),
  2733. PREFIX("ns/name/", networkstatus,
  2734. "Brief summary of router status by nickname (v2 directory format)."),
  2735. PREFIX("ns/purpose/", networkstatus,
  2736. "Brief summary of router status by purpose (v2 directory format)."),
  2737. PREFIX("consensus/", networkstatus,
  2738. "Information about and from the ns consensus."),
  2739. ITEM("network-status", dir,
  2740. "Brief summary of router status (v1 directory format)"),
  2741. ITEM("network-liveness", liveness,
  2742. "Current opinion on whether the network is live"),
  2743. ITEM("circuit-status", events, "List of current circuits originating here."),
  2744. ITEM("stream-status", events,"List of current streams."),
  2745. ITEM("orconn-status", events, "A list of current OR connections."),
  2746. ITEM("dormant", misc,
  2747. "Is Tor dormant (not building circuits because it's idle)?"),
  2748. PREFIX("address-mappings/", events, NULL),
  2749. DOC("address-mappings/all", "Current address mappings."),
  2750. DOC("address-mappings/cache", "Current cached DNS replies."),
  2751. DOC("address-mappings/config",
  2752. "Current address mappings from configuration."),
  2753. DOC("address-mappings/control", "Current address mappings from controller."),
  2754. PREFIX("status/", events, NULL),
  2755. DOC("status/circuit-established",
  2756. "Whether we think client functionality is working."),
  2757. DOC("status/enough-dir-info",
  2758. "Whether we have enough up-to-date directory information to build "
  2759. "circuits."),
  2760. DOC("status/bootstrap-phase",
  2761. "The last bootstrap phase status event that Tor sent."),
  2762. DOC("status/clients-seen",
  2763. "Breakdown of client countries seen by a bridge."),
  2764. DOC("status/fresh-relay-descs",
  2765. "A fresh relay/ei descriptor pair for Tor's current state. Not stored."),
  2766. DOC("status/version/recommended", "List of currently recommended versions."),
  2767. DOC("status/version/current", "Status of the current version."),
  2768. DOC("status/version/num-versioning", "Number of versioning authorities."),
  2769. DOC("status/version/num-concurring",
  2770. "Number of versioning authorities agreeing on the status of the "
  2771. "current version"),
  2772. ITEM("address", misc, "IP address of this Tor host, if we can guess it."),
  2773. ITEM("traffic/read", misc,"Bytes read since the process was started."),
  2774. ITEM("traffic/written", misc,
  2775. "Bytes written since the process was started."),
  2776. ITEM("process/pid", misc, "Process id belonging to the main tor process."),
  2777. ITEM("process/uid", misc, "User id running the tor process."),
  2778. ITEM("process/user", misc,
  2779. "Username under which the tor process is running."),
  2780. ITEM("process/descriptor-limit", misc, "File descriptor limit."),
  2781. ITEM("limits/max-mem-in-queues", misc, "Actual limit on memory in queues"),
  2782. PREFIX("desc-annotations/id/", dir, "Router annotations by hexdigest."),
  2783. PREFIX("dir/server/", dir,"Router descriptors as retrieved from a DirPort."),
  2784. PREFIX("dir/status/", dir,
  2785. "v2 networkstatus docs as retrieved from a DirPort."),
  2786. ITEM("dir/status-vote/current/consensus", dir,
  2787. "v3 Networkstatus consensus as retrieved from a DirPort."),
  2788. ITEM("exit-policy/default", policies,
  2789. "The default value appended to the configured exit policy."),
  2790. ITEM("exit-policy/reject-private/default", policies,
  2791. "The default rules appended to the configured exit policy by"
  2792. " ExitPolicyRejectPrivate."),
  2793. ITEM("exit-policy/reject-private/relay", policies,
  2794. "The relay-specific rules appended to the configured exit policy by"
  2795. " ExitPolicyRejectPrivate and/or ExitPolicyRejectLocalInterfaces."),
  2796. ITEM("exit-policy/full", policies, "The entire exit policy of onion router"),
  2797. ITEM("exit-policy/ipv4", policies, "IPv4 parts of exit policy"),
  2798. ITEM("exit-policy/ipv6", policies, "IPv6 parts of exit policy"),
  2799. PREFIX("ip-to-country/", geoip, "Perform a GEOIP lookup"),
  2800. ITEM("onions/current", onions,
  2801. "Onion services owned by the current control connection."),
  2802. ITEM("onions/detached", onions,
  2803. "Onion services detached from the control connection."),
  2804. { NULL, NULL, NULL, 0 }
  2805. };
  2806. /** Allocate and return a list of recognized GETINFO options. */
  2807. static char *
  2808. list_getinfo_options(void)
  2809. {
  2810. int i;
  2811. smartlist_t *lines = smartlist_new();
  2812. char *ans;
  2813. for (i = 0; getinfo_items[i].varname; ++i) {
  2814. if (!getinfo_items[i].desc)
  2815. continue;
  2816. smartlist_add_asprintf(lines, "%s%s -- %s\n",
  2817. getinfo_items[i].varname,
  2818. getinfo_items[i].is_prefix ? "*" : "",
  2819. getinfo_items[i].desc);
  2820. }
  2821. smartlist_sort_strings(lines);
  2822. ans = smartlist_join_strings(lines, "", 0, NULL);
  2823. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  2824. smartlist_free(lines);
  2825. return ans;
  2826. }
  2827. /** Lookup the 'getinfo' entry <b>question</b>, and return
  2828. * the answer in <b>*answer</b> (or NULL if key not recognized).
  2829. * Return 0 if success or unrecognized, or -1 if recognized but
  2830. * internal error. */
  2831. static int
  2832. handle_getinfo_helper(control_connection_t *control_conn,
  2833. const char *question, char **answer,
  2834. const char **err_out)
  2835. {
  2836. int i;
  2837. *answer = NULL; /* unrecognized key by default */
  2838. for (i = 0; getinfo_items[i].varname; ++i) {
  2839. int match;
  2840. if (getinfo_items[i].is_prefix)
  2841. match = !strcmpstart(question, getinfo_items[i].varname);
  2842. else
  2843. match = !strcmp(question, getinfo_items[i].varname);
  2844. if (match) {
  2845. tor_assert(getinfo_items[i].fn);
  2846. return getinfo_items[i].fn(control_conn, question, answer, err_out);
  2847. }
  2848. }
  2849. return 0; /* unrecognized */
  2850. }
  2851. /** Called when we receive a GETINFO command. Try to fetch all requested
  2852. * information, and reply with information or error message. */
  2853. static int
  2854. handle_control_getinfo(control_connection_t *conn, uint32_t len,
  2855. const char *body)
  2856. {
  2857. smartlist_t *questions = smartlist_new();
  2858. smartlist_t *answers = smartlist_new();
  2859. smartlist_t *unrecognized = smartlist_new();
  2860. char *msg = NULL, *ans = NULL;
  2861. int i;
  2862. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  2863. smartlist_split_string(questions, body, " ",
  2864. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  2865. SMARTLIST_FOREACH_BEGIN(questions, const char *, q) {
  2866. const char *errmsg = NULL;
  2867. if (handle_getinfo_helper(conn, q, &ans, &errmsg) < 0) {
  2868. if (!errmsg)
  2869. errmsg = "Internal error";
  2870. connection_printf_to_buf(conn, "551 %s\r\n", errmsg);
  2871. goto done;
  2872. }
  2873. if (!ans) {
  2874. smartlist_add(unrecognized, (char*)q);
  2875. } else {
  2876. smartlist_add(answers, tor_strdup(q));
  2877. smartlist_add(answers, ans);
  2878. }
  2879. } SMARTLIST_FOREACH_END(q);
  2880. if (smartlist_len(unrecognized)) {
  2881. for (i=0; i < smartlist_len(unrecognized)-1; ++i)
  2882. connection_printf_to_buf(conn,
  2883. "552-Unrecognized key \"%s\"\r\n",
  2884. (char*)smartlist_get(unrecognized, i));
  2885. connection_printf_to_buf(conn,
  2886. "552 Unrecognized key \"%s\"\r\n",
  2887. (char*)smartlist_get(unrecognized, i));
  2888. goto done;
  2889. }
  2890. for (i = 0; i < smartlist_len(answers); i += 2) {
  2891. char *k = smartlist_get(answers, i);
  2892. char *v = smartlist_get(answers, i+1);
  2893. if (!strchr(v, '\n') && !strchr(v, '\r')) {
  2894. connection_printf_to_buf(conn, "250-%s=", k);
  2895. connection_write_str_to_buf(v, conn);
  2896. connection_write_str_to_buf("\r\n", conn);
  2897. } else {
  2898. char *esc = NULL;
  2899. size_t esc_len;
  2900. esc_len = write_escaped_data(v, strlen(v), &esc);
  2901. connection_printf_to_buf(conn, "250+%s=\r\n", k);
  2902. connection_write_to_buf(esc, esc_len, TO_CONN(conn));
  2903. tor_free(esc);
  2904. }
  2905. }
  2906. connection_write_str_to_buf("250 OK\r\n", conn);
  2907. done:
  2908. SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
  2909. smartlist_free(answers);
  2910. SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
  2911. smartlist_free(questions);
  2912. smartlist_free(unrecognized);
  2913. tor_free(msg);
  2914. return 0;
  2915. }
  2916. /** Given a string, convert it to a circuit purpose. */
  2917. static uint8_t
  2918. circuit_purpose_from_string(const char *string)
  2919. {
  2920. if (!strcasecmpstart(string, "purpose="))
  2921. string += strlen("purpose=");
  2922. if (!strcasecmp(string, "general"))
  2923. return CIRCUIT_PURPOSE_C_GENERAL;
  2924. else if (!strcasecmp(string, "controller"))
  2925. return CIRCUIT_PURPOSE_CONTROLLER;
  2926. else
  2927. return CIRCUIT_PURPOSE_UNKNOWN;
  2928. }
  2929. /** Return a newly allocated smartlist containing the arguments to the command
  2930. * waiting in <b>body</b>. If there are fewer than <b>min_args</b> arguments,
  2931. * or if <b>max_args</b> is nonnegative and there are more than
  2932. * <b>max_args</b> arguments, send a 512 error to the controller, using
  2933. * <b>command</b> as the command name in the error message. */
  2934. static smartlist_t *
  2935. getargs_helper(const char *command, control_connection_t *conn,
  2936. const char *body, int min_args, int max_args)
  2937. {
  2938. smartlist_t *args = smartlist_new();
  2939. smartlist_split_string(args, body, " ",
  2940. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  2941. if (smartlist_len(args) < min_args) {
  2942. connection_printf_to_buf(conn, "512 Missing argument to %s\r\n",command);
  2943. goto err;
  2944. } else if (max_args >= 0 && smartlist_len(args) > max_args) {
  2945. connection_printf_to_buf(conn, "512 Too many arguments to %s\r\n",command);
  2946. goto err;
  2947. }
  2948. return args;
  2949. err:
  2950. SMARTLIST_FOREACH(args, char *, s, tor_free(s));
  2951. smartlist_free(args);
  2952. return NULL;
  2953. }
  2954. /** Helper. Return the first element of <b>sl</b> at index <b>start_at</b> or
  2955. * higher that starts with <b>prefix</b>, case-insensitive. Return NULL if no
  2956. * such element exists. */
  2957. static const char *
  2958. find_element_starting_with(smartlist_t *sl, int start_at, const char *prefix)
  2959. {
  2960. int i;
  2961. for (i = start_at; i < smartlist_len(sl); ++i) {
  2962. const char *elt = smartlist_get(sl, i);
  2963. if (!strcasecmpstart(elt, prefix))
  2964. return elt;
  2965. }
  2966. return NULL;
  2967. }
  2968. /** Helper. Return true iff s is an argument that we should treat as a
  2969. * key-value pair. */
  2970. static int
  2971. is_keyval_pair(const char *s)
  2972. {
  2973. /* An argument is a key-value pair if it has an =, and it isn't of the form
  2974. * $fingeprint=name */
  2975. return strchr(s, '=') && s[0] != '$';
  2976. }
  2977. /** Called when we get an EXTENDCIRCUIT message. Try to extend the listed
  2978. * circuit, and report success or failure. */
  2979. static int
  2980. handle_control_extendcircuit(control_connection_t *conn, uint32_t len,
  2981. const char *body)
  2982. {
  2983. smartlist_t *router_nicknames=NULL, *nodes=NULL;
  2984. origin_circuit_t *circ = NULL;
  2985. int zero_circ;
  2986. uint8_t intended_purpose = CIRCUIT_PURPOSE_C_GENERAL;
  2987. smartlist_t *args;
  2988. (void) len;
  2989. router_nicknames = smartlist_new();
  2990. args = getargs_helper("EXTENDCIRCUIT", conn, body, 1, -1);
  2991. if (!args)
  2992. goto done;
  2993. zero_circ = !strcmp("0", (char*)smartlist_get(args,0));
  2994. if (zero_circ) {
  2995. const char *purp = find_element_starting_with(args, 1, "PURPOSE=");
  2996. if (purp) {
  2997. intended_purpose = circuit_purpose_from_string(purp);
  2998. if (intended_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
  2999. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n", purp);
  3000. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3001. smartlist_free(args);
  3002. goto done;
  3003. }
  3004. }
  3005. if ((smartlist_len(args) == 1) ||
  3006. (smartlist_len(args) >= 2 && is_keyval_pair(smartlist_get(args, 1)))) {
  3007. // "EXTENDCIRCUIT 0" || EXTENDCIRCUIT 0 foo=bar"
  3008. circ = circuit_launch(intended_purpose, CIRCLAUNCH_NEED_CAPACITY);
  3009. if (!circ) {
  3010. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3011. } else {
  3012. connection_printf_to_buf(conn, "250 EXTENDED %lu\r\n",
  3013. (unsigned long)circ->global_identifier);
  3014. }
  3015. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3016. smartlist_free(args);
  3017. goto done;
  3018. }
  3019. // "EXTENDCIRCUIT 0 router1,router2" ||
  3020. // "EXTENDCIRCUIT 0 router1,router2 PURPOSE=foo"
  3021. }
  3022. if (!zero_circ && !(circ = get_circ(smartlist_get(args,0)))) {
  3023. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3024. (char*)smartlist_get(args, 0));
  3025. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3026. smartlist_free(args);
  3027. goto done;
  3028. }
  3029. if (smartlist_len(args) < 2) {
  3030. connection_printf_to_buf(conn,
  3031. "512 syntax error: not enough arguments.\r\n");
  3032. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3033. smartlist_free(args);
  3034. goto done;
  3035. }
  3036. smartlist_split_string(router_nicknames, smartlist_get(args,1), ",", 0, 0);
  3037. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3038. smartlist_free(args);
  3039. nodes = smartlist_new();
  3040. SMARTLIST_FOREACH_BEGIN(router_nicknames, const char *, n) {
  3041. const node_t *node = node_get_by_nickname(n, 1);
  3042. if (!node) {
  3043. connection_printf_to_buf(conn, "552 No such router \"%s\"\r\n", n);
  3044. goto done;
  3045. }
  3046. if (!node_has_descriptor(node)) {
  3047. connection_printf_to_buf(conn, "552 No descriptor for \"%s\"\r\n", n);
  3048. goto done;
  3049. }
  3050. smartlist_add(nodes, (void*)node);
  3051. } SMARTLIST_FOREACH_END(n);
  3052. if (!smartlist_len(nodes)) {
  3053. connection_write_str_to_buf("512 No router names provided\r\n", conn);
  3054. goto done;
  3055. }
  3056. if (zero_circ) {
  3057. /* start a new circuit */
  3058. circ = origin_circuit_init(intended_purpose, 0);
  3059. }
  3060. /* now circ refers to something that is ready to be extended */
  3061. int first_node = zero_circ;
  3062. SMARTLIST_FOREACH(nodes, const node_t *, node,
  3063. {
  3064. extend_info_t *info = extend_info_from_node(node, first_node);
  3065. if (first_node && !info) {
  3066. log_warn(LD_CONTROL,
  3067. "controller tried to connect to a node that doesn't have any "
  3068. "addresses that are allowed by the firewall configuration; "
  3069. "circuit marked for closing.");
  3070. circuit_mark_for_close(TO_CIRCUIT(circ), -END_CIRC_REASON_CONNECTFAILED);
  3071. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3072. goto done;
  3073. } else {
  3074. /* True, since node_has_descriptor(node) == true and we are extending
  3075. * to the node's primary address */
  3076. tor_assert(info);
  3077. }
  3078. circuit_append_new_exit(circ, info);
  3079. extend_info_free(info);
  3080. first_node = 0;
  3081. });
  3082. /* now that we've populated the cpath, start extending */
  3083. if (zero_circ) {
  3084. int err_reason = 0;
  3085. if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
  3086. circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
  3087. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3088. goto done;
  3089. }
  3090. } else {
  3091. if (circ->base_.state == CIRCUIT_STATE_OPEN) {
  3092. int err_reason = 0;
  3093. circuit_set_state(TO_CIRCUIT(circ), CIRCUIT_STATE_BUILDING);
  3094. if ((err_reason = circuit_send_next_onion_skin(circ)) < 0) {
  3095. log_info(LD_CONTROL,
  3096. "send_next_onion_skin failed; circuit marked for closing.");
  3097. circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
  3098. connection_write_str_to_buf("551 Couldn't send onion skin\r\n", conn);
  3099. goto done;
  3100. }
  3101. }
  3102. }
  3103. connection_printf_to_buf(conn, "250 EXTENDED %lu\r\n",
  3104. (unsigned long)circ->global_identifier);
  3105. if (zero_circ) /* send a 'launched' event, for completeness */
  3106. control_event_circuit_status(circ, CIRC_EVENT_LAUNCHED, 0);
  3107. done:
  3108. SMARTLIST_FOREACH(router_nicknames, char *, n, tor_free(n));
  3109. smartlist_free(router_nicknames);
  3110. smartlist_free(nodes);
  3111. return 0;
  3112. }
  3113. /** Called when we get a SETCIRCUITPURPOSE message. If we can find the
  3114. * circuit and it's a valid purpose, change it. */
  3115. static int
  3116. handle_control_setcircuitpurpose(control_connection_t *conn,
  3117. uint32_t len, const char *body)
  3118. {
  3119. origin_circuit_t *circ = NULL;
  3120. uint8_t new_purpose;
  3121. smartlist_t *args;
  3122. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  3123. args = getargs_helper("SETCIRCUITPURPOSE", conn, body, 2, -1);
  3124. if (!args)
  3125. goto done;
  3126. if (!(circ = get_circ(smartlist_get(args,0)))) {
  3127. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3128. (char*)smartlist_get(args, 0));
  3129. goto done;
  3130. }
  3131. {
  3132. const char *purp = find_element_starting_with(args,1,"PURPOSE=");
  3133. if (!purp) {
  3134. connection_write_str_to_buf("552 No purpose given\r\n", conn);
  3135. goto done;
  3136. }
  3137. new_purpose = circuit_purpose_from_string(purp);
  3138. if (new_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
  3139. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n", purp);
  3140. goto done;
  3141. }
  3142. }
  3143. circuit_change_purpose(TO_CIRCUIT(circ), new_purpose);
  3144. connection_write_str_to_buf("250 OK\r\n", conn);
  3145. done:
  3146. if (args) {
  3147. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3148. smartlist_free(args);
  3149. }
  3150. return 0;
  3151. }
  3152. /** Called when we get an ATTACHSTREAM message. Try to attach the requested
  3153. * stream, and report success or failure. */
  3154. static int
  3155. handle_control_attachstream(control_connection_t *conn, uint32_t len,
  3156. const char *body)
  3157. {
  3158. entry_connection_t *ap_conn = NULL;
  3159. origin_circuit_t *circ = NULL;
  3160. int zero_circ;
  3161. smartlist_t *args;
  3162. crypt_path_t *cpath=NULL;
  3163. int hop=0, hop_line_ok=1;
  3164. (void) len;
  3165. args = getargs_helper("ATTACHSTREAM", conn, body, 2, -1);
  3166. if (!args)
  3167. return 0;
  3168. zero_circ = !strcmp("0", (char*)smartlist_get(args,1));
  3169. if (!(ap_conn = get_stream(smartlist_get(args, 0)))) {
  3170. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3171. (char*)smartlist_get(args, 0));
  3172. } else if (!zero_circ && !(circ = get_circ(smartlist_get(args, 1)))) {
  3173. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3174. (char*)smartlist_get(args, 1));
  3175. } else if (circ) {
  3176. const char *hopstring = find_element_starting_with(args,2,"HOP=");
  3177. if (hopstring) {
  3178. hopstring += strlen("HOP=");
  3179. hop = (int) tor_parse_ulong(hopstring, 10, 0, INT_MAX,
  3180. &hop_line_ok, NULL);
  3181. if (!hop_line_ok) { /* broken hop line */
  3182. connection_printf_to_buf(conn, "552 Bad value hop=%s\r\n", hopstring);
  3183. }
  3184. }
  3185. }
  3186. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3187. smartlist_free(args);
  3188. if (!ap_conn || (!zero_circ && !circ) || !hop_line_ok)
  3189. return 0;
  3190. if (ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONTROLLER_WAIT &&
  3191. ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONNECT_WAIT &&
  3192. ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_RESOLVE_WAIT) {
  3193. connection_write_str_to_buf(
  3194. "555 Connection is not managed by controller.\r\n",
  3195. conn);
  3196. return 0;
  3197. }
  3198. /* Do we need to detach it first? */
  3199. if (ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONTROLLER_WAIT) {
  3200. edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(ap_conn);
  3201. circuit_t *tmpcirc = circuit_get_by_edge_conn(edge_conn);
  3202. connection_edge_end(edge_conn, END_STREAM_REASON_TIMEOUT);
  3203. /* Un-mark it as ending, since we're going to reuse it. */
  3204. edge_conn->edge_has_sent_end = 0;
  3205. edge_conn->end_reason = 0;
  3206. if (tmpcirc)
  3207. circuit_detach_stream(tmpcirc, edge_conn);
  3208. CONNECTION_AP_EXPECT_NONPENDING(ap_conn);
  3209. TO_CONN(edge_conn)->state = AP_CONN_STATE_CONTROLLER_WAIT;
  3210. }
  3211. if (circ && (circ->base_.state != CIRCUIT_STATE_OPEN)) {
  3212. connection_write_str_to_buf(
  3213. "551 Can't attach stream to non-open origin circuit\r\n",
  3214. conn);
  3215. return 0;
  3216. }
  3217. /* Is this a single hop circuit? */
  3218. if (circ && (circuit_get_cpath_len(circ)<2 || hop==1)) {
  3219. const node_t *node = NULL;
  3220. char *exit_digest = NULL;
  3221. if (circ->build_state &&
  3222. circ->build_state->chosen_exit &&
  3223. !tor_digest_is_zero(circ->build_state->chosen_exit->identity_digest)) {
  3224. exit_digest = circ->build_state->chosen_exit->identity_digest;
  3225. node = node_get_by_id(exit_digest);
  3226. }
  3227. /* Do both the client and relay allow one-hop exit circuits? */
  3228. if (!node ||
  3229. !node_allows_single_hop_exits(node) ||
  3230. !get_options()->AllowSingleHopCircuits) {
  3231. connection_write_str_to_buf(
  3232. "551 Can't attach stream to this one-hop circuit.\r\n", conn);
  3233. return 0;
  3234. }
  3235. tor_assert(exit_digest);
  3236. ap_conn->chosen_exit_name = tor_strdup(hex_str(exit_digest, DIGEST_LEN));
  3237. }
  3238. if (circ && hop>0) {
  3239. /* find this hop in the circuit, and set cpath */
  3240. cpath = circuit_get_cpath_hop(circ, hop);
  3241. if (!cpath) {
  3242. connection_printf_to_buf(conn,
  3243. "551 Circuit doesn't have %d hops.\r\n", hop);
  3244. return 0;
  3245. }
  3246. }
  3247. if (connection_ap_handshake_rewrite_and_attach(ap_conn, circ, cpath) < 0) {
  3248. connection_write_str_to_buf("551 Unable to attach stream\r\n", conn);
  3249. return 0;
  3250. }
  3251. send_control_done(conn);
  3252. return 0;
  3253. }
  3254. /** Called when we get a POSTDESCRIPTOR message. Try to learn the provided
  3255. * descriptor, and report success or failure. */
  3256. static int
  3257. handle_control_postdescriptor(control_connection_t *conn, uint32_t len,
  3258. const char *body)
  3259. {
  3260. char *desc;
  3261. const char *msg=NULL;
  3262. uint8_t purpose = ROUTER_PURPOSE_GENERAL;
  3263. int cache = 0; /* eventually, we may switch this to 1 */
  3264. const char *cp = memchr(body, '\n', len);
  3265. if (cp == NULL) {
  3266. connection_printf_to_buf(conn, "251 Empty body\r\n");
  3267. return 0;
  3268. }
  3269. ++cp;
  3270. char *cmdline = tor_memdup_nulterm(body, cp-body);
  3271. smartlist_t *args = smartlist_new();
  3272. smartlist_split_string(args, cmdline, " ",
  3273. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3274. SMARTLIST_FOREACH_BEGIN(args, char *, option) {
  3275. if (!strcasecmpstart(option, "purpose=")) {
  3276. option += strlen("purpose=");
  3277. purpose = router_purpose_from_string(option);
  3278. if (purpose == ROUTER_PURPOSE_UNKNOWN) {
  3279. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n",
  3280. option);
  3281. goto done;
  3282. }
  3283. } else if (!strcasecmpstart(option, "cache=")) {
  3284. option += strlen("cache=");
  3285. if (!strcasecmp(option, "no"))
  3286. cache = 0;
  3287. else if (!strcasecmp(option, "yes"))
  3288. cache = 1;
  3289. else {
  3290. connection_printf_to_buf(conn, "552 Unknown cache request \"%s\"\r\n",
  3291. option);
  3292. goto done;
  3293. }
  3294. } else { /* unrecognized argument? */
  3295. connection_printf_to_buf(conn,
  3296. "512 Unexpected argument \"%s\" to postdescriptor\r\n", option);
  3297. goto done;
  3298. }
  3299. } SMARTLIST_FOREACH_END(option);
  3300. read_escaped_data(cp, len-(cp-body), &desc);
  3301. switch (router_load_single_router(desc, purpose, cache, &msg)) {
  3302. case -1:
  3303. if (!msg) msg = "Could not parse descriptor";
  3304. connection_printf_to_buf(conn, "554 %s\r\n", msg);
  3305. break;
  3306. case 0:
  3307. if (!msg) msg = "Descriptor not added";
  3308. connection_printf_to_buf(conn, "251 %s\r\n",msg);
  3309. break;
  3310. case 1:
  3311. send_control_done(conn);
  3312. break;
  3313. }
  3314. tor_free(desc);
  3315. done:
  3316. SMARTLIST_FOREACH(args, char *, arg, tor_free(arg));
  3317. smartlist_free(args);
  3318. tor_free(cmdline);
  3319. return 0;
  3320. }
  3321. /** Called when we receive a REDIRECTSTERAM command. Try to change the target
  3322. * address of the named AP stream, and report success or failure. */
  3323. static int
  3324. handle_control_redirectstream(control_connection_t *conn, uint32_t len,
  3325. const char *body)
  3326. {
  3327. entry_connection_t *ap_conn = NULL;
  3328. char *new_addr = NULL;
  3329. uint16_t new_port = 0;
  3330. smartlist_t *args;
  3331. (void) len;
  3332. args = getargs_helper("REDIRECTSTREAM", conn, body, 2, -1);
  3333. if (!args)
  3334. return 0;
  3335. if (!(ap_conn = get_stream(smartlist_get(args, 0)))
  3336. || !ap_conn->socks_request) {
  3337. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3338. (char*)smartlist_get(args, 0));
  3339. } else {
  3340. int ok = 1;
  3341. if (smartlist_len(args) > 2) { /* they included a port too */
  3342. new_port = (uint16_t) tor_parse_ulong(smartlist_get(args, 2),
  3343. 10, 1, 65535, &ok, NULL);
  3344. }
  3345. if (!ok) {
  3346. connection_printf_to_buf(conn, "512 Cannot parse port \"%s\"\r\n",
  3347. (char*)smartlist_get(args, 2));
  3348. } else {
  3349. new_addr = tor_strdup(smartlist_get(args, 1));
  3350. }
  3351. }
  3352. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3353. smartlist_free(args);
  3354. if (!new_addr)
  3355. return 0;
  3356. strlcpy(ap_conn->socks_request->address, new_addr,
  3357. sizeof(ap_conn->socks_request->address));
  3358. if (new_port)
  3359. ap_conn->socks_request->port = new_port;
  3360. tor_free(new_addr);
  3361. send_control_done(conn);
  3362. return 0;
  3363. }
  3364. /** Called when we get a CLOSESTREAM command; try to close the named stream
  3365. * and report success or failure. */
  3366. static int
  3367. handle_control_closestream(control_connection_t *conn, uint32_t len,
  3368. const char *body)
  3369. {
  3370. entry_connection_t *ap_conn=NULL;
  3371. uint8_t reason=0;
  3372. smartlist_t *args;
  3373. int ok;
  3374. (void) len;
  3375. args = getargs_helper("CLOSESTREAM", conn, body, 2, -1);
  3376. if (!args)
  3377. return 0;
  3378. else if (!(ap_conn = get_stream(smartlist_get(args, 0))))
  3379. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3380. (char*)smartlist_get(args, 0));
  3381. else {
  3382. reason = (uint8_t) tor_parse_ulong(smartlist_get(args,1), 10, 0, 255,
  3383. &ok, NULL);
  3384. if (!ok) {
  3385. connection_printf_to_buf(conn, "552 Unrecognized reason \"%s\"\r\n",
  3386. (char*)smartlist_get(args, 1));
  3387. ap_conn = NULL;
  3388. }
  3389. }
  3390. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3391. smartlist_free(args);
  3392. if (!ap_conn)
  3393. return 0;
  3394. connection_mark_unattached_ap(ap_conn, reason);
  3395. send_control_done(conn);
  3396. return 0;
  3397. }
  3398. /** Called when we get a CLOSECIRCUIT command; try to close the named circuit
  3399. * and report success or failure. */
  3400. static int
  3401. handle_control_closecircuit(control_connection_t *conn, uint32_t len,
  3402. const char *body)
  3403. {
  3404. origin_circuit_t *circ = NULL;
  3405. int safe = 0;
  3406. smartlist_t *args;
  3407. (void) len;
  3408. args = getargs_helper("CLOSECIRCUIT", conn, body, 1, -1);
  3409. if (!args)
  3410. return 0;
  3411. if (!(circ=get_circ(smartlist_get(args, 0))))
  3412. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3413. (char*)smartlist_get(args, 0));
  3414. else {
  3415. int i;
  3416. for (i=1; i < smartlist_len(args); ++i) {
  3417. if (!strcasecmp(smartlist_get(args, i), "IfUnused"))
  3418. safe = 1;
  3419. else
  3420. log_info(LD_CONTROL, "Skipping unknown option %s",
  3421. (char*)smartlist_get(args,i));
  3422. }
  3423. }
  3424. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3425. smartlist_free(args);
  3426. if (!circ)
  3427. return 0;
  3428. if (!safe || !circ->p_streams) {
  3429. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_REQUESTED);
  3430. }
  3431. send_control_done(conn);
  3432. return 0;
  3433. }
  3434. /** Called when we get a RESOLVE command: start trying to resolve
  3435. * the listed addresses. */
  3436. static int
  3437. handle_control_resolve(control_connection_t *conn, uint32_t len,
  3438. const char *body)
  3439. {
  3440. smartlist_t *args, *failed;
  3441. int is_reverse = 0;
  3442. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3443. if (!(conn->event_mask & (((event_mask_t)1)<<EVENT_ADDRMAP))) {
  3444. log_warn(LD_CONTROL, "Controller asked us to resolve an address, but "
  3445. "isn't listening for ADDRMAP events. It probably won't see "
  3446. "the answer.");
  3447. }
  3448. args = smartlist_new();
  3449. smartlist_split_string(args, body, " ",
  3450. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3451. {
  3452. const char *modearg = find_element_starting_with(args, 0, "mode=");
  3453. if (modearg && !strcasecmp(modearg, "mode=reverse"))
  3454. is_reverse = 1;
  3455. }
  3456. failed = smartlist_new();
  3457. SMARTLIST_FOREACH(args, const char *, arg, {
  3458. if (!is_keyval_pair(arg)) {
  3459. if (dnsserv_launch_request(arg, is_reverse, conn)<0)
  3460. smartlist_add(failed, (char*)arg);
  3461. }
  3462. });
  3463. send_control_done(conn);
  3464. SMARTLIST_FOREACH(failed, const char *, arg, {
  3465. control_event_address_mapped(arg, arg, time(NULL),
  3466. "internal", 0);
  3467. });
  3468. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3469. smartlist_free(args);
  3470. smartlist_free(failed);
  3471. return 0;
  3472. }
  3473. /** Called when we get a PROTOCOLINFO command: send back a reply. */
  3474. static int
  3475. handle_control_protocolinfo(control_connection_t *conn, uint32_t len,
  3476. const char *body)
  3477. {
  3478. const char *bad_arg = NULL;
  3479. smartlist_t *args;
  3480. (void)len;
  3481. conn->have_sent_protocolinfo = 1;
  3482. args = smartlist_new();
  3483. smartlist_split_string(args, body, " ",
  3484. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3485. SMARTLIST_FOREACH(args, const char *, arg, {
  3486. int ok;
  3487. tor_parse_long(arg, 10, 0, LONG_MAX, &ok, NULL);
  3488. if (!ok) {
  3489. bad_arg = arg;
  3490. break;
  3491. }
  3492. });
  3493. if (bad_arg) {
  3494. connection_printf_to_buf(conn, "513 No such version %s\r\n",
  3495. escaped(bad_arg));
  3496. /* Don't tolerate bad arguments when not authenticated. */
  3497. if (!STATE_IS_OPEN(TO_CONN(conn)->state))
  3498. connection_mark_for_close(TO_CONN(conn));
  3499. goto done;
  3500. } else {
  3501. const or_options_t *options = get_options();
  3502. int cookies = options->CookieAuthentication;
  3503. char *cfile = get_controller_cookie_file_name();
  3504. char *abs_cfile;
  3505. char *esc_cfile;
  3506. char *methods;
  3507. abs_cfile = make_path_absolute(cfile);
  3508. esc_cfile = esc_for_log(abs_cfile);
  3509. {
  3510. int passwd = (options->HashedControlPassword != NULL ||
  3511. options->HashedControlSessionPassword != NULL);
  3512. smartlist_t *mlist = smartlist_new();
  3513. if (cookies) {
  3514. smartlist_add(mlist, (char*)"COOKIE");
  3515. smartlist_add(mlist, (char*)"SAFECOOKIE");
  3516. }
  3517. if (passwd)
  3518. smartlist_add(mlist, (char*)"HASHEDPASSWORD");
  3519. if (!cookies && !passwd)
  3520. smartlist_add(mlist, (char*)"NULL");
  3521. methods = smartlist_join_strings(mlist, ",", 0, NULL);
  3522. smartlist_free(mlist);
  3523. }
  3524. connection_printf_to_buf(conn,
  3525. "250-PROTOCOLINFO 1\r\n"
  3526. "250-AUTH METHODS=%s%s%s\r\n"
  3527. "250-VERSION Tor=%s\r\n"
  3528. "250 OK\r\n",
  3529. methods,
  3530. cookies?" COOKIEFILE=":"",
  3531. cookies?esc_cfile:"",
  3532. escaped(VERSION));
  3533. tor_free(methods);
  3534. tor_free(cfile);
  3535. tor_free(abs_cfile);
  3536. tor_free(esc_cfile);
  3537. }
  3538. done:
  3539. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3540. smartlist_free(args);
  3541. return 0;
  3542. }
  3543. /** Called when we get an AUTHCHALLENGE command. */
  3544. static int
  3545. handle_control_authchallenge(control_connection_t *conn, uint32_t len,
  3546. const char *body)
  3547. {
  3548. const char *cp = body;
  3549. char *client_nonce;
  3550. size_t client_nonce_len;
  3551. char server_hash[DIGEST256_LEN];
  3552. char server_hash_encoded[HEX_DIGEST256_LEN+1];
  3553. char server_nonce[SAFECOOKIE_SERVER_NONCE_LEN];
  3554. char server_nonce_encoded[(2*SAFECOOKIE_SERVER_NONCE_LEN) + 1];
  3555. cp += strspn(cp, " \t\n\r");
  3556. if (!strcasecmpstart(cp, "SAFECOOKIE")) {
  3557. cp += strlen("SAFECOOKIE");
  3558. } else {
  3559. connection_write_str_to_buf("513 AUTHCHALLENGE only supports SAFECOOKIE "
  3560. "authentication\r\n", conn);
  3561. connection_mark_for_close(TO_CONN(conn));
  3562. return -1;
  3563. }
  3564. if (!authentication_cookie_is_set) {
  3565. connection_write_str_to_buf("515 Cookie authentication is disabled\r\n",
  3566. conn);
  3567. connection_mark_for_close(TO_CONN(conn));
  3568. return -1;
  3569. }
  3570. cp += strspn(cp, " \t\n\r");
  3571. if (*cp == '"') {
  3572. const char *newcp =
  3573. decode_escaped_string(cp, len - (cp - body),
  3574. &client_nonce, &client_nonce_len);
  3575. if (newcp == NULL) {
  3576. connection_write_str_to_buf("513 Invalid quoted client nonce\r\n",
  3577. conn);
  3578. connection_mark_for_close(TO_CONN(conn));
  3579. return -1;
  3580. }
  3581. cp = newcp;
  3582. } else {
  3583. size_t client_nonce_encoded_len = strspn(cp, "0123456789ABCDEFabcdef");
  3584. client_nonce_len = client_nonce_encoded_len / 2;
  3585. client_nonce = tor_malloc_zero(client_nonce_len);
  3586. if (base16_decode(client_nonce, client_nonce_len,
  3587. cp, client_nonce_encoded_len)
  3588. != (int) client_nonce_len) {
  3589. connection_write_str_to_buf("513 Invalid base16 client nonce\r\n",
  3590. conn);
  3591. connection_mark_for_close(TO_CONN(conn));
  3592. tor_free(client_nonce);
  3593. return -1;
  3594. }
  3595. cp += client_nonce_encoded_len;
  3596. }
  3597. cp += strspn(cp, " \t\n\r");
  3598. if (*cp != '\0' ||
  3599. cp != body + len) {
  3600. connection_write_str_to_buf("513 Junk at end of AUTHCHALLENGE command\r\n",
  3601. conn);
  3602. connection_mark_for_close(TO_CONN(conn));
  3603. tor_free(client_nonce);
  3604. return -1;
  3605. }
  3606. crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
  3607. /* Now compute and send the server-to-controller response, and the
  3608. * server's nonce. */
  3609. tor_assert(authentication_cookie != NULL);
  3610. {
  3611. size_t tmp_len = (AUTHENTICATION_COOKIE_LEN +
  3612. client_nonce_len +
  3613. SAFECOOKIE_SERVER_NONCE_LEN);
  3614. char *tmp = tor_malloc_zero(tmp_len);
  3615. char *client_hash = tor_malloc_zero(DIGEST256_LEN);
  3616. memcpy(tmp, authentication_cookie, AUTHENTICATION_COOKIE_LEN);
  3617. memcpy(tmp + AUTHENTICATION_COOKIE_LEN, client_nonce, client_nonce_len);
  3618. memcpy(tmp + AUTHENTICATION_COOKIE_LEN + client_nonce_len,
  3619. server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
  3620. crypto_hmac_sha256(server_hash,
  3621. SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT,
  3622. strlen(SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT),
  3623. tmp,
  3624. tmp_len);
  3625. crypto_hmac_sha256(client_hash,
  3626. SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT,
  3627. strlen(SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT),
  3628. tmp,
  3629. tmp_len);
  3630. conn->safecookie_client_hash = client_hash;
  3631. tor_free(tmp);
  3632. }
  3633. base16_encode(server_hash_encoded, sizeof(server_hash_encoded),
  3634. server_hash, sizeof(server_hash));
  3635. base16_encode(server_nonce_encoded, sizeof(server_nonce_encoded),
  3636. server_nonce, sizeof(server_nonce));
  3637. connection_printf_to_buf(conn,
  3638. "250 AUTHCHALLENGE SERVERHASH=%s "
  3639. "SERVERNONCE=%s\r\n",
  3640. server_hash_encoded,
  3641. server_nonce_encoded);
  3642. tor_free(client_nonce);
  3643. return 0;
  3644. }
  3645. /** Called when we get a USEFEATURE command: parse the feature list, and
  3646. * set up the control_connection's options properly. */
  3647. static int
  3648. handle_control_usefeature(control_connection_t *conn,
  3649. uint32_t len,
  3650. const char *body)
  3651. {
  3652. smartlist_t *args;
  3653. int bad = 0;
  3654. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3655. args = smartlist_new();
  3656. smartlist_split_string(args, body, " ",
  3657. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3658. SMARTLIST_FOREACH_BEGIN(args, const char *, arg) {
  3659. if (!strcasecmp(arg, "VERBOSE_NAMES"))
  3660. ;
  3661. else if (!strcasecmp(arg, "EXTENDED_EVENTS"))
  3662. ;
  3663. else {
  3664. connection_printf_to_buf(conn, "552 Unrecognized feature \"%s\"\r\n",
  3665. arg);
  3666. bad = 1;
  3667. break;
  3668. }
  3669. } SMARTLIST_FOREACH_END(arg);
  3670. if (!bad) {
  3671. send_control_done(conn);
  3672. }
  3673. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3674. smartlist_free(args);
  3675. return 0;
  3676. }
  3677. /** Implementation for the DROPGUARDS command. */
  3678. static int
  3679. handle_control_dropguards(control_connection_t *conn,
  3680. uint32_t len,
  3681. const char *body)
  3682. {
  3683. smartlist_t *args;
  3684. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3685. args = smartlist_new();
  3686. smartlist_split_string(args, body, " ",
  3687. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3688. if (smartlist_len(args)) {
  3689. connection_printf_to_buf(conn, "512 Too many arguments to DROPGUARDS\r\n");
  3690. } else {
  3691. remove_all_entry_guards();
  3692. send_control_done(conn);
  3693. }
  3694. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3695. smartlist_free(args);
  3696. return 0;
  3697. }
  3698. /** Implementation for the HSFETCH command. */
  3699. static int
  3700. handle_control_hsfetch(control_connection_t *conn, uint32_t len,
  3701. const char *body)
  3702. {
  3703. int i;
  3704. char digest[DIGEST_LEN], *hsaddress = NULL, *arg1 = NULL, *desc_id = NULL;
  3705. smartlist_t *args = NULL, *hsdirs = NULL;
  3706. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3707. static const char *hsfetch_command = "HSFETCH";
  3708. static const char *v2_str = "v2-";
  3709. const size_t v2_str_len = strlen(v2_str);
  3710. rend_data_t *rend_query = NULL;
  3711. /* Make sure we have at least one argument, the HSAddress. */
  3712. args = getargs_helper(hsfetch_command, conn, body, 1, -1);
  3713. if (!args) {
  3714. goto exit;
  3715. }
  3716. /* Extract the first argument (either HSAddress or DescID). */
  3717. arg1 = smartlist_get(args, 0);
  3718. /* Test if it's an HS address without the .onion part. */
  3719. if (rend_valid_service_id(arg1)) {
  3720. hsaddress = arg1;
  3721. } else if (strcmpstart(arg1, v2_str) == 0 &&
  3722. rend_valid_descriptor_id(arg1 + v2_str_len) &&
  3723. base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
  3724. REND_DESC_ID_V2_LEN_BASE32) == 0) {
  3725. /* We have a well formed version 2 descriptor ID. Keep the decoded value
  3726. * of the id. */
  3727. desc_id = digest;
  3728. } else {
  3729. connection_printf_to_buf(conn, "513 Unrecognized \"%s\"\r\n",
  3730. arg1);
  3731. goto done;
  3732. }
  3733. static const char *opt_server = "SERVER=";
  3734. /* Skip first argument because it's the HSAddress or DescID. */
  3735. for (i = 1; i < smartlist_len(args); ++i) {
  3736. const char *arg = smartlist_get(args, i);
  3737. const node_t *node;
  3738. if (!strcasecmpstart(arg, opt_server)) {
  3739. const char *server;
  3740. server = arg + strlen(opt_server);
  3741. node = node_get_by_hex_id(server);
  3742. if (!node) {
  3743. connection_printf_to_buf(conn, "552 Server \"%s\" not found\r\n",
  3744. server);
  3745. goto done;
  3746. }
  3747. if (!hsdirs) {
  3748. /* Stores routerstatus_t object for each specified server. */
  3749. hsdirs = smartlist_new();
  3750. }
  3751. /* Valid server, add it to our local list. */
  3752. smartlist_add(hsdirs, node->rs);
  3753. } else {
  3754. connection_printf_to_buf(conn, "513 Unexpected argument \"%s\"\r\n",
  3755. arg);
  3756. goto done;
  3757. }
  3758. }
  3759. rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
  3760. REND_NO_AUTH);
  3761. if (rend_query == NULL) {
  3762. connection_printf_to_buf(conn, "551 Error creating the HS query\r\n");
  3763. goto done;
  3764. }
  3765. /* Using a descriptor ID, we force the user to provide at least one
  3766. * hsdir server using the SERVER= option. */
  3767. if (desc_id && (!hsdirs || !smartlist_len(hsdirs))) {
  3768. connection_printf_to_buf(conn, "512 %s option is required\r\n",
  3769. opt_server);
  3770. goto done;
  3771. }
  3772. /* We are about to trigger HSDir fetch so send the OK now because after
  3773. * that 650 event(s) are possible so better to have the 250 OK before them
  3774. * to avoid out of order replies. */
  3775. send_control_done(conn);
  3776. /* Trigger the fetch using the built rend query and possibly a list of HS
  3777. * directory to use. This function ignores the client cache thus this will
  3778. * always send a fetch command. */
  3779. rend_client_fetch_v2_desc(rend_query, hsdirs);
  3780. done:
  3781. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3782. smartlist_free(args);
  3783. /* Contains data pointer that we don't own thus no cleanup. */
  3784. smartlist_free(hsdirs);
  3785. rend_data_free(rend_query);
  3786. exit:
  3787. return 0;
  3788. }
  3789. /** Implementation for the HSPOST command. */
  3790. static int
  3791. handle_control_hspost(control_connection_t *conn,
  3792. uint32_t len,
  3793. const char *body)
  3794. {
  3795. static const char *opt_server = "SERVER=";
  3796. smartlist_t *hs_dirs = NULL;
  3797. const char *encoded_desc = body;
  3798. size_t encoded_desc_len = len;
  3799. char *cp = memchr(body, '\n', len);
  3800. if (cp == NULL) {
  3801. connection_printf_to_buf(conn, "251 Empty body\r\n");
  3802. return 0;
  3803. }
  3804. char *argline = tor_strndup(body, cp-body);
  3805. smartlist_t *args = smartlist_new();
  3806. /* If any SERVER= options were specified, try parse the options line */
  3807. if (!strcasecmpstart(argline, opt_server)) {
  3808. /* encoded_desc begins after a newline character */
  3809. cp = cp + 1;
  3810. encoded_desc = cp;
  3811. encoded_desc_len = len-(cp-body);
  3812. smartlist_split_string(args, argline, " ",
  3813. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3814. SMARTLIST_FOREACH_BEGIN(args, const char *, arg) {
  3815. if (!strcasecmpstart(arg, opt_server)) {
  3816. const char *server = arg + strlen(opt_server);
  3817. const node_t *node = node_get_by_hex_id(server);
  3818. if (!node || !node->rs) {
  3819. connection_printf_to_buf(conn, "552 Server \"%s\" not found\r\n",
  3820. server);
  3821. goto done;
  3822. }
  3823. if (!node->rs->is_hs_dir) {
  3824. connection_printf_to_buf(conn, "552 Server \"%s\" is not a HSDir"
  3825. "\r\n", server);
  3826. goto done;
  3827. }
  3828. /* Valid server, add it to our local list. */
  3829. if (!hs_dirs)
  3830. hs_dirs = smartlist_new();
  3831. smartlist_add(hs_dirs, node->rs);
  3832. } else {
  3833. connection_printf_to_buf(conn, "512 Unexpected argument \"%s\"\r\n",
  3834. arg);
  3835. goto done;
  3836. }
  3837. } SMARTLIST_FOREACH_END(arg);
  3838. }
  3839. /* Read the dot encoded descriptor, and parse it. */
  3840. rend_encoded_v2_service_descriptor_t *desc =
  3841. tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t));
  3842. read_escaped_data(encoded_desc, encoded_desc_len, &desc->desc_str);
  3843. rend_service_descriptor_t *parsed = NULL;
  3844. char *intro_content = NULL;
  3845. size_t intro_size;
  3846. size_t encoded_size;
  3847. const char *next_desc;
  3848. if (!rend_parse_v2_service_descriptor(&parsed, desc->desc_id, &intro_content,
  3849. &intro_size, &encoded_size,
  3850. &next_desc, desc->desc_str, 1)) {
  3851. /* Post the descriptor. */
  3852. char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
  3853. if (!rend_get_service_id(parsed->pk, serviceid)) {
  3854. smartlist_t *descs = smartlist_new();
  3855. smartlist_add(descs, desc);
  3856. /* We are about to trigger HS descriptor upload so send the OK now
  3857. * because after that 650 event(s) are possible so better to have the
  3858. * 250 OK before them to avoid out of order replies. */
  3859. send_control_done(conn);
  3860. /* Trigger the descriptor upload */
  3861. directory_post_to_hs_dir(parsed, descs, hs_dirs, serviceid, 0);
  3862. smartlist_free(descs);
  3863. }
  3864. rend_service_descriptor_free(parsed);
  3865. } else {
  3866. connection_printf_to_buf(conn, "554 Invalid descriptor\r\n");
  3867. }
  3868. tor_free(intro_content);
  3869. rend_encoded_v2_service_descriptor_free(desc);
  3870. done:
  3871. tor_free(argline);
  3872. smartlist_free(hs_dirs); /* Contents belong to the rend service code. */
  3873. SMARTLIST_FOREACH(args, char *, arg, tor_free(arg));
  3874. smartlist_free(args);
  3875. return 0;
  3876. }
  3877. /** Called when we get a ADD_ONION command; parse the body, and set up
  3878. * the new ephemeral Onion Service. */
  3879. static int
  3880. handle_control_add_onion(control_connection_t *conn,
  3881. uint32_t len,
  3882. const char *body)
  3883. {
  3884. smartlist_t *args;
  3885. size_t arg_len;
  3886. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3887. args = getargs_helper("ADD_ONION", conn, body, 2, -1);
  3888. if (!args)
  3889. return 0;
  3890. arg_len = smartlist_len(args);
  3891. /* Parse all of the arguments that do not involve handling cryptographic
  3892. * material first, since there's no reason to touch that at all if any of
  3893. * the other arguments are malformed.
  3894. */
  3895. smartlist_t *port_cfgs = smartlist_new();
  3896. smartlist_t *auth_clients = NULL;
  3897. smartlist_t *auth_created_clients = NULL;
  3898. int discard_pk = 0;
  3899. int detach = 0;
  3900. int max_streams = 0;
  3901. int max_streams_close_circuit = 0;
  3902. rend_auth_type_t auth_type = REND_NO_AUTH;
  3903. /* Default to adding an anonymous hidden service if no flag is given */
  3904. int non_anonymous = 0;
  3905. for (size_t i = 1; i < arg_len; i++) {
  3906. static const char *port_prefix = "Port=";
  3907. static const char *flags_prefix = "Flags=";
  3908. static const char *max_s_prefix = "MaxStreams=";
  3909. static const char *auth_prefix = "ClientAuth=";
  3910. const char *arg = smartlist_get(args, i);
  3911. if (!strcasecmpstart(arg, port_prefix)) {
  3912. /* "Port=VIRTPORT[,TARGET]". */
  3913. const char *port_str = arg + strlen(port_prefix);
  3914. rend_service_port_config_t *cfg =
  3915. rend_service_parse_port_config(port_str, ",", NULL);
  3916. if (!cfg) {
  3917. connection_printf_to_buf(conn, "512 Invalid VIRTPORT/TARGET\r\n");
  3918. goto out;
  3919. }
  3920. smartlist_add(port_cfgs, cfg);
  3921. } else if (!strcasecmpstart(arg, max_s_prefix)) {
  3922. /* "MaxStreams=[0..65535]". */
  3923. const char *max_s_str = arg + strlen(max_s_prefix);
  3924. int ok = 0;
  3925. max_streams = (int)tor_parse_long(max_s_str, 10, 0, 65535, &ok, NULL);
  3926. if (!ok) {
  3927. connection_printf_to_buf(conn, "512 Invalid MaxStreams\r\n");
  3928. goto out;
  3929. }
  3930. } else if (!strcasecmpstart(arg, flags_prefix)) {
  3931. /* "Flags=Flag[,Flag]", where Flag can be:
  3932. * * 'DiscardPK' - If tor generates the keypair, do not include it in
  3933. * the response.
  3934. * * 'Detach' - Do not tie this onion service to any particular control
  3935. * connection.
  3936. * * 'MaxStreamsCloseCircuit' - Close the circuit if MaxStreams is
  3937. * exceeded.
  3938. * * 'BasicAuth' - Client authorization using the 'basic' method.
  3939. * * 'NonAnonymous' - Add a non-anonymous Single Onion Service. If this
  3940. * flag is present, tor must be in non-anonymous
  3941. * hidden service mode. If this flag is absent,
  3942. * tor must be in anonymous hidden service mode.
  3943. */
  3944. static const char *discard_flag = "DiscardPK";
  3945. static const char *detach_flag = "Detach";
  3946. static const char *max_s_close_flag = "MaxStreamsCloseCircuit";
  3947. static const char *basicauth_flag = "BasicAuth";
  3948. static const char *non_anonymous_flag = "NonAnonymous";
  3949. smartlist_t *flags = smartlist_new();
  3950. int bad = 0;
  3951. smartlist_split_string(flags, arg + strlen(flags_prefix), ",",
  3952. SPLIT_IGNORE_BLANK, 0);
  3953. if (smartlist_len(flags) < 1) {
  3954. connection_printf_to_buf(conn, "512 Invalid 'Flags' argument\r\n");
  3955. bad = 1;
  3956. }
  3957. SMARTLIST_FOREACH_BEGIN(flags, const char *, flag)
  3958. {
  3959. if (!strcasecmp(flag, discard_flag)) {
  3960. discard_pk = 1;
  3961. } else if (!strcasecmp(flag, detach_flag)) {
  3962. detach = 1;
  3963. } else if (!strcasecmp(flag, max_s_close_flag)) {
  3964. max_streams_close_circuit = 1;
  3965. } else if (!strcasecmp(flag, basicauth_flag)) {
  3966. auth_type = REND_BASIC_AUTH;
  3967. } else if (!strcasecmp(flag, non_anonymous_flag)) {
  3968. non_anonymous = 1;
  3969. } else {
  3970. connection_printf_to_buf(conn,
  3971. "512 Invalid 'Flags' argument: %s\r\n",
  3972. escaped(flag));
  3973. bad = 1;
  3974. break;
  3975. }
  3976. } SMARTLIST_FOREACH_END(flag);
  3977. SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp));
  3978. smartlist_free(flags);
  3979. if (bad)
  3980. goto out;
  3981. } else if (!strcasecmpstart(arg, auth_prefix)) {
  3982. char *err_msg = NULL;
  3983. int created = 0;
  3984. rend_authorized_client_t *client =
  3985. add_onion_helper_clientauth(arg + strlen(auth_prefix),
  3986. &created, &err_msg);
  3987. if (!client) {
  3988. if (err_msg) {
  3989. connection_write_str_to_buf(err_msg, conn);
  3990. tor_free(err_msg);
  3991. }
  3992. goto out;
  3993. }
  3994. if (auth_clients != NULL) {
  3995. int bad = 0;
  3996. SMARTLIST_FOREACH_BEGIN(auth_clients, rend_authorized_client_t *, ac) {
  3997. if (strcmp(ac->client_name, client->client_name) == 0) {
  3998. bad = 1;
  3999. break;
  4000. }
  4001. } SMARTLIST_FOREACH_END(ac);
  4002. if (bad) {
  4003. connection_printf_to_buf(conn,
  4004. "512 Duplicate name in ClientAuth\r\n");
  4005. rend_authorized_client_free(client);
  4006. goto out;
  4007. }
  4008. } else {
  4009. auth_clients = smartlist_new();
  4010. auth_created_clients = smartlist_new();
  4011. }
  4012. smartlist_add(auth_clients, client);
  4013. if (created) {
  4014. smartlist_add(auth_created_clients, client);
  4015. }
  4016. } else {
  4017. connection_printf_to_buf(conn, "513 Invalid argument\r\n");
  4018. goto out;
  4019. }
  4020. }
  4021. if (smartlist_len(port_cfgs) == 0) {
  4022. connection_printf_to_buf(conn, "512 Missing 'Port' argument\r\n");
  4023. goto out;
  4024. } else if (auth_type == REND_NO_AUTH && auth_clients != NULL) {
  4025. connection_printf_to_buf(conn, "512 No auth type specified\r\n");
  4026. goto out;
  4027. } else if (auth_type != REND_NO_AUTH && auth_clients == NULL) {
  4028. connection_printf_to_buf(conn, "512 No auth clients specified\r\n");
  4029. goto out;
  4030. } else if ((auth_type == REND_BASIC_AUTH &&
  4031. smartlist_len(auth_clients) > 512) ||
  4032. (auth_type == REND_STEALTH_AUTH &&
  4033. smartlist_len(auth_clients) > 16)) {
  4034. connection_printf_to_buf(conn, "512 Too many auth clients\r\n");
  4035. goto out;
  4036. } else if (non_anonymous != rend_service_non_anonymous_mode_enabled(
  4037. get_options())) {
  4038. /* If we failed, and the non-anonymous flag is set, Tor must be in
  4039. * anonymous hidden service mode.
  4040. * The error message changes based on the current Tor config:
  4041. * 512 Tor is in anonymous hidden service mode
  4042. * 512 Tor is in non-anonymous hidden service mode
  4043. * (I've deliberately written them out in full here to aid searchability.)
  4044. */
  4045. connection_printf_to_buf(conn, "512 Tor is in %sanonymous hidden service "
  4046. "mode\r\n",
  4047. non_anonymous ? "" : "non-");
  4048. goto out;
  4049. }
  4050. /* Parse the "keytype:keyblob" argument. */
  4051. crypto_pk_t *pk = NULL;
  4052. const char *key_new_alg = NULL;
  4053. char *key_new_blob = NULL;
  4054. char *err_msg = NULL;
  4055. pk = add_onion_helper_keyarg(smartlist_get(args, 0), discard_pk,
  4056. &key_new_alg, &key_new_blob,
  4057. &err_msg);
  4058. if (!pk) {
  4059. if (err_msg) {
  4060. connection_write_str_to_buf(err_msg, conn);
  4061. tor_free(err_msg);
  4062. }
  4063. goto out;
  4064. }
  4065. tor_assert(!err_msg);
  4066. /* Create the HS, using private key pk, client authentication auth_type,
  4067. * the list of auth_clients, and port config port_cfg.
  4068. * rend_service_add_ephemeral() will take ownership of pk and port_cfg,
  4069. * regardless of success/failure.
  4070. */
  4071. char *service_id = NULL;
  4072. int ret = rend_service_add_ephemeral(pk, port_cfgs, max_streams,
  4073. max_streams_close_circuit,
  4074. auth_type, auth_clients,
  4075. &service_id);
  4076. port_cfgs = NULL; /* port_cfgs is now owned by the rendservice code. */
  4077. auth_clients = NULL; /* so is auth_clients */
  4078. switch (ret) {
  4079. case RSAE_OKAY:
  4080. {
  4081. if (detach) {
  4082. if (!detached_onion_services)
  4083. detached_onion_services = smartlist_new();
  4084. smartlist_add(detached_onion_services, service_id);
  4085. } else {
  4086. if (!conn->ephemeral_onion_services)
  4087. conn->ephemeral_onion_services = smartlist_new();
  4088. smartlist_add(conn->ephemeral_onion_services, service_id);
  4089. }
  4090. tor_assert(service_id);
  4091. connection_printf_to_buf(conn, "250-ServiceID=%s\r\n", service_id);
  4092. if (key_new_alg) {
  4093. tor_assert(key_new_blob);
  4094. connection_printf_to_buf(conn, "250-PrivateKey=%s:%s\r\n",
  4095. key_new_alg, key_new_blob);
  4096. }
  4097. if (auth_created_clients) {
  4098. SMARTLIST_FOREACH(auth_created_clients, rend_authorized_client_t *, ac, {
  4099. char *encoded = rend_auth_encode_cookie(ac->descriptor_cookie,
  4100. auth_type);
  4101. tor_assert(encoded);
  4102. connection_printf_to_buf(conn, "250-ClientAuth=%s:%s\r\n",
  4103. ac->client_name, encoded);
  4104. memwipe(encoded, 0, strlen(encoded));
  4105. tor_free(encoded);
  4106. });
  4107. }
  4108. connection_printf_to_buf(conn, "250 OK\r\n");
  4109. break;
  4110. }
  4111. case RSAE_BADPRIVKEY:
  4112. connection_printf_to_buf(conn, "551 Failed to generate onion address\r\n");
  4113. break;
  4114. case RSAE_ADDREXISTS:
  4115. connection_printf_to_buf(conn, "550 Onion address collision\r\n");
  4116. break;
  4117. case RSAE_BADVIRTPORT:
  4118. connection_printf_to_buf(conn, "512 Invalid VIRTPORT/TARGET\r\n");
  4119. break;
  4120. case RSAE_BADAUTH:
  4121. connection_printf_to_buf(conn, "512 Invalid client authorization\r\n");
  4122. break;
  4123. case RSAE_INTERNAL: /* FALLSTHROUGH */
  4124. default:
  4125. connection_printf_to_buf(conn, "551 Failed to add Onion Service\r\n");
  4126. }
  4127. if (key_new_blob) {
  4128. memwipe(key_new_blob, 0, strlen(key_new_blob));
  4129. tor_free(key_new_blob);
  4130. }
  4131. out:
  4132. if (port_cfgs) {
  4133. SMARTLIST_FOREACH(port_cfgs, rend_service_port_config_t*, p,
  4134. rend_service_port_config_free(p));
  4135. smartlist_free(port_cfgs);
  4136. }
  4137. if (auth_clients) {
  4138. SMARTLIST_FOREACH(auth_clients, rend_authorized_client_t *, ac,
  4139. rend_authorized_client_free(ac));
  4140. smartlist_free(auth_clients);
  4141. }
  4142. if (auth_created_clients) {
  4143. // Do not free entries; they are the same as auth_clients
  4144. smartlist_free(auth_created_clients);
  4145. }
  4146. SMARTLIST_FOREACH(args, char *, cp, {
  4147. memwipe(cp, 0, strlen(cp));
  4148. tor_free(cp);
  4149. });
  4150. smartlist_free(args);
  4151. return 0;
  4152. }
  4153. /** Helper function to handle parsing the KeyType:KeyBlob argument to the
  4154. * ADD_ONION command. Return a new crypto_pk_t and if a new key was generated
  4155. * and the private key not discarded, the algorithm and serialized private key,
  4156. * or NULL and an optional control protocol error message on failure. The
  4157. * caller is responsible for freeing the returned key_new_blob and err_msg.
  4158. *
  4159. * Note: The error messages returned are deliberately vague to avoid echoing
  4160. * key material.
  4161. */
  4162. STATIC crypto_pk_t *
  4163. add_onion_helper_keyarg(const char *arg, int discard_pk,
  4164. const char **key_new_alg_out, char **key_new_blob_out,
  4165. char **err_msg_out)
  4166. {
  4167. smartlist_t *key_args = smartlist_new();
  4168. crypto_pk_t *pk = NULL;
  4169. const char *key_new_alg = NULL;
  4170. char *key_new_blob = NULL;
  4171. char *err_msg = NULL;
  4172. int ok = 0;
  4173. smartlist_split_string(key_args, arg, ":", SPLIT_IGNORE_BLANK, 0);
  4174. if (smartlist_len(key_args) != 2) {
  4175. err_msg = tor_strdup("512 Invalid key type/blob\r\n");
  4176. goto err;
  4177. }
  4178. /* The format is "KeyType:KeyBlob". */
  4179. static const char *key_type_new = "NEW";
  4180. static const char *key_type_best = "BEST";
  4181. static const char *key_type_rsa1024 = "RSA1024";
  4182. const char *key_type = smartlist_get(key_args, 0);
  4183. const char *key_blob = smartlist_get(key_args, 1);
  4184. if (!strcasecmp(key_type_rsa1024, key_type)) {
  4185. /* "RSA:<Base64 Blob>" - Loading a pre-existing RSA1024 key. */
  4186. pk = crypto_pk_base64_decode(key_blob, strlen(key_blob));
  4187. if (!pk) {
  4188. err_msg = tor_strdup("512 Failed to decode RSA key\r\n");
  4189. goto err;
  4190. }
  4191. if (crypto_pk_num_bits(pk) != PK_BYTES*8) {
  4192. err_msg = tor_strdup("512 Invalid RSA key size\r\n");
  4193. goto err;
  4194. }
  4195. } else if (!strcasecmp(key_type_new, key_type)) {
  4196. /* "NEW:<Algorithm>" - Generating a new key, blob as algorithm. */
  4197. if (!strcasecmp(key_type_rsa1024, key_blob) ||
  4198. !strcasecmp(key_type_best, key_blob)) {
  4199. /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */
  4200. pk = crypto_pk_new();
  4201. if (crypto_pk_generate_key(pk)) {
  4202. tor_asprintf(&err_msg, "551 Failed to generate %s key\r\n",
  4203. key_type_rsa1024);
  4204. goto err;
  4205. }
  4206. if (!discard_pk) {
  4207. if (crypto_pk_base64_encode(pk, &key_new_blob)) {
  4208. tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n",
  4209. key_type_rsa1024);
  4210. goto err;
  4211. }
  4212. key_new_alg = key_type_rsa1024;
  4213. }
  4214. } else {
  4215. err_msg = tor_strdup("513 Invalid key type\r\n");
  4216. goto err;
  4217. }
  4218. } else {
  4219. err_msg = tor_strdup("513 Invalid key type\r\n");
  4220. goto err;
  4221. }
  4222. /* Succeded in loading or generating a private key. */
  4223. tor_assert(pk);
  4224. ok = 1;
  4225. err:
  4226. SMARTLIST_FOREACH(key_args, char *, cp, {
  4227. memwipe(cp, 0, strlen(cp));
  4228. tor_free(cp);
  4229. });
  4230. smartlist_free(key_args);
  4231. if (!ok) {
  4232. crypto_pk_free(pk);
  4233. pk = NULL;
  4234. }
  4235. if (err_msg_out) {
  4236. *err_msg_out = err_msg;
  4237. } else {
  4238. tor_free(err_msg);
  4239. }
  4240. *key_new_alg_out = key_new_alg;
  4241. *key_new_blob_out = key_new_blob;
  4242. return pk;
  4243. }
  4244. /** Helper function to handle parsing a ClientAuth argument to the
  4245. * ADD_ONION command. Return a new rend_authorized_client_t, or NULL
  4246. * and an optional control protocol error message on failure. The
  4247. * caller is responsible for freeing the returned auth_client and err_msg.
  4248. *
  4249. * If 'created' is specified, it will be set to 1 when a new cookie has
  4250. * been generated.
  4251. */
  4252. STATIC rend_authorized_client_t *
  4253. add_onion_helper_clientauth(const char *arg, int *created, char **err_msg)
  4254. {
  4255. int ok = 0;
  4256. tor_assert(arg);
  4257. tor_assert(created);
  4258. tor_assert(err_msg);
  4259. *err_msg = NULL;
  4260. smartlist_t *auth_args = smartlist_new();
  4261. rend_authorized_client_t *client =
  4262. tor_malloc_zero(sizeof(rend_authorized_client_t));
  4263. smartlist_split_string(auth_args, arg, ":", 0, 0);
  4264. if (smartlist_len(auth_args) < 1 || smartlist_len(auth_args) > 2) {
  4265. *err_msg = tor_strdup("512 Invalid ClientAuth syntax\r\n");
  4266. goto err;
  4267. }
  4268. client->client_name = tor_strdup(smartlist_get(auth_args, 0));
  4269. if (smartlist_len(auth_args) == 2) {
  4270. char *decode_err_msg = NULL;
  4271. if (rend_auth_decode_cookie(smartlist_get(auth_args, 1),
  4272. client->descriptor_cookie,
  4273. NULL, &decode_err_msg) < 0) {
  4274. tor_assert(decode_err_msg);
  4275. tor_asprintf(err_msg, "512 %s\r\n", decode_err_msg);
  4276. tor_free(decode_err_msg);
  4277. goto err;
  4278. }
  4279. *created = 0;
  4280. } else {
  4281. crypto_rand((char *) client->descriptor_cookie, REND_DESC_COOKIE_LEN);
  4282. *created = 1;
  4283. }
  4284. if (!rend_valid_client_name(client->client_name)) {
  4285. *err_msg = tor_strdup("512 Invalid name in ClientAuth\r\n");
  4286. goto err;
  4287. }
  4288. ok = 1;
  4289. err:
  4290. SMARTLIST_FOREACH(auth_args, char *, item, tor_free(item));
  4291. smartlist_free(auth_args);
  4292. if (!ok) {
  4293. rend_authorized_client_free(client);
  4294. client = NULL;
  4295. }
  4296. return client;
  4297. }
  4298. /** Called when we get a DEL_ONION command; parse the body, and remove
  4299. * the existing ephemeral Onion Service. */
  4300. static int
  4301. handle_control_del_onion(control_connection_t *conn,
  4302. uint32_t len,
  4303. const char *body)
  4304. {
  4305. smartlist_t *args;
  4306. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  4307. args = getargs_helper("DEL_ONION", conn, body, 1, 1);
  4308. if (!args)
  4309. return 0;
  4310. const char *service_id = smartlist_get(args, 0);
  4311. if (!rend_valid_service_id(service_id)) {
  4312. connection_printf_to_buf(conn, "512 Malformed Onion Service id\r\n");
  4313. goto out;
  4314. }
  4315. /* Determine if the onion service belongs to this particular control
  4316. * connection, or if it is in the global list of detached services. If it
  4317. * is in neither, either the service ID is invalid in some way, or it
  4318. * explicitly belongs to a different control connection, and an error
  4319. * should be returned.
  4320. */
  4321. smartlist_t *services[2] = {
  4322. conn->ephemeral_onion_services,
  4323. detached_onion_services
  4324. };
  4325. smartlist_t *onion_services = NULL;
  4326. int idx = -1;
  4327. for (size_t i = 0; i < ARRAY_LENGTH(services); i++) {
  4328. idx = smartlist_string_pos(services[i], service_id);
  4329. if (idx != -1) {
  4330. onion_services = services[i];
  4331. break;
  4332. }
  4333. }
  4334. if (onion_services == NULL) {
  4335. connection_printf_to_buf(conn, "552 Unknown Onion Service id\r\n");
  4336. } else {
  4337. int ret = rend_service_del_ephemeral(service_id);
  4338. if (ret) {
  4339. /* This should *NEVER* fail, since the service is on either the
  4340. * per-control connection list, or the global one.
  4341. */
  4342. log_warn(LD_BUG, "Failed to remove Onion Service %s.",
  4343. escaped(service_id));
  4344. tor_fragile_assert();
  4345. }
  4346. /* Remove/scrub the service_id from the appropriate list. */
  4347. char *cp = smartlist_get(onion_services, idx);
  4348. smartlist_del(onion_services, idx);
  4349. memwipe(cp, 0, strlen(cp));
  4350. tor_free(cp);
  4351. send_control_done(conn);
  4352. }
  4353. out:
  4354. SMARTLIST_FOREACH(args, char *, cp, {
  4355. memwipe(cp, 0, strlen(cp));
  4356. tor_free(cp);
  4357. });
  4358. smartlist_free(args);
  4359. return 0;
  4360. }
  4361. /** Called when <b>conn</b> has no more bytes left on its outbuf. */
  4362. int
  4363. connection_control_finished_flushing(control_connection_t *conn)
  4364. {
  4365. tor_assert(conn);
  4366. return 0;
  4367. }
  4368. /** Called when <b>conn</b> has gotten its socket closed. */
  4369. int
  4370. connection_control_reached_eof(control_connection_t *conn)
  4371. {
  4372. tor_assert(conn);
  4373. log_info(LD_CONTROL,"Control connection reached EOF. Closing.");
  4374. connection_mark_for_close(TO_CONN(conn));
  4375. return 0;
  4376. }
  4377. /** Shut down this Tor instance in the same way that SIGINT would, but
  4378. * with a log message appropriate for the loss of an owning controller. */
  4379. static void
  4380. lost_owning_controller(const char *owner_type, const char *loss_manner)
  4381. {
  4382. log_notice(LD_CONTROL, "Owning controller %s has %s -- exiting now.",
  4383. owner_type, loss_manner);
  4384. activate_signal(SIGTERM);
  4385. }
  4386. /** Called when <b>conn</b> is being freed. */
  4387. void
  4388. connection_control_closed(control_connection_t *conn)
  4389. {
  4390. tor_assert(conn);
  4391. conn->event_mask = 0;
  4392. control_update_global_event_mask();
  4393. /* Close all ephemeral Onion Services if any.
  4394. * The list and it's contents are scrubbed/freed in connection_free_.
  4395. */
  4396. if (conn->ephemeral_onion_services) {
  4397. SMARTLIST_FOREACH(conn->ephemeral_onion_services, char *, cp, {
  4398. rend_service_del_ephemeral(cp);
  4399. });
  4400. }
  4401. if (conn->is_owning_control_connection) {
  4402. lost_owning_controller("connection", "closed");
  4403. }
  4404. }
  4405. /** Return true iff <b>cmd</b> is allowable (or at least forgivable) at this
  4406. * stage of the protocol. */
  4407. static int
  4408. is_valid_initial_command(control_connection_t *conn, const char *cmd)
  4409. {
  4410. if (conn->base_.state == CONTROL_CONN_STATE_OPEN)
  4411. return 1;
  4412. if (!strcasecmp(cmd, "PROTOCOLINFO"))
  4413. return (!conn->have_sent_protocolinfo &&
  4414. conn->safecookie_client_hash == NULL);
  4415. if (!strcasecmp(cmd, "AUTHCHALLENGE"))
  4416. return (conn->safecookie_client_hash == NULL);
  4417. if (!strcasecmp(cmd, "AUTHENTICATE") ||
  4418. !strcasecmp(cmd, "QUIT"))
  4419. return 1;
  4420. return 0;
  4421. }
  4422. /** Do not accept any control command of more than 1MB in length. Anything
  4423. * that needs to be anywhere near this long probably means that one of our
  4424. * interfaces is broken. */
  4425. #define MAX_COMMAND_LINE_LENGTH (1024*1024)
  4426. /** Wrapper around peek_buf_has_control0 command: presents the same
  4427. * interface as that underlying functions, but takes a connection_t intead of
  4428. * a buf_t.
  4429. */
  4430. static int
  4431. peek_connection_has_control0_command(connection_t *conn)
  4432. {
  4433. return peek_buf_has_control0_command(conn->inbuf);
  4434. }
  4435. /** Called when data has arrived on a v1 control connection: Try to fetch
  4436. * commands from conn->inbuf, and execute them.
  4437. */
  4438. int
  4439. connection_control_process_inbuf(control_connection_t *conn)
  4440. {
  4441. size_t data_len;
  4442. uint32_t cmd_data_len;
  4443. int cmd_len;
  4444. char *args;
  4445. tor_assert(conn);
  4446. tor_assert(conn->base_.state == CONTROL_CONN_STATE_OPEN ||
  4447. conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH);
  4448. if (!conn->incoming_cmd) {
  4449. conn->incoming_cmd = tor_malloc(1024);
  4450. conn->incoming_cmd_len = 1024;
  4451. conn->incoming_cmd_cur_len = 0;
  4452. }
  4453. if (conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH &&
  4454. peek_connection_has_control0_command(TO_CONN(conn))) {
  4455. /* Detect v0 commands and send a "no more v0" message. */
  4456. size_t body_len;
  4457. char buf[128];
  4458. set_uint16(buf+2, htons(0x0000)); /* type == error */
  4459. set_uint16(buf+4, htons(0x0001)); /* code == internal error */
  4460. strlcpy(buf+6, "The v0 control protocol is not supported by Tor 0.1.2.17 "
  4461. "and later; upgrade your controller.",
  4462. sizeof(buf)-6);
  4463. body_len = 2+strlen(buf+6)+2; /* code, msg, nul. */
  4464. set_uint16(buf+0, htons(body_len));
  4465. connection_write_to_buf(buf, 4+body_len, TO_CONN(conn));
  4466. connection_mark_and_flush(TO_CONN(conn));
  4467. return 0;
  4468. }
  4469. again:
  4470. while (1) {
  4471. size_t last_idx;
  4472. int r;
  4473. /* First, fetch a line. */
  4474. do {
  4475. data_len = conn->incoming_cmd_len - conn->incoming_cmd_cur_len;
  4476. r = connection_fetch_from_buf_line(TO_CONN(conn),
  4477. conn->incoming_cmd+conn->incoming_cmd_cur_len,
  4478. &data_len);
  4479. if (r == 0)
  4480. /* Line not all here yet. Wait. */
  4481. return 0;
  4482. else if (r == -1) {
  4483. if (data_len + conn->incoming_cmd_cur_len > MAX_COMMAND_LINE_LENGTH) {
  4484. connection_write_str_to_buf("500 Line too long.\r\n", conn);
  4485. connection_stop_reading(TO_CONN(conn));
  4486. connection_mark_and_flush(TO_CONN(conn));
  4487. }
  4488. while (conn->incoming_cmd_len < data_len+conn->incoming_cmd_cur_len)
  4489. conn->incoming_cmd_len *= 2;
  4490. conn->incoming_cmd = tor_realloc(conn->incoming_cmd,
  4491. conn->incoming_cmd_len);
  4492. }
  4493. } while (r != 1);
  4494. tor_assert(data_len);
  4495. last_idx = conn->incoming_cmd_cur_len;
  4496. conn->incoming_cmd_cur_len += (int)data_len;
  4497. /* We have appended a line to incoming_cmd. Is the command done? */
  4498. if (last_idx == 0 && *conn->incoming_cmd != '+')
  4499. /* One line command, didn't start with '+'. */
  4500. break;
  4501. /* XXXX this code duplication is kind of dumb. */
  4502. if (last_idx+3 == conn->incoming_cmd_cur_len &&
  4503. tor_memeq(conn->incoming_cmd + last_idx, ".\r\n", 3)) {
  4504. /* Just appended ".\r\n"; we're done. Remove it. */
  4505. conn->incoming_cmd[last_idx] = '\0';
  4506. conn->incoming_cmd_cur_len -= 3;
  4507. break;
  4508. } else if (last_idx+2 == conn->incoming_cmd_cur_len &&
  4509. tor_memeq(conn->incoming_cmd + last_idx, ".\n", 2)) {
  4510. /* Just appended ".\n"; we're done. Remove it. */
  4511. conn->incoming_cmd[last_idx] = '\0';
  4512. conn->incoming_cmd_cur_len -= 2;
  4513. break;
  4514. }
  4515. /* Otherwise, read another line. */
  4516. }
  4517. data_len = conn->incoming_cmd_cur_len;
  4518. /* Okay, we now have a command sitting on conn->incoming_cmd. See if we
  4519. * recognize it.
  4520. */
  4521. cmd_len = 0;
  4522. while ((size_t)cmd_len < data_len
  4523. && !TOR_ISSPACE(conn->incoming_cmd[cmd_len]))
  4524. ++cmd_len;
  4525. conn->incoming_cmd[cmd_len]='\0';
  4526. args = conn->incoming_cmd+cmd_len+1;
  4527. tor_assert(data_len>(size_t)cmd_len);
  4528. data_len -= (cmd_len+1); /* skip the command and NUL we added after it */
  4529. while (TOR_ISSPACE(*args)) {
  4530. ++args;
  4531. --data_len;
  4532. }
  4533. /* If the connection is already closing, ignore further commands */
  4534. if (TO_CONN(conn)->marked_for_close) {
  4535. return 0;
  4536. }
  4537. /* Otherwise, Quit is always valid. */
  4538. if (!strcasecmp(conn->incoming_cmd, "QUIT")) {
  4539. connection_write_str_to_buf("250 closing connection\r\n", conn);
  4540. connection_mark_and_flush(TO_CONN(conn));
  4541. return 0;
  4542. }
  4543. if (conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH &&
  4544. !is_valid_initial_command(conn, conn->incoming_cmd)) {
  4545. connection_write_str_to_buf("514 Authentication required.\r\n", conn);
  4546. connection_mark_for_close(TO_CONN(conn));
  4547. return 0;
  4548. }
  4549. if (data_len >= UINT32_MAX) {
  4550. connection_write_str_to_buf("500 A 4GB command? Nice try.\r\n", conn);
  4551. connection_mark_for_close(TO_CONN(conn));
  4552. return 0;
  4553. }
  4554. /* XXXX Why is this not implemented as a table like the GETINFO
  4555. * items are? Even handling the plus signs at the beginnings of
  4556. * commands wouldn't be very hard with proper macros. */
  4557. cmd_data_len = (uint32_t)data_len;
  4558. if (!strcasecmp(conn->incoming_cmd, "SETCONF")) {
  4559. if (handle_control_setconf(conn, cmd_data_len, args))
  4560. return -1;
  4561. } else if (!strcasecmp(conn->incoming_cmd, "RESETCONF")) {
  4562. if (handle_control_resetconf(conn, cmd_data_len, args))
  4563. return -1;
  4564. } else if (!strcasecmp(conn->incoming_cmd, "GETCONF")) {
  4565. if (handle_control_getconf(conn, cmd_data_len, args))
  4566. return -1;
  4567. } else if (!strcasecmp(conn->incoming_cmd, "+LOADCONF")) {
  4568. if (handle_control_loadconf(conn, cmd_data_len, args))
  4569. return -1;
  4570. } else if (!strcasecmp(conn->incoming_cmd, "SETEVENTS")) {
  4571. if (handle_control_setevents(conn, cmd_data_len, args))
  4572. return -1;
  4573. } else if (!strcasecmp(conn->incoming_cmd, "AUTHENTICATE")) {
  4574. if (handle_control_authenticate(conn, cmd_data_len, args))
  4575. return -1;
  4576. } else if (!strcasecmp(conn->incoming_cmd, "SAVECONF")) {
  4577. if (handle_control_saveconf(conn, cmd_data_len, args))
  4578. return -1;
  4579. } else if (!strcasecmp(conn->incoming_cmd, "SIGNAL")) {
  4580. if (handle_control_signal(conn, cmd_data_len, args))
  4581. return -1;
  4582. } else if (!strcasecmp(conn->incoming_cmd, "TAKEOWNERSHIP")) {
  4583. if (handle_control_takeownership(conn, cmd_data_len, args))
  4584. return -1;
  4585. } else if (!strcasecmp(conn->incoming_cmd, "MAPADDRESS")) {
  4586. if (handle_control_mapaddress(conn, cmd_data_len, args))
  4587. return -1;
  4588. } else if (!strcasecmp(conn->incoming_cmd, "GETINFO")) {
  4589. if (handle_control_getinfo(conn, cmd_data_len, args))
  4590. return -1;
  4591. } else if (!strcasecmp(conn->incoming_cmd, "EXTENDCIRCUIT")) {
  4592. if (handle_control_extendcircuit(conn, cmd_data_len, args))
  4593. return -1;
  4594. } else if (!strcasecmp(conn->incoming_cmd, "SETCIRCUITPURPOSE")) {
  4595. if (handle_control_setcircuitpurpose(conn, cmd_data_len, args))
  4596. return -1;
  4597. } else if (!strcasecmp(conn->incoming_cmd, "SETROUTERPURPOSE")) {
  4598. connection_write_str_to_buf("511 SETROUTERPURPOSE is obsolete.\r\n", conn);
  4599. } else if (!strcasecmp(conn->incoming_cmd, "ATTACHSTREAM")) {
  4600. if (handle_control_attachstream(conn, cmd_data_len, args))
  4601. return -1;
  4602. } else if (!strcasecmp(conn->incoming_cmd, "+POSTDESCRIPTOR")) {
  4603. if (handle_control_postdescriptor(conn, cmd_data_len, args))
  4604. return -1;
  4605. } else if (!strcasecmp(conn->incoming_cmd, "REDIRECTSTREAM")) {
  4606. if (handle_control_redirectstream(conn, cmd_data_len, args))
  4607. return -1;
  4608. } else if (!strcasecmp(conn->incoming_cmd, "CLOSESTREAM")) {
  4609. if (handle_control_closestream(conn, cmd_data_len, args))
  4610. return -1;
  4611. } else if (!strcasecmp(conn->incoming_cmd, "CLOSECIRCUIT")) {
  4612. if (handle_control_closecircuit(conn, cmd_data_len, args))
  4613. return -1;
  4614. } else if (!strcasecmp(conn->incoming_cmd, "USEFEATURE")) {
  4615. if (handle_control_usefeature(conn, cmd_data_len, args))
  4616. return -1;
  4617. } else if (!strcasecmp(conn->incoming_cmd, "RESOLVE")) {
  4618. if (handle_control_resolve(conn, cmd_data_len, args))
  4619. return -1;
  4620. } else if (!strcasecmp(conn->incoming_cmd, "PROTOCOLINFO")) {
  4621. if (handle_control_protocolinfo(conn, cmd_data_len, args))
  4622. return -1;
  4623. } else if (!strcasecmp(conn->incoming_cmd, "AUTHCHALLENGE")) {
  4624. if (handle_control_authchallenge(conn, cmd_data_len, args))
  4625. return -1;
  4626. } else if (!strcasecmp(conn->incoming_cmd, "DROPGUARDS")) {
  4627. if (handle_control_dropguards(conn, cmd_data_len, args))
  4628. return -1;
  4629. } else if (!strcasecmp(conn->incoming_cmd, "HSFETCH")) {
  4630. if (handle_control_hsfetch(conn, cmd_data_len, args))
  4631. return -1;
  4632. } else if (!strcasecmp(conn->incoming_cmd, "+HSPOST")) {
  4633. if (handle_control_hspost(conn, cmd_data_len, args))
  4634. return -1;
  4635. } else if (!strcasecmp(conn->incoming_cmd, "ADD_ONION")) {
  4636. int ret = handle_control_add_onion(conn, cmd_data_len, args);
  4637. memwipe(args, 0, cmd_data_len); /* Scrub the private key. */
  4638. if (ret)
  4639. return -1;
  4640. } else if (!strcasecmp(conn->incoming_cmd, "DEL_ONION")) {
  4641. int ret = handle_control_del_onion(conn, cmd_data_len, args);
  4642. memwipe(args, 0, cmd_data_len); /* Scrub the service id/pk. */
  4643. if (ret)
  4644. return -1;
  4645. } else {
  4646. connection_printf_to_buf(conn, "510 Unrecognized command \"%s\"\r\n",
  4647. conn->incoming_cmd);
  4648. }
  4649. conn->incoming_cmd_cur_len = 0;
  4650. goto again;
  4651. }
  4652. /** Something major has happened to circuit <b>circ</b>: tell any
  4653. * interested control connections. */
  4654. int
  4655. control_event_circuit_status(origin_circuit_t *circ, circuit_status_event_t tp,
  4656. int reason_code)
  4657. {
  4658. const char *status;
  4659. char reasons[64] = "";
  4660. if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS))
  4661. return 0;
  4662. tor_assert(circ);
  4663. switch (tp)
  4664. {
  4665. case CIRC_EVENT_LAUNCHED: status = "LAUNCHED"; break;
  4666. case CIRC_EVENT_BUILT: status = "BUILT"; break;
  4667. case CIRC_EVENT_EXTENDED: status = "EXTENDED"; break;
  4668. case CIRC_EVENT_FAILED: status = "FAILED"; break;
  4669. case CIRC_EVENT_CLOSED: status = "CLOSED"; break;
  4670. default:
  4671. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  4672. tor_fragile_assert();
  4673. return 0;
  4674. }
  4675. if (tp == CIRC_EVENT_FAILED || tp == CIRC_EVENT_CLOSED) {
  4676. const char *reason_str = circuit_end_reason_to_control_string(reason_code);
  4677. char unk_reason_buf[16];
  4678. if (!reason_str) {
  4679. tor_snprintf(unk_reason_buf, 16, "UNKNOWN_%d", reason_code);
  4680. reason_str = unk_reason_buf;
  4681. }
  4682. if (reason_code > 0 && reason_code & END_CIRC_REASON_FLAG_REMOTE) {
  4683. tor_snprintf(reasons, sizeof(reasons),
  4684. " REASON=DESTROYED REMOTE_REASON=%s", reason_str);
  4685. } else {
  4686. tor_snprintf(reasons, sizeof(reasons),
  4687. " REASON=%s", reason_str);
  4688. }
  4689. }
  4690. {
  4691. char *circdesc = circuit_describe_status_for_controller(circ);
  4692. const char *sp = strlen(circdesc) ? " " : "";
  4693. send_control_event(EVENT_CIRCUIT_STATUS,
  4694. "650 CIRC %lu %s%s%s%s\r\n",
  4695. (unsigned long)circ->global_identifier,
  4696. status, sp,
  4697. circdesc,
  4698. reasons);
  4699. tor_free(circdesc);
  4700. }
  4701. return 0;
  4702. }
  4703. /** Something minor has happened to circuit <b>circ</b>: tell any
  4704. * interested control connections. */
  4705. static int
  4706. control_event_circuit_status_minor(origin_circuit_t *circ,
  4707. circuit_status_minor_event_t e,
  4708. int purpose, const struct timeval *tv)
  4709. {
  4710. const char *event_desc;
  4711. char event_tail[160] = "";
  4712. if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS_MINOR))
  4713. return 0;
  4714. tor_assert(circ);
  4715. switch (e)
  4716. {
  4717. case CIRC_MINOR_EVENT_PURPOSE_CHANGED:
  4718. event_desc = "PURPOSE_CHANGED";
  4719. {
  4720. /* event_tail can currently be up to 68 chars long */
  4721. const char *hs_state_str =
  4722. circuit_purpose_to_controller_hs_state_string(purpose);
  4723. tor_snprintf(event_tail, sizeof(event_tail),
  4724. " OLD_PURPOSE=%s%s%s",
  4725. circuit_purpose_to_controller_string(purpose),
  4726. (hs_state_str != NULL) ? " OLD_HS_STATE=" : "",
  4727. (hs_state_str != NULL) ? hs_state_str : "");
  4728. }
  4729. break;
  4730. case CIRC_MINOR_EVENT_CANNIBALIZED:
  4731. event_desc = "CANNIBALIZED";
  4732. {
  4733. /* event_tail can currently be up to 130 chars long */
  4734. const char *hs_state_str =
  4735. circuit_purpose_to_controller_hs_state_string(purpose);
  4736. const struct timeval *old_timestamp_began = tv;
  4737. char tbuf[ISO_TIME_USEC_LEN+1];
  4738. format_iso_time_nospace_usec(tbuf, old_timestamp_began);
  4739. tor_snprintf(event_tail, sizeof(event_tail),
  4740. " OLD_PURPOSE=%s%s%s OLD_TIME_CREATED=%s",
  4741. circuit_purpose_to_controller_string(purpose),
  4742. (hs_state_str != NULL) ? " OLD_HS_STATE=" : "",
  4743. (hs_state_str != NULL) ? hs_state_str : "",
  4744. tbuf);
  4745. }
  4746. break;
  4747. default:
  4748. log_warn(LD_BUG, "Unrecognized status code %d", (int)e);
  4749. tor_fragile_assert();
  4750. return 0;
  4751. }
  4752. {
  4753. char *circdesc = circuit_describe_status_for_controller(circ);
  4754. const char *sp = strlen(circdesc) ? " " : "";
  4755. send_control_event(EVENT_CIRCUIT_STATUS_MINOR,
  4756. "650 CIRC_MINOR %lu %s%s%s%s\r\n",
  4757. (unsigned long)circ->global_identifier,
  4758. event_desc, sp,
  4759. circdesc,
  4760. event_tail);
  4761. tor_free(circdesc);
  4762. }
  4763. return 0;
  4764. }
  4765. /**
  4766. * <b>circ</b> has changed its purpose from <b>old_purpose</b>: tell any
  4767. * interested controllers.
  4768. */
  4769. int
  4770. control_event_circuit_purpose_changed(origin_circuit_t *circ,
  4771. int old_purpose)
  4772. {
  4773. return control_event_circuit_status_minor(circ,
  4774. CIRC_MINOR_EVENT_PURPOSE_CHANGED,
  4775. old_purpose,
  4776. NULL);
  4777. }
  4778. /**
  4779. * <b>circ</b> has changed its purpose from <b>old_purpose</b>, and its
  4780. * created-time from <b>old_tv_created</b>: tell any interested controllers.
  4781. */
  4782. int
  4783. control_event_circuit_cannibalized(origin_circuit_t *circ,
  4784. int old_purpose,
  4785. const struct timeval *old_tv_created)
  4786. {
  4787. return control_event_circuit_status_minor(circ,
  4788. CIRC_MINOR_EVENT_CANNIBALIZED,
  4789. old_purpose,
  4790. old_tv_created);
  4791. }
  4792. /** Given an AP connection <b>conn</b> and a <b>len</b>-character buffer
  4793. * <b>buf</b>, determine the address:port combination requested on
  4794. * <b>conn</b>, and write it to <b>buf</b>. Return 0 on success, -1 on
  4795. * failure. */
  4796. static int
  4797. write_stream_target_to_buf(entry_connection_t *conn, char *buf, size_t len)
  4798. {
  4799. char buf2[256];
  4800. if (conn->chosen_exit_name)
  4801. if (tor_snprintf(buf2, sizeof(buf2), ".%s.exit", conn->chosen_exit_name)<0)
  4802. return -1;
  4803. if (!conn->socks_request)
  4804. return -1;
  4805. if (tor_snprintf(buf, len, "%s%s%s:%d",
  4806. conn->socks_request->address,
  4807. conn->chosen_exit_name ? buf2 : "",
  4808. !conn->chosen_exit_name && connection_edge_is_rendezvous_stream(
  4809. ENTRY_TO_EDGE_CONN(conn)) ? ".onion" : "",
  4810. conn->socks_request->port)<0)
  4811. return -1;
  4812. return 0;
  4813. }
  4814. /** Something has happened to the stream associated with AP connection
  4815. * <b>conn</b>: tell any interested control connections. */
  4816. int
  4817. control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp,
  4818. int reason_code)
  4819. {
  4820. char reason_buf[64];
  4821. char addrport_buf[64];
  4822. const char *status;
  4823. circuit_t *circ;
  4824. origin_circuit_t *origin_circ = NULL;
  4825. char buf[256];
  4826. const char *purpose = "";
  4827. tor_assert(conn->socks_request);
  4828. if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
  4829. return 0;
  4830. if (tp == STREAM_EVENT_CLOSED &&
  4831. (reason_code & END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED))
  4832. return 0;
  4833. write_stream_target_to_buf(conn, buf, sizeof(buf));
  4834. reason_buf[0] = '\0';
  4835. switch (tp)
  4836. {
  4837. case STREAM_EVENT_SENT_CONNECT: status = "SENTCONNECT"; break;
  4838. case STREAM_EVENT_SENT_RESOLVE: status = "SENTRESOLVE"; break;
  4839. case STREAM_EVENT_SUCCEEDED: status = "SUCCEEDED"; break;
  4840. case STREAM_EVENT_FAILED: status = "FAILED"; break;
  4841. case STREAM_EVENT_CLOSED: status = "CLOSED"; break;
  4842. case STREAM_EVENT_NEW: status = "NEW"; break;
  4843. case STREAM_EVENT_NEW_RESOLVE: status = "NEWRESOLVE"; break;
  4844. case STREAM_EVENT_FAILED_RETRIABLE: status = "DETACHED"; break;
  4845. case STREAM_EVENT_REMAP: status = "REMAP"; break;
  4846. default:
  4847. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  4848. return 0;
  4849. }
  4850. if (reason_code && (tp == STREAM_EVENT_FAILED ||
  4851. tp == STREAM_EVENT_CLOSED ||
  4852. tp == STREAM_EVENT_FAILED_RETRIABLE)) {
  4853. const char *reason_str = stream_end_reason_to_control_string(reason_code);
  4854. char *r = NULL;
  4855. if (!reason_str) {
  4856. tor_asprintf(&r, " UNKNOWN_%d", reason_code);
  4857. reason_str = r;
  4858. }
  4859. if (reason_code & END_STREAM_REASON_FLAG_REMOTE)
  4860. tor_snprintf(reason_buf, sizeof(reason_buf),
  4861. " REASON=END REMOTE_REASON=%s", reason_str);
  4862. else
  4863. tor_snprintf(reason_buf, sizeof(reason_buf),
  4864. " REASON=%s", reason_str);
  4865. tor_free(r);
  4866. } else if (reason_code && tp == STREAM_EVENT_REMAP) {
  4867. switch (reason_code) {
  4868. case REMAP_STREAM_SOURCE_CACHE:
  4869. strlcpy(reason_buf, " SOURCE=CACHE", sizeof(reason_buf));
  4870. break;
  4871. case REMAP_STREAM_SOURCE_EXIT:
  4872. strlcpy(reason_buf, " SOURCE=EXIT", sizeof(reason_buf));
  4873. break;
  4874. default:
  4875. tor_snprintf(reason_buf, sizeof(reason_buf), " REASON=UNKNOWN_%d",
  4876. reason_code);
  4877. /* XXX do we want SOURCE=UNKNOWN_%d above instead? -RD */
  4878. break;
  4879. }
  4880. }
  4881. if (tp == STREAM_EVENT_NEW || tp == STREAM_EVENT_NEW_RESOLVE) {
  4882. /*
  4883. * When the control conn is an AF_UNIX socket and we have no address,
  4884. * it gets set to "(Tor_internal)"; see dnsserv_launch_request() in
  4885. * dnsserv.c.
  4886. */
  4887. if (strcmp(ENTRY_TO_CONN(conn)->address, "(Tor_internal)") != 0) {
  4888. tor_snprintf(addrport_buf,sizeof(addrport_buf), " SOURCE_ADDR=%s:%d",
  4889. ENTRY_TO_CONN(conn)->address, ENTRY_TO_CONN(conn)->port);
  4890. } else {
  4891. /*
  4892. * else leave it blank so control on AF_UNIX doesn't need to make
  4893. * something up.
  4894. */
  4895. addrport_buf[0] = '\0';
  4896. }
  4897. } else {
  4898. addrport_buf[0] = '\0';
  4899. }
  4900. if (tp == STREAM_EVENT_NEW_RESOLVE) {
  4901. purpose = " PURPOSE=DNS_REQUEST";
  4902. } else if (tp == STREAM_EVENT_NEW) {
  4903. if (conn->use_begindir) {
  4904. connection_t *linked = ENTRY_TO_CONN(conn)->linked_conn;
  4905. int linked_dir_purpose = -1;
  4906. if (linked && linked->type == CONN_TYPE_DIR)
  4907. linked_dir_purpose = linked->purpose;
  4908. if (DIR_PURPOSE_IS_UPLOAD(linked_dir_purpose))
  4909. purpose = " PURPOSE=DIR_UPLOAD";
  4910. else
  4911. purpose = " PURPOSE=DIR_FETCH";
  4912. } else
  4913. purpose = " PURPOSE=USER";
  4914. }
  4915. circ = circuit_get_by_edge_conn(ENTRY_TO_EDGE_CONN(conn));
  4916. if (circ && CIRCUIT_IS_ORIGIN(circ))
  4917. origin_circ = TO_ORIGIN_CIRCUIT(circ);
  4918. send_control_event(EVENT_STREAM_STATUS,
  4919. "650 STREAM "U64_FORMAT" %s %lu %s%s%s%s\r\n",
  4920. U64_PRINTF_ARG(ENTRY_TO_CONN(conn)->global_identifier),
  4921. status,
  4922. origin_circ?
  4923. (unsigned long)origin_circ->global_identifier : 0ul,
  4924. buf, reason_buf, addrport_buf, purpose);
  4925. /* XXX need to specify its intended exit, etc? */
  4926. return 0;
  4927. }
  4928. /** Figure out the best name for the target router of an OR connection
  4929. * <b>conn</b>, and write it into the <b>len</b>-character buffer
  4930. * <b>name</b>. */
  4931. static void
  4932. orconn_target_get_name(char *name, size_t len, or_connection_t *conn)
  4933. {
  4934. const node_t *node = node_get_by_id(conn->identity_digest);
  4935. if (node) {
  4936. tor_assert(len > MAX_VERBOSE_NICKNAME_LEN);
  4937. node_get_verbose_nickname(node, name);
  4938. } else if (! tor_digest_is_zero(conn->identity_digest)) {
  4939. name[0] = '$';
  4940. base16_encode(name+1, len-1, conn->identity_digest,
  4941. DIGEST_LEN);
  4942. } else {
  4943. tor_snprintf(name, len, "%s:%d",
  4944. conn->base_.address, conn->base_.port);
  4945. }
  4946. }
  4947. /** Called when the status of an OR connection <b>conn</b> changes: tell any
  4948. * interested control connections. <b>tp</b> is the new status for the
  4949. * connection. If <b>conn</b> has just closed or failed, then <b>reason</b>
  4950. * may be the reason why.
  4951. */
  4952. int
  4953. control_event_or_conn_status(or_connection_t *conn, or_conn_status_event_t tp,
  4954. int reason)
  4955. {
  4956. int ncircs = 0;
  4957. const char *status;
  4958. char name[128];
  4959. char ncircs_buf[32] = {0}; /* > 8 + log10(2^32)=10 + 2 */
  4960. if (!EVENT_IS_INTERESTING(EVENT_OR_CONN_STATUS))
  4961. return 0;
  4962. switch (tp)
  4963. {
  4964. case OR_CONN_EVENT_LAUNCHED: status = "LAUNCHED"; break;
  4965. case OR_CONN_EVENT_CONNECTED: status = "CONNECTED"; break;
  4966. case OR_CONN_EVENT_FAILED: status = "FAILED"; break;
  4967. case OR_CONN_EVENT_CLOSED: status = "CLOSED"; break;
  4968. case OR_CONN_EVENT_NEW: status = "NEW"; break;
  4969. default:
  4970. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  4971. return 0;
  4972. }
  4973. if (conn->chan) {
  4974. ncircs = circuit_count_pending_on_channel(TLS_CHAN_TO_BASE(conn->chan));
  4975. } else {
  4976. ncircs = 0;
  4977. }
  4978. ncircs += connection_or_get_num_circuits(conn);
  4979. if (ncircs && (tp == OR_CONN_EVENT_FAILED || tp == OR_CONN_EVENT_CLOSED)) {
  4980. tor_snprintf(ncircs_buf, sizeof(ncircs_buf), " NCIRCS=%d", ncircs);
  4981. }
  4982. orconn_target_get_name(name, sizeof(name), conn);
  4983. send_control_event(EVENT_OR_CONN_STATUS,
  4984. "650 ORCONN %s %s%s%s%s ID="U64_FORMAT"\r\n",
  4985. name, status,
  4986. reason ? " REASON=" : "",
  4987. orconn_end_reason_to_control_string(reason),
  4988. ncircs_buf,
  4989. U64_PRINTF_ARG(conn->base_.global_identifier));
  4990. return 0;
  4991. }
  4992. /**
  4993. * Print out STREAM_BW event for a single conn
  4994. */
  4995. int
  4996. control_event_stream_bandwidth(edge_connection_t *edge_conn)
  4997. {
  4998. circuit_t *circ;
  4999. origin_circuit_t *ocirc;
  5000. if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
  5001. if (!edge_conn->n_read && !edge_conn->n_written)
  5002. return 0;
  5003. send_control_event(EVENT_STREAM_BANDWIDTH_USED,
  5004. "650 STREAM_BW "U64_FORMAT" %lu %lu\r\n",
  5005. U64_PRINTF_ARG(edge_conn->base_.global_identifier),
  5006. (unsigned long)edge_conn->n_read,
  5007. (unsigned long)edge_conn->n_written);
  5008. circ = circuit_get_by_edge_conn(edge_conn);
  5009. if (circ && CIRCUIT_IS_ORIGIN(circ)) {
  5010. ocirc = TO_ORIGIN_CIRCUIT(circ);
  5011. ocirc->n_read_circ_bw += edge_conn->n_read;
  5012. ocirc->n_written_circ_bw += edge_conn->n_written;
  5013. }
  5014. edge_conn->n_written = edge_conn->n_read = 0;
  5015. }
  5016. return 0;
  5017. }
  5018. /** A second or more has elapsed: tell any interested control
  5019. * connections how much bandwidth streams have used. */
  5020. int
  5021. control_event_stream_bandwidth_used(void)
  5022. {
  5023. if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
  5024. smartlist_t *conns = get_connection_array();
  5025. edge_connection_t *edge_conn;
  5026. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn)
  5027. {
  5028. if (conn->type != CONN_TYPE_AP)
  5029. continue;
  5030. edge_conn = TO_EDGE_CONN(conn);
  5031. if (!edge_conn->n_read && !edge_conn->n_written)
  5032. continue;
  5033. send_control_event(EVENT_STREAM_BANDWIDTH_USED,
  5034. "650 STREAM_BW "U64_FORMAT" %lu %lu\r\n",
  5035. U64_PRINTF_ARG(edge_conn->base_.global_identifier),
  5036. (unsigned long)edge_conn->n_read,
  5037. (unsigned long)edge_conn->n_written);
  5038. edge_conn->n_written = edge_conn->n_read = 0;
  5039. }
  5040. SMARTLIST_FOREACH_END(conn);
  5041. }
  5042. return 0;
  5043. }
  5044. /** A second or more has elapsed: tell any interested control connections
  5045. * how much bandwidth origin circuits have used. */
  5046. int
  5047. control_event_circ_bandwidth_used(void)
  5048. {
  5049. origin_circuit_t *ocirc;
  5050. if (!EVENT_IS_INTERESTING(EVENT_CIRC_BANDWIDTH_USED))
  5051. return 0;
  5052. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  5053. if (!CIRCUIT_IS_ORIGIN(circ))
  5054. continue;
  5055. ocirc = TO_ORIGIN_CIRCUIT(circ);
  5056. if (!ocirc->n_read_circ_bw && !ocirc->n_written_circ_bw)
  5057. continue;
  5058. send_control_event(EVENT_CIRC_BANDWIDTH_USED,
  5059. "650 CIRC_BW ID=%d READ=%lu WRITTEN=%lu\r\n",
  5060. ocirc->global_identifier,
  5061. (unsigned long)ocirc->n_read_circ_bw,
  5062. (unsigned long)ocirc->n_written_circ_bw);
  5063. ocirc->n_written_circ_bw = ocirc->n_read_circ_bw = 0;
  5064. }
  5065. SMARTLIST_FOREACH_END(circ);
  5066. return 0;
  5067. }
  5068. /** Print out CONN_BW event for a single OR/DIR/EXIT <b>conn</b> and reset
  5069. * bandwidth counters. */
  5070. int
  5071. control_event_conn_bandwidth(connection_t *conn)
  5072. {
  5073. const char *conn_type_str;
  5074. if (!get_options()->TestingEnableConnBwEvent ||
  5075. !EVENT_IS_INTERESTING(EVENT_CONN_BW))
  5076. return 0;
  5077. if (!conn->n_read_conn_bw && !conn->n_written_conn_bw)
  5078. return 0;
  5079. switch (conn->type) {
  5080. case CONN_TYPE_OR:
  5081. conn_type_str = "OR";
  5082. break;
  5083. case CONN_TYPE_DIR:
  5084. conn_type_str = "DIR";
  5085. break;
  5086. case CONN_TYPE_EXIT:
  5087. conn_type_str = "EXIT";
  5088. break;
  5089. default:
  5090. return 0;
  5091. }
  5092. send_control_event(EVENT_CONN_BW,
  5093. "650 CONN_BW ID="U64_FORMAT" TYPE=%s "
  5094. "READ=%lu WRITTEN=%lu\r\n",
  5095. U64_PRINTF_ARG(conn->global_identifier),
  5096. conn_type_str,
  5097. (unsigned long)conn->n_read_conn_bw,
  5098. (unsigned long)conn->n_written_conn_bw);
  5099. conn->n_written_conn_bw = conn->n_read_conn_bw = 0;
  5100. return 0;
  5101. }
  5102. /** A second or more has elapsed: tell any interested control
  5103. * connections how much bandwidth connections have used. */
  5104. int
  5105. control_event_conn_bandwidth_used(void)
  5106. {
  5107. if (get_options()->TestingEnableConnBwEvent &&
  5108. EVENT_IS_INTERESTING(EVENT_CONN_BW)) {
  5109. SMARTLIST_FOREACH(get_connection_array(), connection_t *, conn,
  5110. control_event_conn_bandwidth(conn));
  5111. }
  5112. return 0;
  5113. }
  5114. /** Helper: iterate over cell statistics of <b>circ</b> and sum up added
  5115. * cells, removed cells, and waiting times by cell command and direction.
  5116. * Store results in <b>cell_stats</b>. Free cell statistics of the
  5117. * circuit afterwards. */
  5118. void
  5119. sum_up_cell_stats_by_command(circuit_t *circ, cell_stats_t *cell_stats)
  5120. {
  5121. memset(cell_stats, 0, sizeof(cell_stats_t));
  5122. SMARTLIST_FOREACH_BEGIN(circ->testing_cell_stats,
  5123. const testing_cell_stats_entry_t *, ent) {
  5124. tor_assert(ent->command <= CELL_COMMAND_MAX_);
  5125. if (!ent->removed && !ent->exitward) {
  5126. cell_stats->added_cells_appward[ent->command] += 1;
  5127. } else if (!ent->removed && ent->exitward) {
  5128. cell_stats->added_cells_exitward[ent->command] += 1;
  5129. } else if (!ent->exitward) {
  5130. cell_stats->removed_cells_appward[ent->command] += 1;
  5131. cell_stats->total_time_appward[ent->command] += ent->waiting_time * 10;
  5132. } else {
  5133. cell_stats->removed_cells_exitward[ent->command] += 1;
  5134. cell_stats->total_time_exitward[ent->command] += ent->waiting_time * 10;
  5135. }
  5136. } SMARTLIST_FOREACH_END(ent);
  5137. circuit_clear_testing_cell_stats(circ);
  5138. }
  5139. /** Helper: append a cell statistics string to <code>event_parts</code>,
  5140. * prefixed with <code>key</code>=. Statistics consist of comma-separated
  5141. * key:value pairs with lower-case command strings as keys and cell
  5142. * numbers or total waiting times as values. A key:value pair is included
  5143. * if the entry in <code>include_if_non_zero</code> is not zero, but with
  5144. * the (possibly zero) entry from <code>number_to_include</code>. Both
  5145. * arrays are expected to have a length of CELL_COMMAND_MAX_ + 1. If no
  5146. * entry in <code>include_if_non_zero</code> is positive, no string will
  5147. * be added to <code>event_parts</code>. */
  5148. void
  5149. append_cell_stats_by_command(smartlist_t *event_parts, const char *key,
  5150. const uint64_t *include_if_non_zero,
  5151. const uint64_t *number_to_include)
  5152. {
  5153. smartlist_t *key_value_strings = smartlist_new();
  5154. int i;
  5155. for (i = 0; i <= CELL_COMMAND_MAX_; i++) {
  5156. if (include_if_non_zero[i] > 0) {
  5157. smartlist_add_asprintf(key_value_strings, "%s:"U64_FORMAT,
  5158. cell_command_to_string(i),
  5159. U64_PRINTF_ARG(number_to_include[i]));
  5160. }
  5161. }
  5162. if (smartlist_len(key_value_strings) > 0) {
  5163. char *joined = smartlist_join_strings(key_value_strings, ",", 0, NULL);
  5164. smartlist_add_asprintf(event_parts, "%s=%s", key, joined);
  5165. SMARTLIST_FOREACH(key_value_strings, char *, cp, tor_free(cp));
  5166. tor_free(joined);
  5167. }
  5168. smartlist_free(key_value_strings);
  5169. }
  5170. /** Helper: format <b>cell_stats</b> for <b>circ</b> for inclusion in a
  5171. * CELL_STATS event and write result string to <b>event_string</b>. */
  5172. void
  5173. format_cell_stats(char **event_string, circuit_t *circ,
  5174. cell_stats_t *cell_stats)
  5175. {
  5176. smartlist_t *event_parts = smartlist_new();
  5177. if (CIRCUIT_IS_ORIGIN(circ)) {
  5178. origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
  5179. smartlist_add_asprintf(event_parts, "ID=%lu",
  5180. (unsigned long)ocirc->global_identifier);
  5181. } else if (TO_OR_CIRCUIT(circ)->p_chan) {
  5182. or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
  5183. smartlist_add_asprintf(event_parts, "InboundQueue=%lu",
  5184. (unsigned long)or_circ->p_circ_id);
  5185. smartlist_add_asprintf(event_parts, "InboundConn="U64_FORMAT,
  5186. U64_PRINTF_ARG(or_circ->p_chan->global_identifier));
  5187. append_cell_stats_by_command(event_parts, "InboundAdded",
  5188. cell_stats->added_cells_appward,
  5189. cell_stats->added_cells_appward);
  5190. append_cell_stats_by_command(event_parts, "InboundRemoved",
  5191. cell_stats->removed_cells_appward,
  5192. cell_stats->removed_cells_appward);
  5193. append_cell_stats_by_command(event_parts, "InboundTime",
  5194. cell_stats->removed_cells_appward,
  5195. cell_stats->total_time_appward);
  5196. }
  5197. if (circ->n_chan) {
  5198. smartlist_add_asprintf(event_parts, "OutboundQueue=%lu",
  5199. (unsigned long)circ->n_circ_id);
  5200. smartlist_add_asprintf(event_parts, "OutboundConn="U64_FORMAT,
  5201. U64_PRINTF_ARG(circ->n_chan->global_identifier));
  5202. append_cell_stats_by_command(event_parts, "OutboundAdded",
  5203. cell_stats->added_cells_exitward,
  5204. cell_stats->added_cells_exitward);
  5205. append_cell_stats_by_command(event_parts, "OutboundRemoved",
  5206. cell_stats->removed_cells_exitward,
  5207. cell_stats->removed_cells_exitward);
  5208. append_cell_stats_by_command(event_parts, "OutboundTime",
  5209. cell_stats->removed_cells_exitward,
  5210. cell_stats->total_time_exitward);
  5211. }
  5212. *event_string = smartlist_join_strings(event_parts, " ", 0, NULL);
  5213. SMARTLIST_FOREACH(event_parts, char *, cp, tor_free(cp));
  5214. smartlist_free(event_parts);
  5215. }
  5216. /** A second or more has elapsed: tell any interested control connection
  5217. * how many cells have been processed for a given circuit. */
  5218. int
  5219. control_event_circuit_cell_stats(void)
  5220. {
  5221. cell_stats_t *cell_stats;
  5222. char *event_string;
  5223. if (!get_options()->TestingEnableCellStatsEvent ||
  5224. !EVENT_IS_INTERESTING(EVENT_CELL_STATS))
  5225. return 0;
  5226. cell_stats = tor_malloc(sizeof(cell_stats_t));;
  5227. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  5228. if (!circ->testing_cell_stats)
  5229. continue;
  5230. sum_up_cell_stats_by_command(circ, cell_stats);
  5231. format_cell_stats(&event_string, circ, cell_stats);
  5232. send_control_event(EVENT_CELL_STATS,
  5233. "650 CELL_STATS %s\r\n", event_string);
  5234. tor_free(event_string);
  5235. }
  5236. SMARTLIST_FOREACH_END(circ);
  5237. tor_free(cell_stats);
  5238. return 0;
  5239. }
  5240. /** Tokens in <b>bucket</b> have been refilled: the read bucket was empty
  5241. * for <b>read_empty_time</b> millis, the write bucket was empty for
  5242. * <b>write_empty_time</b> millis, and buckets were last refilled
  5243. * <b>milliseconds_elapsed</b> millis ago. Only emit TB_EMPTY event if
  5244. * either read or write bucket have been empty before. */
  5245. int
  5246. control_event_tb_empty(const char *bucket, uint32_t read_empty_time,
  5247. uint32_t write_empty_time,
  5248. int milliseconds_elapsed)
  5249. {
  5250. if (get_options()->TestingEnableTbEmptyEvent &&
  5251. EVENT_IS_INTERESTING(EVENT_TB_EMPTY) &&
  5252. (read_empty_time > 0 || write_empty_time > 0)) {
  5253. send_control_event(EVENT_TB_EMPTY,
  5254. "650 TB_EMPTY %s READ=%d WRITTEN=%d "
  5255. "LAST=%d\r\n",
  5256. bucket, read_empty_time, write_empty_time,
  5257. milliseconds_elapsed);
  5258. }
  5259. return 0;
  5260. }
  5261. /* about 5 minutes worth. */
  5262. #define N_BW_EVENTS_TO_CACHE 300
  5263. /* Index into cached_bw_events to next write. */
  5264. static int next_measurement_idx = 0;
  5265. /* number of entries set in n_measurements */
  5266. static int n_measurements = 0;
  5267. static struct cached_bw_event_s {
  5268. uint32_t n_read;
  5269. uint32_t n_written;
  5270. } cached_bw_events[N_BW_EVENTS_TO_CACHE];
  5271. /** A second or more has elapsed: tell any interested control
  5272. * connections how much bandwidth we used. */
  5273. int
  5274. control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
  5275. {
  5276. cached_bw_events[next_measurement_idx].n_read = n_read;
  5277. cached_bw_events[next_measurement_idx].n_written = n_written;
  5278. if (++next_measurement_idx == N_BW_EVENTS_TO_CACHE)
  5279. next_measurement_idx = 0;
  5280. if (n_measurements < N_BW_EVENTS_TO_CACHE)
  5281. ++n_measurements;
  5282. if (EVENT_IS_INTERESTING(EVENT_BANDWIDTH_USED)) {
  5283. send_control_event(EVENT_BANDWIDTH_USED,
  5284. "650 BW %lu %lu\r\n",
  5285. (unsigned long)n_read,
  5286. (unsigned long)n_written);
  5287. }
  5288. return 0;
  5289. }
  5290. STATIC char *
  5291. get_bw_samples(void)
  5292. {
  5293. int i;
  5294. int idx = (next_measurement_idx + N_BW_EVENTS_TO_CACHE - n_measurements)
  5295. % N_BW_EVENTS_TO_CACHE;
  5296. tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
  5297. smartlist_t *elements = smartlist_new();
  5298. for (i = 0; i < n_measurements; ++i) {
  5299. tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
  5300. const struct cached_bw_event_s *bwe = &cached_bw_events[idx];
  5301. smartlist_add_asprintf(elements, "%u,%u",
  5302. (unsigned)bwe->n_read,
  5303. (unsigned)bwe->n_written);
  5304. idx = (idx + 1) % N_BW_EVENTS_TO_CACHE;
  5305. }
  5306. char *result = smartlist_join_strings(elements, " ", 0, NULL);
  5307. SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
  5308. smartlist_free(elements);
  5309. return result;
  5310. }
  5311. /** Called when we are sending a log message to the controllers: suspend
  5312. * sending further log messages to the controllers until we're done. Used by
  5313. * CONN_LOG_PROTECT. */
  5314. void
  5315. disable_control_logging(void)
  5316. {
  5317. ++disable_log_messages;
  5318. }
  5319. /** We're done sending a log message to the controllers: re-enable controller
  5320. * logging. Used by CONN_LOG_PROTECT. */
  5321. void
  5322. enable_control_logging(void)
  5323. {
  5324. if (--disable_log_messages < 0)
  5325. tor_assert(0);
  5326. }
  5327. /** We got a log message: tell any interested control connections. */
  5328. void
  5329. control_event_logmsg(int severity, uint32_t domain, const char *msg)
  5330. {
  5331. int event;
  5332. /* Don't even think of trying to add stuff to a buffer from a cpuworker
  5333. * thread. */
  5334. if (! in_main_thread())
  5335. return;
  5336. if (disable_log_messages)
  5337. return;
  5338. if (domain == LD_BUG && EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL) &&
  5339. severity <= LOG_NOTICE) {
  5340. char *esc = esc_for_log(msg);
  5341. ++disable_log_messages;
  5342. control_event_general_status(severity, "BUG REASON=%s", esc);
  5343. --disable_log_messages;
  5344. tor_free(esc);
  5345. }
  5346. event = log_severity_to_event(severity);
  5347. if (event >= 0 && EVENT_IS_INTERESTING(event)) {
  5348. char *b = NULL;
  5349. const char *s;
  5350. if (strchr(msg, '\n')) {
  5351. char *cp;
  5352. b = tor_strdup(msg);
  5353. for (cp = b; *cp; ++cp)
  5354. if (*cp == '\r' || *cp == '\n')
  5355. *cp = ' ';
  5356. }
  5357. switch (severity) {
  5358. case LOG_DEBUG: s = "DEBUG"; break;
  5359. case LOG_INFO: s = "INFO"; break;
  5360. case LOG_NOTICE: s = "NOTICE"; break;
  5361. case LOG_WARN: s = "WARN"; break;
  5362. case LOG_ERR: s = "ERR"; break;
  5363. default: s = "UnknownLogSeverity"; break;
  5364. }
  5365. ++disable_log_messages;
  5366. send_control_event(event, "650 %s %s\r\n", s, b?b:msg);
  5367. if (severity == LOG_ERR) {
  5368. /* Force a flush, since we may be about to die horribly */
  5369. queued_events_flush_all(1);
  5370. }
  5371. --disable_log_messages;
  5372. tor_free(b);
  5373. }
  5374. }
  5375. /** Called whenever we receive new router descriptors: tell any
  5376. * interested control connections. <b>routers</b> is a list of
  5377. * routerinfo_t's.
  5378. */
  5379. int
  5380. control_event_descriptors_changed(smartlist_t *routers)
  5381. {
  5382. char *msg;
  5383. if (!EVENT_IS_INTERESTING(EVENT_NEW_DESC))
  5384. return 0;
  5385. {
  5386. smartlist_t *names = smartlist_new();
  5387. char *ids;
  5388. SMARTLIST_FOREACH(routers, routerinfo_t *, ri, {
  5389. char *b = tor_malloc(MAX_VERBOSE_NICKNAME_LEN+1);
  5390. router_get_verbose_nickname(b, ri);
  5391. smartlist_add(names, b);
  5392. });
  5393. ids = smartlist_join_strings(names, " ", 0, NULL);
  5394. tor_asprintf(&msg, "650 NEWDESC %s\r\n", ids);
  5395. send_control_event_string(EVENT_NEW_DESC, msg);
  5396. tor_free(ids);
  5397. tor_free(msg);
  5398. SMARTLIST_FOREACH(names, char *, cp, tor_free(cp));
  5399. smartlist_free(names);
  5400. }
  5401. return 0;
  5402. }
  5403. /** Called when an address mapping on <b>from</b> from changes to <b>to</b>.
  5404. * <b>expires</b> values less than 3 are special; see connection_edge.c. If
  5405. * <b>error</b> is non-NULL, it is an error code describing the failure
  5406. * mode of the mapping.
  5407. */
  5408. int
  5409. control_event_address_mapped(const char *from, const char *to, time_t expires,
  5410. const char *error, const int cached)
  5411. {
  5412. if (!EVENT_IS_INTERESTING(EVENT_ADDRMAP))
  5413. return 0;
  5414. if (expires < 3 || expires == TIME_MAX)
  5415. send_control_event(EVENT_ADDRMAP,
  5416. "650 ADDRMAP %s %s NEVER %s%s"
  5417. "CACHED=\"%s\"\r\n",
  5418. from, to, error?error:"", error?" ":"",
  5419. cached?"YES":"NO");
  5420. else {
  5421. char buf[ISO_TIME_LEN+1];
  5422. char buf2[ISO_TIME_LEN+1];
  5423. format_local_iso_time(buf,expires);
  5424. format_iso_time(buf2,expires);
  5425. send_control_event(EVENT_ADDRMAP,
  5426. "650 ADDRMAP %s %s \"%s\""
  5427. " %s%sEXPIRES=\"%s\" CACHED=\"%s\"\r\n",
  5428. from, to, buf,
  5429. error?error:"", error?" ":"",
  5430. buf2, cached?"YES":"NO");
  5431. }
  5432. return 0;
  5433. }
  5434. /** The authoritative dirserver has received a new descriptor that
  5435. * has passed basic syntax checks and is properly self-signed.
  5436. *
  5437. * Notify any interested party of the new descriptor and what has
  5438. * been done with it, and also optionally give an explanation/reason. */
  5439. int
  5440. control_event_or_authdir_new_descriptor(const char *action,
  5441. const char *desc, size_t desclen,
  5442. const char *msg)
  5443. {
  5444. char firstline[1024];
  5445. char *buf;
  5446. size_t totallen;
  5447. char *esc = NULL;
  5448. size_t esclen;
  5449. if (!EVENT_IS_INTERESTING(EVENT_AUTHDIR_NEWDESCS))
  5450. return 0;
  5451. tor_snprintf(firstline, sizeof(firstline),
  5452. "650+AUTHDIR_NEWDESC=\r\n%s\r\n%s\r\n",
  5453. action,
  5454. msg ? msg : "");
  5455. /* Escape the server descriptor properly */
  5456. esclen = write_escaped_data(desc, desclen, &esc);
  5457. totallen = strlen(firstline) + esclen + 1;
  5458. buf = tor_malloc(totallen);
  5459. strlcpy(buf, firstline, totallen);
  5460. strlcpy(buf+strlen(firstline), esc, totallen);
  5461. send_control_event_string(EVENT_AUTHDIR_NEWDESCS,
  5462. buf);
  5463. send_control_event_string(EVENT_AUTHDIR_NEWDESCS,
  5464. "650 OK\r\n");
  5465. tor_free(esc);
  5466. tor_free(buf);
  5467. return 0;
  5468. }
  5469. /** Cached liveness for network liveness events and GETINFO
  5470. */
  5471. static int network_is_live = 0;
  5472. static int
  5473. get_cached_network_liveness(void)
  5474. {
  5475. return network_is_live;
  5476. }
  5477. static void
  5478. set_cached_network_liveness(int liveness)
  5479. {
  5480. network_is_live = liveness;
  5481. }
  5482. /** The network liveness has changed; this is called from circuitstats.c
  5483. * whenever we receive a cell, or when timeout expires and we assume the
  5484. * network is down. */
  5485. int
  5486. control_event_network_liveness_update(int liveness)
  5487. {
  5488. if (liveness > 0) {
  5489. if (get_cached_network_liveness() <= 0) {
  5490. /* Update cached liveness */
  5491. set_cached_network_liveness(1);
  5492. log_debug(LD_CONTROL, "Sending NETWORK_LIVENESS UP");
  5493. send_control_event_string(EVENT_NETWORK_LIVENESS,
  5494. "650 NETWORK_LIVENESS UP\r\n");
  5495. }
  5496. /* else was already live, no-op */
  5497. } else {
  5498. if (get_cached_network_liveness() > 0) {
  5499. /* Update cached liveness */
  5500. set_cached_network_liveness(0);
  5501. log_debug(LD_CONTROL, "Sending NETWORK_LIVENESS DOWN");
  5502. send_control_event_string(EVENT_NETWORK_LIVENESS,
  5503. "650 NETWORK_LIVENESS DOWN\r\n");
  5504. }
  5505. /* else was already dead, no-op */
  5506. }
  5507. return 0;
  5508. }
  5509. /** Helper function for NS-style events. Constructs and sends an event
  5510. * of type <b>event</b> with string <b>event_string</b> out of the set of
  5511. * networkstatuses <b>statuses</b>. Currently it is used for NS events
  5512. * and NEWCONSENSUS events. */
  5513. static int
  5514. control_event_networkstatus_changed_helper(smartlist_t *statuses,
  5515. uint16_t event,
  5516. const char *event_string)
  5517. {
  5518. smartlist_t *strs;
  5519. char *s, *esc = NULL;
  5520. if (!EVENT_IS_INTERESTING(event) || !smartlist_len(statuses))
  5521. return 0;
  5522. strs = smartlist_new();
  5523. smartlist_add(strs, tor_strdup("650+"));
  5524. smartlist_add(strs, tor_strdup(event_string));
  5525. smartlist_add(strs, tor_strdup("\r\n"));
  5526. SMARTLIST_FOREACH(statuses, const routerstatus_t *, rs,
  5527. {
  5528. s = networkstatus_getinfo_helper_single(rs);
  5529. if (!s) continue;
  5530. smartlist_add(strs, s);
  5531. });
  5532. s = smartlist_join_strings(strs, "", 0, NULL);
  5533. write_escaped_data(s, strlen(s), &esc);
  5534. SMARTLIST_FOREACH(strs, char *, cp, tor_free(cp));
  5535. smartlist_free(strs);
  5536. tor_free(s);
  5537. send_control_event_string(event, esc);
  5538. send_control_event_string(event,
  5539. "650 OK\r\n");
  5540. tor_free(esc);
  5541. return 0;
  5542. }
  5543. /** Called when the routerstatus_ts <b>statuses</b> have changed: sends
  5544. * an NS event to any controller that cares. */
  5545. int
  5546. control_event_networkstatus_changed(smartlist_t *statuses)
  5547. {
  5548. return control_event_networkstatus_changed_helper(statuses, EVENT_NS, "NS");
  5549. }
  5550. /** Called when we get a new consensus networkstatus. Sends a NEWCONSENSUS
  5551. * event consisting of an NS-style line for each relay in the consensus. */
  5552. int
  5553. control_event_newconsensus(const networkstatus_t *consensus)
  5554. {
  5555. if (!control_event_is_interesting(EVENT_NEWCONSENSUS))
  5556. return 0;
  5557. return control_event_networkstatus_changed_helper(
  5558. consensus->routerstatus_list, EVENT_NEWCONSENSUS, "NEWCONSENSUS");
  5559. }
  5560. /** Called when we compute a new circuitbuildtimeout */
  5561. int
  5562. control_event_buildtimeout_set(buildtimeout_set_event_t type,
  5563. const char *args)
  5564. {
  5565. const char *type_string = NULL;
  5566. if (!control_event_is_interesting(EVENT_BUILDTIMEOUT_SET))
  5567. return 0;
  5568. switch (type) {
  5569. case BUILDTIMEOUT_SET_EVENT_COMPUTED:
  5570. type_string = "COMPUTED";
  5571. break;
  5572. case BUILDTIMEOUT_SET_EVENT_RESET:
  5573. type_string = "RESET";
  5574. break;
  5575. case BUILDTIMEOUT_SET_EVENT_SUSPENDED:
  5576. type_string = "SUSPENDED";
  5577. break;
  5578. case BUILDTIMEOUT_SET_EVENT_DISCARD:
  5579. type_string = "DISCARD";
  5580. break;
  5581. case BUILDTIMEOUT_SET_EVENT_RESUME:
  5582. type_string = "RESUME";
  5583. break;
  5584. default:
  5585. type_string = "UNKNOWN";
  5586. break;
  5587. }
  5588. send_control_event(EVENT_BUILDTIMEOUT_SET,
  5589. "650 BUILDTIMEOUT_SET %s %s\r\n",
  5590. type_string, args);
  5591. return 0;
  5592. }
  5593. /** Called when a signal has been processed from signal_callback */
  5594. int
  5595. control_event_signal(uintptr_t signal_num)
  5596. {
  5597. const char *signal_string = NULL;
  5598. if (!control_event_is_interesting(EVENT_GOT_SIGNAL))
  5599. return 0;
  5600. switch (signal_num) {
  5601. case SIGHUP:
  5602. signal_string = "RELOAD";
  5603. break;
  5604. case SIGUSR1:
  5605. signal_string = "DUMP";
  5606. break;
  5607. case SIGUSR2:
  5608. signal_string = "DEBUG";
  5609. break;
  5610. case SIGNEWNYM:
  5611. signal_string = "NEWNYM";
  5612. break;
  5613. case SIGCLEARDNSCACHE:
  5614. signal_string = "CLEARDNSCACHE";
  5615. break;
  5616. case SIGHEARTBEAT:
  5617. signal_string = "HEARTBEAT";
  5618. break;
  5619. default:
  5620. log_warn(LD_BUG, "Unrecognized signal %lu in control_event_signal",
  5621. (unsigned long)signal_num);
  5622. return -1;
  5623. }
  5624. send_control_event(EVENT_GOT_SIGNAL, "650 SIGNAL %s\r\n",
  5625. signal_string);
  5626. return 0;
  5627. }
  5628. /** Called when a single local_routerstatus_t has changed: Sends an NS event
  5629. * to any controller that cares. */
  5630. int
  5631. control_event_networkstatus_changed_single(const routerstatus_t *rs)
  5632. {
  5633. smartlist_t *statuses;
  5634. int r;
  5635. if (!EVENT_IS_INTERESTING(EVENT_NS))
  5636. return 0;
  5637. statuses = smartlist_new();
  5638. smartlist_add(statuses, (void*)rs);
  5639. r = control_event_networkstatus_changed(statuses);
  5640. smartlist_free(statuses);
  5641. return r;
  5642. }
  5643. /** Our own router descriptor has changed; tell any controllers that care.
  5644. */
  5645. int
  5646. control_event_my_descriptor_changed(void)
  5647. {
  5648. send_control_event(EVENT_DESCCHANGED, "650 DESCCHANGED\r\n");
  5649. return 0;
  5650. }
  5651. /** Helper: sends a status event where <b>type</b> is one of
  5652. * EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where <b>severity</b> is one of
  5653. * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a printf-style format
  5654. * string corresponding to <b>args</b>. */
  5655. static int
  5656. control_event_status(int type, int severity, const char *format, va_list args)
  5657. {
  5658. char *user_buf = NULL;
  5659. char format_buf[160];
  5660. const char *status, *sev;
  5661. switch (type) {
  5662. case EVENT_STATUS_GENERAL:
  5663. status = "STATUS_GENERAL";
  5664. break;
  5665. case EVENT_STATUS_CLIENT:
  5666. status = "STATUS_CLIENT";
  5667. break;
  5668. case EVENT_STATUS_SERVER:
  5669. status = "STATUS_SERVER";
  5670. break;
  5671. default:
  5672. log_warn(LD_BUG, "Unrecognized status type %d", type);
  5673. return -1;
  5674. }
  5675. switch (severity) {
  5676. case LOG_NOTICE:
  5677. sev = "NOTICE";
  5678. break;
  5679. case LOG_WARN:
  5680. sev = "WARN";
  5681. break;
  5682. case LOG_ERR:
  5683. sev = "ERR";
  5684. break;
  5685. default:
  5686. log_warn(LD_BUG, "Unrecognized status severity %d", severity);
  5687. return -1;
  5688. }
  5689. if (tor_snprintf(format_buf, sizeof(format_buf), "650 %s %s",
  5690. status, sev)<0) {
  5691. log_warn(LD_BUG, "Format string too long.");
  5692. return -1;
  5693. }
  5694. tor_vasprintf(&user_buf, format, args);
  5695. send_control_event(type, "%s %s\r\n", format_buf, user_buf);
  5696. tor_free(user_buf);
  5697. return 0;
  5698. }
  5699. #define CONTROL_EVENT_STATUS_BODY(event, sev) \
  5700. int r; \
  5701. do { \
  5702. va_list ap; \
  5703. if (!EVENT_IS_INTERESTING(event)) \
  5704. return 0; \
  5705. \
  5706. va_start(ap, format); \
  5707. r = control_event_status((event), (sev), format, ap); \
  5708. va_end(ap); \
  5709. } while (0)
  5710. /** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained
  5711. * by formatting the arguments using the printf-style <b>format</b>. */
  5712. int
  5713. control_event_general_status(int severity, const char *format, ...)
  5714. {
  5715. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_GENERAL, severity);
  5716. return r;
  5717. }
  5718. /** Format and send an EVENT_STATUS_GENERAL LOG_ERR event, and flush it to the
  5719. * controller(s) immediately. */
  5720. int
  5721. control_event_general_error(const char *format, ...)
  5722. {
  5723. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_GENERAL, LOG_ERR);
  5724. /* Force a flush, since we may be about to die horribly */
  5725. queued_events_flush_all(1);
  5726. return r;
  5727. }
  5728. /** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained
  5729. * by formatting the arguments using the printf-style <b>format</b>. */
  5730. int
  5731. control_event_client_status(int severity, const char *format, ...)
  5732. {
  5733. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_CLIENT, severity);
  5734. return r;
  5735. }
  5736. /** Format and send an EVENT_STATUS_CLIENT LOG_ERR event, and flush it to the
  5737. * controller(s) immediately. */
  5738. int
  5739. control_event_client_error(const char *format, ...)
  5740. {
  5741. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_CLIENT, LOG_ERR);
  5742. /* Force a flush, since we may be about to die horribly */
  5743. queued_events_flush_all(1);
  5744. return r;
  5745. }
  5746. /** Format and send an EVENT_STATUS_SERVER event whose main text is obtained
  5747. * by formatting the arguments using the printf-style <b>format</b>. */
  5748. int
  5749. control_event_server_status(int severity, const char *format, ...)
  5750. {
  5751. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_SERVER, severity);
  5752. return r;
  5753. }
  5754. /** Format and send an EVENT_STATUS_SERVER LOG_ERR event, and flush it to the
  5755. * controller(s) immediately. */
  5756. int
  5757. control_event_server_error(const char *format, ...)
  5758. {
  5759. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_SERVER, LOG_ERR);
  5760. /* Force a flush, since we may be about to die horribly */
  5761. queued_events_flush_all(1);
  5762. return r;
  5763. }
  5764. /** Called when the status of an entry guard with the given <b>nickname</b>
  5765. * and identity <b>digest</b> has changed to <b>status</b>: tells any
  5766. * controllers that care. */
  5767. int
  5768. control_event_guard(const char *nickname, const char *digest,
  5769. const char *status)
  5770. {
  5771. char hbuf[HEX_DIGEST_LEN+1];
  5772. base16_encode(hbuf, sizeof(hbuf), digest, DIGEST_LEN);
  5773. if (!EVENT_IS_INTERESTING(EVENT_GUARD))
  5774. return 0;
  5775. {
  5776. char buf[MAX_VERBOSE_NICKNAME_LEN+1];
  5777. const node_t *node = node_get_by_id(digest);
  5778. if (node) {
  5779. node_get_verbose_nickname(node, buf);
  5780. } else {
  5781. tor_snprintf(buf, sizeof(buf), "$%s~%s", hbuf, nickname);
  5782. }
  5783. send_control_event(EVENT_GUARD,
  5784. "650 GUARD ENTRY %s %s\r\n", buf, status);
  5785. }
  5786. return 0;
  5787. }
  5788. /** Called when a configuration option changes. This is generally triggered
  5789. * by SETCONF requests and RELOAD/SIGHUP signals. The <b>elements</b> is
  5790. * a smartlist_t containing (key, value, ...) pairs in sequence.
  5791. * <b>value</b> can be NULL. */
  5792. int
  5793. control_event_conf_changed(const smartlist_t *elements)
  5794. {
  5795. int i;
  5796. char *result;
  5797. smartlist_t *lines;
  5798. if (!EVENT_IS_INTERESTING(EVENT_CONF_CHANGED) ||
  5799. smartlist_len(elements) == 0) {
  5800. return 0;
  5801. }
  5802. lines = smartlist_new();
  5803. for (i = 0; i < smartlist_len(elements); i += 2) {
  5804. char *k = smartlist_get(elements, i);
  5805. char *v = smartlist_get(elements, i+1);
  5806. if (v == NULL) {
  5807. smartlist_add_asprintf(lines, "650-%s", k);
  5808. } else {
  5809. smartlist_add_asprintf(lines, "650-%s=%s", k, v);
  5810. }
  5811. }
  5812. result = smartlist_join_strings(lines, "\r\n", 0, NULL);
  5813. send_control_event(EVENT_CONF_CHANGED,
  5814. "650-CONF_CHANGED\r\n%s\r\n650 OK\r\n", result);
  5815. tor_free(result);
  5816. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  5817. smartlist_free(lines);
  5818. return 0;
  5819. }
  5820. /** Helper: Return a newly allocated string containing a path to the
  5821. * file where we store our authentication cookie. */
  5822. char *
  5823. get_controller_cookie_file_name(void)
  5824. {
  5825. const or_options_t *options = get_options();
  5826. if (options->CookieAuthFile && strlen(options->CookieAuthFile)) {
  5827. return tor_strdup(options->CookieAuthFile);
  5828. } else {
  5829. return get_datadir_fname("control_auth_cookie");
  5830. }
  5831. }
  5832. /* Initialize the cookie-based authentication system of the
  5833. * ControlPort. If <b>enabled</b> is 0, then disable the cookie
  5834. * authentication system. */
  5835. int
  5836. init_control_cookie_authentication(int enabled)
  5837. {
  5838. char *fname = NULL;
  5839. int retval;
  5840. if (!enabled) {
  5841. authentication_cookie_is_set = 0;
  5842. return 0;
  5843. }
  5844. fname = get_controller_cookie_file_name();
  5845. retval = init_cookie_authentication(fname, "", /* no header */
  5846. AUTHENTICATION_COOKIE_LEN,
  5847. get_options()->CookieAuthFileGroupReadable,
  5848. &authentication_cookie,
  5849. &authentication_cookie_is_set);
  5850. tor_free(fname);
  5851. return retval;
  5852. }
  5853. /** A copy of the process specifier of Tor's owning controller, or
  5854. * NULL if this Tor instance is not currently owned by a process. */
  5855. static char *owning_controller_process_spec = NULL;
  5856. /** A process-termination monitor for Tor's owning controller, or NULL
  5857. * if this Tor instance is not currently owned by a process. */
  5858. static tor_process_monitor_t *owning_controller_process_monitor = NULL;
  5859. /** Process-termination monitor callback for Tor's owning controller
  5860. * process. */
  5861. static void
  5862. owning_controller_procmon_cb(void *unused)
  5863. {
  5864. (void)unused;
  5865. lost_owning_controller("process", "vanished");
  5866. }
  5867. /** Set <b>process_spec</b> as Tor's owning controller process.
  5868. * Exit on failure. */
  5869. void
  5870. monitor_owning_controller_process(const char *process_spec)
  5871. {
  5872. const char *msg;
  5873. tor_assert((owning_controller_process_spec == NULL) ==
  5874. (owning_controller_process_monitor == NULL));
  5875. if (owning_controller_process_spec != NULL) {
  5876. if ((process_spec != NULL) && !strcmp(process_spec,
  5877. owning_controller_process_spec)) {
  5878. /* Same process -- return now, instead of disposing of and
  5879. * recreating the process-termination monitor. */
  5880. return;
  5881. }
  5882. /* We are currently owned by a process, and we should no longer be
  5883. * owned by it. Free the process-termination monitor. */
  5884. tor_process_monitor_free(owning_controller_process_monitor);
  5885. owning_controller_process_monitor = NULL;
  5886. tor_free(owning_controller_process_spec);
  5887. owning_controller_process_spec = NULL;
  5888. }
  5889. tor_assert((owning_controller_process_spec == NULL) &&
  5890. (owning_controller_process_monitor == NULL));
  5891. if (process_spec == NULL)
  5892. return;
  5893. owning_controller_process_spec = tor_strdup(process_spec);
  5894. owning_controller_process_monitor =
  5895. tor_process_monitor_new(tor_libevent_get_base(),
  5896. owning_controller_process_spec,
  5897. LD_CONTROL,
  5898. owning_controller_procmon_cb, NULL,
  5899. &msg);
  5900. if (owning_controller_process_monitor == NULL) {
  5901. log_err(LD_BUG, "Couldn't create process-termination monitor for "
  5902. "owning controller: %s. Exiting.",
  5903. msg);
  5904. owning_controller_process_spec = NULL;
  5905. tor_cleanup();
  5906. exit(0);
  5907. }
  5908. }
  5909. /** Convert the name of a bootstrapping phase <b>s</b> into strings
  5910. * <b>tag</b> and <b>summary</b> suitable for display by the controller. */
  5911. static int
  5912. bootstrap_status_to_string(bootstrap_status_t s, const char **tag,
  5913. const char **summary)
  5914. {
  5915. switch (s) {
  5916. case BOOTSTRAP_STATUS_UNDEF:
  5917. *tag = "undef";
  5918. *summary = "Undefined";
  5919. break;
  5920. case BOOTSTRAP_STATUS_STARTING:
  5921. *tag = "starting";
  5922. *summary = "Starting";
  5923. break;
  5924. case BOOTSTRAP_STATUS_CONN_DIR:
  5925. *tag = "conn_dir";
  5926. *summary = "Connecting to directory server";
  5927. break;
  5928. case BOOTSTRAP_STATUS_HANDSHAKE:
  5929. *tag = "status_handshake";
  5930. *summary = "Finishing handshake";
  5931. break;
  5932. case BOOTSTRAP_STATUS_HANDSHAKE_DIR:
  5933. *tag = "handshake_dir";
  5934. *summary = "Finishing handshake with directory server";
  5935. break;
  5936. case BOOTSTRAP_STATUS_ONEHOP_CREATE:
  5937. *tag = "onehop_create";
  5938. *summary = "Establishing an encrypted directory connection";
  5939. break;
  5940. case BOOTSTRAP_STATUS_REQUESTING_STATUS:
  5941. *tag = "requesting_status";
  5942. *summary = "Asking for networkstatus consensus";
  5943. break;
  5944. case BOOTSTRAP_STATUS_LOADING_STATUS:
  5945. *tag = "loading_status";
  5946. *summary = "Loading networkstatus consensus";
  5947. break;
  5948. case BOOTSTRAP_STATUS_LOADING_KEYS:
  5949. *tag = "loading_keys";
  5950. *summary = "Loading authority key certs";
  5951. break;
  5952. case BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS:
  5953. *tag = "requesting_descriptors";
  5954. /* XXXX this appears to incorrectly report internal on most loads */
  5955. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  5956. "Asking for relay descriptors for internal paths" :
  5957. "Asking for relay descriptors";
  5958. break;
  5959. /* If we're sure there are no exits in the consensus,
  5960. * inform the controller by adding "internal"
  5961. * to the status summaries.
  5962. * (We only check this while loading descriptors,
  5963. * so we may not know in the earlier stages.)
  5964. * But if there are exits, we can't be sure whether
  5965. * we're creating internal or exit paths/circuits.
  5966. * XXXX Or should be use different tags or statuses
  5967. * for internal and exit/all? */
  5968. case BOOTSTRAP_STATUS_LOADING_DESCRIPTORS:
  5969. *tag = "loading_descriptors";
  5970. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  5971. "Loading relay descriptors for internal paths" :
  5972. "Loading relay descriptors";
  5973. break;
  5974. case BOOTSTRAP_STATUS_CONN_OR:
  5975. *tag = "conn_or";
  5976. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  5977. "Connecting to the Tor network internally" :
  5978. "Connecting to the Tor network";
  5979. break;
  5980. case BOOTSTRAP_STATUS_HANDSHAKE_OR:
  5981. *tag = "handshake_or";
  5982. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  5983. "Finishing handshake with first hop of internal circuit" :
  5984. "Finishing handshake with first hop";
  5985. break;
  5986. case BOOTSTRAP_STATUS_CIRCUIT_CREATE:
  5987. *tag = "circuit_create";
  5988. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  5989. "Establishing an internal Tor circuit" :
  5990. "Establishing a Tor circuit";
  5991. break;
  5992. case BOOTSTRAP_STATUS_DONE:
  5993. *tag = "done";
  5994. *summary = "Done";
  5995. break;
  5996. default:
  5997. // log_warn(LD_BUG, "Unrecognized bootstrap status code %d", s);
  5998. *tag = *summary = "unknown";
  5999. return -1;
  6000. }
  6001. return 0;
  6002. }
  6003. /** What percentage through the bootstrap process are we? We remember
  6004. * this so we can avoid sending redundant bootstrap status events, and
  6005. * so we can guess context for the bootstrap messages which are
  6006. * ambiguous. It starts at 'undef', but gets set to 'starting' while
  6007. * Tor initializes. */
  6008. static int bootstrap_percent = BOOTSTRAP_STATUS_UNDEF;
  6009. /** As bootstrap_percent, but holds the bootstrapping level at which we last
  6010. * logged a NOTICE-level message. We use this, plus BOOTSTRAP_PCT_INCREMENT,
  6011. * to avoid flooding the log with a new message every time we get a few more
  6012. * microdescriptors */
  6013. static int notice_bootstrap_percent = 0;
  6014. /** How many problems have we had getting to the next bootstrapping phase?
  6015. * These include failure to establish a connection to a Tor relay,
  6016. * failures to finish the TLS handshake, failures to validate the
  6017. * consensus document, etc. */
  6018. static int bootstrap_problems = 0;
  6019. /** We only tell the controller once we've hit a threshold of problems
  6020. * for the current phase. */
  6021. #define BOOTSTRAP_PROBLEM_THRESHOLD 10
  6022. /** When our bootstrapping progress level changes, but our bootstrapping
  6023. * status has not advanced, we only log at NOTICE when we have made at least
  6024. * this much progress.
  6025. */
  6026. #define BOOTSTRAP_PCT_INCREMENT 5
  6027. /** Called when Tor has made progress at bootstrapping its directory
  6028. * information and initial circuits.
  6029. *
  6030. * <b>status</b> is the new status, that is, what task we will be doing
  6031. * next. <b>progress</b> is zero if we just started this task, else it
  6032. * represents progress on the task.
  6033. *
  6034. * Return true if we logged a message at level NOTICE, and false otherwise.
  6035. */
  6036. int
  6037. control_event_bootstrap(bootstrap_status_t status, int progress)
  6038. {
  6039. const char *tag, *summary;
  6040. char buf[BOOTSTRAP_MSG_LEN];
  6041. if (bootstrap_percent == BOOTSTRAP_STATUS_DONE)
  6042. return 0; /* already bootstrapped; nothing to be done here. */
  6043. /* special case for handshaking status, since our TLS handshaking code
  6044. * can't distinguish what the connection is going to be for. */
  6045. if (status == BOOTSTRAP_STATUS_HANDSHAKE) {
  6046. if (bootstrap_percent < BOOTSTRAP_STATUS_CONN_OR) {
  6047. status = BOOTSTRAP_STATUS_HANDSHAKE_DIR;
  6048. } else {
  6049. status = BOOTSTRAP_STATUS_HANDSHAKE_OR;
  6050. }
  6051. }
  6052. if (status > bootstrap_percent ||
  6053. (progress && progress > bootstrap_percent)) {
  6054. int loglevel = LOG_NOTICE;
  6055. bootstrap_status_to_string(status, &tag, &summary);
  6056. if (status <= bootstrap_percent &&
  6057. (progress < notice_bootstrap_percent + BOOTSTRAP_PCT_INCREMENT)) {
  6058. /* We log the message at info if the status hasn't advanced, and if less
  6059. * than BOOTSTRAP_PCT_INCREMENT progress has been made.
  6060. */
  6061. loglevel = LOG_INFO;
  6062. }
  6063. tor_log(loglevel, LD_CONTROL,
  6064. "Bootstrapped %d%%: %s", progress ? progress : status, summary);
  6065. tor_snprintf(buf, sizeof(buf),
  6066. "BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY=\"%s\"",
  6067. progress ? progress : status, tag, summary);
  6068. tor_snprintf(last_sent_bootstrap_message,
  6069. sizeof(last_sent_bootstrap_message),
  6070. "NOTICE %s", buf);
  6071. control_event_client_status(LOG_NOTICE, "%s", buf);
  6072. if (status > bootstrap_percent) {
  6073. bootstrap_percent = status; /* new milestone reached */
  6074. }
  6075. if (progress > bootstrap_percent) {
  6076. /* incremental progress within a milestone */
  6077. bootstrap_percent = progress;
  6078. bootstrap_problems = 0; /* Progress! Reset our problem counter. */
  6079. }
  6080. if (loglevel == LOG_NOTICE &&
  6081. bootstrap_percent > notice_bootstrap_percent) {
  6082. /* Remember that we gave a notice at this level. */
  6083. notice_bootstrap_percent = bootstrap_percent;
  6084. }
  6085. return loglevel == LOG_NOTICE;
  6086. }
  6087. return 0;
  6088. }
  6089. /** Called when Tor has failed to make bootstrapping progress in a way
  6090. * that indicates a problem. <b>warn</b> gives a hint as to why, and
  6091. * <b>reason</b> provides an "or_conn_end_reason" tag. <b>or_conn</b>
  6092. * is the connection that caused this problem.
  6093. */
  6094. MOCK_IMPL(void,
  6095. control_event_bootstrap_problem, (const char *warn, int reason,
  6096. or_connection_t *or_conn))
  6097. {
  6098. int status = bootstrap_percent;
  6099. const char *tag = "", *summary = "";
  6100. char buf[BOOTSTRAP_MSG_LEN];
  6101. const char *recommendation = "ignore";
  6102. int severity;
  6103. /* bootstrap_percent must not be in "undefined" state here. */
  6104. tor_assert(status >= 0);
  6105. if (or_conn->have_noted_bootstrap_problem)
  6106. return;
  6107. or_conn->have_noted_bootstrap_problem = 1;
  6108. if (bootstrap_percent == 100)
  6109. return; /* already bootstrapped; nothing to be done here. */
  6110. bootstrap_problems++;
  6111. if (bootstrap_problems >= BOOTSTRAP_PROBLEM_THRESHOLD)
  6112. recommendation = "warn";
  6113. if (reason == END_OR_CONN_REASON_NO_ROUTE)
  6114. recommendation = "warn";
  6115. /* If we are using bridges and all our OR connections are now
  6116. closed, it means that we totally failed to connect to our
  6117. bridges. Throw a warning. */
  6118. if (get_options()->UseBridges && !any_other_active_or_conns(or_conn))
  6119. recommendation = "warn";
  6120. if (we_are_hibernating())
  6121. recommendation = "ignore";
  6122. while (status>=0 && bootstrap_status_to_string(status, &tag, &summary) < 0)
  6123. status--; /* find a recognized status string based on current progress */
  6124. status = bootstrap_percent; /* set status back to the actual number */
  6125. severity = !strcmp(recommendation, "warn") ? LOG_WARN : LOG_INFO;
  6126. log_fn(severity,
  6127. LD_CONTROL, "Problem bootstrapping. Stuck at %d%%: %s. (%s; %s; "
  6128. "count %d; recommendation %s; host %s at %s:%d)",
  6129. status, summary, warn,
  6130. orconn_end_reason_to_control_string(reason),
  6131. bootstrap_problems, recommendation,
  6132. hex_str(or_conn->identity_digest, DIGEST_LEN),
  6133. or_conn->base_.address,
  6134. or_conn->base_.port);
  6135. connection_or_report_broken_states(severity, LD_HANDSHAKE);
  6136. tor_snprintf(buf, sizeof(buf),
  6137. "BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY=\"%s\" WARNING=\"%s\" REASON=%s "
  6138. "COUNT=%d RECOMMENDATION=%s HOSTID=\"%s\" HOSTADDR=\"%s:%d\"",
  6139. bootstrap_percent, tag, summary, warn,
  6140. orconn_end_reason_to_control_string(reason), bootstrap_problems,
  6141. recommendation,
  6142. hex_str(or_conn->identity_digest, DIGEST_LEN),
  6143. or_conn->base_.address,
  6144. (int)or_conn->base_.port);
  6145. tor_snprintf(last_sent_bootstrap_message,
  6146. sizeof(last_sent_bootstrap_message),
  6147. "WARN %s", buf);
  6148. control_event_client_status(LOG_WARN, "%s", buf);
  6149. }
  6150. /** We just generated a new summary of which countries we've seen clients
  6151. * from recently. Send a copy to the controller in case it wants to
  6152. * display it for the user. */
  6153. void
  6154. control_event_clients_seen(const char *controller_str)
  6155. {
  6156. send_control_event(EVENT_CLIENTS_SEEN,
  6157. "650 CLIENTS_SEEN %s\r\n", controller_str);
  6158. }
  6159. /** A new pluggable transport called <b>transport_name</b> was
  6160. * launched on <b>addr</b>:<b>port</b>. <b>mode</b> is either
  6161. * "server" or "client" depending on the mode of the pluggable
  6162. * transport.
  6163. * "650" SP "TRANSPORT_LAUNCHED" SP Mode SP Name SP Address SP Port
  6164. */
  6165. void
  6166. control_event_transport_launched(const char *mode, const char *transport_name,
  6167. tor_addr_t *addr, uint16_t port)
  6168. {
  6169. send_control_event(EVENT_TRANSPORT_LAUNCHED,
  6170. "650 TRANSPORT_LAUNCHED %s %s %s %u\r\n",
  6171. mode, transport_name, fmt_addr(addr), port);
  6172. }
  6173. /** Convert rendezvous auth type to string for HS_DESC control events
  6174. */
  6175. const char *
  6176. rend_auth_type_to_string(rend_auth_type_t auth_type)
  6177. {
  6178. const char *str;
  6179. switch (auth_type) {
  6180. case REND_NO_AUTH:
  6181. str = "NO_AUTH";
  6182. break;
  6183. case REND_BASIC_AUTH:
  6184. str = "BASIC_AUTH";
  6185. break;
  6186. case REND_STEALTH_AUTH:
  6187. str = "STEALTH_AUTH";
  6188. break;
  6189. default:
  6190. str = "UNKNOWN";
  6191. }
  6192. return str;
  6193. }
  6194. /** Return a longname the node whose identity is <b>id_digest</b>. If
  6195. * node_get_by_id() returns NULL, base 16 encoding of <b>id_digest</b> is
  6196. * returned instead.
  6197. *
  6198. * This function is not thread-safe. Each call to this function invalidates
  6199. * previous values returned by this function.
  6200. */
  6201. MOCK_IMPL(const char *,
  6202. node_describe_longname_by_id,(const char *id_digest))
  6203. {
  6204. static char longname[MAX_VERBOSE_NICKNAME_LEN+1];
  6205. node_get_verbose_nickname_by_id(id_digest, longname);
  6206. return longname;
  6207. }
  6208. /** Return either the onion address if the given pointer is a non empty
  6209. * string else the unknown string. */
  6210. static const char *
  6211. rend_hsaddress_str_or_unknown(const char *onion_address)
  6212. {
  6213. static const char *str_unknown = "UNKNOWN";
  6214. const char *str_ret = str_unknown;
  6215. /* No valid pointer, unknown it is. */
  6216. if (!onion_address) {
  6217. goto end;
  6218. }
  6219. /* Empty onion address thus we don't know, unknown it is. */
  6220. if (onion_address[0] == '\0') {
  6221. goto end;
  6222. }
  6223. /* All checks are good so return the given onion address. */
  6224. str_ret = onion_address;
  6225. end:
  6226. return str_ret;
  6227. }
  6228. /** send HS_DESC requested event.
  6229. *
  6230. * <b>rend_query</b> is used to fetch requested onion address and auth type.
  6231. * <b>hs_dir</b> is the description of contacting hs directory.
  6232. * <b>desc_id_base32</b> is the ID of requested hs descriptor.
  6233. */
  6234. void
  6235. control_event_hs_descriptor_requested(const rend_data_t *rend_query,
  6236. const char *id_digest,
  6237. const char *desc_id_base32)
  6238. {
  6239. if (!id_digest || !rend_query || !desc_id_base32) {
  6240. log_warn(LD_BUG, "Called with rend_query==%p, "
  6241. "id_digest==%p, desc_id_base32==%p",
  6242. rend_query, id_digest, desc_id_base32);
  6243. return;
  6244. }
  6245. send_control_event(EVENT_HS_DESC,
  6246. "650 HS_DESC REQUESTED %s %s %s %s\r\n",
  6247. rend_hsaddress_str_or_unknown(rend_query->onion_address),
  6248. rend_auth_type_to_string(rend_query->auth_type),
  6249. node_describe_longname_by_id(id_digest),
  6250. desc_id_base32);
  6251. }
  6252. /** For an HS descriptor query <b>rend_data</b>, using the
  6253. * <b>onion_address</b> and HSDir fingerprint <b>hsdir_fp</b>, find out
  6254. * which descriptor ID in the query is the right one.
  6255. *
  6256. * Return a pointer of the binary descriptor ID found in the query's object
  6257. * or NULL if not found. */
  6258. static const char *
  6259. get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp)
  6260. {
  6261. int replica;
  6262. const char *desc_id = NULL;
  6263. /* Possible if the fetch was done using a descriptor ID. This means that
  6264. * the HSFETCH command was used. */
  6265. if (!tor_digest_is_zero(rend_data->desc_id_fetch)) {
  6266. desc_id = rend_data->desc_id_fetch;
  6267. goto end;
  6268. }
  6269. /* OK, we have an onion address so now let's find which descriptor ID
  6270. * is the one associated with the HSDir fingerprint. */
  6271. for (replica = 0; replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
  6272. replica++) {
  6273. const char *digest = rend_data->descriptor_id[replica];
  6274. SMARTLIST_FOREACH_BEGIN(rend_data->hsdirs_fp, char *, fingerprint) {
  6275. if (tor_memcmp(fingerprint, hsdir_fp, DIGEST_LEN) == 0) {
  6276. /* Found it! This descriptor ID is the right one. */
  6277. desc_id = digest;
  6278. goto end;
  6279. }
  6280. } SMARTLIST_FOREACH_END(fingerprint);
  6281. }
  6282. end:
  6283. return desc_id;
  6284. }
  6285. /** send HS_DESC CREATED event when a local service generates a descriptor.
  6286. *
  6287. * <b>service_id</b> is the descriptor onion address.
  6288. * <b>desc_id_base32</b> is the descriptor ID.
  6289. * <b>replica</b> is the the descriptor replica number.
  6290. */
  6291. void
  6292. control_event_hs_descriptor_created(const char *service_id,
  6293. const char *desc_id_base32,
  6294. int replica)
  6295. {
  6296. if (!service_id || !desc_id_base32) {
  6297. log_warn(LD_BUG, "Called with service_digest==%p, "
  6298. "desc_id_base32==%p", service_id, desc_id_base32);
  6299. return;
  6300. }
  6301. send_control_event(EVENT_HS_DESC,
  6302. "650 HS_DESC CREATED %s UNKNOWN UNKNOWN %s "
  6303. "REPLICA=%d\r\n",
  6304. service_id,
  6305. desc_id_base32,
  6306. replica);
  6307. }
  6308. /** send HS_DESC upload event.
  6309. *
  6310. * <b>service_id</b> is the descriptor onion address.
  6311. * <b>hs_dir</b> is the description of contacting hs directory.
  6312. * <b>desc_id_base32</b> is the ID of requested hs descriptor.
  6313. */
  6314. void
  6315. control_event_hs_descriptor_upload(const char *service_id,
  6316. const char *id_digest,
  6317. const char *desc_id_base32)
  6318. {
  6319. if (!service_id || !id_digest || !desc_id_base32) {
  6320. log_warn(LD_BUG, "Called with service_digest==%p, "
  6321. "desc_id_base32==%p, id_digest==%p", service_id,
  6322. desc_id_base32, id_digest);
  6323. return;
  6324. }
  6325. send_control_event(EVENT_HS_DESC,
  6326. "650 HS_DESC UPLOAD %s UNKNOWN %s %s\r\n",
  6327. service_id,
  6328. node_describe_longname_by_id(id_digest),
  6329. desc_id_base32);
  6330. }
  6331. /** send HS_DESC event after got response from hs directory.
  6332. *
  6333. * NOTE: this is an internal function used by following functions:
  6334. * control_event_hs_descriptor_received
  6335. * control_event_hs_descriptor_failed
  6336. *
  6337. * So do not call this function directly.
  6338. */
  6339. void
  6340. control_event_hs_descriptor_receive_end(const char *action,
  6341. const char *onion_address,
  6342. const rend_data_t *rend_data,
  6343. const char *id_digest,
  6344. const char *reason)
  6345. {
  6346. char *desc_id_field = NULL;
  6347. char *reason_field = NULL;
  6348. char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
  6349. const char *desc_id = NULL;
  6350. if (!action || !id_digest || !rend_data || !onion_address) {
  6351. log_warn(LD_BUG, "Called with action==%p, id_digest==%p, "
  6352. "rend_data==%p, onion_address==%p", action, id_digest,
  6353. rend_data, onion_address);
  6354. return;
  6355. }
  6356. desc_id = get_desc_id_from_query(rend_data, id_digest);
  6357. if (desc_id != NULL) {
  6358. /* Set the descriptor ID digest to base32 so we can send it. */
  6359. base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
  6360. DIGEST_LEN);
  6361. /* Extra whitespace is needed before the value. */
  6362. tor_asprintf(&desc_id_field, " %s", desc_id_base32);
  6363. }
  6364. if (reason) {
  6365. tor_asprintf(&reason_field, " REASON=%s", reason);
  6366. }
  6367. send_control_event(EVENT_HS_DESC,
  6368. "650 HS_DESC %s %s %s %s%s%s\r\n",
  6369. action,
  6370. rend_hsaddress_str_or_unknown(onion_address),
  6371. rend_auth_type_to_string(rend_data->auth_type),
  6372. node_describe_longname_by_id(id_digest),
  6373. desc_id_field ? desc_id_field : "",
  6374. reason_field ? reason_field : "");
  6375. tor_free(desc_id_field);
  6376. tor_free(reason_field);
  6377. }
  6378. /** send HS_DESC event after got response from hs directory.
  6379. *
  6380. * NOTE: this is an internal function used by following functions:
  6381. * control_event_hs_descriptor_uploaded
  6382. * control_event_hs_descriptor_upload_failed
  6383. *
  6384. * So do not call this function directly.
  6385. */
  6386. void
  6387. control_event_hs_descriptor_upload_end(const char *action,
  6388. const char *onion_address,
  6389. const char *id_digest,
  6390. const char *reason)
  6391. {
  6392. char *reason_field = NULL;
  6393. if (!action || !id_digest) {
  6394. log_warn(LD_BUG, "Called with action==%p, id_digest==%p", action,
  6395. id_digest);
  6396. return;
  6397. }
  6398. if (reason) {
  6399. tor_asprintf(&reason_field, " REASON=%s", reason);
  6400. }
  6401. send_control_event(EVENT_HS_DESC,
  6402. "650 HS_DESC %s %s UNKNOWN %s%s\r\n",
  6403. action,
  6404. rend_hsaddress_str_or_unknown(onion_address),
  6405. node_describe_longname_by_id(id_digest),
  6406. reason_field ? reason_field : "");
  6407. tor_free(reason_field);
  6408. }
  6409. /** send HS_DESC RECEIVED event
  6410. *
  6411. * called when we successfully received a hidden service descriptor.
  6412. */
  6413. void
  6414. control_event_hs_descriptor_received(const char *onion_address,
  6415. const rend_data_t *rend_data,
  6416. const char *id_digest)
  6417. {
  6418. if (!rend_data || !id_digest || !onion_address) {
  6419. log_warn(LD_BUG, "Called with rend_data==%p, id_digest==%p, "
  6420. "onion_address==%p", rend_data, id_digest, onion_address);
  6421. return;
  6422. }
  6423. control_event_hs_descriptor_receive_end("RECEIVED", onion_address,
  6424. rend_data, id_digest, NULL);
  6425. }
  6426. /** send HS_DESC UPLOADED event
  6427. *
  6428. * called when we successfully uploaded a hidden service descriptor.
  6429. */
  6430. void
  6431. control_event_hs_descriptor_uploaded(const char *id_digest,
  6432. const char *onion_address)
  6433. {
  6434. if (!id_digest) {
  6435. log_warn(LD_BUG, "Called with id_digest==%p",
  6436. id_digest);
  6437. return;
  6438. }
  6439. control_event_hs_descriptor_upload_end("UPLOADED", onion_address,
  6440. id_digest, NULL);
  6441. }
  6442. /** Send HS_DESC event to inform controller that query <b>rend_query</b>
  6443. * failed to retrieve hidden service descriptor identified by
  6444. * <b>id_digest</b>. If <b>reason</b> is not NULL, add it to REASON=
  6445. * field.
  6446. */
  6447. void
  6448. control_event_hs_descriptor_failed(const rend_data_t *rend_data,
  6449. const char *id_digest,
  6450. const char *reason)
  6451. {
  6452. if (!rend_data || !id_digest) {
  6453. log_warn(LD_BUG, "Called with rend_data==%p, id_digest==%p",
  6454. rend_data, id_digest);
  6455. return;
  6456. }
  6457. control_event_hs_descriptor_receive_end("FAILED",
  6458. rend_data->onion_address,
  6459. rend_data, id_digest, reason);
  6460. }
  6461. /** send HS_DESC_CONTENT event after completion of a successful fetch from
  6462. * hs directory. */
  6463. void
  6464. control_event_hs_descriptor_content(const char *onion_address,
  6465. const char *desc_id,
  6466. const char *hsdir_id_digest,
  6467. const char *content)
  6468. {
  6469. static const char *event_name = "HS_DESC_CONTENT";
  6470. char *esc_content = NULL;
  6471. if (!onion_address || !desc_id || !hsdir_id_digest) {
  6472. log_warn(LD_BUG, "Called with onion_address==%p, desc_id==%p, "
  6473. "hsdir_id_digest==%p", onion_address, desc_id, hsdir_id_digest);
  6474. return;
  6475. }
  6476. if (content == NULL) {
  6477. /* Point it to empty content so it can still be escaped. */
  6478. content = "";
  6479. }
  6480. write_escaped_data(content, strlen(content), &esc_content);
  6481. send_control_event(EVENT_HS_DESC_CONTENT,
  6482. "650+%s %s %s %s\r\n%s650 OK\r\n",
  6483. event_name,
  6484. rend_hsaddress_str_or_unknown(onion_address),
  6485. desc_id,
  6486. node_describe_longname_by_id(hsdir_id_digest),
  6487. esc_content);
  6488. tor_free(esc_content);
  6489. }
  6490. /** Send HS_DESC event to inform controller upload of hidden service
  6491. * descriptor identified by <b>id_digest</b> failed. If <b>reason</b>
  6492. * is not NULL, add it to REASON= field.
  6493. */
  6494. void
  6495. control_event_hs_descriptor_upload_failed(const char *id_digest,
  6496. const char *onion_address,
  6497. const char *reason)
  6498. {
  6499. if (!id_digest) {
  6500. log_warn(LD_BUG, "Called with id_digest==%p",
  6501. id_digest);
  6502. return;
  6503. }
  6504. control_event_hs_descriptor_upload_end("UPLOAD_FAILED", onion_address,
  6505. id_digest, reason);
  6506. }
  6507. /** Free any leftover allocated memory of the control.c subsystem. */
  6508. void
  6509. control_free_all(void)
  6510. {
  6511. if (authentication_cookie) /* Free the auth cookie */
  6512. tor_free(authentication_cookie);
  6513. if (detached_onion_services) { /* Free the detached onion services */
  6514. SMARTLIST_FOREACH(detached_onion_services, char *, cp, tor_free(cp));
  6515. smartlist_free(detached_onion_services);
  6516. }
  6517. if (queued_control_events) {
  6518. SMARTLIST_FOREACH(queued_control_events, queued_event_t *, ev,
  6519. queued_event_free(ev));
  6520. smartlist_free(queued_control_events);
  6521. queued_control_events = NULL;
  6522. }
  6523. if (flush_queued_events_event) {
  6524. tor_event_free(flush_queued_events_event);
  6525. flush_queued_events_event = NULL;
  6526. }
  6527. }
  6528. #ifdef TOR_UNIT_TESTS
  6529. /* For testing: change the value of global_event_mask */
  6530. void
  6531. control_testing_set_global_event_mask(uint64_t mask)
  6532. {
  6533. global_event_mask = mask;
  6534. }
  6535. #endif