compat.c 69.4 KB
Newer Older
1
2
/* Copyright (c) 2003-2004, Roger Dingledine
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
Karsten Loesing's avatar
Karsten Loesing committed
3
 * Copyright (c) 2007-2009, The Tor Project, Inc. */
4
5
/* See LICENSE for licensing information */

6
7
8
9
10
11
12
13
14
/**
 * \file compat.c
 * \brief Wrappers to make calls more portable.  This code defines
 * functions such as tor_malloc, tor_snprintf, get/set various data types,
 * renaming, setting socket options, switching user IDs.  It is basically
 * where the non-portable items are conditionally included depending on
 * the platform.
 **/

Nick Mathewson's avatar
Nick Mathewson committed
15
16
17
/* This is required on rh7 to make strptime not complain.
 * We also need it to make memmem get defined (where available)
 */
18
19
#define _GNU_SOURCE

Nick Mathewson's avatar
Nick Mathewson committed
20
#include "compat.h"
21
22
23

#ifdef MS_WINDOWS
#include <process.h>
24
#include <windows.h>
25
#include <sys/locking.h>
26
#endif
27

28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
#ifdef HAVE_UNAME
#include <sys/utsname.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_SYS_FCNTL_H
#include <sys/fcntl.h>
#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
#ifdef HAVE_GRP_H
#include <grp.h>
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_ERRNO_H
#include <errno.h>
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
52

53
54
55
56
57
#ifndef HAVE_GETTIMEOFDAY
#ifdef HAVE_FTIME
#include <sys/timeb.h>
#endif
#endif
58

59
60
61
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
62
63
64
65
66
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h> /* FreeBSD needs this to know what version it is */
#endif
#include <stdio.h>
#include <stdlib.h>
67
#include <assert.h>
68
69
70
#ifdef HAVE_SIGNAL_H
#include <signal.h>
#endif
71
72
73
74
75
76
#ifdef HAVE_UTIME_H
#include <utime.h>
#endif
#ifdef HAVE_SYS_UTIME_H
#include <sys/utime.h>
#endif
77
78
79
#ifdef HAVE_SYS_MMAN_H
#include <sys/mman.h>
#endif
80
81
82
#ifdef HAVE_SYS_SYSLIMITS_H
#include <sys/syslimits.h>
#endif
83
84
85
#ifdef HAVE_SYS_FILE_H
#include <sys/file.h>
#endif
86
87
88
89
#if defined(HAVE_SYS_PRCTL_H) && defined(__linux__)
/* Only use the linux prctl;  the IRIX prctl is totally different */
#include <sys/prctl.h>
#endif
90
91
92

#include "log.h"
#include "util.h"
93
#include "container.h"
94
#include "address.h"
95

Roger Dingledine's avatar
Roger Dingledine committed
96
/* Inline the strl functions if the platform doesn't have them. */
97
98
99
100
101
102
103
#ifndef HAVE_STRLCPY
#include "strlcpy.c"
#endif
#ifndef HAVE_STRLCAT
#include "strlcat.c"
#endif

104
#ifdef HAVE_SYS_MMAN_H
105
/** Try to create a memory mapping for <b>filename</b> and return it.  On
106
107
 * failure, return NULL.  Sets errno properly, using ERANGE to mean
 * "empty file". */
108
tor_mmap_t *
109
tor_mmap_file(const char *filename)
110
111
112
113
{
  int fd; /* router file */
  char *string;
  int page_size;
114
  tor_mmap_t *res;
115
  size_t size, filesize;
116
117
118
119
120

  tor_assert(filename);

  fd = open(filename, O_RDONLY, 0);
  if (fd<0) {
121
    int save_errno = errno;
122
123
124
    int severity = (errno == ENOENT) ? LOG_INFO : LOG_WARN;
    log_fn(severity, LD_FS,"Could not open \"%s\" for mmap(): %s",filename,
           strerror(errno));
125
    errno = save_errno;
126
127
128
    return NULL;
  }

129
  size = filesize = (size_t) lseek(fd, 0, SEEK_END);
130
131
132
  lseek(fd, 0, SEEK_SET);
  /* ensure page alignment */
  page_size = getpagesize();
133
  size += (size%page_size) ? page_size-(size%page_size) : 0;
134

135
  if (!size) {
136
137
    /* Zero-length file. If we call mmap on it, it will succeed but
     * return NULL, and bad things will happen. So just fail. */
138
    log_info(LD_FS,"File \"%s\" is empty. Ignoring.",filename);
139
    errno = ERANGE;
140
    close(fd);
141
142
143
    return NULL;
  }

144
  string = mmap(0, size, PROT_READ, MAP_PRIVATE, fd, 0);
145
  close(fd);
146
  if (string == MAP_FAILED) {
147
    int save_errno = errno;
148
149
    log_warn(LD_FS,"Could not mmap file \"%s\": %s", filename,
             strerror(errno));
150
    errno = save_errno;
151
152
153
    return NULL;
  }

154
155
156
  res = tor_malloc_zero(sizeof(tor_mmap_t));
  res->data = string;
  res->size = filesize;
157
  res->mapping_size = size;
158

159
  return res;
160
}
161
/** Release storage held for a memory mapping. */
162
163
164
void
tor_munmap_file(tor_mmap_t *handle)
{
165
166
  munmap((char*)handle->data, handle->mapping_size);
  tor_free(handle);
167
}
168
169
#elif defined(MS_WINDOWS)
tor_mmap_t *
170
tor_mmap_file(const char *filename)
171
{
Nick Mathewson's avatar
Nick Mathewson committed
172
  tor_mmap_t *res = tor_malloc_zero(sizeof(tor_mmap_t));
173
  int empty = 0;
174
175
  res->file_handle = INVALID_HANDLE_VALUE;
  res->mmap_handle = NULL;
176

177
  res->file_handle = CreateFile(filename,
178
179
                                GENERIC_READ, FILE_SHARE_READ,
                                NULL,
180
181
182
                                OPEN_EXISTING,
                                FILE_ATTRIBUTE_NORMAL,
                                0);
183
184

  if (res->file_handle == INVALID_HANDLE_VALUE)
185
    goto win_err;
186

187
  res->size = GetFileSize(res->file_handle, NULL);
188

189
  if (res->size == 0) {
190
    log_info(LD_FS,"File \"%s\" is empty. Ignoring.",filename);
191
    empty = 1;
192
193
194
    goto err;
  }

195
196
197
  res->mmap_handle = CreateFileMapping(res->file_handle,
                                       NULL,
                                       PAGE_READONLY,
198
#if SIZEOF_SIZE_T > 4
199
                                       (res->base.size >> 32),
200
201
202
#else
                                       0,
#endif
Nick Mathewson's avatar
Nick Mathewson committed
203
                                       (res->size & 0xfffffffful),
204
                                       NULL);
205
  if (res->mmap_handle == NULL)
206
    goto win_err;
207
208
209
210
  res->data = (char*) MapViewOfFile(res->mmap_handle,
                                    FILE_MAP_READ,
                                    0, 0, 0);
  if (!res->data)
211
    goto win_err;
212

213
  return res;
214
215
 win_err: {
    DWORD e = GetLastError();
216
    int severity = (e == ERROR_FILE_NOT_FOUND || e == ERROR_PATH_NOT_FOUND) ?
217
218
      LOG_INFO : LOG_WARN;
    char *msg = format_win32_error(e);
219
    log_fn(severity, LD_FS, "Couldn't mmap file \"%s\": %s", filename, msg);
220
    tor_free(msg);
221
222
223
224
    if (e == ERROR_FILE_NOT_FOUND || e == ERROR_PATH_NOT_FOUND)
      errno = ENOENT;
    else
      errno = EINVAL;
225
  }
226
 err:
227
228
  if (empty)
    errno = ERANGE;
229
  tor_munmap_file(res);
230
231
  return NULL;
}
232
void
233
tor_munmap_file(tor_mmap_t *handle)
234
{
235
  if (handle->data)
236
237
    /* This is an ugly cast, but without it, "data" in struct tor_mmap_t would
       have to be redefined as non-const. */
238
239
    UnmapViewOfFile( (LPVOID) handle->data);

240
  if (handle->mmap_handle != NULL)
Nick Mathewson's avatar
Nick Mathewson committed
241
    CloseHandle(handle->mmap_handle);
242
  if (handle->file_handle != INVALID_HANDLE_VALUE)
Nick Mathewson's avatar
Nick Mathewson committed
243
    CloseHandle(handle->file_handle);
244
  tor_free(handle);
245
246
}
#else
247
tor_mmap_t *
248
tor_mmap_file(const char *filename)
249
{
250
  struct stat st;
251
  char *res = read_file_to_str(filename, RFTS_BIN|RFTS_IGNORE_MISSING, &st);
252
  tor_mmap_t *handle;
253
254
  if (! res)
    return NULL;
255
  handle = tor_malloc_zero(sizeof(tor_mmap_t));
256
  handle->data = res;
257
  handle->size = st.st_size;
258
  return handle;
259
260
}
void
261
tor_munmap_file(tor_mmap_t *handle)
262
{
263
264
  char *d = (char*)handle->data;
  tor_free(d);
265
  memset(handle, 0, sizeof(tor_mmap_t));
266
  tor_free(handle);
267
268
269
}
#endif

270
271
272
/** Replacement for snprintf.  Differs from platform snprintf in two
 * ways: First, always NUL-terminates its output.  Second, always
 * returns -1 if the result is truncated.  (Note that this return
273
274
 * behavior does <i>not</i> conform to C99; it just happens to be
 * easier to emulate "return -1" with conformant implementations than
275
276
 * it is to emulate "return number that would be written" with
 * non-conformant implementations.) */
277
278
int
tor_snprintf(char *str, size_t size, const char *format, ...)
279
280
281
282
283
284
285
286
287
{
  va_list ap;
  int r;
  va_start(ap,format);
  r = tor_vsnprintf(str,size,format,ap);
  va_end(ap);
  return r;
}

288
/** Replacement for vsnprintf; behavior differs as tor_snprintf differs from
289
290
 * snprintf.
 */
291
292
int
tor_vsnprintf(char *str, size_t size, const char *format, va_list args)
293
294
{
  int r;
295
296
  if (size == 0)
    return -1; /* no place for the NUL */
297
  if (size > SSIZE_T_MAX-16)
298
    return -1;
299
300
301
302
303
304
#ifdef MS_WINDOWS
  r = _vsnprintf(str, size, format, args);
#else
  r = vsnprintf(str, size, format, args);
#endif
  str[size-1] = '\0';
305
  if (r < 0 || r >= (ssize_t)size)
306
307
308
309
    return -1;
  return r;
}

Nick Mathewson's avatar
Nick Mathewson committed
310
/** Given <b>hlen</b> bytes at <b>haystack</b> and <b>nlen</b> bytes at
Roger Dingledine's avatar
Roger Dingledine committed
311
 * <b>needle</b>, return a pointer to the first occurrence of the needle
Nick Mathewson's avatar
Nick Mathewson committed
312
313
314
315
316
 * within the haystack, or NULL if there is no such occurrence.
 *
 * Requires that nlen be greater than zero.
 */
const void *
317
318
tor_memmem(const void *_haystack, size_t hlen,
           const void *_needle, size_t nlen)
Nick Mathewson's avatar
Nick Mathewson committed
319
320
321
{
#if defined(HAVE_MEMMEM) && (!defined(__GNUC__) || __GNUC__ >= 2)
  tor_assert(nlen);
Nick Mathewson's avatar
Nick Mathewson committed
322
  return memmem(_haystack, hlen, _needle, nlen);
Nick Mathewson's avatar
Nick Mathewson committed
323
#else
324
325
  /* This isn't as fast as the GLIBC implementation, but it doesn't need to
   * be. */
Nick Mathewson's avatar
Nick Mathewson committed
326
327
328
  const char *p, *end;
  const char *haystack = (const char*)_haystack;
  const char *needle = (const char*)_needle;
Nick Mathewson's avatar
Nick Mathewson committed
329
330
331
332
333
334
335
  char first;
  tor_assert(nlen);

  p = haystack;
  end = haystack + hlen;
  first = *(const char*)needle;
  while ((p = memchr(p, first, end-p))) {
336
    if (p+nlen > end)
Nick Mathewson's avatar
Nick Mathewson committed
337
338
339
340
341
342
343
344
345
      return NULL;
    if (!memcmp(p, needle, nlen))
      return p;
    ++p;
  }
  return NULL;
#endif
}

346
347
348
349
/* Tables to implement ctypes-replacement TOR_IS*() functions.  Each table
 * has 256 bits to look up whether a character is in some set or not.  This
 * fails on non-ASCII platforms, but it is hard to find a platform whose
 * character set is not a superset of ASCII nowadays. */
350
const uint32_t TOR_ISALPHA_TABLE[8] =
351
  { 0, 0, 0x7fffffe, 0x7fffffe, 0, 0, 0, 0 };
352
const uint32_t TOR_ISALNUM_TABLE[8] =
353
  { 0, 0x3ff0000, 0x7fffffe, 0x7fffffe, 0, 0, 0, 0 };
354
355
const uint32_t TOR_ISSPACE_TABLE[8] = { 0x3e00, 0x1, 0, 0, 0, 0, 0, 0 };
const uint32_t TOR_ISXDIGIT_TABLE[8] =
356
  { 0, 0x3ff0000, 0x7e, 0x7e, 0, 0, 0, 0 };
357
358
const uint32_t TOR_ISDIGIT_TABLE[8] = { 0, 0x3ff0000, 0, 0, 0, 0, 0, 0 };
const uint32_t TOR_ISPRINT_TABLE[8] =
359
  { 0, 0xffffffff, 0xffffffff, 0x7fffffff, 0, 0, 0, 0x0 };
360
361
const uint32_t TOR_ISUPPER_TABLE[8] = { 0, 0, 0x7fffffe, 0, 0, 0, 0, 0 };
const uint32_t TOR_ISLOWER_TABLE[8] = { 0, 0, 0, 0x7fffffe, 0, 0, 0, 0 };
362
363
/* Upper-casing and lowercasing tables to map characters to upper/lowercase
 * equivalents. */
364
const char TOR_TOUPPER_TABLE[256] = {
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
  0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,
  16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,
  32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,
  48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,
  64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,
  80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,
  96,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,
  80,81,82,83,84,85,86,87,88,89,90,123,124,125,126,127,
  128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,
  144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,
  160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,
  176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,
  192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,
  208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,
  224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,
  240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,
};
382
const char TOR_TOLOWER_TABLE[256] = {
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
  0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,
  16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,
  32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,
  48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,
  64,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,
  112,113,114,115,116,117,118,119,120,121,122,91,92,93,94,95,
  96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,
  112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,
  128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,
  144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,
  160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,
  176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,
  192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,
  208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,
  224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,
  240,241,242,243,244,245,246,247,248,249,250,251,252,253,254,255,
};

401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
/** Implementation of strtok_r for platforms whose coders haven't figured out
 * how to write one.  Hey guys!  You can use this code here for free! */
char *
tor_strtok_r_impl(char *str, const char *sep, char **lasts)
{
  char *cp, *start;
  if (str)
    start = cp = *lasts = str;
  else if (!*lasts)
    return NULL;
  else
    start = cp = *lasts;

  tor_assert(*sep);
  if (sep[1]) {
    while (*cp && !strchr(sep, *cp))
      ++cp;
  } else {
    tor_assert(strlen(sep) == 1);
    cp = strchr(cp, *sep);
  }

  if (!cp || !*cp) {
    *lasts = NULL;
  } else {
    *cp++ = '\0';
    *lasts = cp;
  }
  return start;
}

432
#ifdef MS_WINDOWS
433
434
435
436
/** Take a filename and return a pointer to its final element.  This
 * function is called on __FILE__ to fix a MSVC nit where __FILE__
 * contains the full path to the file.  This is bad, because it
 * confuses users to find the home directory of the person who
Nick Mathewson's avatar
Nick Mathewson committed
437
 * compiled the binary in their warning messages.
438
439
 */
const char *
440
tor_fix_source_file(const char *fname)
441
{
442
  const char *cp1, *cp2, *r;
443
444
445
  cp1 = strrchr(fname, '/');
  cp2 = strrchr(fname, '\\');
  if (cp1 && cp2) {
446
    r = (cp1<cp2)?(cp2+1):(cp1+1);
447
  } else if (cp1) {
448
    r = cp1+1;
449
  } else if (cp2) {
450
    r = cp2+1;
451
  } else {
452
    r = fname;
453
  }
454
  return r;
455
}
456
#endif
457

458
/**
459
 * Read a 16-bit value beginning at <b>cp</b>.  Equivalent to
460
461
462
 * *(uint16_t*)(cp), but will not cause segfaults on platforms that forbid
 * unaligned memory access.
 */
463
464
uint16_t
get_uint16(const char *cp)
465
466
467
468
469
470
{
  uint16_t v;
  memcpy(&v,cp,2);
  return v;
}
/**
471
 * Read a 32-bit value beginning at <b>cp</b>.  Equivalent to
472
473
474
 * *(uint32_t*)(cp), but will not cause segfaults on platforms that forbid
 * unaligned memory access.
 */
475
476
uint32_t
get_uint32(const char *cp)
477
478
479
480
481
{
  uint32_t v;
  memcpy(&v,cp,4);
  return v;
}
482
/**
Sebastian Hahn's avatar
Sebastian Hahn committed
483
484
 * Read a 64-bit value beginning at <b>cp</b>.  Equivalent to
 * *(uint64_t*)(cp), but will not cause segfaults on platforms that forbid
485
486
487
488
489
490
491
492
493
494
 * unaligned memory access.
 */
uint64_t
get_uint64(const char *cp)
{
  uint64_t v;
  memcpy(&v,cp,8);
  return v;
}

495
496
/**
 * Set a 16-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
497
 * *(uint16_t*)(cp) = v, but will not cause segfaults on platforms that forbid
498
 * unaligned memory access. */
499
500
void
set_uint16(char *cp, uint16_t v)
501
502
503
504
505
{
  memcpy(cp,&v,2);
}
/**
 * Set a 32-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
506
 * *(uint32_t*)(cp) = v, but will not cause segfaults on platforms that forbid
507
 * unaligned memory access. */
508
509
void
set_uint32(char *cp, uint32_t v)
510
511
512
{
  memcpy(cp,&v,4);
}
513
514
515
516
517
518
519
520
521
/**
 * Set a 64-bit value beginning at <b>cp</b> to <b>v</b>. Equivalent to
 * *(uint64_t*)(cp) = v, but will not cause segfaults on platforms that forbid
 * unaligned memory access. */
void
set_uint64(char *cp, uint64_t v)
{
  memcpy(cp,&v,8);
}
522
523

/**
Nick Mathewson's avatar
Nick Mathewson committed
524
 * Rename the file <b>from</b> to the file <b>to</b>.  On Unix, this is
Roger Dingledine's avatar
Roger Dingledine committed
525
526
 * the same as rename(2).  On windows, this removes <b>to</b> first if
 * it already exists.
527
528
 * Returns 0 on success.  Returns -1 and sets errno on failure.
 */
529
530
int
replace_file(const char *from, const char *to)
531
532
533
534
{
#ifndef MS_WINDOWS
  return rename(from,to);
#else
535
  switch (file_status(to))
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
    {
    case FN_NOENT:
      break;
    case FN_FILE:
      if (unlink(to)) return -1;
      break;
    case FN_ERROR:
      return -1;
    case FN_DIR:
      errno = EISDIR;
      return -1;
    }
  return rename(from,to);
#endif
}

552
553
554
555
556
557
558
559
560
/** Change <b>fname</b>'s modification time to now. */
int
touch_file(const char *fname)
{
  if (utime(fname, NULL)!=0)
    return -1;
  return 0;
}

561
/** Represents a lockfile on which we hold the lock. */
562
563
564
565
566
struct tor_lockfile_t {
  char *filename;
  int fd;
};

567
568
569
570
571
572
573
574
575
/** Try to get a lock on the lockfile <b>filename</b>, creating it as
 * necessary.  If someone else has the lock and <b>blocking</b> is true,
 * wait until the lock is available.  Otherwise return immediately whether
 * we succeeded or not.
 *
 * Set *<b>locked_out</b> to true if somebody else had the lock, and to false
 * otherwise.
 *
 * Return a <b>tor_lockfile_t</b> on success, NULL on failure.
576
577
578
579
 *
 * (Implementation note: because we need to fall back to fcntl on some
 *  platforms, these locks are per-process, not per-thread.  If you want
 *  to do in-process locking, use tor_mutex_t like a normal person.)
580
 */
581
582
583
584
585
586
587
588
589
590
591
592
593
594
tor_lockfile_t *
tor_lockfile_lock(const char *filename, int blocking, int *locked_out)
{
  tor_lockfile_t *result;
  int fd;
  *locked_out = 0;

  log_info(LD_FS, "Locking \"%s\"", filename);
  fd = open(filename, O_RDWR|O_CREAT|O_TRUNC, 0600);
  if (fd < 0) {
    log_warn(LD_FS,"Couldn't open \"%s\" for locking: %s", filename,
             strerror(errno));
    return NULL;
  }
595

596
597
#ifdef WIN32
  _lseek(fd, 0, SEEK_SET);
598
  if (_locking(fd, blocking ? _LK_LOCK : _LK_NBLCK, 1) < 0) {
599
600
601
602
603
604
605
    if (errno != EDEADLOCK)
      log_warn(LD_FS,"Couldn't lock \"%s\": %s", filename, strerror(errno));
    else
      *locked_out = 1;
    close(fd);
    return NULL;
  }
606
#elif defined(HAVE_FLOCK)
607
608
609
610
611
612
613
614
  if (flock(fd, LOCK_EX|(blocking ? 0 : LOCK_NB)) < 0) {
    if (errno != EWOULDBLOCK)
      log_warn(LD_FS,"Couldn't lock \"%s\": %s", filename, strerror(errno));
    else
      *locked_out = 1;
    close(fd);
    return NULL;
  }
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
#else
  {
    struct flock lock;
    memset(&lock, 0, sizeof(lock));
    lock.l_type = F_WRLCK;
    lock.l_whence = SEEK_SET;
    if (fcntl(fd, blocking ? F_SETLKW : F_SETLK, &lock) < 0) {
      if (errno != EACCES && errno != EAGAIN)
        log_warn(LD_FS, "Couldn't lock \"%s\": %s", filename, strerror(errno));
      else
        *locked_out = 1;
      close(fd);
      return NULL;
    }
  }
630
631
632
633
634
635
636
637
#endif

  result = tor_malloc(sizeof(tor_lockfile_t));
  result->filename = tor_strdup(filename);
  result->fd = fd;
  return result;
}

638
/** Release the lock held as <b>lockfile</b>. */
639
640
641
642
643
644
645
void
tor_lockfile_unlock(tor_lockfile_t *lockfile)
{
  tor_assert(lockfile);

  log_info(LD_FS, "Unlocking \"%s\"", lockfile->filename);
#ifdef WIN32
646
  _lseek(lockfile->fd, 0, SEEK_SET);
647
  if (_locking(lockfile->fd, _LK_UNLCK, 1) < 0) {
648
649
650
    log_warn(LD_FS,"Error unlocking \"%s\": %s", lockfile->filename,
             strerror(errno));
  }
651
#elif defined(HAVE_FLOCK)
652
653
654
655
  if (flock(lockfile->fd, LOCK_UN) < 0) {
    log_warn(LD_FS, "Error unlocking \"%s\": %s", lockfile->filename,
             strerror(errno));
  }
656
657
#else
  /* Closing the lockfile is sufficient. */
658
659
660
661
662
663
664
665
#endif

  close(lockfile->fd);
  lockfile->fd = -1;
  tor_free(lockfile->filename);
  tor_free(lockfile);
}

Nick Mathewson's avatar
Nick Mathewson committed
666
/* Some old versions of Unix didn't define constants for these values,
667
668
669
670
671
672
673
674
 * and instead expect you to say 0, 1, or 2. */
#ifndef SEEK_CUR
#define SEEK_CUR 1
#endif
#ifndef SEEK_END
#define SEEK_END 2
#endif

Roger Dingledine's avatar
Roger Dingledine committed
675
/** Return the position of <b>fd</b> with respect to the start of the file. */
676
677
678
679
680
681
682
683
684
685
off_t
tor_fd_getpos(int fd)
{
#ifdef WIN32
  return (off_t) _lseek(fd, 0, SEEK_CUR);
#else
  return (off_t) lseek(fd, 0, SEEK_CUR);
#endif
}

Roger Dingledine's avatar
Roger Dingledine committed
686
/** Move <b>fd</b> to the end of the file. Return -1 on error, 0 on success. */
687
688
689
690
691
692
693
694
695
696
int
tor_fd_seekend(int fd)
{
#ifdef WIN32
  return _lseek(fd, 0, SEEK_END) < 0 ? -1 : 0;
#else
  return lseek(fd, 0, SEEK_END) < 0 ? -1 : 0;
#endif
}

697
698
#undef DEBUG_SOCKET_COUNTING
#ifdef DEBUG_SOCKET_COUNTING
699
700
/** A bitarray of all fds that should be passed to tor_socket_close(). Only
 * used if DEBUG_SOCKET_COUNTING is defined. */
701
static bitarray_t *open_sockets = NULL;
702
/** The size of <b>open_sockets</b>, in bits. */
703
704
705
static int max_socket = -1;
#endif

706
707
708
709
/** Count of number of sockets currently open.  (Undercounts sockets opened by
 * eventdns and libevent.) */
static int n_sockets_open = 0;

710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
/** Mutex to protect open_sockets, max_socket, and n_sockets_open. */
static tor_mutex_t *socket_accounting_mutex = NULL;

static INLINE void
socket_accounting_lock(void)
{
  if (PREDICT_UNLIKELY(!socket_accounting_mutex))
    socket_accounting_mutex = tor_mutex_new();
  tor_mutex_acquire(socket_accounting_mutex);
}

static INLINE void
socket_accounting_unlock(void)
{
  tor_mutex_release(socket_accounting_mutex);
}

727
/** As close(), but guaranteed to work for sockets across platforms (including
728
729
730
 * Windows, where close()ing a socket doesn't work.  Returns 0 on success, -1
 * on failure. */
int
731
732
tor_close_socket(int s)
{
733
  int r = 0;
734

735
736
737
738
739
740
  /* On Windows, you have to call close() on fds returned by open(),
   * and closesocket() on fds returned by socket().  On Unix, everything
   * gets close()'d.  We abstract this difference by always using
   * tor_close_socket to close sockets, and always using close() on
   * files.
   */
741
#if defined(MS_WINDOWS)
742
  r = closesocket(s);
743
#else
744
  r = close(s);
745
#endif
746
747
748
749
750
751
752
753
754
755
756

  socket_accounting_lock();
#ifdef DEBUG_SOCKET_COUNTING
  if (s > max_socket || ! bitarray_is_set(open_sockets, s)) {
    log_warn(LD_BUG, "Closing a socket (%d) that wasn't returned by tor_open_"
             "socket(), or that was already closed or something.", s);
  } else {
    tor_assert(open_sockets && s <= max_socket);
    bitarray_clear(open_sockets, s);
  }
#endif
757
758
759
760
761
762
763
764
765
766
767
768
769
770
  if (r == 0) {
    --n_sockets_open;
  } else {
    int err = tor_socket_errno(-1);
    log_info(LD_NET, "Close returned an error: %s", tor_socket_strerror(err));
#ifdef WIN32
    if (err != WSAENOTSOCK)
      --n_sockets_open;
#else
    if (err != EBADF)
      --n_sockets_open;
#endif
    r = -1;
  }
771

772
773
774
  if (n_sockets_open < 0)
    log_warn(LD_BUG, "Our socket count is below zero: %d. Please submit a "
             "bug report.", n_sockets_open);
775
  socket_accounting_unlock();
776
  return r;
777
778
}

779
#ifdef DEBUG_SOCKET_COUNTING
780
781
/** Helper: if DEBUG_SOCKET_COUNTING is enabled, remember that <b>s</b> is
 * now an open socket. */
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
static INLINE void
mark_socket_open(int s)
{
  if (s > max_socket) {
    if (max_socket == -1) {
      open_sockets = bitarray_init_zero(s+128);
      max_socket = s+128;
    } else {
      open_sockets = bitarray_expand(open_sockets, max_socket, s+128);
      max_socket = s+128;
    }
  }
  if (bitarray_is_set(open_sockets, s)) {
    log_warn(LD_BUG, "I thought that %d was already open, but socket() just "
             "gave it to me!", s);
  }
  bitarray_set(open_sockets, s);
}
#else
#define mark_socket_open(s) STMT_NIL
#endif

804
805
806
807
808
/** As socket(), but counts the number of open sockets. */
int
tor_open_socket(int domain, int type, int protocol)
{
  int s = socket(domain, type, protocol);
809
  if (s >= 0) {
810
    socket_accounting_lock();
811
    ++n_sockets_open;
812
    mark_socket_open(s);
813
    socket_accounting_unlock();
814
815
816
817
818
819
820
821
822
823
  }
  return s;
}

/** As socket(), but counts the number of open sockets. */
int
tor_accept_socket(int sockfd, struct sockaddr *addr, socklen_t *len)
{
  int s = accept(sockfd, addr, len);
  if (s >= 0) {
824
    socket_accounting_lock();
825
826
    ++n_sockets_open;
    mark_socket_open(s);
827
    socket_accounting_unlock();
828
  }
829
830
831
832
833
834
835
  return s;
}

/** Return the number of sockets we currently have opened. */
int
get_n_open_sockets(void)
{
836
837
838
839
840
  int n;
  socket_accounting_lock();
  n = n_sockets_open;
  socket_accounting_unlock();
  return n;
841
842
}

843
844
/** Turn <b>socket</b> into a nonblocking socket.
 */
845
846
void
set_socket_nonblocking(int socket)
847
{
848
#if defined(MS_WINDOWS)
849
850
  unsigned long nonblocking = 1;
  ioctlsocket(socket, FIONBIO, (unsigned long*) &nonblocking);
851
852
853
854
855
856
857
858
859
860
#else
  fcntl(socket, F_SETFL, O_NONBLOCK);
#endif
}

/**
 * Allocate a pair of connected sockets.  (Like socketpair(family,
 * type,protocol,fd), but works on systems that don't have
 * socketpair.)
 *
861
 * Currently, only (AF_UNIX, SOCK_STREAM, 0) sockets are supported.
862
863
864
865
866
867
 *
 * Note that on systems without socketpair, this call will fail if
 * localhost is inaccessible (for example, if the networking
 * stack is down). And even if it succeeds, the socket pair will not
 * be able to read while localhost is down later (the socket pair may
 * even close, depending on OS-specific timeouts).
868
 *
869
 * Returns 0 on success and -errno on failure; do not rely on the value
870
 * of errno or WSAGetLastError().
871
 **/
872
/* It would be nicer just to set errno, but that won't work for windows. */
873
874
875
int
tor_socketpair(int family, int type, int protocol, int fd[2])
{
876
877
//don't use win32 socketpairs (they are always bad)
#if defined(HAVE_SOCKETPAIR) && !defined(MS_WINDOWS)
878
879
  int r;
  r = socketpair(family, type, protocol, fd);
880
  if (r == 0) {
881
    socket_accounting_lock();
882
883
884
885
886
887
888
889
    if (fd[0] >= 0) {
      ++n_sockets_open;
      mark_socket_open(fd[0]);
    }
    if (fd[1] >= 0) {
      ++n_sockets_open;
      mark_socket_open(fd[1]);
    }
890
    socket_accounting_unlock();
891
  }
892
  return r < 0 ? -errno : r;
893
894
895
896
897
898
899
900
901
902
903
904
#else
    /* This socketpair does not work when localhost is down. So
     * it's really not the same thing at all. But it's close enough
     * for now, and really, when localhost is down sometimes, we
     * have other problems too.
     */
    int listener = -1;
    int connector = -1;
    int acceptor = -1;
    struct sockaddr_in listen_addr;
    struct sockaddr_in connect_addr;
    int size;
905
    int saved_errno = -1;
906
907
908
909
910
911
912

    if (protocol
#ifdef AF_UNIX
        || family != AF_UNIX
#endif
        ) {
#ifdef MS_WINDOWS
913
      return -WSAEAFNOSUPPORT;
914
#else
915
      return -EAFNOSUPPORT;
916
917
918
#endif
    }
    if (!fd) {
919
      return -EINVAL;
920
921
    }

922
    listener = tor_open_socket(AF_INET, type, 0);
923
    if (listener < 0)
924
      return -tor_socket_errno(-1);
925
    memset(&listen_addr, 0, sizeof(listen_addr));
926
    listen_addr.sin_family = AF_INET;
927
    listen_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
928
    listen_addr.sin_port = 0;   /* kernel chooses port.  */
929
930
    if (bind(listener, (struct sockaddr *) &listen_addr, sizeof (listen_addr))
        == -1)
931
      goto tidy_up_and_fail;
932
    if (listen(listener, 1) == -1)
933
      goto tidy_up_and_fail;
934

935
    connector = tor_open_socket(AF_INET, type, 0);
936
    if (connector < 0)
937
      goto tidy_up_and_fail;
938
    /* We want to find out the port number to connect to.  */
939
    size = sizeof(connect_addr);
940
    if (getsockname(listener, (struct sockaddr *) &connect_addr, &size) == -1)
941
      goto tidy_up_and_fail;
942
    if (size != sizeof (connect_addr))
943
      goto abort_tidy_up_and_fail;
944
    if (connect(connector, (struct sockaddr *) &connect_addr,
945
                sizeof(connect_addr)) == -1)
946
      goto tidy_up_and_fail;
947

948
    size = sizeof(listen_addr);
949
950
    acceptor = tor_accept_socket(listener,
                                 (struct sockaddr *) &listen_addr, &size);
951
    if (acceptor < 0)
952
      goto tidy_up_and_fail;
953
    if (size != sizeof(listen_addr))
954
      goto abort_tidy_up_and_fail;
955
956
957
958
    tor_close_socket(listener);
    /* Now check we are talking to ourself by matching port and host on the
       two sockets.  */
    if (getsockname(connector, (struct sockaddr *) &connect_addr, &size) == -1)
959
      goto tidy_up_and_fail;
960
961
962
963
    if (size != sizeof (connect_addr)
        || listen_addr.sin_family != connect_addr.sin_family
        || listen_addr.sin_addr.s_addr != connect_addr.sin_addr.s_addr
        || listen_addr.sin_port != connect_addr.sin_port) {
964
      goto abort_tidy_up_and_fail;
965
966
967
    }
    fd[0] = connector;
    fd[1] = acceptor;
968

969
970
971
972
    return 0;

  abort_tidy_up_and_fail:
#ifdef MS_WINDOWS
973
    saved_errno = WSAECONNABORTED;
974
#else
975
    saved_errno = ECONNABORTED; /* I hope this is portable and appropriate.  */
976
977
#endif
  tidy_up_and_fail:
978
979
980
981
982
983
984
985
986
    if (saved_errno < 0)
      saved_errno = errno;
    if (listener != -1)
      tor_close_socket(listener);
    if (connector != -1)
      tor_close_socket(connector);
    if (acceptor != -1)
      tor_close_socket(acceptor);
    return -saved_errno;
987
988
989
#endif
}

990
991
#define ULIMIT_BUFFER 32 /* keep 32 extra fd's beyond _ConnLimit */

992
993
994
/** Learn the maximum allowed number of file descriptors. (Some systems
 * have a low soft limit.
 *
995
996
997
 * We compute this by finding the largest number that we can use.
 * If we can't find a number greater than or equal to <b>limit</b>,
 * then we fail: return -1.
998
 *
999
 * Otherwise, return 0 and store the maximum we found inside <b>max_out</b>.*/
1000
int