config.c 242 KB
Newer Older
1
/* Copyright (c) 2001 Matej Pfajfar.
Roger Dingledine's avatar
Roger Dingledine committed
2
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2015, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
#define CONFIG_PRIVATE
Roger Dingledine's avatar
Roger Dingledine committed
13
#include "or.h"
14
#include "compat.h"
15
#include "addressmap.h"
16
#include "channel.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "circuitlist.h"
19
20
#include "circuitmux.h"
#include "circuitmux_ewma.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "connection_edge.h"
24
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "control.h"
26
#include "confparse.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "dns.h"
31
#include "entrynodes.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "networkstatus.h"
36
#include "nodelist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
38
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
39
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
40
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
41
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
42
#include "router.h"
43
#include "sandbox.h"
44
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
45
#include "routerlist.h"
46
#include "routerset.h"
47
#include "scheduler.h"
48
#include "statefile.h"
49
#include "transports.h"
50
#include "ext_orport.h"
51
#include "torgzip.h"
52
#ifdef _WIN32
53
54
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
55

56
57
58
59
60
#include "procmon.h"

/* From main.c */
extern int quiet_level;

61
62
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
63
static config_abbrev_t option_abbrevs_[] = {
64
65
66
67
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
68
  PLURAL(EntryNode),
69
70
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
71
  PLURAL(LongLivedPort),
72
73
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
74
  PLURAL(NumCPU),
75
76
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
77
78
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
79
  PLURAL(StrictNode),
80
  { "l", "Log", 1, 0},
81
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
82
83
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
84
85
86
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
87
  { "DirServer", "DirAuthority", 0, 0}, /* XXXX024 later, make this warn? */
88
  { "MaxConn", "ConnLimit", 0, 1},
89
  { "MaxMemInCellQueues", "MaxMemInQueues", 0, 0},
90
91
92
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
93
94
95
96
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
97
98
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
99
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
100
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
101
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
102
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
103
  { "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0},
104
  { "_UseFilteringSSLBufferevents", "UseFilteringSSLBufferevents", 0, 1},
105
106
  { NULL, NULL, 0, 0},
};
107

Nick Mathewson's avatar
Nick Mathewson committed
108
109
110
111
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
112
113
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
114
      initvalue }
115
116
117
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
118
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
119
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
120

121
122
123
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
124
125
126
127
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
128
static config_var_t option_vars_[] = {
129
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
130
  VAR("AccountingRule",          STRING,   AccountingRule_option,  "max"),
131
132
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
133
  V(AllowDotExit,                BOOL,     "0"),
134
135
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
136
137
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
138
139
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
140
  OBSOLETE("AlternateHSAuthority"),
141
  V(AssumeReachable,             BOOL,     "0"),
142
143
  OBSOLETE("AuthDirBadDir"),
  OBSOLETE("AuthDirBadDirCCs"),
144
  V(AuthDirBadExit,              LINELIST, NULL),
145
  V(AuthDirBadExitCCs,           CSV,      ""),
146
  V(AuthDirInvalid,              LINELIST, NULL),
147
  V(AuthDirInvalidCCs,           CSV,      ""),
148
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
149
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "2 MB"),
150
  V(AuthDirReject,               LINELIST, NULL),
151
  V(AuthDirRejectCCs,            CSV,      ""),
152
  OBSOLETE("AuthDirRejectUnlisted"),
153
  OBSOLETE("AuthDirListBadDirs"),
154
  V(AuthDirListBadExits,         BOOL,     "0"),
155
156
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
157
  V(AuthDirHasIPv6Connectivity,  BOOL,     "0"),
158
159
160
161
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
162
163
  V(BandwidthBurst,              MEMUNIT,  "1 GB"),
  V(BandwidthRate,               MEMUNIT,  "1 GB"),
164
165
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
166
  V(BridgePassword,              STRING,   NULL),
167
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
168
  V(BridgeRelay,                 BOOL,     "0"),
169
  V(CellStatistics,              BOOL,     "0"),
170
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
171
  V(CircuitBuildTimeout,         INTERVAL, "0"),
172
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
173
  V(CircuitStreamTimeout,        INTERVAL, "0"),
174
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
175
176
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
177
  V(ClientPreferIPv6ORPort,      BOOL,     "0"),
178
  V(ClientRejectInternalAddresses, BOOL,   "1"),
179
  V(ClientTransportPlugin,       LINELIST, NULL),
180
  V(ClientUseIPv6,               BOOL,     "0"),
181
  V(ConsensusParams,             STRING,   NULL),
182
  V(ConnLimit,                   UINT,     "1000"),
183
  V(ConnDirectionStatistics,     BOOL,     "0"),
184
185
186
187
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
188
  VPORT(ControlPort,                 LINELIST, NULL),
189
  V(ControlPortFileGroupReadable,BOOL,     "0"),
190
  V(ControlPortWriteToFile,      FILENAME, NULL),
191
  V(ControlSocket,               LINELIST, NULL),
192
  V(ControlSocketsGroupWritable, BOOL,     "0"),
193
194
195
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
196
  V(CountPrivateBandwidth,       BOOL,     "0"),
197
  V(DataDirectory,               FILENAME, NULL),
198
  V(DisableNetwork,              BOOL,     "0"),
199
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
200
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
201
202
  V(DirListenAddress,            LINELIST, NULL),
  V(DirPolicy,                   LINELIST, NULL),
203
  VPORT(DirPort,                     LINELIST, NULL),
204
  V(DirPortFrontPage,            FILENAME, NULL),
205
  VAR("DirReqStatistics",        BOOL,     DirReqStatistics_option, "1"),
206
  VAR("DirAuthority",            LINELIST, DirAuthorities, NULL),
207
  V(DirAuthorityFallbackRate,    DOUBLE,   "1.0"),
208
  V(DisableAllSwap,              BOOL,     "0"),
209
  V(DisableDebuggerAttachment,   BOOL,     "1"),
210
  V(DisableIOCP,                 BOOL,     "1"),
211
  OBSOLETE("DisableV2DirectoryInfo_"),
212
  V(DynamicDHGroups,             BOOL,     "0"),
213
  VPORT(DNSPort,                     LINELIST, NULL),
214
215
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
216
  V(TestingEnableConnBwEvent,    BOOL,     "0"),
217
  V(TestingEnableCellStatsEvent, BOOL,     "0"),
218
  V(TestingEnableTbEmptyEvent,   BOOL,     "0"),
219
  V(EnforceDistinctSubnets,      BOOL,     "1"),
220
  V(EntryNodes,                  ROUTERSET,   NULL),
221
  V(EntryStatistics,             BOOL,     "0"),
222
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
223
224
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
225
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
226
  V(ExitNodes,                   ROUTERSET, NULL),
227
228
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
229
  V(ExitPortStatistics,          BOOL,     "0"),
230
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
231
  V(ExitRelay,                   AUTOBOOL, "auto"),
232
  VPORT(ExtORPort,               LINELIST, NULL),
233
  V(ExtORPortCookieAuthFile,     STRING,   NULL),
234
  V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
235
  V(ExtraInfoStatistics,         BOOL,     "1"),
236
  V(FallbackDir,                 LINELIST, NULL),
237

238
  OBSOLETE("FallbackNetworkstatusFile"),
239
240
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
241
  V(FastFirstHopPK,              AUTOBOOL, "auto"),
242
  V(FetchDirInfoEarly,           BOOL,     "0"),
243
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
244
245
246
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
247
  OBSOLETE("FetchV2Networkstatus"),
248
  V(GeoIPExcludeUnknown,         AUTOBOOL, "auto"),
249
#ifdef _WIN32
250
  V(GeoIPFile,                   FILENAME, "<default>"),
nils's avatar
nils committed
251
  V(GeoIPv6File,                 FILENAME, "<default>"),
252
#else
253
254
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
nils's avatar
nils committed
255
256
  V(GeoIPv6File,                 FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip6"),
257
#endif
258
  OBSOLETE("Group"),
259
  V(GuardLifetime,               INTERVAL, "0 minutes"),
260
  V(HardwareAccel,               BOOL,     "0"),
261
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
262
263
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
264
  V(HashedControlPassword,       LINELIST, NULL),
265
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
266
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
267
  VAR("HiddenServiceDirGroupReadable",  LINELIST_S, RendConfigLines, NULL),
Nick Mathewson's avatar
Nick Mathewson committed
268
269
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
270
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
271
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
272
  V(HiddenServiceStatistics,     BOOL,     "0"),
273
  V(HidServAuth,                 LINELIST, NULL),
274
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
275
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
276
277
278
279
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
280
  V(IPv6Exit,                    BOOL,     "0"),
281
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
282
  V(ServerTransportListenAddr,   LINELIST, NULL),
283
  V(ServerTransportOptions,      LINELIST, NULL),
284
285
286
287
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
288
289
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
290
  V(LogMessageDomains,           BOOL,     "0"),
291
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
Arlo Breault's avatar
Arlo Breault committed
292
  V(TruncateLogFile,             BOOL,     "0"),
293
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
294
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
295
296
297
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
298
  V(MaxClientCircuitsPending,    UINT,     "32"),
299
  VAR("MaxMemInQueues",          MEMUNIT,   MaxMemInQueues_raw, "0"),
300
301
  OBSOLETE("MaxOnionsPending"),
  V(MaxOnionQueueDelay,          MSEC_INTERVAL, "1750 msec"),
302
  V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"),
303
304
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
305
  OBSOLETE("NamingAuthoritativeDirectory"),
306
  V(NATDListenAddress,           LINELIST, NULL),
307
  VPORT(NATDPort,                    LINELIST, NULL),
308
  V(Nickname,                    STRING,   NULL),
309
  V(PredictedPortsRelevanceTime,  INTERVAL, "1 hour"),
310
  V(WarnUnsafeSocks,              BOOL,     "1"),
311
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
312
  V(NumCPUs,                     UINT,     "0"),
313
  V(NumDirectoryGuards,          UINT,     "0"),
314
  V(NumEntryGuards,              UINT,     "0"),
315
  V(ORListenAddress,             LINELIST, NULL),
316
  VPORT(ORPort,                      LINELIST, NULL),
317
  V(OutboundBindAddress,         LINELIST,   NULL),
318

319
  OBSOLETE("PathBiasDisableRate"),
320
321
  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
322
  V(PathBiasWarnRate,            DOUBLE,   "-1"),
323
  V(PathBiasExtremeRate,         DOUBLE,   "-1"),
324
  V(PathBiasScaleThreshold,      INT,      "-1"),
325
326
  OBSOLETE("PathBiasScaleFactor"),
  OBSOLETE("PathBiasMultFactor"),
327
  V(PathBiasDropGuards,          AUTOBOOL, "0"),
328
329
330
331
332
333
  OBSOLETE("PathBiasUseCloseCounts"),

  V(PathBiasUseThreshold,       INT,      "-1"),
  V(PathBiasNoticeUseRate,          DOUBLE,   "-1"),
  V(PathBiasExtremeUseRate,         DOUBLE,   "-1"),
  V(PathBiasScaleUseThreshold,      INT,      "-1"),
334

335
  V(PathsNeededToBuildCircuits,  DOUBLE,   "-1"),
336
337
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
338
  V(PidFile,                     STRING,   NULL),
339
  V(TestingTorNetwork,           BOOL,     "0"),
340
  V(TestingMinExitFlagThreshold, MEMUNIT,  "0"),
341
  V(TestingMinFastFlagThreshold, MEMUNIT,  "0"),
342
  V(OptimisticData,              AUTOBOOL, "auto"),
343
344
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
345
  OBSOLETE("PreferTunneledDirConns"),
346
  V(ProtocolWarnings,            BOOL,     "0"),
347
  V(PublishServerDescriptor,     CSV,      "1"),
348
349
350
351
352
353
354
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
355
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
356
  V(RejectPlaintextPorts,        CSV,      ""),
357
358
359
360
361
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
  V(RunAsDaemon,                 BOOL,     "0"),
362
  OBSOLETE("RunTesting"), // currently unused
363
  V(Sandbox,                     BOOL,     "0"),
364
  V(SafeLogging,                 STRING,   "1"),
365
  V(SafeSocks,                   BOOL,     "0"),
366
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
367
368
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
369
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
370
371
372
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
373
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
374
375
376
  V(SchedulerLowWaterMark__,     MEMUNIT,  "100 MB"),
  V(SchedulerHighWaterMark__,    MEMUNIT,  "101 MB"),
  V(SchedulerMaxFlushCells__,    UINT,     "1000"),
377
378
379
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
380
  VPORT(SocksPort,                   LINELIST, NULL),
381
  V(SocksTimeout,                INTERVAL, "2 minutes"),
382
  V(SSLKeyLifetime,              INTERVAL, "0"),
383
384
  OBSOLETE("StrictEntryNodes"),
  OBSOLETE("StrictExitNodes"),
385
  V(StrictNodes,                 BOOL,     "0"),
386
  OBSOLETE("Support022HiddenServices"),
387
  V(TestSocks,                   BOOL,     "0"),
388
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
389
  V(Tor2webMode,                 BOOL,     "0"),
390
  V(TLSECGroup,                  STRING,   NULL),
391
392
393
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
  V(TransListenAddress,          LINELIST, NULL),
394
  VPORT(TransPort,                   LINELIST, NULL),
395
  V(TransProxyType,              STRING,   "default"),
396
  OBSOLETE("TunnelDirConns"),
397
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
398
  V(UseBridges,                  BOOL,     "0"),
399
  V(UseEntryGuards,              BOOL,     "1"),
400
  V(UseEntryGuardsAsDirGuards,   BOOL,     "1"),
401
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
402
  V(UseNTorHandshake,            AUTOBOOL, "1"),
403
  V(User,                        STRING,   NULL),
404
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
405
  OBSOLETE("V1AuthoritativeDirectory"),
406
  OBSOLETE("V2AuthoritativeDirectory"),
407
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
408
409
410
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
411
  V(TestingV3AuthVotingStartOffset, INTERVAL, "0"),
412
413
414
415
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
416
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
417
  V(V3BandwidthsFile,            FILENAME, NULL),
418
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
419
420
  V(VirtualAddrNetworkIPv4,      STRING,   "127.192.0.0/10"),
  V(VirtualAddrNetworkIPv6,      STRING,   "[FE80::]/10"),
421
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
422
  V(UseFilteringSSLBufferevents, BOOL,    "0"),
423
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
424
425
426
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
427
428
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
429
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
430
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
431
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
  V(TestingServerDownloadSchedule, CSV_INTERVAL, "0, 0, 0, 60, 60, 120, "
                                 "300, 900, 2147483647"),
  V(TestingClientDownloadSchedule, CSV_INTERVAL, "0, 0, 60, 300, 600, "
                                 "2147483647"),
  V(TestingServerConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
                                 "300, 600, 1800, 1800, 1800, 1800, "
                                 "1800, 3600, 7200"),
  V(TestingClientConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
                                 "300, 600, 1800, 3600, 3600, 3600, "
                                 "10800, 21600, 43200"),
  V(TestingBridgeDownloadSchedule, CSV_INTERVAL, "3600, 900, 900, 3600"),
  V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "10 minutes"),
  V(TestingDirConnectionMaxStall, INTERVAL, "5 minutes"),
  V(TestingConsensusMaxDownloadTries, UINT, "8"),
  V(TestingDescriptorMaxDownloadTries, UINT, "8"),
  V(TestingMicrodescMaxDownloadTries, UINT, "8"),
  V(TestingCertMaxDownloadTries, UINT, "8"),
449
  V(TestingDirAuthVoteExit, ROUTERSET, NULL),
450
  V(TestingDirAuthVoteGuard, ROUTERSET, NULL),
451
  V(TestingDirAuthVoteHSDir, ROUTERSET, NULL),
452
  VAR("___UsingTestNetworkDefaults", BOOL, UsingTestNetworkDefaults_, "0"),
453

454
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
455
};
456

457
458
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
459
static const config_var_t testing_tor_network_defaults[] = {
460
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
461
462
463
464
465
466
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
467
  V(ClientRejectInternalAddresses, BOOL,   "0"),
468
  V(CountPrivateBandwidth,       BOOL,     "1"),
469
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
470
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
471
472
473
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
474
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "150 seconds"),
475
476
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
477
  V(TestingV3AuthVotingStartOffset, INTERVAL, "0"),
478
479
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
480
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
  V(TestingServerDownloadSchedule, CSV_INTERVAL, "0, 0, 0, 5, 10, 15, "
                                 "20, 30, 60"),
  V(TestingClientDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, 15, 20, "
                                 "30, 60"),
  V(TestingServerConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, "
                                 "15, 20, 30, 60"),
  V(TestingClientConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, "
                                 "15, 20, 30, 60"),
  V(TestingBridgeDownloadSchedule, CSV_INTERVAL, "60, 30, 30, 60"),
  V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "5 seconds"),
  V(TestingDirConnectionMaxStall, INTERVAL, "30 seconds"),
  V(TestingConsensusMaxDownloadTries, UINT, "80"),
  V(TestingDescriptorMaxDownloadTries, UINT, "80"),
  V(TestingMicrodescMaxDownloadTries, UINT, "80"),
  V(TestingCertMaxDownloadTries, UINT, "80"),
496
  V(TestingEnableConnBwEvent,    BOOL,     "1"),
497
  V(TestingEnableCellStatsEvent, BOOL,     "1"),
498
  V(TestingEnableTbEmptyEvent,   BOOL,     "1"),
499
  VAR("___UsingTestNetworkDefaults", BOOL, UsingTestNetworkDefaults_, "1"),
500
  V(RendPostPeriod,              INTERVAL, "2 minutes"),
501

502
503
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
504

505
#undef VAR
506
#undef V
507
508
#undef OBSOLETE

509
#ifdef _WIN32
510
511
static char *get_windows_conf_root(void);
#endif
512
513
514
515
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
516
                                      char **msg);
517
518
519
520
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
521
static int check_nickname_list(char **lst, const char *name, char **msg);
522
523
static char *get_bindaddr_from_transport_listen_line(const char *line,
                                                     const char *transport);
524
static int parse_dir_authority_line(const char *line,
525
                                 dirinfo_type_t required_type,
526
                                 int validate_only);
527
528
static int parse_dir_fallback_line(const char *line,
                                   int validate_only);
529
static void port_cfg_free(port_cfg_t *port);
530
static int parse_ports(or_options_t *options, int validate_only,
531
                              char **msg_out, int *n_ports_out);
532
533
534
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

535
static int validate_data_directory(or_options_t *options);
536
537
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
Arlo Breault's avatar
Arlo Breault committed
538
539
static int options_init_logs(const or_options_t *old_options,
                             or_options_t *options, int validate_only);
540

541
static void init_libevent(const or_options_t *options);
542
static int opt_streq(const char *s1, const char *s2);
543
544
static int parse_outbound_addresses(or_options_t *options, int validate_only,
                                    char **msg);
Linus Nordberg's avatar
Linus Nordberg committed
545
546
static void config_maybe_load_geoip_files_(const or_options_t *options,
                                           const or_options_t *old_options);
547
548
549
static int options_validate_cb(void *old_options, void *options,
                               void *default_options,
                               int from_setconf, char **msg);
550
551
static uint64_t compute_real_max_mem_in_queues(const uint64_t val,
                                               int log_guess);
552

553
/** Magic value for or_options_t. */
554
555
#define OR_OPTIONS_MAGIC 9090909

556
/** Configuration format for or_options_t. */
557
STATIC config_format_t options_format = {
558
559
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
560
561
562
  STRUCT_OFFSET(or_options_t, magic_),
  option_abbrevs_,
  option_vars_,
563
  options_validate_cb,
564
  NULL
565
566
};

567
568
569
570
571
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
572
static or_options_t *global_options = NULL;
573
574
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
575
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
576
/** Name of most recently read torrc file. */
577
static char *torrc_fname = NULL;
578
/** Name of the most recently read torrc-defaults file.*/
579
static char *torrc_defaults_fname;
580
/** Configuration options set by command line. */
581
static config_line_t *global_cmdline_options = NULL;
582
583
584
585
/** Non-configuration options set by the command line */
static config_line_t *global_cmdline_only_options = NULL;
/** Boolean: Have we parsed the command line? */
static int have_parsed_cmdline = 0;
Roger Dingledine's avatar
Roger Dingledine committed
586
/** Contents of most recently read DirPortFrontPage file. */
587
static char *global_dirfrontpagecontents = NULL;
588
589
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
590
591
592
593
594
595
596

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
597

598
599
/** Return the currently configured options. */
or_options_t *
600
get_options_mutable(void)
601
{
602
603
604
  tor_assert(global_options);
  return global_options;
}
605

606
/** Returns the currently configured options */
607
608
MOCK_IMPL(const or_options_t *,
get_options,(void))
609
610
611
612
{
  return get_options_mutable();
}

613
614
/** Change the current global options to contain <b>new_val</b> instead of
 * their current value; take action based on the new value; free the old value
615
 * as necessary.  Returns 0 on success, -1 on failure.
616
 */
617
int
618
set_options(or_options_t *new_val, char **msg)
619
{
620
621
622
  int i;
  smartlist_t *elements;
  config_line_t *line;
623
  or_options_t *old_options = global_options;
624
  global_options = new_val;
625
626
  /* Note that we pass the *old* options below, for comparison. It
   * pulls the new options directly out of global_options. */
627
628
  if (options_act_reversible(old_options, msg)<0) {
    tor_assert(*msg);
629
630
631
    global_options = old_options;
    return -1;
  }
632
  if (options_act(old_options) < 0) { /* acting on the options failed. die. */
633
    log_err(LD_BUG,
Roger Dingledine's avatar
Roger Dingledine committed
634
            "Acting on config options left us in a broken state. Dying.");
635
636
    exit(1);
  }
637
638
  /* Issues a CONF_CHANGED event to notify controller of the change. If Tor is
   * just starting up then the old_options will be undefined. */
639
  if (old_options && old_options != global_options) {
640
    elements = smartlist_new();
641
    for (i=0; options_format.vars[i].name; ++i) {
642
643
      const config_var_t *var = &options_format.vars[i];
      const char *var_name = var->name;
644
645
646
647
      if (var->type == CONFIG_TYPE_LINELIST_S ||
          var->type == CONFIG_TYPE_OBSOLETE) {
        continue;
      }
648
649
650
      if (!config_is_same(&options_format, new_val, old_options, var_name)) {
        line = config_get_assigned_option(&options_format, new_val,
                                          var_name, 1);
651
652

        if (line) {
Nick Mathewson's avatar
Nick Mathewson committed
653
654
655
          config_line_t *next;
          for (; line; line = next) {
            next = line->next;
656
657
            smartlist_add(elements, line->key);
            smartlist_add(elements, line->value);
Nick Mathewson's avatar
Nick Mathewson committed
658
            tor_free(line);
659
660
          }
        } else {
661
          smartlist_add(elements, tor_strdup(options_format.vars[i].name));
662
          smartlist_add(elements, NULL);
663
664
665
        }
      }
    }
666
    control_event_conf_changed(elements);
667
    SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
668
669
    smartlist_free(elements);
  }
670
671
672

  if (old_options != global_options)
    config_free(&options_format, old_options);
673
674

  return 0;
675
676
}

677
extern const char tor_git_revision[]; /* from tor_main.c */
678

679
/** The version of this Tor process, as parsed. */
680
static char *the_tor_version = NULL;
Nick Mathewson's avatar
Nick Mathewson committed
681
682
/** A shorter version of this Tor process's version, for export in our router
 *  descriptor.  (Does not include the git version, if any.) */
683
static char *the_short_tor_version = NULL;
684

685
/** Return the current Tor version. */
686
687
688
const char *
get_version(void)
{
689
  if (the_tor_version == NULL) {
690
    if (strlen(tor_git_revision)) {
691
692
      tor_asprintf(&the_tor_version, "%s (git-%s)", get_short_version(),
                   tor_git_revision);
693
    } else {
694
      the_tor_version = tor_strdup(get_short_version());
695
696
    }
  }
697
  return the_tor_version;
698
699
}

700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
/** Return the current Tor version, without any git tag. */
const char *
get_short_version(void)
{

  if (the_short_tor_version == NULL) {
#ifdef TOR_BUILD_TAG
    tor_asprintf(&the_short_tor_version, "%s (%s)", VERSION, TOR_BUILD_TAG);
#else
    the_short_tor_version = tor_strdup(VERSION);
#endif
  }
  return the_short_tor_version;
}

715
716
/** Release additional memory allocated in options
 */
717
STATIC void
718
719
or_options_free(or_options_t *options)
{
720
721
722
  if (!options)
    return;

723
  routerset_free(options->ExcludeExitNodesUnion_);
724
725
726
727
728
  if (options->NodeFamilySets) {
    SMARTLIST_FOREACH(options->NodeFamilySets, routerset_t *,
                      rs, routerset_free(rs));
    smartlist_free(options->NodeFamilySets);
  }
729
  tor_free(options->BridgePassword_AuthDigest_);
730
  tor_free(options->command_arg);
731
732
733
  config_free(&options_format, options);
}

734
735
/** Release all memory and resources held by global configuration structures.
 */