connection_edge.c 52.2 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
3
/* Copyright 2001 Matej Pfajfar.
 * Copyright 2001-2004 Roger Dingledine.
 * Copyright 2004 Roger Dingledine, Nick Mathewson. */
4
5
/* See LICENSE for licensing information */
/* $Id$ */
6
const char connection_edge_c_id[] = "$Id$";
7

8
9
/**
 * \file connection_edge.c
10
 * \brief Handle edge streams.
11
12
 **/

13
#include "or.h"
14
#include "tree.h"
15

16
static addr_policy_t *socks_policy = NULL;
17
18
/* List of exit_redirect_t */
static smartlist_t *redirect_exit_list = NULL;
19

20
static int connection_ap_handshake_process_socks(connection_t *conn);
21
static int address_is_in_virtual_range(const char *addr);
22

23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
/** There was an EOF. Send an end and mark the connection for close.
 */
int connection_edge_reached_eof(connection_t *conn) {
#ifdef HALF_OPEN
  /* eof reached; we're done reading, but we might want to write more. */
  conn->done_receiving = 1;
  shutdown(conn->s, 0); /* XXX check return, refactor NM */
  if (conn->done_sending) {
    connection_edge_end(conn, END_STREAM_REASON_DONE, conn->cpath_layer);
    connection_mark_for_close(conn);
  } else {
    connection_edge_send_command(conn, circuit_get_by_conn(conn), RELAY_COMMAND_END,
                                 NULL, 0, conn->cpath_layer);
  }
  return 0;
#else
39
  if (buf_datalen(conn->inbuf) && connection_state_is_open(conn)) {
Roger Dingledine's avatar
Roger Dingledine committed
40
41
42
    /* it still has stuff to process. don't let it die yet. */
    return 0;
  }
43
  log_fn(LOG_INFO,"conn (fd %d) reached eof (stream size %d). Closing.", conn->s, (int)conn->stream_size);
44
  if (!conn->marked_for_close) {
45
46
    /* only mark it if not already marked. it's possible to
     * get the 'end' right around when the client hangs up on us. */
47
    connection_edge_end(conn, END_STREAM_REASON_DONE, conn->cpath_layer);
48
    connection_mark_for_close(conn);
Roger Dingledine's avatar
Roger Dingledine committed
49
50
//    conn->hold_open_until_flushed = 1; /* just because we shouldn't read
//                                          doesn't mean we shouldn't write */
51
52
53
54
55
56
  }
  return 0;
#endif
}

/** Handle new bytes on conn->inbuf based on state:
57
58
59
60
61
62
 *   - If it's waiting for socks info, try to read another step of the
 *     socks handshake out of conn->inbuf.
 *   - If it's open, then package more relay cells from the stream.
 *   - Else, leave the bytes on inbuf alone for now.
 *
 * Mark and return -1 if there was an unexpected error with the conn,
63
64
 * else return 0.
 */
65
int connection_edge_process_inbuf(connection_t *conn, int package_partial) {
66

Roger Dingledine's avatar
Roger Dingledine committed
67
  tor_assert(conn);
68
  tor_assert(CONN_IS_EDGE(conn));
69

70
  switch (conn->state) {
71
    case AP_CONN_STATE_SOCKS_WAIT:
72
      if (connection_ap_handshake_process_socks(conn) < 0) {
73
74
        conn->has_sent_end = 1; /* no circ yet */
        connection_mark_for_close(conn);
75
        conn->hold_open_until_flushed = 1; /* redundant but shouldn't hurt */
76
77
78
        return -1;
      }
      return 0;
79
80
    case AP_CONN_STATE_OPEN:
    case EXIT_CONN_STATE_OPEN:
81
      if (connection_edge_package_raw_inbuf(conn, package_partial) < 0) {
82
        /* (We already sent an end cell if possible) */
83
        connection_mark_for_close(conn);
84
85
        return -1;
      }
86
87
      return 0;
    case EXIT_CONN_STATE_CONNECTING:
88
    case AP_CONN_STATE_RENDDESC_WAIT:
89
90
    case AP_CONN_STATE_CIRCUIT_WAIT:
    case AP_CONN_STATE_CONNECT_WAIT:
91
    case AP_CONN_STATE_RESOLVE_WAIT:
92
93
      log_fn(LOG_INFO,"data from edge while in '%s' state. Leaving it on buffer.",
                      conn_state_to_string[conn->type][conn->state]);
94
95
      return 0;
  }
Roger Dingledine's avatar
Roger Dingledine committed
96
  log_fn(LOG_WARN,"Bug: Got unexpected state %d. Closing.",conn->state);
97
98
99
#ifdef TOR_FRAGILE
  tor_assert(0);
#endif
100
  connection_edge_end(conn, END_STREAM_REASON_INTERNAL, conn->cpath_layer);
101
  connection_mark_for_close(conn);
102
  return -1;
103
104
}

105
106
107
/** This edge needs to be closed, because its circuit has closed.
 * Mark it for close and return 0.
 */
108
int connection_edge_destroy(uint16_t circ_id, connection_t *conn) {
109
  tor_assert(CONN_IS_EDGE(conn));
110

111
  if (conn->marked_for_close)
112
    return 0; /* already marked; probably got an 'end' */
113
114
115
  log_fn(LOG_INFO,"CircID %d: At an edge. Marking connection for close.",
         circ_id);
  conn->has_sent_end = 1; /* we're closing the circuit, nothing to send to */
116
  connection_mark_for_close(conn);
117
  conn->hold_open_until_flushed = 1;
118
119
120
  return 0;
}

121
122
123
124
125
126
127
128
/** Send a relay end cell from stream <b>conn</b> to conn's circuit,
 * with a destination of cpath_layer. (If cpath_layer is NULL, the
 * destination is the circuit's origin.) Mark the relay end cell as
 * closing because of <b>reason</b>.
 *
 * Return -1 if this function has already been called on this conn,
 * else return 0.
 */
129
130
131
int
connection_edge_end(connection_t *conn, char reason, crypt_path_t *cpath_layer)
{
132
  char payload[5];
133
  size_t payload_len=1;
134
  circuit_t *circ;
135

136
  if (conn->has_sent_end) {
Roger Dingledine's avatar
Roger Dingledine committed
137
    log_fn(LOG_WARN,"Harmless bug: Calling connection_edge_end (reason %d) on an already ended stream?", reason);
138
139
140
#ifdef TOR_FRAGILE
    tor_assert(0);
#endif
141
    return -1;
142
143
  }

144
  payload[0] = reason;
145
  if (reason == END_STREAM_REASON_EXITPOLICY) {
146
147
    /* this is safe even for rend circs, because they never fail
     * because of exitpolicy */
148
    set_uint32(payload+1, htonl(conn->addr));
Roger Dingledine's avatar
Roger Dingledine committed
149
    payload_len += 4;
150
151
152
  }

  circ = circuit_get_by_conn(conn);
153
  if (circ && !circ->marked_for_close) {
154
155
156
    log_fn(LOG_DEBUG,"Marking conn (fd %d) and sending end.",conn->s);
    connection_edge_send_command(conn, circ, RELAY_COMMAND_END,
                                 payload, payload_len, cpath_layer);
157
158
  } else {
    log_fn(LOG_DEBUG,"Marking conn (fd %d); no circ to send end.",conn->s);
159
160
161
  }

  conn->has_sent_end = 1;
162
  return 0;
163
164
}

165
166
167
168
169
170
171
172
173
174
/** DOCDOC **/
int
connection_edge_end_errno(connection_t *conn, crypt_path_t *cpath_layer)
{
  uint8_t reason;
  tor_assert(conn);
  reason = (uint8_t)errno_to_end_reason(tor_socket_errno(conn->s));
  return connection_edge_end(conn, reason, cpath_layer);
}

175
176
177
178
179
180
181
182
183
184
/** Connection <b>conn</b> has finished writing and has no bytes left on
 * its outbuf.
 *
 * If it's in state 'open', stop writing, consider responding with a
 * sendme, and return.
 * Otherwise, stop writing and return.
 *
 * If <b>conn</b> is broken, mark it for close and return -1, else
 * return 0.
 */
185
int connection_edge_finished_flushing(connection_t *conn) {
Roger Dingledine's avatar
Roger Dingledine committed
186
  tor_assert(conn);
187
  tor_assert(CONN_IS_EDGE(conn));
188

189
  switch (conn->state) {
190
191
192
    case AP_CONN_STATE_OPEN:
    case EXIT_CONN_STATE_OPEN:
      connection_stop_writing(conn);
193
      connection_edge_consider_sending_sendme(conn);
194
      return 0;
Roger Dingledine's avatar
Roger Dingledine committed
195
    case AP_CONN_STATE_SOCKS_WAIT:
196
    case AP_CONN_STATE_RENDDESC_WAIT:
197
    case AP_CONN_STATE_CIRCUIT_WAIT:
198
    case AP_CONN_STATE_CONNECT_WAIT:
Roger Dingledine's avatar
Roger Dingledine committed
199
200
      connection_stop_writing(conn);
      return 0;
201
    default:
202
      log_fn(LOG_WARN,"BUG: called in unexpected state %d.", conn->state);
203
204
205
#ifdef TOR_FRAGILE
      tor_assert(0);
#endif
206
      return -1;
207
208
209
210
  }
  return 0;
}

211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
/** Connected handler for exit connections: start writing pending
 * data, deliver 'CONNECTED' relay cells as appropriate, and check
 * any pending data that may have been received. */
int connection_edge_finished_connecting(connection_t *conn)
{
  unsigned char connected_payload[4];

  tor_assert(conn);
  tor_assert(conn->type == CONN_TYPE_EXIT);
  tor_assert(conn->state == EXIT_CONN_STATE_CONNECTING);

  log_fn(LOG_INFO,"Exit connection to %s:%u established.",
         conn->address,conn->port);

  conn->state = EXIT_CONN_STATE_OPEN;
226
  connection_watch_events(conn, EV_READ); /* stop writing, continue reading */
227
  if (connection_wants_to_flush(conn)) /* in case there are any queued relay cells */
228
229
    connection_start_writing(conn);
  /* deliver a 'connected' relay cell back through the circuit. */
230
231
  if (connection_edge_is_rendezvous_stream(conn)) {
    if (connection_edge_send_command(conn, circuit_get_by_conn(conn),
232
                                     RELAY_COMMAND_CONNECTED, NULL, 0, conn->cpath_layer) < 0)
233
234
235
      return 0; /* circuit is closed, don't continue */
  } else {
    *(uint32_t*)connected_payload = htonl(conn->addr);
236
    if (connection_edge_send_command(conn, circuit_get_by_conn(conn),
237
        RELAY_COMMAND_CONNECTED, connected_payload, 4, conn->cpath_layer) < 0)
238
239
240
      return 0; /* circuit is closed, don't continue */
  }
  tor_assert(conn->package_window > 0);
241
242
  /* in case the server has written anything */
  return connection_edge_process_inbuf(conn, 1);
243
244
}

245
246
/** Find all general-purpose AP streams waiting for a response that sent
 * their begin/resolve cell >=15 seconds ago. Detach from their current circuit,
247
248
249
250
251
252
253
 * and mark their current circuit as unsuitable for new streams. Then call
 * connection_ap_handshake_attach_circuit() to attach to a new circuit (if
 * available) or launch a new one.
 *
 * For rendezvous streams, simply give up after 45 seconds (with no
 * retry attempt).
 */
254
255
256
void connection_ap_expire_beginning(void) {
  connection_t **carray;
  connection_t *conn;
257
  circuit_t *circ;
258
259
  int n, i;
  time_t now = time(NULL);
260
  or_options_t *options = get_options();
261
262
263
264
265

  get_connection_array(&carray, &n);

  for (i = 0; i < n; ++i) {
    conn = carray[i];
266
267
268
    if (conn->type != CONN_TYPE_AP)
      continue;
    if (conn->state != AP_CONN_STATE_RESOLVE_WAIT &&
269
        conn->state != AP_CONN_STATE_CONNECT_WAIT)
270
      continue;
271
272
273
    if (now - conn->timestamp_lastread < 15)
      continue;
    circ = circuit_get_by_conn(conn);
274
    if (!circ) { /* it's vanished? */
Roger Dingledine's avatar
Roger Dingledine committed
275
      log_fn(LOG_INFO,"Conn is waiting (address %s), but lost its circ.",
276
             conn->socks_request->address);
277
      conn->has_sent_end = 1; /* No circuit to receive end cell. */
278
      connection_mark_for_close(conn);
279
280
      continue;
    }
281
    if (circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
282
      if (now - conn->timestamp_lastread > 45) {
Roger Dingledine's avatar
Roger Dingledine committed
283
        log_fn(LOG_NOTICE,"Rend stream is %d seconds late. Giving up on address '%s'.",
284
               (int)(now - conn->timestamp_lastread), conn->socks_request->address);
285
286
        connection_edge_end(conn, END_STREAM_REASON_TIMEOUT, conn->cpath_layer);
        connection_mark_for_close(conn);
287
288
289
      }
      continue;
    }
Roger Dingledine's avatar
Roger Dingledine committed
290
    tor_assert(circ->purpose == CIRCUIT_PURPOSE_C_GENERAL);
291
292
    log_fn(LOG_NOTICE,"Stream is %d seconds late on address '%s'. Retrying.",
           (int)(now - conn->timestamp_lastread), conn->socks_request->address);
Roger Dingledine's avatar
Roger Dingledine committed
293
    circuit_log_path(LOG_NOTICE, circ);
294
295
296
297
298
299
300
301
    /* send an end down the circuit */
    connection_edge_end(conn, END_STREAM_REASON_TIMEOUT, conn->cpath_layer);
    /* un-mark it as ending, since we're going to reuse it */
    conn->has_sent_end = 0;
    /* kludge to make us not try this circuit again, yet to allow
     * current streams on it to survive if they can: make it
     * unattractive to use for new streams */
    tor_assert(circ->timestamp_dirty);
302
    circ->timestamp_dirty -= options->MaxCircuitDirtiness;
303
304
    /* give our stream another 15 seconds to try */
    conn->timestamp_lastread += 15;
305
306
    /* move it back into 'pending' state, and try to attach. */
    if (connection_ap_detach_retriable(conn, circ)<0) {
307
308
309
      /* it will never work */
      /* Don't need to send end -- we're not connected */
      conn->has_sent_end = 1;
310
      connection_mark_for_close(conn);
311
    }
312
  } /* end for */
313
314
}

315
/** Tell any AP streams that are waiting for a new circuit that one is
316
317
 * available.
 */
318
319
void connection_ap_attach_pending(void)
{
320
  connection_t **carray;
321
  connection_t *conn;
322
323
324
325
326
  int n, i;

  get_connection_array(&carray, &n);

  for (i = 0; i < n; ++i) {
327
    conn = carray[i];
Roger Dingledine's avatar
Roger Dingledine committed
328
329
    if (conn->marked_for_close ||
        conn->type != CONN_TYPE_AP ||
330
        conn->state != AP_CONN_STATE_CIRCUIT_WAIT)
331
      continue;
332
    if (connection_ap_handshake_attach_circuit(conn) < 0) {
333
      /* -1 means it will never work */
334
      /* Don't send end; there is no 'other side' yet */
335
336
      conn->has_sent_end = 1;
      connection_mark_for_close(conn);
337
    }
338
339
340
  }
}

341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
/** DOCDOC
 * -1 on err, 1 on success, 0 on not-yet-sure.
 */
int
connection_ap_detach_retriable(connection_t *conn, circuit_t *circ)
{
  control_event_stream_status(conn, STREAM_EVENT_FAILED_RETRIABLE);
  if (get_options()->ManageConnections) {
    conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
    circuit_detach_stream(circ,conn);
    /* Muck with timestamps? */
    return connection_ap_handshake_attach_circuit(conn);
  } else {
    conn->state = AP_CONN_STATE_CONTROLLER_WAIT;
    circuit_detach_stream(circ,conn);
    return 0;
  }
}

360
361
362
363
364
365
366
367
368
369
370
371
372
373
/** A client-side struct to remember requests to rewrite addresses
 * to new addresses. These structs make up a tree, with addressmap
 * below as its root.
 *
 * There are 5 ways to set an address mapping:
 * - A MapAddress command from the controller [permanent]
 * - An AddressMap directive in the torrc [permanent]
 * - When a TrackHostExits torrc directive is triggered [temporary]
 * - When a dns resolve succeeds [temporary]
 * - When a dns resolve fails [temporary]
 *
 * When an addressmap request is made but one is already registered,
 * the new one is replaced only if the currently registered one has
 * no "new_address" (that is, it's in the process of dns resolve),
374
375
376
377
378
 * or if the new one is permanent (expires==0 or 1).
 *
 * (We overload the 'expires' field, using "0" for mappings set via
 * the configuration file, "1" for mappings set from the control
 * interface, and other values for DNS mappings that can expire.)
379
380
381
382
383
384
385
 */
typedef struct {
  char *new_address;
  time_t expires;
  int num_resolve_failures;
} addressmap_entry_t;

386
387
388
389
390
typedef struct {
  char *ipv4_address;
  char *hostname_address;
} virtaddress_entry_t;

391
392
/** The tree of client-side address rewrite instructions. */
static strmap_t *addressmap;
393
394
395
396
397
398
399
400
401
402
/**
 * Tree mapping addresses to which virtual address, if any, we
 * assigned them to.
 *
 * We maintain the following invariant: if [A,B] is in
 * virtaddress_reversemap, then B must be a virtual address, and [A,B]
 * must be in addressmap.  We do not require that the converse hold:
 * if it fails, then we could end up mapping two virtual addresses to
 * the same address, which is no disaster.
 **/
403
static strmap_t *virtaddress_reversemap;
404
405
406
407

/** Initialize addressmap. */
void addressmap_init(void) {
  addressmap = strmap_new();
408
  virtaddress_reversemap = strmap_new();
409
410
411
412
413
414
415
416
417
418
}

/** Free the memory associated with the addressmap entry <b>_ent</b>. */
static void
addressmap_ent_free(void *_ent) {
  addressmap_entry_t *ent = _ent;
  tor_free(ent->new_address);
  tor_free(ent);
}

419
static void
420
421
422
423
424
425
426
427
428
addressmap_virtaddress_ent_free(void *_ent) {
  virtaddress_entry_t *ent = _ent;
  tor_free(ent->ipv4_address);
  tor_free(ent->hostname_address);
  tor_free(ent);
}

static void
addressmap_virtaddress_remove(const char *addr, addressmap_entry_t *ent)
429
430
{
  if (ent && address_is_in_virtual_range(ent->new_address)) {
431
432
433
434
435
436
437
438
439
440
441
    virtaddress_entry_t *ve =
      strmap_get(virtaddress_reversemap, ent->new_address);
    if (ve) {
      if (!strcmp(addr, ve->ipv4_address))
        tor_free(ve->ipv4_address);
      if (!strcmp(addr, ve->hostname_address))
        tor_free(ve->hostname_address);
      if (!ve->ipv4_address && !ve->hostname_address) {
        tor_free(ve);
        strmap_remove(virtaddress_reversemap, ent->new_address);
      }
442
443
444
445
    }
  }
}

446
447
448
449
450
451
static void
addressmap_ent_remove(const char *addr, addressmap_entry_t *ent)
{
  addressmap_virtaddress_remove(addr, ent);
  addressmap_ent_free(ent);
}
452

453
454
455
456
457
458
459
460
461
462
463
464
465
/** Remove all entries from the addressmap that were set via the
 * configuration file or the command line. */
void
addressmap_clear_configured(void)
{
  addressmap_get_mappings(NULL, 0, 0);
}

/** Remove all entries from the addressmap that are set to expire, ever. */
void
addressmap_clear_transient(void)
{
  addressmap_get_mappings(NULL, 2, TIME_MAX);
466
467
468
469
470
471
}

/** Clean out entries from the addressmap cache that were
 * added long enough ago that they are no longer valid.
 */
void addressmap_clean(time_t now) {
472
  addressmap_get_mappings(NULL, 2, now);
473
474
475
476
477
478
479
}

/** Free all the elements in the addressmap, and free the addressmap
 * itself. */
void addressmap_free_all(void) {
  strmap_free(addressmap, addressmap_ent_free);
  addressmap = NULL;
480
  strmap_free(virtaddress_reversemap, addressmap_virtaddress_ent_free);
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
}

/** Look at address, and rewrite it until it doesn't want any
 * more rewrites; but don't get into an infinite loop.
 * Don't write more than maxlen chars into address.
 */
void addressmap_rewrite(char *address, size_t maxlen) {
  addressmap_entry_t *ent;
  int rewrites;

  for (rewrites = 0; rewrites < 16; rewrites++) {
    ent = strmap_get(addressmap, address);

    if (!ent || !ent->new_address)
      return; /* done, no rewrite needed */

497
    log_fn(LOG_INFO, "Addressmap: rewriting '%s' to '%s'",
498
499
500
501
502
503
504
505
506
507
508
509
510
511
           address, ent->new_address);
    strlcpy(address, ent->new_address, maxlen);
  }
  log_fn(LOG_WARN,"Loop detected: we've rewritten '%s' 16 times! Using it as-is.",
         address);
  /* it's fine to rewrite a rewrite, but don't loop forever */
}

/** Return 1 if <b>address</b> is already registered, else return 0 */
int addressmap_already_mapped(const char *address) {
  return strmap_get(addressmap, address) ? 1 : 0;
}

/** Register a request to map <b>address</b> to <b>new_address</b>,
512
513
 * which will expire on <b>expires</b> (or 0 if never expires from config
 * file, 1 if never expires from controller).
514
 *
515
 * <b>new_address</b> should be a newly dup'ed string, which we'll use or
516
 * free as appropriate. We will leave address alone.
517
518
519
 *
 * If <b>new_address</b> is NULL, or equal to <b>address</b>, remove
 * any mappings that exist from <b>address</b>.
520
521
522
523
524
 */
void addressmap_register(const char *address, char *new_address, time_t expires) {
  addressmap_entry_t *ent;

  ent = strmap_get(addressmap, address);
525
  if (ent && ent->new_address && expires>1) {
526
    log_fn(LOG_INFO,"Addressmap ('%s' to '%s') not performed, since it's already mapped to '%s'", address, new_address, ent->new_address);
527
528
529
    tor_free(new_address);
    return;
  }
530
  if (!new_address || !strcasecmp(address,new_address)) {
531
    /* Remove the mapping, if any. */
532
533
    tor_free(new_address);
    if (ent) {
534
      addressmap_ent_remove(address,ent);
535
536
537
538
      strmap_remove(addressmap, address);
    }
    return;
  }
539
  if (ent) { /* we'll replace it */
540
541
    if (address_is_in_virtual_range(ent->new_address)) {
      addressmap_virtaddress_remove(address, ent);
542
    }
543
544
545
546
547
548
549
550
551
    tor_free(ent->new_address);
  } else { /* make a new one and register it */
    ent = tor_malloc_zero(sizeof(addressmap_entry_t));
    strmap_set(addressmap, address, ent);
  }
  ent->new_address = new_address;
  ent->expires = expires;
  ent->num_resolve_failures = 0;

552
  log_fn(LOG_INFO, "Addressmap: (re)mapped '%s' to '%s'",
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
         address, ent->new_address);
}

/** An attempt to resolve <b>address</b> failed at some OR.
 * Increment the number of resolve failures we have on record
 * for it, and then return that number.
 */
int client_dns_incr_failures(const char *address)
{
  addressmap_entry_t *ent;
  ent = strmap_get(addressmap,address);
  if (!ent) {
    ent = tor_malloc_zero(sizeof(addressmap_entry_t));
    ent->expires = time(NULL)+MAX_DNS_ENTRY_AGE;
    strmap_set(addressmap,address,ent);
  }
  ++ent->num_resolve_failures;
570
  log_fn(LOG_INFO,"Address %s now has %d resolve failures.",
571
572
573
574
575
576
577
         address, ent->num_resolve_failures);
  return ent->num_resolve_failures;
}

/** Record the fact that <b>address</b> resolved to <b>val</b>.
 * We can now use this in subsequent streams via addressmap_rewrite()
 * so we can more correctly choose an exit that will allow <b>address</b>.
578
579
580
 *
 * If <b>exitname</b> is defined, then append the addresses with
 * ".exitname.exit" before registering the mapping.
581
 */
582
void client_dns_set_addressmap(const char *address, uint32_t val, const char *exitname)
583
584
{
  struct in_addr in;
585
586
587
  char extendedaddress[MAX_SOCKS_ADDR_LEN+MAX_HEX_NICKNAME_LEN+10];
  char valbuf[INET_NTOA_BUF_LEN];
  char extendedval[INET_NTOA_BUF_LEN+MAX_HEX_NICKNAME_LEN+10];
588
589
590
591

  tor_assert(address); tor_assert(val);

  if (tor_inet_aton(address, &in))
Nick Mathewson's avatar
Nick Mathewson committed
592
    return; /* If address was an IP address already, don't add a mapping. */
593
  in.s_addr = htonl(val);
594
595
596
597
598
599
600
601
602
603
604
605
606
  tor_inet_ntoa(&in,valbuf,sizeof(valbuf));
  if (exitname) {
    tor_snprintf(extendedaddress, sizeof(extendedaddress),
                 "%s.%s.exit", address, exitname);
    tor_snprintf(extendedval, sizeof(extendedval),
                 "%s.%s.exit", valbuf, exitname);
  } else {
    tor_snprintf(extendedaddress, sizeof(extendedaddress),
                 "%s", address);
    tor_snprintf(extendedval, sizeof(extendedval),
                 "%s", valbuf);
  }
  addressmap_register(extendedaddress, tor_strdup(extendedval),
607
608
609
                      time(NULL) + MAX_DNS_ENTRY_AGE);
}

610
611
612
613
614
615
616
617
618
619
620
621
/* Currently, we hand out 127.192.0.1 through 127.254.254.254.
 * These addresses should map to localhost, so even if the
 * application accidentally tried to connect to them directly (not
 * via Tor), it wouldn't get too far astray.
 *
 * Eventually, we should probably make this configurable.
 */
#define MIN_UNUSED_IPV4 0x7fc00001u
#define MAX_UNUSED_IPV4 0x7ffefefeu

/**
 * Return true iff <b>addr</b> is likely to have been returned by
622
 * client_dns_get_unused_address.
623
624
 **/
static int
625
address_is_in_virtual_range(const char *addr)
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
{
  struct in_addr in;
  tor_assert(addr);
  if (!strcasecmpend(addr, ".virtual")) {
    return 1;
  } else if (tor_inet_aton(addr, &in)) {
    uint32_t a = ntohl(in.s_addr);
    if (a >= MIN_UNUSED_IPV4 && a <= MAX_UNUSED_IPV4)
      return 1;
  }
  return 0;
}

/** Return a newly allocated string holding an address of <b>type</b>
 * (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped,
 * and that is very unlikely to be the address of any real host.
 */
643
644
static char *
addressmap_get_virtual_address(int type)
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
{
  char buf[64];
  static uint32_t next_ipv4 = MIN_UNUSED_IPV4;
  struct in_addr in;

  if (type == RESOLVED_TYPE_HOSTNAME) {
    char rand[16];
    do {
      crypto_rand(rand, sizeof(rand));
      base32_encode(buf,sizeof(buf),rand,sizeof(rand));
      strlcat(buf, ".virtual", sizeof(buf));
    } while (strmap_get(addressmap, buf));
    return tor_strdup(buf);
  } else if (type == RESOLVED_TYPE_IPV4) {
    while (1) {
      /* Don't hand out any .0 or .255 address. */
      while ((next_ipv4 & 0xff) == 0 ||
             (next_ipv4 & 0xff) == 0xff)
        ++next_ipv4;
      in.s_addr = htonl(next_ipv4);
      tor_inet_ntoa(&in, buf, sizeof(buf));
      if (!strmap_get(addressmap, buf))
        break;

      ++next_ipv4;
      if (next_ipv4 > MAX_UNUSED_IPV4)
        next_ipv4 = MIN_UNUSED_IPV4;
    }
    return tor_strdup(buf);
  } else {
    log_fn(LOG_WARN, "Called with unsupported address type (%d)",
           type);
    return NULL;
  }
}

681
682
683
684
/* DOCDOC */
char *
addressmap_register_virtual_address(int type, char *new_address)
{
685
686
687
  char **addrp;
  virtaddress_entry_t *vent;

688
689
  tor_assert(new_address);

690
691
692
693
694
695
696
697
  vent = strmap_get(virtaddress_reversemap, new_address);
  if (!vent)
    vent = tor_malloc_zero(sizeof(virtaddress_entry_t));

  addrp = (type == RESOLVED_TYPE_IPV4) ?
    &vent->ipv4_address : &vent->hostname_address;
  if (*addrp) {
    addressmap_entry_t *ent = strmap_get(addressmap, *addrp);
698
    if (!strcasecmp(new_address, ent->new_address))
699
      return tor_strdup(*addrp);
700
701
    else
      log_fn(LOG_WARN, "Internal confusion: I thought that '%s' was mapped to by '%s', but '%s' really maps to '%s'. This is a harmless bug.",
702
             new_address, *addrp, *addrp, ent->new_address);
703
704
  }

705
706
707
  tor_free(*addrp);
  *addrp = addressmap_get_virtual_address(type);
  strmap_set(virtaddress_reversemap, new_address, tor_strdup(*addrp));
708
  addressmap_register(*addrp, new_address, 1);
709
  return *addrp;
710
711
}

712
713
714
715
716
717
718
719
720
721
722
/** Return 1 if <b>address</b> has funny characters in it like
 * colons. Return 0 if it's fine.
 */
static int
address_is_invalid_destination(const char *address) {
  /* FFFF should flesh this out */
  if (strchr(address,':'))
    return 1;
  return 0;
}

723
724
725
726
727
/* Iterate over all address mapings which have exipry times between
 * min_expires and max_expires, inclusive.  If sl is provided, add an
 * "old-addr new-addr" string to sl for each mapping.  If sl is NULL,
 * remove the mappings.
 */
728
729
730
731
732
733
734
735
void
addressmap_get_mappings(smartlist_t *sl, time_t min_expires, time_t max_expires)
{
   strmap_iter_t *iter;
   const char *key;
   void *_val;
   addressmap_entry_t *val;

736
   for (iter = strmap_iter_init(addressmap); !strmap_iter_done(iter); ) {
737
738
739
     strmap_iter_get(iter, &key, &_val);
     val = _val;
     if (val->expires >= min_expires && val->expires <= max_expires) {
740
741
742
743
744
       if (!sl) {
         addressmap_ent_remove(key, val);
         iter = strmap_iter_next_rmv(addressmap,iter);
         continue;
       } else {
745
746
747
748
749
         size_t len = strlen(key)+strlen(val->new_address)+2;
         char *line = tor_malloc(len);
         tor_snprintf(line, len, "%s %s", key, val->new_address);
         smartlist_add(sl, line);
       }
750
     }
751
     iter = strmap_iter_next(addressmap,iter);
752
753
754
   }
}

755
756
757
758
759
760
761
762
763
764
765
766
767
/** connection_edge_process_inbuf() found a conn in state
 * socks_wait. See if conn->inbuf has the right bytes to proceed with
 * the socks handshake.
 *
 * If the handshake is complete, and it's for a general circuit, then
 * try to attach it to a circuit (or launch one as needed). If it's for
 * a rendezvous circuit, then fetch a rendezvous descriptor first (or
 * attach/launch a circuit if the rendezvous descriptor is already here
 * and fresh enough).
 *
 * Return -1 if an unexpected error with conn (and it should be marked
 * for close), else return 0.
 */
768
static int connection_ap_handshake_process_socks(connection_t *conn) {
769
  socks_request_t *socks;
Roger Dingledine's avatar
Roger Dingledine committed
770
  int sockshere;
771
  hostname_type_t addresstype;
772

Roger Dingledine's avatar
Roger Dingledine committed
773
774
775
776
  tor_assert(conn);
  tor_assert(conn->type == CONN_TYPE_AP);
  tor_assert(conn->state == AP_CONN_STATE_SOCKS_WAIT);
  tor_assert(conn->socks_request);
777
  socks = conn->socks_request;
778
779
780

  log_fn(LOG_DEBUG,"entered.");

781
  sockshere = fetch_from_buf_socks(conn->inbuf, socks);
782
783
  if (sockshere == -1 || sockshere == 0) {
    if (socks->replylen) { /* we should send reply back */
Roger Dingledine's avatar
Roger Dingledine committed
784
      log_fn(LOG_DEBUG,"reply is already set for us. Using it.");
785
      connection_ap_handshake_socks_reply(conn, socks->reply, socks->replylen, 0);
786
      socks->replylen = 0; /* zero it out so we can do another round of negotiation */
787
    } else if (sockshere == -1) { /* send normal reject */
Roger Dingledine's avatar
Roger Dingledine committed
788
      log_fn(LOG_WARN,"Fetching socks handshake failed. Closing.");
789
      connection_ap_handshake_socks_reply(conn, NULL, 0, -1);
Roger Dingledine's avatar
Roger Dingledine committed
790
791
792
    } else {
      log_fn(LOG_DEBUG,"socks handshake not all here yet.");
    }
Roger Dingledine's avatar
Roger Dingledine committed
793
    if (sockshere == -1)
794
      socks->has_finished = 1;
Roger Dingledine's avatar
Roger Dingledine committed
795
796
    return sockshere;
  } /* else socks handshake is done, continue processing */
797

798
799
800
801
802
  tor_strlower(socks->address); /* normalize it */

  /* For address map controls, remap the address */
  addressmap_rewrite(socks->address, sizeof(socks->address));

803
  if (address_is_in_virtual_range(socks->address)) {
804
805
806
807
808
809
810
811
812
813
    /* This address was probably handed out by client_dns_get_unmapped_address,
     * but the mapping was discarded for some reason.  We *don't* want to send
     * the address through tor; that's likely to fail, and may leak
     * information.
     */
    log_fn(LOG_WARN,"Missing mapping for virtual address '%s'. Refusing.",
           socks->address);
    return -1;
  }

814
815
816
  /* Parse the address provided by SOCKS.  Modify it in-place if it
   * specifies a hidden-service (.onion) or particular exit node (.exit).
   */
817
  addresstype = parse_extended_hostname(socks->address);
818

819
  if (addresstype == EXIT_HOSTNAME) {
820
821
822
    /* .exit -- modify conn to specify the exit node. */
    char *s = strrchr(socks->address,'.');
    if (!s || s[1] == '\0') {
823
      log_fn(LOG_WARN,"Malformed exit address '%s'. Refusing.", socks->address);
824
825
      return -1;
    }
826
    conn->chosen_exit_name = tor_strdup(s+1);
827
828
829
    *s = 0;
  }

830
  if (addresstype != ONION_HOSTNAME) {
831
    /* not a hidden-service request (i.e. normal or .exit) */
832

833
834
835
836
837
    if (address_is_invalid_destination(socks->address)) {
      log_fn(LOG_WARN,"Destination '%s' seems to be an invalid hostname. Failing.", socks->address);
      return -1;
    }

838
    if (socks->command == SOCKS_COMMAND_RESOLVE) {
839
      uint32_t answer;
840
      struct in_addr in;
841
842
843
844
845
846
      /* Reply to resolves immediately if we can. */
      if (strlen(socks->address) > RELAY_PAYLOAD_SIZE) {
        log_fn(LOG_WARN,"Address to be resolved is too large. Failing.");
        connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL);
        return -1;
      }
847
      if (tor_inet_aton(socks->address, &in)) { /* see if it's an IP already */
848
        answer = in.s_addr;
849
850
851
852
853
854
855
        connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
                                               (char*)&answer);
        conn->has_sent_end = 1;
        connection_mark_for_close(conn);
        conn->hold_open_until_flushed = 1;
        return 0;
      }
856
      rep_hist_note_used_resolve(time(NULL)); /* help predict this next time */
857
      control_event_stream_status(conn, STREAM_EVENT_NEW_RESOLVE);
858
859
860
861
862
863
    } else { /* socks->command == SOCKS_COMMAND_CONNECT */
      if (socks->port == 0) {
        log_fn(LOG_NOTICE,"Application asked to connect to port 0. Refusing.");
        return -1;
      }
      rep_hist_note_used_port(socks->port, time(NULL)); /* help predict this next time */
864
865
866
867
868
869
870
871
      control_event_stream_status(conn, STREAM_EVENT_NEW);
    }
    if (get_options()->ManageConnections) {
      conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
      return connection_ap_handshake_attach_circuit(conn);
    } else {
      conn->state = AP_CONN_STATE_CONTROLLER_WAIT;
      return 0;
872
    }
873
874
  } else {
    /* it's a hidden-service request */
875
    rend_cache_entry_t *entry;
876
    int r;
877

878
879
880
    if (socks->command == SOCKS_COMMAND_RESOLVE) {
      /* if it's a resolve request, fail it right now, rather than
       * building all the circuits and then realizing it won't work. */
881
      log_fn(LOG_WARN,"Resolve requests to hidden services not allowed. Failing.");
882
      connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR,0,NULL);
883
      return -1;
884
885
    }

Nick Mathewson's avatar
Nick Mathewson committed
886
    strlcpy(conn->rend_query, socks->address, sizeof(conn->rend_query));
887
    log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query);
888
    /* see if we already have it cached */
889
    r = rend_cache_lookup_entry(conn->rend_query, &entry);
890
    if (r<0) {
891
892
893
      log_fn(LOG_WARN,"Invalid service descriptor %s", conn->rend_query);
      return -1;
    }
894
    if (r==0) {
895
      conn->state = AP_CONN_STATE_RENDDESC_WAIT;
896
      log_fn(LOG_INFO, "Unknown descriptor %s. Fetching.", conn->rend_query);
897
      rend_client_refetch_renddesc(conn->rend_query);
898
      return 0;
899
    }
900
    if (r>0) {
901
#define NUM_SECONDS_BEFORE_REFETCH (60*15)
902
      if (time(NULL) - entry->received < NUM_SECONDS_BEFORE_REFETCH) {
903
904
905
906
907
908
909
910
911
912
        conn->state = AP_CONN_STATE_CIRCUIT_WAIT;
        log_fn(LOG_INFO, "Descriptor is here and fresh enough. Great.");
        return connection_ap_handshake_attach_circuit(conn);
      } else {
        conn->state = AP_CONN_STATE_RENDDESC_WAIT;
        log_fn(LOG_INFO, "Stale descriptor %s. Refetching.", conn->rend_query);
        rend_client_refetch_renddesc(conn->rend_query);
        return 0;
      }
    }
913
  }
914
  return 0; /* unreached but keeps the compiler happy */
915
916
}

917
918
/** Iterate over the two bytes of stream_id until we get one that is not
 * already in use; return it. Return 0 if can't get a unique stream_id.
919
920
921
922
923
924
925
926
 */
static uint16_t get_unique_stream_id_by_circ(circuit_t *circ) {
  connection_t *tmpconn;
  uint16_t test_stream_id;
  uint32_t attempts=0;

again:
  test_stream_id = circ->next_stream_id++;
927
  if (++attempts > 1<<16) {
928
929
930
931
932
933
    /* Make sure we don't loop forever if all stream_id's are used. */
    log_fn(LOG_WARN,"No unused stream IDs. Failing.");
    return 0;
  }
  if (test_stream_id == 0)
    goto again;
934
935
  for (tmpconn = circ->p_streams; tmpconn; tmpconn=tmpconn->next_stream)
    if (tmpconn->stream_id == test_stream_id)
936
937
938
939
      goto again;
  return test_stream_id;
}

940
941
942
943
944
/** Write a relay begin cell, using destaddr and destport from ap_conn's
 * socks_request field, and send it down circ.
 *
 * If ap_conn is broken, mark it for close and return -1. Else return 0.
 */
945
int connection_ap_handshake_send_begin(connection_t *ap_conn, circuit_t *circ)
946
{
947
948
  char payload[CELL_PAYLOAD_SIZE];
  int payload_len;
949

Roger Dingledine's avatar
Roger Dingledine committed
950
951
952
  tor_assert(ap_conn->type == CONN_TYPE_AP);
  tor_assert(ap_conn->state == AP_CONN_STATE_CIRCUIT_WAIT);
  tor_assert(ap_conn->socks_request);
953

954
955
  ap_conn->stream_id = get_unique_stream_id_by_circ(circ);
  if (ap_conn->stream_id==0) {
956
    /* Don't send end: there is no 'other side' yet */
957
958
    ap_conn->has_sent_end = 1;
    connection_mark_for_close(ap_conn);
959
960
    circuit_mark_for_close(circ);
    return -1;
961
  }
962

963
964
965
966
  tor_snprintf(payload,RELAY_PAYLOAD_SIZE, "%s:%d",
               (circ->purpose == CIRCUIT_PURPOSE_C_GENERAL) ?
                 ap_conn->socks_request->address : "",
               ap_conn->socks_request->port);
967
  payload_len = strlen(payload)+1;
968

969
  log_fn(LOG_DEBUG,"Sending relay cell to begin stream %d.",ap_conn->stream_id);
970

971
  if (connection_edge_send_command(ap_conn, circ, RELAY_COMMAND_BEGIN,
972
                                   payload, payload_len, ap_conn->cpath_layer) < 0)
973
    return -1; /* circuit is closed, don't continue */
974

975
976
  ap_conn->package_window = STREAMWINDOW_START;
  ap_conn->deliver_window = STREAMWINDOW_START;
977
  ap_conn->state = AP_CONN_STATE_CONNECT_WAIT;
978
  log_fn(LOG_INFO,"Address/port sent, ap socket %d, n_circ_id %d",ap_conn->s,circ->n_circ_id);
979
  control_event_stream_status(ap_conn, STREAM_EVENT_SENT_CONNECT);
980
  return 0;
981
982
}

983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/** Write a relay resolve cell, using destaddr and destport from ap_conn's
 * socks_request field, and send it down circ.
 *
 * If ap_conn is broken, mark it for close and return -1. Else return 0.
 */
int connection_ap_handshake_send_resolve(connection_t *ap_conn, circuit_t *circ)
{
  int payload_len;
  const char *string_addr;

  tor_assert(ap_conn->type == CONN_TYPE_AP);
  tor_assert(ap_conn->state == AP_CONN_STATE_CIRCUIT_WAIT);
  tor_assert(ap_conn->socks_request);
  tor_assert(ap_conn->socks_request->command == SOCKS_COMMAND_RESOLVE);
  tor_assert(circ->purpose == CIRCUIT_PURPOSE_C_GENERAL);

  ap_conn->stream_id = get_unique_stream_id_by_circ(circ);
  if (ap_conn->stream_id==0) {