reasons.c 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496
  1. /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  2. * Copyright (c) 2007-2017, The Tor Project, Inc. */
  3. /* See LICENSE for licensing information */
  4. /**
  5. * \file reasons.c
  6. * \brief Convert circuit, stream, and orconn error reasons to and/or from
  7. * strings and errno values.
  8. *
  9. * This module is just a bunch of functions full of case statements that
  10. * convert from one representation of our error codes to another. These are
  11. * mainly used in generating log messages, in sending messages to the
  12. * controller in control.c, and in converting errors from one protocol layer
  13. * to another.
  14. **/
  15. #include "or.h"
  16. #include "config.h"
  17. #include "reasons.h"
  18. /***************************** Edge (stream) reasons **********************/
  19. /** Convert the reason for ending a stream <b>reason</b> into the format used
  20. * in STREAM events. Return NULL if the reason is unrecognized. */
  21. const char *
  22. stream_end_reason_to_control_string(int reason)
  23. {
  24. reason &= END_STREAM_REASON_MASK;
  25. switch (reason) {
  26. case END_STREAM_REASON_MISC: return "MISC";
  27. case END_STREAM_REASON_RESOLVEFAILED: return "RESOLVEFAILED";
  28. case END_STREAM_REASON_CONNECTREFUSED: return "CONNECTREFUSED";
  29. case END_STREAM_REASON_EXITPOLICY: return "EXITPOLICY";
  30. case END_STREAM_REASON_DESTROY: return "DESTROY";
  31. case END_STREAM_REASON_DONE: return "DONE";
  32. case END_STREAM_REASON_TIMEOUT: return "TIMEOUT";
  33. case END_STREAM_REASON_NOROUTE: return "NOROUTE";
  34. case END_STREAM_REASON_HIBERNATING: return "HIBERNATING";
  35. case END_STREAM_REASON_INTERNAL: return "INTERNAL";
  36. case END_STREAM_REASON_RESOURCELIMIT: return "RESOURCELIMIT";
  37. case END_STREAM_REASON_CONNRESET: return "CONNRESET";
  38. case END_STREAM_REASON_TORPROTOCOL: return "TORPROTOCOL";
  39. case END_STREAM_REASON_NOTDIRECTORY: return "NOTDIRECTORY";
  40. case END_STREAM_REASON_CANT_ATTACH: return "CANT_ATTACH";
  41. case END_STREAM_REASON_NET_UNREACHABLE: return "NET_UNREACHABLE";
  42. case END_STREAM_REASON_SOCKSPROTOCOL: return "SOCKS_PROTOCOL";
  43. // XXXX Controlspec
  44. case END_STREAM_REASON_HTTPPROTOCOL: return "HTTP_PROTOCOL";
  45. case END_STREAM_REASON_PRIVATE_ADDR: return "PRIVATE_ADDR";
  46. default: return NULL;
  47. }
  48. }
  49. /** Translate <b>reason</b>, which came from a relay 'end' cell,
  50. * into a static const string describing why the stream is closing.
  51. * <b>reason</b> is -1 if no reason was provided.
  52. */
  53. const char *
  54. stream_end_reason_to_string(int reason)
  55. {
  56. switch (reason) {
  57. case -1:
  58. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  59. "End cell arrived with length 0. Should be at least 1.");
  60. return "MALFORMED";
  61. case END_STREAM_REASON_MISC: return "misc error";
  62. case END_STREAM_REASON_RESOLVEFAILED: return "resolve failed";
  63. case END_STREAM_REASON_CONNECTREFUSED: return "connection refused";
  64. case END_STREAM_REASON_EXITPOLICY: return "exit policy failed";
  65. case END_STREAM_REASON_DESTROY: return "destroyed";
  66. case END_STREAM_REASON_DONE: return "closed normally";
  67. case END_STREAM_REASON_TIMEOUT: return "gave up (timeout)";
  68. case END_STREAM_REASON_NOROUTE: return "no route to host";
  69. case END_STREAM_REASON_HIBERNATING: return "server is hibernating";
  70. case END_STREAM_REASON_INTERNAL: return "internal error at server";
  71. case END_STREAM_REASON_RESOURCELIMIT: return "server out of resources";
  72. case END_STREAM_REASON_CONNRESET: return "connection reset";
  73. case END_STREAM_REASON_TORPROTOCOL: return "Tor protocol error";
  74. case END_STREAM_REASON_NOTDIRECTORY: return "not a directory";
  75. default:
  76. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  77. "Reason for ending (%d) not recognized.",reason);
  78. return "unknown";
  79. }
  80. }
  81. /** Translate <b>reason</b> (as from a relay 'end' cell) into an
  82. * appropriate SOCKS5 reply code.
  83. *
  84. * A reason of 0 means that we're not actually expecting to send
  85. * this code back to the socks client; we just call it 'succeeded'
  86. * to keep things simple.
  87. */
  88. socks5_reply_status_t
  89. stream_end_reason_to_socks5_response(int reason)
  90. {
  91. switch (reason & END_STREAM_REASON_MASK) {
  92. case 0:
  93. return SOCKS5_SUCCEEDED;
  94. case END_STREAM_REASON_MISC:
  95. return SOCKS5_GENERAL_ERROR;
  96. case END_STREAM_REASON_RESOLVEFAILED:
  97. return SOCKS5_HOST_UNREACHABLE;
  98. case END_STREAM_REASON_CONNECTREFUSED:
  99. return SOCKS5_CONNECTION_REFUSED;
  100. case END_STREAM_REASON_ENTRYPOLICY:
  101. return SOCKS5_NOT_ALLOWED;
  102. case END_STREAM_REASON_EXITPOLICY:
  103. return SOCKS5_NOT_ALLOWED;
  104. case END_STREAM_REASON_DESTROY:
  105. return SOCKS5_GENERAL_ERROR;
  106. case END_STREAM_REASON_DONE:
  107. /* Note that 'DONE' usually indicates a successful close from the other
  108. * side of the stream... but if we receive it before a connected cell --
  109. * that is, before we have sent a SOCKS reply -- that means that the
  110. * other side of the circuit closed the connection before telling us it
  111. * was complete. */
  112. return SOCKS5_CONNECTION_REFUSED;
  113. case END_STREAM_REASON_TIMEOUT:
  114. return SOCKS5_TTL_EXPIRED;
  115. case END_STREAM_REASON_NOROUTE:
  116. return SOCKS5_HOST_UNREACHABLE;
  117. case END_STREAM_REASON_RESOURCELIMIT:
  118. return SOCKS5_GENERAL_ERROR;
  119. case END_STREAM_REASON_HIBERNATING:
  120. return SOCKS5_GENERAL_ERROR;
  121. case END_STREAM_REASON_INTERNAL:
  122. return SOCKS5_GENERAL_ERROR;
  123. case END_STREAM_REASON_CONNRESET:
  124. return SOCKS5_CONNECTION_REFUSED;
  125. case END_STREAM_REASON_TORPROTOCOL:
  126. return SOCKS5_GENERAL_ERROR;
  127. case END_STREAM_REASON_CANT_ATTACH:
  128. return SOCKS5_GENERAL_ERROR;
  129. case END_STREAM_REASON_NET_UNREACHABLE:
  130. return SOCKS5_NET_UNREACHABLE;
  131. case END_STREAM_REASON_SOCKSPROTOCOL:
  132. return SOCKS5_GENERAL_ERROR;
  133. case END_STREAM_REASON_HTTPPROTOCOL:
  134. // LCOV_EXCL_START
  135. tor_assert_nonfatal_unreached();
  136. return SOCKS5_GENERAL_ERROR;
  137. // LCOV_EXCL_STOP
  138. case END_STREAM_REASON_PRIVATE_ADDR:
  139. return SOCKS5_GENERAL_ERROR;
  140. default:
  141. log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
  142. "Reason for ending (%d) not recognized; "
  143. "sending generic socks error.", reason);
  144. return SOCKS5_GENERAL_ERROR;
  145. }
  146. }
  147. /* We need to use a few macros to deal with the fact that Windows
  148. * decided that their sockets interface should be a permakludge.
  149. * E_CASE is for errors where windows has both a EFOO and a WSAEFOO
  150. * version, and S_CASE is for errors where windows has only a WSAEFOO
  151. * version. (The E is for 'error', the S is for 'socket'). */
  152. #ifdef _WIN32
  153. #define E_CASE(s) case s: case WSA ## s
  154. #define S_CASE(s) case WSA ## s
  155. #else
  156. #define E_CASE(s) case s
  157. #define S_CASE(s) case s
  158. #endif /* defined(_WIN32) */
  159. /** Given an errno from a failed exit connection, return a reason code
  160. * appropriate for use in a RELAY END cell. */
  161. uint8_t
  162. errno_to_stream_end_reason(int e)
  163. {
  164. /* To add new errors here, find out if they exist on Windows, and if a WSA*
  165. * equivalent exists on windows. Add a case, an S_CASE, or an E_CASE as
  166. * appropriate. */
  167. switch (e) {
  168. case EPIPE:
  169. return END_STREAM_REASON_DONE;
  170. E_CASE(EBADF):
  171. E_CASE(EFAULT):
  172. E_CASE(EINVAL):
  173. S_CASE(EISCONN):
  174. S_CASE(ENOTSOCK):
  175. S_CASE(EPROTONOSUPPORT):
  176. S_CASE(EAFNOSUPPORT):
  177. S_CASE(ENOTCONN):
  178. return END_STREAM_REASON_INTERNAL;
  179. S_CASE(ENETUNREACH):
  180. S_CASE(EHOSTUNREACH):
  181. E_CASE(EACCES):
  182. case EPERM:
  183. return END_STREAM_REASON_NOROUTE;
  184. S_CASE(ECONNREFUSED):
  185. return END_STREAM_REASON_CONNECTREFUSED;
  186. S_CASE(ECONNRESET):
  187. return END_STREAM_REASON_CONNRESET;
  188. S_CASE(ETIMEDOUT):
  189. return END_STREAM_REASON_TIMEOUT;
  190. S_CASE(ENOBUFS):
  191. case ENOMEM:
  192. case ENFILE:
  193. S_CASE(EADDRINUSE):
  194. S_CASE(EADDRNOTAVAIL):
  195. E_CASE(EMFILE):
  196. return END_STREAM_REASON_RESOURCELIMIT;
  197. default:
  198. log_info(LD_EXIT, "Didn't recognize errno %d (%s); telling the client "
  199. "that we are ending a stream for 'misc' reason.",
  200. e, tor_socket_strerror(e));
  201. return END_STREAM_REASON_MISC;
  202. }
  203. }
  204. /***************************** ORConn reasons *****************************/
  205. /** Convert the reason for ending an OR connection <b>r</b> into the format
  206. * used in ORCONN events. Return "UNKNOWN" if the reason is unrecognized. */
  207. const char *
  208. orconn_end_reason_to_control_string(int r)
  209. {
  210. /* To add new errors here, find out if they exist on Windows, and if a WSA*
  211. * equivalent exists on windows. Add a case, an S_CASE, or an E_CASE as
  212. * appropriate. */
  213. switch (r) {
  214. case END_OR_CONN_REASON_DONE:
  215. return "DONE";
  216. case END_OR_CONN_REASON_REFUSED:
  217. return "CONNECTREFUSED";
  218. case END_OR_CONN_REASON_OR_IDENTITY:
  219. return "IDENTITY";
  220. case END_OR_CONN_REASON_CONNRESET:
  221. return "CONNECTRESET";
  222. case END_OR_CONN_REASON_TIMEOUT:
  223. return "TIMEOUT";
  224. case END_OR_CONN_REASON_NO_ROUTE:
  225. return "NOROUTE";
  226. case END_OR_CONN_REASON_IO_ERROR:
  227. return "IOERROR";
  228. case END_OR_CONN_REASON_RESOURCE_LIMIT:
  229. return "RESOURCELIMIT";
  230. case END_OR_CONN_REASON_MISC:
  231. return "MISC";
  232. case END_OR_CONN_REASON_PT_MISSING:
  233. return "PT_MISSING";
  234. case 0:
  235. return "";
  236. default:
  237. log_warn(LD_BUG, "Unrecognized or_conn reason code %d", r);
  238. return "UNKNOWN";
  239. }
  240. }
  241. /** Convert a TOR_TLS_* error code into an END_OR_CONN_* reason. */
  242. int
  243. tls_error_to_orconn_end_reason(int e)
  244. {
  245. switch (e) {
  246. case TOR_TLS_ERROR_IO:
  247. return END_OR_CONN_REASON_IO_ERROR;
  248. case TOR_TLS_ERROR_CONNREFUSED:
  249. return END_OR_CONN_REASON_REFUSED;
  250. case TOR_TLS_ERROR_CONNRESET:
  251. return END_OR_CONN_REASON_CONNRESET;
  252. case TOR_TLS_ERROR_NO_ROUTE:
  253. return END_OR_CONN_REASON_NO_ROUTE;
  254. case TOR_TLS_ERROR_TIMEOUT:
  255. return END_OR_CONN_REASON_TIMEOUT;
  256. case TOR_TLS_WANTREAD:
  257. case TOR_TLS_WANTWRITE:
  258. case TOR_TLS_CLOSE:
  259. case TOR_TLS_DONE:
  260. return END_OR_CONN_REASON_DONE;
  261. default:
  262. return END_OR_CONN_REASON_MISC;
  263. }
  264. }
  265. /** Given an errno from a failed ORConn connection, return a reason code
  266. * appropriate for use in the controller orconn events. */
  267. int
  268. errno_to_orconn_end_reason(int e)
  269. {
  270. switch (e) {
  271. case EPIPE:
  272. return END_OR_CONN_REASON_DONE;
  273. S_CASE(ENOTCONN):
  274. S_CASE(ENETUNREACH):
  275. S_CASE(ENETDOWN):
  276. S_CASE(EHOSTUNREACH):
  277. return END_OR_CONN_REASON_NO_ROUTE;
  278. S_CASE(ECONNREFUSED):
  279. return END_OR_CONN_REASON_REFUSED;
  280. S_CASE(ECONNRESET):
  281. return END_OR_CONN_REASON_CONNRESET;
  282. S_CASE(ETIMEDOUT):
  283. return END_OR_CONN_REASON_TIMEOUT;
  284. S_CASE(ENOBUFS):
  285. case ENOMEM:
  286. case ENFILE:
  287. E_CASE(EMFILE):
  288. E_CASE(EACCES):
  289. E_CASE(EBADF):
  290. E_CASE(EFAULT):
  291. E_CASE(EINVAL):
  292. return END_OR_CONN_REASON_RESOURCE_LIMIT;
  293. default:
  294. log_info(LD_OR, "Didn't recognize errno %d (%s).",
  295. e, tor_socket_strerror(e));
  296. return END_OR_CONN_REASON_MISC;
  297. }
  298. }
  299. /***************************** Circuit reasons *****************************/
  300. /** Convert a numeric reason for destroying a circuit into a string for a
  301. * CIRCUIT event. */
  302. const char *
  303. circuit_end_reason_to_control_string(int reason)
  304. {
  305. int is_remote = 0;
  306. if (reason >= 0 && reason & END_CIRC_REASON_FLAG_REMOTE) {
  307. reason &= ~END_CIRC_REASON_FLAG_REMOTE;
  308. is_remote = 1;
  309. }
  310. switch (reason) {
  311. case END_CIRC_AT_ORIGIN:
  312. /* This shouldn't get passed here; it's a catch-all reason. */
  313. return "ORIGIN";
  314. case END_CIRC_REASON_NONE:
  315. /* This shouldn't get passed here; it's a catch-all reason. */
  316. return "NONE";
  317. case END_CIRC_REASON_TORPROTOCOL:
  318. return "TORPROTOCOL";
  319. case END_CIRC_REASON_INTERNAL:
  320. return "INTERNAL";
  321. case END_CIRC_REASON_REQUESTED:
  322. return "REQUESTED";
  323. case END_CIRC_REASON_HIBERNATING:
  324. return "HIBERNATING";
  325. case END_CIRC_REASON_RESOURCELIMIT:
  326. return "RESOURCELIMIT";
  327. case END_CIRC_REASON_CONNECTFAILED:
  328. return "CONNECTFAILED";
  329. case END_CIRC_REASON_OR_IDENTITY:
  330. return "OR_IDENTITY";
  331. case END_CIRC_REASON_CHANNEL_CLOSED:
  332. return "CHANNEL_CLOSED";
  333. case END_CIRC_REASON_FINISHED:
  334. return "FINISHED";
  335. case END_CIRC_REASON_TIMEOUT:
  336. return "TIMEOUT";
  337. case END_CIRC_REASON_DESTROYED:
  338. return "DESTROYED";
  339. case END_CIRC_REASON_NOPATH:
  340. return "NOPATH";
  341. case END_CIRC_REASON_NOSUCHSERVICE:
  342. return "NOSUCHSERVICE";
  343. case END_CIRC_REASON_MEASUREMENT_EXPIRED:
  344. return "MEASUREMENT_EXPIRED";
  345. case END_CIRC_REASON_IP_NOW_REDUNDANT:
  346. return "IP_NOW_REDUNDANT";
  347. default:
  348. if (is_remote) {
  349. /*
  350. * If it's remote, it's not a bug *here*, so don't use LD_BUG, but
  351. * do note that the someone we're talking to is speaking the Tor
  352. * protocol with a weird accent.
  353. */
  354. log_warn(LD_PROTOCOL,
  355. "Remote server sent bogus reason code %d", reason);
  356. } else {
  357. log_warn(LD_BUG,
  358. "Unrecognized reason code %d", reason);
  359. }
  360. return NULL;
  361. }
  362. }
  363. /** Return a string corresponding to a SOCKS4 response code. */
  364. const char *
  365. socks4_response_code_to_string(uint8_t code)
  366. {
  367. switch (code) {
  368. case 0x5a:
  369. return "connection accepted";
  370. case 0x5b:
  371. return "server rejected connection";
  372. case 0x5c:
  373. return "server cannot connect to identd on this client";
  374. case 0x5d:
  375. return "user id does not match identd";
  376. default:
  377. return "invalid SOCKS 4 response code";
  378. }
  379. }
  380. /** Return a string corresponding to a SOCKS5 response code. */
  381. const char *
  382. socks5_response_code_to_string(uint8_t code)
  383. {
  384. switch (code) {
  385. case 0x00:
  386. return "connection accepted";
  387. case 0x01:
  388. return "general SOCKS server failure";
  389. case 0x02:
  390. return "connection not allowed by ruleset";
  391. case 0x03:
  392. return "Network unreachable";
  393. case 0x04:
  394. return "Host unreachable";
  395. case 0x05:
  396. return "Connection refused";
  397. case 0x06:
  398. return "TTL expired";
  399. case 0x07:
  400. return "Command not supported";
  401. case 0x08:
  402. return "Address type not supported";
  403. default:
  404. return "unknown reason";
  405. }
  406. }
  407. /** Return a string corresponding to a bandwidth_weight_rule_t */
  408. const char *
  409. bandwidth_weight_rule_to_string(bandwidth_weight_rule_t rule)
  410. {
  411. switch (rule)
  412. {
  413. case NO_WEIGHTING:
  414. return "no weighting";
  415. case WEIGHT_FOR_EXIT:
  416. return "weight as exit";
  417. case WEIGHT_FOR_MID:
  418. return "weight as middle node";
  419. case WEIGHT_FOR_GUARD:
  420. return "weight as guard";
  421. case WEIGHT_FOR_DIR:
  422. return "weight as directory";
  423. default:
  424. return "unknown rule";
  425. }
  426. }
  427. /** Given a RELAY_END reason value, convert it to an HTTP response to be
  428. * send over an HTTP tunnel connection. */
  429. const char *
  430. end_reason_to_http_connect_response_line(int endreason)
  431. {
  432. endreason &= END_STREAM_REASON_MASK;
  433. /* XXXX these are probably all wrong. Should they all be 502? */
  434. switch (endreason) {
  435. case 0:
  436. return "HTTP/1.0 200 OK\r\n\r\n";
  437. case END_STREAM_REASON_MISC:
  438. return "HTTP/1.0 500 Internal Server Error\r\n\r\n";
  439. case END_STREAM_REASON_RESOLVEFAILED:
  440. return "HTTP/1.0 404 Not Found (resolve failed)\r\n\r\n";
  441. case END_STREAM_REASON_NOROUTE:
  442. return "HTTP/1.0 404 Not Found (no route)\r\n\r\n";
  443. case END_STREAM_REASON_CONNECTREFUSED:
  444. return "HTTP/1.0 403 Forbidden (connection refused)\r\n\r\n";
  445. case END_STREAM_REASON_EXITPOLICY:
  446. return "HTTP/1.0 403 Forbidden (exit policy)\r\n\r\n";
  447. case END_STREAM_REASON_DESTROY:
  448. return "HTTP/1.0 502 Bad Gateway (destroy cell received)\r\n\r\n";
  449. case END_STREAM_REASON_DONE:
  450. return "HTTP/1.0 502 Bad Gateway (unexpected close)\r\n\r\n";
  451. case END_STREAM_REASON_TIMEOUT:
  452. return "HTTP/1.0 504 Gateway Timeout\r\n\r\n";
  453. case END_STREAM_REASON_HIBERNATING:
  454. return "HTTP/1.0 502 Bad Gateway (hibernating server)\r\n\r\n";
  455. case END_STREAM_REASON_INTERNAL:
  456. return "HTTP/1.0 502 Bad Gateway (internal error)\r\n\r\n";
  457. case END_STREAM_REASON_RESOURCELIMIT:
  458. return "HTTP/1.0 502 Bad Gateway (resource limit)\r\n\r\n";
  459. case END_STREAM_REASON_CONNRESET:
  460. return "HTTP/1.0 403 Forbidden (connection reset)\r\n\r\n";
  461. case END_STREAM_REASON_TORPROTOCOL:
  462. return "HTTP/1.0 502 Bad Gateway (tor protocol violation)\r\n\r\n";
  463. case END_STREAM_REASON_ENTRYPOLICY:
  464. return "HTTP/1.0 403 Forbidden (entry policy violation)\r\n\r\n";
  465. case END_STREAM_REASON_NOTDIRECTORY: /* Fall Through */
  466. default:
  467. tor_assert_nonfatal_unreached();
  468. return "HTTP/1.0 500 Internal Server Error (weird end reason)\r\n\r\n";
  469. }
  470. }