config.c 244 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2012, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
13
#define CONFIG_PRIVATE

Roger Dingledine's avatar
Roger Dingledine committed
14
#include "or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
15
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
16
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
19
#include "connection_edge.h"
20
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
24
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "dns.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
26
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "networkstatus.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
31
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "router.h"
36
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "routerlist.h"
38
#include "transports.h"
39
#ifdef _WIN32
40
41
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
42

43
44
45
46
47
#include "procmon.h"

/* From main.c */
extern int quiet_level;

Nick Mathewson's avatar
Nick Mathewson committed
48
49
/** Enumeration of types which option values can take */
typedef enum config_type_t {
50
  CONFIG_TYPE_STRING = 0,   /**< An arbitrary string. */
51
  CONFIG_TYPE_FILENAME,     /**< A filename: some prefixes get expanded. */
52
  CONFIG_TYPE_UINT,         /**< A non-negative integer less than MAX_INT */
53
  CONFIG_TYPE_INT,          /**< Any integer. */
54
55
  CONFIG_TYPE_PORT,         /**< A port from 1...65535, 0 for "not set", or
                             * "auto".  */
56
  CONFIG_TYPE_INTERVAL,     /**< A number of seconds, with optional units*/
57
58
  CONFIG_TYPE_MSEC_INTERVAL,/**< A number of milliseconds, with optional
                              * units */
59
  CONFIG_TYPE_MEMUNIT,      /**< A number of bytes, with optional units*/
60
61
  CONFIG_TYPE_DOUBLE,       /**< A floating-point value */
  CONFIG_TYPE_BOOL,         /**< A boolean value, expressed as 0 or 1. */
62
63
  CONFIG_TYPE_AUTOBOOL,     /**< A boolean+auto value, expressed 0 for false,
                             * 1 for true, and -1 for auto  */
Nick Mathewson's avatar
Nick Mathewson committed
64
  CONFIG_TYPE_ISOTIME,      /**< An ISO-formatted time relative to GMT. */
65
66
  CONFIG_TYPE_CSV,          /**< A list of strings, separated by commas and
                              * optional whitespace. */
67
  CONFIG_TYPE_LINELIST,     /**< Uninterpreted config lines */
68
69
70
71
72
  CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
                             * mixed with other keywords. */
  CONFIG_TYPE_LINELIST_V,   /**< Catch-all "virtual" option to summarize
                             * context-sensitive config lines when fetching.
                             */
73
74
  CONFIG_TYPE_ROUTERSET,    /**< A list of router names, addrs, and fps,
                             * parsed into a routerset_t. */
75
  CONFIG_TYPE_OBSOLETE,     /**< Obsolete (ignored) option. */
Nick Mathewson's avatar
Nick Mathewson committed
76
} config_type_t;
77

78
/** An abbreviation for a configuration option allowed on the command line. */
79
typedef struct config_abbrev_t {
80
81
  const char *abbreviated;
  const char *full;
82
  int commandline_only;
83
  int warn;
84
85
} config_abbrev_t;

86
87
/* Handy macro for declaring "In the config file or on the command line,
 * you can abbreviate <b>tok</b>s as <b>tok</b>". */
88
#define PLURAL(tok) { #tok, #tok "s", 0, 0 }
89

90
91
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
92
static config_abbrev_t _option_abbrevs[] = {
93
94
95
96
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
97
  PLURAL(ExitNode),
98
  PLURAL(EntryNode),
99
100
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
101
  PLURAL(LongLivedPort),
102
103
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
104
  PLURAL(NumCPU),
105
106
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
107
108
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
109
  PLURAL(StrictNode),
110
  { "l", "Log", 1, 0},
111
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
112
113
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
114
115
116
117
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
  { "MaxConn", "ConnLimit", 0, 1},
118
119
120
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
121
122
123
124
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
125
126
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
127
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
128
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
129
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
130
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
131
132
  { "StrictEntryNodes", "StrictNodes", 0, 1},
  { "StrictExitNodes", "StrictNodes", 0, 1},
133
134
  { NULL, NULL, 0, 0},
};
135
136

/** A list of state-file "abbreviations," for compatibility. */
137
static config_abbrev_t _state_abbrevs[] = {
138
  { "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
139
140
141
142
143
144
  { "HelperNode", "EntryGuard", 0, 0 },
  { "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
  { "EntryNode", "EntryGuard", 0, 0 },
  { "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
145
  { NULL, NULL, 0, 0},
146
};
147
#undef PLURAL
148

149
/** A variable allowed in the configuration file or on the command line. */
150
typedef struct config_var_t {
151
  const char *name; /**< The full keyword (case insensitive). */
152
153
  config_type_t type; /**< How to interpret the type and turn it into a
                       * value. */
154
155
  off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
  const char *initvalue; /**< String (or null) describing initial value. */
156
157
} config_var_t;

Nick Mathewson's avatar
Nick Mathewson committed
158
159
160
161
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
162
163
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
164
      initvalue }
165
166
167
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
168
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
169
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
170

171
172
173
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
174
175
176
177
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
178
static config_var_t _option_vars[] = {
179
  OBSOLETE("AccountingMaxKB"),
180
181
182
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
183
  V(AllowDotExit,                BOOL,     "0"),
184
185
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
186
187
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
188
189
190
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
  V(AlternateHSAuthority,        LINELIST, NULL),
191
  V(AssumeReachable,             BOOL,     "0"),
192
  V(AuthDirBadDir,               LINELIST, NULL),
193
  V(AuthDirBadDirCCs,            CSV,      ""),
194
  V(AuthDirBadExit,              LINELIST, NULL),
195
  V(AuthDirBadExitCCs,           CSV,      ""),
196
  V(AuthDirInvalid,              LINELIST, NULL),
197
  V(AuthDirInvalidCCs,           CSV,      ""),
198
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
199
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
200
  V(AuthDirReject,               LINELIST, NULL),
201
  V(AuthDirRejectCCs,            CSV,      ""),
202
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
203
  V(AuthDirListBadDirs,          BOOL,     "0"),
204
  V(AuthDirListBadExits,         BOOL,     "0"),
205
206
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
207
208
209
210
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
211
212
  V(BandwidthBurst,              MEMUNIT,  "10 MB"),
  V(BandwidthRate,               MEMUNIT,  "5 MB"),
213
214
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
215
  V(BridgePassword,              STRING,   NULL),
216
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
217
  V(BridgeRelay,                 BOOL,     "0"),
218
  V(CellStatistics,              BOOL,     "0"),
219
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
220
  V(CircuitBuildTimeout,         INTERVAL, "0"),
221
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
222
  V(CircuitStreamTimeout,        INTERVAL, "0"),
223
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
224
225
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
226
  V(ClientRejectInternalAddresses, BOOL,   "1"),
227
  V(ClientTransportPlugin,       LINELIST, NULL),
228
  V(ConsensusParams,             STRING,   NULL),
229
  V(ConnLimit,                   UINT,     "1000"),
230
  V(ConnDirectionStatistics,     BOOL,     "0"),
231
232
233
234
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
235
  VPORT(ControlPort,                 LINELIST, NULL),
236
  V(ControlPortFileGroupReadable,BOOL,     "0"),
237
  V(ControlPortWriteToFile,      FILENAME, NULL),
238
  V(ControlSocket,               LINELIST, NULL),
239
  V(ControlSocketsGroupWritable, BOOL,     "0"),
240
241
242
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
243
  V(CountPrivateBandwidth,       BOOL,     "0"),
244
  V(DataDirectory,               FILENAME, NULL),
245
  OBSOLETE("DebugLogFile"),
246
  V(DisableNetwork,              BOOL,     "0"),
247
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
248
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
249
  V(DirListenAddress,            LINELIST, NULL),
250
  OBSOLETE("DirFetchPeriod"),
251
  V(DirPolicy,                   LINELIST, NULL),
252
  VPORT(DirPort,                     LINELIST, NULL),
253
  V(DirPortFrontPage,            FILENAME, NULL),
254
  OBSOLETE("DirPostPeriod"),
255
256
257
258
  OBSOLETE("DirRecordUsageByCountry"),
  OBSOLETE("DirRecordUsageGranularity"),
  OBSOLETE("DirRecordUsageRetainIPs"),
  OBSOLETE("DirRecordUsageSaveInterval"),
259
  V(DirReqStatistics,            BOOL,     "1"),
260
  VAR("DirServer",               LINELIST, DirServers, NULL),
261
  V(DisableAllSwap,              BOOL,     "0"),
262
  V(DisableDebuggerAttachment,   BOOL,     "1"),
263
  V(DisableIOCP,                 BOOL,     "1"),
264
  V(DynamicDHGroups,             BOOL,     "0"),
265
  VPORT(DNSPort,                     LINELIST, NULL),
266
267
268
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
  V(EnforceDistinctSubnets,      BOOL,     "1"),
269
  V(EntryNodes,                  ROUTERSET,   NULL),
270
  V(EntryStatistics,             BOOL,     "0"),
271
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
272
273
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
274
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
275
  V(ExitNodes,                   ROUTERSET, NULL),
276
277
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
278
  V(ExitPortStatistics,          BOOL,     "0"),
279
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
280
  V(ExtraInfoStatistics,         BOOL,     "1"),
281

valerino's avatar
valerino committed
282
283
284
#if defined (WINCE)
  V(FallbackNetworkstatusFile,   FILENAME, "fallback-consensus"),
#else
285
  V(FallbackNetworkstatusFile,   FILENAME,
286
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
valerino's avatar
valerino committed
287
#endif
288
289
290
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
  V(FastFirstHopPK,              BOOL,     "1"),
291
  V(FetchDirInfoEarly,           BOOL,     "0"),
292
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
293
294
295
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
296
  V(FetchV2Networkstatus,        BOOL,     "0"),
297
#ifdef _WIN32
298
  V(GeoIPFile,                   FILENAME, "<default>"),
299
#else
300
301
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
302
#endif
303
  OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
304
  OBSOLETE("Group"),
305
  V(HardwareAccel,               BOOL,     "0"),
306
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
307
308
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
309
  V(HashedControlPassword,       LINELIST, NULL),
310
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
311
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
312
313
  OBSOLETE("HiddenServiceExcludeNodes"),
  OBSOLETE("HiddenServiceNodes"),
Nick Mathewson's avatar
Nick Mathewson committed
314
315
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
316
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
317
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
318
  V(HidServAuth,                 LINELIST, NULL),
319
  V(HSAuthoritativeDir,          BOOL,     "0"),
320
  OBSOLETE("HSAuthorityRecordStats"),
321
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
322
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
323
324
325
326
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
327
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
328
329
330
331
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
332
  OBSOLETE("IgnoreVersion"),
333
334
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
335
  V(LogMessageDomains,           BOOL,     "0"),
336
  OBSOLETE("LinkPadding"),
337
338
  OBSOLETE("LogLevel"),
  OBSOLETE("LogFile"),
339
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
340
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
341
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
342
343
344
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
345
  V(MaxClientCircuitsPending,    UINT,     "32"),
346
  V(MaxMemInCellQueues,          MEMUNIT,  "8 GB"),
347
  V(MaxOnionsPending,            UINT,     "100"),
348
  OBSOLETE("MonthlyAccountingStart"),
349
350
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
351
  VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
352
  V(NATDListenAddress,           LINELIST, NULL),
353
  VPORT(NATDPort,                    LINELIST, NULL),
354
  V(Nickname,                    STRING,   NULL),
355
  V(WarnUnsafeSocks,              BOOL,     "1"),
Sebastian Hahn's avatar
Sebastian Hahn committed
356
  OBSOLETE("NoPublish"),
357
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
358
  V(NumCPUs,                     UINT,     "0"),
359
360
  V(NumEntryGuards,              UINT,     "3"),
  V(ORListenAddress,             LINELIST, NULL),
361
  VPORT(ORPort,                      LINELIST, NULL),
362
  V(OutboundBindAddress,         STRING,   NULL),
363
364
365
366
367
368
369

  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
  V(PathBiasDisableRate,         DOUBLE,   "-1"),
  V(PathBiasScaleThreshold,      INT,      "-1"),
  V(PathBiasScaleFactor,         INT,      "-1"),

370
  OBSOLETE("PathlenCoinWeight"),
371
372
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
373
  V(PidFile,                     STRING,   NULL),
374
  V(TestingTorNetwork,           BOOL,     "0"),
375
  V(OptimisticData,              AUTOBOOL, "auto"),
376
377
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
Roger Dingledine's avatar
Roger Dingledine committed
378
  V(PreferTunneledDirConns,      BOOL,     "1"),
379
  V(ProtocolWarnings,            BOOL,     "0"),
380
  V(PublishServerDescriptor,     CSV,      "1"),
381
382
383
384
385
386
387
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
388
  OBSOLETE("RedirectExit"),
389
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
390
  V(RejectPlaintextPorts,        CSV,      ""),
391
392
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
393
394
  OBSOLETE("RendExcludeNodes"),
  OBSOLETE("RendNodes"),
395
396
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
397
  OBSOLETE("RouterFile"),
398
  V(RunAsDaemon,                 BOOL,     "0"),
399
400
//  V(RunTesting,                  BOOL,     "0"),
  OBSOLETE("RunTesting"), // currently unused
401
  V(SafeLogging,                 STRING,   "1"),
402
  V(SafeSocks,                   BOOL,     "0"),
403
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
404
405
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
406
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
407
408
409
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
410
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
411
412
413
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
414
  VPORT(SocksPort,                   LINELIST, NULL),
415
  V(SocksTimeout,                INTERVAL, "2 minutes"),
416
  OBSOLETE("StatusFetchPeriod"),
417
  V(StrictNodes,                 BOOL,     "0"),
418
  OBSOLETE("SysLog"),
419
  V(TestSocks,                   BOOL,     "0"),
420
  OBSOLETE("TestVia"),
421
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
422
  V(Tor2webMode,                 BOOL,     "0"),
423
424
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
425
  OBSOLETE("TrafficShaping"),
426
  V(TransListenAddress,          LINELIST, NULL),
427
  VPORT(TransPort,                   LINELIST, NULL),
Roger Dingledine's avatar
Roger Dingledine committed
428
  V(TunnelDirConns,              BOOL,     "1"),
429
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
430
  V(UseBridges,                  BOOL,     "0"),
431
  V(UseEntryGuards,              BOOL,     "1"),
432
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
433
  V(User,                        STRING,   NULL),
434
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
435
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
436
  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
437
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
438
439
440
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
441
442
443
444
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
445
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
446
  V(V3BandwidthsFile,            FILENAME, NULL),
447
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
448
  V(VirtualAddrNetwork,          STRING,   "127.192.0.0/10"),
449
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
450
  V(_UseFilteringSSLBufferevents, BOOL,    "0"),
451
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
452
453
454
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
455
456
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
457
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
458
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
459
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
460
  V(_UsingTestNetworkDefaults,   BOOL,     "0"),
461

462
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
463
};
464

465
466
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
467
static const config_var_t testing_tor_network_defaults[] = {
468
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
469
470
471
472
473
474
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
475
  V(ClientRejectInternalAddresses, BOOL,   "0"),
476
  V(CountPrivateBandwidth,       BOOL,     "1"),
477
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
478
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
479
480
481
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
482
483
484
485
486
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
487
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
488
  V(_UsingTestNetworkDefaults,   BOOL,     "1"),
489

490
491
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
492
493
#undef VAR

494
495
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member),  \
496
      initvalue }
497
498

/** Array of "state" variables saved to the ~/.tor/state file. */
499
static config_var_t _state_vars[] = {
500
501
  /* Remember to document these in state-contents.txt ! */

502
503
504
505
506
  V(AccountingBytesReadInInterval,    MEMUNIT,  NULL),
  V(AccountingBytesWrittenInInterval, MEMUNIT,  NULL),
  V(AccountingExpectedUsage,          MEMUNIT,  NULL),
  V(AccountingIntervalStart,          ISOTIME,  NULL),
  V(AccountingSecondsActive,          INTERVAL, NULL),
507
508
509
  V(AccountingSecondsToReachSoftLimit,INTERVAL, NULL),
  V(AccountingSoftLimitHitAt,         ISOTIME,  NULL),
  V(AccountingBytesAtSoftLimit,       MEMUNIT,  NULL),
Roger Dingledine's avatar
Roger Dingledine committed
510

511
512
513
  VAR("EntryGuard",              LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardDownSince",     LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardUnlistedSince", LINELIST_S,  EntryGuards,             NULL),
514
  VAR("EntryGuardAddedBy",       LINELIST_S,  EntryGuards,             NULL),
515
  VAR("EntryGuardPathBias",      LINELIST_S,  EntryGuards,             NULL),
516
  V(EntryGuards,                 LINELIST_V,  NULL),
Nick Mathewson's avatar
Nick Mathewson committed
517

518
519
520
  VAR("TransportProxy",               LINELIST_S, TransportProxies, NULL),
  V(TransportProxies,                 LINELIST_V, NULL),

521
522
523
  V(BWHistoryReadEnds,                ISOTIME,  NULL),
  V(BWHistoryReadInterval,            UINT,     "900"),
  V(BWHistoryReadValues,              CSV,      ""),
524
  V(BWHistoryReadMaxima,              CSV,      ""),
525
526
527
  V(BWHistoryWriteEnds,               ISOTIME,  NULL),
  V(BWHistoryWriteInterval,           UINT,     "900"),
  V(BWHistoryWriteValues,             CSV,      ""),
528
  V(BWHistoryWriteMaxima,             CSV,      ""),
529
530
531
  V(BWHistoryDirReadEnds,             ISOTIME,  NULL),
  V(BWHistoryDirReadInterval,         UINT,     "900"),
  V(BWHistoryDirReadValues,           CSV,      ""),
532
  V(BWHistoryDirReadMaxima,           CSV,      ""),
533
534
535
  V(BWHistoryDirWriteEnds,            ISOTIME,  NULL),
  V(BWHistoryDirWriteInterval,        UINT,     "900"),
  V(BWHistoryDirWriteValues,          CSV,      ""),
536
  V(BWHistoryDirWriteMaxima,          CSV,      ""),
537

538
  V(TorVersion,                       STRING,   NULL),
539

540
541
  V(LastRotatedOnionKey,              ISOTIME,  NULL),
  V(LastWritten,                      ISOTIME,  NULL),
542

543
  V(TotalBuildTimes,                  UINT,     NULL),
544
  V(CircuitBuildAbandonedCount,       UINT,     "0"),
545
546
  VAR("CircuitBuildTimeBin",          LINELIST_S, BuildtimeHistogram, NULL),
  VAR("BuildtimeHistogram",           LINELIST_V, BuildtimeHistogram, NULL),
547
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
548
549
};

550
#undef VAR
551
#undef V
552
553
#undef OBSOLETE

554
555
/** Represents an English description of a configuration variable; used when
 * generating configuration file comments. */
556
557
558
559
560
typedef struct config_var_description_t {
  const char *name;
  const char *description;
} config_var_description_t;

561
/** Type of a callback to validate whether a given configuration is
Roger Dingledine's avatar
Roger Dingledine committed
562
 * well-formed and consistent. See options_trial_assign() for documentation
563
 * of arguments. */
564
typedef int (*validate_fn_t)(void*,void*,int,char**);
565

566
567
568
/** Information on the keys, value types, key-to-struct-member mappings,
 * variable descriptions, validation functions, and abbreviations for a
 * configuration or storage format. */
569
typedef struct {
570
571
572
  size_t size; /**< Size of the struct that everything gets parsed into. */
  uint32_t magic; /**< Required 'magic value' to make sure we have a struct
                   * of the right type. */
Roger Dingledine's avatar
Roger Dingledine committed
573
  off_t magic_offset; /**< Offset of the magic value within the struct. */
574
  config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
Roger Dingledine's avatar
Roger Dingledine committed
575
                             * parsing this format. */
576
577
578
  config_var_t *vars; /**< List of variables we recognize, their default
                       * values, and where we stick them in the structure. */
  validate_fn_t validate_fn; /**< Function to validate config. */
Roger Dingledine's avatar
Roger Dingledine committed
579
580
581
  /** If present, extra is a LINELIST variable for unrecognized
   * lines.  Otherwise, unrecognized lines are an error. */
  config_var_t *extra;
582
583
} config_format_t;

584
585
/** Macro: assert that <b>cfg</b> has the right magic field for format
 * <b>fmt</b>. */
586
#define CHECK(fmt, cfg) STMT_BEGIN                                      \
587
    tor_assert(fmt && cfg);                                             \
588
    tor_assert((fmt)->magic ==                                          \
589
               *(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset));        \
590
  STMT_END
591

592
#ifdef _WIN32
593
594
static char *get_windows_conf_root(void);
#endif
595
static void config_line_append(config_line_t **lst,
596
                               const char *key, const char *val);
597
598
599
600
601
static void option_clear(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var);
static void option_reset(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var, int use_defaults);
static void config_free(const config_format_t *fmt, void *options);
602
static int config_lines_eq(config_line_t *a, config_line_t *b);
603
static int config_count_key(const config_line_t *a, const char *key);
604
605
static int option_is_same(const config_format_t *fmt,
                          const or_options_t *o1, const or_options_t *o2,
606
                          const char *name);
607
608
609
610
static or_options_t *options_dup(const config_format_t *fmt,
                                 const or_options_t *old);
static int options_validate(or_options_t *old_options,
                            or_options_t *options,
611
                            int from_setconf, char **msg);
612
613
614
615
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
616
                                      char **msg);
617
618
619
620
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
621
static int check_nickname_list(const char *lst, const char *name, char **msg);
622

623
static int parse_bridge_line(const char *line, int validate_only);
George Kadianakis's avatar
George Kadianakis committed
624
static int parse_client_transport_line(const char *line, int validate_only);
625
626

static int parse_server_transport_line(const char *line, int validate_only);
627
static int parse_dir_server_line(const char *line,
628
                                 dirinfo_type_t required_type,
629
                                 int validate_only);
630
static void port_cfg_free(port_cfg_t *port);
631
static int parse_ports(or_options_t *options, int validate_only,
632
                              char **msg_out, int *n_ports_out);
633
634
635
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

636
static int validate_data_directory(or_options_t *options);
637
638
639
640
641
642
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
static config_line_t *get_assigned_option(const config_format_t *fmt,
                                        const void *options, const char *key,
                                        int escape_val);
static void config_init(const config_format_t *fmt, void *options);
643
static int or_state_validate(or_state_t *old_options, or_state_t *options,
644
                             int from_setconf, char **msg);
645
646
static int or_state_load(void);
static int options_init_logs(or_options_t *options, int validate_only);
647

648
static uint64_t config_parse_memunit(const char *s, int *ok);
649
static int config_parse_msec_interval(const char *s, int *ok);
650
static int config_parse_interval(const char *s, int *ok);
651
static void init_libevent(const or_options_t *options);
652
static int opt_streq(const char *s1, const char *s2);
653

654
/** Magic value for or_options_t. */
655
656
#define OR_OPTIONS_MAGIC 9090909

657
/** Configuration format for or_options_t. */
658
static config_format_t options_format = {
659
660
661
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
  STRUCT_OFFSET(or_options_t, _magic),
662
663
664
  _option_abbrevs,
  _option_vars,
  (validate_fn_t)options_validate,
665
  NULL
666
667
};

668
/** Magic value for or_state_t. */
669
670
#define OR_STATE_MAGIC 0x57A73f57

671
672
/** "Extra" variable in the state that receives lines we can't parse. This
 * lets us preserve options from versions of Tor newer than us. */
673
674
675
676
static config_var_t state_extra_var = {
  "__extra", CONFIG_TYPE_LINELIST, STRUCT_OFFSET(or_state_t, ExtraLines), NULL
};

677
/** Configuration format for or_state_t. */
678
static const config_format_t state_format = {
679
680
681
  sizeof(or_state_t),
  OR_STATE_MAGIC,
  STRUCT_OFFSET(or_state_t, _magic),
682
  _state_abbrevs,
683
684
  _state_vars,
  (validate_fn_t)or_state_validate,
685
  &state_extra_var,
686
687
};

688
689
690
691
692
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
693
static or_options_t *global_options = NULL;
694
695
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
696
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
697
/** Name of most recently read torrc file. */
698
static char *torrc_fname = NULL;
699
/** Name of the most recently read torrc-defaults file.*/
700
static char *torrc_defaults_fname;
701
/** Persistent serialized state. */
702
static or_state_t *global_state = NULL;
703
704
/** Configuration Options set by command line. */
static config_line_t *global_cmdline_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
705
/** Contents of most recently read DirPortFrontPage file. */
706
static char *global_dirfrontpagecontents = NULL;
707
708
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
709
710
711
712
713
714
715

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
716

717
/** Allocate an empty configuration object of a given format type. */
718
static void *
719
config_alloc(const config_format_t *fmt)
720
{
721
  void *opts = tor_malloc_zero(fmt->size);
722
  *(uint32_t*)STRUCT_VAR_P(opts, fmt->magic_offset) = fmt->magic;
723
724
725
726
  CHECK(fmt, opts);
  return opts;
}

727
728
/** Return the currently configured options. */
or_options_t *
Nick Mathewson's avatar