control.c 259 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453245424552456245724582459246024612462246324642465246624672468246924702471247224732474247524762477247824792480248124822483248424852486248724882489249024912492249324942495249624972498249925002501250225032504250525062507250825092510251125122513251425152516251725182519252025212522252325242525252625272528252925302531253225332534253525362537253825392540254125422543254425452546254725482549255025512552255325542555255625572558255925602561256225632564256525662567256825692570257125722573257425752576257725782579258025812582258325842585258625872588258925902591259225932594259525962597259825992600260126022603260426052606260726082609261026112612261326142615261626172618261926202621262226232624262526262627262826292630263126322633263426352636263726382639264026412642264326442645264626472648264926502651265226532654265526562657265826592660266126622663266426652666266726682669267026712672267326742675267626772678267926802681268226832684268526862687268826892690269126922693269426952696269726982699270027012702270327042705270627072708270927102711271227132714271527162717271827192720272127222723272427252726272727282729273027312732273327342735273627372738273927402741274227432744274527462747274827492750275127522753275427552756275727582759276027612762276327642765276627672768276927702771277227732774277527762777277827792780278127822783278427852786278727882789279027912792279327942795279627972798279928002801280228032804280528062807280828092810281128122813281428152816281728182819282028212822282328242825282628272828282928302831283228332834283528362837283828392840284128422843284428452846284728482849285028512852285328542855285628572858285928602861286228632864286528662867286828692870287128722873287428752876287728782879288028812882288328842885288628872888288928902891289228932894289528962897289828992900290129022903290429052906290729082909291029112912291329142915291629172918291929202921292229232924292529262927292829292930293129322933293429352936293729382939294029412942294329442945294629472948294929502951295229532954295529562957295829592960296129622963296429652966296729682969297029712972297329742975297629772978297929802981298229832984298529862987298829892990299129922993299429952996299729982999300030013002300330043005300630073008300930103011301230133014301530163017301830193020302130223023302430253026302730283029303030313032303330343035303630373038303930403041304230433044304530463047304830493050305130523053305430553056305730583059306030613062306330643065306630673068306930703071307230733074307530763077307830793080308130823083308430853086308730883089309030913092309330943095309630973098309931003101310231033104310531063107310831093110311131123113311431153116311731183119312031213122312331243125312631273128312931303131313231333134313531363137313831393140314131423143314431453146314731483149315031513152315331543155315631573158315931603161316231633164316531663167316831693170317131723173317431753176317731783179318031813182318331843185318631873188318931903191319231933194319531963197319831993200320132023203320432053206320732083209321032113212321332143215321632173218321932203221322232233224322532263227322832293230323132323233323432353236323732383239324032413242324332443245324632473248324932503251325232533254325532563257325832593260326132623263326432653266326732683269327032713272327332743275327632773278327932803281328232833284328532863287328832893290329132923293329432953296329732983299330033013302330333043305330633073308330933103311331233133314331533163317331833193320332133223323332433253326332733283329333033313332333333343335333633373338333933403341334233433344334533463347334833493350335133523353335433553356335733583359336033613362336333643365336633673368336933703371337233733374337533763377337833793380338133823383338433853386338733883389339033913392339333943395339633973398339934003401340234033404340534063407340834093410341134123413341434153416341734183419342034213422342334243425342634273428342934303431343234333434343534363437343834393440344134423443344434453446344734483449345034513452345334543455345634573458345934603461346234633464346534663467346834693470347134723473347434753476347734783479348034813482348334843485348634873488348934903491349234933494349534963497349834993500350135023503350435053506350735083509351035113512351335143515351635173518351935203521352235233524352535263527352835293530353135323533353435353536353735383539354035413542354335443545354635473548354935503551355235533554355535563557355835593560356135623563356435653566356735683569357035713572357335743575357635773578357935803581358235833584358535863587358835893590359135923593359435953596359735983599360036013602360336043605360636073608360936103611361236133614361536163617361836193620362136223623362436253626362736283629363036313632363336343635363636373638363936403641364236433644364536463647364836493650365136523653365436553656365736583659366036613662366336643665366636673668366936703671367236733674367536763677367836793680368136823683368436853686368736883689369036913692369336943695369636973698369937003701370237033704370537063707370837093710371137123713371437153716371737183719372037213722372337243725372637273728372937303731373237333734373537363737373837393740374137423743374437453746374737483749375037513752375337543755375637573758375937603761376237633764376537663767376837693770377137723773377437753776377737783779378037813782378337843785378637873788378937903791379237933794379537963797379837993800380138023803380438053806380738083809381038113812381338143815381638173818381938203821382238233824382538263827382838293830383138323833383438353836383738383839384038413842384338443845384638473848384938503851385238533854385538563857385838593860386138623863386438653866386738683869387038713872387338743875387638773878387938803881388238833884388538863887388838893890389138923893389438953896389738983899390039013902390339043905390639073908390939103911391239133914391539163917391839193920392139223923392439253926392739283929393039313932393339343935393639373938393939403941394239433944394539463947394839493950395139523953395439553956395739583959396039613962396339643965396639673968396939703971397239733974397539763977397839793980398139823983398439853986398739883989399039913992399339943995399639973998399940004001400240034004400540064007400840094010401140124013401440154016401740184019402040214022402340244025402640274028402940304031403240334034403540364037403840394040404140424043404440454046404740484049405040514052405340544055405640574058405940604061406240634064406540664067406840694070407140724073407440754076407740784079408040814082408340844085408640874088408940904091409240934094409540964097409840994100410141024103410441054106410741084109411041114112411341144115411641174118411941204121412241234124412541264127412841294130413141324133413441354136413741384139414041414142414341444145414641474148414941504151415241534154415541564157415841594160416141624163416441654166416741684169417041714172417341744175417641774178417941804181418241834184418541864187418841894190419141924193419441954196419741984199420042014202420342044205420642074208420942104211421242134214421542164217421842194220422142224223422442254226422742284229423042314232423342344235423642374238423942404241424242434244424542464247424842494250425142524253425442554256425742584259426042614262426342644265426642674268426942704271427242734274427542764277427842794280428142824283428442854286428742884289429042914292429342944295429642974298429943004301430243034304430543064307430843094310431143124313431443154316431743184319432043214322432343244325432643274328432943304331433243334334433543364337433843394340434143424343434443454346434743484349435043514352435343544355435643574358435943604361436243634364436543664367436843694370437143724373437443754376437743784379438043814382438343844385438643874388438943904391439243934394439543964397439843994400440144024403440444054406440744084409441044114412441344144415441644174418441944204421442244234424442544264427442844294430443144324433443444354436443744384439444044414442444344444445444644474448444944504451445244534454445544564457445844594460446144624463446444654466446744684469447044714472447344744475447644774478447944804481448244834484448544864487448844894490449144924493449444954496449744984499450045014502450345044505450645074508450945104511451245134514451545164517451845194520452145224523452445254526452745284529453045314532453345344535453645374538453945404541454245434544454545464547454845494550455145524553455445554556455745584559456045614562456345644565456645674568456945704571457245734574457545764577457845794580458145824583458445854586458745884589459045914592459345944595459645974598459946004601460246034604460546064607460846094610461146124613461446154616461746184619462046214622462346244625462646274628462946304631463246334634463546364637463846394640464146424643464446454646464746484649465046514652465346544655465646574658465946604661466246634664466546664667466846694670467146724673467446754676467746784679468046814682468346844685468646874688468946904691469246934694469546964697469846994700470147024703470447054706470747084709471047114712471347144715471647174718471947204721472247234724472547264727472847294730473147324733473447354736473747384739474047414742474347444745474647474748474947504751475247534754475547564757475847594760476147624763476447654766476747684769477047714772477347744775477647774778477947804781478247834784478547864787478847894790479147924793479447954796479747984799480048014802480348044805480648074808480948104811481248134814481548164817481848194820482148224823482448254826482748284829483048314832483348344835483648374838483948404841484248434844484548464847484848494850485148524853485448554856485748584859486048614862486348644865486648674868486948704871487248734874487548764877487848794880488148824883488448854886488748884889489048914892489348944895489648974898489949004901490249034904490549064907490849094910491149124913491449154916491749184919492049214922492349244925492649274928492949304931493249334934493549364937493849394940494149424943494449454946494749484949495049514952495349544955495649574958495949604961496249634964496549664967496849694970497149724973497449754976497749784979498049814982498349844985498649874988498949904991499249934994499549964997499849995000500150025003500450055006500750085009501050115012501350145015501650175018501950205021502250235024502550265027502850295030503150325033503450355036503750385039504050415042504350445045504650475048504950505051505250535054505550565057505850595060506150625063506450655066506750685069507050715072507350745075507650775078507950805081508250835084508550865087508850895090509150925093509450955096509750985099510051015102510351045105510651075108510951105111511251135114511551165117511851195120512151225123512451255126512751285129513051315132513351345135513651375138513951405141514251435144514551465147514851495150515151525153515451555156515751585159516051615162516351645165516651675168516951705171517251735174517551765177517851795180518151825183518451855186518751885189519051915192519351945195519651975198519952005201520252035204520552065207520852095210521152125213521452155216521752185219522052215222522352245225522652275228522952305231523252335234523552365237523852395240524152425243524452455246524752485249525052515252525352545255525652575258525952605261526252635264526552665267526852695270527152725273527452755276527752785279528052815282528352845285528652875288528952905291529252935294529552965297529852995300530153025303530453055306530753085309531053115312531353145315531653175318531953205321532253235324532553265327532853295330533153325333533453355336533753385339534053415342534353445345534653475348534953505351535253535354535553565357535853595360536153625363536453655366536753685369537053715372537353745375537653775378537953805381538253835384538553865387538853895390539153925393539453955396539753985399540054015402540354045405540654075408540954105411541254135414541554165417541854195420542154225423542454255426542754285429543054315432543354345435543654375438543954405441544254435444544554465447544854495450545154525453545454555456545754585459546054615462546354645465546654675468546954705471547254735474547554765477547854795480548154825483548454855486548754885489549054915492549354945495549654975498549955005501550255035504550555065507550855095510551155125513551455155516551755185519552055215522552355245525552655275528552955305531553255335534553555365537553855395540554155425543554455455546554755485549555055515552555355545555555655575558555955605561556255635564556555665567556855695570557155725573557455755576557755785579558055815582558355845585558655875588558955905591559255935594559555965597559855995600560156025603560456055606560756085609561056115612561356145615561656175618561956205621562256235624562556265627562856295630563156325633563456355636563756385639564056415642564356445645564656475648564956505651565256535654565556565657565856595660566156625663566456655666566756685669567056715672567356745675567656775678567956805681568256835684568556865687568856895690569156925693569456955696569756985699570057015702570357045705570657075708570957105711571257135714571557165717571857195720572157225723572457255726572757285729573057315732573357345735573657375738573957405741574257435744574557465747574857495750575157525753575457555756575757585759576057615762576357645765576657675768576957705771577257735774577557765777577857795780578157825783578457855786578757885789579057915792579357945795579657975798579958005801580258035804580558065807580858095810581158125813581458155816581758185819582058215822582358245825582658275828582958305831583258335834583558365837583858395840584158425843584458455846584758485849585058515852585358545855585658575858585958605861586258635864586558665867586858695870587158725873587458755876587758785879588058815882588358845885588658875888588958905891589258935894589558965897589858995900590159025903590459055906590759085909591059115912591359145915591659175918591959205921592259235924592559265927592859295930593159325933593459355936593759385939594059415942594359445945594659475948594959505951595259535954595559565957595859595960596159625963596459655966596759685969597059715972597359745975597659775978597959805981598259835984598559865987598859895990599159925993599459955996599759985999600060016002600360046005600660076008600960106011601260136014601560166017601860196020602160226023602460256026602760286029603060316032603360346035603660376038603960406041604260436044604560466047604860496050605160526053605460556056605760586059606060616062606360646065606660676068606960706071607260736074607560766077607860796080608160826083608460856086608760886089609060916092609360946095609660976098609961006101610261036104610561066107610861096110611161126113611461156116611761186119612061216122612361246125612661276128612961306131613261336134613561366137613861396140614161426143614461456146614761486149615061516152615361546155615661576158615961606161616261636164616561666167616861696170617161726173617461756176617761786179618061816182618361846185618661876188618961906191619261936194619561966197619861996200620162026203620462056206620762086209621062116212621362146215621662176218621962206221622262236224622562266227622862296230623162326233623462356236623762386239624062416242624362446245624662476248624962506251625262536254625562566257625862596260626162626263626462656266626762686269627062716272627362746275627662776278627962806281628262836284628562866287628862896290629162926293629462956296629762986299630063016302630363046305630663076308630963106311631263136314631563166317631863196320632163226323632463256326632763286329633063316332633363346335633663376338633963406341634263436344634563466347634863496350635163526353635463556356635763586359636063616362636363646365636663676368636963706371637263736374637563766377637863796380638163826383638463856386638763886389639063916392639363946395639663976398639964006401640264036404640564066407640864096410641164126413641464156416641764186419642064216422642364246425642664276428642964306431643264336434643564366437643864396440644164426443644464456446644764486449645064516452645364546455645664576458645964606461646264636464646564666467646864696470647164726473647464756476647764786479648064816482648364846485648664876488648964906491649264936494649564966497649864996500650165026503650465056506650765086509651065116512651365146515651665176518651965206521652265236524652565266527652865296530653165326533653465356536653765386539654065416542654365446545654665476548654965506551655265536554655565566557655865596560656165626563656465656566656765686569657065716572657365746575657665776578657965806581658265836584658565866587658865896590659165926593659465956596659765986599660066016602660366046605660666076608660966106611661266136614661566166617661866196620662166226623662466256626662766286629663066316632663366346635663666376638663966406641664266436644664566466647664866496650665166526653665466556656665766586659666066616662666366646665666666676668666966706671667266736674667566766677667866796680668166826683668466856686668766886689669066916692669366946695669666976698669967006701670267036704670567066707670867096710671167126713671467156716671767186719672067216722672367246725672667276728672967306731673267336734673567366737673867396740674167426743674467456746674767486749675067516752675367546755675667576758675967606761676267636764676567666767676867696770677167726773677467756776677767786779678067816782678367846785678667876788678967906791679267936794679567966797679867996800680168026803680468056806680768086809681068116812681368146815681668176818681968206821682268236824682568266827682868296830683168326833683468356836683768386839684068416842684368446845684668476848684968506851685268536854685568566857685868596860686168626863686468656866686768686869687068716872687368746875687668776878687968806881688268836884688568866887688868896890689168926893689468956896689768986899690069016902690369046905690669076908690969106911691269136914691569166917691869196920692169226923692469256926692769286929693069316932693369346935693669376938693969406941694269436944694569466947694869496950695169526953695469556956695769586959696069616962696369646965696669676968696969706971697269736974697569766977697869796980698169826983698469856986698769886989699069916992699369946995699669976998699970007001700270037004700570067007700870097010701170127013701470157016701770187019702070217022702370247025702670277028702970307031703270337034703570367037703870397040704170427043704470457046704770487049705070517052705370547055705670577058705970607061706270637064706570667067706870697070707170727073707470757076707770787079708070817082708370847085708670877088708970907091709270937094709570967097709870997100710171027103710471057106710771087109711071117112711371147115711671177118711971207121712271237124712571267127712871297130713171327133713471357136713771387139714071417142714371447145714671477148714971507151715271537154715571567157715871597160716171627163716471657166716771687169717071717172717371747175717671777178717971807181718271837184718571867187718871897190719171927193719471957196719771987199720072017202720372047205720672077208720972107211721272137214721572167217721872197220722172227223722472257226722772287229723072317232723372347235723672377238723972407241724272437244724572467247724872497250725172527253725472557256725772587259726072617262726372647265726672677268726972707271727272737274727572767277727872797280728172827283728472857286728772887289729072917292729372947295729672977298729973007301730273037304730573067307730873097310731173127313731473157316731773187319732073217322732373247325732673277328732973307331733273337334733573367337733873397340734173427343734473457346734773487349735073517352735373547355735673577358735973607361736273637364736573667367736873697370737173727373737473757376737773787379738073817382738373847385738673877388738973907391739273937394739573967397739873997400740174027403740474057406740774087409741074117412741374147415741674177418741974207421742274237424742574267427742874297430743174327433743474357436743774387439744074417442744374447445744674477448744974507451745274537454745574567457745874597460746174627463746474657466746774687469747074717472747374747475747674777478747974807481748274837484748574867487748874897490749174927493749474957496749774987499750075017502750375047505750675077508750975107511751275137514751575167517751875197520752175227523752475257526752775287529753075317532753375347535753675377538753975407541754275437544754575467547754875497550755175527553755475557556755775587559756075617562756375647565756675677568756975707571757275737574757575767577757875797580758175827583758475857586758775887589759075917592759375947595759675977598759976007601760276037604760576067607760876097610761176127613761476157616761776187619762076217622762376247625762676277628762976307631763276337634763576367637763876397640764176427643764476457646764776487649765076517652765376547655765676577658765976607661766276637664766576667667766876697670767176727673767476757676767776787679768076817682768376847685768676877688768976907691769276937694769576967697769876997700770177027703770477057706770777087709771077117712771377147715771677177718771977207721772277237724772577267727772877297730773177327733773477357736773777387739
  1. /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
  2. * Copyright (c) 2007-2017, The Tor Project, Inc. */
  3. /* See LICENSE for licensing information */
  4. /**
  5. * \file control.c
  6. * \brief Implementation for Tor's control-socket interface.
  7. *
  8. * A "controller" is an external program that monitors and controls a Tor
  9. * instance via a text-based protocol. It connects to Tor via a connection
  10. * to a local socket.
  11. *
  12. * The protocol is line-driven. The controller sends commands terminated by a
  13. * CRLF. Tor sends lines that are either <em>replies</em> to what the
  14. * controller has said, or <em>events</em> that Tor sends to the controller
  15. * asynchronously based on occurrences in the Tor network model.
  16. *
  17. * See the control-spec.txt file in the torspec.git repository for full
  18. * details on protocol.
  19. *
  20. * This module generally has two kinds of entry points: those based on having
  21. * received a command on a controller socket, which are handled in
  22. * connection_control_process_inbuf(), and dispatched to individual functions
  23. * with names like control_handle_COMMANDNAME(); and those based on events
  24. * that occur elsewhere in Tor, which are handled by functions with names like
  25. * control_event_EVENTTYPE().
  26. *
  27. * Controller events are not sent immediately; rather, they are inserted into
  28. * the queued_control_events array, and flushed later from
  29. * flush_queued_events_cb(). Doing this simplifies our callgraph greatly,
  30. * by limiting the number of places in Tor that can call back into the network
  31. * stack.
  32. **/
  33. #define CONTROL_PRIVATE
  34. #include "or.h"
  35. #include "addressmap.h"
  36. #include "bridges.h"
  37. #include "buffers.h"
  38. #include "channel.h"
  39. #include "channeltls.h"
  40. #include "circuitbuild.h"
  41. #include "circuitlist.h"
  42. #include "circuitstats.h"
  43. #include "circuituse.h"
  44. #include "command.h"
  45. #include "compat_libevent.h"
  46. #include "config.h"
  47. #include "confparse.h"
  48. #include "connection.h"
  49. #include "connection_edge.h"
  50. #include "connection_or.h"
  51. #include "control.h"
  52. #include "crypto_rand.h"
  53. #include "crypto_util.h"
  54. #include "directory.h"
  55. #include "dirserv.h"
  56. #include "dnsserv.h"
  57. #include "entrynodes.h"
  58. #include "geoip.h"
  59. #include "hibernate.h"
  60. #include "hs_cache.h"
  61. #include "hs_common.h"
  62. #include "hs_control.h"
  63. #include "main.h"
  64. #include "microdesc.h"
  65. #include "networkstatus.h"
  66. #include "nodelist.h"
  67. #include "policies.h"
  68. #include "proto_control0.h"
  69. #include "proto_http.h"
  70. #include "reasons.h"
  71. #include "rendclient.h"
  72. #include "rendcommon.h"
  73. #include "rendservice.h"
  74. #include "rephist.h"
  75. #include "router.h"
  76. #include "routerlist.h"
  77. #include "routerparse.h"
  78. #include "shared_random_client.h"
  79. #ifndef _WIN32
  80. #include <pwd.h>
  81. #include <sys/resource.h>
  82. #endif
  83. #include "crypto_s2k.h"
  84. #include "procmon.h"
  85. /** Yield true iff <b>s</b> is the state of a control_connection_t that has
  86. * finished authentication and is accepting commands. */
  87. #define STATE_IS_OPEN(s) ((s) == CONTROL_CONN_STATE_OPEN)
  88. /** Bitfield: The bit 1&lt;&lt;e is set if <b>any</b> open control
  89. * connection is interested in events of type <b>e</b>. We use this
  90. * so that we can decide to skip generating event messages that nobody
  91. * has interest in without having to walk over the global connection
  92. * list to find out.
  93. **/
  94. typedef uint64_t event_mask_t;
  95. /** An event mask of all the events that any controller is interested in
  96. * receiving. */
  97. static event_mask_t global_event_mask = 0;
  98. /** True iff we have disabled log messages from being sent to the controller */
  99. static int disable_log_messages = 0;
  100. /** Macro: true if any control connection is interested in events of type
  101. * <b>e</b>. */
  102. #define EVENT_IS_INTERESTING(e) \
  103. (!! (global_event_mask & EVENT_MASK_(e)))
  104. /** Macro: true if any event from the bitfield 'e' is interesting. */
  105. #define ANY_EVENT_IS_INTERESTING(e) \
  106. (!! (global_event_mask & (e)))
  107. /** If we're using cookie-type authentication, how long should our cookies be?
  108. */
  109. #define AUTHENTICATION_COOKIE_LEN 32
  110. /** If true, we've set authentication_cookie to a secret code and
  111. * stored it to disk. */
  112. static int authentication_cookie_is_set = 0;
  113. /** If authentication_cookie_is_set, a secret cookie that we've stored to disk
  114. * and which we're using to authenticate controllers. (If the controller can
  115. * read it off disk, it has permission to connect.) */
  116. static uint8_t *authentication_cookie = NULL;
  117. #define SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT \
  118. "Tor safe cookie authentication server-to-controller hash"
  119. #define SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT \
  120. "Tor safe cookie authentication controller-to-server hash"
  121. #define SAFECOOKIE_SERVER_NONCE_LEN DIGEST256_LEN
  122. /** The list of onion services that have been added via ADD_ONION that do not
  123. * belong to any particular control connection.
  124. */
  125. static smartlist_t *detached_onion_services = NULL;
  126. /** A sufficiently large size to record the last bootstrap phase string. */
  127. #define BOOTSTRAP_MSG_LEN 1024
  128. /** What was the last bootstrap phase message we sent? We keep track
  129. * of this so we can respond to getinfo status/bootstrap-phase queries. */
  130. static char last_sent_bootstrap_message[BOOTSTRAP_MSG_LEN];
  131. static void connection_printf_to_buf(control_connection_t *conn,
  132. const char *format, ...)
  133. CHECK_PRINTF(2,3);
  134. static void send_control_event_impl(uint16_t event,
  135. const char *format, va_list ap)
  136. CHECK_PRINTF(2,0);
  137. static int control_event_status(int type, int severity, const char *format,
  138. va_list args)
  139. CHECK_PRINTF(3,0);
  140. static void send_control_done(control_connection_t *conn);
  141. static void send_control_event(uint16_t event,
  142. const char *format, ...)
  143. CHECK_PRINTF(2,3);
  144. static int handle_control_setconf(control_connection_t *conn, uint32_t len,
  145. char *body);
  146. static int handle_control_resetconf(control_connection_t *conn, uint32_t len,
  147. char *body);
  148. static int handle_control_getconf(control_connection_t *conn, uint32_t len,
  149. const char *body);
  150. static int handle_control_loadconf(control_connection_t *conn, uint32_t len,
  151. const char *body);
  152. static int handle_control_setevents(control_connection_t *conn, uint32_t len,
  153. const char *body);
  154. static int handle_control_authenticate(control_connection_t *conn,
  155. uint32_t len,
  156. const char *body);
  157. static int handle_control_signal(control_connection_t *conn, uint32_t len,
  158. const char *body);
  159. static int handle_control_mapaddress(control_connection_t *conn, uint32_t len,
  160. const char *body);
  161. static char *list_getinfo_options(void);
  162. static int handle_control_getinfo(control_connection_t *conn, uint32_t len,
  163. const char *body);
  164. static int handle_control_extendcircuit(control_connection_t *conn,
  165. uint32_t len,
  166. const char *body);
  167. static int handle_control_setcircuitpurpose(control_connection_t *conn,
  168. uint32_t len, const char *body);
  169. static int handle_control_attachstream(control_connection_t *conn,
  170. uint32_t len,
  171. const char *body);
  172. static int handle_control_postdescriptor(control_connection_t *conn,
  173. uint32_t len,
  174. const char *body);
  175. static int handle_control_redirectstream(control_connection_t *conn,
  176. uint32_t len,
  177. const char *body);
  178. static int handle_control_closestream(control_connection_t *conn, uint32_t len,
  179. const char *body);
  180. static int handle_control_closecircuit(control_connection_t *conn,
  181. uint32_t len,
  182. const char *body);
  183. static int handle_control_resolve(control_connection_t *conn, uint32_t len,
  184. const char *body);
  185. static int handle_control_usefeature(control_connection_t *conn,
  186. uint32_t len,
  187. const char *body);
  188. static int handle_control_hsfetch(control_connection_t *conn, uint32_t len,
  189. const char *body);
  190. static int handle_control_hspost(control_connection_t *conn, uint32_t len,
  191. const char *body);
  192. static int handle_control_add_onion(control_connection_t *conn, uint32_t len,
  193. const char *body);
  194. static int handle_control_del_onion(control_connection_t *conn, uint32_t len,
  195. const char *body);
  196. static int write_stream_target_to_buf(entry_connection_t *conn, char *buf,
  197. size_t len);
  198. static void orconn_target_get_name(char *buf, size_t len,
  199. or_connection_t *conn);
  200. static int get_cached_network_liveness(void);
  201. static void set_cached_network_liveness(int liveness);
  202. static void flush_queued_events_cb(mainloop_event_t *event, void *arg);
  203. static char * download_status_to_string(const download_status_t *dl);
  204. static void control_get_bytes_rw_last_sec(uint64_t *r, uint64_t *w);
  205. /** Given a control event code for a message event, return the corresponding
  206. * log severity. */
  207. static inline int
  208. event_to_log_severity(int event)
  209. {
  210. switch (event) {
  211. case EVENT_DEBUG_MSG: return LOG_DEBUG;
  212. case EVENT_INFO_MSG: return LOG_INFO;
  213. case EVENT_NOTICE_MSG: return LOG_NOTICE;
  214. case EVENT_WARN_MSG: return LOG_WARN;
  215. case EVENT_ERR_MSG: return LOG_ERR;
  216. default: return -1;
  217. }
  218. }
  219. /** Given a log severity, return the corresponding control event code. */
  220. static inline int
  221. log_severity_to_event(int severity)
  222. {
  223. switch (severity) {
  224. case LOG_DEBUG: return EVENT_DEBUG_MSG;
  225. case LOG_INFO: return EVENT_INFO_MSG;
  226. case LOG_NOTICE: return EVENT_NOTICE_MSG;
  227. case LOG_WARN: return EVENT_WARN_MSG;
  228. case LOG_ERR: return EVENT_ERR_MSG;
  229. default: return -1;
  230. }
  231. }
  232. /** Helper: clear bandwidth counters of all origin circuits. */
  233. static void
  234. clear_circ_bw_fields(void)
  235. {
  236. origin_circuit_t *ocirc;
  237. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  238. if (!CIRCUIT_IS_ORIGIN(circ))
  239. continue;
  240. ocirc = TO_ORIGIN_CIRCUIT(circ);
  241. ocirc->n_written_circ_bw = ocirc->n_read_circ_bw = 0;
  242. ocirc->n_overhead_written_circ_bw = ocirc->n_overhead_read_circ_bw = 0;
  243. ocirc->n_delivered_written_circ_bw = ocirc->n_delivered_read_circ_bw = 0;
  244. }
  245. SMARTLIST_FOREACH_END(circ);
  246. }
  247. /** Set <b>global_event_mask*</b> to the bitwise OR of each live control
  248. * connection's event_mask field. */
  249. void
  250. control_update_global_event_mask(void)
  251. {
  252. smartlist_t *conns = get_connection_array();
  253. event_mask_t old_mask, new_mask;
  254. old_mask = global_event_mask;
  255. int any_old_per_sec_events = control_any_per_second_event_enabled();
  256. global_event_mask = 0;
  257. SMARTLIST_FOREACH(conns, connection_t *, _conn,
  258. {
  259. if (_conn->type == CONN_TYPE_CONTROL &&
  260. STATE_IS_OPEN(_conn->state)) {
  261. control_connection_t *conn = TO_CONTROL_CONN(_conn);
  262. global_event_mask |= conn->event_mask;
  263. }
  264. });
  265. new_mask = global_event_mask;
  266. /* Handle the aftermath. Set up the log callback to tell us only what
  267. * we want to hear...*/
  268. control_adjust_event_log_severity();
  269. /* Macro: true if ev was false before and is true now. */
  270. #define NEWLY_ENABLED(ev) \
  271. (! (old_mask & (ev)) && (new_mask & (ev)))
  272. /* ...then, if we've started logging stream or circ bw, clear the
  273. * appropriate fields. */
  274. if (NEWLY_ENABLED(EVENT_STREAM_BANDWIDTH_USED)) {
  275. SMARTLIST_FOREACH(conns, connection_t *, conn,
  276. {
  277. if (conn->type == CONN_TYPE_AP) {
  278. edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
  279. edge_conn->n_written = edge_conn->n_read = 0;
  280. }
  281. });
  282. }
  283. if (NEWLY_ENABLED(EVENT_CIRC_BANDWIDTH_USED)) {
  284. clear_circ_bw_fields();
  285. }
  286. if (NEWLY_ENABLED(EVENT_BANDWIDTH_USED)) {
  287. uint64_t r, w;
  288. control_get_bytes_rw_last_sec(&r, &w);
  289. }
  290. if (any_old_per_sec_events != control_any_per_second_event_enabled()) {
  291. reschedule_per_second_timer();
  292. }
  293. #undef NEWLY_ENABLED
  294. }
  295. /** Adjust the log severities that result in control_event_logmsg being called
  296. * to match the severity of log messages that any controllers are interested
  297. * in. */
  298. void
  299. control_adjust_event_log_severity(void)
  300. {
  301. int i;
  302. int min_log_event=EVENT_ERR_MSG, max_log_event=EVENT_DEBUG_MSG;
  303. for (i = EVENT_DEBUG_MSG; i <= EVENT_ERR_MSG; ++i) {
  304. if (EVENT_IS_INTERESTING(i)) {
  305. min_log_event = i;
  306. break;
  307. }
  308. }
  309. for (i = EVENT_ERR_MSG; i >= EVENT_DEBUG_MSG; --i) {
  310. if (EVENT_IS_INTERESTING(i)) {
  311. max_log_event = i;
  312. break;
  313. }
  314. }
  315. if (EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL)) {
  316. if (min_log_event > EVENT_NOTICE_MSG)
  317. min_log_event = EVENT_NOTICE_MSG;
  318. if (max_log_event < EVENT_ERR_MSG)
  319. max_log_event = EVENT_ERR_MSG;
  320. }
  321. if (min_log_event <= max_log_event)
  322. change_callback_log_severity(event_to_log_severity(min_log_event),
  323. event_to_log_severity(max_log_event),
  324. control_event_logmsg);
  325. else
  326. change_callback_log_severity(LOG_ERR, LOG_ERR,
  327. control_event_logmsg);
  328. }
  329. /** Return true iff the event with code <b>c</b> is being sent to any current
  330. * control connection. This is useful if the amount of work needed to prepare
  331. * to call the appropriate control_event_...() function is high.
  332. */
  333. int
  334. control_event_is_interesting(int event)
  335. {
  336. return EVENT_IS_INTERESTING(event);
  337. }
  338. /** Return true if any event that needs to fire once a second is enabled. */
  339. int
  340. control_any_per_second_event_enabled(void)
  341. {
  342. return ANY_EVENT_IS_INTERESTING(
  343. EVENT_MASK_(EVENT_BANDWIDTH_USED) |
  344. EVENT_MASK_(EVENT_CELL_STATS) |
  345. EVENT_MASK_(EVENT_CIRC_BANDWIDTH_USED) |
  346. EVENT_MASK_(EVENT_CONN_BW) |
  347. EVENT_MASK_(EVENT_STREAM_BANDWIDTH_USED)
  348. );
  349. }
  350. /* The value of 'get_bytes_read()' the previous time that
  351. * control_get_bytes_rw_last_sec() as called. */
  352. static uint64_t stats_prev_n_read = 0;
  353. /* The value of 'get_bytes_written()' the previous time that
  354. * control_get_bytes_rw_last_sec() as called. */
  355. static uint64_t stats_prev_n_written = 0;
  356. /**
  357. * Set <b>n_read</b> and <b>n_written</b> to the total number of bytes read
  358. * and written by Tor since the last call to this function.
  359. *
  360. * Call this only from the main thread.
  361. */
  362. static void
  363. control_get_bytes_rw_last_sec(uint64_t *n_read,
  364. uint64_t *n_written)
  365. {
  366. const uint64_t stats_n_bytes_read = get_bytes_read();
  367. const uint64_t stats_n_bytes_written = get_bytes_written();
  368. *n_read = stats_n_bytes_read - stats_prev_n_read;
  369. *n_written = stats_n_bytes_written - stats_prev_n_written;
  370. stats_prev_n_read = stats_n_bytes_read;
  371. stats_prev_n_written = stats_n_bytes_written;
  372. }
  373. /**
  374. * Run all the controller events (if any) that are scheduled to trigger once
  375. * per second.
  376. */
  377. void
  378. control_per_second_events(void)
  379. {
  380. if (!control_any_per_second_event_enabled())
  381. return;
  382. uint64_t bytes_read, bytes_written;
  383. control_get_bytes_rw_last_sec(&bytes_read, &bytes_written);
  384. control_event_bandwidth_used((uint32_t)bytes_read,(uint32_t)bytes_written);
  385. control_event_stream_bandwidth_used();
  386. control_event_conn_bandwidth_used();
  387. control_event_circ_bandwidth_used();
  388. control_event_circuit_cell_stats();
  389. }
  390. /** Append a NUL-terminated string <b>s</b> to the end of
  391. * <b>conn</b>-\>outbuf.
  392. */
  393. static inline void
  394. connection_write_str_to_buf(const char *s, control_connection_t *conn)
  395. {
  396. size_t len = strlen(s);
  397. connection_buf_add(s, len, TO_CONN(conn));
  398. }
  399. /** Given a <b>len</b>-character string in <b>data</b>, made of lines
  400. * terminated by CRLF, allocate a new string in *<b>out</b>, and copy the
  401. * contents of <b>data</b> into *<b>out</b>, adding a period before any period
  402. * that appears at the start of a line, and adding a period-CRLF line at
  403. * the end. Replace all LF characters sequences with CRLF. Return the number
  404. * of bytes in *<b>out</b>.
  405. */
  406. STATIC size_t
  407. write_escaped_data(const char *data, size_t len, char **out)
  408. {
  409. tor_assert(len < SIZE_MAX - 9);
  410. size_t sz_out = len+8+1;
  411. char *outp;
  412. const char *start = data, *end;
  413. size_t i;
  414. int start_of_line;
  415. for (i=0; i < len; ++i) {
  416. if (data[i] == '\n') {
  417. sz_out += 2; /* Maybe add a CR; maybe add a dot. */
  418. if (sz_out >= SIZE_T_CEILING) {
  419. log_warn(LD_BUG, "Input to write_escaped_data was too long");
  420. *out = tor_strdup(".\r\n");
  421. return 3;
  422. }
  423. }
  424. }
  425. *out = outp = tor_malloc(sz_out);
  426. end = data+len;
  427. start_of_line = 1;
  428. while (data < end) {
  429. if (*data == '\n') {
  430. if (data > start && data[-1] != '\r')
  431. *outp++ = '\r';
  432. start_of_line = 1;
  433. } else if (*data == '.') {
  434. if (start_of_line) {
  435. start_of_line = 0;
  436. *outp++ = '.';
  437. }
  438. } else {
  439. start_of_line = 0;
  440. }
  441. *outp++ = *data++;
  442. }
  443. if (outp < *out+2 || fast_memcmp(outp-2, "\r\n", 2)) {
  444. *outp++ = '\r';
  445. *outp++ = '\n';
  446. }
  447. *outp++ = '.';
  448. *outp++ = '\r';
  449. *outp++ = '\n';
  450. *outp = '\0'; /* NUL-terminate just in case. */
  451. tor_assert(outp >= *out);
  452. tor_assert((size_t)(outp - *out) <= sz_out);
  453. return outp - *out;
  454. }
  455. /** Given a <b>len</b>-character string in <b>data</b>, made of lines
  456. * terminated by CRLF, allocate a new string in *<b>out</b>, and copy
  457. * the contents of <b>data</b> into *<b>out</b>, removing any period
  458. * that appears at the start of a line, and replacing all CRLF sequences
  459. * with LF. Return the number of
  460. * bytes in *<b>out</b>. */
  461. STATIC size_t
  462. read_escaped_data(const char *data, size_t len, char **out)
  463. {
  464. char *outp;
  465. const char *next;
  466. const char *end;
  467. *out = outp = tor_malloc(len+1);
  468. end = data+len;
  469. while (data < end) {
  470. /* we're at the start of a line. */
  471. if (*data == '.')
  472. ++data;
  473. next = memchr(data, '\n', end-data);
  474. if (next) {
  475. size_t n_to_copy = next-data;
  476. /* Don't copy a CR that precedes this LF. */
  477. if (n_to_copy && *(next-1) == '\r')
  478. --n_to_copy;
  479. memcpy(outp, data, n_to_copy);
  480. outp += n_to_copy;
  481. data = next+1; /* This will point at the start of the next line,
  482. * or the end of the string, or a period. */
  483. } else {
  484. memcpy(outp, data, end-data);
  485. outp += (end-data);
  486. *outp = '\0';
  487. return outp - *out;
  488. }
  489. *outp++ = '\n';
  490. }
  491. *outp = '\0';
  492. return outp - *out;
  493. }
  494. /** If the first <b>in_len_max</b> characters in <b>start</b> contain a
  495. * double-quoted string with escaped characters, return the length of that
  496. * string (as encoded, including quotes). Otherwise return -1. */
  497. static inline int
  498. get_escaped_string_length(const char *start, size_t in_len_max,
  499. int *chars_out)
  500. {
  501. const char *cp, *end;
  502. int chars = 0;
  503. if (*start != '\"')
  504. return -1;
  505. cp = start+1;
  506. end = start+in_len_max;
  507. /* Calculate length. */
  508. while (1) {
  509. if (cp >= end) {
  510. return -1; /* Too long. */
  511. } else if (*cp == '\\') {
  512. if (++cp == end)
  513. return -1; /* Can't escape EOS. */
  514. ++cp;
  515. ++chars;
  516. } else if (*cp == '\"') {
  517. break;
  518. } else {
  519. ++cp;
  520. ++chars;
  521. }
  522. }
  523. if (chars_out)
  524. *chars_out = chars;
  525. return (int)(cp - start+1);
  526. }
  527. /** As decode_escaped_string, but does not decode the string: copies the
  528. * entire thing, including quotation marks. */
  529. static const char *
  530. extract_escaped_string(const char *start, size_t in_len_max,
  531. char **out, size_t *out_len)
  532. {
  533. int length = get_escaped_string_length(start, in_len_max, NULL);
  534. if (length<0)
  535. return NULL;
  536. *out_len = length;
  537. *out = tor_strndup(start, *out_len);
  538. return start+length;
  539. }
  540. /** Given a pointer to a string starting at <b>start</b> containing
  541. * <b>in_len_max</b> characters, decode a string beginning with one double
  542. * quote, containing any number of non-quote characters or characters escaped
  543. * with a backslash, and ending with a final double quote. Place the resulting
  544. * string (unquoted, unescaped) into a newly allocated string in *<b>out</b>;
  545. * store its length in <b>out_len</b>. On success, return a pointer to the
  546. * character immediately following the escaped string. On failure, return
  547. * NULL. */
  548. static const char *
  549. decode_escaped_string(const char *start, size_t in_len_max,
  550. char **out, size_t *out_len)
  551. {
  552. const char *cp, *end;
  553. char *outp;
  554. int len, n_chars = 0;
  555. len = get_escaped_string_length(start, in_len_max, &n_chars);
  556. if (len<0)
  557. return NULL;
  558. end = start+len-1; /* Index of last quote. */
  559. tor_assert(*end == '\"');
  560. outp = *out = tor_malloc(len+1);
  561. *out_len = n_chars;
  562. cp = start+1;
  563. while (cp < end) {
  564. if (*cp == '\\')
  565. ++cp;
  566. *outp++ = *cp++;
  567. }
  568. *outp = '\0';
  569. tor_assert((outp - *out) == (int)*out_len);
  570. return end+1;
  571. }
  572. /** Create and add a new controller connection on <b>sock</b>. If
  573. * <b>CC_LOCAL_FD_IS_OWNER</b> is set in <b>flags</b>, this Tor process should
  574. * exit when the connection closes. If <b>CC_LOCAL_FD_IS_AUTHENTICATED</b>
  575. * is set, then the connection does not need to authenticate.
  576. */
  577. int
  578. control_connection_add_local_fd(tor_socket_t sock, unsigned flags)
  579. {
  580. if (BUG(! SOCKET_OK(sock)))
  581. return -1;
  582. const int is_owner = !!(flags & CC_LOCAL_FD_IS_OWNER);
  583. const int is_authenticated = !!(flags & CC_LOCAL_FD_IS_AUTHENTICATED);
  584. control_connection_t *control_conn = control_connection_new(AF_UNSPEC);
  585. connection_t *conn = TO_CONN(control_conn);
  586. conn->s = sock;
  587. tor_addr_make_unspec(&conn->addr);
  588. conn->port = 1;
  589. conn->address = tor_strdup("<local socket>");
  590. /* We take ownership of this socket so that later, when we close it,
  591. * we don't freak out. */
  592. tor_take_socket_ownership(sock);
  593. if (set_socket_nonblocking(sock) < 0 ||
  594. connection_add(conn) < 0) {
  595. connection_free(conn);
  596. return -1;
  597. }
  598. control_conn->is_owning_control_connection = is_owner;
  599. if (connection_init_accepted_conn(conn, NULL) < 0) {
  600. connection_mark_for_close(conn);
  601. return -1;
  602. }
  603. if (is_authenticated) {
  604. conn->state = CONTROL_CONN_STATE_OPEN;
  605. }
  606. return 0;
  607. }
  608. /** Acts like sprintf, but writes its formatted string to the end of
  609. * <b>conn</b>-\>outbuf. */
  610. static void
  611. connection_printf_to_buf(control_connection_t *conn, const char *format, ...)
  612. {
  613. va_list ap;
  614. char *buf = NULL;
  615. int len;
  616. va_start(ap,format);
  617. len = tor_vasprintf(&buf, format, ap);
  618. va_end(ap);
  619. if (len < 0) {
  620. log_err(LD_BUG, "Unable to format string for controller.");
  621. tor_assert(0);
  622. }
  623. connection_buf_add(buf, (size_t)len, TO_CONN(conn));
  624. tor_free(buf);
  625. }
  626. /** Write all of the open control ports to ControlPortWriteToFile */
  627. void
  628. control_ports_write_to_file(void)
  629. {
  630. smartlist_t *lines;
  631. char *joined = NULL;
  632. const or_options_t *options = get_options();
  633. if (!options->ControlPortWriteToFile)
  634. return;
  635. lines = smartlist_new();
  636. SMARTLIST_FOREACH_BEGIN(get_connection_array(), const connection_t *, conn) {
  637. if (conn->type != CONN_TYPE_CONTROL_LISTENER || conn->marked_for_close)
  638. continue;
  639. #ifdef AF_UNIX
  640. if (conn->socket_family == AF_UNIX) {
  641. smartlist_add_asprintf(lines, "UNIX_PORT=%s\n", conn->address);
  642. continue;
  643. }
  644. #endif /* defined(AF_UNIX) */
  645. smartlist_add_asprintf(lines, "PORT=%s:%d\n", conn->address, conn->port);
  646. } SMARTLIST_FOREACH_END(conn);
  647. joined = smartlist_join_strings(lines, "", 0, NULL);
  648. if (write_str_to_file(options->ControlPortWriteToFile, joined, 0) < 0) {
  649. log_warn(LD_CONTROL, "Writing %s failed: %s",
  650. options->ControlPortWriteToFile, strerror(errno));
  651. }
  652. #ifndef _WIN32
  653. if (options->ControlPortFileGroupReadable) {
  654. if (chmod(options->ControlPortWriteToFile, 0640)) {
  655. log_warn(LD_FS,"Unable to make %s group-readable.",
  656. options->ControlPortWriteToFile);
  657. }
  658. }
  659. #endif /* !defined(_WIN32) */
  660. tor_free(joined);
  661. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  662. smartlist_free(lines);
  663. }
  664. /** Send a "DONE" message down the control connection <b>conn</b>. */
  665. static void
  666. send_control_done(control_connection_t *conn)
  667. {
  668. connection_write_str_to_buf("250 OK\r\n", conn);
  669. }
  670. /** Represents an event that's queued to be sent to one or more
  671. * controllers. */
  672. typedef struct queued_event_s {
  673. uint16_t event;
  674. char *msg;
  675. } queued_event_t;
  676. /** Pointer to int. If this is greater than 0, we don't allow new events to be
  677. * queued. */
  678. static tor_threadlocal_t block_event_queue_flag;
  679. /** Holds a smartlist of queued_event_t objects that may need to be sent
  680. * to one or more controllers */
  681. static smartlist_t *queued_control_events = NULL;
  682. /** True if the flush_queued_events_event is pending. */
  683. static int flush_queued_event_pending = 0;
  684. /** Lock to protect the above fields. */
  685. static tor_mutex_t *queued_control_events_lock = NULL;
  686. /** An event that should fire in order to flush the contents of
  687. * queued_control_events. */
  688. static mainloop_event_t *flush_queued_events_event = NULL;
  689. void
  690. control_initialize_event_queue(void)
  691. {
  692. if (queued_control_events == NULL) {
  693. queued_control_events = smartlist_new();
  694. }
  695. if (flush_queued_events_event == NULL) {
  696. struct event_base *b = tor_libevent_get_base();
  697. if (b) {
  698. flush_queued_events_event =
  699. mainloop_event_new(flush_queued_events_cb, NULL);
  700. tor_assert(flush_queued_events_event);
  701. }
  702. }
  703. if (queued_control_events_lock == NULL) {
  704. queued_control_events_lock = tor_mutex_new();
  705. tor_threadlocal_init(&block_event_queue_flag);
  706. }
  707. }
  708. static int *
  709. get_block_event_queue(void)
  710. {
  711. int *val = tor_threadlocal_get(&block_event_queue_flag);
  712. if (PREDICT_UNLIKELY(val == NULL)) {
  713. val = tor_malloc_zero(sizeof(int));
  714. tor_threadlocal_set(&block_event_queue_flag, val);
  715. }
  716. return val;
  717. }
  718. /** Helper: inserts an event on the list of events queued to be sent to
  719. * one or more controllers, and schedules the events to be flushed if needed.
  720. *
  721. * This function takes ownership of <b>msg</b>, and may free it.
  722. *
  723. * We queue these events rather than send them immediately in order to break
  724. * the dependency in our callgraph from code that generates events for the
  725. * controller, and the network layer at large. Otherwise, nearly every
  726. * interesting part of Tor would potentially call every other interesting part
  727. * of Tor.
  728. */
  729. MOCK_IMPL(STATIC void,
  730. queue_control_event_string,(uint16_t event, char *msg))
  731. {
  732. /* This is redundant with checks done elsewhere, but it's a last-ditch
  733. * attempt to avoid queueing something we shouldn't have to queue. */
  734. if (PREDICT_UNLIKELY( ! EVENT_IS_INTERESTING(event) )) {
  735. tor_free(msg);
  736. return;
  737. }
  738. int *block_event_queue = get_block_event_queue();
  739. if (*block_event_queue) {
  740. tor_free(msg);
  741. return;
  742. }
  743. queued_event_t *ev = tor_malloc(sizeof(*ev));
  744. ev->event = event;
  745. ev->msg = msg;
  746. /* No queueing an event while queueing an event */
  747. ++*block_event_queue;
  748. tor_mutex_acquire(queued_control_events_lock);
  749. tor_assert(queued_control_events);
  750. smartlist_add(queued_control_events, ev);
  751. int activate_event = 0;
  752. if (! flush_queued_event_pending && in_main_thread()) {
  753. activate_event = 1;
  754. flush_queued_event_pending = 1;
  755. }
  756. tor_mutex_release(queued_control_events_lock);
  757. --*block_event_queue;
  758. /* We just put an event on the queue; mark the queue to be
  759. * flushed. We only do this from the main thread for now; otherwise,
  760. * we'd need to incur locking overhead in Libevent or use a socket.
  761. */
  762. if (activate_event) {
  763. tor_assert(flush_queued_events_event);
  764. mainloop_event_activate(flush_queued_events_event);
  765. }
  766. }
  767. #define queued_event_free(ev) \
  768. FREE_AND_NULL(queued_event_t, queued_event_free_, (ev))
  769. /** Release all storage held by <b>ev</b>. */
  770. static void
  771. queued_event_free_(queued_event_t *ev)
  772. {
  773. if (ev == NULL)
  774. return;
  775. tor_free(ev->msg);
  776. tor_free(ev);
  777. }
  778. /** Send every queued event to every controller that's interested in it,
  779. * and remove the events from the queue. If <b>force</b> is true,
  780. * then make all controllers send their data out immediately, since we
  781. * may be about to shut down. */
  782. static void
  783. queued_events_flush_all(int force)
  784. {
  785. /* Make sure that we get all the pending log events, if there are any. */
  786. flush_pending_log_callbacks();
  787. if (PREDICT_UNLIKELY(queued_control_events == NULL)) {
  788. return;
  789. }
  790. smartlist_t *all_conns = get_connection_array();
  791. smartlist_t *controllers = smartlist_new();
  792. smartlist_t *queued_events;
  793. int *block_event_queue = get_block_event_queue();
  794. ++*block_event_queue;
  795. tor_mutex_acquire(queued_control_events_lock);
  796. /* No queueing an event while flushing events. */
  797. flush_queued_event_pending = 0;
  798. queued_events = queued_control_events;
  799. queued_control_events = smartlist_new();
  800. tor_mutex_release(queued_control_events_lock);
  801. /* Gather all the controllers that will care... */
  802. SMARTLIST_FOREACH_BEGIN(all_conns, connection_t *, conn) {
  803. if (conn->type == CONN_TYPE_CONTROL &&
  804. !conn->marked_for_close &&
  805. conn->state == CONTROL_CONN_STATE_OPEN) {
  806. control_connection_t *control_conn = TO_CONTROL_CONN(conn);
  807. smartlist_add(controllers, control_conn);
  808. }
  809. } SMARTLIST_FOREACH_END(conn);
  810. SMARTLIST_FOREACH_BEGIN(queued_events, queued_event_t *, ev) {
  811. const event_mask_t bit = ((event_mask_t)1) << ev->event;
  812. const size_t msg_len = strlen(ev->msg);
  813. SMARTLIST_FOREACH_BEGIN(controllers, control_connection_t *,
  814. control_conn) {
  815. if (control_conn->event_mask & bit) {
  816. connection_buf_add(ev->msg, msg_len, TO_CONN(control_conn));
  817. }
  818. } SMARTLIST_FOREACH_END(control_conn);
  819. queued_event_free(ev);
  820. } SMARTLIST_FOREACH_END(ev);
  821. if (force) {
  822. SMARTLIST_FOREACH_BEGIN(controllers, control_connection_t *,
  823. control_conn) {
  824. connection_flush(TO_CONN(control_conn));
  825. } SMARTLIST_FOREACH_END(control_conn);
  826. }
  827. smartlist_free(queued_events);
  828. smartlist_free(controllers);
  829. --*block_event_queue;
  830. }
  831. /** Libevent callback: Flushes pending events to controllers that are
  832. * interested in them. */
  833. static void
  834. flush_queued_events_cb(mainloop_event_t *event, void *arg)
  835. {
  836. (void) event;
  837. (void) arg;
  838. queued_events_flush_all(0);
  839. }
  840. /** Send an event to all v1 controllers that are listening for code
  841. * <b>event</b>. The event's body is given by <b>msg</b>.
  842. *
  843. * The EXTENDED_FORMAT and NONEXTENDED_FORMAT flags behave similarly with
  844. * respect to the EXTENDED_EVENTS feature. */
  845. MOCK_IMPL(STATIC void,
  846. send_control_event_string,(uint16_t event,
  847. const char *msg))
  848. {
  849. tor_assert(event >= EVENT_MIN_ && event <= EVENT_MAX_);
  850. queue_control_event_string(event, tor_strdup(msg));
  851. }
  852. /** Helper for send_control_event and control_event_status:
  853. * Send an event to all v1 controllers that are listening for code
  854. * <b>event</b>. The event's body is created by the printf-style format in
  855. * <b>format</b>, and other arguments as provided. */
  856. static void
  857. send_control_event_impl(uint16_t event,
  858. const char *format, va_list ap)
  859. {
  860. char *buf = NULL;
  861. int len;
  862. len = tor_vasprintf(&buf, format, ap);
  863. if (len < 0) {
  864. log_warn(LD_BUG, "Unable to format event for controller.");
  865. return;
  866. }
  867. queue_control_event_string(event, buf);
  868. }
  869. /** Send an event to all v1 controllers that are listening for code
  870. * <b>event</b>. The event's body is created by the printf-style format in
  871. * <b>format</b>, and other arguments as provided. */
  872. static void
  873. send_control_event(uint16_t event,
  874. const char *format, ...)
  875. {
  876. va_list ap;
  877. va_start(ap, format);
  878. send_control_event_impl(event, format, ap);
  879. va_end(ap);
  880. }
  881. /** Given a text circuit <b>id</b>, return the corresponding circuit. */
  882. static origin_circuit_t *
  883. get_circ(const char *id)
  884. {
  885. uint32_t n_id;
  886. int ok;
  887. n_id = (uint32_t) tor_parse_ulong(id, 10, 0, UINT32_MAX, &ok, NULL);
  888. if (!ok)
  889. return NULL;
  890. return circuit_get_by_global_id(n_id);
  891. }
  892. /** Given a text stream <b>id</b>, return the corresponding AP connection. */
  893. static entry_connection_t *
  894. get_stream(const char *id)
  895. {
  896. uint64_t n_id;
  897. int ok;
  898. connection_t *conn;
  899. n_id = tor_parse_uint64(id, 10, 0, UINT64_MAX, &ok, NULL);
  900. if (!ok)
  901. return NULL;
  902. conn = connection_get_by_global_id(n_id);
  903. if (!conn || conn->type != CONN_TYPE_AP || conn->marked_for_close)
  904. return NULL;
  905. return TO_ENTRY_CONN(conn);
  906. }
  907. /** Helper for setconf and resetconf. Acts like setconf, except
  908. * it passes <b>use_defaults</b> on to options_trial_assign(). Modifies the
  909. * contents of body.
  910. */
  911. static int
  912. control_setconf_helper(control_connection_t *conn, uint32_t len, char *body,
  913. int use_defaults)
  914. {
  915. setopt_err_t opt_err;
  916. config_line_t *lines=NULL;
  917. char *start = body;
  918. char *errstring = NULL;
  919. const unsigned flags =
  920. CAL_CLEAR_FIRST | (use_defaults ? CAL_USE_DEFAULTS : 0);
  921. char *config;
  922. smartlist_t *entries = smartlist_new();
  923. /* We have a string, "body", of the format '(key(=val|="val")?)' entries
  924. * separated by space. break it into a list of configuration entries. */
  925. while (*body) {
  926. char *eq = body;
  927. char *key;
  928. char *entry;
  929. while (!TOR_ISSPACE(*eq) && *eq != '=')
  930. ++eq;
  931. key = tor_strndup(body, eq-body);
  932. body = eq+1;
  933. if (*eq == '=') {
  934. char *val=NULL;
  935. size_t val_len=0;
  936. if (*body != '\"') {
  937. char *val_start = body;
  938. while (!TOR_ISSPACE(*body))
  939. body++;
  940. val = tor_strndup(val_start, body-val_start);
  941. val_len = strlen(val);
  942. } else {
  943. body = (char*)extract_escaped_string(body, (len - (body-start)),
  944. &val, &val_len);
  945. if (!body) {
  946. connection_write_str_to_buf("551 Couldn't parse string\r\n", conn);
  947. SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
  948. smartlist_free(entries);
  949. tor_free(key);
  950. return 0;
  951. }
  952. }
  953. tor_asprintf(&entry, "%s %s", key, val);
  954. tor_free(key);
  955. tor_free(val);
  956. } else {
  957. entry = key;
  958. }
  959. smartlist_add(entries, entry);
  960. while (TOR_ISSPACE(*body))
  961. ++body;
  962. }
  963. smartlist_add_strdup(entries, "");
  964. config = smartlist_join_strings(entries, "\n", 0, NULL);
  965. SMARTLIST_FOREACH(entries, char *, cp, tor_free(cp));
  966. smartlist_free(entries);
  967. if (config_get_lines(config, &lines, 0) < 0) {
  968. log_warn(LD_CONTROL,"Controller gave us config lines we can't parse.");
  969. connection_write_str_to_buf("551 Couldn't parse configuration\r\n",
  970. conn);
  971. tor_free(config);
  972. return 0;
  973. }
  974. tor_free(config);
  975. opt_err = options_trial_assign(lines, flags, &errstring);
  976. {
  977. const char *msg;
  978. switch (opt_err) {
  979. case SETOPT_ERR_MISC:
  980. msg = "552 Unrecognized option";
  981. break;
  982. case SETOPT_ERR_PARSE:
  983. msg = "513 Unacceptable option value";
  984. break;
  985. case SETOPT_ERR_TRANSITION:
  986. msg = "553 Transition not allowed";
  987. break;
  988. case SETOPT_ERR_SETTING:
  989. default:
  990. msg = "553 Unable to set option";
  991. break;
  992. case SETOPT_OK:
  993. config_free_lines(lines);
  994. send_control_done(conn);
  995. return 0;
  996. }
  997. log_warn(LD_CONTROL,
  998. "Controller gave us config lines that didn't validate: %s",
  999. errstring);
  1000. connection_printf_to_buf(conn, "%s: %s\r\n", msg, errstring);
  1001. config_free_lines(lines);
  1002. tor_free(errstring);
  1003. return 0;
  1004. }
  1005. }
  1006. /** Called when we receive a SETCONF message: parse the body and try
  1007. * to update our configuration. Reply with a DONE or ERROR message.
  1008. * Modifies the contents of body.*/
  1009. static int
  1010. handle_control_setconf(control_connection_t *conn, uint32_t len, char *body)
  1011. {
  1012. return control_setconf_helper(conn, len, body, 0);
  1013. }
  1014. /** Called when we receive a RESETCONF message: parse the body and try
  1015. * to update our configuration. Reply with a DONE or ERROR message.
  1016. * Modifies the contents of body. */
  1017. static int
  1018. handle_control_resetconf(control_connection_t *conn, uint32_t len, char *body)
  1019. {
  1020. return control_setconf_helper(conn, len, body, 1);
  1021. }
  1022. /** Called when we receive a GETCONF message. Parse the request, and
  1023. * reply with a CONFVALUE or an ERROR message */
  1024. static int
  1025. handle_control_getconf(control_connection_t *conn, uint32_t body_len,
  1026. const char *body)
  1027. {
  1028. smartlist_t *questions = smartlist_new();
  1029. smartlist_t *answers = smartlist_new();
  1030. smartlist_t *unrecognized = smartlist_new();
  1031. char *msg = NULL;
  1032. size_t msg_len;
  1033. const or_options_t *options = get_options();
  1034. int i, len;
  1035. (void) body_len; /* body is NUL-terminated; so we can ignore len. */
  1036. smartlist_split_string(questions, body, " ",
  1037. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  1038. SMARTLIST_FOREACH_BEGIN(questions, const char *, q) {
  1039. if (!option_is_recognized(q)) {
  1040. smartlist_add(unrecognized, (char*) q);
  1041. } else {
  1042. config_line_t *answer = option_get_assignment(options,q);
  1043. if (!answer) {
  1044. const char *name = option_get_canonical_name(q);
  1045. smartlist_add_asprintf(answers, "250-%s\r\n", name);
  1046. }
  1047. while (answer) {
  1048. config_line_t *next;
  1049. smartlist_add_asprintf(answers, "250-%s=%s\r\n",
  1050. answer->key, answer->value);
  1051. next = answer->next;
  1052. tor_free(answer->key);
  1053. tor_free(answer->value);
  1054. tor_free(answer);
  1055. answer = next;
  1056. }
  1057. }
  1058. } SMARTLIST_FOREACH_END(q);
  1059. if ((len = smartlist_len(unrecognized))) {
  1060. for (i=0; i < len-1; ++i)
  1061. connection_printf_to_buf(conn,
  1062. "552-Unrecognized configuration key \"%s\"\r\n",
  1063. (char*)smartlist_get(unrecognized, i));
  1064. connection_printf_to_buf(conn,
  1065. "552 Unrecognized configuration key \"%s\"\r\n",
  1066. (char*)smartlist_get(unrecognized, len-1));
  1067. } else if ((len = smartlist_len(answers))) {
  1068. char *tmp = smartlist_get(answers, len-1);
  1069. tor_assert(strlen(tmp)>4);
  1070. tmp[3] = ' ';
  1071. msg = smartlist_join_strings(answers, "", 0, &msg_len);
  1072. connection_buf_add(msg, msg_len, TO_CONN(conn));
  1073. } else {
  1074. connection_write_str_to_buf("250 OK\r\n", conn);
  1075. }
  1076. SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
  1077. smartlist_free(answers);
  1078. SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
  1079. smartlist_free(questions);
  1080. smartlist_free(unrecognized);
  1081. tor_free(msg);
  1082. return 0;
  1083. }
  1084. /** Called when we get a +LOADCONF message. */
  1085. static int
  1086. handle_control_loadconf(control_connection_t *conn, uint32_t len,
  1087. const char *body)
  1088. {
  1089. setopt_err_t retval;
  1090. char *errstring = NULL;
  1091. const char *msg = NULL;
  1092. (void) len;
  1093. retval = options_init_from_string(NULL, body, CMD_RUN_TOR, NULL, &errstring);
  1094. if (retval != SETOPT_OK)
  1095. log_warn(LD_CONTROL,
  1096. "Controller gave us config file that didn't validate: %s",
  1097. errstring);
  1098. switch (retval) {
  1099. case SETOPT_ERR_PARSE:
  1100. msg = "552 Invalid config file";
  1101. break;
  1102. case SETOPT_ERR_TRANSITION:
  1103. msg = "553 Transition not allowed";
  1104. break;
  1105. case SETOPT_ERR_SETTING:
  1106. msg = "553 Unable to set option";
  1107. break;
  1108. case SETOPT_ERR_MISC:
  1109. default:
  1110. msg = "550 Unable to load config";
  1111. break;
  1112. case SETOPT_OK:
  1113. break;
  1114. }
  1115. if (msg) {
  1116. if (errstring)
  1117. connection_printf_to_buf(conn, "%s: %s\r\n", msg, errstring);
  1118. else
  1119. connection_printf_to_buf(conn, "%s\r\n", msg);
  1120. } else {
  1121. send_control_done(conn);
  1122. }
  1123. tor_free(errstring);
  1124. return 0;
  1125. }
  1126. /** Helper structure: maps event values to their names. */
  1127. struct control_event_t {
  1128. uint16_t event_code;
  1129. const char *event_name;
  1130. };
  1131. /** Table mapping event values to their names. Used to implement SETEVENTS
  1132. * and GETINFO events/names, and to keep they in sync. */
  1133. static const struct control_event_t control_event_table[] = {
  1134. { EVENT_CIRCUIT_STATUS, "CIRC" },
  1135. { EVENT_CIRCUIT_STATUS_MINOR, "CIRC_MINOR" },
  1136. { EVENT_STREAM_STATUS, "STREAM" },
  1137. { EVENT_OR_CONN_STATUS, "ORCONN" },
  1138. { EVENT_BANDWIDTH_USED, "BW" },
  1139. { EVENT_DEBUG_MSG, "DEBUG" },
  1140. { EVENT_INFO_MSG, "INFO" },
  1141. { EVENT_NOTICE_MSG, "NOTICE" },
  1142. { EVENT_WARN_MSG, "WARN" },
  1143. { EVENT_ERR_MSG, "ERR" },
  1144. { EVENT_NEW_DESC, "NEWDESC" },
  1145. { EVENT_ADDRMAP, "ADDRMAP" },
  1146. { EVENT_DESCCHANGED, "DESCCHANGED" },
  1147. { EVENT_NS, "NS" },
  1148. { EVENT_STATUS_GENERAL, "STATUS_GENERAL" },
  1149. { EVENT_STATUS_CLIENT, "STATUS_CLIENT" },
  1150. { EVENT_STATUS_SERVER, "STATUS_SERVER" },
  1151. { EVENT_GUARD, "GUARD" },
  1152. { EVENT_STREAM_BANDWIDTH_USED, "STREAM_BW" },
  1153. { EVENT_CLIENTS_SEEN, "CLIENTS_SEEN" },
  1154. { EVENT_NEWCONSENSUS, "NEWCONSENSUS" },
  1155. { EVENT_BUILDTIMEOUT_SET, "BUILDTIMEOUT_SET" },
  1156. { EVENT_GOT_SIGNAL, "SIGNAL" },
  1157. { EVENT_CONF_CHANGED, "CONF_CHANGED"},
  1158. { EVENT_CONN_BW, "CONN_BW" },
  1159. { EVENT_CELL_STATS, "CELL_STATS" },
  1160. { EVENT_CIRC_BANDWIDTH_USED, "CIRC_BW" },
  1161. { EVENT_TRANSPORT_LAUNCHED, "TRANSPORT_LAUNCHED" },
  1162. { EVENT_HS_DESC, "HS_DESC" },
  1163. { EVENT_HS_DESC_CONTENT, "HS_DESC_CONTENT" },
  1164. { EVENT_NETWORK_LIVENESS, "NETWORK_LIVENESS" },
  1165. { 0, NULL },
  1166. };
  1167. /** Called when we get a SETEVENTS message: update conn->event_mask,
  1168. * and reply with DONE or ERROR. */
  1169. static int
  1170. handle_control_setevents(control_connection_t *conn, uint32_t len,
  1171. const char *body)
  1172. {
  1173. int event_code;
  1174. event_mask_t event_mask = 0;
  1175. smartlist_t *events = smartlist_new();
  1176. (void) len;
  1177. smartlist_split_string(events, body, " ",
  1178. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  1179. SMARTLIST_FOREACH_BEGIN(events, const char *, ev)
  1180. {
  1181. if (!strcasecmp(ev, "EXTENDED") ||
  1182. !strcasecmp(ev, "AUTHDIR_NEWDESCS")) {
  1183. log_warn(LD_CONTROL, "The \"%s\" SETEVENTS argument is no longer "
  1184. "supported.", ev);
  1185. continue;
  1186. } else {
  1187. int i;
  1188. event_code = -1;
  1189. for (i = 0; control_event_table[i].event_name != NULL; ++i) {
  1190. if (!strcasecmp(ev, control_event_table[i].event_name)) {
  1191. event_code = control_event_table[i].event_code;
  1192. break;
  1193. }
  1194. }
  1195. if (event_code == -1) {
  1196. connection_printf_to_buf(conn, "552 Unrecognized event \"%s\"\r\n",
  1197. ev);
  1198. SMARTLIST_FOREACH(events, char *, e, tor_free(e));
  1199. smartlist_free(events);
  1200. return 0;
  1201. }
  1202. }
  1203. event_mask |= (((event_mask_t)1) << event_code);
  1204. }
  1205. SMARTLIST_FOREACH_END(ev);
  1206. SMARTLIST_FOREACH(events, char *, e, tor_free(e));
  1207. smartlist_free(events);
  1208. conn->event_mask = event_mask;
  1209. control_update_global_event_mask();
  1210. send_control_done(conn);
  1211. return 0;
  1212. }
  1213. /** Decode the hashed, base64'd passwords stored in <b>passwords</b>.
  1214. * Return a smartlist of acceptable passwords (unterminated strings of
  1215. * length S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on
  1216. * failure.
  1217. */
  1218. smartlist_t *
  1219. decode_hashed_passwords(config_line_t *passwords)
  1220. {
  1221. char decoded[64];
  1222. config_line_t *cl;
  1223. smartlist_t *sl = smartlist_new();
  1224. tor_assert(passwords);
  1225. for (cl = passwords; cl; cl = cl->next) {
  1226. const char *hashed = cl->value;
  1227. if (!strcmpstart(hashed, "16:")) {
  1228. if (base16_decode(decoded, sizeof(decoded), hashed+3, strlen(hashed+3))
  1229. != S2K_RFC2440_SPECIFIER_LEN + DIGEST_LEN
  1230. || strlen(hashed+3) != (S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN)*2) {
  1231. goto err;
  1232. }
  1233. } else {
  1234. if (base64_decode(decoded, sizeof(decoded), hashed, strlen(hashed))
  1235. != S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) {
  1236. goto err;
  1237. }
  1238. }
  1239. smartlist_add(sl,
  1240. tor_memdup(decoded, S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN));
  1241. }
  1242. return sl;
  1243. err:
  1244. SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
  1245. smartlist_free(sl);
  1246. return NULL;
  1247. }
  1248. /** Called when we get an AUTHENTICATE message. Check whether the
  1249. * authentication is valid, and if so, update the connection's state to
  1250. * OPEN. Reply with DONE or ERROR.
  1251. */
  1252. static int
  1253. handle_control_authenticate(control_connection_t *conn, uint32_t len,
  1254. const char *body)
  1255. {
  1256. int used_quoted_string = 0;
  1257. const or_options_t *options = get_options();
  1258. const char *errstr = "Unknown error";
  1259. char *password;
  1260. size_t password_len;
  1261. const char *cp;
  1262. int i;
  1263. int bad_cookie=0, bad_password=0;
  1264. smartlist_t *sl = NULL;
  1265. if (!len) {
  1266. password = tor_strdup("");
  1267. password_len = 0;
  1268. } else if (TOR_ISXDIGIT(body[0])) {
  1269. cp = body;
  1270. while (TOR_ISXDIGIT(*cp))
  1271. ++cp;
  1272. i = (int)(cp - body);
  1273. tor_assert(i>0);
  1274. password_len = i/2;
  1275. password = tor_malloc(password_len + 1);
  1276. if (base16_decode(password, password_len+1, body, i)
  1277. != (int) password_len) {
  1278. connection_write_str_to_buf(
  1279. "551 Invalid hexadecimal encoding. Maybe you tried a plain text "
  1280. "password? If so, the standard requires that you put it in "
  1281. "double quotes.\r\n", conn);
  1282. connection_mark_for_close(TO_CONN(conn));
  1283. tor_free(password);
  1284. return 0;
  1285. }
  1286. } else {
  1287. if (!decode_escaped_string(body, len, &password, &password_len)) {
  1288. connection_write_str_to_buf("551 Invalid quoted string. You need "
  1289. "to put the password in double quotes.\r\n", conn);
  1290. connection_mark_for_close(TO_CONN(conn));
  1291. return 0;
  1292. }
  1293. used_quoted_string = 1;
  1294. }
  1295. if (conn->safecookie_client_hash != NULL) {
  1296. /* The controller has chosen safe cookie authentication; the only
  1297. * acceptable authentication value is the controller-to-server
  1298. * response. */
  1299. tor_assert(authentication_cookie_is_set);
  1300. if (password_len != DIGEST256_LEN) {
  1301. log_warn(LD_CONTROL,
  1302. "Got safe cookie authentication response with wrong length "
  1303. "(%d)", (int)password_len);
  1304. errstr = "Wrong length for safe cookie response.";
  1305. goto err;
  1306. }
  1307. if (tor_memneq(conn->safecookie_client_hash, password, DIGEST256_LEN)) {
  1308. log_warn(LD_CONTROL,
  1309. "Got incorrect safe cookie authentication response");
  1310. errstr = "Safe cookie response did not match expected value.";
  1311. goto err;
  1312. }
  1313. tor_free(conn->safecookie_client_hash);
  1314. goto ok;
  1315. }
  1316. if (!options->CookieAuthentication && !options->HashedControlPassword &&
  1317. !options->HashedControlSessionPassword) {
  1318. /* if Tor doesn't demand any stronger authentication, then
  1319. * the controller can get in with anything. */
  1320. goto ok;
  1321. }
  1322. if (options->CookieAuthentication) {
  1323. int also_password = options->HashedControlPassword != NULL ||
  1324. options->HashedControlSessionPassword != NULL;
  1325. if (password_len != AUTHENTICATION_COOKIE_LEN) {
  1326. if (!also_password) {
  1327. log_warn(LD_CONTROL, "Got authentication cookie with wrong length "
  1328. "(%d)", (int)password_len);
  1329. errstr = "Wrong length on authentication cookie.";
  1330. goto err;
  1331. }
  1332. bad_cookie = 1;
  1333. } else if (tor_memneq(authentication_cookie, password, password_len)) {
  1334. if (!also_password) {
  1335. log_warn(LD_CONTROL, "Got mismatched authentication cookie");
  1336. errstr = "Authentication cookie did not match expected value.";
  1337. goto err;
  1338. }
  1339. bad_cookie = 1;
  1340. } else {
  1341. goto ok;
  1342. }
  1343. }
  1344. if (options->HashedControlPassword ||
  1345. options->HashedControlSessionPassword) {
  1346. int bad = 0;
  1347. smartlist_t *sl_tmp;
  1348. char received[DIGEST_LEN];
  1349. int also_cookie = options->CookieAuthentication;
  1350. sl = smartlist_new();
  1351. if (options->HashedControlPassword) {
  1352. sl_tmp = decode_hashed_passwords(options->HashedControlPassword);
  1353. if (!sl_tmp)
  1354. bad = 1;
  1355. else {
  1356. smartlist_add_all(sl, sl_tmp);
  1357. smartlist_free(sl_tmp);
  1358. }
  1359. }
  1360. if (options->HashedControlSessionPassword) {
  1361. sl_tmp = decode_hashed_passwords(options->HashedControlSessionPassword);
  1362. if (!sl_tmp)
  1363. bad = 1;
  1364. else {
  1365. smartlist_add_all(sl, sl_tmp);
  1366. smartlist_free(sl_tmp);
  1367. }
  1368. }
  1369. if (bad) {
  1370. if (!also_cookie) {
  1371. log_warn(LD_BUG,
  1372. "Couldn't decode HashedControlPassword: invalid base16");
  1373. errstr="Couldn't decode HashedControlPassword value in configuration.";
  1374. goto err;
  1375. }
  1376. bad_password = 1;
  1377. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1378. smartlist_free(sl);
  1379. sl = NULL;
  1380. } else {
  1381. SMARTLIST_FOREACH(sl, char *, expected,
  1382. {
  1383. secret_to_key_rfc2440(received,DIGEST_LEN,
  1384. password,password_len,expected);
  1385. if (tor_memeq(expected + S2K_RFC2440_SPECIFIER_LEN,
  1386. received, DIGEST_LEN))
  1387. goto ok;
  1388. });
  1389. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1390. smartlist_free(sl);
  1391. sl = NULL;
  1392. if (used_quoted_string)
  1393. errstr = "Password did not match HashedControlPassword value from "
  1394. "configuration";
  1395. else
  1396. errstr = "Password did not match HashedControlPassword value from "
  1397. "configuration. Maybe you tried a plain text password? "
  1398. "If so, the standard requires that you put it in double quotes.";
  1399. bad_password = 1;
  1400. if (!also_cookie)
  1401. goto err;
  1402. }
  1403. }
  1404. /** We only get here if both kinds of authentication failed. */
  1405. tor_assert(bad_password && bad_cookie);
  1406. log_warn(LD_CONTROL, "Bad password or authentication cookie on controller.");
  1407. errstr = "Password did not match HashedControlPassword *or* authentication "
  1408. "cookie.";
  1409. err:
  1410. tor_free(password);
  1411. connection_printf_to_buf(conn, "515 Authentication failed: %s\r\n", errstr);
  1412. connection_mark_for_close(TO_CONN(conn));
  1413. if (sl) { /* clean up */
  1414. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1415. smartlist_free(sl);
  1416. }
  1417. return 0;
  1418. ok:
  1419. log_info(LD_CONTROL, "Authenticated control connection ("TOR_SOCKET_T_FORMAT
  1420. ")", conn->base_.s);
  1421. send_control_done(conn);
  1422. conn->base_.state = CONTROL_CONN_STATE_OPEN;
  1423. tor_free(password);
  1424. if (sl) { /* clean up */
  1425. SMARTLIST_FOREACH(sl, char *, str, tor_free(str));
  1426. smartlist_free(sl);
  1427. }
  1428. return 0;
  1429. }
  1430. /** Called when we get a SAVECONF command. Try to flush the current options to
  1431. * disk, and report success or failure. */
  1432. static int
  1433. handle_control_saveconf(control_connection_t *conn, uint32_t len,
  1434. const char *body)
  1435. {
  1436. (void) len;
  1437. int force = !strcmpstart(body, "FORCE");
  1438. const or_options_t *options = get_options();
  1439. if ((!force && options->IncludeUsed) || options_save_current() < 0) {
  1440. connection_write_str_to_buf(
  1441. "551 Unable to write configuration to disk.\r\n", conn);
  1442. } else {
  1443. send_control_done(conn);
  1444. }
  1445. return 0;
  1446. }
  1447. struct signal_t {
  1448. int sig;
  1449. const char *signal_name;
  1450. };
  1451. static const struct signal_t signal_table[] = {
  1452. { SIGHUP, "RELOAD" },
  1453. { SIGHUP, "HUP" },
  1454. { SIGINT, "SHUTDOWN" },
  1455. { SIGUSR1, "DUMP" },
  1456. { SIGUSR1, "USR1" },
  1457. { SIGUSR2, "DEBUG" },
  1458. { SIGUSR2, "USR2" },
  1459. { SIGTERM, "HALT" },
  1460. { SIGTERM, "TERM" },
  1461. { SIGTERM, "INT" },
  1462. { SIGNEWNYM, "NEWNYM" },
  1463. { SIGCLEARDNSCACHE, "CLEARDNSCACHE"},
  1464. { SIGHEARTBEAT, "HEARTBEAT"},
  1465. { 0, NULL },
  1466. };
  1467. /** Called when we get a SIGNAL command. React to the provided signal, and
  1468. * report success or failure. (If the signal results in a shutdown, success
  1469. * may not be reported.) */
  1470. static int
  1471. handle_control_signal(control_connection_t *conn, uint32_t len,
  1472. const char *body)
  1473. {
  1474. int sig = -1;
  1475. int i;
  1476. int n = 0;
  1477. char *s;
  1478. (void) len;
  1479. while (body[n] && ! TOR_ISSPACE(body[n]))
  1480. ++n;
  1481. s = tor_strndup(body, n);
  1482. for (i = 0; signal_table[i].signal_name != NULL; ++i) {
  1483. if (!strcasecmp(s, signal_table[i].signal_name)) {
  1484. sig = signal_table[i].sig;
  1485. break;
  1486. }
  1487. }
  1488. if (sig < 0)
  1489. connection_printf_to_buf(conn, "552 Unrecognized signal code \"%s\"\r\n",
  1490. s);
  1491. tor_free(s);
  1492. if (sig < 0)
  1493. return 0;
  1494. send_control_done(conn);
  1495. /* Flush the "done" first if the signal might make us shut down. */
  1496. if (sig == SIGTERM || sig == SIGINT)
  1497. connection_flush(TO_CONN(conn));
  1498. activate_signal(sig);
  1499. return 0;
  1500. }
  1501. /** Called when we get a TAKEOWNERSHIP command. Mark this connection
  1502. * as an owning connection, so that we will exit if the connection
  1503. * closes. */
  1504. static int
  1505. handle_control_takeownership(control_connection_t *conn, uint32_t len,
  1506. const char *body)
  1507. {
  1508. (void)len;
  1509. (void)body;
  1510. conn->is_owning_control_connection = 1;
  1511. log_info(LD_CONTROL, "Control connection %d has taken ownership of this "
  1512. "Tor instance.",
  1513. (int)(conn->base_.s));
  1514. send_control_done(conn);
  1515. return 0;
  1516. }
  1517. /** Return true iff <b>addr</b> is unusable as a mapaddress target because of
  1518. * containing funny characters. */
  1519. static int
  1520. address_is_invalid_mapaddress_target(const char *addr)
  1521. {
  1522. if (!strcmpstart(addr, "*."))
  1523. return address_is_invalid_destination(addr+2, 1);
  1524. else
  1525. return address_is_invalid_destination(addr, 1);
  1526. }
  1527. /** Called when we get a MAPADDRESS command; try to bind all listed addresses,
  1528. * and report success or failure. */
  1529. static int
  1530. handle_control_mapaddress(control_connection_t *conn, uint32_t len,
  1531. const char *body)
  1532. {
  1533. smartlist_t *elts;
  1534. smartlist_t *lines;
  1535. smartlist_t *reply;
  1536. char *r;
  1537. size_t sz;
  1538. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  1539. lines = smartlist_new();
  1540. elts = smartlist_new();
  1541. reply = smartlist_new();
  1542. smartlist_split_string(lines, body, " ",
  1543. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  1544. SMARTLIST_FOREACH_BEGIN(lines, char *, line) {
  1545. tor_strlower(line);
  1546. smartlist_split_string(elts, line, "=", 0, 2);
  1547. if (smartlist_len(elts) == 2) {
  1548. const char *from = smartlist_get(elts,0);
  1549. const char *to = smartlist_get(elts,1);
  1550. if (address_is_invalid_mapaddress_target(to)) {
  1551. smartlist_add_asprintf(reply,
  1552. "512-syntax error: invalid address '%s'", to);
  1553. log_warn(LD_CONTROL,
  1554. "Skipping invalid argument '%s' in MapAddress msg", to);
  1555. } else if (!strcmp(from, ".") || !strcmp(from, "0.0.0.0") ||
  1556. !strcmp(from, "::")) {
  1557. const char type =
  1558. !strcmp(from,".") ? RESOLVED_TYPE_HOSTNAME :
  1559. (!strcmp(from, "0.0.0.0") ? RESOLVED_TYPE_IPV4 : RESOLVED_TYPE_IPV6);
  1560. const char *address = addressmap_register_virtual_address(
  1561. type, tor_strdup(to));
  1562. if (!address) {
  1563. smartlist_add_asprintf(reply,
  1564. "451-resource exhausted: skipping '%s'", line);
  1565. log_warn(LD_CONTROL,
  1566. "Unable to allocate address for '%s' in MapAddress msg",
  1567. safe_str_client(line));
  1568. } else {
  1569. smartlist_add_asprintf(reply, "250-%s=%s", address, to);
  1570. }
  1571. } else {
  1572. const char *msg;
  1573. if (addressmap_register_auto(from, to, 1,
  1574. ADDRMAPSRC_CONTROLLER, &msg) < 0) {
  1575. smartlist_add_asprintf(reply,
  1576. "512-syntax error: invalid address mapping "
  1577. " '%s': %s", line, msg);
  1578. log_warn(LD_CONTROL,
  1579. "Skipping invalid argument '%s' in MapAddress msg: %s",
  1580. line, msg);
  1581. } else {
  1582. smartlist_add_asprintf(reply, "250-%s", line);
  1583. }
  1584. }
  1585. } else {
  1586. smartlist_add_asprintf(reply, "512-syntax error: mapping '%s' is "
  1587. "not of expected form 'foo=bar'.", line);
  1588. log_info(LD_CONTROL, "Skipping MapAddress '%s': wrong "
  1589. "number of items.",
  1590. safe_str_client(line));
  1591. }
  1592. SMARTLIST_FOREACH(elts, char *, cp, tor_free(cp));
  1593. smartlist_clear(elts);
  1594. } SMARTLIST_FOREACH_END(line);
  1595. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  1596. smartlist_free(lines);
  1597. smartlist_free(elts);
  1598. if (smartlist_len(reply)) {
  1599. ((char*)smartlist_get(reply,smartlist_len(reply)-1))[3] = ' ';
  1600. r = smartlist_join_strings(reply, "\r\n", 1, &sz);
  1601. connection_buf_add(r, sz, TO_CONN(conn));
  1602. tor_free(r);
  1603. } else {
  1604. const char *response =
  1605. "512 syntax error: not enough arguments to mapaddress.\r\n";
  1606. connection_buf_add(response, strlen(response), TO_CONN(conn));
  1607. }
  1608. SMARTLIST_FOREACH(reply, char *, cp, tor_free(cp));
  1609. smartlist_free(reply);
  1610. return 0;
  1611. }
  1612. /** Implementation helper for GETINFO: knows the answers for various
  1613. * trivial-to-implement questions. */
  1614. static int
  1615. getinfo_helper_misc(control_connection_t *conn, const char *question,
  1616. char **answer, const char **errmsg)
  1617. {
  1618. (void) conn;
  1619. if (!strcmp(question, "version")) {
  1620. *answer = tor_strdup(get_version());
  1621. } else if (!strcmp(question, "bw-event-cache")) {
  1622. *answer = get_bw_samples();
  1623. } else if (!strcmp(question, "config-file")) {
  1624. const char *a = get_torrc_fname(0);
  1625. if (a)
  1626. *answer = tor_strdup(a);
  1627. } else if (!strcmp(question, "config-defaults-file")) {
  1628. const char *a = get_torrc_fname(1);
  1629. if (a)
  1630. *answer = tor_strdup(a);
  1631. } else if (!strcmp(question, "config-text")) {
  1632. *answer = options_dump(get_options(), OPTIONS_DUMP_MINIMAL);
  1633. } else if (!strcmp(question, "config-can-saveconf")) {
  1634. *answer = tor_strdup(get_options()->IncludeUsed ? "0" : "1");
  1635. } else if (!strcmp(question, "info/names")) {
  1636. *answer = list_getinfo_options();
  1637. } else if (!strcmp(question, "dormant")) {
  1638. int dormant = rep_hist_circbuilding_dormant(time(NULL));
  1639. *answer = tor_strdup(dormant ? "1" : "0");
  1640. } else if (!strcmp(question, "events/names")) {
  1641. int i;
  1642. smartlist_t *event_names = smartlist_new();
  1643. for (i = 0; control_event_table[i].event_name != NULL; ++i) {
  1644. smartlist_add(event_names, (char *)control_event_table[i].event_name);
  1645. }
  1646. *answer = smartlist_join_strings(event_names, " ", 0, NULL);
  1647. smartlist_free(event_names);
  1648. } else if (!strcmp(question, "signal/names")) {
  1649. smartlist_t *signal_names = smartlist_new();
  1650. int j;
  1651. for (j = 0; signal_table[j].signal_name != NULL; ++j) {
  1652. smartlist_add(signal_names, (char*)signal_table[j].signal_name);
  1653. }
  1654. *answer = smartlist_join_strings(signal_names, " ", 0, NULL);
  1655. smartlist_free(signal_names);
  1656. } else if (!strcmp(question, "features/names")) {
  1657. *answer = tor_strdup("VERBOSE_NAMES EXTENDED_EVENTS");
  1658. } else if (!strcmp(question, "address")) {
  1659. uint32_t addr;
  1660. if (router_pick_published_address(get_options(), &addr, 0) < 0) {
  1661. *errmsg = "Address unknown";
  1662. return -1;
  1663. }
  1664. *answer = tor_dup_ip(addr);
  1665. } else if (!strcmp(question, "traffic/read")) {
  1666. tor_asprintf(answer, U64_FORMAT, U64_PRINTF_ARG(get_bytes_read()));
  1667. } else if (!strcmp(question, "traffic/written")) {
  1668. tor_asprintf(answer, U64_FORMAT, U64_PRINTF_ARG(get_bytes_written()));
  1669. } else if (!strcmp(question, "process/pid")) {
  1670. int myPid = -1;
  1671. #ifdef _WIN32
  1672. myPid = _getpid();
  1673. #else
  1674. myPid = getpid();
  1675. #endif
  1676. tor_asprintf(answer, "%d", myPid);
  1677. } else if (!strcmp(question, "process/uid")) {
  1678. #ifdef _WIN32
  1679. *answer = tor_strdup("-1");
  1680. #else
  1681. int myUid = geteuid();
  1682. tor_asprintf(answer, "%d", myUid);
  1683. #endif /* defined(_WIN32) */
  1684. } else if (!strcmp(question, "process/user")) {
  1685. #ifdef _WIN32
  1686. *answer = tor_strdup("");
  1687. #else
  1688. int myUid = geteuid();
  1689. const struct passwd *myPwEntry = tor_getpwuid(myUid);
  1690. if (myPwEntry) {
  1691. *answer = tor_strdup(myPwEntry->pw_name);
  1692. } else {
  1693. *answer = tor_strdup("");
  1694. }
  1695. #endif /* defined(_WIN32) */
  1696. } else if (!strcmp(question, "process/descriptor-limit")) {
  1697. int max_fds = get_max_sockets();
  1698. tor_asprintf(answer, "%d", max_fds);
  1699. } else if (!strcmp(question, "limits/max-mem-in-queues")) {
  1700. tor_asprintf(answer, U64_FORMAT,
  1701. U64_PRINTF_ARG(get_options()->MaxMemInQueues));
  1702. } else if (!strcmp(question, "fingerprint")) {
  1703. crypto_pk_t *server_key;
  1704. if (!server_mode(get_options())) {
  1705. *errmsg = "Not running in server mode";
  1706. return -1;
  1707. }
  1708. server_key = get_server_identity_key();
  1709. *answer = tor_malloc(HEX_DIGEST_LEN+1);
  1710. crypto_pk_get_fingerprint(server_key, *answer, 0);
  1711. }
  1712. return 0;
  1713. }
  1714. /** Awful hack: return a newly allocated string based on a routerinfo and
  1715. * (possibly) an extrainfo, sticking the read-history and write-history from
  1716. * <b>ei</b> into the resulting string. The thing you get back won't
  1717. * necessarily have a valid signature.
  1718. *
  1719. * New code should never use this; it's for backward compatibility.
  1720. *
  1721. * NOTE: <b>ri_body</b> is as returned by signed_descriptor_get_body: it might
  1722. * not be NUL-terminated. */
  1723. static char *
  1724. munge_extrainfo_into_routerinfo(const char *ri_body,
  1725. const signed_descriptor_t *ri,
  1726. const signed_descriptor_t *ei)
  1727. {
  1728. char *out = NULL, *outp;
  1729. int i;
  1730. const char *router_sig;
  1731. const char *ei_body = signed_descriptor_get_body(ei);
  1732. size_t ri_len = ri->signed_descriptor_len;
  1733. size_t ei_len = ei->signed_descriptor_len;
  1734. if (!ei_body)
  1735. goto bail;
  1736. outp = out = tor_malloc(ri_len+ei_len+1);
  1737. if (!(router_sig = tor_memstr(ri_body, ri_len, "\nrouter-signature")))
  1738. goto bail;
  1739. ++router_sig;
  1740. memcpy(out, ri_body, router_sig-ri_body);
  1741. outp += router_sig-ri_body;
  1742. for (i=0; i < 2; ++i) {
  1743. const char *kwd = i ? "\nwrite-history " : "\nread-history ";
  1744. const char *cp, *eol;
  1745. if (!(cp = tor_memstr(ei_body, ei_len, kwd)))
  1746. continue;
  1747. ++cp;
  1748. if (!(eol = memchr(cp, '\n', ei_len - (cp-ei_body))))
  1749. continue;
  1750. memcpy(outp, cp, eol-cp+1);
  1751. outp += eol-cp+1;
  1752. }
  1753. memcpy(outp, router_sig, ri_len - (router_sig-ri_body));
  1754. *outp++ = '\0';
  1755. tor_assert(outp-out < (int)(ri_len+ei_len+1));
  1756. return out;
  1757. bail:
  1758. tor_free(out);
  1759. return tor_strndup(ri_body, ri->signed_descriptor_len);
  1760. }
  1761. /** Implementation helper for GETINFO: answers requests for information about
  1762. * which ports are bound. */
  1763. static int
  1764. getinfo_helper_listeners(control_connection_t *control_conn,
  1765. const char *question,
  1766. char **answer, const char **errmsg)
  1767. {
  1768. int type;
  1769. smartlist_t *res;
  1770. (void)control_conn;
  1771. (void)errmsg;
  1772. if (!strcmp(question, "net/listeners/or"))
  1773. type = CONN_TYPE_OR_LISTENER;
  1774. else if (!strcmp(question, "net/listeners/dir"))
  1775. type = CONN_TYPE_DIR_LISTENER;
  1776. else if (!strcmp(question, "net/listeners/socks"))
  1777. type = CONN_TYPE_AP_LISTENER;
  1778. else if (!strcmp(question, "net/listeners/trans"))
  1779. type = CONN_TYPE_AP_TRANS_LISTENER;
  1780. else if (!strcmp(question, "net/listeners/natd"))
  1781. type = CONN_TYPE_AP_NATD_LISTENER;
  1782. else if (!strcmp(question, "net/listeners/dns"))
  1783. type = CONN_TYPE_AP_DNS_LISTENER;
  1784. else if (!strcmp(question, "net/listeners/control"))
  1785. type = CONN_TYPE_CONTROL_LISTENER;
  1786. else
  1787. return 0; /* unknown key */
  1788. res = smartlist_new();
  1789. SMARTLIST_FOREACH_BEGIN(get_connection_array(), connection_t *, conn) {
  1790. struct sockaddr_storage ss;
  1791. socklen_t ss_len = sizeof(ss);
  1792. if (conn->type != type || conn->marked_for_close || !SOCKET_OK(conn->s))
  1793. continue;
  1794. if (getsockname(conn->s, (struct sockaddr *)&ss, &ss_len) < 0) {
  1795. smartlist_add_asprintf(res, "%s:%d", conn->address, (int)conn->port);
  1796. } else {
  1797. char *tmp = tor_sockaddr_to_str((struct sockaddr *)&ss);
  1798. smartlist_add(res, esc_for_log(tmp));
  1799. tor_free(tmp);
  1800. }
  1801. } SMARTLIST_FOREACH_END(conn);
  1802. *answer = smartlist_join_strings(res, " ", 0, NULL);
  1803. SMARTLIST_FOREACH(res, char *, cp, tor_free(cp));
  1804. smartlist_free(res);
  1805. return 0;
  1806. }
  1807. /** Implementation helper for GETINFO: answers requests for information about
  1808. * the current time in both local and UTF forms. */
  1809. STATIC int
  1810. getinfo_helper_current_time(control_connection_t *control_conn,
  1811. const char *question,
  1812. char **answer, const char **errmsg)
  1813. {
  1814. (void)control_conn;
  1815. (void)errmsg;
  1816. struct timeval now;
  1817. tor_gettimeofday(&now);
  1818. char timebuf[ISO_TIME_LEN+1];
  1819. if (!strcmp(question, "current-time/local"))
  1820. format_local_iso_time_nospace(timebuf, (time_t)now.tv_sec);
  1821. else if (!strcmp(question, "current-time/utc"))
  1822. format_iso_time_nospace(timebuf, (time_t)now.tv_sec);
  1823. else
  1824. return 0;
  1825. *answer = tor_strdup(timebuf);
  1826. return 0;
  1827. }
  1828. /** Implementation helper for GETINFO: knows the answers for questions about
  1829. * directory information. */
  1830. STATIC int
  1831. getinfo_helper_dir(control_connection_t *control_conn,
  1832. const char *question, char **answer,
  1833. const char **errmsg)
  1834. {
  1835. (void) control_conn;
  1836. if (!strcmpstart(question, "desc/id/")) {
  1837. const routerinfo_t *ri = NULL;
  1838. const node_t *node = node_get_by_hex_id(question+strlen("desc/id/"), 0);
  1839. if (node)
  1840. ri = node->ri;
  1841. if (ri) {
  1842. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1843. if (body)
  1844. *answer = tor_strndup(body, ri->cache_info.signed_descriptor_len);
  1845. } else if (! we_fetch_router_descriptors(get_options())) {
  1846. /* Descriptors won't be available, provide proper error */
  1847. *errmsg = "We fetch microdescriptors, not router "
  1848. "descriptors. You'll need to use md/id/* "
  1849. "instead of desc/id/*.";
  1850. return 0;
  1851. }
  1852. } else if (!strcmpstart(question, "desc/name/")) {
  1853. const routerinfo_t *ri = NULL;
  1854. /* XXX Setting 'warn_if_unnamed' here is a bit silly -- the
  1855. * warning goes to the user, not to the controller. */
  1856. const node_t *node =
  1857. node_get_by_nickname(question+strlen("desc/name/"), 0);
  1858. if (node)
  1859. ri = node->ri;
  1860. if (ri) {
  1861. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1862. if (body)
  1863. *answer = tor_strndup(body, ri->cache_info.signed_descriptor_len);
  1864. } else if (! we_fetch_router_descriptors(get_options())) {
  1865. /* Descriptors won't be available, provide proper error */
  1866. *errmsg = "We fetch microdescriptors, not router "
  1867. "descriptors. You'll need to use md/name/* "
  1868. "instead of desc/name/*.";
  1869. return 0;
  1870. }
  1871. } else if (!strcmp(question, "desc/download-enabled")) {
  1872. int r = we_fetch_router_descriptors(get_options());
  1873. tor_asprintf(answer, "%d", !!r);
  1874. } else if (!strcmp(question, "desc/all-recent")) {
  1875. routerlist_t *routerlist = router_get_routerlist();
  1876. smartlist_t *sl = smartlist_new();
  1877. if (routerlist && routerlist->routers) {
  1878. SMARTLIST_FOREACH(routerlist->routers, const routerinfo_t *, ri,
  1879. {
  1880. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1881. if (body)
  1882. smartlist_add(sl,
  1883. tor_strndup(body, ri->cache_info.signed_descriptor_len));
  1884. });
  1885. }
  1886. *answer = smartlist_join_strings(sl, "", 0, NULL);
  1887. SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
  1888. smartlist_free(sl);
  1889. } else if (!strcmp(question, "desc/all-recent-extrainfo-hack")) {
  1890. /* XXXX Remove this once Torstat asks for extrainfos. */
  1891. routerlist_t *routerlist = router_get_routerlist();
  1892. smartlist_t *sl = smartlist_new();
  1893. if (routerlist && routerlist->routers) {
  1894. SMARTLIST_FOREACH_BEGIN(routerlist->routers, const routerinfo_t *, ri) {
  1895. const char *body = signed_descriptor_get_body(&ri->cache_info);
  1896. signed_descriptor_t *ei = extrainfo_get_by_descriptor_digest(
  1897. ri->cache_info.extra_info_digest);
  1898. if (ei && body) {
  1899. smartlist_add(sl, munge_extrainfo_into_routerinfo(body,
  1900. &ri->cache_info, ei));
  1901. } else if (body) {
  1902. smartlist_add(sl,
  1903. tor_strndup(body, ri->cache_info.signed_descriptor_len));
  1904. }
  1905. } SMARTLIST_FOREACH_END(ri);
  1906. }
  1907. *answer = smartlist_join_strings(sl, "", 0, NULL);
  1908. SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
  1909. smartlist_free(sl);
  1910. } else if (!strcmpstart(question, "hs/client/desc/id/")) {
  1911. hostname_type_t addr_type;
  1912. question += strlen("hs/client/desc/id/");
  1913. if (rend_valid_v2_service_id(question)) {
  1914. addr_type = ONION_V2_HOSTNAME;
  1915. } else if (hs_address_is_valid(question)) {
  1916. addr_type = ONION_V3_HOSTNAME;
  1917. } else {
  1918. *errmsg = "Invalid address";
  1919. return -1;
  1920. }
  1921. if (addr_type == ONION_V2_HOSTNAME) {
  1922. rend_cache_entry_t *e = NULL;
  1923. if (!rend_cache_lookup_entry(question, -1, &e)) {
  1924. /* Descriptor found in cache */
  1925. *answer = tor_strdup(e->desc);
  1926. } else {
  1927. *errmsg = "Not found in cache";
  1928. return -1;
  1929. }
  1930. } else {
  1931. ed25519_public_key_t service_pk;
  1932. const char *desc;
  1933. /* The check before this if/else makes sure of this. */
  1934. tor_assert(addr_type == ONION_V3_HOSTNAME);
  1935. if (hs_parse_address(question, &service_pk, NULL, NULL) < 0) {
  1936. *errmsg = "Invalid v3 address";
  1937. return -1;
  1938. }
  1939. desc = hs_cache_lookup_encoded_as_client(&service_pk);
  1940. if (desc) {
  1941. *answer = tor_strdup(desc);
  1942. } else {
  1943. *errmsg = "Not found in cache";
  1944. return -1;
  1945. }
  1946. }
  1947. } else if (!strcmpstart(question, "hs/service/desc/id/")) {
  1948. hostname_type_t addr_type;
  1949. question += strlen("hs/service/desc/id/");
  1950. if (rend_valid_v2_service_id(question)) {
  1951. addr_type = ONION_V2_HOSTNAME;
  1952. } else if (hs_address_is_valid(question)) {
  1953. addr_type = ONION_V3_HOSTNAME;
  1954. } else {
  1955. *errmsg = "Invalid address";
  1956. return -1;
  1957. }
  1958. rend_cache_entry_t *e = NULL;
  1959. if (addr_type == ONION_V2_HOSTNAME) {
  1960. if (!rend_cache_lookup_v2_desc_as_service(question, &e)) {
  1961. /* Descriptor found in cache */
  1962. *answer = tor_strdup(e->desc);
  1963. } else {
  1964. *errmsg = "Not found in cache";
  1965. return -1;
  1966. }
  1967. } else {
  1968. ed25519_public_key_t service_pk;
  1969. char *desc;
  1970. /* The check before this if/else makes sure of this. */
  1971. tor_assert(addr_type == ONION_V3_HOSTNAME);
  1972. if (hs_parse_address(question, &service_pk, NULL, NULL) < 0) {
  1973. *errmsg = "Invalid v3 address";
  1974. return -1;
  1975. }
  1976. desc = hs_service_lookup_current_desc(&service_pk);
  1977. if (desc) {
  1978. /* Newly allocated string, we have ownership. */
  1979. *answer = desc;
  1980. } else {
  1981. *errmsg = "Not found in cache";
  1982. return -1;
  1983. }
  1984. }
  1985. } else if (!strcmpstart(question, "md/id/")) {
  1986. const node_t *node = node_get_by_hex_id(question+strlen("md/id/"), 0);
  1987. const microdesc_t *md = NULL;
  1988. if (node) md = node->md;
  1989. if (md && md->body) {
  1990. *answer = tor_strndup(md->body, md->bodylen);
  1991. }
  1992. } else if (!strcmpstart(question, "md/name/")) {
  1993. /* XXX Setting 'warn_if_unnamed' here is a bit silly -- the
  1994. * warning goes to the user, not to the controller. */
  1995. const node_t *node = node_get_by_nickname(question+strlen("md/name/"), 0);
  1996. /* XXXX duplicated code */
  1997. const microdesc_t *md = NULL;
  1998. if (node) md = node->md;
  1999. if (md && md->body) {
  2000. *answer = tor_strndup(md->body, md->bodylen);
  2001. }
  2002. } else if (!strcmp(question, "md/download-enabled")) {
  2003. int r = we_fetch_microdescriptors(get_options());
  2004. tor_asprintf(answer, "%d", !!r);
  2005. } else if (!strcmpstart(question, "desc-annotations/id/")) {
  2006. const routerinfo_t *ri = NULL;
  2007. const node_t *node =
  2008. node_get_by_hex_id(question+strlen("desc-annotations/id/"), 0);
  2009. if (node)
  2010. ri = node->ri;
  2011. if (ri) {
  2012. const char *annotations =
  2013. signed_descriptor_get_annotations(&ri->cache_info);
  2014. if (annotations)
  2015. *answer = tor_strndup(annotations,
  2016. ri->cache_info.annotations_len);
  2017. }
  2018. } else if (!strcmpstart(question, "dir/server/")) {
  2019. size_t answer_len = 0;
  2020. char *url = NULL;
  2021. smartlist_t *descs = smartlist_new();
  2022. const char *msg;
  2023. int res;
  2024. char *cp;
  2025. tor_asprintf(&url, "/tor/%s", question+4);
  2026. res = dirserv_get_routerdescs(descs, url, &msg);
  2027. if (res) {
  2028. log_warn(LD_CONTROL, "getinfo '%s': %s", question, msg);
  2029. smartlist_free(descs);
  2030. tor_free(url);
  2031. *errmsg = msg;
  2032. return -1;
  2033. }
  2034. SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
  2035. answer_len += sd->signed_descriptor_len);
  2036. cp = *answer = tor_malloc(answer_len+1);
  2037. SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
  2038. {
  2039. memcpy(cp, signed_descriptor_get_body(sd),
  2040. sd->signed_descriptor_len);
  2041. cp += sd->signed_descriptor_len;
  2042. });
  2043. *cp = '\0';
  2044. tor_free(url);
  2045. smartlist_free(descs);
  2046. } else if (!strcmpstart(question, "dir/status/")) {
  2047. *answer = tor_strdup("");
  2048. } else if (!strcmp(question, "dir/status-vote/current/consensus")) { /* v3 */
  2049. if (we_want_to_fetch_flavor(get_options(), FLAV_NS)) {
  2050. const cached_dir_t *consensus = dirserv_get_consensus("ns");
  2051. if (consensus)
  2052. *answer = tor_strdup(consensus->dir);
  2053. }
  2054. if (!*answer) { /* try loading it from disk */
  2055. char *filename = get_cachedir_fname("cached-consensus");
  2056. *answer = read_file_to_str(filename, RFTS_IGNORE_MISSING, NULL);
  2057. tor_free(filename);
  2058. if (!*answer) { /* generate an error */
  2059. *errmsg = "Could not open cached consensus. "
  2060. "Make sure FetchUselessDescriptors is set to 1.";
  2061. return -1;
  2062. }
  2063. }
  2064. } else if (!strcmp(question, "network-status")) { /* v1 */
  2065. static int network_status_warned = 0;
  2066. if (!network_status_warned) {
  2067. log_warn(LD_CONTROL, "GETINFO network-status is deprecated; it will "
  2068. "go away in a future version of Tor.");
  2069. network_status_warned = 1;
  2070. }
  2071. routerlist_t *routerlist = router_get_routerlist();
  2072. if (!routerlist || !routerlist->routers ||
  2073. list_server_status_v1(routerlist->routers, answer, 1) < 0) {
  2074. return -1;
  2075. }
  2076. } else if (!strcmpstart(question, "extra-info/digest/")) {
  2077. question += strlen("extra-info/digest/");
  2078. if (strlen(question) == HEX_DIGEST_LEN) {
  2079. char d[DIGEST_LEN];
  2080. signed_descriptor_t *sd = NULL;
  2081. if (base16_decode(d, sizeof(d), question, strlen(question))
  2082. == sizeof(d)) {
  2083. /* XXXX this test should move into extrainfo_get_by_descriptor_digest,
  2084. * but I don't want to risk affecting other parts of the code,
  2085. * especially since the rules for using our own extrainfo (including
  2086. * when it might be freed) are different from those for using one
  2087. * we have downloaded. */
  2088. if (router_extrainfo_digest_is_me(d))
  2089. sd = &(router_get_my_extrainfo()->cache_info);
  2090. else
  2091. sd = extrainfo_get_by_descriptor_digest(d);
  2092. }
  2093. if (sd) {
  2094. const char *body = signed_descriptor_get_body(sd);
  2095. if (body)
  2096. *answer = tor_strndup(body, sd->signed_descriptor_len);
  2097. }
  2098. }
  2099. }
  2100. return 0;
  2101. }
  2102. /** Given a smartlist of 20-byte digests, return a newly allocated string
  2103. * containing each of those digests in order, formatted in HEX, and terminated
  2104. * with a newline. */
  2105. static char *
  2106. digest_list_to_string(const smartlist_t *sl)
  2107. {
  2108. int len;
  2109. char *result, *s;
  2110. /* Allow for newlines, and a \0 at the end */
  2111. len = smartlist_len(sl) * (HEX_DIGEST_LEN + 1) + 1;
  2112. result = tor_malloc_zero(len);
  2113. s = result;
  2114. SMARTLIST_FOREACH_BEGIN(sl, const char *, digest) {
  2115. base16_encode(s, HEX_DIGEST_LEN + 1, digest, DIGEST_LEN);
  2116. s[HEX_DIGEST_LEN] = '\n';
  2117. s += HEX_DIGEST_LEN + 1;
  2118. } SMARTLIST_FOREACH_END(digest);
  2119. *s = '\0';
  2120. return result;
  2121. }
  2122. /** Turn a download_status_t into a human-readable description in a newly
  2123. * allocated string. The format is specified in control-spec.txt, under
  2124. * the documentation for "GETINFO download/..." . */
  2125. static char *
  2126. download_status_to_string(const download_status_t *dl)
  2127. {
  2128. char *rv = NULL;
  2129. char tbuf[ISO_TIME_LEN+1];
  2130. const char *schedule_str, *want_authority_str;
  2131. const char *increment_on_str, *backoff_str;
  2132. if (dl) {
  2133. /* Get some substrings of the eventual output ready */
  2134. format_iso_time(tbuf, download_status_get_next_attempt_at(dl));
  2135. switch (dl->schedule) {
  2136. case DL_SCHED_GENERIC:
  2137. schedule_str = "DL_SCHED_GENERIC";
  2138. break;
  2139. case DL_SCHED_CONSENSUS:
  2140. schedule_str = "DL_SCHED_CONSENSUS";
  2141. break;
  2142. case DL_SCHED_BRIDGE:
  2143. schedule_str = "DL_SCHED_BRIDGE";
  2144. break;
  2145. default:
  2146. schedule_str = "unknown";
  2147. break;
  2148. }
  2149. switch (dl->want_authority) {
  2150. case DL_WANT_ANY_DIRSERVER:
  2151. want_authority_str = "DL_WANT_ANY_DIRSERVER";
  2152. break;
  2153. case DL_WANT_AUTHORITY:
  2154. want_authority_str = "DL_WANT_AUTHORITY";
  2155. break;
  2156. default:
  2157. want_authority_str = "unknown";
  2158. break;
  2159. }
  2160. switch (dl->increment_on) {
  2161. case DL_SCHED_INCREMENT_FAILURE:
  2162. increment_on_str = "DL_SCHED_INCREMENT_FAILURE";
  2163. break;
  2164. case DL_SCHED_INCREMENT_ATTEMPT:
  2165. increment_on_str = "DL_SCHED_INCREMENT_ATTEMPT";
  2166. break;
  2167. default:
  2168. increment_on_str = "unknown";
  2169. break;
  2170. }
  2171. backoff_str = "DL_SCHED_RANDOM_EXPONENTIAL";
  2172. /* Now assemble them */
  2173. tor_asprintf(&rv,
  2174. "next-attempt-at %s\n"
  2175. "n-download-failures %u\n"
  2176. "n-download-attempts %u\n"
  2177. "schedule %s\n"
  2178. "want-authority %s\n"
  2179. "increment-on %s\n"
  2180. "backoff %s\n"
  2181. "last-backoff-position %u\n"
  2182. "last-delay-used %d\n",
  2183. tbuf,
  2184. dl->n_download_failures,
  2185. dl->n_download_attempts,
  2186. schedule_str,
  2187. want_authority_str,
  2188. increment_on_str,
  2189. backoff_str,
  2190. dl->last_backoff_position,
  2191. dl->last_delay_used);
  2192. }
  2193. return rv;
  2194. }
  2195. /** Handle the consensus download cases for getinfo_helper_downloads() */
  2196. STATIC void
  2197. getinfo_helper_downloads_networkstatus(const char *flavor,
  2198. download_status_t **dl_to_emit,
  2199. const char **errmsg)
  2200. {
  2201. /*
  2202. * We get the one for the current bootstrapped status by default, or
  2203. * take an extra /bootstrap or /running suffix
  2204. */
  2205. if (strcmp(flavor, "ns") == 0) {
  2206. *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_NS);
  2207. } else if (strcmp(flavor, "ns/bootstrap") == 0) {
  2208. *dl_to_emit = networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_NS);
  2209. } else if (strcmp(flavor, "ns/running") == 0 ) {
  2210. *dl_to_emit = networkstatus_get_dl_status_by_flavor_running(FLAV_NS);
  2211. } else if (strcmp(flavor, "microdesc") == 0) {
  2212. *dl_to_emit = networkstatus_get_dl_status_by_flavor(FLAV_MICRODESC);
  2213. } else if (strcmp(flavor, "microdesc/bootstrap") == 0) {
  2214. *dl_to_emit =
  2215. networkstatus_get_dl_status_by_flavor_bootstrap(FLAV_MICRODESC);
  2216. } else if (strcmp(flavor, "microdesc/running") == 0) {
  2217. *dl_to_emit =
  2218. networkstatus_get_dl_status_by_flavor_running(FLAV_MICRODESC);
  2219. } else {
  2220. *errmsg = "Unknown flavor";
  2221. }
  2222. }
  2223. /** Handle the cert download cases for getinfo_helper_downloads() */
  2224. STATIC void
  2225. getinfo_helper_downloads_cert(const char *fp_sk_req,
  2226. download_status_t **dl_to_emit,
  2227. smartlist_t **digest_list,
  2228. const char **errmsg)
  2229. {
  2230. const char *sk_req;
  2231. char id_digest[DIGEST_LEN];
  2232. char sk_digest[DIGEST_LEN];
  2233. /*
  2234. * We have to handle four cases; fp_sk_req is the request with
  2235. * a prefix of "downloads/cert/" snipped off.
  2236. *
  2237. * Case 1: fp_sk_req = "fps"
  2238. * - We should emit a digest_list with a list of all the identity
  2239. * fingerprints that can be queried for certificate download status;
  2240. * get it by calling list_authority_ids_with_downloads().
  2241. *
  2242. * Case 2: fp_sk_req = "fp/<fp>" for some fingerprint fp
  2243. * - We want the default certificate for this identity fingerprint's
  2244. * download status; this is the download we get from URLs starting
  2245. * in /fp/ on the directory server. We can get it with
  2246. * id_only_download_status_for_authority_id().
  2247. *
  2248. * Case 3: fp_sk_req = "fp/<fp>/sks" for some fingerprint fp
  2249. * - We want a list of all signing key digests for this identity
  2250. * fingerprint which can be queried for certificate download status.
  2251. * Get it with list_sk_digests_for_authority_id().
  2252. *
  2253. * Case 4: fp_sk_req = "fp/<fp>/<sk>" for some fingerprint fp and
  2254. * signing key digest sk
  2255. * - We want the download status for the certificate for this specific
  2256. * signing key and fingerprint. These correspond to the ones we get
  2257. * from URLs starting in /fp-sk/ on the directory server. Get it with
  2258. * list_sk_digests_for_authority_id().
  2259. */
  2260. if (strcmp(fp_sk_req, "fps") == 0) {
  2261. *digest_list = list_authority_ids_with_downloads();
  2262. if (!(*digest_list)) {
  2263. *errmsg = "Failed to get list of authority identity digests (!)";
  2264. }
  2265. } else if (!strcmpstart(fp_sk_req, "fp/")) {
  2266. fp_sk_req += strlen("fp/");
  2267. /* Okay, look for another / to tell the fp from fp-sk cases */
  2268. sk_req = strchr(fp_sk_req, '/');
  2269. if (sk_req) {
  2270. /* okay, split it here and try to parse <fp> */
  2271. if (base16_decode(id_digest, DIGEST_LEN,
  2272. fp_sk_req, sk_req - fp_sk_req) == DIGEST_LEN) {
  2273. /* Skip past the '/' */
  2274. ++sk_req;
  2275. if (strcmp(sk_req, "sks") == 0) {
  2276. /* We're asking for the list of signing key fingerprints */
  2277. *digest_list = list_sk_digests_for_authority_id(id_digest);
  2278. if (!(*digest_list)) {
  2279. *errmsg = "Failed to get list of signing key digests for this "
  2280. "authority identity digest";
  2281. }
  2282. } else {
  2283. /* We've got a signing key digest */
  2284. if (base16_decode(sk_digest, DIGEST_LEN,
  2285. sk_req, strlen(sk_req)) == DIGEST_LEN) {
  2286. *dl_to_emit =
  2287. download_status_for_authority_id_and_sk(id_digest, sk_digest);
  2288. if (!(*dl_to_emit)) {
  2289. *errmsg = "Failed to get download status for this identity/"
  2290. "signing key digest pair";
  2291. }
  2292. } else {
  2293. *errmsg = "That didn't look like a signing key digest";
  2294. }
  2295. }
  2296. } else {
  2297. *errmsg = "That didn't look like an identity digest";
  2298. }
  2299. } else {
  2300. /* We're either in downloads/certs/fp/<fp>, or we can't parse <fp> */
  2301. if (strlen(fp_sk_req) == HEX_DIGEST_LEN) {
  2302. if (base16_decode(id_digest, DIGEST_LEN,
  2303. fp_sk_req, strlen(fp_sk_req)) == DIGEST_LEN) {
  2304. *dl_to_emit = id_only_download_status_for_authority_id(id_digest);
  2305. if (!(*dl_to_emit)) {
  2306. *errmsg = "Failed to get download status for this authority "
  2307. "identity digest";
  2308. }
  2309. } else {
  2310. *errmsg = "That didn't look like a digest";
  2311. }
  2312. } else {
  2313. *errmsg = "That didn't look like a digest";
  2314. }
  2315. }
  2316. } else {
  2317. *errmsg = "Unknown certificate download status query";
  2318. }
  2319. }
  2320. /** Handle the routerdesc download cases for getinfo_helper_downloads() */
  2321. STATIC void
  2322. getinfo_helper_downloads_desc(const char *desc_req,
  2323. download_status_t **dl_to_emit,
  2324. smartlist_t **digest_list,
  2325. const char **errmsg)
  2326. {
  2327. char desc_digest[DIGEST_LEN];
  2328. /*
  2329. * Two cases to handle here:
  2330. *
  2331. * Case 1: desc_req = "descs"
  2332. * - Emit a list of all router descriptor digests, which we get by
  2333. * calling router_get_descriptor_digests(); this can return NULL
  2334. * if we have no current ns-flavor consensus.
  2335. *
  2336. * Case 2: desc_req = <fp>
  2337. * - Check on the specified fingerprint and emit its download_status_t
  2338. * using router_get_dl_status_by_descriptor_digest().
  2339. */
  2340. if (strcmp(desc_req, "descs") == 0) {
  2341. *digest_list = router_get_descriptor_digests();
  2342. if (!(*digest_list)) {
  2343. *errmsg = "We don't seem to have a networkstatus-flavored consensus";
  2344. }
  2345. /*
  2346. * Microdescs don't use the download_status_t mechanism, so we don't
  2347. * answer queries about their downloads here; see microdesc.c.
  2348. */
  2349. } else if (strlen(desc_req) == HEX_DIGEST_LEN) {
  2350. if (base16_decode(desc_digest, DIGEST_LEN,
  2351. desc_req, strlen(desc_req)) == DIGEST_LEN) {
  2352. /* Okay we got a digest-shaped thing; try asking for it */
  2353. *dl_to_emit = router_get_dl_status_by_descriptor_digest(desc_digest);
  2354. if (!(*dl_to_emit)) {
  2355. *errmsg = "No such descriptor digest found";
  2356. }
  2357. } else {
  2358. *errmsg = "That didn't look like a digest";
  2359. }
  2360. } else {
  2361. *errmsg = "Unknown router descriptor download status query";
  2362. }
  2363. }
  2364. /** Handle the bridge download cases for getinfo_helper_downloads() */
  2365. STATIC void
  2366. getinfo_helper_downloads_bridge(const char *bridge_req,
  2367. download_status_t **dl_to_emit,
  2368. smartlist_t **digest_list,
  2369. const char **errmsg)
  2370. {
  2371. char bridge_digest[DIGEST_LEN];
  2372. /*
  2373. * Two cases to handle here:
  2374. *
  2375. * Case 1: bridge_req = "bridges"
  2376. * - Emit a list of all bridge identity digests, which we get by
  2377. * calling list_bridge_identities(); this can return NULL if we are
  2378. * not using bridges.
  2379. *
  2380. * Case 2: bridge_req = <fp>
  2381. * - Check on the specified fingerprint and emit its download_status_t
  2382. * using get_bridge_dl_status_by_id().
  2383. */
  2384. if (strcmp(bridge_req, "bridges") == 0) {
  2385. *digest_list = list_bridge_identities();
  2386. if (!(*digest_list)) {
  2387. *errmsg = "We don't seem to be using bridges";
  2388. }
  2389. } else if (strlen(bridge_req) == HEX_DIGEST_LEN) {
  2390. if (base16_decode(bridge_digest, DIGEST_LEN,
  2391. bridge_req, strlen(bridge_req)) == DIGEST_LEN) {
  2392. /* Okay we got a digest-shaped thing; try asking for it */
  2393. *dl_to_emit = get_bridge_dl_status_by_id(bridge_digest);
  2394. if (!(*dl_to_emit)) {
  2395. *errmsg = "No such bridge identity digest found";
  2396. }
  2397. } else {
  2398. *errmsg = "That didn't look like a digest";
  2399. }
  2400. } else {
  2401. *errmsg = "Unknown bridge descriptor download status query";
  2402. }
  2403. }
  2404. /** Implementation helper for GETINFO: knows the answers for questions about
  2405. * download status information. */
  2406. STATIC int
  2407. getinfo_helper_downloads(control_connection_t *control_conn,
  2408. const char *question, char **answer,
  2409. const char **errmsg)
  2410. {
  2411. download_status_t *dl_to_emit = NULL;
  2412. smartlist_t *digest_list = NULL;
  2413. /* Assert args are sane */
  2414. tor_assert(control_conn != NULL);
  2415. tor_assert(question != NULL);
  2416. tor_assert(answer != NULL);
  2417. tor_assert(errmsg != NULL);
  2418. /* We check for this later to see if we should supply a default */
  2419. *errmsg = NULL;
  2420. /* Are we after networkstatus downloads? */
  2421. if (!strcmpstart(question, "downloads/networkstatus/")) {
  2422. getinfo_helper_downloads_networkstatus(
  2423. question + strlen("downloads/networkstatus/"),
  2424. &dl_to_emit, errmsg);
  2425. /* Certificates? */
  2426. } else if (!strcmpstart(question, "downloads/cert/")) {
  2427. getinfo_helper_downloads_cert(
  2428. question + strlen("downloads/cert/"),
  2429. &dl_to_emit, &digest_list, errmsg);
  2430. /* Router descriptors? */
  2431. } else if (!strcmpstart(question, "downloads/desc/")) {
  2432. getinfo_helper_downloads_desc(
  2433. question + strlen("downloads/desc/"),
  2434. &dl_to_emit, &digest_list, errmsg);
  2435. /* Bridge descriptors? */
  2436. } else if (!strcmpstart(question, "downloads/bridge/")) {
  2437. getinfo_helper_downloads_bridge(
  2438. question + strlen("downloads/bridge/"),
  2439. &dl_to_emit, &digest_list, errmsg);
  2440. } else {
  2441. *errmsg = "Unknown download status query";
  2442. }
  2443. if (dl_to_emit) {
  2444. *answer = download_status_to_string(dl_to_emit);
  2445. return 0;
  2446. } else if (digest_list) {
  2447. *answer = digest_list_to_string(digest_list);
  2448. SMARTLIST_FOREACH(digest_list, void *, s, tor_free(s));
  2449. smartlist_free(digest_list);
  2450. return 0;
  2451. } else {
  2452. if (!(*errmsg)) {
  2453. *errmsg = "Unknown error";
  2454. }
  2455. return -1;
  2456. }
  2457. }
  2458. /** Allocate and return a description of <b>circ</b>'s current status,
  2459. * including its path (if any). */
  2460. static char *
  2461. circuit_describe_status_for_controller(origin_circuit_t *circ)
  2462. {
  2463. char *rv;
  2464. smartlist_t *descparts = smartlist_new();
  2465. {
  2466. char *vpath = circuit_list_path_for_controller(circ);
  2467. if (*vpath) {
  2468. smartlist_add(descparts, vpath);
  2469. } else {
  2470. tor_free(vpath); /* empty path; don't put an extra space in the result */
  2471. }
  2472. }
  2473. {
  2474. cpath_build_state_t *build_state = circ->build_state;
  2475. smartlist_t *flaglist = smartlist_new();
  2476. char *flaglist_joined;
  2477. if (build_state->onehop_tunnel)
  2478. smartlist_add(flaglist, (void *)"ONEHOP_TUNNEL");
  2479. if (build_state->is_internal)
  2480. smartlist_add(flaglist, (void *)"IS_INTERNAL");
  2481. if (build_state->need_capacity)
  2482. smartlist_add(flaglist, (void *)"NEED_CAPACITY");
  2483. if (build_state->need_uptime)
  2484. smartlist_add(flaglist, (void *)"NEED_UPTIME");
  2485. /* Only emit a BUILD_FLAGS argument if it will have a non-empty value. */
  2486. if (smartlist_len(flaglist)) {
  2487. flaglist_joined = smartlist_join_strings(flaglist, ",", 0, NULL);
  2488. smartlist_add_asprintf(descparts, "BUILD_FLAGS=%s", flaglist_joined);
  2489. tor_free(flaglist_joined);
  2490. }
  2491. smartlist_free(flaglist);
  2492. }
  2493. smartlist_add_asprintf(descparts, "PURPOSE=%s",
  2494. circuit_purpose_to_controller_string(circ->base_.purpose));
  2495. {
  2496. const char *hs_state =
  2497. circuit_purpose_to_controller_hs_state_string(circ->base_.purpose);
  2498. if (hs_state != NULL) {
  2499. smartlist_add_asprintf(descparts, "HS_STATE=%s", hs_state);
  2500. }
  2501. }
  2502. if (circ->rend_data != NULL || circ->hs_ident != NULL) {
  2503. char addr[HS_SERVICE_ADDR_LEN_BASE32 + 1];
  2504. const char *onion_address;
  2505. if (circ->rend_data) {
  2506. onion_address = rend_data_get_address(circ->rend_data);
  2507. } else {
  2508. hs_build_address(&circ->hs_ident->identity_pk, HS_VERSION_THREE, addr);
  2509. onion_address = addr;
  2510. }
  2511. smartlist_add_asprintf(descparts, "REND_QUERY=%s", onion_address);
  2512. }
  2513. {
  2514. char tbuf[ISO_TIME_USEC_LEN+1];
  2515. format_iso_time_nospace_usec(tbuf, &circ->base_.timestamp_created);
  2516. smartlist_add_asprintf(descparts, "TIME_CREATED=%s", tbuf);
  2517. }
  2518. // Show username and/or password if available.
  2519. if (circ->socks_username_len > 0) {
  2520. char* socks_username_escaped = esc_for_log_len(circ->socks_username,
  2521. (size_t) circ->socks_username_len);
  2522. smartlist_add_asprintf(descparts, "SOCKS_USERNAME=%s",
  2523. socks_username_escaped);
  2524. tor_free(socks_username_escaped);
  2525. }
  2526. if (circ->socks_password_len > 0) {
  2527. char* socks_password_escaped = esc_for_log_len(circ->socks_password,
  2528. (size_t) circ->socks_password_len);
  2529. smartlist_add_asprintf(descparts, "SOCKS_PASSWORD=%s",
  2530. socks_password_escaped);
  2531. tor_free(socks_password_escaped);
  2532. }
  2533. rv = smartlist_join_strings(descparts, " ", 0, NULL);
  2534. SMARTLIST_FOREACH(descparts, char *, cp, tor_free(cp));
  2535. smartlist_free(descparts);
  2536. return rv;
  2537. }
  2538. /** Implementation helper for GETINFO: knows how to generate summaries of the
  2539. * current states of things we send events about. */
  2540. static int
  2541. getinfo_helper_events(control_connection_t *control_conn,
  2542. const char *question, char **answer,
  2543. const char **errmsg)
  2544. {
  2545. const or_options_t *options = get_options();
  2546. (void) control_conn;
  2547. if (!strcmp(question, "circuit-status")) {
  2548. smartlist_t *status = smartlist_new();
  2549. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ_) {
  2550. origin_circuit_t *circ;
  2551. char *circdesc;
  2552. const char *state;
  2553. if (! CIRCUIT_IS_ORIGIN(circ_) || circ_->marked_for_close)
  2554. continue;
  2555. circ = TO_ORIGIN_CIRCUIT(circ_);
  2556. if (circ->base_.state == CIRCUIT_STATE_OPEN)
  2557. state = "BUILT";
  2558. else if (circ->base_.state == CIRCUIT_STATE_GUARD_WAIT)
  2559. state = "GUARD_WAIT";
  2560. else if (circ->cpath)
  2561. state = "EXTENDED";
  2562. else
  2563. state = "LAUNCHED";
  2564. circdesc = circuit_describe_status_for_controller(circ);
  2565. smartlist_add_asprintf(status, "%lu %s%s%s",
  2566. (unsigned long)circ->global_identifier,
  2567. state, *circdesc ? " " : "", circdesc);
  2568. tor_free(circdesc);
  2569. }
  2570. SMARTLIST_FOREACH_END(circ_);
  2571. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2572. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2573. smartlist_free(status);
  2574. } else if (!strcmp(question, "stream-status")) {
  2575. smartlist_t *conns = get_connection_array();
  2576. smartlist_t *status = smartlist_new();
  2577. char buf[256];
  2578. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  2579. const char *state;
  2580. entry_connection_t *conn;
  2581. circuit_t *circ;
  2582. origin_circuit_t *origin_circ = NULL;
  2583. if (base_conn->type != CONN_TYPE_AP ||
  2584. base_conn->marked_for_close ||
  2585. base_conn->state == AP_CONN_STATE_SOCKS_WAIT ||
  2586. base_conn->state == AP_CONN_STATE_NATD_WAIT)
  2587. continue;
  2588. conn = TO_ENTRY_CONN(base_conn);
  2589. switch (base_conn->state)
  2590. {
  2591. case AP_CONN_STATE_CONTROLLER_WAIT:
  2592. case AP_CONN_STATE_CIRCUIT_WAIT:
  2593. if (conn->socks_request &&
  2594. SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command))
  2595. state = "NEWRESOLVE";
  2596. else
  2597. state = "NEW";
  2598. break;
  2599. case AP_CONN_STATE_RENDDESC_WAIT:
  2600. case AP_CONN_STATE_CONNECT_WAIT:
  2601. state = "SENTCONNECT"; break;
  2602. case AP_CONN_STATE_RESOLVE_WAIT:
  2603. state = "SENTRESOLVE"; break;
  2604. case AP_CONN_STATE_OPEN:
  2605. state = "SUCCEEDED"; break;
  2606. default:
  2607. log_warn(LD_BUG, "Asked for stream in unknown state %d",
  2608. base_conn->state);
  2609. continue;
  2610. }
  2611. circ = circuit_get_by_edge_conn(ENTRY_TO_EDGE_CONN(conn));
  2612. if (circ && CIRCUIT_IS_ORIGIN(circ))
  2613. origin_circ = TO_ORIGIN_CIRCUIT(circ);
  2614. write_stream_target_to_buf(conn, buf, sizeof(buf));
  2615. smartlist_add_asprintf(status, "%lu %s %lu %s",
  2616. (unsigned long) base_conn->global_identifier,state,
  2617. origin_circ?
  2618. (unsigned long)origin_circ->global_identifier : 0ul,
  2619. buf);
  2620. } SMARTLIST_FOREACH_END(base_conn);
  2621. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2622. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2623. smartlist_free(status);
  2624. } else if (!strcmp(question, "orconn-status")) {
  2625. smartlist_t *conns = get_connection_array();
  2626. smartlist_t *status = smartlist_new();
  2627. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, base_conn) {
  2628. const char *state;
  2629. char name[128];
  2630. or_connection_t *conn;
  2631. if (base_conn->type != CONN_TYPE_OR || base_conn->marked_for_close)
  2632. continue;
  2633. conn = TO_OR_CONN(base_conn);
  2634. if (conn->base_.state == OR_CONN_STATE_OPEN)
  2635. state = "CONNECTED";
  2636. else if (conn->nickname)
  2637. state = "LAUNCHED";
  2638. else
  2639. state = "NEW";
  2640. orconn_target_get_name(name, sizeof(name), conn);
  2641. smartlist_add_asprintf(status, "%s %s", name, state);
  2642. } SMARTLIST_FOREACH_END(base_conn);
  2643. *answer = smartlist_join_strings(status, "\r\n", 0, NULL);
  2644. SMARTLIST_FOREACH(status, char *, cp, tor_free(cp));
  2645. smartlist_free(status);
  2646. } else if (!strcmpstart(question, "address-mappings/")) {
  2647. time_t min_e, max_e;
  2648. smartlist_t *mappings;
  2649. question += strlen("address-mappings/");
  2650. if (!strcmp(question, "all")) {
  2651. min_e = 0; max_e = TIME_MAX;
  2652. } else if (!strcmp(question, "cache")) {
  2653. min_e = 2; max_e = TIME_MAX;
  2654. } else if (!strcmp(question, "config")) {
  2655. min_e = 0; max_e = 0;
  2656. } else if (!strcmp(question, "control")) {
  2657. min_e = 1; max_e = 1;
  2658. } else {
  2659. return 0;
  2660. }
  2661. mappings = smartlist_new();
  2662. addressmap_get_mappings(mappings, min_e, max_e, 1);
  2663. *answer = smartlist_join_strings(mappings, "\r\n", 0, NULL);
  2664. SMARTLIST_FOREACH(mappings, char *, cp, tor_free(cp));
  2665. smartlist_free(mappings);
  2666. } else if (!strcmpstart(question, "status/")) {
  2667. /* Note that status/ is not a catch-all for events; there's only supposed
  2668. * to be a status GETINFO if there's a corresponding STATUS event. */
  2669. if (!strcmp(question, "status/circuit-established")) {
  2670. *answer = tor_strdup(have_completed_a_circuit() ? "1" : "0");
  2671. } else if (!strcmp(question, "status/enough-dir-info")) {
  2672. *answer = tor_strdup(router_have_minimum_dir_info() ? "1" : "0");
  2673. } else if (!strcmp(question, "status/good-server-descriptor") ||
  2674. !strcmp(question, "status/accepted-server-descriptor")) {
  2675. /* They're equivalent for now, until we can figure out how to make
  2676. * good-server-descriptor be what we want. See comment in
  2677. * control-spec.txt. */
  2678. *answer = tor_strdup(directories_have_accepted_server_descriptor()
  2679. ? "1" : "0");
  2680. } else if (!strcmp(question, "status/reachability-succeeded/or")) {
  2681. *answer = tor_strdup(check_whether_orport_reachable(options) ?
  2682. "1" : "0");
  2683. } else if (!strcmp(question, "status/reachability-succeeded/dir")) {
  2684. *answer = tor_strdup(check_whether_dirport_reachable(options) ?
  2685. "1" : "0");
  2686. } else if (!strcmp(question, "status/reachability-succeeded")) {
  2687. tor_asprintf(answer, "OR=%d DIR=%d",
  2688. check_whether_orport_reachable(options) ? 1 : 0,
  2689. check_whether_dirport_reachable(options) ? 1 : 0);
  2690. } else if (!strcmp(question, "status/bootstrap-phase")) {
  2691. *answer = tor_strdup(last_sent_bootstrap_message);
  2692. } else if (!strcmpstart(question, "status/version/")) {
  2693. int is_server = server_mode(options);
  2694. networkstatus_t *c = networkstatus_get_latest_consensus();
  2695. version_status_t status;
  2696. const char *recommended;
  2697. if (c) {
  2698. recommended = is_server ? c->server_versions : c->client_versions;
  2699. status = tor_version_is_obsolete(VERSION, recommended);
  2700. } else {
  2701. recommended = "?";
  2702. status = VS_UNKNOWN;
  2703. }
  2704. if (!strcmp(question, "status/version/recommended")) {
  2705. *answer = tor_strdup(recommended);
  2706. return 0;
  2707. }
  2708. if (!strcmp(question, "status/version/current")) {
  2709. switch (status)
  2710. {
  2711. case VS_RECOMMENDED: *answer = tor_strdup("recommended"); break;
  2712. case VS_OLD: *answer = tor_strdup("obsolete"); break;
  2713. case VS_NEW: *answer = tor_strdup("new"); break;
  2714. case VS_NEW_IN_SERIES: *answer = tor_strdup("new in series"); break;
  2715. case VS_UNRECOMMENDED: *answer = tor_strdup("unrecommended"); break;
  2716. case VS_EMPTY: *answer = tor_strdup("none recommended"); break;
  2717. case VS_UNKNOWN: *answer = tor_strdup("unknown"); break;
  2718. default: tor_fragile_assert();
  2719. }
  2720. } else if (!strcmp(question, "status/version/num-versioning") ||
  2721. !strcmp(question, "status/version/num-concurring")) {
  2722. tor_asprintf(answer, "%d", get_n_authorities(V3_DIRINFO));
  2723. log_warn(LD_GENERAL, "%s is deprecated; it no longer gives useful "
  2724. "information", question);
  2725. }
  2726. } else if (!strcmp(question, "status/clients-seen")) {
  2727. char *bridge_stats = geoip_get_bridge_stats_controller(time(NULL));
  2728. if (!bridge_stats) {
  2729. *errmsg = "No bridge-client stats available";
  2730. return -1;
  2731. }
  2732. *answer = bridge_stats;
  2733. } else if (!strcmp(question, "status/fresh-relay-descs")) {
  2734. if (!server_mode(options)) {
  2735. *errmsg = "Only relays have descriptors";
  2736. return -1;
  2737. }
  2738. routerinfo_t *r;
  2739. extrainfo_t *e;
  2740. if (router_build_fresh_descriptor(&r, &e) < 0) {
  2741. *errmsg = "Error generating descriptor";
  2742. return -1;
  2743. }
  2744. size_t size = r->cache_info.signed_descriptor_len + 1;
  2745. if (e) {
  2746. size += e->cache_info.signed_descriptor_len + 1;
  2747. }
  2748. tor_assert(r->cache_info.signed_descriptor_len);
  2749. char *descs = tor_malloc(size);
  2750. char *cp = descs;
  2751. memcpy(cp, signed_descriptor_get_body(&r->cache_info),
  2752. r->cache_info.signed_descriptor_len);
  2753. cp += r->cache_info.signed_descriptor_len - 1;
  2754. if (e) {
  2755. if (cp[0] == '\0') {
  2756. cp[0] = '\n';
  2757. } else if (cp[0] != '\n') {
  2758. cp[1] = '\n';
  2759. cp++;
  2760. }
  2761. memcpy(cp, signed_descriptor_get_body(&e->cache_info),
  2762. e->cache_info.signed_descriptor_len);
  2763. cp += e->cache_info.signed_descriptor_len - 1;
  2764. }
  2765. if (cp[0] == '\n') {
  2766. cp[0] = '\0';
  2767. } else if (cp[0] != '\0') {
  2768. cp[1] = '\0';
  2769. }
  2770. *answer = descs;
  2771. routerinfo_free(r);
  2772. extrainfo_free(e);
  2773. } else {
  2774. return 0;
  2775. }
  2776. }
  2777. return 0;
  2778. }
  2779. /** Implementation helper for GETINFO: knows how to enumerate hidden services
  2780. * created via the control port. */
  2781. STATIC int
  2782. getinfo_helper_onions(control_connection_t *control_conn,
  2783. const char *question, char **answer,
  2784. const char **errmsg)
  2785. {
  2786. smartlist_t *onion_list = NULL;
  2787. (void) errmsg; /* no errors from this method */
  2788. if (control_conn && !strcmp(question, "onions/current")) {
  2789. onion_list = control_conn->ephemeral_onion_services;
  2790. } else if (!strcmp(question, "onions/detached")) {
  2791. onion_list = detached_onion_services;
  2792. } else {
  2793. return 0;
  2794. }
  2795. if (!onion_list || smartlist_len(onion_list) == 0) {
  2796. if (answer) {
  2797. *answer = tor_strdup("");
  2798. }
  2799. } else {
  2800. if (answer) {
  2801. *answer = smartlist_join_strings(onion_list, "\r\n", 0, NULL);
  2802. }
  2803. }
  2804. return 0;
  2805. }
  2806. /** Implementation helper for GETINFO: answers queries about network
  2807. * liveness. */
  2808. static int
  2809. getinfo_helper_liveness(control_connection_t *control_conn,
  2810. const char *question, char **answer,
  2811. const char **errmsg)
  2812. {
  2813. (void)control_conn;
  2814. (void)errmsg;
  2815. if (strcmp(question, "network-liveness") == 0) {
  2816. if (get_cached_network_liveness()) {
  2817. *answer = tor_strdup("up");
  2818. } else {
  2819. *answer = tor_strdup("down");
  2820. }
  2821. }
  2822. return 0;
  2823. }
  2824. /** Implementation helper for GETINFO: answers queries about shared random
  2825. * value. */
  2826. static int
  2827. getinfo_helper_sr(control_connection_t *control_conn,
  2828. const char *question, char **answer,
  2829. const char **errmsg)
  2830. {
  2831. (void) control_conn;
  2832. (void) errmsg;
  2833. if (!strcmp(question, "sr/current")) {
  2834. *answer = sr_get_current_for_control();
  2835. } else if (!strcmp(question, "sr/previous")) {
  2836. *answer = sr_get_previous_for_control();
  2837. }
  2838. /* Else statement here is unrecognized key so do nothing. */
  2839. return 0;
  2840. }
  2841. /** Callback function for GETINFO: on a given control connection, try to
  2842. * answer the question <b>q</b> and store the newly-allocated answer in
  2843. * *<b>a</b>. If an internal error occurs, return -1 and optionally set
  2844. * *<b>error_out</b> to point to an error message to be delivered to the
  2845. * controller. On success, _or if the key is not recognized_, return 0. Do not
  2846. * set <b>a</b> if the key is not recognized but you may set <b>error_out</b>
  2847. * to improve the error message.
  2848. */
  2849. typedef int (*getinfo_helper_t)(control_connection_t *,
  2850. const char *q, char **a,
  2851. const char **error_out);
  2852. /** A single item for the GETINFO question-to-answer-function table. */
  2853. typedef struct getinfo_item_t {
  2854. const char *varname; /**< The value (or prefix) of the question. */
  2855. getinfo_helper_t fn; /**< The function that knows the answer: NULL if
  2856. * this entry is documentation-only. */
  2857. const char *desc; /**< Description of the variable. */
  2858. int is_prefix; /** Must varname match exactly, or must it be a prefix? */
  2859. } getinfo_item_t;
  2860. #define ITEM(name, fn, desc) { name, getinfo_helper_##fn, desc, 0 }
  2861. #define PREFIX(name, fn, desc) { name, getinfo_helper_##fn, desc, 1 }
  2862. #define DOC(name, desc) { name, NULL, desc, 0 }
  2863. /** Table mapping questions accepted by GETINFO to the functions that know how
  2864. * to answer them. */
  2865. static const getinfo_item_t getinfo_items[] = {
  2866. ITEM("version", misc, "The current version of Tor."),
  2867. ITEM("bw-event-cache", misc, "Cached BW events for a short interval."),
  2868. ITEM("config-file", misc, "Current location of the \"torrc\" file."),
  2869. ITEM("config-defaults-file", misc, "Current location of the defaults file."),
  2870. ITEM("config-text", misc,
  2871. "Return the string that would be written by a saveconf command."),
  2872. ITEM("config-can-saveconf", misc,
  2873. "Is it possible to save the configuration to the \"torrc\" file?"),
  2874. ITEM("accounting/bytes", accounting,
  2875. "Number of bytes read/written so far in the accounting interval."),
  2876. ITEM("accounting/bytes-left", accounting,
  2877. "Number of bytes left to write/read so far in the accounting interval."),
  2878. ITEM("accounting/enabled", accounting, "Is accounting currently enabled?"),
  2879. ITEM("accounting/hibernating", accounting, "Are we hibernating or awake?"),
  2880. ITEM("accounting/interval-start", accounting,
  2881. "Time when the accounting period starts."),
  2882. ITEM("accounting/interval-end", accounting,
  2883. "Time when the accounting period ends."),
  2884. ITEM("accounting/interval-wake", accounting,
  2885. "Time to wake up in this accounting period."),
  2886. ITEM("helper-nodes", entry_guards, NULL), /* deprecated */
  2887. ITEM("entry-guards", entry_guards,
  2888. "Which nodes are we using as entry guards?"),
  2889. ITEM("fingerprint", misc, NULL),
  2890. PREFIX("config/", config, "Current configuration values."),
  2891. DOC("config/names",
  2892. "List of configuration options, types, and documentation."),
  2893. DOC("config/defaults",
  2894. "List of default values for configuration options. "
  2895. "See also config/names"),
  2896. PREFIX("current-time/", current_time, "Current time."),
  2897. DOC("current-time/local", "Current time on the local system."),
  2898. DOC("current-time/utc", "Current UTC time."),
  2899. PREFIX("downloads/networkstatus/", downloads,
  2900. "Download statuses for networkstatus objects"),
  2901. DOC("downloads/networkstatus/ns",
  2902. "Download status for current-mode networkstatus download"),
  2903. DOC("downloads/networkstatus/ns/bootstrap",
  2904. "Download status for bootstrap-time networkstatus download"),
  2905. DOC("downloads/networkstatus/ns/running",
  2906. "Download status for run-time networkstatus download"),
  2907. DOC("downloads/networkstatus/microdesc",
  2908. "Download status for current-mode microdesc download"),
  2909. DOC("downloads/networkstatus/microdesc/bootstrap",
  2910. "Download status for bootstrap-time microdesc download"),
  2911. DOC("downloads/networkstatus/microdesc/running",
  2912. "Download status for run-time microdesc download"),
  2913. PREFIX("downloads/cert/", downloads,
  2914. "Download statuses for certificates, by id fingerprint and "
  2915. "signing key"),
  2916. DOC("downloads/cert/fps",
  2917. "List of authority fingerprints for which any download statuses "
  2918. "exist"),
  2919. DOC("downloads/cert/fp/<fp>",
  2920. "Download status for <fp> with the default signing key; corresponds "
  2921. "to /fp/ URLs on directory server."),
  2922. DOC("downloads/cert/fp/<fp>/sks",
  2923. "List of signing keys for which specific download statuses are "
  2924. "available for this id fingerprint"),
  2925. DOC("downloads/cert/fp/<fp>/<sk>",
  2926. "Download status for <fp> with signing key <sk>; corresponds "
  2927. "to /fp-sk/ URLs on directory server."),
  2928. PREFIX("downloads/desc/", downloads,
  2929. "Download statuses for router descriptors, by descriptor digest"),
  2930. DOC("downloads/desc/descs",
  2931. "Return a list of known router descriptor digests"),
  2932. DOC("downloads/desc/<desc>",
  2933. "Return a download status for a given descriptor digest"),
  2934. PREFIX("downloads/bridge/", downloads,
  2935. "Download statuses for bridge descriptors, by bridge identity "
  2936. "digest"),
  2937. DOC("downloads/bridge/bridges",
  2938. "Return a list of configured bridge identity digests with download "
  2939. "statuses"),
  2940. DOC("downloads/bridge/<desc>",
  2941. "Return a download status for a given bridge identity digest"),
  2942. ITEM("info/names", misc,
  2943. "List of GETINFO options, types, and documentation."),
  2944. ITEM("events/names", misc,
  2945. "Events that the controller can ask for with SETEVENTS."),
  2946. ITEM("signal/names", misc, "Signal names recognized by the SIGNAL command"),
  2947. ITEM("features/names", misc, "What arguments can USEFEATURE take?"),
  2948. PREFIX("desc/id/", dir, "Router descriptors by ID."),
  2949. PREFIX("desc/name/", dir, "Router descriptors by nickname."),
  2950. ITEM("desc/all-recent", dir,
  2951. "All non-expired, non-superseded router descriptors."),
  2952. ITEM("desc/download-enabled", dir,
  2953. "Do we try to download router descriptors?"),
  2954. ITEM("desc/all-recent-extrainfo-hack", dir, NULL), /* Hack. */
  2955. PREFIX("md/id/", dir, "Microdescriptors by ID"),
  2956. PREFIX("md/name/", dir, "Microdescriptors by name"),
  2957. ITEM("md/download-enabled", dir,
  2958. "Do we try to download microdescriptors?"),
  2959. PREFIX("extra-info/digest/", dir, "Extra-info documents by digest."),
  2960. PREFIX("hs/client/desc/id", dir,
  2961. "Hidden Service descriptor in client's cache by onion."),
  2962. PREFIX("hs/service/desc/id/", dir,
  2963. "Hidden Service descriptor in services's cache by onion."),
  2964. PREFIX("net/listeners/", listeners, "Bound addresses by type"),
  2965. ITEM("ns/all", networkstatus,
  2966. "Brief summary of router status (v2 directory format)"),
  2967. PREFIX("ns/id/", networkstatus,
  2968. "Brief summary of router status by ID (v2 directory format)."),
  2969. PREFIX("ns/name/", networkstatus,
  2970. "Brief summary of router status by nickname (v2 directory format)."),
  2971. PREFIX("ns/purpose/", networkstatus,
  2972. "Brief summary of router status by purpose (v2 directory format)."),
  2973. PREFIX("consensus/", networkstatus,
  2974. "Information about and from the ns consensus."),
  2975. ITEM("network-status", dir,
  2976. "Brief summary of router status (v1 directory format)"),
  2977. ITEM("network-liveness", liveness,
  2978. "Current opinion on whether the network is live"),
  2979. ITEM("circuit-status", events, "List of current circuits originating here."),
  2980. ITEM("stream-status", events,"List of current streams."),
  2981. ITEM("orconn-status", events, "A list of current OR connections."),
  2982. ITEM("dormant", misc,
  2983. "Is Tor dormant (not building circuits because it's idle)?"),
  2984. PREFIX("address-mappings/", events, NULL),
  2985. DOC("address-mappings/all", "Current address mappings."),
  2986. DOC("address-mappings/cache", "Current cached DNS replies."),
  2987. DOC("address-mappings/config",
  2988. "Current address mappings from configuration."),
  2989. DOC("address-mappings/control", "Current address mappings from controller."),
  2990. PREFIX("status/", events, NULL),
  2991. DOC("status/circuit-established",
  2992. "Whether we think client functionality is working."),
  2993. DOC("status/enough-dir-info",
  2994. "Whether we have enough up-to-date directory information to build "
  2995. "circuits."),
  2996. DOC("status/bootstrap-phase",
  2997. "The last bootstrap phase status event that Tor sent."),
  2998. DOC("status/clients-seen",
  2999. "Breakdown of client countries seen by a bridge."),
  3000. DOC("status/fresh-relay-descs",
  3001. "A fresh relay/ei descriptor pair for Tor's current state. Not stored."),
  3002. DOC("status/version/recommended", "List of currently recommended versions."),
  3003. DOC("status/version/current", "Status of the current version."),
  3004. DOC("status/version/num-versioning", "Number of versioning authorities."),
  3005. DOC("status/version/num-concurring",
  3006. "Number of versioning authorities agreeing on the status of the "
  3007. "current version"),
  3008. ITEM("address", misc, "IP address of this Tor host, if we can guess it."),
  3009. ITEM("traffic/read", misc,"Bytes read since the process was started."),
  3010. ITEM("traffic/written", misc,
  3011. "Bytes written since the process was started."),
  3012. ITEM("process/pid", misc, "Process id belonging to the main tor process."),
  3013. ITEM("process/uid", misc, "User id running the tor process."),
  3014. ITEM("process/user", misc,
  3015. "Username under which the tor process is running."),
  3016. ITEM("process/descriptor-limit", misc, "File descriptor limit."),
  3017. ITEM("limits/max-mem-in-queues", misc, "Actual limit on memory in queues"),
  3018. PREFIX("desc-annotations/id/", dir, "Router annotations by hexdigest."),
  3019. PREFIX("dir/server/", dir,"Router descriptors as retrieved from a DirPort."),
  3020. PREFIX("dir/status/", dir,
  3021. "v2 networkstatus docs as retrieved from a DirPort."),
  3022. ITEM("dir/status-vote/current/consensus", dir,
  3023. "v3 Networkstatus consensus as retrieved from a DirPort."),
  3024. ITEM("exit-policy/default", policies,
  3025. "The default value appended to the configured exit policy."),
  3026. ITEM("exit-policy/reject-private/default", policies,
  3027. "The default rules appended to the configured exit policy by"
  3028. " ExitPolicyRejectPrivate."),
  3029. ITEM("exit-policy/reject-private/relay", policies,
  3030. "The relay-specific rules appended to the configured exit policy by"
  3031. " ExitPolicyRejectPrivate and/or ExitPolicyRejectLocalInterfaces."),
  3032. ITEM("exit-policy/full", policies, "The entire exit policy of onion router"),
  3033. ITEM("exit-policy/ipv4", policies, "IPv4 parts of exit policy"),
  3034. ITEM("exit-policy/ipv6", policies, "IPv6 parts of exit policy"),
  3035. PREFIX("ip-to-country/", geoip, "Perform a GEOIP lookup"),
  3036. ITEM("onions/current", onions,
  3037. "Onion services owned by the current control connection."),
  3038. ITEM("onions/detached", onions,
  3039. "Onion services detached from the control connection."),
  3040. ITEM("sr/current", sr, "Get current shared random value."),
  3041. ITEM("sr/previous", sr, "Get previous shared random value."),
  3042. { NULL, NULL, NULL, 0 }
  3043. };
  3044. /** Allocate and return a list of recognized GETINFO options. */
  3045. static char *
  3046. list_getinfo_options(void)
  3047. {
  3048. int i;
  3049. smartlist_t *lines = smartlist_new();
  3050. char *ans;
  3051. for (i = 0; getinfo_items[i].varname; ++i) {
  3052. if (!getinfo_items[i].desc)
  3053. continue;
  3054. smartlist_add_asprintf(lines, "%s%s -- %s\n",
  3055. getinfo_items[i].varname,
  3056. getinfo_items[i].is_prefix ? "*" : "",
  3057. getinfo_items[i].desc);
  3058. }
  3059. smartlist_sort_strings(lines);
  3060. ans = smartlist_join_strings(lines, "", 0, NULL);
  3061. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  3062. smartlist_free(lines);
  3063. return ans;
  3064. }
  3065. /** Lookup the 'getinfo' entry <b>question</b>, and return
  3066. * the answer in <b>*answer</b> (or NULL if key not recognized).
  3067. * Return 0 if success or unrecognized, or -1 if recognized but
  3068. * internal error. */
  3069. static int
  3070. handle_getinfo_helper(control_connection_t *control_conn,
  3071. const char *question, char **answer,
  3072. const char **err_out)
  3073. {
  3074. int i;
  3075. *answer = NULL; /* unrecognized key by default */
  3076. for (i = 0; getinfo_items[i].varname; ++i) {
  3077. int match;
  3078. if (getinfo_items[i].is_prefix)
  3079. match = !strcmpstart(question, getinfo_items[i].varname);
  3080. else
  3081. match = !strcmp(question, getinfo_items[i].varname);
  3082. if (match) {
  3083. tor_assert(getinfo_items[i].fn);
  3084. return getinfo_items[i].fn(control_conn, question, answer, err_out);
  3085. }
  3086. }
  3087. return 0; /* unrecognized */
  3088. }
  3089. /** Called when we receive a GETINFO command. Try to fetch all requested
  3090. * information, and reply with information or error message. */
  3091. static int
  3092. handle_control_getinfo(control_connection_t *conn, uint32_t len,
  3093. const char *body)
  3094. {
  3095. smartlist_t *questions = smartlist_new();
  3096. smartlist_t *answers = smartlist_new();
  3097. smartlist_t *unrecognized = smartlist_new();
  3098. char *ans = NULL;
  3099. int i;
  3100. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  3101. smartlist_split_string(questions, body, " ",
  3102. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3103. SMARTLIST_FOREACH_BEGIN(questions, const char *, q) {
  3104. const char *errmsg = NULL;
  3105. if (handle_getinfo_helper(conn, q, &ans, &errmsg) < 0) {
  3106. if (!errmsg)
  3107. errmsg = "Internal error";
  3108. connection_printf_to_buf(conn, "551 %s\r\n", errmsg);
  3109. goto done;
  3110. }
  3111. if (!ans) {
  3112. if (errmsg) /* use provided error message */
  3113. smartlist_add_strdup(unrecognized, errmsg);
  3114. else /* use default error message */
  3115. smartlist_add_asprintf(unrecognized, "Unrecognized key \"%s\"", q);
  3116. } else {
  3117. smartlist_add_strdup(answers, q);
  3118. smartlist_add(answers, ans);
  3119. }
  3120. } SMARTLIST_FOREACH_END(q);
  3121. if (smartlist_len(unrecognized)) {
  3122. /* control-spec section 2.3, mid-reply '-' or end of reply ' ' */
  3123. for (i=0; i < smartlist_len(unrecognized)-1; ++i)
  3124. connection_printf_to_buf(conn,
  3125. "552-%s\r\n",
  3126. (char *)smartlist_get(unrecognized, i));
  3127. connection_printf_to_buf(conn,
  3128. "552 %s\r\n",
  3129. (char *)smartlist_get(unrecognized, i));
  3130. goto done;
  3131. }
  3132. for (i = 0; i < smartlist_len(answers); i += 2) {
  3133. char *k = smartlist_get(answers, i);
  3134. char *v = smartlist_get(answers, i+1);
  3135. if (!strchr(v, '\n') && !strchr(v, '\r')) {
  3136. connection_printf_to_buf(conn, "250-%s=", k);
  3137. connection_write_str_to_buf(v, conn);
  3138. connection_write_str_to_buf("\r\n", conn);
  3139. } else {
  3140. char *esc = NULL;
  3141. size_t esc_len;
  3142. esc_len = write_escaped_data(v, strlen(v), &esc);
  3143. connection_printf_to_buf(conn, "250+%s=\r\n", k);
  3144. connection_buf_add(esc, esc_len, TO_CONN(conn));
  3145. tor_free(esc);
  3146. }
  3147. }
  3148. connection_write_str_to_buf("250 OK\r\n", conn);
  3149. done:
  3150. SMARTLIST_FOREACH(answers, char *, cp, tor_free(cp));
  3151. smartlist_free(answers);
  3152. SMARTLIST_FOREACH(questions, char *, cp, tor_free(cp));
  3153. smartlist_free(questions);
  3154. SMARTLIST_FOREACH(unrecognized, char *, cp, tor_free(cp));
  3155. smartlist_free(unrecognized);
  3156. return 0;
  3157. }
  3158. /** Given a string, convert it to a circuit purpose. */
  3159. static uint8_t
  3160. circuit_purpose_from_string(const char *string)
  3161. {
  3162. if (!strcasecmpstart(string, "purpose="))
  3163. string += strlen("purpose=");
  3164. if (!strcasecmp(string, "general"))
  3165. return CIRCUIT_PURPOSE_C_GENERAL;
  3166. else if (!strcasecmp(string, "controller"))
  3167. return CIRCUIT_PURPOSE_CONTROLLER;
  3168. else
  3169. return CIRCUIT_PURPOSE_UNKNOWN;
  3170. }
  3171. /** Return a newly allocated smartlist containing the arguments to the command
  3172. * waiting in <b>body</b>. If there are fewer than <b>min_args</b> arguments,
  3173. * or if <b>max_args</b> is nonnegative and there are more than
  3174. * <b>max_args</b> arguments, send a 512 error to the controller, using
  3175. * <b>command</b> as the command name in the error message. */
  3176. static smartlist_t *
  3177. getargs_helper(const char *command, control_connection_t *conn,
  3178. const char *body, int min_args, int max_args)
  3179. {
  3180. smartlist_t *args = smartlist_new();
  3181. smartlist_split_string(args, body, " ",
  3182. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3183. if (smartlist_len(args) < min_args) {
  3184. connection_printf_to_buf(conn, "512 Missing argument to %s\r\n",command);
  3185. goto err;
  3186. } else if (max_args >= 0 && smartlist_len(args) > max_args) {
  3187. connection_printf_to_buf(conn, "512 Too many arguments to %s\r\n",command);
  3188. goto err;
  3189. }
  3190. return args;
  3191. err:
  3192. SMARTLIST_FOREACH(args, char *, s, tor_free(s));
  3193. smartlist_free(args);
  3194. return NULL;
  3195. }
  3196. /** Helper. Return the first element of <b>sl</b> at index <b>start_at</b> or
  3197. * higher that starts with <b>prefix</b>, case-insensitive. Return NULL if no
  3198. * such element exists. */
  3199. static const char *
  3200. find_element_starting_with(smartlist_t *sl, int start_at, const char *prefix)
  3201. {
  3202. int i;
  3203. for (i = start_at; i < smartlist_len(sl); ++i) {
  3204. const char *elt = smartlist_get(sl, i);
  3205. if (!strcasecmpstart(elt, prefix))
  3206. return elt;
  3207. }
  3208. return NULL;
  3209. }
  3210. /** Helper. Return true iff s is an argument that we should treat as a
  3211. * key-value pair. */
  3212. static int
  3213. is_keyval_pair(const char *s)
  3214. {
  3215. /* An argument is a key-value pair if it has an =, and it isn't of the form
  3216. * $fingeprint=name */
  3217. return strchr(s, '=') && s[0] != '$';
  3218. }
  3219. /** Called when we get an EXTENDCIRCUIT message. Try to extend the listed
  3220. * circuit, and report success or failure. */
  3221. static int
  3222. handle_control_extendcircuit(control_connection_t *conn, uint32_t len,
  3223. const char *body)
  3224. {
  3225. smartlist_t *router_nicknames=NULL, *nodes=NULL;
  3226. origin_circuit_t *circ = NULL;
  3227. int zero_circ;
  3228. uint8_t intended_purpose = CIRCUIT_PURPOSE_C_GENERAL;
  3229. smartlist_t *args;
  3230. (void) len;
  3231. router_nicknames = smartlist_new();
  3232. args = getargs_helper("EXTENDCIRCUIT", conn, body, 1, -1);
  3233. if (!args)
  3234. goto done;
  3235. zero_circ = !strcmp("0", (char*)smartlist_get(args,0));
  3236. if (zero_circ) {
  3237. const char *purp = find_element_starting_with(args, 1, "PURPOSE=");
  3238. if (purp) {
  3239. intended_purpose = circuit_purpose_from_string(purp);
  3240. if (intended_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
  3241. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n", purp);
  3242. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3243. smartlist_free(args);
  3244. goto done;
  3245. }
  3246. }
  3247. if ((smartlist_len(args) == 1) ||
  3248. (smartlist_len(args) >= 2 && is_keyval_pair(smartlist_get(args, 1)))) {
  3249. // "EXTENDCIRCUIT 0" || EXTENDCIRCUIT 0 foo=bar"
  3250. circ = circuit_launch(intended_purpose, CIRCLAUNCH_NEED_CAPACITY);
  3251. if (!circ) {
  3252. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3253. } else {
  3254. connection_printf_to_buf(conn, "250 EXTENDED %lu\r\n",
  3255. (unsigned long)circ->global_identifier);
  3256. }
  3257. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3258. smartlist_free(args);
  3259. goto done;
  3260. }
  3261. // "EXTENDCIRCUIT 0 router1,router2" ||
  3262. // "EXTENDCIRCUIT 0 router1,router2 PURPOSE=foo"
  3263. }
  3264. if (!zero_circ && !(circ = get_circ(smartlist_get(args,0)))) {
  3265. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3266. (char*)smartlist_get(args, 0));
  3267. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3268. smartlist_free(args);
  3269. goto done;
  3270. }
  3271. if (smartlist_len(args) < 2) {
  3272. connection_printf_to_buf(conn,
  3273. "512 syntax error: not enough arguments.\r\n");
  3274. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3275. smartlist_free(args);
  3276. goto done;
  3277. }
  3278. smartlist_split_string(router_nicknames, smartlist_get(args,1), ",", 0, 0);
  3279. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3280. smartlist_free(args);
  3281. nodes = smartlist_new();
  3282. int first_node = zero_circ;
  3283. SMARTLIST_FOREACH_BEGIN(router_nicknames, const char *, n) {
  3284. const node_t *node = node_get_by_nickname(n, 0);
  3285. if (!node) {
  3286. connection_printf_to_buf(conn, "552 No such router \"%s\"\r\n", n);
  3287. goto done;
  3288. }
  3289. if (!node_has_preferred_descriptor(node, first_node)) {
  3290. connection_printf_to_buf(conn, "552 No descriptor for \"%s\"\r\n", n);
  3291. goto done;
  3292. }
  3293. smartlist_add(nodes, (void*)node);
  3294. first_node = 0;
  3295. } SMARTLIST_FOREACH_END(n);
  3296. if (!smartlist_len(nodes)) {
  3297. connection_write_str_to_buf("512 No router names provided\r\n", conn);
  3298. goto done;
  3299. }
  3300. if (zero_circ) {
  3301. /* start a new circuit */
  3302. circ = origin_circuit_init(intended_purpose, 0);
  3303. }
  3304. /* now circ refers to something that is ready to be extended */
  3305. first_node = zero_circ;
  3306. SMARTLIST_FOREACH(nodes, const node_t *, node,
  3307. {
  3308. extend_info_t *info = extend_info_from_node(node, first_node);
  3309. if (!info) {
  3310. tor_assert_nonfatal(first_node);
  3311. log_warn(LD_CONTROL,
  3312. "controller tried to connect to a node that lacks a suitable "
  3313. "descriptor, or which doesn't have any "
  3314. "addresses that are allowed by the firewall configuration; "
  3315. "circuit marked for closing.");
  3316. circuit_mark_for_close(TO_CIRCUIT(circ), -END_CIRC_REASON_CONNECTFAILED);
  3317. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3318. goto done;
  3319. }
  3320. circuit_append_new_exit(circ, info);
  3321. if (circ->build_state->desired_path_len > 1) {
  3322. circ->build_state->onehop_tunnel = 0;
  3323. }
  3324. extend_info_free(info);
  3325. first_node = 0;
  3326. });
  3327. /* now that we've populated the cpath, start extending */
  3328. if (zero_circ) {
  3329. int err_reason = 0;
  3330. if ((err_reason = circuit_handle_first_hop(circ)) < 0) {
  3331. circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
  3332. connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn);
  3333. goto done;
  3334. }
  3335. } else {
  3336. if (circ->base_.state == CIRCUIT_STATE_OPEN ||
  3337. circ->base_.state == CIRCUIT_STATE_GUARD_WAIT) {
  3338. int err_reason = 0;
  3339. circuit_set_state(TO_CIRCUIT(circ), CIRCUIT_STATE_BUILDING);
  3340. if ((err_reason = circuit_send_next_onion_skin(circ)) < 0) {
  3341. log_info(LD_CONTROL,
  3342. "send_next_onion_skin failed; circuit marked for closing.");
  3343. circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
  3344. connection_write_str_to_buf("551 Couldn't send onion skin\r\n", conn);
  3345. goto done;
  3346. }
  3347. }
  3348. }
  3349. connection_printf_to_buf(conn, "250 EXTENDED %lu\r\n",
  3350. (unsigned long)circ->global_identifier);
  3351. if (zero_circ) /* send a 'launched' event, for completeness */
  3352. control_event_circuit_status(circ, CIRC_EVENT_LAUNCHED, 0);
  3353. done:
  3354. SMARTLIST_FOREACH(router_nicknames, char *, n, tor_free(n));
  3355. smartlist_free(router_nicknames);
  3356. smartlist_free(nodes);
  3357. return 0;
  3358. }
  3359. /** Called when we get a SETCIRCUITPURPOSE message. If we can find the
  3360. * circuit and it's a valid purpose, change it. */
  3361. static int
  3362. handle_control_setcircuitpurpose(control_connection_t *conn,
  3363. uint32_t len, const char *body)
  3364. {
  3365. origin_circuit_t *circ = NULL;
  3366. uint8_t new_purpose;
  3367. smartlist_t *args;
  3368. (void) len; /* body is NUL-terminated, so it's safe to ignore the length. */
  3369. args = getargs_helper("SETCIRCUITPURPOSE", conn, body, 2, -1);
  3370. if (!args)
  3371. goto done;
  3372. if (!(circ = get_circ(smartlist_get(args,0)))) {
  3373. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3374. (char*)smartlist_get(args, 0));
  3375. goto done;
  3376. }
  3377. {
  3378. const char *purp = find_element_starting_with(args,1,"PURPOSE=");
  3379. if (!purp) {
  3380. connection_write_str_to_buf("552 No purpose given\r\n", conn);
  3381. goto done;
  3382. }
  3383. new_purpose = circuit_purpose_from_string(purp);
  3384. if (new_purpose == CIRCUIT_PURPOSE_UNKNOWN) {
  3385. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n", purp);
  3386. goto done;
  3387. }
  3388. }
  3389. circuit_change_purpose(TO_CIRCUIT(circ), new_purpose);
  3390. connection_write_str_to_buf("250 OK\r\n", conn);
  3391. done:
  3392. if (args) {
  3393. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3394. smartlist_free(args);
  3395. }
  3396. return 0;
  3397. }
  3398. /** Called when we get an ATTACHSTREAM message. Try to attach the requested
  3399. * stream, and report success or failure. */
  3400. static int
  3401. handle_control_attachstream(control_connection_t *conn, uint32_t len,
  3402. const char *body)
  3403. {
  3404. entry_connection_t *ap_conn = NULL;
  3405. origin_circuit_t *circ = NULL;
  3406. int zero_circ;
  3407. smartlist_t *args;
  3408. crypt_path_t *cpath=NULL;
  3409. int hop=0, hop_line_ok=1;
  3410. (void) len;
  3411. args = getargs_helper("ATTACHSTREAM", conn, body, 2, -1);
  3412. if (!args)
  3413. return 0;
  3414. zero_circ = !strcmp("0", (char*)smartlist_get(args,1));
  3415. if (!(ap_conn = get_stream(smartlist_get(args, 0)))) {
  3416. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3417. (char*)smartlist_get(args, 0));
  3418. } else if (!zero_circ && !(circ = get_circ(smartlist_get(args, 1)))) {
  3419. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3420. (char*)smartlist_get(args, 1));
  3421. } else if (circ) {
  3422. const char *hopstring = find_element_starting_with(args,2,"HOP=");
  3423. if (hopstring) {
  3424. hopstring += strlen("HOP=");
  3425. hop = (int) tor_parse_ulong(hopstring, 10, 0, INT_MAX,
  3426. &hop_line_ok, NULL);
  3427. if (!hop_line_ok) { /* broken hop line */
  3428. connection_printf_to_buf(conn, "552 Bad value hop=%s\r\n", hopstring);
  3429. }
  3430. }
  3431. }
  3432. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3433. smartlist_free(args);
  3434. if (!ap_conn || (!zero_circ && !circ) || !hop_line_ok)
  3435. return 0;
  3436. if (ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONTROLLER_WAIT &&
  3437. ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONNECT_WAIT &&
  3438. ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_RESOLVE_WAIT) {
  3439. connection_write_str_to_buf(
  3440. "555 Connection is not managed by controller.\r\n",
  3441. conn);
  3442. return 0;
  3443. }
  3444. /* Do we need to detach it first? */
  3445. if (ENTRY_TO_CONN(ap_conn)->state != AP_CONN_STATE_CONTROLLER_WAIT) {
  3446. edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(ap_conn);
  3447. circuit_t *tmpcirc = circuit_get_by_edge_conn(edge_conn);
  3448. connection_edge_end(edge_conn, END_STREAM_REASON_TIMEOUT);
  3449. /* Un-mark it as ending, since we're going to reuse it. */
  3450. edge_conn->edge_has_sent_end = 0;
  3451. edge_conn->end_reason = 0;
  3452. if (tmpcirc)
  3453. circuit_detach_stream(tmpcirc, edge_conn);
  3454. CONNECTION_AP_EXPECT_NONPENDING(ap_conn);
  3455. TO_CONN(edge_conn)->state = AP_CONN_STATE_CONTROLLER_WAIT;
  3456. }
  3457. if (circ && (circ->base_.state != CIRCUIT_STATE_OPEN)) {
  3458. connection_write_str_to_buf(
  3459. "551 Can't attach stream to non-open origin circuit\r\n",
  3460. conn);
  3461. return 0;
  3462. }
  3463. /* Is this a single hop circuit? */
  3464. if (circ && (circuit_get_cpath_len(circ)<2 || hop==1)) {
  3465. connection_write_str_to_buf(
  3466. "551 Can't attach stream to this one-hop circuit.\r\n", conn);
  3467. return 0;
  3468. }
  3469. if (circ && hop>0) {
  3470. /* find this hop in the circuit, and set cpath */
  3471. cpath = circuit_get_cpath_hop(circ, hop);
  3472. if (!cpath) {
  3473. connection_printf_to_buf(conn,
  3474. "551 Circuit doesn't have %d hops.\r\n", hop);
  3475. return 0;
  3476. }
  3477. }
  3478. if (connection_ap_handshake_rewrite_and_attach(ap_conn, circ, cpath) < 0) {
  3479. connection_write_str_to_buf("551 Unable to attach stream\r\n", conn);
  3480. return 0;
  3481. }
  3482. send_control_done(conn);
  3483. return 0;
  3484. }
  3485. /** Called when we get a POSTDESCRIPTOR message. Try to learn the provided
  3486. * descriptor, and report success or failure. */
  3487. static int
  3488. handle_control_postdescriptor(control_connection_t *conn, uint32_t len,
  3489. const char *body)
  3490. {
  3491. char *desc;
  3492. const char *msg=NULL;
  3493. uint8_t purpose = ROUTER_PURPOSE_GENERAL;
  3494. int cache = 0; /* eventually, we may switch this to 1 */
  3495. const char *cp = memchr(body, '\n', len);
  3496. if (cp == NULL) {
  3497. connection_printf_to_buf(conn, "251 Empty body\r\n");
  3498. return 0;
  3499. }
  3500. ++cp;
  3501. char *cmdline = tor_memdup_nulterm(body, cp-body);
  3502. smartlist_t *args = smartlist_new();
  3503. smartlist_split_string(args, cmdline, " ",
  3504. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3505. SMARTLIST_FOREACH_BEGIN(args, char *, option) {
  3506. if (!strcasecmpstart(option, "purpose=")) {
  3507. option += strlen("purpose=");
  3508. purpose = router_purpose_from_string(option);
  3509. if (purpose == ROUTER_PURPOSE_UNKNOWN) {
  3510. connection_printf_to_buf(conn, "552 Unknown purpose \"%s\"\r\n",
  3511. option);
  3512. goto done;
  3513. }
  3514. } else if (!strcasecmpstart(option, "cache=")) {
  3515. option += strlen("cache=");
  3516. if (!strcasecmp(option, "no"))
  3517. cache = 0;
  3518. else if (!strcasecmp(option, "yes"))
  3519. cache = 1;
  3520. else {
  3521. connection_printf_to_buf(conn, "552 Unknown cache request \"%s\"\r\n",
  3522. option);
  3523. goto done;
  3524. }
  3525. } else { /* unrecognized argument? */
  3526. connection_printf_to_buf(conn,
  3527. "512 Unexpected argument \"%s\" to postdescriptor\r\n", option);
  3528. goto done;
  3529. }
  3530. } SMARTLIST_FOREACH_END(option);
  3531. read_escaped_data(cp, len-(cp-body), &desc);
  3532. switch (router_load_single_router(desc, purpose, cache, &msg)) {
  3533. case -1:
  3534. if (!msg) msg = "Could not parse descriptor";
  3535. connection_printf_to_buf(conn, "554 %s\r\n", msg);
  3536. break;
  3537. case 0:
  3538. if (!msg) msg = "Descriptor not added";
  3539. connection_printf_to_buf(conn, "251 %s\r\n",msg);
  3540. break;
  3541. case 1:
  3542. send_control_done(conn);
  3543. break;
  3544. }
  3545. tor_free(desc);
  3546. done:
  3547. SMARTLIST_FOREACH(args, char *, arg, tor_free(arg));
  3548. smartlist_free(args);
  3549. tor_free(cmdline);
  3550. return 0;
  3551. }
  3552. /** Called when we receive a REDIRECTSTERAM command. Try to change the target
  3553. * address of the named AP stream, and report success or failure. */
  3554. static int
  3555. handle_control_redirectstream(control_connection_t *conn, uint32_t len,
  3556. const char *body)
  3557. {
  3558. entry_connection_t *ap_conn = NULL;
  3559. char *new_addr = NULL;
  3560. uint16_t new_port = 0;
  3561. smartlist_t *args;
  3562. (void) len;
  3563. args = getargs_helper("REDIRECTSTREAM", conn, body, 2, -1);
  3564. if (!args)
  3565. return 0;
  3566. if (!(ap_conn = get_stream(smartlist_get(args, 0)))
  3567. || !ap_conn->socks_request) {
  3568. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3569. (char*)smartlist_get(args, 0));
  3570. } else {
  3571. int ok = 1;
  3572. if (smartlist_len(args) > 2) { /* they included a port too */
  3573. new_port = (uint16_t) tor_parse_ulong(smartlist_get(args, 2),
  3574. 10, 1, 65535, &ok, NULL);
  3575. }
  3576. if (!ok) {
  3577. connection_printf_to_buf(conn, "512 Cannot parse port \"%s\"\r\n",
  3578. (char*)smartlist_get(args, 2));
  3579. } else {
  3580. new_addr = tor_strdup(smartlist_get(args, 1));
  3581. }
  3582. }
  3583. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3584. smartlist_free(args);
  3585. if (!new_addr)
  3586. return 0;
  3587. strlcpy(ap_conn->socks_request->address, new_addr,
  3588. sizeof(ap_conn->socks_request->address));
  3589. if (new_port)
  3590. ap_conn->socks_request->port = new_port;
  3591. tor_free(new_addr);
  3592. send_control_done(conn);
  3593. return 0;
  3594. }
  3595. /** Called when we get a CLOSESTREAM command; try to close the named stream
  3596. * and report success or failure. */
  3597. static int
  3598. handle_control_closestream(control_connection_t *conn, uint32_t len,
  3599. const char *body)
  3600. {
  3601. entry_connection_t *ap_conn=NULL;
  3602. uint8_t reason=0;
  3603. smartlist_t *args;
  3604. int ok;
  3605. (void) len;
  3606. args = getargs_helper("CLOSESTREAM", conn, body, 2, -1);
  3607. if (!args)
  3608. return 0;
  3609. else if (!(ap_conn = get_stream(smartlist_get(args, 0))))
  3610. connection_printf_to_buf(conn, "552 Unknown stream \"%s\"\r\n",
  3611. (char*)smartlist_get(args, 0));
  3612. else {
  3613. reason = (uint8_t) tor_parse_ulong(smartlist_get(args,1), 10, 0, 255,
  3614. &ok, NULL);
  3615. if (!ok) {
  3616. connection_printf_to_buf(conn, "552 Unrecognized reason \"%s\"\r\n",
  3617. (char*)smartlist_get(args, 1));
  3618. ap_conn = NULL;
  3619. }
  3620. }
  3621. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3622. smartlist_free(args);
  3623. if (!ap_conn)
  3624. return 0;
  3625. connection_mark_unattached_ap(ap_conn, reason);
  3626. send_control_done(conn);
  3627. return 0;
  3628. }
  3629. /** Called when we get a CLOSECIRCUIT command; try to close the named circuit
  3630. * and report success or failure. */
  3631. static int
  3632. handle_control_closecircuit(control_connection_t *conn, uint32_t len,
  3633. const char *body)
  3634. {
  3635. origin_circuit_t *circ = NULL;
  3636. int safe = 0;
  3637. smartlist_t *args;
  3638. (void) len;
  3639. args = getargs_helper("CLOSECIRCUIT", conn, body, 1, -1);
  3640. if (!args)
  3641. return 0;
  3642. if (!(circ=get_circ(smartlist_get(args, 0))))
  3643. connection_printf_to_buf(conn, "552 Unknown circuit \"%s\"\r\n",
  3644. (char*)smartlist_get(args, 0));
  3645. else {
  3646. int i;
  3647. for (i=1; i < smartlist_len(args); ++i) {
  3648. if (!strcasecmp(smartlist_get(args, i), "IfUnused"))
  3649. safe = 1;
  3650. else
  3651. log_info(LD_CONTROL, "Skipping unknown option %s",
  3652. (char*)smartlist_get(args,i));
  3653. }
  3654. }
  3655. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3656. smartlist_free(args);
  3657. if (!circ)
  3658. return 0;
  3659. if (!safe || !circ->p_streams) {
  3660. circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_REQUESTED);
  3661. }
  3662. send_control_done(conn);
  3663. return 0;
  3664. }
  3665. /** Called when we get a RESOLVE command: start trying to resolve
  3666. * the listed addresses. */
  3667. static int
  3668. handle_control_resolve(control_connection_t *conn, uint32_t len,
  3669. const char *body)
  3670. {
  3671. smartlist_t *args, *failed;
  3672. int is_reverse = 0;
  3673. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3674. if (!(conn->event_mask & (((event_mask_t)1)<<EVENT_ADDRMAP))) {
  3675. log_warn(LD_CONTROL, "Controller asked us to resolve an address, but "
  3676. "isn't listening for ADDRMAP events. It probably won't see "
  3677. "the answer.");
  3678. }
  3679. args = smartlist_new();
  3680. smartlist_split_string(args, body, " ",
  3681. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3682. {
  3683. const char *modearg = find_element_starting_with(args, 0, "mode=");
  3684. if (modearg && !strcasecmp(modearg, "mode=reverse"))
  3685. is_reverse = 1;
  3686. }
  3687. failed = smartlist_new();
  3688. SMARTLIST_FOREACH(args, const char *, arg, {
  3689. if (!is_keyval_pair(arg)) {
  3690. if (dnsserv_launch_request(arg, is_reverse, conn)<0)
  3691. smartlist_add(failed, (char*)arg);
  3692. }
  3693. });
  3694. send_control_done(conn);
  3695. SMARTLIST_FOREACH(failed, const char *, arg, {
  3696. control_event_address_mapped(arg, arg, time(NULL),
  3697. "internal", 0);
  3698. });
  3699. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3700. smartlist_free(args);
  3701. smartlist_free(failed);
  3702. return 0;
  3703. }
  3704. /** Called when we get a PROTOCOLINFO command: send back a reply. */
  3705. static int
  3706. handle_control_protocolinfo(control_connection_t *conn, uint32_t len,
  3707. const char *body)
  3708. {
  3709. const char *bad_arg = NULL;
  3710. smartlist_t *args;
  3711. (void)len;
  3712. conn->have_sent_protocolinfo = 1;
  3713. args = smartlist_new();
  3714. smartlist_split_string(args, body, " ",
  3715. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3716. SMARTLIST_FOREACH(args, const char *, arg, {
  3717. int ok;
  3718. tor_parse_long(arg, 10, 0, LONG_MAX, &ok, NULL);
  3719. if (!ok) {
  3720. bad_arg = arg;
  3721. break;
  3722. }
  3723. });
  3724. if (bad_arg) {
  3725. connection_printf_to_buf(conn, "513 No such version %s\r\n",
  3726. escaped(bad_arg));
  3727. /* Don't tolerate bad arguments when not authenticated. */
  3728. if (!STATE_IS_OPEN(TO_CONN(conn)->state))
  3729. connection_mark_for_close(TO_CONN(conn));
  3730. goto done;
  3731. } else {
  3732. const or_options_t *options = get_options();
  3733. int cookies = options->CookieAuthentication;
  3734. char *cfile = get_controller_cookie_file_name();
  3735. char *abs_cfile;
  3736. char *esc_cfile;
  3737. char *methods;
  3738. abs_cfile = make_path_absolute(cfile);
  3739. esc_cfile = esc_for_log(abs_cfile);
  3740. {
  3741. int passwd = (options->HashedControlPassword != NULL ||
  3742. options->HashedControlSessionPassword != NULL);
  3743. smartlist_t *mlist = smartlist_new();
  3744. if (cookies) {
  3745. smartlist_add(mlist, (char*)"COOKIE");
  3746. smartlist_add(mlist, (char*)"SAFECOOKIE");
  3747. }
  3748. if (passwd)
  3749. smartlist_add(mlist, (char*)"HASHEDPASSWORD");
  3750. if (!cookies && !passwd)
  3751. smartlist_add(mlist, (char*)"NULL");
  3752. methods = smartlist_join_strings(mlist, ",", 0, NULL);
  3753. smartlist_free(mlist);
  3754. }
  3755. connection_printf_to_buf(conn,
  3756. "250-PROTOCOLINFO 1\r\n"
  3757. "250-AUTH METHODS=%s%s%s\r\n"
  3758. "250-VERSION Tor=%s\r\n"
  3759. "250 OK\r\n",
  3760. methods,
  3761. cookies?" COOKIEFILE=":"",
  3762. cookies?esc_cfile:"",
  3763. escaped(VERSION));
  3764. tor_free(methods);
  3765. tor_free(cfile);
  3766. tor_free(abs_cfile);
  3767. tor_free(esc_cfile);
  3768. }
  3769. done:
  3770. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3771. smartlist_free(args);
  3772. return 0;
  3773. }
  3774. /** Called when we get an AUTHCHALLENGE command. */
  3775. static int
  3776. handle_control_authchallenge(control_connection_t *conn, uint32_t len,
  3777. const char *body)
  3778. {
  3779. const char *cp = body;
  3780. char *client_nonce;
  3781. size_t client_nonce_len;
  3782. char server_hash[DIGEST256_LEN];
  3783. char server_hash_encoded[HEX_DIGEST256_LEN+1];
  3784. char server_nonce[SAFECOOKIE_SERVER_NONCE_LEN];
  3785. char server_nonce_encoded[(2*SAFECOOKIE_SERVER_NONCE_LEN) + 1];
  3786. cp += strspn(cp, " \t\n\r");
  3787. if (!strcasecmpstart(cp, "SAFECOOKIE")) {
  3788. cp += strlen("SAFECOOKIE");
  3789. } else {
  3790. connection_write_str_to_buf("513 AUTHCHALLENGE only supports SAFECOOKIE "
  3791. "authentication\r\n", conn);
  3792. connection_mark_for_close(TO_CONN(conn));
  3793. return -1;
  3794. }
  3795. if (!authentication_cookie_is_set) {
  3796. connection_write_str_to_buf("515 Cookie authentication is disabled\r\n",
  3797. conn);
  3798. connection_mark_for_close(TO_CONN(conn));
  3799. return -1;
  3800. }
  3801. cp += strspn(cp, " \t\n\r");
  3802. if (*cp == '"') {
  3803. const char *newcp =
  3804. decode_escaped_string(cp, len - (cp - body),
  3805. &client_nonce, &client_nonce_len);
  3806. if (newcp == NULL) {
  3807. connection_write_str_to_buf("513 Invalid quoted client nonce\r\n",
  3808. conn);
  3809. connection_mark_for_close(TO_CONN(conn));
  3810. return -1;
  3811. }
  3812. cp = newcp;
  3813. } else {
  3814. size_t client_nonce_encoded_len = strspn(cp, "0123456789ABCDEFabcdef");
  3815. client_nonce_len = client_nonce_encoded_len / 2;
  3816. client_nonce = tor_malloc_zero(client_nonce_len);
  3817. if (base16_decode(client_nonce, client_nonce_len,
  3818. cp, client_nonce_encoded_len)
  3819. != (int) client_nonce_len) {
  3820. connection_write_str_to_buf("513 Invalid base16 client nonce\r\n",
  3821. conn);
  3822. connection_mark_for_close(TO_CONN(conn));
  3823. tor_free(client_nonce);
  3824. return -1;
  3825. }
  3826. cp += client_nonce_encoded_len;
  3827. }
  3828. cp += strspn(cp, " \t\n\r");
  3829. if (*cp != '\0' ||
  3830. cp != body + len) {
  3831. connection_write_str_to_buf("513 Junk at end of AUTHCHALLENGE command\r\n",
  3832. conn);
  3833. connection_mark_for_close(TO_CONN(conn));
  3834. tor_free(client_nonce);
  3835. return -1;
  3836. }
  3837. crypto_rand(server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
  3838. /* Now compute and send the server-to-controller response, and the
  3839. * server's nonce. */
  3840. tor_assert(authentication_cookie != NULL);
  3841. {
  3842. size_t tmp_len = (AUTHENTICATION_COOKIE_LEN +
  3843. client_nonce_len +
  3844. SAFECOOKIE_SERVER_NONCE_LEN);
  3845. char *tmp = tor_malloc_zero(tmp_len);
  3846. char *client_hash = tor_malloc_zero(DIGEST256_LEN);
  3847. memcpy(tmp, authentication_cookie, AUTHENTICATION_COOKIE_LEN);
  3848. memcpy(tmp + AUTHENTICATION_COOKIE_LEN, client_nonce, client_nonce_len);
  3849. memcpy(tmp + AUTHENTICATION_COOKIE_LEN + client_nonce_len,
  3850. server_nonce, SAFECOOKIE_SERVER_NONCE_LEN);
  3851. crypto_hmac_sha256(server_hash,
  3852. SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT,
  3853. strlen(SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT),
  3854. tmp,
  3855. tmp_len);
  3856. crypto_hmac_sha256(client_hash,
  3857. SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT,
  3858. strlen(SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT),
  3859. tmp,
  3860. tmp_len);
  3861. conn->safecookie_client_hash = client_hash;
  3862. tor_free(tmp);
  3863. }
  3864. base16_encode(server_hash_encoded, sizeof(server_hash_encoded),
  3865. server_hash, sizeof(server_hash));
  3866. base16_encode(server_nonce_encoded, sizeof(server_nonce_encoded),
  3867. server_nonce, sizeof(server_nonce));
  3868. connection_printf_to_buf(conn,
  3869. "250 AUTHCHALLENGE SERVERHASH=%s "
  3870. "SERVERNONCE=%s\r\n",
  3871. server_hash_encoded,
  3872. server_nonce_encoded);
  3873. tor_free(client_nonce);
  3874. return 0;
  3875. }
  3876. /** Called when we get a USEFEATURE command: parse the feature list, and
  3877. * set up the control_connection's options properly. */
  3878. static int
  3879. handle_control_usefeature(control_connection_t *conn,
  3880. uint32_t len,
  3881. const char *body)
  3882. {
  3883. smartlist_t *args;
  3884. int bad = 0;
  3885. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3886. args = smartlist_new();
  3887. smartlist_split_string(args, body, " ",
  3888. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3889. SMARTLIST_FOREACH_BEGIN(args, const char *, arg) {
  3890. if (!strcasecmp(arg, "VERBOSE_NAMES"))
  3891. ;
  3892. else if (!strcasecmp(arg, "EXTENDED_EVENTS"))
  3893. ;
  3894. else {
  3895. connection_printf_to_buf(conn, "552 Unrecognized feature \"%s\"\r\n",
  3896. arg);
  3897. bad = 1;
  3898. break;
  3899. }
  3900. } SMARTLIST_FOREACH_END(arg);
  3901. if (!bad) {
  3902. send_control_done(conn);
  3903. }
  3904. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3905. smartlist_free(args);
  3906. return 0;
  3907. }
  3908. /** Implementation for the DROPGUARDS command. */
  3909. static int
  3910. handle_control_dropguards(control_connection_t *conn,
  3911. uint32_t len,
  3912. const char *body)
  3913. {
  3914. smartlist_t *args;
  3915. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3916. args = smartlist_new();
  3917. smartlist_split_string(args, body, " ",
  3918. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  3919. static int have_warned = 0;
  3920. if (! have_warned) {
  3921. log_warn(LD_CONTROL, "DROPGUARDS is dangerous; make sure you understand "
  3922. "the risks before using it. It may be removed in a future "
  3923. "version of Tor.");
  3924. have_warned = 1;
  3925. }
  3926. if (smartlist_len(args)) {
  3927. connection_printf_to_buf(conn, "512 Too many arguments to DROPGUARDS\r\n");
  3928. } else {
  3929. remove_all_entry_guards();
  3930. send_control_done(conn);
  3931. }
  3932. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  3933. smartlist_free(args);
  3934. return 0;
  3935. }
  3936. /** Implementation for the HSFETCH command. */
  3937. static int
  3938. handle_control_hsfetch(control_connection_t *conn, uint32_t len,
  3939. const char *body)
  3940. {
  3941. int i;
  3942. char digest[DIGEST_LEN], *hsaddress = NULL, *arg1 = NULL, *desc_id = NULL;
  3943. smartlist_t *args = NULL, *hsdirs = NULL;
  3944. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  3945. static const char *hsfetch_command = "HSFETCH";
  3946. static const char *v2_str = "v2-";
  3947. const size_t v2_str_len = strlen(v2_str);
  3948. rend_data_t *rend_query = NULL;
  3949. /* Make sure we have at least one argument, the HSAddress. */
  3950. args = getargs_helper(hsfetch_command, conn, body, 1, -1);
  3951. if (!args) {
  3952. goto exit;
  3953. }
  3954. /* Extract the first argument (either HSAddress or DescID). */
  3955. arg1 = smartlist_get(args, 0);
  3956. /* Test if it's an HS address without the .onion part. */
  3957. if (rend_valid_v2_service_id(arg1)) {
  3958. hsaddress = arg1;
  3959. } else if (strcmpstart(arg1, v2_str) == 0 &&
  3960. rend_valid_descriptor_id(arg1 + v2_str_len) &&
  3961. base32_decode(digest, sizeof(digest), arg1 + v2_str_len,
  3962. REND_DESC_ID_V2_LEN_BASE32) == 0) {
  3963. /* We have a well formed version 2 descriptor ID. Keep the decoded value
  3964. * of the id. */
  3965. desc_id = digest;
  3966. } else {
  3967. connection_printf_to_buf(conn, "513 Invalid argument \"%s\"\r\n",
  3968. arg1);
  3969. goto done;
  3970. }
  3971. static const char *opt_server = "SERVER=";
  3972. /* Skip first argument because it's the HSAddress or DescID. */
  3973. for (i = 1; i < smartlist_len(args); ++i) {
  3974. const char *arg = smartlist_get(args, i);
  3975. const node_t *node;
  3976. if (!strcasecmpstart(arg, opt_server)) {
  3977. const char *server;
  3978. server = arg + strlen(opt_server);
  3979. node = node_get_by_hex_id(server, 0);
  3980. if (!node) {
  3981. connection_printf_to_buf(conn, "552 Server \"%s\" not found\r\n",
  3982. server);
  3983. goto done;
  3984. }
  3985. if (!hsdirs) {
  3986. /* Stores routerstatus_t object for each specified server. */
  3987. hsdirs = smartlist_new();
  3988. }
  3989. /* Valid server, add it to our local list. */
  3990. smartlist_add(hsdirs, node->rs);
  3991. } else {
  3992. connection_printf_to_buf(conn, "513 Unexpected argument \"%s\"\r\n",
  3993. arg);
  3994. goto done;
  3995. }
  3996. }
  3997. rend_query = rend_data_client_create(hsaddress, desc_id, NULL,
  3998. REND_NO_AUTH);
  3999. if (rend_query == NULL) {
  4000. connection_printf_to_buf(conn, "551 Error creating the HS query\r\n");
  4001. goto done;
  4002. }
  4003. /* Using a descriptor ID, we force the user to provide at least one
  4004. * hsdir server using the SERVER= option. */
  4005. if (desc_id && (!hsdirs || !smartlist_len(hsdirs))) {
  4006. connection_printf_to_buf(conn, "512 %s option is required\r\n",
  4007. opt_server);
  4008. goto done;
  4009. }
  4010. /* We are about to trigger HSDir fetch so send the OK now because after
  4011. * that 650 event(s) are possible so better to have the 250 OK before them
  4012. * to avoid out of order replies. */
  4013. send_control_done(conn);
  4014. /* Trigger the fetch using the built rend query and possibly a list of HS
  4015. * directory to use. This function ignores the client cache thus this will
  4016. * always send a fetch command. */
  4017. rend_client_fetch_v2_desc(rend_query, hsdirs);
  4018. done:
  4019. SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
  4020. smartlist_free(args);
  4021. /* Contains data pointer that we don't own thus no cleanup. */
  4022. smartlist_free(hsdirs);
  4023. rend_data_free(rend_query);
  4024. exit:
  4025. return 0;
  4026. }
  4027. /** Implementation for the HSPOST command. */
  4028. static int
  4029. handle_control_hspost(control_connection_t *conn,
  4030. uint32_t len,
  4031. const char *body)
  4032. {
  4033. static const char *opt_server = "SERVER=";
  4034. static const char *opt_hsaddress = "HSADDRESS=";
  4035. smartlist_t *hs_dirs = NULL;
  4036. const char *encoded_desc = body;
  4037. size_t encoded_desc_len = len;
  4038. const char *onion_address = NULL;
  4039. char *cp = memchr(body, '\n', len);
  4040. if (cp == NULL) {
  4041. connection_printf_to_buf(conn, "251 Empty body\r\n");
  4042. return 0;
  4043. }
  4044. char *argline = tor_strndup(body, cp-body);
  4045. smartlist_t *args = smartlist_new();
  4046. /* If any SERVER= options were specified, try parse the options line */
  4047. if (!strcasecmpstart(argline, opt_server)) {
  4048. /* encoded_desc begins after a newline character */
  4049. cp = cp + 1;
  4050. encoded_desc = cp;
  4051. encoded_desc_len = len-(cp-body);
  4052. smartlist_split_string(args, argline, " ",
  4053. SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
  4054. SMARTLIST_FOREACH_BEGIN(args, const char *, arg) {
  4055. if (!strcasecmpstart(arg, opt_server)) {
  4056. const char *server = arg + strlen(opt_server);
  4057. const node_t *node = node_get_by_hex_id(server, 0);
  4058. if (!node || !node->rs) {
  4059. connection_printf_to_buf(conn, "552 Server \"%s\" not found\r\n",
  4060. server);
  4061. goto done;
  4062. }
  4063. /* Valid server, add it to our local list. */
  4064. if (!hs_dirs)
  4065. hs_dirs = smartlist_new();
  4066. smartlist_add(hs_dirs, node->rs);
  4067. } else if (!strcasecmpstart(arg, opt_hsaddress)) {
  4068. if (!hs_address_is_valid(arg)) {
  4069. connection_printf_to_buf(conn, "512 Malformed onion address\r\n");
  4070. goto done;
  4071. }
  4072. onion_address = arg;
  4073. } else {
  4074. connection_printf_to_buf(conn, "512 Unexpected argument \"%s\"\r\n",
  4075. arg);
  4076. goto done;
  4077. }
  4078. } SMARTLIST_FOREACH_END(arg);
  4079. }
  4080. /* Handle the v3 case. */
  4081. if (onion_address) {
  4082. char *desc_str = NULL;
  4083. read_escaped_data(encoded_desc, encoded_desc_len, &desc_str);
  4084. if (hs_control_hspost_command(desc_str, onion_address, hs_dirs) < 0) {
  4085. connection_printf_to_buf(conn, "554 Invalid descriptor\r\n");
  4086. }
  4087. tor_free(desc_str);
  4088. goto done;
  4089. }
  4090. /* From this point on, it is only v2. */
  4091. /* Read the dot encoded descriptor, and parse it. */
  4092. rend_encoded_v2_service_descriptor_t *desc =
  4093. tor_malloc_zero(sizeof(rend_encoded_v2_service_descriptor_t));
  4094. read_escaped_data(encoded_desc, encoded_desc_len, &desc->desc_str);
  4095. rend_service_descriptor_t *parsed = NULL;
  4096. char *intro_content = NULL;
  4097. size_t intro_size;
  4098. size_t encoded_size;
  4099. const char *next_desc;
  4100. if (!rend_parse_v2_service_descriptor(&parsed, desc->desc_id, &intro_content,
  4101. &intro_size, &encoded_size,
  4102. &next_desc, desc->desc_str, 1)) {
  4103. /* Post the descriptor. */
  4104. char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
  4105. if (!rend_get_service_id(parsed->pk, serviceid)) {
  4106. smartlist_t *descs = smartlist_new();
  4107. smartlist_add(descs, desc);
  4108. /* We are about to trigger HS descriptor upload so send the OK now
  4109. * because after that 650 event(s) are possible so better to have the
  4110. * 250 OK before them to avoid out of order replies. */
  4111. send_control_done(conn);
  4112. /* Trigger the descriptor upload */
  4113. directory_post_to_hs_dir(parsed, descs, hs_dirs, serviceid, 0);
  4114. smartlist_free(descs);
  4115. }
  4116. rend_service_descriptor_free(parsed);
  4117. } else {
  4118. connection_printf_to_buf(conn, "554 Invalid descriptor\r\n");
  4119. }
  4120. tor_free(intro_content);
  4121. rend_encoded_v2_service_descriptor_free(desc);
  4122. done:
  4123. tor_free(argline);
  4124. smartlist_free(hs_dirs); /* Contents belong to the rend service code. */
  4125. SMARTLIST_FOREACH(args, char *, arg, tor_free(arg));
  4126. smartlist_free(args);
  4127. return 0;
  4128. }
  4129. /* Helper function for ADD_ONION that adds an ephemeral service depending on
  4130. * the given hs_version.
  4131. *
  4132. * The secret key in pk depends on the hs_version. The ownership of the key
  4133. * used in pk is given to the HS subsystem so the caller must stop accessing
  4134. * it after.
  4135. *
  4136. * The port_cfgs is a list of service port. Ownership transferred to service.
  4137. * The max_streams refers to the MaxStreams= key.
  4138. * The max_streams_close_circuit refers to the MaxStreamsCloseCircuit key.
  4139. * The auth_type is the authentication type of the clients in auth_clients.
  4140. * The ownership of that list is transferred to the service.
  4141. *
  4142. * On success (RSAE_OKAY), the address_out points to a newly allocated string
  4143. * containing the onion address without the .onion part. On error, address_out
  4144. * is untouched. */
  4145. static hs_service_add_ephemeral_status_t
  4146. add_onion_helper_add_service(int hs_version,
  4147. add_onion_secret_key_t *pk,
  4148. smartlist_t *port_cfgs, int max_streams,
  4149. int max_streams_close_circuit, int auth_type,
  4150. smartlist_t *auth_clients, char **address_out)
  4151. {
  4152. hs_service_add_ephemeral_status_t ret;
  4153. tor_assert(pk);
  4154. tor_assert(port_cfgs);
  4155. tor_assert(address_out);
  4156. switch (hs_version) {
  4157. case HS_VERSION_TWO:
  4158. ret = rend_service_add_ephemeral(pk->v2, port_cfgs, max_streams,
  4159. max_streams_close_circuit, auth_type,
  4160. auth_clients, address_out);
  4161. break;
  4162. case HS_VERSION_THREE:
  4163. ret = hs_service_add_ephemeral(pk->v3, port_cfgs, max_streams,
  4164. max_streams_close_circuit, address_out);
  4165. break;
  4166. default:
  4167. tor_assert_unreached();
  4168. }
  4169. return ret;
  4170. }
  4171. /** Called when we get a ADD_ONION command; parse the body, and set up
  4172. * the new ephemeral Onion Service. */
  4173. static int
  4174. handle_control_add_onion(control_connection_t *conn,
  4175. uint32_t len,
  4176. const char *body)
  4177. {
  4178. smartlist_t *args;
  4179. size_t arg_len;
  4180. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  4181. args = getargs_helper("ADD_ONION", conn, body, 2, -1);
  4182. if (!args)
  4183. return 0;
  4184. arg_len = smartlist_len(args);
  4185. /* Parse all of the arguments that do not involve handling cryptographic
  4186. * material first, since there's no reason to touch that at all if any of
  4187. * the other arguments are malformed.
  4188. */
  4189. smartlist_t *port_cfgs = smartlist_new();
  4190. smartlist_t *auth_clients = NULL;
  4191. smartlist_t *auth_created_clients = NULL;
  4192. int discard_pk = 0;
  4193. int detach = 0;
  4194. int max_streams = 0;
  4195. int max_streams_close_circuit = 0;
  4196. rend_auth_type_t auth_type = REND_NO_AUTH;
  4197. /* Default to adding an anonymous hidden service if no flag is given */
  4198. int non_anonymous = 0;
  4199. for (size_t i = 1; i < arg_len; i++) {
  4200. static const char *port_prefix = "Port=";
  4201. static const char *flags_prefix = "Flags=";
  4202. static const char *max_s_prefix = "MaxStreams=";
  4203. static const char *auth_prefix = "ClientAuth=";
  4204. const char *arg = smartlist_get(args, i);
  4205. if (!strcasecmpstart(arg, port_prefix)) {
  4206. /* "Port=VIRTPORT[,TARGET]". */
  4207. const char *port_str = arg + strlen(port_prefix);
  4208. rend_service_port_config_t *cfg =
  4209. rend_service_parse_port_config(port_str, ",", NULL);
  4210. if (!cfg) {
  4211. connection_printf_to_buf(conn, "512 Invalid VIRTPORT/TARGET\r\n");
  4212. goto out;
  4213. }
  4214. smartlist_add(port_cfgs, cfg);
  4215. } else if (!strcasecmpstart(arg, max_s_prefix)) {
  4216. /* "MaxStreams=[0..65535]". */
  4217. const char *max_s_str = arg + strlen(max_s_prefix);
  4218. int ok = 0;
  4219. max_streams = (int)tor_parse_long(max_s_str, 10, 0, 65535, &ok, NULL);
  4220. if (!ok) {
  4221. connection_printf_to_buf(conn, "512 Invalid MaxStreams\r\n");
  4222. goto out;
  4223. }
  4224. } else if (!strcasecmpstart(arg, flags_prefix)) {
  4225. /* "Flags=Flag[,Flag]", where Flag can be:
  4226. * * 'DiscardPK' - If tor generates the keypair, do not include it in
  4227. * the response.
  4228. * * 'Detach' - Do not tie this onion service to any particular control
  4229. * connection.
  4230. * * 'MaxStreamsCloseCircuit' - Close the circuit if MaxStreams is
  4231. * exceeded.
  4232. * * 'BasicAuth' - Client authorization using the 'basic' method.
  4233. * * 'NonAnonymous' - Add a non-anonymous Single Onion Service. If this
  4234. * flag is present, tor must be in non-anonymous
  4235. * hidden service mode. If this flag is absent,
  4236. * tor must be in anonymous hidden service mode.
  4237. */
  4238. static const char *discard_flag = "DiscardPK";
  4239. static const char *detach_flag = "Detach";
  4240. static const char *max_s_close_flag = "MaxStreamsCloseCircuit";
  4241. static const char *basicauth_flag = "BasicAuth";
  4242. static const char *non_anonymous_flag = "NonAnonymous";
  4243. smartlist_t *flags = smartlist_new();
  4244. int bad = 0;
  4245. smartlist_split_string(flags, arg + strlen(flags_prefix), ",",
  4246. SPLIT_IGNORE_BLANK, 0);
  4247. if (smartlist_len(flags) < 1) {
  4248. connection_printf_to_buf(conn, "512 Invalid 'Flags' argument\r\n");
  4249. bad = 1;
  4250. }
  4251. SMARTLIST_FOREACH_BEGIN(flags, const char *, flag)
  4252. {
  4253. if (!strcasecmp(flag, discard_flag)) {
  4254. discard_pk = 1;
  4255. } else if (!strcasecmp(flag, detach_flag)) {
  4256. detach = 1;
  4257. } else if (!strcasecmp(flag, max_s_close_flag)) {
  4258. max_streams_close_circuit = 1;
  4259. } else if (!strcasecmp(flag, basicauth_flag)) {
  4260. auth_type = REND_BASIC_AUTH;
  4261. } else if (!strcasecmp(flag, non_anonymous_flag)) {
  4262. non_anonymous = 1;
  4263. } else {
  4264. connection_printf_to_buf(conn,
  4265. "512 Invalid 'Flags' argument: %s\r\n",
  4266. escaped(flag));
  4267. bad = 1;
  4268. break;
  4269. }
  4270. } SMARTLIST_FOREACH_END(flag);
  4271. SMARTLIST_FOREACH(flags, char *, cp, tor_free(cp));
  4272. smartlist_free(flags);
  4273. if (bad)
  4274. goto out;
  4275. } else if (!strcasecmpstart(arg, auth_prefix)) {
  4276. char *err_msg = NULL;
  4277. int created = 0;
  4278. rend_authorized_client_t *client =
  4279. add_onion_helper_clientauth(arg + strlen(auth_prefix),
  4280. &created, &err_msg);
  4281. if (!client) {
  4282. if (err_msg) {
  4283. connection_write_str_to_buf(err_msg, conn);
  4284. tor_free(err_msg);
  4285. }
  4286. goto out;
  4287. }
  4288. if (auth_clients != NULL) {
  4289. int bad = 0;
  4290. SMARTLIST_FOREACH_BEGIN(auth_clients, rend_authorized_client_t *, ac) {
  4291. if (strcmp(ac->client_name, client->client_name) == 0) {
  4292. bad = 1;
  4293. break;
  4294. }
  4295. } SMARTLIST_FOREACH_END(ac);
  4296. if (bad) {
  4297. connection_printf_to_buf(conn,
  4298. "512 Duplicate name in ClientAuth\r\n");
  4299. rend_authorized_client_free(client);
  4300. goto out;
  4301. }
  4302. } else {
  4303. auth_clients = smartlist_new();
  4304. auth_created_clients = smartlist_new();
  4305. }
  4306. smartlist_add(auth_clients, client);
  4307. if (created) {
  4308. smartlist_add(auth_created_clients, client);
  4309. }
  4310. } else {
  4311. connection_printf_to_buf(conn, "513 Invalid argument\r\n");
  4312. goto out;
  4313. }
  4314. }
  4315. if (smartlist_len(port_cfgs) == 0) {
  4316. connection_printf_to_buf(conn, "512 Missing 'Port' argument\r\n");
  4317. goto out;
  4318. } else if (auth_type == REND_NO_AUTH && auth_clients != NULL) {
  4319. connection_printf_to_buf(conn, "512 No auth type specified\r\n");
  4320. goto out;
  4321. } else if (auth_type != REND_NO_AUTH && auth_clients == NULL) {
  4322. connection_printf_to_buf(conn, "512 No auth clients specified\r\n");
  4323. goto out;
  4324. } else if ((auth_type == REND_BASIC_AUTH &&
  4325. smartlist_len(auth_clients) > 512) ||
  4326. (auth_type == REND_STEALTH_AUTH &&
  4327. smartlist_len(auth_clients) > 16)) {
  4328. connection_printf_to_buf(conn, "512 Too many auth clients\r\n");
  4329. goto out;
  4330. } else if (non_anonymous != rend_service_non_anonymous_mode_enabled(
  4331. get_options())) {
  4332. /* If we failed, and the non-anonymous flag is set, Tor must be in
  4333. * anonymous hidden service mode.
  4334. * The error message changes based on the current Tor config:
  4335. * 512 Tor is in anonymous hidden service mode
  4336. * 512 Tor is in non-anonymous hidden service mode
  4337. * (I've deliberately written them out in full here to aid searchability.)
  4338. */
  4339. connection_printf_to_buf(conn, "512 Tor is in %sanonymous hidden service "
  4340. "mode\r\n",
  4341. non_anonymous ? "" : "non-");
  4342. goto out;
  4343. }
  4344. /* Parse the "keytype:keyblob" argument. */
  4345. int hs_version = 0;
  4346. add_onion_secret_key_t pk = { NULL };
  4347. const char *key_new_alg = NULL;
  4348. char *key_new_blob = NULL;
  4349. char *err_msg = NULL;
  4350. if (add_onion_helper_keyarg(smartlist_get(args, 0), discard_pk,
  4351. &key_new_alg, &key_new_blob, &pk, &hs_version,
  4352. &err_msg) < 0) {
  4353. if (err_msg) {
  4354. connection_write_str_to_buf(err_msg, conn);
  4355. tor_free(err_msg);
  4356. }
  4357. goto out;
  4358. }
  4359. tor_assert(!err_msg);
  4360. /* Hidden service version 3 don't have client authentication support so if
  4361. * ClientAuth was given, send back an error. */
  4362. if (hs_version == HS_VERSION_THREE && auth_clients) {
  4363. connection_printf_to_buf(conn, "513 ClientAuth not supported\r\n");
  4364. goto out;
  4365. }
  4366. /* Create the HS, using private key pk, client authentication auth_type,
  4367. * the list of auth_clients, and port config port_cfg.
  4368. * rend_service_add_ephemeral() will take ownership of pk and port_cfg,
  4369. * regardless of success/failure.
  4370. */
  4371. char *service_id = NULL;
  4372. int ret = add_onion_helper_add_service(hs_version, &pk, port_cfgs,
  4373. max_streams,
  4374. max_streams_close_circuit, auth_type,
  4375. auth_clients, &service_id);
  4376. port_cfgs = NULL; /* port_cfgs is now owned by the rendservice code. */
  4377. auth_clients = NULL; /* so is auth_clients */
  4378. switch (ret) {
  4379. case RSAE_OKAY:
  4380. {
  4381. if (detach) {
  4382. if (!detached_onion_services)
  4383. detached_onion_services = smartlist_new();
  4384. smartlist_add(detached_onion_services, service_id);
  4385. } else {
  4386. if (!conn->ephemeral_onion_services)
  4387. conn->ephemeral_onion_services = smartlist_new();
  4388. smartlist_add(conn->ephemeral_onion_services, service_id);
  4389. }
  4390. tor_assert(service_id);
  4391. connection_printf_to_buf(conn, "250-ServiceID=%s\r\n", service_id);
  4392. if (key_new_alg) {
  4393. tor_assert(key_new_blob);
  4394. connection_printf_to_buf(conn, "250-PrivateKey=%s:%s\r\n",
  4395. key_new_alg, key_new_blob);
  4396. }
  4397. if (auth_created_clients) {
  4398. SMARTLIST_FOREACH(auth_created_clients, rend_authorized_client_t *, ac, {
  4399. char *encoded = rend_auth_encode_cookie(ac->descriptor_cookie,
  4400. auth_type);
  4401. tor_assert(encoded);
  4402. connection_printf_to_buf(conn, "250-ClientAuth=%s:%s\r\n",
  4403. ac->client_name, encoded);
  4404. memwipe(encoded, 0, strlen(encoded));
  4405. tor_free(encoded);
  4406. });
  4407. }
  4408. connection_printf_to_buf(conn, "250 OK\r\n");
  4409. break;
  4410. }
  4411. case RSAE_BADPRIVKEY:
  4412. connection_printf_to_buf(conn, "551 Failed to generate onion address\r\n");
  4413. break;
  4414. case RSAE_ADDREXISTS:
  4415. connection_printf_to_buf(conn, "550 Onion address collision\r\n");
  4416. break;
  4417. case RSAE_BADVIRTPORT:
  4418. connection_printf_to_buf(conn, "512 Invalid VIRTPORT/TARGET\r\n");
  4419. break;
  4420. case RSAE_BADAUTH:
  4421. connection_printf_to_buf(conn, "512 Invalid client authorization\r\n");
  4422. break;
  4423. case RSAE_INTERNAL: /* FALLSTHROUGH */
  4424. default:
  4425. connection_printf_to_buf(conn, "551 Failed to add Onion Service\r\n");
  4426. }
  4427. if (key_new_blob) {
  4428. memwipe(key_new_blob, 0, strlen(key_new_blob));
  4429. tor_free(key_new_blob);
  4430. }
  4431. out:
  4432. if (port_cfgs) {
  4433. SMARTLIST_FOREACH(port_cfgs, rend_service_port_config_t*, p,
  4434. rend_service_port_config_free(p));
  4435. smartlist_free(port_cfgs);
  4436. }
  4437. if (auth_clients) {
  4438. SMARTLIST_FOREACH(auth_clients, rend_authorized_client_t *, ac,
  4439. rend_authorized_client_free(ac));
  4440. smartlist_free(auth_clients);
  4441. }
  4442. if (auth_created_clients) {
  4443. // Do not free entries; they are the same as auth_clients
  4444. smartlist_free(auth_created_clients);
  4445. }
  4446. SMARTLIST_FOREACH(args, char *, cp, {
  4447. memwipe(cp, 0, strlen(cp));
  4448. tor_free(cp);
  4449. });
  4450. smartlist_free(args);
  4451. return 0;
  4452. }
  4453. /** Helper function to handle parsing the KeyType:KeyBlob argument to the
  4454. * ADD_ONION command. Return a new crypto_pk_t and if a new key was generated
  4455. * and the private key not discarded, the algorithm and serialized private key,
  4456. * or NULL and an optional control protocol error message on failure. The
  4457. * caller is responsible for freeing the returned key_new_blob and err_msg.
  4458. *
  4459. * Note: The error messages returned are deliberately vague to avoid echoing
  4460. * key material.
  4461. */
  4462. STATIC int
  4463. add_onion_helper_keyarg(const char *arg, int discard_pk,
  4464. const char **key_new_alg_out, char **key_new_blob_out,
  4465. add_onion_secret_key_t *decoded_key, int *hs_version,
  4466. char **err_msg_out)
  4467. {
  4468. smartlist_t *key_args = smartlist_new();
  4469. crypto_pk_t *pk = NULL;
  4470. const char *key_new_alg = NULL;
  4471. char *key_new_blob = NULL;
  4472. char *err_msg = NULL;
  4473. int ret = -1;
  4474. smartlist_split_string(key_args, arg, ":", SPLIT_IGNORE_BLANK, 0);
  4475. if (smartlist_len(key_args) != 2) {
  4476. err_msg = tor_strdup("512 Invalid key type/blob\r\n");
  4477. goto err;
  4478. }
  4479. /* The format is "KeyType:KeyBlob". */
  4480. static const char *key_type_new = "NEW";
  4481. static const char *key_type_best = "BEST";
  4482. static const char *key_type_rsa1024 = "RSA1024";
  4483. static const char *key_type_ed25519_v3 = "ED25519-V3";
  4484. const char *key_type = smartlist_get(key_args, 0);
  4485. const char *key_blob = smartlist_get(key_args, 1);
  4486. if (!strcasecmp(key_type_rsa1024, key_type)) {
  4487. /* "RSA:<Base64 Blob>" - Loading a pre-existing RSA1024 key. */
  4488. pk = crypto_pk_base64_decode(key_blob, strlen(key_blob));
  4489. if (!pk) {
  4490. err_msg = tor_strdup("512 Failed to decode RSA key\r\n");
  4491. goto err;
  4492. }
  4493. if (crypto_pk_num_bits(pk) != PK_BYTES*8) {
  4494. crypto_pk_free(pk);
  4495. err_msg = tor_strdup("512 Invalid RSA key size\r\n");
  4496. goto err;
  4497. }
  4498. decoded_key->v2 = pk;
  4499. *hs_version = HS_VERSION_TWO;
  4500. } else if (!strcasecmp(key_type_ed25519_v3, key_type)) {
  4501. /* "ED25519-V3:<Base64 Blob>" - Loading a pre-existing ed25519 key. */
  4502. ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk));
  4503. if (base64_decode((char *) sk->seckey, sizeof(sk->seckey), key_blob,
  4504. strlen(key_blob)) != sizeof(sk->seckey)) {
  4505. tor_free(sk);
  4506. err_msg = tor_strdup("512 Failed to decode ED25519-V3 key\r\n");
  4507. goto err;
  4508. }
  4509. decoded_key->v3 = sk;
  4510. *hs_version = HS_VERSION_THREE;
  4511. } else if (!strcasecmp(key_type_new, key_type)) {
  4512. /* "NEW:<Algorithm>" - Generating a new key, blob as algorithm. */
  4513. if (!strcasecmp(key_type_rsa1024, key_blob) ||
  4514. !strcasecmp(key_type_best, key_blob)) {
  4515. /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */
  4516. pk = crypto_pk_new();
  4517. if (crypto_pk_generate_key(pk)) {
  4518. tor_asprintf(&err_msg, "551 Failed to generate %s key\r\n",
  4519. key_type_rsa1024);
  4520. goto err;
  4521. }
  4522. if (!discard_pk) {
  4523. if (crypto_pk_base64_encode(pk, &key_new_blob)) {
  4524. crypto_pk_free(pk);
  4525. tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n",
  4526. key_type_rsa1024);
  4527. goto err;
  4528. }
  4529. key_new_alg = key_type_rsa1024;
  4530. }
  4531. decoded_key->v2 = pk;
  4532. *hs_version = HS_VERSION_TWO;
  4533. } else if (!strcasecmp(key_type_ed25519_v3, key_blob)) {
  4534. ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk));
  4535. if (ed25519_secret_key_generate(sk, 1) < 0) {
  4536. tor_free(sk);
  4537. tor_asprintf(&err_msg, "551 Failed to generate %s key\r\n",
  4538. key_type_ed25519_v3);
  4539. goto err;
  4540. }
  4541. if (!discard_pk) {
  4542. ssize_t len = base64_encode_size(sizeof(sk->seckey), 0) + 1;
  4543. key_new_blob = tor_malloc_zero(len);
  4544. if (base64_encode(key_new_blob, len, (const char *) sk->seckey,
  4545. sizeof(sk->seckey), 0) != (len - 1)) {
  4546. tor_free(sk);
  4547. tor_free(key_new_blob);
  4548. tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n",
  4549. key_type_ed25519_v3);
  4550. goto err;
  4551. }
  4552. key_new_alg = key_type_ed25519_v3;
  4553. }
  4554. decoded_key->v3 = sk;
  4555. *hs_version = HS_VERSION_THREE;
  4556. } else {
  4557. err_msg = tor_strdup("513 Invalid key type\r\n");
  4558. goto err;
  4559. }
  4560. } else {
  4561. err_msg = tor_strdup("513 Invalid key type\r\n");
  4562. goto err;
  4563. }
  4564. /* Succeeded in loading or generating a private key. */
  4565. ret = 0;
  4566. err:
  4567. SMARTLIST_FOREACH(key_args, char *, cp, {
  4568. memwipe(cp, 0, strlen(cp));
  4569. tor_free(cp);
  4570. });
  4571. smartlist_free(key_args);
  4572. if (err_msg_out) {
  4573. *err_msg_out = err_msg;
  4574. } else {
  4575. tor_free(err_msg);
  4576. }
  4577. *key_new_alg_out = key_new_alg;
  4578. *key_new_blob_out = key_new_blob;
  4579. return ret;
  4580. }
  4581. /** Helper function to handle parsing a ClientAuth argument to the
  4582. * ADD_ONION command. Return a new rend_authorized_client_t, or NULL
  4583. * and an optional control protocol error message on failure. The
  4584. * caller is responsible for freeing the returned auth_client and err_msg.
  4585. *
  4586. * If 'created' is specified, it will be set to 1 when a new cookie has
  4587. * been generated.
  4588. */
  4589. STATIC rend_authorized_client_t *
  4590. add_onion_helper_clientauth(const char *arg, int *created, char **err_msg)
  4591. {
  4592. int ok = 0;
  4593. tor_assert(arg);
  4594. tor_assert(created);
  4595. tor_assert(err_msg);
  4596. *err_msg = NULL;
  4597. smartlist_t *auth_args = smartlist_new();
  4598. rend_authorized_client_t *client =
  4599. tor_malloc_zero(sizeof(rend_authorized_client_t));
  4600. smartlist_split_string(auth_args, arg, ":", 0, 0);
  4601. if (smartlist_len(auth_args) < 1 || smartlist_len(auth_args) > 2) {
  4602. *err_msg = tor_strdup("512 Invalid ClientAuth syntax\r\n");
  4603. goto err;
  4604. }
  4605. client->client_name = tor_strdup(smartlist_get(auth_args, 0));
  4606. if (smartlist_len(auth_args) == 2) {
  4607. char *decode_err_msg = NULL;
  4608. if (rend_auth_decode_cookie(smartlist_get(auth_args, 1),
  4609. client->descriptor_cookie,
  4610. NULL, &decode_err_msg) < 0) {
  4611. tor_assert(decode_err_msg);
  4612. tor_asprintf(err_msg, "512 %s\r\n", decode_err_msg);
  4613. tor_free(decode_err_msg);
  4614. goto err;
  4615. }
  4616. *created = 0;
  4617. } else {
  4618. crypto_rand((char *) client->descriptor_cookie, REND_DESC_COOKIE_LEN);
  4619. *created = 1;
  4620. }
  4621. if (!rend_valid_client_name(client->client_name)) {
  4622. *err_msg = tor_strdup("512 Invalid name in ClientAuth\r\n");
  4623. goto err;
  4624. }
  4625. ok = 1;
  4626. err:
  4627. SMARTLIST_FOREACH(auth_args, char *, item, tor_free(item));
  4628. smartlist_free(auth_args);
  4629. if (!ok) {
  4630. rend_authorized_client_free(client);
  4631. client = NULL;
  4632. }
  4633. return client;
  4634. }
  4635. /** Called when we get a DEL_ONION command; parse the body, and remove
  4636. * the existing ephemeral Onion Service. */
  4637. static int
  4638. handle_control_del_onion(control_connection_t *conn,
  4639. uint32_t len,
  4640. const char *body)
  4641. {
  4642. int hs_version = 0;
  4643. smartlist_t *args;
  4644. (void) len; /* body is nul-terminated; it's safe to ignore the length */
  4645. args = getargs_helper("DEL_ONION", conn, body, 1, 1);
  4646. if (!args)
  4647. return 0;
  4648. const char *service_id = smartlist_get(args, 0);
  4649. if (rend_valid_v2_service_id(service_id)) {
  4650. hs_version = HS_VERSION_TWO;
  4651. } else if (hs_address_is_valid(service_id)) {
  4652. hs_version = HS_VERSION_THREE;
  4653. } else {
  4654. connection_printf_to_buf(conn, "512 Malformed Onion Service id\r\n");
  4655. goto out;
  4656. }
  4657. /* Determine if the onion service belongs to this particular control
  4658. * connection, or if it is in the global list of detached services. If it
  4659. * is in neither, either the service ID is invalid in some way, or it
  4660. * explicitly belongs to a different control connection, and an error
  4661. * should be returned.
  4662. */
  4663. smartlist_t *services[2] = {
  4664. conn->ephemeral_onion_services,
  4665. detached_onion_services
  4666. };
  4667. smartlist_t *onion_services = NULL;
  4668. int idx = -1;
  4669. for (size_t i = 0; i < ARRAY_LENGTH(services); i++) {
  4670. idx = smartlist_string_pos(services[i], service_id);
  4671. if (idx != -1) {
  4672. onion_services = services[i];
  4673. break;
  4674. }
  4675. }
  4676. if (onion_services == NULL) {
  4677. connection_printf_to_buf(conn, "552 Unknown Onion Service id\r\n");
  4678. } else {
  4679. int ret = -1;
  4680. switch (hs_version) {
  4681. case HS_VERSION_TWO:
  4682. ret = rend_service_del_ephemeral(service_id);
  4683. break;
  4684. case HS_VERSION_THREE:
  4685. ret = hs_service_del_ephemeral(service_id);
  4686. break;
  4687. default:
  4688. /* The ret value will be -1 thus hitting the warning below. This should
  4689. * never happen because of the check at the start of the function. */
  4690. break;
  4691. }
  4692. if (ret < 0) {
  4693. /* This should *NEVER* fail, since the service is on either the
  4694. * per-control connection list, or the global one.
  4695. */
  4696. log_warn(LD_BUG, "Failed to remove Onion Service %s.",
  4697. escaped(service_id));
  4698. tor_fragile_assert();
  4699. }
  4700. /* Remove/scrub the service_id from the appropriate list. */
  4701. char *cp = smartlist_get(onion_services, idx);
  4702. smartlist_del(onion_services, idx);
  4703. memwipe(cp, 0, strlen(cp));
  4704. tor_free(cp);
  4705. send_control_done(conn);
  4706. }
  4707. out:
  4708. SMARTLIST_FOREACH(args, char *, cp, {
  4709. memwipe(cp, 0, strlen(cp));
  4710. tor_free(cp);
  4711. });
  4712. smartlist_free(args);
  4713. return 0;
  4714. }
  4715. /** Called when <b>conn</b> has no more bytes left on its outbuf. */
  4716. int
  4717. connection_control_finished_flushing(control_connection_t *conn)
  4718. {
  4719. tor_assert(conn);
  4720. return 0;
  4721. }
  4722. /** Called when <b>conn</b> has gotten its socket closed. */
  4723. int
  4724. connection_control_reached_eof(control_connection_t *conn)
  4725. {
  4726. tor_assert(conn);
  4727. log_info(LD_CONTROL,"Control connection reached EOF. Closing.");
  4728. connection_mark_for_close(TO_CONN(conn));
  4729. return 0;
  4730. }
  4731. /** Shut down this Tor instance in the same way that SIGINT would, but
  4732. * with a log message appropriate for the loss of an owning controller. */
  4733. static void
  4734. lost_owning_controller(const char *owner_type, const char *loss_manner)
  4735. {
  4736. log_notice(LD_CONTROL, "Owning controller %s has %s -- exiting now.",
  4737. owner_type, loss_manner);
  4738. activate_signal(SIGTERM);
  4739. }
  4740. /** Called when <b>conn</b> is being freed. */
  4741. void
  4742. connection_control_closed(control_connection_t *conn)
  4743. {
  4744. tor_assert(conn);
  4745. conn->event_mask = 0;
  4746. control_update_global_event_mask();
  4747. /* Close all ephemeral Onion Services if any.
  4748. * The list and it's contents are scrubbed/freed in connection_free_.
  4749. */
  4750. if (conn->ephemeral_onion_services) {
  4751. SMARTLIST_FOREACH_BEGIN(conn->ephemeral_onion_services, char *, cp) {
  4752. if (rend_valid_v2_service_id(cp)) {
  4753. rend_service_del_ephemeral(cp);
  4754. } else if (hs_address_is_valid(cp)) {
  4755. hs_service_del_ephemeral(cp);
  4756. } else {
  4757. /* An invalid .onion in our list should NEVER happen */
  4758. tor_fragile_assert();
  4759. }
  4760. } SMARTLIST_FOREACH_END(cp);
  4761. }
  4762. if (conn->is_owning_control_connection) {
  4763. lost_owning_controller("connection", "closed");
  4764. }
  4765. }
  4766. /** Return true iff <b>cmd</b> is allowable (or at least forgivable) at this
  4767. * stage of the protocol. */
  4768. static int
  4769. is_valid_initial_command(control_connection_t *conn, const char *cmd)
  4770. {
  4771. if (conn->base_.state == CONTROL_CONN_STATE_OPEN)
  4772. return 1;
  4773. if (!strcasecmp(cmd, "PROTOCOLINFO"))
  4774. return (!conn->have_sent_protocolinfo &&
  4775. conn->safecookie_client_hash == NULL);
  4776. if (!strcasecmp(cmd, "AUTHCHALLENGE"))
  4777. return (conn->safecookie_client_hash == NULL);
  4778. if (!strcasecmp(cmd, "AUTHENTICATE") ||
  4779. !strcasecmp(cmd, "QUIT"))
  4780. return 1;
  4781. return 0;
  4782. }
  4783. /** Do not accept any control command of more than 1MB in length. Anything
  4784. * that needs to be anywhere near this long probably means that one of our
  4785. * interfaces is broken. */
  4786. #define MAX_COMMAND_LINE_LENGTH (1024*1024)
  4787. /** Wrapper around peek_buf_has_control0 command: presents the same
  4788. * interface as that underlying functions, but takes a connection_t intead of
  4789. * a buf_t.
  4790. */
  4791. static int
  4792. peek_connection_has_control0_command(connection_t *conn)
  4793. {
  4794. return peek_buf_has_control0_command(conn->inbuf);
  4795. }
  4796. static int
  4797. peek_connection_has_http_command(connection_t *conn)
  4798. {
  4799. return peek_buf_has_http_command(conn->inbuf);
  4800. }
  4801. static const char CONTROLPORT_IS_NOT_AN_HTTP_PROXY_MSG[] =
  4802. "HTTP/1.0 501 Tor ControlPort is not an HTTP proxy"
  4803. "\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n"
  4804. "<html>\n"
  4805. "<head>\n"
  4806. "<title>Tor's ControlPort is not an HTTP proxy</title>\n"
  4807. "</head>\n"
  4808. "<body>\n"
  4809. "<h1>Tor's ControlPort is not an HTTP proxy</h1>\n"
  4810. "<p>\n"
  4811. "It appears you have configured your web browser to use Tor's control port"
  4812. " as an HTTP proxy.\n"
  4813. "This is not correct: Tor's default SOCKS proxy port is 9050.\n"
  4814. "Please configure your client accordingly.\n"
  4815. "</p>\n"
  4816. "<p>\n"
  4817. "See <a href=\"https://www.torproject.org/documentation.html\">"
  4818. "https://www.torproject.org/documentation.html</a> for more "
  4819. "information.\n"
  4820. "<!-- Plus this comment, to make the body response more than 512 bytes, so "
  4821. " IE will be willing to display it. Comment comment comment comment "
  4822. " comment comment comment comment comment comment comment comment.-->\n"
  4823. "</p>\n"
  4824. "</body>\n"
  4825. "</html>\n";
  4826. /** Called when data has arrived on a v1 control connection: Try to fetch
  4827. * commands from conn->inbuf, and execute them.
  4828. */
  4829. int
  4830. connection_control_process_inbuf(control_connection_t *conn)
  4831. {
  4832. size_t data_len;
  4833. uint32_t cmd_data_len;
  4834. int cmd_len;
  4835. char *args;
  4836. tor_assert(conn);
  4837. tor_assert(conn->base_.state == CONTROL_CONN_STATE_OPEN ||
  4838. conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH);
  4839. if (!conn->incoming_cmd) {
  4840. conn->incoming_cmd = tor_malloc(1024);
  4841. conn->incoming_cmd_len = 1024;
  4842. conn->incoming_cmd_cur_len = 0;
  4843. }
  4844. if (conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH &&
  4845. peek_connection_has_control0_command(TO_CONN(conn))) {
  4846. /* Detect v0 commands and send a "no more v0" message. */
  4847. size_t body_len;
  4848. char buf[128];
  4849. set_uint16(buf+2, htons(0x0000)); /* type == error */
  4850. set_uint16(buf+4, htons(0x0001)); /* code == internal error */
  4851. strlcpy(buf+6, "The v0 control protocol is not supported by Tor 0.1.2.17 "
  4852. "and later; upgrade your controller.",
  4853. sizeof(buf)-6);
  4854. body_len = 2+strlen(buf+6)+2; /* code, msg, nul. */
  4855. set_uint16(buf+0, htons(body_len));
  4856. connection_buf_add(buf, 4+body_len, TO_CONN(conn));
  4857. connection_mark_and_flush(TO_CONN(conn));
  4858. return 0;
  4859. }
  4860. /* If the user has the HTTP proxy port and the control port confused. */
  4861. if (conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH &&
  4862. peek_connection_has_http_command(TO_CONN(conn))) {
  4863. connection_write_str_to_buf(CONTROLPORT_IS_NOT_AN_HTTP_PROXY_MSG, conn);
  4864. log_notice(LD_CONTROL, "Received HTTP request on ControlPort");
  4865. connection_mark_and_flush(TO_CONN(conn));
  4866. return 0;
  4867. }
  4868. again:
  4869. while (1) {
  4870. size_t last_idx;
  4871. int r;
  4872. /* First, fetch a line. */
  4873. do {
  4874. data_len = conn->incoming_cmd_len - conn->incoming_cmd_cur_len;
  4875. r = connection_buf_get_line(TO_CONN(conn),
  4876. conn->incoming_cmd+conn->incoming_cmd_cur_len,
  4877. &data_len);
  4878. if (r == 0)
  4879. /* Line not all here yet. Wait. */
  4880. return 0;
  4881. else if (r == -1) {
  4882. if (data_len + conn->incoming_cmd_cur_len > MAX_COMMAND_LINE_LENGTH) {
  4883. connection_write_str_to_buf("500 Line too long.\r\n", conn);
  4884. connection_stop_reading(TO_CONN(conn));
  4885. connection_mark_and_flush(TO_CONN(conn));
  4886. }
  4887. while (conn->incoming_cmd_len < data_len+conn->incoming_cmd_cur_len)
  4888. conn->incoming_cmd_len *= 2;
  4889. conn->incoming_cmd = tor_realloc(conn->incoming_cmd,
  4890. conn->incoming_cmd_len);
  4891. }
  4892. } while (r != 1);
  4893. tor_assert(data_len);
  4894. last_idx = conn->incoming_cmd_cur_len;
  4895. conn->incoming_cmd_cur_len += (int)data_len;
  4896. /* We have appended a line to incoming_cmd. Is the command done? */
  4897. if (last_idx == 0 && *conn->incoming_cmd != '+')
  4898. /* One line command, didn't start with '+'. */
  4899. break;
  4900. /* XXXX this code duplication is kind of dumb. */
  4901. if (last_idx+3 == conn->incoming_cmd_cur_len &&
  4902. tor_memeq(conn->incoming_cmd + last_idx, ".\r\n", 3)) {
  4903. /* Just appended ".\r\n"; we're done. Remove it. */
  4904. conn->incoming_cmd[last_idx] = '\0';
  4905. conn->incoming_cmd_cur_len -= 3;
  4906. break;
  4907. } else if (last_idx+2 == conn->incoming_cmd_cur_len &&
  4908. tor_memeq(conn->incoming_cmd + last_idx, ".\n", 2)) {
  4909. /* Just appended ".\n"; we're done. Remove it. */
  4910. conn->incoming_cmd[last_idx] = '\0';
  4911. conn->incoming_cmd_cur_len -= 2;
  4912. break;
  4913. }
  4914. /* Otherwise, read another line. */
  4915. }
  4916. data_len = conn->incoming_cmd_cur_len;
  4917. /* Okay, we now have a command sitting on conn->incoming_cmd. See if we
  4918. * recognize it.
  4919. */
  4920. cmd_len = 0;
  4921. while ((size_t)cmd_len < data_len
  4922. && !TOR_ISSPACE(conn->incoming_cmd[cmd_len]))
  4923. ++cmd_len;
  4924. conn->incoming_cmd[cmd_len]='\0';
  4925. args = conn->incoming_cmd+cmd_len+1;
  4926. tor_assert(data_len>(size_t)cmd_len);
  4927. data_len -= (cmd_len+1); /* skip the command and NUL we added after it */
  4928. while (TOR_ISSPACE(*args)) {
  4929. ++args;
  4930. --data_len;
  4931. }
  4932. /* If the connection is already closing, ignore further commands */
  4933. if (TO_CONN(conn)->marked_for_close) {
  4934. return 0;
  4935. }
  4936. /* Otherwise, Quit is always valid. */
  4937. if (!strcasecmp(conn->incoming_cmd, "QUIT")) {
  4938. connection_write_str_to_buf("250 closing connection\r\n", conn);
  4939. connection_mark_and_flush(TO_CONN(conn));
  4940. return 0;
  4941. }
  4942. if (conn->base_.state == CONTROL_CONN_STATE_NEEDAUTH &&
  4943. !is_valid_initial_command(conn, conn->incoming_cmd)) {
  4944. connection_write_str_to_buf("514 Authentication required.\r\n", conn);
  4945. connection_mark_for_close(TO_CONN(conn));
  4946. return 0;
  4947. }
  4948. if (data_len >= UINT32_MAX) {
  4949. connection_write_str_to_buf("500 A 4GB command? Nice try.\r\n", conn);
  4950. connection_mark_for_close(TO_CONN(conn));
  4951. return 0;
  4952. }
  4953. /* XXXX Why is this not implemented as a table like the GETINFO
  4954. * items are? Even handling the plus signs at the beginnings of
  4955. * commands wouldn't be very hard with proper macros. */
  4956. cmd_data_len = (uint32_t)data_len;
  4957. if (!strcasecmp(conn->incoming_cmd, "SETCONF")) {
  4958. if (handle_control_setconf(conn, cmd_data_len, args))
  4959. return -1;
  4960. } else if (!strcasecmp(conn->incoming_cmd, "RESETCONF")) {
  4961. if (handle_control_resetconf(conn, cmd_data_len, args))
  4962. return -1;
  4963. } else if (!strcasecmp(conn->incoming_cmd, "GETCONF")) {
  4964. if (handle_control_getconf(conn, cmd_data_len, args))
  4965. return -1;
  4966. } else if (!strcasecmp(conn->incoming_cmd, "+LOADCONF")) {
  4967. if (handle_control_loadconf(conn, cmd_data_len, args))
  4968. return -1;
  4969. } else if (!strcasecmp(conn->incoming_cmd, "SETEVENTS")) {
  4970. if (handle_control_setevents(conn, cmd_data_len, args))
  4971. return -1;
  4972. } else if (!strcasecmp(conn->incoming_cmd, "AUTHENTICATE")) {
  4973. if (handle_control_authenticate(conn, cmd_data_len, args))
  4974. return -1;
  4975. } else if (!strcasecmp(conn->incoming_cmd, "SAVECONF")) {
  4976. if (handle_control_saveconf(conn, cmd_data_len, args))
  4977. return -1;
  4978. } else if (!strcasecmp(conn->incoming_cmd, "SIGNAL")) {
  4979. if (handle_control_signal(conn, cmd_data_len, args))
  4980. return -1;
  4981. } else if (!strcasecmp(conn->incoming_cmd, "TAKEOWNERSHIP")) {
  4982. if (handle_control_takeownership(conn, cmd_data_len, args))
  4983. return -1;
  4984. } else if (!strcasecmp(conn->incoming_cmd, "MAPADDRESS")) {
  4985. if (handle_control_mapaddress(conn, cmd_data_len, args))
  4986. return -1;
  4987. } else if (!strcasecmp(conn->incoming_cmd, "GETINFO")) {
  4988. if (handle_control_getinfo(conn, cmd_data_len, args))
  4989. return -1;
  4990. } else if (!strcasecmp(conn->incoming_cmd, "EXTENDCIRCUIT")) {
  4991. if (handle_control_extendcircuit(conn, cmd_data_len, args))
  4992. return -1;
  4993. } else if (!strcasecmp(conn->incoming_cmd, "SETCIRCUITPURPOSE")) {
  4994. if (handle_control_setcircuitpurpose(conn, cmd_data_len, args))
  4995. return -1;
  4996. } else if (!strcasecmp(conn->incoming_cmd, "SETROUTERPURPOSE")) {
  4997. connection_write_str_to_buf("511 SETROUTERPURPOSE is obsolete.\r\n", conn);
  4998. } else if (!strcasecmp(conn->incoming_cmd, "ATTACHSTREAM")) {
  4999. if (handle_control_attachstream(conn, cmd_data_len, args))
  5000. return -1;
  5001. } else if (!strcasecmp(conn->incoming_cmd, "+POSTDESCRIPTOR")) {
  5002. if (handle_control_postdescriptor(conn, cmd_data_len, args))
  5003. return -1;
  5004. } else if (!strcasecmp(conn->incoming_cmd, "REDIRECTSTREAM")) {
  5005. if (handle_control_redirectstream(conn, cmd_data_len, args))
  5006. return -1;
  5007. } else if (!strcasecmp(conn->incoming_cmd, "CLOSESTREAM")) {
  5008. if (handle_control_closestream(conn, cmd_data_len, args))
  5009. return -1;
  5010. } else if (!strcasecmp(conn->incoming_cmd, "CLOSECIRCUIT")) {
  5011. if (handle_control_closecircuit(conn, cmd_data_len, args))
  5012. return -1;
  5013. } else if (!strcasecmp(conn->incoming_cmd, "USEFEATURE")) {
  5014. if (handle_control_usefeature(conn, cmd_data_len, args))
  5015. return -1;
  5016. } else if (!strcasecmp(conn->incoming_cmd, "RESOLVE")) {
  5017. if (handle_control_resolve(conn, cmd_data_len, args))
  5018. return -1;
  5019. } else if (!strcasecmp(conn->incoming_cmd, "PROTOCOLINFO")) {
  5020. if (handle_control_protocolinfo(conn, cmd_data_len, args))
  5021. return -1;
  5022. } else if (!strcasecmp(conn->incoming_cmd, "AUTHCHALLENGE")) {
  5023. if (handle_control_authchallenge(conn, cmd_data_len, args))
  5024. return -1;
  5025. } else if (!strcasecmp(conn->incoming_cmd, "DROPGUARDS")) {
  5026. if (handle_control_dropguards(conn, cmd_data_len, args))
  5027. return -1;
  5028. } else if (!strcasecmp(conn->incoming_cmd, "HSFETCH")) {
  5029. if (handle_control_hsfetch(conn, cmd_data_len, args))
  5030. return -1;
  5031. } else if (!strcasecmp(conn->incoming_cmd, "+HSPOST")) {
  5032. if (handle_control_hspost(conn, cmd_data_len, args))
  5033. return -1;
  5034. } else if (!strcasecmp(conn->incoming_cmd, "ADD_ONION")) {
  5035. int ret = handle_control_add_onion(conn, cmd_data_len, args);
  5036. memwipe(args, 0, cmd_data_len); /* Scrub the private key. */
  5037. if (ret)
  5038. return -1;
  5039. } else if (!strcasecmp(conn->incoming_cmd, "DEL_ONION")) {
  5040. int ret = handle_control_del_onion(conn, cmd_data_len, args);
  5041. memwipe(args, 0, cmd_data_len); /* Scrub the service id/pk. */
  5042. if (ret)
  5043. return -1;
  5044. } else {
  5045. connection_printf_to_buf(conn, "510 Unrecognized command \"%s\"\r\n",
  5046. conn->incoming_cmd);
  5047. }
  5048. conn->incoming_cmd_cur_len = 0;
  5049. goto again;
  5050. }
  5051. /** Something major has happened to circuit <b>circ</b>: tell any
  5052. * interested control connections. */
  5053. int
  5054. control_event_circuit_status(origin_circuit_t *circ, circuit_status_event_t tp,
  5055. int reason_code)
  5056. {
  5057. const char *status;
  5058. char reasons[64] = "";
  5059. if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS))
  5060. return 0;
  5061. tor_assert(circ);
  5062. switch (tp)
  5063. {
  5064. case CIRC_EVENT_LAUNCHED: status = "LAUNCHED"; break;
  5065. case CIRC_EVENT_BUILT: status = "BUILT"; break;
  5066. case CIRC_EVENT_EXTENDED: status = "EXTENDED"; break;
  5067. case CIRC_EVENT_FAILED: status = "FAILED"; break;
  5068. case CIRC_EVENT_CLOSED: status = "CLOSED"; break;
  5069. default:
  5070. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  5071. tor_fragile_assert();
  5072. return 0;
  5073. }
  5074. if (tp == CIRC_EVENT_FAILED || tp == CIRC_EVENT_CLOSED) {
  5075. const char *reason_str = circuit_end_reason_to_control_string(reason_code);
  5076. char unk_reason_buf[16];
  5077. if (!reason_str) {
  5078. tor_snprintf(unk_reason_buf, 16, "UNKNOWN_%d", reason_code);
  5079. reason_str = unk_reason_buf;
  5080. }
  5081. if (reason_code > 0 && reason_code & END_CIRC_REASON_FLAG_REMOTE) {
  5082. tor_snprintf(reasons, sizeof(reasons),
  5083. " REASON=DESTROYED REMOTE_REASON=%s", reason_str);
  5084. } else {
  5085. tor_snprintf(reasons, sizeof(reasons),
  5086. " REASON=%s", reason_str);
  5087. }
  5088. }
  5089. {
  5090. char *circdesc = circuit_describe_status_for_controller(circ);
  5091. const char *sp = strlen(circdesc) ? " " : "";
  5092. send_control_event(EVENT_CIRCUIT_STATUS,
  5093. "650 CIRC %lu %s%s%s%s\r\n",
  5094. (unsigned long)circ->global_identifier,
  5095. status, sp,
  5096. circdesc,
  5097. reasons);
  5098. tor_free(circdesc);
  5099. }
  5100. return 0;
  5101. }
  5102. /** Something minor has happened to circuit <b>circ</b>: tell any
  5103. * interested control connections. */
  5104. static int
  5105. control_event_circuit_status_minor(origin_circuit_t *circ,
  5106. circuit_status_minor_event_t e,
  5107. int purpose, const struct timeval *tv)
  5108. {
  5109. const char *event_desc;
  5110. char event_tail[160] = "";
  5111. if (!EVENT_IS_INTERESTING(EVENT_CIRCUIT_STATUS_MINOR))
  5112. return 0;
  5113. tor_assert(circ);
  5114. switch (e)
  5115. {
  5116. case CIRC_MINOR_EVENT_PURPOSE_CHANGED:
  5117. event_desc = "PURPOSE_CHANGED";
  5118. {
  5119. /* event_tail can currently be up to 68 chars long */
  5120. const char *hs_state_str =
  5121. circuit_purpose_to_controller_hs_state_string(purpose);
  5122. tor_snprintf(event_tail, sizeof(event_tail),
  5123. " OLD_PURPOSE=%s%s%s",
  5124. circuit_purpose_to_controller_string(purpose),
  5125. (hs_state_str != NULL) ? " OLD_HS_STATE=" : "",
  5126. (hs_state_str != NULL) ? hs_state_str : "");
  5127. }
  5128. break;
  5129. case CIRC_MINOR_EVENT_CANNIBALIZED:
  5130. event_desc = "CANNIBALIZED";
  5131. {
  5132. /* event_tail can currently be up to 130 chars long */
  5133. const char *hs_state_str =
  5134. circuit_purpose_to_controller_hs_state_string(purpose);
  5135. const struct timeval *old_timestamp_began = tv;
  5136. char tbuf[ISO_TIME_USEC_LEN+1];
  5137. format_iso_time_nospace_usec(tbuf, old_timestamp_began);
  5138. tor_snprintf(event_tail, sizeof(event_tail),
  5139. " OLD_PURPOSE=%s%s%s OLD_TIME_CREATED=%s",
  5140. circuit_purpose_to_controller_string(purpose),
  5141. (hs_state_str != NULL) ? " OLD_HS_STATE=" : "",
  5142. (hs_state_str != NULL) ? hs_state_str : "",
  5143. tbuf);
  5144. }
  5145. break;
  5146. default:
  5147. log_warn(LD_BUG, "Unrecognized status code %d", (int)e);
  5148. tor_fragile_assert();
  5149. return 0;
  5150. }
  5151. {
  5152. char *circdesc = circuit_describe_status_for_controller(circ);
  5153. const char *sp = strlen(circdesc) ? " " : "";
  5154. send_control_event(EVENT_CIRCUIT_STATUS_MINOR,
  5155. "650 CIRC_MINOR %lu %s%s%s%s\r\n",
  5156. (unsigned long)circ->global_identifier,
  5157. event_desc, sp,
  5158. circdesc,
  5159. event_tail);
  5160. tor_free(circdesc);
  5161. }
  5162. return 0;
  5163. }
  5164. /**
  5165. * <b>circ</b> has changed its purpose from <b>old_purpose</b>: tell any
  5166. * interested controllers.
  5167. */
  5168. int
  5169. control_event_circuit_purpose_changed(origin_circuit_t *circ,
  5170. int old_purpose)
  5171. {
  5172. return control_event_circuit_status_minor(circ,
  5173. CIRC_MINOR_EVENT_PURPOSE_CHANGED,
  5174. old_purpose,
  5175. NULL);
  5176. }
  5177. /**
  5178. * <b>circ</b> has changed its purpose from <b>old_purpose</b>, and its
  5179. * created-time from <b>old_tv_created</b>: tell any interested controllers.
  5180. */
  5181. int
  5182. control_event_circuit_cannibalized(origin_circuit_t *circ,
  5183. int old_purpose,
  5184. const struct timeval *old_tv_created)
  5185. {
  5186. return control_event_circuit_status_minor(circ,
  5187. CIRC_MINOR_EVENT_CANNIBALIZED,
  5188. old_purpose,
  5189. old_tv_created);
  5190. }
  5191. /** Given an AP connection <b>conn</b> and a <b>len</b>-character buffer
  5192. * <b>buf</b>, determine the address:port combination requested on
  5193. * <b>conn</b>, and write it to <b>buf</b>. Return 0 on success, -1 on
  5194. * failure. */
  5195. static int
  5196. write_stream_target_to_buf(entry_connection_t *conn, char *buf, size_t len)
  5197. {
  5198. char buf2[256];
  5199. if (conn->chosen_exit_name)
  5200. if (tor_snprintf(buf2, sizeof(buf2), ".%s.exit", conn->chosen_exit_name)<0)
  5201. return -1;
  5202. if (!conn->socks_request)
  5203. return -1;
  5204. if (tor_snprintf(buf, len, "%s%s%s:%d",
  5205. conn->socks_request->address,
  5206. conn->chosen_exit_name ? buf2 : "",
  5207. !conn->chosen_exit_name && connection_edge_is_rendezvous_stream(
  5208. ENTRY_TO_EDGE_CONN(conn)) ? ".onion" : "",
  5209. conn->socks_request->port)<0)
  5210. return -1;
  5211. return 0;
  5212. }
  5213. /** Something has happened to the stream associated with AP connection
  5214. * <b>conn</b>: tell any interested control connections. */
  5215. int
  5216. control_event_stream_status(entry_connection_t *conn, stream_status_event_t tp,
  5217. int reason_code)
  5218. {
  5219. char reason_buf[64];
  5220. char addrport_buf[64];
  5221. const char *status;
  5222. circuit_t *circ;
  5223. origin_circuit_t *origin_circ = NULL;
  5224. char buf[256];
  5225. const char *purpose = "";
  5226. tor_assert(conn->socks_request);
  5227. if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
  5228. return 0;
  5229. if (tp == STREAM_EVENT_CLOSED &&
  5230. (reason_code & END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED))
  5231. return 0;
  5232. write_stream_target_to_buf(conn, buf, sizeof(buf));
  5233. reason_buf[0] = '\0';
  5234. switch (tp)
  5235. {
  5236. case STREAM_EVENT_SENT_CONNECT: status = "SENTCONNECT"; break;
  5237. case STREAM_EVENT_SENT_RESOLVE: status = "SENTRESOLVE"; break;
  5238. case STREAM_EVENT_SUCCEEDED: status = "SUCCEEDED"; break;
  5239. case STREAM_EVENT_FAILED: status = "FAILED"; break;
  5240. case STREAM_EVENT_CLOSED: status = "CLOSED"; break;
  5241. case STREAM_EVENT_NEW: status = "NEW"; break;
  5242. case STREAM_EVENT_NEW_RESOLVE: status = "NEWRESOLVE"; break;
  5243. case STREAM_EVENT_FAILED_RETRIABLE: status = "DETACHED"; break;
  5244. case STREAM_EVENT_REMAP: status = "REMAP"; break;
  5245. default:
  5246. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  5247. return 0;
  5248. }
  5249. if (reason_code && (tp == STREAM_EVENT_FAILED ||
  5250. tp == STREAM_EVENT_CLOSED ||
  5251. tp == STREAM_EVENT_FAILED_RETRIABLE)) {
  5252. const char *reason_str = stream_end_reason_to_control_string(reason_code);
  5253. char *r = NULL;
  5254. if (!reason_str) {
  5255. tor_asprintf(&r, " UNKNOWN_%d", reason_code);
  5256. reason_str = r;
  5257. }
  5258. if (reason_code & END_STREAM_REASON_FLAG_REMOTE)
  5259. tor_snprintf(reason_buf, sizeof(reason_buf),
  5260. " REASON=END REMOTE_REASON=%s", reason_str);
  5261. else
  5262. tor_snprintf(reason_buf, sizeof(reason_buf),
  5263. " REASON=%s", reason_str);
  5264. tor_free(r);
  5265. } else if (reason_code && tp == STREAM_EVENT_REMAP) {
  5266. switch (reason_code) {
  5267. case REMAP_STREAM_SOURCE_CACHE:
  5268. strlcpy(reason_buf, " SOURCE=CACHE", sizeof(reason_buf));
  5269. break;
  5270. case REMAP_STREAM_SOURCE_EXIT:
  5271. strlcpy(reason_buf, " SOURCE=EXIT", sizeof(reason_buf));
  5272. break;
  5273. default:
  5274. tor_snprintf(reason_buf, sizeof(reason_buf), " REASON=UNKNOWN_%d",
  5275. reason_code);
  5276. /* XXX do we want SOURCE=UNKNOWN_%d above instead? -RD */
  5277. break;
  5278. }
  5279. }
  5280. if (tp == STREAM_EVENT_NEW || tp == STREAM_EVENT_NEW_RESOLVE) {
  5281. /*
  5282. * When the control conn is an AF_UNIX socket and we have no address,
  5283. * it gets set to "(Tor_internal)"; see dnsserv_launch_request() in
  5284. * dnsserv.c.
  5285. */
  5286. if (strcmp(ENTRY_TO_CONN(conn)->address, "(Tor_internal)") != 0) {
  5287. tor_snprintf(addrport_buf,sizeof(addrport_buf), " SOURCE_ADDR=%s:%d",
  5288. ENTRY_TO_CONN(conn)->address, ENTRY_TO_CONN(conn)->port);
  5289. } else {
  5290. /*
  5291. * else leave it blank so control on AF_UNIX doesn't need to make
  5292. * something up.
  5293. */
  5294. addrport_buf[0] = '\0';
  5295. }
  5296. } else {
  5297. addrport_buf[0] = '\0';
  5298. }
  5299. if (tp == STREAM_EVENT_NEW_RESOLVE) {
  5300. purpose = " PURPOSE=DNS_REQUEST";
  5301. } else if (tp == STREAM_EVENT_NEW) {
  5302. if (conn->use_begindir) {
  5303. connection_t *linked = ENTRY_TO_CONN(conn)->linked_conn;
  5304. int linked_dir_purpose = -1;
  5305. if (linked && linked->type == CONN_TYPE_DIR)
  5306. linked_dir_purpose = linked->purpose;
  5307. if (DIR_PURPOSE_IS_UPLOAD(linked_dir_purpose))
  5308. purpose = " PURPOSE=DIR_UPLOAD";
  5309. else
  5310. purpose = " PURPOSE=DIR_FETCH";
  5311. } else
  5312. purpose = " PURPOSE=USER";
  5313. }
  5314. circ = circuit_get_by_edge_conn(ENTRY_TO_EDGE_CONN(conn));
  5315. if (circ && CIRCUIT_IS_ORIGIN(circ))
  5316. origin_circ = TO_ORIGIN_CIRCUIT(circ);
  5317. send_control_event(EVENT_STREAM_STATUS,
  5318. "650 STREAM "U64_FORMAT" %s %lu %s%s%s%s\r\n",
  5319. U64_PRINTF_ARG(ENTRY_TO_CONN(conn)->global_identifier),
  5320. status,
  5321. origin_circ?
  5322. (unsigned long)origin_circ->global_identifier : 0ul,
  5323. buf, reason_buf, addrport_buf, purpose);
  5324. /* XXX need to specify its intended exit, etc? */
  5325. return 0;
  5326. }
  5327. /** Figure out the best name for the target router of an OR connection
  5328. * <b>conn</b>, and write it into the <b>len</b>-character buffer
  5329. * <b>name</b>. */
  5330. static void
  5331. orconn_target_get_name(char *name, size_t len, or_connection_t *conn)
  5332. {
  5333. const node_t *node = node_get_by_id(conn->identity_digest);
  5334. if (node) {
  5335. tor_assert(len > MAX_VERBOSE_NICKNAME_LEN);
  5336. node_get_verbose_nickname(node, name);
  5337. } else if (! tor_digest_is_zero(conn->identity_digest)) {
  5338. name[0] = '$';
  5339. base16_encode(name+1, len-1, conn->identity_digest,
  5340. DIGEST_LEN);
  5341. } else {
  5342. tor_snprintf(name, len, "%s:%d",
  5343. conn->base_.address, conn->base_.port);
  5344. }
  5345. }
  5346. /** Called when the status of an OR connection <b>conn</b> changes: tell any
  5347. * interested control connections. <b>tp</b> is the new status for the
  5348. * connection. If <b>conn</b> has just closed or failed, then <b>reason</b>
  5349. * may be the reason why.
  5350. */
  5351. int
  5352. control_event_or_conn_status(or_connection_t *conn, or_conn_status_event_t tp,
  5353. int reason)
  5354. {
  5355. int ncircs = 0;
  5356. const char *status;
  5357. char name[128];
  5358. char ncircs_buf[32] = {0}; /* > 8 + log10(2^32)=10 + 2 */
  5359. if (!EVENT_IS_INTERESTING(EVENT_OR_CONN_STATUS))
  5360. return 0;
  5361. switch (tp)
  5362. {
  5363. case OR_CONN_EVENT_LAUNCHED: status = "LAUNCHED"; break;
  5364. case OR_CONN_EVENT_CONNECTED: status = "CONNECTED"; break;
  5365. case OR_CONN_EVENT_FAILED: status = "FAILED"; break;
  5366. case OR_CONN_EVENT_CLOSED: status = "CLOSED"; break;
  5367. case OR_CONN_EVENT_NEW: status = "NEW"; break;
  5368. default:
  5369. log_warn(LD_BUG, "Unrecognized status code %d", (int)tp);
  5370. return 0;
  5371. }
  5372. if (conn->chan) {
  5373. ncircs = circuit_count_pending_on_channel(TLS_CHAN_TO_BASE(conn->chan));
  5374. } else {
  5375. ncircs = 0;
  5376. }
  5377. ncircs += connection_or_get_num_circuits(conn);
  5378. if (ncircs && (tp == OR_CONN_EVENT_FAILED || tp == OR_CONN_EVENT_CLOSED)) {
  5379. tor_snprintf(ncircs_buf, sizeof(ncircs_buf), " NCIRCS=%d", ncircs);
  5380. }
  5381. orconn_target_get_name(name, sizeof(name), conn);
  5382. send_control_event(EVENT_OR_CONN_STATUS,
  5383. "650 ORCONN %s %s%s%s%s ID="U64_FORMAT"\r\n",
  5384. name, status,
  5385. reason ? " REASON=" : "",
  5386. orconn_end_reason_to_control_string(reason),
  5387. ncircs_buf,
  5388. U64_PRINTF_ARG(conn->base_.global_identifier));
  5389. return 0;
  5390. }
  5391. /**
  5392. * Print out STREAM_BW event for a single conn
  5393. */
  5394. int
  5395. control_event_stream_bandwidth(edge_connection_t *edge_conn)
  5396. {
  5397. struct timeval now;
  5398. char tbuf[ISO_TIME_USEC_LEN+1];
  5399. if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
  5400. if (!edge_conn->n_read && !edge_conn->n_written)
  5401. return 0;
  5402. tor_gettimeofday(&now);
  5403. format_iso_time_nospace_usec(tbuf, &now);
  5404. send_control_event(EVENT_STREAM_BANDWIDTH_USED,
  5405. "650 STREAM_BW "U64_FORMAT" %lu %lu %s\r\n",
  5406. U64_PRINTF_ARG(edge_conn->base_.global_identifier),
  5407. (unsigned long)edge_conn->n_read,
  5408. (unsigned long)edge_conn->n_written,
  5409. tbuf);
  5410. edge_conn->n_written = edge_conn->n_read = 0;
  5411. }
  5412. return 0;
  5413. }
  5414. /** A second or more has elapsed: tell any interested control
  5415. * connections how much bandwidth streams have used. */
  5416. int
  5417. control_event_stream_bandwidth_used(void)
  5418. {
  5419. if (EVENT_IS_INTERESTING(EVENT_STREAM_BANDWIDTH_USED)) {
  5420. smartlist_t *conns = get_connection_array();
  5421. edge_connection_t *edge_conn;
  5422. struct timeval now;
  5423. char tbuf[ISO_TIME_USEC_LEN+1];
  5424. SMARTLIST_FOREACH_BEGIN(conns, connection_t *, conn)
  5425. {
  5426. if (conn->type != CONN_TYPE_AP)
  5427. continue;
  5428. edge_conn = TO_EDGE_CONN(conn);
  5429. if (!edge_conn->n_read && !edge_conn->n_written)
  5430. continue;
  5431. tor_gettimeofday(&now);
  5432. format_iso_time_nospace_usec(tbuf, &now);
  5433. send_control_event(EVENT_STREAM_BANDWIDTH_USED,
  5434. "650 STREAM_BW "U64_FORMAT" %lu %lu %s\r\n",
  5435. U64_PRINTF_ARG(edge_conn->base_.global_identifier),
  5436. (unsigned long)edge_conn->n_read,
  5437. (unsigned long)edge_conn->n_written,
  5438. tbuf);
  5439. edge_conn->n_written = edge_conn->n_read = 0;
  5440. }
  5441. SMARTLIST_FOREACH_END(conn);
  5442. }
  5443. return 0;
  5444. }
  5445. /** A second or more has elapsed: tell any interested control connections
  5446. * how much bandwidth origin circuits have used. */
  5447. int
  5448. control_event_circ_bandwidth_used(void)
  5449. {
  5450. origin_circuit_t *ocirc;
  5451. struct timeval now;
  5452. char tbuf[ISO_TIME_USEC_LEN+1];
  5453. if (!EVENT_IS_INTERESTING(EVENT_CIRC_BANDWIDTH_USED))
  5454. return 0;
  5455. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  5456. if (!CIRCUIT_IS_ORIGIN(circ))
  5457. continue;
  5458. ocirc = TO_ORIGIN_CIRCUIT(circ);
  5459. if (!ocirc->n_read_circ_bw && !ocirc->n_written_circ_bw)
  5460. continue;
  5461. tor_gettimeofday(&now);
  5462. format_iso_time_nospace_usec(tbuf, &now);
  5463. send_control_event(EVENT_CIRC_BANDWIDTH_USED,
  5464. "650 CIRC_BW ID=%d READ=%lu WRITTEN=%lu TIME=%s "
  5465. "DELIVERED_READ=%lu OVERHEAD_READ=%lu "
  5466. "DELIVERED_WRITTEN=%lu OVERHEAD_WRITTEN=%lu\r\n",
  5467. ocirc->global_identifier,
  5468. (unsigned long)ocirc->n_read_circ_bw,
  5469. (unsigned long)ocirc->n_written_circ_bw,
  5470. tbuf,
  5471. (unsigned long)ocirc->n_delivered_read_circ_bw,
  5472. (unsigned long)ocirc->n_overhead_read_circ_bw,
  5473. (unsigned long)ocirc->n_delivered_written_circ_bw,
  5474. (unsigned long)ocirc->n_overhead_written_circ_bw);
  5475. ocirc->n_written_circ_bw = ocirc->n_read_circ_bw = 0;
  5476. ocirc->n_overhead_written_circ_bw = ocirc->n_overhead_read_circ_bw = 0;
  5477. ocirc->n_delivered_written_circ_bw = ocirc->n_delivered_read_circ_bw = 0;
  5478. }
  5479. SMARTLIST_FOREACH_END(circ);
  5480. return 0;
  5481. }
  5482. /** Print out CONN_BW event for a single OR/DIR/EXIT <b>conn</b> and reset
  5483. * bandwidth counters. */
  5484. int
  5485. control_event_conn_bandwidth(connection_t *conn)
  5486. {
  5487. const char *conn_type_str;
  5488. if (!get_options()->TestingEnableConnBwEvent ||
  5489. !EVENT_IS_INTERESTING(EVENT_CONN_BW))
  5490. return 0;
  5491. if (!conn->n_read_conn_bw && !conn->n_written_conn_bw)
  5492. return 0;
  5493. switch (conn->type) {
  5494. case CONN_TYPE_OR:
  5495. conn_type_str = "OR";
  5496. break;
  5497. case CONN_TYPE_DIR:
  5498. conn_type_str = "DIR";
  5499. break;
  5500. case CONN_TYPE_EXIT:
  5501. conn_type_str = "EXIT";
  5502. break;
  5503. default:
  5504. return 0;
  5505. }
  5506. send_control_event(EVENT_CONN_BW,
  5507. "650 CONN_BW ID="U64_FORMAT" TYPE=%s "
  5508. "READ=%lu WRITTEN=%lu\r\n",
  5509. U64_PRINTF_ARG(conn->global_identifier),
  5510. conn_type_str,
  5511. (unsigned long)conn->n_read_conn_bw,
  5512. (unsigned long)conn->n_written_conn_bw);
  5513. conn->n_written_conn_bw = conn->n_read_conn_bw = 0;
  5514. return 0;
  5515. }
  5516. /** A second or more has elapsed: tell any interested control
  5517. * connections how much bandwidth connections have used. */
  5518. int
  5519. control_event_conn_bandwidth_used(void)
  5520. {
  5521. if (get_options()->TestingEnableConnBwEvent &&
  5522. EVENT_IS_INTERESTING(EVENT_CONN_BW)) {
  5523. SMARTLIST_FOREACH(get_connection_array(), connection_t *, conn,
  5524. control_event_conn_bandwidth(conn));
  5525. }
  5526. return 0;
  5527. }
  5528. /** Helper: iterate over cell statistics of <b>circ</b> and sum up added
  5529. * cells, removed cells, and waiting times by cell command and direction.
  5530. * Store results in <b>cell_stats</b>. Free cell statistics of the
  5531. * circuit afterwards. */
  5532. void
  5533. sum_up_cell_stats_by_command(circuit_t *circ, cell_stats_t *cell_stats)
  5534. {
  5535. memset(cell_stats, 0, sizeof(cell_stats_t));
  5536. SMARTLIST_FOREACH_BEGIN(circ->testing_cell_stats,
  5537. const testing_cell_stats_entry_t *, ent) {
  5538. tor_assert(ent->command <= CELL_COMMAND_MAX_);
  5539. if (!ent->removed && !ent->exitward) {
  5540. cell_stats->added_cells_appward[ent->command] += 1;
  5541. } else if (!ent->removed && ent->exitward) {
  5542. cell_stats->added_cells_exitward[ent->command] += 1;
  5543. } else if (!ent->exitward) {
  5544. cell_stats->removed_cells_appward[ent->command] += 1;
  5545. cell_stats->total_time_appward[ent->command] += ent->waiting_time * 10;
  5546. } else {
  5547. cell_stats->removed_cells_exitward[ent->command] += 1;
  5548. cell_stats->total_time_exitward[ent->command] += ent->waiting_time * 10;
  5549. }
  5550. } SMARTLIST_FOREACH_END(ent);
  5551. circuit_clear_testing_cell_stats(circ);
  5552. }
  5553. /** Helper: append a cell statistics string to <code>event_parts</code>,
  5554. * prefixed with <code>key</code>=. Statistics consist of comma-separated
  5555. * key:value pairs with lower-case command strings as keys and cell
  5556. * numbers or total waiting times as values. A key:value pair is included
  5557. * if the entry in <code>include_if_non_zero</code> is not zero, but with
  5558. * the (possibly zero) entry from <code>number_to_include</code>. Both
  5559. * arrays are expected to have a length of CELL_COMMAND_MAX_ + 1. If no
  5560. * entry in <code>include_if_non_zero</code> is positive, no string will
  5561. * be added to <code>event_parts</code>. */
  5562. void
  5563. append_cell_stats_by_command(smartlist_t *event_parts, const char *key,
  5564. const uint64_t *include_if_non_zero,
  5565. const uint64_t *number_to_include)
  5566. {
  5567. smartlist_t *key_value_strings = smartlist_new();
  5568. int i;
  5569. for (i = 0; i <= CELL_COMMAND_MAX_; i++) {
  5570. if (include_if_non_zero[i] > 0) {
  5571. smartlist_add_asprintf(key_value_strings, "%s:"U64_FORMAT,
  5572. cell_command_to_string(i),
  5573. U64_PRINTF_ARG(number_to_include[i]));
  5574. }
  5575. }
  5576. if (smartlist_len(key_value_strings) > 0) {
  5577. char *joined = smartlist_join_strings(key_value_strings, ",", 0, NULL);
  5578. smartlist_add_asprintf(event_parts, "%s=%s", key, joined);
  5579. SMARTLIST_FOREACH(key_value_strings, char *, cp, tor_free(cp));
  5580. tor_free(joined);
  5581. }
  5582. smartlist_free(key_value_strings);
  5583. }
  5584. /** Helper: format <b>cell_stats</b> for <b>circ</b> for inclusion in a
  5585. * CELL_STATS event and write result string to <b>event_string</b>. */
  5586. void
  5587. format_cell_stats(char **event_string, circuit_t *circ,
  5588. cell_stats_t *cell_stats)
  5589. {
  5590. smartlist_t *event_parts = smartlist_new();
  5591. if (CIRCUIT_IS_ORIGIN(circ)) {
  5592. origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
  5593. smartlist_add_asprintf(event_parts, "ID=%lu",
  5594. (unsigned long)ocirc->global_identifier);
  5595. } else if (TO_OR_CIRCUIT(circ)->p_chan) {
  5596. or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
  5597. smartlist_add_asprintf(event_parts, "InboundQueue=%lu",
  5598. (unsigned long)or_circ->p_circ_id);
  5599. smartlist_add_asprintf(event_parts, "InboundConn="U64_FORMAT,
  5600. U64_PRINTF_ARG(or_circ->p_chan->global_identifier));
  5601. append_cell_stats_by_command(event_parts, "InboundAdded",
  5602. cell_stats->added_cells_appward,
  5603. cell_stats->added_cells_appward);
  5604. append_cell_stats_by_command(event_parts, "InboundRemoved",
  5605. cell_stats->removed_cells_appward,
  5606. cell_stats->removed_cells_appward);
  5607. append_cell_stats_by_command(event_parts, "InboundTime",
  5608. cell_stats->removed_cells_appward,
  5609. cell_stats->total_time_appward);
  5610. }
  5611. if (circ->n_chan) {
  5612. smartlist_add_asprintf(event_parts, "OutboundQueue=%lu",
  5613. (unsigned long)circ->n_circ_id);
  5614. smartlist_add_asprintf(event_parts, "OutboundConn="U64_FORMAT,
  5615. U64_PRINTF_ARG(circ->n_chan->global_identifier));
  5616. append_cell_stats_by_command(event_parts, "OutboundAdded",
  5617. cell_stats->added_cells_exitward,
  5618. cell_stats->added_cells_exitward);
  5619. append_cell_stats_by_command(event_parts, "OutboundRemoved",
  5620. cell_stats->removed_cells_exitward,
  5621. cell_stats->removed_cells_exitward);
  5622. append_cell_stats_by_command(event_parts, "OutboundTime",
  5623. cell_stats->removed_cells_exitward,
  5624. cell_stats->total_time_exitward);
  5625. }
  5626. *event_string = smartlist_join_strings(event_parts, " ", 0, NULL);
  5627. SMARTLIST_FOREACH(event_parts, char *, cp, tor_free(cp));
  5628. smartlist_free(event_parts);
  5629. }
  5630. /** A second or more has elapsed: tell any interested control connection
  5631. * how many cells have been processed for a given circuit. */
  5632. int
  5633. control_event_circuit_cell_stats(void)
  5634. {
  5635. cell_stats_t *cell_stats;
  5636. char *event_string;
  5637. if (!get_options()->TestingEnableCellStatsEvent ||
  5638. !EVENT_IS_INTERESTING(EVENT_CELL_STATS))
  5639. return 0;
  5640. cell_stats = tor_malloc(sizeof(cell_stats_t));
  5641. SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
  5642. if (!circ->testing_cell_stats)
  5643. continue;
  5644. sum_up_cell_stats_by_command(circ, cell_stats);
  5645. format_cell_stats(&event_string, circ, cell_stats);
  5646. send_control_event(EVENT_CELL_STATS,
  5647. "650 CELL_STATS %s\r\n", event_string);
  5648. tor_free(event_string);
  5649. }
  5650. SMARTLIST_FOREACH_END(circ);
  5651. tor_free(cell_stats);
  5652. return 0;
  5653. }
  5654. /* about 5 minutes worth. */
  5655. #define N_BW_EVENTS_TO_CACHE 300
  5656. /* Index into cached_bw_events to next write. */
  5657. static int next_measurement_idx = 0;
  5658. /* number of entries set in n_measurements */
  5659. static int n_measurements = 0;
  5660. static struct cached_bw_event_s {
  5661. uint32_t n_read;
  5662. uint32_t n_written;
  5663. } cached_bw_events[N_BW_EVENTS_TO_CACHE];
  5664. /** A second or more has elapsed: tell any interested control
  5665. * connections how much bandwidth we used. */
  5666. int
  5667. control_event_bandwidth_used(uint32_t n_read, uint32_t n_written)
  5668. {
  5669. cached_bw_events[next_measurement_idx].n_read = n_read;
  5670. cached_bw_events[next_measurement_idx].n_written = n_written;
  5671. if (++next_measurement_idx == N_BW_EVENTS_TO_CACHE)
  5672. next_measurement_idx = 0;
  5673. if (n_measurements < N_BW_EVENTS_TO_CACHE)
  5674. ++n_measurements;
  5675. if (EVENT_IS_INTERESTING(EVENT_BANDWIDTH_USED)) {
  5676. send_control_event(EVENT_BANDWIDTH_USED,
  5677. "650 BW %lu %lu\r\n",
  5678. (unsigned long)n_read,
  5679. (unsigned long)n_written);
  5680. }
  5681. return 0;
  5682. }
  5683. STATIC char *
  5684. get_bw_samples(void)
  5685. {
  5686. int i;
  5687. int idx = (next_measurement_idx + N_BW_EVENTS_TO_CACHE - n_measurements)
  5688. % N_BW_EVENTS_TO_CACHE;
  5689. tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
  5690. smartlist_t *elements = smartlist_new();
  5691. for (i = 0; i < n_measurements; ++i) {
  5692. tor_assert(0 <= idx && idx < N_BW_EVENTS_TO_CACHE);
  5693. const struct cached_bw_event_s *bwe = &cached_bw_events[idx];
  5694. smartlist_add_asprintf(elements, "%u,%u",
  5695. (unsigned)bwe->n_read,
  5696. (unsigned)bwe->n_written);
  5697. idx = (idx + 1) % N_BW_EVENTS_TO_CACHE;
  5698. }
  5699. char *result = smartlist_join_strings(elements, " ", 0, NULL);
  5700. SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
  5701. smartlist_free(elements);
  5702. return result;
  5703. }
  5704. /** Called when we are sending a log message to the controllers: suspend
  5705. * sending further log messages to the controllers until we're done. Used by
  5706. * CONN_LOG_PROTECT. */
  5707. void
  5708. disable_control_logging(void)
  5709. {
  5710. ++disable_log_messages;
  5711. }
  5712. /** We're done sending a log message to the controllers: re-enable controller
  5713. * logging. Used by CONN_LOG_PROTECT. */
  5714. void
  5715. enable_control_logging(void)
  5716. {
  5717. if (--disable_log_messages < 0)
  5718. tor_assert(0);
  5719. }
  5720. /** We got a log message: tell any interested control connections. */
  5721. void
  5722. control_event_logmsg(int severity, uint32_t domain, const char *msg)
  5723. {
  5724. int event;
  5725. /* Don't even think of trying to add stuff to a buffer from a cpuworker
  5726. * thread. (See #25987 for plan to fix.) */
  5727. if (! in_main_thread())
  5728. return;
  5729. if (disable_log_messages)
  5730. return;
  5731. if (domain == LD_BUG && EVENT_IS_INTERESTING(EVENT_STATUS_GENERAL) &&
  5732. severity <= LOG_NOTICE) {
  5733. char *esc = esc_for_log(msg);
  5734. ++disable_log_messages;
  5735. control_event_general_status(severity, "BUG REASON=%s", esc);
  5736. --disable_log_messages;
  5737. tor_free(esc);
  5738. }
  5739. event = log_severity_to_event(severity);
  5740. if (event >= 0 && EVENT_IS_INTERESTING(event)) {
  5741. char *b = NULL;
  5742. const char *s;
  5743. if (strchr(msg, '\n')) {
  5744. char *cp;
  5745. b = tor_strdup(msg);
  5746. for (cp = b; *cp; ++cp)
  5747. if (*cp == '\r' || *cp == '\n')
  5748. *cp = ' ';
  5749. }
  5750. switch (severity) {
  5751. case LOG_DEBUG: s = "DEBUG"; break;
  5752. case LOG_INFO: s = "INFO"; break;
  5753. case LOG_NOTICE: s = "NOTICE"; break;
  5754. case LOG_WARN: s = "WARN"; break;
  5755. case LOG_ERR: s = "ERR"; break;
  5756. default: s = "UnknownLogSeverity"; break;
  5757. }
  5758. ++disable_log_messages;
  5759. send_control_event(event, "650 %s %s\r\n", s, b?b:msg);
  5760. if (severity == LOG_ERR) {
  5761. /* Force a flush, since we may be about to die horribly */
  5762. queued_events_flush_all(1);
  5763. }
  5764. --disable_log_messages;
  5765. tor_free(b);
  5766. }
  5767. }
  5768. /**
  5769. * Logging callback: called when there is a queued pending log callback.
  5770. */
  5771. void
  5772. control_event_logmsg_pending(void)
  5773. {
  5774. if (! in_main_thread()) {
  5775. /* We can't handle this case yet, since we're using a
  5776. * mainloop_event_t to invoke queued_events_flush_all. We ought to
  5777. * use a different mechanism instead: see #25987.
  5778. **/
  5779. return;
  5780. }
  5781. tor_assert(flush_queued_events_event);
  5782. mainloop_event_activate(flush_queued_events_event);
  5783. }
  5784. /** Called whenever we receive new router descriptors: tell any
  5785. * interested control connections. <b>routers</b> is a list of
  5786. * routerinfo_t's.
  5787. */
  5788. int
  5789. control_event_descriptors_changed(smartlist_t *routers)
  5790. {
  5791. char *msg;
  5792. if (!EVENT_IS_INTERESTING(EVENT_NEW_DESC))
  5793. return 0;
  5794. {
  5795. smartlist_t *names = smartlist_new();
  5796. char *ids;
  5797. SMARTLIST_FOREACH(routers, routerinfo_t *, ri, {
  5798. char *b = tor_malloc(MAX_VERBOSE_NICKNAME_LEN+1);
  5799. router_get_verbose_nickname(b, ri);
  5800. smartlist_add(names, b);
  5801. });
  5802. ids = smartlist_join_strings(names, " ", 0, NULL);
  5803. tor_asprintf(&msg, "650 NEWDESC %s\r\n", ids);
  5804. send_control_event_string(EVENT_NEW_DESC, msg);
  5805. tor_free(ids);
  5806. tor_free(msg);
  5807. SMARTLIST_FOREACH(names, char *, cp, tor_free(cp));
  5808. smartlist_free(names);
  5809. }
  5810. return 0;
  5811. }
  5812. /** Called when an address mapping on <b>from</b> from changes to <b>to</b>.
  5813. * <b>expires</b> values less than 3 are special; see connection_edge.c. If
  5814. * <b>error</b> is non-NULL, it is an error code describing the failure
  5815. * mode of the mapping.
  5816. */
  5817. int
  5818. control_event_address_mapped(const char *from, const char *to, time_t expires,
  5819. const char *error, const int cached)
  5820. {
  5821. if (!EVENT_IS_INTERESTING(EVENT_ADDRMAP))
  5822. return 0;
  5823. if (expires < 3 || expires == TIME_MAX)
  5824. send_control_event(EVENT_ADDRMAP,
  5825. "650 ADDRMAP %s %s NEVER %s%s"
  5826. "CACHED=\"%s\"\r\n",
  5827. from, to, error?error:"", error?" ":"",
  5828. cached?"YES":"NO");
  5829. else {
  5830. char buf[ISO_TIME_LEN+1];
  5831. char buf2[ISO_TIME_LEN+1];
  5832. format_local_iso_time(buf,expires);
  5833. format_iso_time(buf2,expires);
  5834. send_control_event(EVENT_ADDRMAP,
  5835. "650 ADDRMAP %s %s \"%s\""
  5836. " %s%sEXPIRES=\"%s\" CACHED=\"%s\"\r\n",
  5837. from, to, buf,
  5838. error?error:"", error?" ":"",
  5839. buf2, cached?"YES":"NO");
  5840. }
  5841. return 0;
  5842. }
  5843. /** Cached liveness for network liveness events and GETINFO
  5844. */
  5845. static int network_is_live = 0;
  5846. static int
  5847. get_cached_network_liveness(void)
  5848. {
  5849. return network_is_live;
  5850. }
  5851. static void
  5852. set_cached_network_liveness(int liveness)
  5853. {
  5854. network_is_live = liveness;
  5855. }
  5856. /** The network liveness has changed; this is called from circuitstats.c
  5857. * whenever we receive a cell, or when timeout expires and we assume the
  5858. * network is down. */
  5859. int
  5860. control_event_network_liveness_update(int liveness)
  5861. {
  5862. if (liveness > 0) {
  5863. if (get_cached_network_liveness() <= 0) {
  5864. /* Update cached liveness */
  5865. set_cached_network_liveness(1);
  5866. log_debug(LD_CONTROL, "Sending NETWORK_LIVENESS UP");
  5867. send_control_event_string(EVENT_NETWORK_LIVENESS,
  5868. "650 NETWORK_LIVENESS UP\r\n");
  5869. }
  5870. /* else was already live, no-op */
  5871. } else {
  5872. if (get_cached_network_liveness() > 0) {
  5873. /* Update cached liveness */
  5874. set_cached_network_liveness(0);
  5875. log_debug(LD_CONTROL, "Sending NETWORK_LIVENESS DOWN");
  5876. send_control_event_string(EVENT_NETWORK_LIVENESS,
  5877. "650 NETWORK_LIVENESS DOWN\r\n");
  5878. }
  5879. /* else was already dead, no-op */
  5880. }
  5881. return 0;
  5882. }
  5883. /** Helper function for NS-style events. Constructs and sends an event
  5884. * of type <b>event</b> with string <b>event_string</b> out of the set of
  5885. * networkstatuses <b>statuses</b>. Currently it is used for NS events
  5886. * and NEWCONSENSUS events. */
  5887. static int
  5888. control_event_networkstatus_changed_helper(smartlist_t *statuses,
  5889. uint16_t event,
  5890. const char *event_string)
  5891. {
  5892. smartlist_t *strs;
  5893. char *s, *esc = NULL;
  5894. if (!EVENT_IS_INTERESTING(event) || !smartlist_len(statuses))
  5895. return 0;
  5896. strs = smartlist_new();
  5897. smartlist_add_strdup(strs, "650+");
  5898. smartlist_add_strdup(strs, event_string);
  5899. smartlist_add_strdup(strs, "\r\n");
  5900. SMARTLIST_FOREACH(statuses, const routerstatus_t *, rs,
  5901. {
  5902. s = networkstatus_getinfo_helper_single(rs);
  5903. if (!s) continue;
  5904. smartlist_add(strs, s);
  5905. });
  5906. s = smartlist_join_strings(strs, "", 0, NULL);
  5907. write_escaped_data(s, strlen(s), &esc);
  5908. SMARTLIST_FOREACH(strs, char *, cp, tor_free(cp));
  5909. smartlist_free(strs);
  5910. tor_free(s);
  5911. send_control_event_string(event, esc);
  5912. send_control_event_string(event,
  5913. "650 OK\r\n");
  5914. tor_free(esc);
  5915. return 0;
  5916. }
  5917. /** Called when the routerstatus_ts <b>statuses</b> have changed: sends
  5918. * an NS event to any controller that cares. */
  5919. int
  5920. control_event_networkstatus_changed(smartlist_t *statuses)
  5921. {
  5922. return control_event_networkstatus_changed_helper(statuses, EVENT_NS, "NS");
  5923. }
  5924. /** Called when we get a new consensus networkstatus. Sends a NEWCONSENSUS
  5925. * event consisting of an NS-style line for each relay in the consensus. */
  5926. int
  5927. control_event_newconsensus(const networkstatus_t *consensus)
  5928. {
  5929. if (!control_event_is_interesting(EVENT_NEWCONSENSUS))
  5930. return 0;
  5931. return control_event_networkstatus_changed_helper(
  5932. consensus->routerstatus_list, EVENT_NEWCONSENSUS, "NEWCONSENSUS");
  5933. }
  5934. /** Called when we compute a new circuitbuildtimeout */
  5935. int
  5936. control_event_buildtimeout_set(buildtimeout_set_event_t type,
  5937. const char *args)
  5938. {
  5939. const char *type_string = NULL;
  5940. if (!control_event_is_interesting(EVENT_BUILDTIMEOUT_SET))
  5941. return 0;
  5942. switch (type) {
  5943. case BUILDTIMEOUT_SET_EVENT_COMPUTED:
  5944. type_string = "COMPUTED";
  5945. break;
  5946. case BUILDTIMEOUT_SET_EVENT_RESET:
  5947. type_string = "RESET";
  5948. break;
  5949. case BUILDTIMEOUT_SET_EVENT_SUSPENDED:
  5950. type_string = "SUSPENDED";
  5951. break;
  5952. case BUILDTIMEOUT_SET_EVENT_DISCARD:
  5953. type_string = "DISCARD";
  5954. break;
  5955. case BUILDTIMEOUT_SET_EVENT_RESUME:
  5956. type_string = "RESUME";
  5957. break;
  5958. default:
  5959. type_string = "UNKNOWN";
  5960. break;
  5961. }
  5962. send_control_event(EVENT_BUILDTIMEOUT_SET,
  5963. "650 BUILDTIMEOUT_SET %s %s\r\n",
  5964. type_string, args);
  5965. return 0;
  5966. }
  5967. /** Called when a signal has been processed from signal_callback */
  5968. int
  5969. control_event_signal(uintptr_t signal_num)
  5970. {
  5971. const char *signal_string = NULL;
  5972. if (!control_event_is_interesting(EVENT_GOT_SIGNAL))
  5973. return 0;
  5974. switch (signal_num) {
  5975. case SIGHUP:
  5976. signal_string = "RELOAD";
  5977. break;
  5978. case SIGUSR1:
  5979. signal_string = "DUMP";
  5980. break;
  5981. case SIGUSR2:
  5982. signal_string = "DEBUG";
  5983. break;
  5984. case SIGNEWNYM:
  5985. signal_string = "NEWNYM";
  5986. break;
  5987. case SIGCLEARDNSCACHE:
  5988. signal_string = "CLEARDNSCACHE";
  5989. break;
  5990. case SIGHEARTBEAT:
  5991. signal_string = "HEARTBEAT";
  5992. break;
  5993. default:
  5994. log_warn(LD_BUG, "Unrecognized signal %lu in control_event_signal",
  5995. (unsigned long)signal_num);
  5996. return -1;
  5997. }
  5998. send_control_event(EVENT_GOT_SIGNAL, "650 SIGNAL %s\r\n",
  5999. signal_string);
  6000. return 0;
  6001. }
  6002. /** Called when a single local_routerstatus_t has changed: Sends an NS event
  6003. * to any controller that cares. */
  6004. int
  6005. control_event_networkstatus_changed_single(const routerstatus_t *rs)
  6006. {
  6007. smartlist_t *statuses;
  6008. int r;
  6009. if (!EVENT_IS_INTERESTING(EVENT_NS))
  6010. return 0;
  6011. statuses = smartlist_new();
  6012. smartlist_add(statuses, (void*)rs);
  6013. r = control_event_networkstatus_changed(statuses);
  6014. smartlist_free(statuses);
  6015. return r;
  6016. }
  6017. /** Our own router descriptor has changed; tell any controllers that care.
  6018. */
  6019. int
  6020. control_event_my_descriptor_changed(void)
  6021. {
  6022. send_control_event(EVENT_DESCCHANGED, "650 DESCCHANGED\r\n");
  6023. return 0;
  6024. }
  6025. /** Helper: sends a status event where <b>type</b> is one of
  6026. * EVENT_STATUS_{GENERAL,CLIENT,SERVER}, where <b>severity</b> is one of
  6027. * LOG_{NOTICE,WARN,ERR}, and where <b>format</b> is a printf-style format
  6028. * string corresponding to <b>args</b>. */
  6029. static int
  6030. control_event_status(int type, int severity, const char *format, va_list args)
  6031. {
  6032. char *user_buf = NULL;
  6033. char format_buf[160];
  6034. const char *status, *sev;
  6035. switch (type) {
  6036. case EVENT_STATUS_GENERAL:
  6037. status = "STATUS_GENERAL";
  6038. break;
  6039. case EVENT_STATUS_CLIENT:
  6040. status = "STATUS_CLIENT";
  6041. break;
  6042. case EVENT_STATUS_SERVER:
  6043. status = "STATUS_SERVER";
  6044. break;
  6045. default:
  6046. log_warn(LD_BUG, "Unrecognized status type %d", type);
  6047. return -1;
  6048. }
  6049. switch (severity) {
  6050. case LOG_NOTICE:
  6051. sev = "NOTICE";
  6052. break;
  6053. case LOG_WARN:
  6054. sev = "WARN";
  6055. break;
  6056. case LOG_ERR:
  6057. sev = "ERR";
  6058. break;
  6059. default:
  6060. log_warn(LD_BUG, "Unrecognized status severity %d", severity);
  6061. return -1;
  6062. }
  6063. if (tor_snprintf(format_buf, sizeof(format_buf), "650 %s %s",
  6064. status, sev)<0) {
  6065. log_warn(LD_BUG, "Format string too long.");
  6066. return -1;
  6067. }
  6068. tor_vasprintf(&user_buf, format, args);
  6069. send_control_event(type, "%s %s\r\n", format_buf, user_buf);
  6070. tor_free(user_buf);
  6071. return 0;
  6072. }
  6073. #define CONTROL_EVENT_STATUS_BODY(event, sev) \
  6074. int r; \
  6075. do { \
  6076. va_list ap; \
  6077. if (!EVENT_IS_INTERESTING(event)) \
  6078. return 0; \
  6079. \
  6080. va_start(ap, format); \
  6081. r = control_event_status((event), (sev), format, ap); \
  6082. va_end(ap); \
  6083. } while (0)
  6084. /** Format and send an EVENT_STATUS_GENERAL event whose main text is obtained
  6085. * by formatting the arguments using the printf-style <b>format</b>. */
  6086. int
  6087. control_event_general_status(int severity, const char *format, ...)
  6088. {
  6089. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_GENERAL, severity);
  6090. return r;
  6091. }
  6092. /** Format and send an EVENT_STATUS_GENERAL LOG_ERR event, and flush it to the
  6093. * controller(s) immediately. */
  6094. int
  6095. control_event_general_error(const char *format, ...)
  6096. {
  6097. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_GENERAL, LOG_ERR);
  6098. /* Force a flush, since we may be about to die horribly */
  6099. queued_events_flush_all(1);
  6100. return r;
  6101. }
  6102. /** Format and send an EVENT_STATUS_CLIENT event whose main text is obtained
  6103. * by formatting the arguments using the printf-style <b>format</b>. */
  6104. int
  6105. control_event_client_status(int severity, const char *format, ...)
  6106. {
  6107. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_CLIENT, severity);
  6108. return r;
  6109. }
  6110. /** Format and send an EVENT_STATUS_CLIENT LOG_ERR event, and flush it to the
  6111. * controller(s) immediately. */
  6112. int
  6113. control_event_client_error(const char *format, ...)
  6114. {
  6115. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_CLIENT, LOG_ERR);
  6116. /* Force a flush, since we may be about to die horribly */
  6117. queued_events_flush_all(1);
  6118. return r;
  6119. }
  6120. /** Format and send an EVENT_STATUS_SERVER event whose main text is obtained
  6121. * by formatting the arguments using the printf-style <b>format</b>. */
  6122. int
  6123. control_event_server_status(int severity, const char *format, ...)
  6124. {
  6125. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_SERVER, severity);
  6126. return r;
  6127. }
  6128. /** Format and send an EVENT_STATUS_SERVER LOG_ERR event, and flush it to the
  6129. * controller(s) immediately. */
  6130. int
  6131. control_event_server_error(const char *format, ...)
  6132. {
  6133. CONTROL_EVENT_STATUS_BODY(EVENT_STATUS_SERVER, LOG_ERR);
  6134. /* Force a flush, since we may be about to die horribly */
  6135. queued_events_flush_all(1);
  6136. return r;
  6137. }
  6138. /** Called when the status of an entry guard with the given <b>nickname</b>
  6139. * and identity <b>digest</b> has changed to <b>status</b>: tells any
  6140. * controllers that care. */
  6141. int
  6142. control_event_guard(const char *nickname, const char *digest,
  6143. const char *status)
  6144. {
  6145. char hbuf[HEX_DIGEST_LEN+1];
  6146. base16_encode(hbuf, sizeof(hbuf), digest, DIGEST_LEN);
  6147. if (!EVENT_IS_INTERESTING(EVENT_GUARD))
  6148. return 0;
  6149. {
  6150. char buf[MAX_VERBOSE_NICKNAME_LEN+1];
  6151. const node_t *node = node_get_by_id(digest);
  6152. if (node) {
  6153. node_get_verbose_nickname(node, buf);
  6154. } else {
  6155. tor_snprintf(buf, sizeof(buf), "$%s~%s", hbuf, nickname);
  6156. }
  6157. send_control_event(EVENT_GUARD,
  6158. "650 GUARD ENTRY %s %s\r\n", buf, status);
  6159. }
  6160. return 0;
  6161. }
  6162. /** Called when a configuration option changes. This is generally triggered
  6163. * by SETCONF requests and RELOAD/SIGHUP signals. The <b>elements</b> is
  6164. * a smartlist_t containing (key, value, ...) pairs in sequence.
  6165. * <b>value</b> can be NULL. */
  6166. int
  6167. control_event_conf_changed(const smartlist_t *elements)
  6168. {
  6169. int i;
  6170. char *result;
  6171. smartlist_t *lines;
  6172. if (!EVENT_IS_INTERESTING(EVENT_CONF_CHANGED) ||
  6173. smartlist_len(elements) == 0) {
  6174. return 0;
  6175. }
  6176. lines = smartlist_new();
  6177. for (i = 0; i < smartlist_len(elements); i += 2) {
  6178. char *k = smartlist_get(elements, i);
  6179. char *v = smartlist_get(elements, i+1);
  6180. if (v == NULL) {
  6181. smartlist_add_asprintf(lines, "650-%s", k);
  6182. } else {
  6183. smartlist_add_asprintf(lines, "650-%s=%s", k, v);
  6184. }
  6185. }
  6186. result = smartlist_join_strings(lines, "\r\n", 0, NULL);
  6187. send_control_event(EVENT_CONF_CHANGED,
  6188. "650-CONF_CHANGED\r\n%s\r\n650 OK\r\n", result);
  6189. tor_free(result);
  6190. SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  6191. smartlist_free(lines);
  6192. return 0;
  6193. }
  6194. /** Helper: Return a newly allocated string containing a path to the
  6195. * file where we store our authentication cookie. */
  6196. char *
  6197. get_controller_cookie_file_name(void)
  6198. {
  6199. const or_options_t *options = get_options();
  6200. if (options->CookieAuthFile && strlen(options->CookieAuthFile)) {
  6201. return tor_strdup(options->CookieAuthFile);
  6202. } else {
  6203. return get_datadir_fname("control_auth_cookie");
  6204. }
  6205. }
  6206. /* Initialize the cookie-based authentication system of the
  6207. * ControlPort. If <b>enabled</b> is 0, then disable the cookie
  6208. * authentication system. */
  6209. int
  6210. init_control_cookie_authentication(int enabled)
  6211. {
  6212. char *fname = NULL;
  6213. int retval;
  6214. if (!enabled) {
  6215. authentication_cookie_is_set = 0;
  6216. return 0;
  6217. }
  6218. fname = get_controller_cookie_file_name();
  6219. retval = init_cookie_authentication(fname, "", /* no header */
  6220. AUTHENTICATION_COOKIE_LEN,
  6221. get_options()->CookieAuthFileGroupReadable,
  6222. &authentication_cookie,
  6223. &authentication_cookie_is_set);
  6224. tor_free(fname);
  6225. return retval;
  6226. }
  6227. /** A copy of the process specifier of Tor's owning controller, or
  6228. * NULL if this Tor instance is not currently owned by a process. */
  6229. static char *owning_controller_process_spec = NULL;
  6230. /** A process-termination monitor for Tor's owning controller, or NULL
  6231. * if this Tor instance is not currently owned by a process. */
  6232. static tor_process_monitor_t *owning_controller_process_monitor = NULL;
  6233. /** Process-termination monitor callback for Tor's owning controller
  6234. * process. */
  6235. static void
  6236. owning_controller_procmon_cb(void *unused)
  6237. {
  6238. (void)unused;
  6239. lost_owning_controller("process", "vanished");
  6240. }
  6241. /** Set <b>process_spec</b> as Tor's owning controller process.
  6242. * Exit on failure. */
  6243. void
  6244. monitor_owning_controller_process(const char *process_spec)
  6245. {
  6246. const char *msg;
  6247. tor_assert((owning_controller_process_spec == NULL) ==
  6248. (owning_controller_process_monitor == NULL));
  6249. if (owning_controller_process_spec != NULL) {
  6250. if ((process_spec != NULL) && !strcmp(process_spec,
  6251. owning_controller_process_spec)) {
  6252. /* Same process -- return now, instead of disposing of and
  6253. * recreating the process-termination monitor. */
  6254. return;
  6255. }
  6256. /* We are currently owned by a process, and we should no longer be
  6257. * owned by it. Free the process-termination monitor. */
  6258. tor_process_monitor_free(owning_controller_process_monitor);
  6259. owning_controller_process_monitor = NULL;
  6260. tor_free(owning_controller_process_spec);
  6261. owning_controller_process_spec = NULL;
  6262. }
  6263. tor_assert((owning_controller_process_spec == NULL) &&
  6264. (owning_controller_process_monitor == NULL));
  6265. if (process_spec == NULL)
  6266. return;
  6267. owning_controller_process_spec = tor_strdup(process_spec);
  6268. owning_controller_process_monitor =
  6269. tor_process_monitor_new(tor_libevent_get_base(),
  6270. owning_controller_process_spec,
  6271. LD_CONTROL,
  6272. owning_controller_procmon_cb, NULL,
  6273. &msg);
  6274. if (owning_controller_process_monitor == NULL) {
  6275. log_err(LD_BUG, "Couldn't create process-termination monitor for "
  6276. "owning controller: %s. Exiting.",
  6277. msg);
  6278. owning_controller_process_spec = NULL;
  6279. tor_shutdown_event_loop_and_exit(1);
  6280. }
  6281. }
  6282. /** Convert the name of a bootstrapping phase <b>s</b> into strings
  6283. * <b>tag</b> and <b>summary</b> suitable for display by the controller. */
  6284. static int
  6285. bootstrap_status_to_string(bootstrap_status_t s, const char **tag,
  6286. const char **summary)
  6287. {
  6288. switch (s) {
  6289. case BOOTSTRAP_STATUS_UNDEF:
  6290. *tag = "undef";
  6291. *summary = "Undefined";
  6292. break;
  6293. case BOOTSTRAP_STATUS_STARTING:
  6294. *tag = "starting";
  6295. *summary = "Starting";
  6296. break;
  6297. case BOOTSTRAP_STATUS_CONN_DIR:
  6298. *tag = "conn_dir";
  6299. *summary = "Connecting to directory server";
  6300. break;
  6301. case BOOTSTRAP_STATUS_HANDSHAKE:
  6302. *tag = "status_handshake";
  6303. *summary = "Finishing handshake";
  6304. break;
  6305. case BOOTSTRAP_STATUS_HANDSHAKE_DIR:
  6306. *tag = "handshake_dir";
  6307. *summary = "Finishing handshake with directory server";
  6308. break;
  6309. case BOOTSTRAP_STATUS_ONEHOP_CREATE:
  6310. *tag = "onehop_create";
  6311. *summary = "Establishing an encrypted directory connection";
  6312. break;
  6313. case BOOTSTRAP_STATUS_REQUESTING_STATUS:
  6314. *tag = "requesting_status";
  6315. *summary = "Asking for networkstatus consensus";
  6316. break;
  6317. case BOOTSTRAP_STATUS_LOADING_STATUS:
  6318. *tag = "loading_status";
  6319. *summary = "Loading networkstatus consensus";
  6320. break;
  6321. case BOOTSTRAP_STATUS_LOADING_KEYS:
  6322. *tag = "loading_keys";
  6323. *summary = "Loading authority key certs";
  6324. break;
  6325. case BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS:
  6326. *tag = "requesting_descriptors";
  6327. /* XXXX this appears to incorrectly report internal on most loads */
  6328. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  6329. "Asking for relay descriptors for internal paths" :
  6330. "Asking for relay descriptors";
  6331. break;
  6332. /* If we're sure there are no exits in the consensus,
  6333. * inform the controller by adding "internal"
  6334. * to the status summaries.
  6335. * (We only check this while loading descriptors,
  6336. * so we may not know in the earlier stages.)
  6337. * But if there are exits, we can't be sure whether
  6338. * we're creating internal or exit paths/circuits.
  6339. * XXXX Or should be use different tags or statuses
  6340. * for internal and exit/all? */
  6341. case BOOTSTRAP_STATUS_LOADING_DESCRIPTORS:
  6342. *tag = "loading_descriptors";
  6343. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  6344. "Loading relay descriptors for internal paths" :
  6345. "Loading relay descriptors";
  6346. break;
  6347. case BOOTSTRAP_STATUS_CONN_OR:
  6348. *tag = "conn_or";
  6349. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  6350. "Connecting to the Tor network internally" :
  6351. "Connecting to the Tor network";
  6352. break;
  6353. case BOOTSTRAP_STATUS_HANDSHAKE_OR:
  6354. *tag = "handshake_or";
  6355. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  6356. "Finishing handshake with first hop of internal circuit" :
  6357. "Finishing handshake with first hop";
  6358. break;
  6359. case BOOTSTRAP_STATUS_CIRCUIT_CREATE:
  6360. *tag = "circuit_create";
  6361. *summary = router_have_consensus_path() == CONSENSUS_PATH_INTERNAL ?
  6362. "Establishing an internal Tor circuit" :
  6363. "Establishing a Tor circuit";
  6364. break;
  6365. case BOOTSTRAP_STATUS_DONE:
  6366. *tag = "done";
  6367. *summary = "Done";
  6368. break;
  6369. default:
  6370. // log_warn(LD_BUG, "Unrecognized bootstrap status code %d", s);
  6371. *tag = *summary = "unknown";
  6372. return -1;
  6373. }
  6374. return 0;
  6375. }
  6376. /** What percentage through the bootstrap process are we? We remember
  6377. * this so we can avoid sending redundant bootstrap status events, and
  6378. * so we can guess context for the bootstrap messages which are
  6379. * ambiguous. It starts at 'undef', but gets set to 'starting' while
  6380. * Tor initializes. */
  6381. static int bootstrap_percent = BOOTSTRAP_STATUS_UNDEF;
  6382. /** As bootstrap_percent, but holds the bootstrapping level at which we last
  6383. * logged a NOTICE-level message. We use this, plus BOOTSTRAP_PCT_INCREMENT,
  6384. * to avoid flooding the log with a new message every time we get a few more
  6385. * microdescriptors */
  6386. static int notice_bootstrap_percent = 0;
  6387. /** How many problems have we had getting to the next bootstrapping phase?
  6388. * These include failure to establish a connection to a Tor relay,
  6389. * failures to finish the TLS handshake, failures to validate the
  6390. * consensus document, etc. */
  6391. static int bootstrap_problems = 0;
  6392. /** We only tell the controller once we've hit a threshold of problems
  6393. * for the current phase. */
  6394. #define BOOTSTRAP_PROBLEM_THRESHOLD 10
  6395. /** When our bootstrapping progress level changes, but our bootstrapping
  6396. * status has not advanced, we only log at NOTICE when we have made at least
  6397. * this much progress.
  6398. */
  6399. #define BOOTSTRAP_PCT_INCREMENT 5
  6400. /** Called when Tor has made progress at bootstrapping its directory
  6401. * information and initial circuits.
  6402. *
  6403. * <b>status</b> is the new status, that is, what task we will be doing
  6404. * next. <b>progress</b> is zero if we just started this task, else it
  6405. * represents progress on the task.
  6406. *
  6407. * Return true if we logged a message at level NOTICE, and false otherwise.
  6408. */
  6409. int
  6410. control_event_bootstrap(bootstrap_status_t status, int progress)
  6411. {
  6412. const char *tag, *summary;
  6413. char buf[BOOTSTRAP_MSG_LEN];
  6414. if (bootstrap_percent == BOOTSTRAP_STATUS_DONE)
  6415. return 0; /* already bootstrapped; nothing to be done here. */
  6416. /* special case for handshaking status, since our TLS handshaking code
  6417. * can't distinguish what the connection is going to be for. */
  6418. if (status == BOOTSTRAP_STATUS_HANDSHAKE) {
  6419. if (bootstrap_percent < BOOTSTRAP_STATUS_CONN_OR) {
  6420. status = BOOTSTRAP_STATUS_HANDSHAKE_DIR;
  6421. } else {
  6422. status = BOOTSTRAP_STATUS_HANDSHAKE_OR;
  6423. }
  6424. }
  6425. if (status > bootstrap_percent ||
  6426. (progress && progress > bootstrap_percent)) {
  6427. int loglevel = LOG_NOTICE;
  6428. bootstrap_status_to_string(status, &tag, &summary);
  6429. if (status <= bootstrap_percent &&
  6430. (progress < notice_bootstrap_percent + BOOTSTRAP_PCT_INCREMENT)) {
  6431. /* We log the message at info if the status hasn't advanced, and if less
  6432. * than BOOTSTRAP_PCT_INCREMENT progress has been made.
  6433. */
  6434. loglevel = LOG_INFO;
  6435. }
  6436. tor_log(loglevel, LD_CONTROL,
  6437. "Bootstrapped %d%%: %s", progress ? progress : status, summary);
  6438. tor_snprintf(buf, sizeof(buf),
  6439. "BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY=\"%s\"",
  6440. progress ? progress : status, tag, summary);
  6441. tor_snprintf(last_sent_bootstrap_message,
  6442. sizeof(last_sent_bootstrap_message),
  6443. "NOTICE %s", buf);
  6444. control_event_client_status(LOG_NOTICE, "%s", buf);
  6445. if (status > bootstrap_percent) {
  6446. bootstrap_percent = status; /* new milestone reached */
  6447. }
  6448. if (progress > bootstrap_percent) {
  6449. /* incremental progress within a milestone */
  6450. bootstrap_percent = progress;
  6451. bootstrap_problems = 0; /* Progress! Reset our problem counter. */
  6452. }
  6453. if (loglevel == LOG_NOTICE &&
  6454. bootstrap_percent > notice_bootstrap_percent) {
  6455. /* Remember that we gave a notice at this level. */
  6456. notice_bootstrap_percent = bootstrap_percent;
  6457. }
  6458. return loglevel == LOG_NOTICE;
  6459. }
  6460. return 0;
  6461. }
  6462. /** Called when Tor has failed to make bootstrapping progress in a way
  6463. * that indicates a problem. <b>warn</b> gives a human-readable hint
  6464. * as to why, and <b>reason</b> provides a controller-facing short
  6465. * tag. <b>conn</b> is the connection that caused this problem and
  6466. * can be NULL if a connection cannot be easily identified.
  6467. */
  6468. void
  6469. control_event_bootstrap_problem(const char *warn, const char *reason,
  6470. const connection_t *conn, int dowarn)
  6471. {
  6472. int status = bootstrap_percent;
  6473. const char *tag = "", *summary = "";
  6474. char buf[BOOTSTRAP_MSG_LEN];
  6475. const char *recommendation = "ignore";
  6476. int severity;
  6477. char *or_id = NULL, *hostaddr = NULL;
  6478. or_connection_t *or_conn = NULL;
  6479. /* bootstrap_percent must not be in "undefined" state here. */
  6480. tor_assert(status >= 0);
  6481. if (bootstrap_percent == 100)
  6482. return; /* already bootstrapped; nothing to be done here. */
  6483. bootstrap_problems++;
  6484. if (bootstrap_problems >= BOOTSTRAP_PROBLEM_THRESHOLD)
  6485. dowarn = 1;
  6486. /* Don't warn about our bootstrapping status if we are hibernating or
  6487. * shutting down. */
  6488. if (we_are_hibernating())
  6489. dowarn = 0;
  6490. while (status>=0 && bootstrap_status_to_string(status, &tag, &summary) < 0)
  6491. status--; /* find a recognized status string based on current progress */
  6492. status = bootstrap_percent; /* set status back to the actual number */
  6493. severity = dowarn ? LOG_WARN : LOG_INFO;
  6494. if (dowarn)
  6495. recommendation = "warn";
  6496. if (conn && conn->type == CONN_TYPE_OR) {
  6497. /* XXX TO_OR_CONN can't deal with const */
  6498. or_conn = TO_OR_CONN((connection_t *)conn);
  6499. or_id = tor_strdup(hex_str(or_conn->identity_digest, DIGEST_LEN));
  6500. } else {
  6501. or_id = tor_strdup("?");
  6502. }
  6503. if (conn)
  6504. tor_asprintf(&hostaddr, "%s:%d", conn->address, (int)conn->port);
  6505. else
  6506. hostaddr = tor_strdup("?");
  6507. log_fn(severity,
  6508. LD_CONTROL, "Problem bootstrapping. Stuck at %d%%: %s. (%s; %s; "
  6509. "count %d; recommendation %s; host %s at %s)",
  6510. status, summary, warn, reason,
  6511. bootstrap_problems, recommendation,
  6512. or_id, hostaddr);
  6513. connection_or_report_broken_states(severity, LD_HANDSHAKE);
  6514. tor_snprintf(buf, sizeof(buf),
  6515. "BOOTSTRAP PROGRESS=%d TAG=%s SUMMARY=\"%s\" WARNING=\"%s\" REASON=%s "
  6516. "COUNT=%d RECOMMENDATION=%s HOSTID=\"%s\" HOSTADDR=\"%s\"",
  6517. bootstrap_percent, tag, summary, warn, reason, bootstrap_problems,
  6518. recommendation,
  6519. or_id, hostaddr);
  6520. tor_snprintf(last_sent_bootstrap_message,
  6521. sizeof(last_sent_bootstrap_message),
  6522. "WARN %s", buf);
  6523. control_event_client_status(LOG_WARN, "%s", buf);
  6524. tor_free(hostaddr);
  6525. tor_free(or_id);
  6526. }
  6527. /** Called when Tor has failed to make bootstrapping progress in a way
  6528. * that indicates a problem. <b>warn</b> gives a hint as to why, and
  6529. * <b>reason</b> provides an "or_conn_end_reason" tag. <b>or_conn</b>
  6530. * is the connection that caused this problem.
  6531. */
  6532. MOCK_IMPL(void,
  6533. control_event_bootstrap_prob_or, (const char *warn, int reason,
  6534. or_connection_t *or_conn))
  6535. {
  6536. int dowarn = 0;
  6537. if (or_conn->have_noted_bootstrap_problem)
  6538. return;
  6539. or_conn->have_noted_bootstrap_problem = 1;
  6540. if (reason == END_OR_CONN_REASON_NO_ROUTE)
  6541. dowarn = 1;
  6542. /* If we are using bridges and all our OR connections are now
  6543. closed, it means that we totally failed to connect to our
  6544. bridges. Throw a warning. */
  6545. if (get_options()->UseBridges && !any_other_active_or_conns(or_conn))
  6546. dowarn = 1;
  6547. control_event_bootstrap_problem(warn,
  6548. orconn_end_reason_to_control_string(reason),
  6549. TO_CONN(or_conn), dowarn);
  6550. }
  6551. /** We just generated a new summary of which countries we've seen clients
  6552. * from recently. Send a copy to the controller in case it wants to
  6553. * display it for the user. */
  6554. void
  6555. control_event_clients_seen(const char *controller_str)
  6556. {
  6557. send_control_event(EVENT_CLIENTS_SEEN,
  6558. "650 CLIENTS_SEEN %s\r\n", controller_str);
  6559. }
  6560. /** A new pluggable transport called <b>transport_name</b> was
  6561. * launched on <b>addr</b>:<b>port</b>. <b>mode</b> is either
  6562. * "server" or "client" depending on the mode of the pluggable
  6563. * transport.
  6564. * "650" SP "TRANSPORT_LAUNCHED" SP Mode SP Name SP Address SP Port
  6565. */
  6566. void
  6567. control_event_transport_launched(const char *mode, const char *transport_name,
  6568. tor_addr_t *addr, uint16_t port)
  6569. {
  6570. send_control_event(EVENT_TRANSPORT_LAUNCHED,
  6571. "650 TRANSPORT_LAUNCHED %s %s %s %u\r\n",
  6572. mode, transport_name, fmt_addr(addr), port);
  6573. }
  6574. /** Convert rendezvous auth type to string for HS_DESC control events
  6575. */
  6576. const char *
  6577. rend_auth_type_to_string(rend_auth_type_t auth_type)
  6578. {
  6579. const char *str;
  6580. switch (auth_type) {
  6581. case REND_NO_AUTH:
  6582. str = "NO_AUTH";
  6583. break;
  6584. case REND_BASIC_AUTH:
  6585. str = "BASIC_AUTH";
  6586. break;
  6587. case REND_STEALTH_AUTH:
  6588. str = "STEALTH_AUTH";
  6589. break;
  6590. default:
  6591. str = "UNKNOWN";
  6592. }
  6593. return str;
  6594. }
  6595. /** Return a longname the node whose identity is <b>id_digest</b>. If
  6596. * node_get_by_id() returns NULL, base 16 encoding of <b>id_digest</b> is
  6597. * returned instead.
  6598. *
  6599. * This function is not thread-safe. Each call to this function invalidates
  6600. * previous values returned by this function.
  6601. */
  6602. MOCK_IMPL(const char *,
  6603. node_describe_longname_by_id,(const char *id_digest))
  6604. {
  6605. static char longname[MAX_VERBOSE_NICKNAME_LEN+1];
  6606. node_get_verbose_nickname_by_id(id_digest, longname);
  6607. return longname;
  6608. }
  6609. /** Return either the onion address if the given pointer is a non empty
  6610. * string else the unknown string. */
  6611. static const char *
  6612. rend_hsaddress_str_or_unknown(const char *onion_address)
  6613. {
  6614. static const char *str_unknown = "UNKNOWN";
  6615. const char *str_ret = str_unknown;
  6616. /* No valid pointer, unknown it is. */
  6617. if (!onion_address) {
  6618. goto end;
  6619. }
  6620. /* Empty onion address thus we don't know, unknown it is. */
  6621. if (onion_address[0] == '\0') {
  6622. goto end;
  6623. }
  6624. /* All checks are good so return the given onion address. */
  6625. str_ret = onion_address;
  6626. end:
  6627. return str_ret;
  6628. }
  6629. /** send HS_DESC requested event.
  6630. *
  6631. * <b>rend_query</b> is used to fetch requested onion address and auth type.
  6632. * <b>hs_dir</b> is the description of contacting hs directory.
  6633. * <b>desc_id_base32</b> is the ID of requested hs descriptor.
  6634. * <b>hsdir_index</b> is the HSDir fetch index value for v3, an hex string.
  6635. */
  6636. void
  6637. control_event_hs_descriptor_requested(const char *onion_address,
  6638. rend_auth_type_t auth_type,
  6639. const char *id_digest,
  6640. const char *desc_id,
  6641. const char *hsdir_index)
  6642. {
  6643. char *hsdir_index_field = NULL;
  6644. if (BUG(!id_digest || !desc_id)) {
  6645. return;
  6646. }
  6647. if (hsdir_index) {
  6648. tor_asprintf(&hsdir_index_field, " HSDIR_INDEX=%s", hsdir_index);
  6649. }
  6650. send_control_event(EVENT_HS_DESC,
  6651. "650 HS_DESC REQUESTED %s %s %s %s%s\r\n",
  6652. rend_hsaddress_str_or_unknown(onion_address),
  6653. rend_auth_type_to_string(auth_type),
  6654. node_describe_longname_by_id(id_digest),
  6655. desc_id,
  6656. hsdir_index_field ? hsdir_index_field : "");
  6657. tor_free(hsdir_index_field);
  6658. }
  6659. /** For an HS descriptor query <b>rend_data</b>, using the
  6660. * <b>onion_address</b> and HSDir fingerprint <b>hsdir_fp</b>, find out
  6661. * which descriptor ID in the query is the right one.
  6662. *
  6663. * Return a pointer of the binary descriptor ID found in the query's object
  6664. * or NULL if not found. */
  6665. static const char *
  6666. get_desc_id_from_query(const rend_data_t *rend_data, const char *hsdir_fp)
  6667. {
  6668. int replica;
  6669. const char *desc_id = NULL;
  6670. const rend_data_v2_t *rend_data_v2 = TO_REND_DATA_V2(rend_data);
  6671. /* Possible if the fetch was done using a descriptor ID. This means that
  6672. * the HSFETCH command was used. */
  6673. if (!tor_digest_is_zero(rend_data_v2->desc_id_fetch)) {
  6674. desc_id = rend_data_v2->desc_id_fetch;
  6675. goto end;
  6676. }
  6677. /* Without a directory fingerprint at this stage, we can't do much. */
  6678. if (hsdir_fp == NULL) {
  6679. goto end;
  6680. }
  6681. /* OK, we have an onion address so now let's find which descriptor ID
  6682. * is the one associated with the HSDir fingerprint. */
  6683. for (replica = 0; replica < REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
  6684. replica++) {
  6685. const char *digest = rend_data_get_desc_id(rend_data, replica, NULL);
  6686. SMARTLIST_FOREACH_BEGIN(rend_data->hsdirs_fp, char *, fingerprint) {
  6687. if (tor_memcmp(fingerprint, hsdir_fp, DIGEST_LEN) == 0) {
  6688. /* Found it! This descriptor ID is the right one. */
  6689. desc_id = digest;
  6690. goto end;
  6691. }
  6692. } SMARTLIST_FOREACH_END(fingerprint);
  6693. }
  6694. end:
  6695. return desc_id;
  6696. }
  6697. /** send HS_DESC CREATED event when a local service generates a descriptor.
  6698. *
  6699. * <b>onion_address</b> is service address.
  6700. * <b>desc_id</b> is the descriptor ID.
  6701. * <b>replica</b> is the the descriptor replica number. If it is negative, it
  6702. * is ignored.
  6703. */
  6704. void
  6705. control_event_hs_descriptor_created(const char *onion_address,
  6706. const char *desc_id,
  6707. int replica)
  6708. {
  6709. char *replica_field = NULL;
  6710. if (BUG(!onion_address || !desc_id)) {
  6711. return;
  6712. }
  6713. if (replica >= 0) {
  6714. tor_asprintf(&replica_field, " REPLICA=%d", replica);
  6715. }
  6716. send_control_event(EVENT_HS_DESC,
  6717. "650 HS_DESC CREATED %s UNKNOWN UNKNOWN %s%s\r\n",
  6718. onion_address, desc_id,
  6719. replica_field ? replica_field : "");
  6720. tor_free(replica_field);
  6721. }
  6722. /** send HS_DESC upload event.
  6723. *
  6724. * <b>onion_address</b> is service address.
  6725. * <b>hs_dir</b> is the description of contacting hs directory.
  6726. * <b>desc_id</b> is the ID of requested hs descriptor.
  6727. */
  6728. void
  6729. control_event_hs_descriptor_upload(const char *onion_address,
  6730. const char *id_digest,
  6731. const char *desc_id,
  6732. const char *hsdir_index)
  6733. {
  6734. char *hsdir_index_field = NULL;
  6735. if (BUG(!onion_address || !id_digest || !desc_id)) {
  6736. return;
  6737. }
  6738. if (hsdir_index) {
  6739. tor_asprintf(&hsdir_index_field, " HSDIR_INDEX=%s", hsdir_index);
  6740. }
  6741. send_control_event(EVENT_HS_DESC,
  6742. "650 HS_DESC UPLOAD %s UNKNOWN %s %s%s\r\n",
  6743. onion_address,
  6744. node_describe_longname_by_id(id_digest),
  6745. desc_id,
  6746. hsdir_index_field ? hsdir_index_field : "");
  6747. tor_free(hsdir_index_field);
  6748. }
  6749. /** send HS_DESC event after got response from hs directory.
  6750. *
  6751. * NOTE: this is an internal function used by following functions:
  6752. * control_event_hsv2_descriptor_received
  6753. * control_event_hsv2_descriptor_failed
  6754. * control_event_hsv3_descriptor_failed
  6755. *
  6756. * So do not call this function directly.
  6757. */
  6758. static void
  6759. event_hs_descriptor_receive_end(const char *action,
  6760. const char *onion_address,
  6761. const char *desc_id,
  6762. rend_auth_type_t auth_type,
  6763. const char *hsdir_id_digest,
  6764. const char *reason)
  6765. {
  6766. char *reason_field = NULL;
  6767. if (BUG(!action || !onion_address)) {
  6768. return;
  6769. }
  6770. if (reason) {
  6771. tor_asprintf(&reason_field, " REASON=%s", reason);
  6772. }
  6773. send_control_event(EVENT_HS_DESC,
  6774. "650 HS_DESC %s %s %s %s%s%s\r\n",
  6775. action,
  6776. rend_hsaddress_str_or_unknown(onion_address),
  6777. rend_auth_type_to_string(auth_type),
  6778. hsdir_id_digest ?
  6779. node_describe_longname_by_id(hsdir_id_digest) :
  6780. "UNKNOWN",
  6781. desc_id ? desc_id : "",
  6782. reason_field ? reason_field : "");
  6783. tor_free(reason_field);
  6784. }
  6785. /** send HS_DESC event after got response from hs directory.
  6786. *
  6787. * NOTE: this is an internal function used by following functions:
  6788. * control_event_hs_descriptor_uploaded
  6789. * control_event_hs_descriptor_upload_failed
  6790. *
  6791. * So do not call this function directly.
  6792. */
  6793. void
  6794. control_event_hs_descriptor_upload_end(const char *action,
  6795. const char *onion_address,
  6796. const char *id_digest,
  6797. const char *reason)
  6798. {
  6799. char *reason_field = NULL;
  6800. if (BUG(!action || !id_digest)) {
  6801. return;
  6802. }
  6803. if (reason) {
  6804. tor_asprintf(&reason_field, " REASON=%s", reason);
  6805. }
  6806. send_control_event(EVENT_HS_DESC,
  6807. "650 HS_DESC %s %s UNKNOWN %s%s\r\n",
  6808. action,
  6809. rend_hsaddress_str_or_unknown(onion_address),
  6810. node_describe_longname_by_id(id_digest),
  6811. reason_field ? reason_field : "");
  6812. tor_free(reason_field);
  6813. }
  6814. /** send HS_DESC RECEIVED event
  6815. *
  6816. * called when we successfully received a hidden service descriptor.
  6817. */
  6818. void
  6819. control_event_hsv2_descriptor_received(const char *onion_address,
  6820. const rend_data_t *rend_data,
  6821. const char *hsdir_id_digest)
  6822. {
  6823. char *desc_id_field = NULL;
  6824. const char *desc_id;
  6825. if (BUG(!rend_data || !hsdir_id_digest || !onion_address)) {
  6826. return;
  6827. }
  6828. desc_id = get_desc_id_from_query(rend_data, hsdir_id_digest);
  6829. if (desc_id != NULL) {
  6830. char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
  6831. /* Set the descriptor ID digest to base32 so we can send it. */
  6832. base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
  6833. DIGEST_LEN);
  6834. /* Extra whitespace is needed before the value. */
  6835. tor_asprintf(&desc_id_field, " %s", desc_id_base32);
  6836. }
  6837. event_hs_descriptor_receive_end("RECEIVED", onion_address, desc_id_field,
  6838. TO_REND_DATA_V2(rend_data)->auth_type,
  6839. hsdir_id_digest, NULL);
  6840. tor_free(desc_id_field);
  6841. }
  6842. /* Send HS_DESC RECEIVED event
  6843. *
  6844. * Called when we successfully received a hidden service descriptor. */
  6845. void
  6846. control_event_hsv3_descriptor_received(const char *onion_address,
  6847. const char *desc_id,
  6848. const char *hsdir_id_digest)
  6849. {
  6850. char *desc_id_field = NULL;
  6851. if (BUG(!onion_address || !desc_id || !hsdir_id_digest)) {
  6852. return;
  6853. }
  6854. /* Because DescriptorID is an optional positional value, we need to add a
  6855. * whitespace before in order to not be next to the HsDir value. */
  6856. tor_asprintf(&desc_id_field, " %s", desc_id);
  6857. event_hs_descriptor_receive_end("RECEIVED", onion_address, desc_id_field,
  6858. REND_NO_AUTH, hsdir_id_digest, NULL);
  6859. tor_free(desc_id_field);
  6860. }
  6861. /** send HS_DESC UPLOADED event
  6862. *
  6863. * called when we successfully uploaded a hidden service descriptor.
  6864. */
  6865. void
  6866. control_event_hs_descriptor_uploaded(const char *id_digest,
  6867. const char *onion_address)
  6868. {
  6869. if (BUG(!id_digest)) {
  6870. return;
  6871. }
  6872. control_event_hs_descriptor_upload_end("UPLOADED", onion_address,
  6873. id_digest, NULL);
  6874. }
  6875. /** Send HS_DESC event to inform controller that query <b>rend_data</b>
  6876. * failed to retrieve hidden service descriptor from directory identified by
  6877. * <b>id_digest</b>. If NULL, "UNKNOWN" is used. If <b>reason</b> is not NULL,
  6878. * add it to REASON= field.
  6879. */
  6880. void
  6881. control_event_hsv2_descriptor_failed(const rend_data_t *rend_data,
  6882. const char *hsdir_id_digest,
  6883. const char *reason)
  6884. {
  6885. char *desc_id_field = NULL;
  6886. const char *desc_id;
  6887. if (BUG(!rend_data)) {
  6888. return;
  6889. }
  6890. desc_id = get_desc_id_from_query(rend_data, hsdir_id_digest);
  6891. if (desc_id != NULL) {
  6892. char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
  6893. /* Set the descriptor ID digest to base32 so we can send it. */
  6894. base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_id,
  6895. DIGEST_LEN);
  6896. /* Extra whitespace is needed before the value. */
  6897. tor_asprintf(&desc_id_field, " %s", desc_id_base32);
  6898. }
  6899. event_hs_descriptor_receive_end("FAILED", rend_data_get_address(rend_data),
  6900. desc_id_field,
  6901. TO_REND_DATA_V2(rend_data)->auth_type,
  6902. hsdir_id_digest, reason);
  6903. tor_free(desc_id_field);
  6904. }
  6905. /** Send HS_DESC event to inform controller that the query to
  6906. * <b>onion_address</b> failed to retrieve hidden service descriptor
  6907. * <b>desc_id</b> from directory identified by <b>hsdir_id_digest</b>. If
  6908. * NULL, "UNKNOWN" is used. If <b>reason</b> is not NULL, add it to REASON=
  6909. * field. */
  6910. void
  6911. control_event_hsv3_descriptor_failed(const char *onion_address,
  6912. const char *desc_id,
  6913. const char *hsdir_id_digest,
  6914. const char *reason)
  6915. {
  6916. char *desc_id_field = NULL;
  6917. if (BUG(!onion_address || !desc_id || !reason)) {
  6918. return;
  6919. }
  6920. /* Because DescriptorID is an optional positional value, we need to add a
  6921. * whitespace before in order to not be next to the HsDir value. */
  6922. tor_asprintf(&desc_id_field, " %s", desc_id);
  6923. event_hs_descriptor_receive_end("FAILED", onion_address, desc_id_field,
  6924. REND_NO_AUTH, hsdir_id_digest, reason);
  6925. tor_free(desc_id_field);
  6926. }
  6927. /** Send HS_DESC_CONTENT event after completion of a successful fetch from hs
  6928. * directory. If <b>hsdir_id_digest</b> is NULL, it is replaced by "UNKNOWN".
  6929. * If <b>content</b> is NULL, it is replaced by an empty string. The
  6930. * <b>onion_address</b> or <b>desc_id</b> set to NULL will no trigger the
  6931. * control event. */
  6932. void
  6933. control_event_hs_descriptor_content(const char *onion_address,
  6934. const char *desc_id,
  6935. const char *hsdir_id_digest,
  6936. const char *content)
  6937. {
  6938. static const char *event_name = "HS_DESC_CONTENT";
  6939. char *esc_content = NULL;
  6940. if (!onion_address || !desc_id) {
  6941. log_warn(LD_BUG, "Called with onion_address==%p, desc_id==%p, ",
  6942. onion_address, desc_id);
  6943. return;
  6944. }
  6945. if (content == NULL) {
  6946. /* Point it to empty content so it can still be escaped. */
  6947. content = "";
  6948. }
  6949. write_escaped_data(content, strlen(content), &esc_content);
  6950. send_control_event(EVENT_HS_DESC_CONTENT,
  6951. "650+%s %s %s %s\r\n%s650 OK\r\n",
  6952. event_name,
  6953. rend_hsaddress_str_or_unknown(onion_address),
  6954. desc_id,
  6955. hsdir_id_digest ?
  6956. node_describe_longname_by_id(hsdir_id_digest) :
  6957. "UNKNOWN",
  6958. esc_content);
  6959. tor_free(esc_content);
  6960. }
  6961. /** Send HS_DESC event to inform controller upload of hidden service
  6962. * descriptor identified by <b>id_digest</b> failed. If <b>reason</b>
  6963. * is not NULL, add it to REASON= field.
  6964. */
  6965. void
  6966. control_event_hs_descriptor_upload_failed(const char *id_digest,
  6967. const char *onion_address,
  6968. const char *reason)
  6969. {
  6970. if (BUG(!id_digest)) {
  6971. return;
  6972. }
  6973. control_event_hs_descriptor_upload_end("FAILED", onion_address,
  6974. id_digest, reason);
  6975. }
  6976. /** Free any leftover allocated memory of the control.c subsystem. */
  6977. void
  6978. control_free_all(void)
  6979. {
  6980. smartlist_t *queued_events = NULL;
  6981. stats_prev_n_read = stats_prev_n_written = 0;
  6982. if (authentication_cookie) /* Free the auth cookie */
  6983. tor_free(authentication_cookie);
  6984. if (detached_onion_services) { /* Free the detached onion services */
  6985. SMARTLIST_FOREACH(detached_onion_services, char *, cp, tor_free(cp));
  6986. smartlist_free(detached_onion_services);
  6987. }
  6988. if (queued_control_events_lock) {
  6989. tor_mutex_acquire(queued_control_events_lock);
  6990. flush_queued_event_pending = 0;
  6991. queued_events = queued_control_events;
  6992. queued_control_events = NULL;
  6993. tor_mutex_release(queued_control_events_lock);
  6994. }
  6995. if (queued_events) {
  6996. SMARTLIST_FOREACH(queued_events, queued_event_t *, ev,
  6997. queued_event_free(ev));
  6998. smartlist_free(queued_events);
  6999. }
  7000. if (flush_queued_events_event) {
  7001. mainloop_event_free(flush_queued_events_event);
  7002. flush_queued_events_event = NULL;
  7003. }
  7004. bootstrap_percent = BOOTSTRAP_STATUS_UNDEF;
  7005. notice_bootstrap_percent = 0;
  7006. bootstrap_problems = 0;
  7007. authentication_cookie_is_set = 0;
  7008. global_event_mask = 0;
  7009. disable_log_messages = 0;
  7010. memset(last_sent_bootstrap_message, 0, sizeof(last_sent_bootstrap_message));
  7011. }
  7012. #ifdef TOR_UNIT_TESTS
  7013. /* For testing: change the value of global_event_mask */
  7014. void
  7015. control_testing_set_global_event_mask(uint64_t mask)
  7016. {
  7017. global_event_mask = mask;
  7018. }
  7019. #endif /* defined(TOR_UNIT_TESTS) */