main.c 52.9 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
3
/* Copyright 2001 Matej Pfajfar.
 * Copyright 2001-2004 Roger Dingledine.
 * Copyright 2004 Roger Dingledine, Nick Mathewson. */
4
5
/* See LICENSE for licensing information */
/* $Id$ */
6
const char main_c_id[] = "$Id$";
Roger Dingledine's avatar
Roger Dingledine committed
7

Roger Dingledine's avatar
Roger Dingledine committed
8
9
10
11
/**
 * \file main.c
 * \brief Tor main loop and startup functions.
 **/
12

Roger Dingledine's avatar
Roger Dingledine committed
13
#include "or.h"
14
15
16
#ifdef USE_DMALLOC
#include <dmalloc.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
17

18
/* These signals are defined to help control_signal_act work. */
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
#ifndef SIGHUP
#define SIGHUP 1
#endif
#ifndef SIGINT
#define SIGINT 2
#endif
#ifndef SIGUSR1
#define SIGUSR1 10
#endif
#ifndef SIGUSR2
#define SIGUSR2 12
#endif
#ifndef SIGTERM
#define SIGTERM 15
#endif

35
/********* PROTOTYPES **********/
Roger Dingledine's avatar
Roger Dingledine committed
36

37
static void dumpstats(int severity); /* log stats */
38
39
40
41
42
static void conn_read_callback(int fd, short event, void *_conn);
static void conn_write_callback(int fd, short event, void *_conn);
static void signal_callback(int fd, short events, void *arg);
static void second_elapsed_callback(int fd, short event, void *args);
static int conn_close_if_marked(int i);
Roger Dingledine's avatar
Roger Dingledine committed
43

Roger Dingledine's avatar
Roger Dingledine committed
44
45
/********* START VARIABLES **********/

46
int global_read_bucket; /**< Max number of bytes I can read this second. */
47
int global_write_bucket; /**< Max number of bytes I can write this second. */
Roger Dingledine's avatar
Roger Dingledine committed
48

Roger Dingledine's avatar
Roger Dingledine committed
49
/** What was the read bucket before the last call to prepare_for_pool?
50
 * (used to determine how many bytes we've read). */
51
static int stats_prev_global_read_bucket;
52
53
54
55
/** What was the write bucket before the last call to prepare_for_pool?
 * (used to determine how many bytes we've written). */
static int stats_prev_global_write_bucket;
/** How many bytes have we read/written since we started the process? */
56
static uint64_t stats_n_bytes_read = 0;
57
static uint64_t stats_n_bytes_written = 0;
58
59
/** What time did this process start up? */
long time_of_process_start = 0;
Roger Dingledine's avatar
Roger Dingledine committed
60
/** How many seconds have we been running? */
61
long stats_n_seconds_working = 0;
62
63
/** When do we next download a directory? */
static time_t time_to_fetch_directory = 0;
64
65
66
67
/** When do we next upload our descriptor? */
static time_t time_to_force_upload_descriptor = 0;
/** When do we next download a running-routers summary? */
static time_t time_to_fetch_running_routers = 0;
68

Roger Dingledine's avatar
Roger Dingledine committed
69
/** Array of all open connections; each element corresponds to the element of
70
 * poll_array in the same position.  The first nfds elements are valid. */
71
static connection_t *connection_array[MAXCONNECTIONS+1] =
Roger Dingledine's avatar
Roger Dingledine committed
72
        { NULL };
73
static smartlist_t *closeable_connection_lst = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
74

75
static int nfds=0; /**< Number of connections currently active. */
Roger Dingledine's avatar
Roger Dingledine committed
76

Roger Dingledine's avatar
Roger Dingledine committed
77
/** We set this to 1 when we've fetched a dir, to know whether to complain
78
79
 * yet about unrecognized nicknames in entrynodes, exitnodes, etc.
 * Also, we don't try building circuits unless this is 1. */
80
int has_fetched_directory=0;
81

Roger Dingledine's avatar
Roger Dingledine committed
82
/** We set this to 1 when we've opened a circuit, so we can print a log
83
 * entry to inform the user that Tor is working. */
84
int has_completed_circuit=0;
85

86
/* #define MS_WINDOWS_SERVICE */
87
#ifdef MS_WINDOWS_SERVICE
88
#include <tchar.h>
89
90
#define GENSRV_SERVICENAME  TEXT("tor")
#define GENSRV_DISPLAYNAME  TEXT("Tor Win32 Service")
Nick Mathewson's avatar
Nick Mathewson committed
91
#define GENSRV_DESCRIPTION  TEXT("Provides an anonymous Internet communication system")
92
93
SERVICE_STATUS service_status;
SERVICE_STATUS_HANDLE hStatus;
94
95
static char **backup_argv;
static int backup_argc;
96
97
98
static int nt_service_is_stopped(void);
#else
#define nt_service_is_stopped() (0)
99
100
#endif

101
102
#define CHECK_DESCRIPTOR_INTERVAL 60

Roger Dingledine's avatar
Roger Dingledine committed
103
104
/********* END VARIABLES ************/

Roger Dingledine's avatar
Roger Dingledine committed
105
106
107
108
109
110
111
112
/****************************************************************************
*
* This section contains accessors and other methods on the connection_array
* and poll_array variables (which are global within this file and unavailable
* outside it).
*
****************************************************************************/

Roger Dingledine's avatar
Roger Dingledine committed
113
/** Add <b>conn</b> to the array of connections that we can poll on.  The
114
115
116
 * connection's socket must be set; the connection starts out
 * non-reading and non-writing.
 */
Roger Dingledine's avatar
Roger Dingledine committed
117
int connection_add(connection_t *conn) {
Roger Dingledine's avatar
Roger Dingledine committed
118
  tor_assert(conn);
119
  tor_assert(conn->s >= 0);
Roger Dingledine's avatar
Roger Dingledine committed
120

121
  if (nfds >= get_options()->MaxConn-1) {
122
    log_fn(LOG_WARN,"Failing because we have %d connections already. Please set MaxConn higher.", nfds);
Roger Dingledine's avatar
Roger Dingledine committed
123
124
    return -1;
  }
Roger Dingledine's avatar
Roger Dingledine committed
125

126
  tor_assert(conn->poll_index == -1); /* can only connection_add once */
Roger Dingledine's avatar
Roger Dingledine committed
127
128
129
  conn->poll_index = nfds;
  connection_array[nfds] = conn;

130
131
132
133
134
135
  conn->read_event = tor_malloc_zero(sizeof(struct event));
  conn->write_event = tor_malloc_zero(sizeof(struct event));
  event_set(conn->read_event, conn->s, EV_READ|EV_PERSIST,
            conn_read_callback, conn);
  event_set(conn->write_event, conn->s, EV_WRITE|EV_PERSIST,
            conn_write_callback, conn);
Roger Dingledine's avatar
Roger Dingledine committed
136
137
138

  nfds++;

139
  log_fn(LOG_INFO,"new conn type %s, socket %d, nfds %d.",
Roger Dingledine's avatar
Roger Dingledine committed
140
      CONN_TYPE_TO_STRING(conn->type), conn->s, nfds);
Roger Dingledine's avatar
Roger Dingledine committed
141
142
143
144

  return 0;
}

Roger Dingledine's avatar
Roger Dingledine committed
145
/** Remove the connection from the global list, and remove the
Nick Mathewson's avatar
Nick Mathewson committed
146
147
148
 * corresponding poll entry.  Calling this function will shift the last
 * connection (if any) into the position occupied by conn.
 */
Roger Dingledine's avatar
Roger Dingledine committed
149
150
151
int connection_remove(connection_t *conn) {
  int current_index;

Roger Dingledine's avatar
Roger Dingledine committed
152
153
  tor_assert(conn);
  tor_assert(nfds>0);
Roger Dingledine's avatar
Roger Dingledine committed
154

155
  log_fn(LOG_INFO,"removing socket %d (type %s), nfds now %d",
Roger Dingledine's avatar
Roger Dingledine committed
156
         conn->s, CONN_TYPE_TO_STRING(conn->type), nfds-1);
Roger Dingledine's avatar
Roger Dingledine committed
157

158
  tor_assert(conn->poll_index >= 0);
Roger Dingledine's avatar
Roger Dingledine committed
159
  current_index = conn->poll_index;
160
  if (current_index == nfds-1) { /* this is the end */
Roger Dingledine's avatar
Roger Dingledine committed
161
162
    nfds--;
    return 0;
Roger Dingledine's avatar
Roger Dingledine committed
163
  }
Roger Dingledine's avatar
Roger Dingledine committed
164

165
166
167
168
169
170
171
172
173
  if (conn->read_event) {
    event_del(conn->read_event);
    tor_free(conn->read_event);
  }
  if (conn->write_event) {
    event_del(conn->write_event);
    tor_free(conn->write_event);
  }

174
  /* replace this one with the one at the end */
Roger Dingledine's avatar
Roger Dingledine committed
175
176
177
178
  nfds--;
  connection_array[current_index] = connection_array[nfds];
  connection_array[current_index]->poll_index = current_index;

Roger Dingledine's avatar
Roger Dingledine committed
179
  return 0;
Roger Dingledine's avatar
Roger Dingledine committed
180
181
}

182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
/** If it's an edge conn, remove it from the list
 * of conn's on this circuit. If it's not on an edge,
 * flush and send destroys for all circuits on this conn.
 *
 * If <b>remove</b> is non-zero, then remove it from the
 * connection_array and closeable_connection_lst.
 *
 * Then free it.
 */
static void connection_unlink(connection_t *conn, int remove) {
  circuit_about_to_close_connection(conn);
  connection_about_to_close_connection(conn);
  if (remove) {
    connection_remove(conn);
  }
197
  smartlist_remove(closeable_connection_lst, conn);
198
199
200
201
202
203
  if (conn->type == CONN_TYPE_EXIT) {
    assert_connection_edge_not_dns_pending(conn);
  }
  connection_free(conn);
}

204
205
206
207
208
209
/** DOCDOC **/
void
add_connection_to_closeable_list(connection_t *conn)
{
  tor_assert(!smartlist_isin(closeable_connection_lst, conn));
  tor_assert(conn->marked_for_close);
210
  assert_connection_ok(conn, time(NULL));
211
212
213
  smartlist_add(closeable_connection_lst, conn);
}

214
215
216
217
218
/** Return 1 if conn is on the closeable list, else return 0. */
int connection_is_on_closeable_list(connection_t *conn) {
  return smartlist_isin(closeable_connection_lst, conn);
}

219
220
221
222
223
224
225
226
227
228
/** Return true iff conn is in the current poll array. */
int connection_in_array(connection_t *conn) {
  int i;
  for (i=0; i<nfds; ++i) {
    if (conn==connection_array[i])
      return 1;
  }
  return 0;
}

Roger Dingledine's avatar
Roger Dingledine committed
229
230
231
/** Set <b>*array</b> to an array of all connections, and <b>*n</b>
 * to the length of the array. <b>*array</b> and <b>*n</b> must not
 * be modified.
232
 */
233
234
235
void get_connection_array(connection_t ***array, int *n) {
  *array = connection_array;
  *n = nfds;
236
237
}

Roger Dingledine's avatar
Roger Dingledine committed
238
/** Set the event mask on <b>conn</b> to <b>events</b>.  (The form of
239
* the event mask is DOCDOC)
240
 */
Roger Dingledine's avatar
Roger Dingledine committed
241
void connection_watch_events(connection_t *conn, short events) {
242
  tor_assert(conn);
243
244
  tor_assert(conn->read_event);
  tor_assert(conn->write_event);
Roger Dingledine's avatar
Roger Dingledine committed
245

246
247
248
249
250
251
252
253
254
255
256
  if (events & EV_READ) {
    event_add(conn->read_event, NULL);
  } else {
    event_del(conn->read_event);
  }

  if (events & EV_WRITE) {
    event_add(conn->write_event, NULL);
  } else {
    event_del(conn->write_event);
  }
Roger Dingledine's avatar
Roger Dingledine committed
257
258
}

Roger Dingledine's avatar
Roger Dingledine committed
259
/** Return true iff <b>conn</b> is listening for read events. */
Roger Dingledine's avatar
Roger Dingledine committed
260
int connection_is_reading(connection_t *conn) {
261
  tor_assert(conn);
262
263
264
265

  /* This isn't 100% documented, but it should work. */
  return conn->read_event &&
    (conn->read_event->ev_flags & (EVLIST_INSERTED|EVLIST_ACTIVE));
Roger Dingledine's avatar
Roger Dingledine committed
266
267
}

Roger Dingledine's avatar
Roger Dingledine committed
268
/** Tell the main loop to stop notifying <b>conn</b> of any read events. */
269
void connection_stop_reading(connection_t *conn) {
270
  tor_assert(conn);
271
  tor_assert(conn->read_event);
272

273
  log(LOG_DEBUG,"connection_stop_reading() called.");
274
  event_del(conn->read_event);
275
276
}

Roger Dingledine's avatar
Roger Dingledine committed
277
/** Tell the main loop to start notifying <b>conn</b> of any read events. */
278
void connection_start_reading(connection_t *conn) {
279
  tor_assert(conn);
280
281
282
  tor_assert(conn->read_event);

  event_add(conn->read_event, NULL);
283
284
}

Roger Dingledine's avatar
Roger Dingledine committed
285
/** Return true iff <b>conn</b> is listening for write events. */
286
int connection_is_writing(connection_t *conn) {
287
288
289
290
291
  tor_assert(conn);

  /* This isn't 100% documented, but it should work. */
  return conn->write_event &&
    (conn->write_event->ev_flags & (EVLIST_INSERTED|EVLIST_ACTIVE));
292
293
}

Roger Dingledine's avatar
Roger Dingledine committed
294
/** Tell the main loop to stop notifying <b>conn</b> of any write events. */
295
void connection_stop_writing(connection_t *conn) {
296
  tor_assert(conn);
297
298
299
  tor_assert(conn->write_event);

  event_del(conn->write_event);
300
301
}

Roger Dingledine's avatar
Roger Dingledine committed
302
/** Tell the main loop to start notifying <b>conn</b> of any write events. */
303
void connection_start_writing(connection_t *conn) {
304
  tor_assert(conn);
305
306
307
  tor_assert(conn->write_event);

  event_add(conn->write_event, NULL);
308
309
}

310
311
312
313
314
315
316
317
318
319
/** DOCDOC */
static void
close_closeable_connections(void)
{
  int i;
  if (!smartlist_len(closeable_connection_lst))
    return;

  for (i = 0; i < smartlist_len(closeable_connection_lst); ) {
    connection_t *conn = smartlist_get(closeable_connection_lst, i);
320
321
322
323
324
325
    if (conn->poll_index < 0) {
      connection_unlink(conn, 0); /* blow it away right now */
    } else {
      if (!conn_close_if_marked(conn->poll_index))
        ++i;
    }
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
  }
}

/** DOCDOC */
static void
conn_read_callback(int fd, short event, void *_conn)
{
  connection_t *conn = _conn;
  if (conn->marked_for_close)
    return;

  log_fn(LOG_DEBUG,"socket %d wants to read.",conn->s);

  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();

  if (connection_handle_read(conn) < 0) {
    if (!conn->marked_for_close) {
#ifndef MS_WINDOWS
      log_fn(LOG_WARN,"Bug: unhandled error on read for %s connection (fd %d); removing",
             CONN_TYPE_TO_STRING(conn->type), conn->s);
347
348
349
#ifdef TOR_FRAGILE
      tor_assert(0);
#endif
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
#endif
      connection_mark_for_close(conn);
    }
  }
  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();

  if (smartlist_len(closeable_connection_lst))
    close_closeable_connections();
}

static void conn_write_callback(int fd, short events, void *_conn)
{
  connection_t *conn = _conn;

  log_fn(LOG_DEBUG,"socket %d wants to write.",conn->s);
  if (conn->marked_for_close)
    return;

  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();

  if (connection_handle_write(conn) < 0) {
    if (!conn->marked_for_close) {
      /* this connection is broken. remove it. */
      log_fn(LOG_WARN,"Bug: unhandled error on write for %s connection (fd %d); removing",
             CONN_TYPE_TO_STRING(conn->type), conn->s);
377
378
379
#ifdef TOR_FRAGILE
      tor_assert(0);
#endif
380
381
382
383
384
385
386
387
388
389
390
391
392
      conn->has_sent_end = 1; /* otherwise we cry wolf about duplicate close */
      /* XXX do we need a close-immediate here, so we don't try to flush? */
      connection_mark_for_close(conn);
    }
  }
  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();

  if (smartlist_len(closeable_connection_lst))
    close_closeable_connections();
}

#if 0
Roger Dingledine's avatar
Roger Dingledine committed
393
static void conn_read(int i) {
394
  connection_t *conn = connection_array[i];
Roger Dingledine's avatar
Roger Dingledine committed
395

Roger Dingledine's avatar
Roger Dingledine committed
396
397
398
  if (conn->marked_for_close)
    return;

399
400
401
402
403
404
405
406
407
408
  /* post 0.0.9, sometimes we get into loops like:
Jan 06 13:54:14.999 [debug] connection_consider_empty_buckets(): global bucket exhausted. Pausing.
Jan 06 13:54:14.999 [debug] connection_stop_reading() called.
Jan 06 13:54:14.999 [debug] conn_read(): socket 14 wants to read.
Jan 06 13:54:14.999 [debug] connection_consider_empty_buckets(): global bucket exhausted. Pausing.
...
  We finish the loop after a couple of seconds go by, but nothing seems
  to happen during the loop except tight looping over poll. Perhaps the
  tls buffer has pending bytes but we don't allow ourselves to read them?
  */
409

410
411
  /* see http://www.greenend.org.uk/rjk/2001/06/poll.html for
   * discussion of POLLIN vs POLLHUP */
412
  if (!(poll_array[i].revents & (POLLIN|POLLHUP|POLLERR)))
413
414
415
416
417
418
419
420
421
    /* Sometimes read events get triggered for things that didn't ask
     * for them (XXX due to unknown poll wonkiness) and sometime we
     * want to read even though there was no read event (due to
     * pending TLS data).
     */

    /* XXX Post 0.0.9, we should rewrite this whole if statement;
     * something sane may result.  Nick suspects that the || below
     * should be a &&.
Roger Dingledine's avatar
Roger Dingledine committed
422
423
424
425
426
427
428
429
430
431
432
     *
     * No, it should remain a ||. Here's why: when we reach the end
     * of a read bucket, we stop reading on a conn. We don't want to
     * read any more bytes on it, until we're allowed to resume reading.
     * So if !connection_is_reading, then return right then. Also, if
     * poll() said nothing (true because the if above), and there's
     * nothing pending, then also return because nothing to do.
     *
     * If poll *does* have something to say, even though
     * !connection_is_reading, then we want to handle it in connection.c
     * to make it stop reading for next time, else we loop.
433
     */
434
    if (!connection_is_reading(conn) ||
435
        !connection_has_pending_tls_data(conn))
436
      return; /* this conn should not read */
437

438
  log_fn(LOG_DEBUG,"socket %d wants to read.",conn->s);
Roger Dingledine's avatar
Roger Dingledine committed
439

440
  assert_connection_ok(conn, time(NULL));
441
  assert_all_pending_dns_resolves_ok();
442

443
  if (
444
    /* XXX does POLLHUP also mean it's definitely broken? */
445
#ifdef MS_WINDOWS
446
      (poll_array[i].revents & POLLERR) ||
447
#endif
448
449
450
      connection_handle_read(conn) < 0) {
    if (!conn->marked_for_close) {
      /* this connection is broken. remove it */
451
#ifndef MS_WINDOWS
Roger Dingledine's avatar
Roger Dingledine committed
452
      log_fn(LOG_WARN,"Bug: unhandled error on read for %s connection (fd %d); removing",
453
             CONN_TYPE_TO_STRING(conn->type), conn->s);
454
#endif
455
456
      connection_mark_for_close(conn);
    }
457
458
459
  }
  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();
Roger Dingledine's avatar
Roger Dingledine committed
460
461
}

Roger Dingledine's avatar
Roger Dingledine committed
462
/** Called when the connection at connection_array[i] has a write event:
463
464
465
 * checks for validity, catches numerous errors, and dispatches to
 * connection_handle_write.
 */
Roger Dingledine's avatar
Roger Dingledine committed
466
static void conn_write(int i) {
Roger Dingledine's avatar
Roger Dingledine committed
467
468
  connection_t *conn;

469
  if (!(poll_array[i].revents & POLLOUT))
470
471
    return; /* this conn doesn't want to write */

Roger Dingledine's avatar
Roger Dingledine committed
472
  conn = connection_array[i];
473
  log_fn(LOG_DEBUG,"socket %d wants to write.",conn->s);
474
475
  if (conn->marked_for_close)
    return;
Roger Dingledine's avatar
Roger Dingledine committed
476

477
  assert_connection_ok(conn, time(NULL));
478
  assert_all_pending_dns_resolves_ok();
479

480
481
482
  if (connection_handle_write(conn) < 0) {
    if (!conn->marked_for_close) {
      /* this connection is broken. remove it. */
Roger Dingledine's avatar
Roger Dingledine committed
483
      log_fn(LOG_WARN,"Bug: unhandled error on write for %s connection (fd %d); removing",
484
             CONN_TYPE_TO_STRING(conn->type), conn->s);
485
      conn->has_sent_end = 1; /* otherwise we cry wolf about duplicate close */
486
      /* XXX do we need a close-immediate here, so we don't try to flush? */
487
      connection_mark_for_close(conn);
488
    }
489
490
  }
  assert_connection_ok(conn, time(NULL));
491
  assert_all_pending_dns_resolves_ok();
Roger Dingledine's avatar
Roger Dingledine committed
492
}
493
#endif
Roger Dingledine's avatar
Roger Dingledine committed
494

Roger Dingledine's avatar
Roger Dingledine committed
495
/** If the connection at connection_array[i] is marked for close, then:
496
497
498
499
500
 *    - If it has data that it wants to flush, try to flush it.
 *    - If it _still_ has data to flush, and conn->hold_open_until_flushed is
 *      true, then leave the connection open and return.
 *    - Otherwise, remove the connection from connection_array and from
 *      all other lists, close it, and free it.
501
502
 * Returns 1 if the connection was closed, 0 otherwise.
 * DOCDOC closeable_list
503
 */
504
static int conn_close_if_marked(int i) {
Roger Dingledine's avatar
Roger Dingledine committed
505
  connection_t *conn;
506
  int retval;
Roger Dingledine's avatar
Roger Dingledine committed
507
508

  conn = connection_array[i];
509
  if (!conn->marked_for_close)
510
    return 0; /* nothing to see here, move along */
511
512
  assert_connection_ok(conn, time(NULL));
  assert_all_pending_dns_resolves_ok();
513
514

  log_fn(LOG_INFO,"Cleaning up connection (fd %d).",conn->s);
515
  if (conn->s >= 0 && connection_wants_to_flush(conn)) {
516
517
    /* -1 means it's an incomplete edge connection, or that the socket
     * has already been closed as unflushable. */
518
    if (!conn->hold_open_until_flushed)
519
520
      log_fn(LOG_INFO,
        "Conn (addr %s, fd %d, type %s, state %d) marked, but wants to flush %d bytes. "
521
        "(Marked at %s:%d)",
Roger Dingledine's avatar
Roger Dingledine committed
522
        conn->address, conn->s, CONN_TYPE_TO_STRING(conn->type), conn->state,
523
        (int)conn->outbuf_flushlen, conn->marked_for_close_file, conn->marked_for_close);
524
525
    if (connection_speaks_cells(conn)) {
      if (conn->state == OR_CONN_STATE_OPEN) {
526
527
        retval = flush_buf_tls(conn->tls, conn->outbuf, &conn->outbuf_flushlen);
      } else
528
        retval = -1; /* never flush non-open broken tls connections */
529
530
531
    } else {
      retval = flush_buf(conn->s, conn->outbuf, &conn->outbuf_flushlen);
    }
532
    if (retval >= 0 &&
533
534
535
       conn->hold_open_until_flushed && connection_wants_to_flush(conn)) {
      log_fn(LOG_INFO,"Holding conn (fd %d) open for more flushing.",conn->s);
      /* XXX should we reset timestamp_lastwritten here? */
536
      return 0;
537
    }
538
    if (connection_wants_to_flush(conn)) {
Nick Mathewson's avatar
Nick Mathewson committed
539
      log_fn(LOG_NOTICE,"Conn (addr %s, fd %d, type %s, state %d) is being closed, but there are still %d bytes we can't write. (Marked at %s:%d)",
Roger Dingledine's avatar
Roger Dingledine committed
540
             conn->address, conn->s, CONN_TYPE_TO_STRING(conn->type), conn->state,
541
542
             (int)buf_datalen(conn->outbuf), conn->marked_for_close_file,
             conn->marked_for_close);
Roger Dingledine's avatar
Roger Dingledine committed
543
544
    }
  }
545
  connection_unlink(conn, 1); /* unlink, remove, free */
546
  return 1;
Roger Dingledine's avatar
Roger Dingledine committed
547
548
}

549
550
551
552
553
554
555
556
557
558
/** We've just tried every dirserver we know about, and none of
 * them were reachable. Assume the network is down. Change state
 * so next time an application connection arrives we'll delay it
 * and try another directory fetch. Kill off all the circuit_wait
 * streams that are waiting now, since they will all timeout anyway.
 */
void directory_all_unreachable(time_t now) {
  connection_t *conn;

  has_fetched_directory=0;
559
  stats_n_seconds_working=0; /* reset it */
560
561
562
563

  while ((conn = connection_get_by_type_state(CONN_TYPE_AP,
                                              AP_CONN_STATE_CIRCUIT_WAIT))) {
    conn->has_sent_end = 1; /* it's not connected anywhere, so no need to end */
564
565
    log_fn(LOG_NOTICE,"Network down? Failing connection to '%s:%d'.",
           conn->socks_request->address, conn->socks_request->port);
566
567
568
569
    connection_mark_for_close(conn);
  }
}

Roger Dingledine's avatar
Roger Dingledine committed
570
/** This function is called whenever we successfully pull down a directory */
571
void directory_has_arrived(time_t now) {
572
  or_options_t *options = get_options();
573

574
  log_fn(LOG_INFO, "A directory has arrived.");
575

576
  has_fetched_directory=1;
577
578
  /* Don't try to upload or download anything for a while
   * after the directory we had when we started.
579
580
   */
  if (!time_to_fetch_directory)
581
582
    time_to_fetch_directory = now + options->DirFetchPeriod;

583
  if (!time_to_force_upload_descriptor)
584
585
    time_to_force_upload_descriptor = now + options->DirPostPeriod;

586
  if (!time_to_fetch_running_routers)
587
    time_to_fetch_running_routers = now + options->StatusFetchPeriod;
588

589
  if (server_mode(options) &&
590
      !we_are_hibernating()) { /* connect to the appropriate routers */
591
592
    router_retry_connections();
  }
593
594
}

Roger Dingledine's avatar
Roger Dingledine committed
595
/** Perform regular maintenance tasks for a single connection.  This
Nick Mathewson's avatar
Nick Mathewson committed
596
597
598
599
600
 * function gets run once per second per connection by run_housekeeping.
 */
static void run_connection_housekeeping(int i, time_t now) {
  cell_t cell;
  connection_t *conn = connection_array[i];
601
  or_options_t *options = get_options();
Roger Dingledine's avatar
Roger Dingledine committed
602

603
  /* Expire any directory connections that haven't sent anything for 5 min */
604
  if (conn->type == CONN_TYPE_DIR &&
605
606
      !conn->marked_for_close &&
      conn->timestamp_lastwritten + 5*60 < now) {
Roger Dingledine's avatar
Roger Dingledine committed
607
    log_fn(LOG_INFO,"Expiring wedged directory conn (fd %d, purpose %d)", conn->s, conn->purpose);
608
    connection_mark_for_close(conn);
609
610
611
    return;
  }

612
613
  /* If we haven't written to an OR connection for a while, then either nuke
     the connection or send a keepalive, depending. */
614
  if (connection_speaks_cells(conn) &&
615
      now >= conn->timestamp_lastwritten + options->KeepalivePeriod) {
616
    routerinfo_t *router = router_get_by_digest(conn->identity_digest);
617
    if ((!connection_state_is_open(conn)) ||
618
619
620
        (we_are_hibernating() && !circuit_get_by_conn(conn)) ||
        (!clique_mode(options) && !circuit_get_by_conn(conn) &&
        (!router || !server_mode(options) || !router_is_clique_mode(router)))) {
621
      /* our handshake has expired; we're hibernating;
622
       * or we have no circuits and we're both either OPs or normal ORs,
623
       * then kill it. */
Nick Mathewson's avatar
Nick Mathewson committed
624
625
      log_fn(LOG_INFO,"Expiring connection to %d (%s:%d).",
             i,conn->address, conn->port);
626
      /* flush anything waiting, e.g. a destroy for a just-expired circ */
627
      connection_mark_for_close(conn);
628
      conn->hold_open_until_flushed = 1;
Nick Mathewson's avatar
Nick Mathewson committed
629
    } else {
630
      /* either in clique mode, or we've got a circuit. send a padding cell. */
Nick Mathewson's avatar
Nick Mathewson committed
631
632
633
634
635
636
637
638
639
      log_fn(LOG_DEBUG,"Sending keepalive to (%s:%d)",
             conn->address, conn->port);
      memset(&cell,0,sizeof(cell_t));
      cell.command = CELL_PADDING;
      connection_or_write_cell_to_buf(&cell, conn);
    }
  }
}

640
#define MIN_BW_TO_PUBLISH_DESC 5000 /* 5000 bytes/s sustained */
641
642
#define MIN_UPTIME_TO_PUBLISH_DESC (30*60) /* half an hour */

643
/** Decide if we're a publishable server or just a client. We are a server if:
644
645
646
647
648
649
650
651
 * - We have the AuthoritativeDirectory option set.
 * or
 * - We don't have the ClientOnly option set; and
 * - We have ORPort set; and
 * - We have been up for at least MIN_UPTIME_TO_PUBLISH_DESC seconds; and
 * - We have processed some suitable minimum bandwidth recently; and
 * - We believe we are reachable from the outside.
 */
652
static int decide_if_publishable_server(time_t now) {
653
  int bw;
654
  or_options_t *options = get_options();
655

656
  bw = rep_hist_bandwidth_assess();
657
  router_set_bandwidth_capacity(bw);
658

659
  if (options->ClientOnly)
660
    return 0;
661
  if (!options->ORPort)
662
663
    return 0;

664
  /* XXX for now, you're only a server if you're a server */
665
  return server_mode(options);
Roger Dingledine's avatar
Roger Dingledine committed
666

667
  /* here, determine if we're reachable */
668
  if (0) { /* we've recently failed to reach our IP/ORPort from the outside */
Roger Dingledine's avatar
Roger Dingledine committed
669
670
    return 0;
  }
671

672
  if (bw < MIN_BW_TO_PUBLISH_DESC)
673
    return 0;
674
  if (options->AuthoritativeDir)
Roger Dingledine's avatar
Roger Dingledine committed
675
    return 1;
676
  if (stats_n_seconds_working < MIN_UPTIME_TO_PUBLISH_DESC)
677
    return 0;
Roger Dingledine's avatar
Roger Dingledine committed
678

679
680
681
  return 1;
}

Roger Dingledine's avatar
Roger Dingledine committed
682
683
684
/** Return true iff we believe ourselves to be an authoritative
 * directory server.
 */
685
686
int authdir_mode(or_options_t *options) {
  return options->AuthoritativeDir != 0;
Roger Dingledine's avatar
Roger Dingledine committed
687
688
689
}

/** Return true iff we try to stay connected to all ORs at once.
690
 */
691
692
int clique_mode(or_options_t *options) {
  return authdir_mode(options);
693
694
695
696
}

/** Return true iff we are trying to be a server.
 */
697
698
int server_mode(or_options_t *options) {
  return (options->ORPort != 0 || options->ORBindAddress);
699
700
}

701
702
703
/** Remember if we've advertised ourselves to the dirservers. */
static int server_is_advertised=0;

704
705
706
/** Return true iff we have published our descriptor lately.
 */
int advertised_server_mode(void) {
707
  return server_is_advertised;
708
709
}

710
/** Return true iff we are trying to be a socks proxy. */
711
712
int proxy_mode(or_options_t *options) {
  return (options->SocksPort != 0 || options->SocksBindAddress);
713
714
}

Roger Dingledine's avatar
Roger Dingledine committed
715
/** Perform regular maintenance tasks.  This function gets run once per
Nick Mathewson's avatar
Nick Mathewson committed
716
717
718
 * second by prepare_for_poll.
 */
static void run_scheduled_events(time_t now) {
719
  static time_t last_rotated_certificate = 0;
720
  static time_t time_to_check_listeners = 0;
721
  static time_t time_to_check_descriptor = 0;
722
  or_options_t *options = get_options();
Nick Mathewson's avatar
Nick Mathewson committed
723
  int i;
724

725
  /** 0. See if we've been asked to shut down and our timeout has
726
727
   * expired; or if our bandwidth limits are exhausted and we
   * should hibernate; or if it's time to wake up from hibernation.
728
   */
729
  consider_hibernation(now);
730

Roger Dingledine's avatar
Roger Dingledine committed
731
  /** 1a. Every MIN_ONION_KEY_LIFETIME seconds, rotate the onion keys,
732
733
734
   *  shut down and restart all cpuworkers, and update the directory if
   *  necessary.
   */
735
736
  if (server_mode(options) &&
      get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
737
    log_fn(LOG_INFO,"Rotating onion key.");
738
739
    rotate_onion_key();
    cpuworkers_rotate();
740
    if (router_rebuild_descriptor(1)<0) {
741
742
      log_fn(LOG_WARN, "Couldn't rebuild router descriptor");
    }
743
    if (advertised_server_mode())
744
      router_upload_dir_desc_to_dirservers(0);
745
746
  }

Roger Dingledine's avatar
Roger Dingledine committed
747
  /** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
748
749
  if (!last_rotated_certificate)
    last_rotated_certificate = now;
750
  if (last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
751
    log_fn(LOG_INFO,"Rotating tls context.");
752
    if (tor_tls_context_new(get_identity_key(), 1, options->Nickname,
753
754
                            MAX_SSL_KEY_LIFETIME) < 0) {
      log_fn(LOG_WARN, "Error reinitializing TLS context");
Roger Dingledine's avatar
Roger Dingledine committed
755
      /* XXX is it a bug here, that we just keep going? */
756
757
758
    }
    last_rotated_certificate = now;
    /* XXXX We should rotate TLS connections as well; this code doesn't change
759
     *      them at all. */
760
761
  }

762
763
  /** 1c. If we have to change the accounting interval or record
   * bandwidth used in this accounting interval, do so. */
764
  if (accounting_is_enabled(options))
765
    accounting_run_housekeeping(now);
766

767
768
769
  /** 2. Periodically, we consider getting a new directory, getting a
   * new running-routers list, and/or force-uploading our descriptor
   * (if we've passed our internal checks). */
770
  if (time_to_fetch_directory < now) {
771
772
    /* purge obsolete entries */
    routerlist_remove_old_routers(ROUTER_MAX_AGE);
773

774
    if (authdir_mode(options)) {
775
      /* We're a directory; dump any old descriptors. */
776
      dirserv_remove_old_servers(ROUTER_MAX_AGE);
777
    }
778
    if (server_mode(options) && !we_are_hibernating()) {
779
780
      /* dirservers try to reconnect, in case connections have failed;
       * and normal servers try to reconnect to dirservers */
781
      router_retry_connections();
Nick Mathewson's avatar
Nick Mathewson committed
782
    }
783

784
    directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 1);
785
786
787
788
    time_to_fetch_directory = now + options->DirFetchPeriod;
    if (time_to_fetch_running_routers < now + options->StatusFetchPeriod) {
      time_to_fetch_running_routers = now + options->StatusFetchPeriod;
    }
789
790
791

    /* Also, take this chance to remove old information from rephist. */
    rep_history_clean(now-24*60*60);
Nick Mathewson's avatar
Nick Mathewson committed
792
793
794
795
  }

  if (time_to_fetch_running_routers < now) {
    if (!authdir_mode(options)) {
796
      directory_get_from_dirserver(DIR_PURPOSE_FETCH_RUNNING_LIST, NULL, 1);
Nick Mathewson's avatar
Nick Mathewson committed
797
    }
798
    time_to_fetch_running_routers = now + options->StatusFetchPeriod;
Nick Mathewson's avatar
Nick Mathewson committed
799
800
801
  }

  if (time_to_force_upload_descriptor < now) {
802
    if (decide_if_publishable_server(now)) {
Nick Mathewson's avatar
Nick Mathewson committed
803
804
805
806
807
808
      server_is_advertised = 1;
      router_rebuild_descriptor(1);
      router_upload_dir_desc_to_dirservers(1);
    } else {
      server_is_advertised = 0;
    }
809

Nick Mathewson's avatar
Nick Mathewson committed
810
    rend_cache_clean(); /* this should go elsewhere? */
811

812
    time_to_force_upload_descriptor = now + options->DirPostPeriod;
Nick Mathewson's avatar
Nick Mathewson committed
813
  }
814

Roger Dingledine's avatar
Roger Dingledine committed
815
816
  /* 2b. Once per minute, regenerate and upload the descriptor if the old
   * one is inaccurate. */
817
818
819
820
821
822
823
824
825
826
827
  if (time_to_check_descriptor < now) {
    time_to_check_descriptor = now + CHECK_DESCRIPTOR_INTERVAL;
    if (decide_if_publishable_server(now)) {
      server_is_advertised=1;
      router_rebuild_descriptor(0);
      router_upload_dir_desc_to_dirservers(0);
    } else {
      server_is_advertised=0;
    }
  }

828
  /** 3a. Every second, we examine pending circuits and prune the
829
   *    ones which have been pending for more than a few seconds.
830
   *    We do this before step 4, so it can try building more if
831
832
   *    it's not comfortable with the number of available circuits.
   */
833
  circuit_expire_building(now);
834

835
  /** 3b. Also look at pending streams and prune the ones that 'began'
836
   *     a long time ago but haven't gotten a 'connected' yet.
837
   *     Do this before step 4, so we can put them back into pending
838
839
840
841
   *     state to be picked up by the new circuit.
   */
  connection_ap_expire_beginning();

842
  /** 3c. And expire connections that we've held open for too long.
843
844
845
   */
  connection_expire_held_open();

846
847
  /** 3d. And every 60 seconds, we relaunch listeners if any died. */
  if (!we_are_hibernating() && time_to_check_listeners < now) {
848
849
850
851
    retry_all_listeners(0); /* 0 means "only if some died." */
    time_to_check_listeners = now+60;
  }

852
  /** 4. Every second, we try a new circuit if there are no valid
853
   *    circuits. Every NewCircuitPeriod seconds, we expire circuits
854
   *    that became dirty more than MaxCircuitDirtiness seconds ago,
855
   *    and we make a new circ if there are no clean circuits.
Nick Mathewson's avatar
Nick Mathewson committed
856
   */
857
  if (has_fetched_directory && !we_are_hibernating())
858
    circuit_build_needed_circs(now);
859

860
  /** 5. We do housekeeping for each connection... */
861
  for (i=0;i<nfds;i++) {
Nick Mathewson's avatar
Nick Mathewson committed
862
863
    run_connection_housekeeping(i, now);
  }
864

865
  /** 6. And remove any marked circuits... */
866
867
  circuit_close_all_marked();

868
  /** 7. And upload service descriptors if necessary. */
869
  if (has_fetched_directory && !we_are_hibernating())
870
    rend_consider_services_upload(now);
871

872
  /** 8. and blow away any connections that need to die. have to do this now,
873
874
   * because if we marked a conn for close and left its socket -1, then
   * we'll pass it to poll/select and bad things will happen.
Nick Mathewson's avatar
Nick Mathewson committed
875
   */
876
  close_closeable_connections();
Nick Mathewson's avatar
Nick Mathewson committed
877
}
878

879
880
881
882
883
884
/** DOCDOC */
static void second_elapsed_callback(int fd, short event, void *args)
{
  static struct event *timeout_event = NULL;
  static struct timeval one_second;
  static long current_second = 0;
Nick Mathewson's avatar
Nick Mathewson committed
885
  struct timeval now;
886
887
888
889
890
891
892
893
894
  size_t bytes_written;
  size_t bytes_read;
  int seconds_elapsed;
  if (!timeout_event) {
    timeout_event = tor_malloc_zero(sizeof(struct event));
    evtimer_set(timeout_event, second_elapsed_callback, NULL);
    one_second.tv_sec = 1;
    one_second.tv_usec = 0;
  }
895

896
  /* log_fn(LOG_NOTICE, "Tick."); */
Nick Mathewson's avatar
Nick Mathewson committed
897
  tor_gettimeofday(&now);
898

899
900
901
  /* the second has rolled over. check more stuff. */
  bytes_written = stats_prev_global_write_bucket - global_write_bucket;
  bytes_read = stats_prev_global_read_bucket - global_read_bucket;
902
903
904
905
906
907
  /* XXX below we get suspicious if time jumps forward more than 10
   * seconds, but we never notice if it jumps *back* more than 10 seconds.
   * This could be useful for detecting that we just NTP'ed to three
   * weeks ago and it will be 3 weeks and 15 minutes until any of our
   * events trigger.
   */
908
909
910
911
912
913
914
915
916
917
918
  seconds_elapsed = current_second ? (now.tv_sec - current_second) : 0;
  stats_n_bytes_read += bytes_read;
  stats_n_bytes_written += bytes_written;
  if (accounting_is_enabled(get_options()))
    accounting_add_bytes(bytes_read, bytes_written, seconds_elapsed);
  control_event_bandwidth_used((uint32_t)bytes_read,(uint32_t)bytes_written);

  connection_bucket_refill(&now);
  stats_prev_global_read_bucket = global_read_bucket;
  stats_prev_global_write_bucket = global_write_bucket;

Roger Dingledine's avatar
Roger Dingledine committed
919
  /* if more than 10s have elapsed, probably the clock jumped: doesn't count. */
920
921
922
923
924
925
  if (seconds_elapsed < 10)
    stats_n_seconds_working += seconds_elapsed;

  assert_all_pending_dns_resolves_ok();
  run_scheduled_events(now.tv_sec);
  assert_all_pending_dns_resolves_ok();
926

927
928
929
  current_second = now.tv_sec; /* remember which second it is, for next time */

#if 0
930
  for (i=0;i<nfds;i++) {
931
    conn = connection_array[i];
932
    if (connection_has_pending_tls_data(conn) &&
933
        connection_is_reading(conn)) {
934
      log_fn(LOG_DEBUG,"sock %d has pending bytes.",conn->s);
935
      return; /* has pending bytes to read; don't let poll wait. */
936
937
    }
  }
938
#endif
939

940
  evtimer_add(timeout_event, &one_second);
941
942
}

Roger Dingledine's avatar
Roger Dingledine committed
943
/** Called when we get a SIGHUP: reload configuration files and keys,
944
 * retry all connections, re-upload all descriptors, and so on. */
945
946
static int do_hup(void) {
  char keydir[512];
947
  or_options_t *options = get_options();
948