config.c 244 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2012, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
13
#define CONFIG_PRIVATE

Roger Dingledine's avatar
Roger Dingledine committed
14
#include "or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
15
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
16
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
19
#include "connection_edge.h"
20
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
24
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "dns.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
26
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "networkstatus.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
31
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "router.h"
36
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "routerlist.h"
38
#include "transports.h"
39
#ifdef _WIN32
40
41
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
42

43
44
45
46
47
#include "procmon.h"

/* From main.c */
extern int quiet_level;

Nick Mathewson's avatar
Nick Mathewson committed
48
49
/** Enumeration of types which option values can take */
typedef enum config_type_t {
50
  CONFIG_TYPE_STRING = 0,   /**< An arbitrary string. */
51
  CONFIG_TYPE_FILENAME,     /**< A filename: some prefixes get expanded. */
52
  CONFIG_TYPE_UINT,         /**< A non-negative integer less than MAX_INT */
53
  CONFIG_TYPE_INT,          /**< Any integer. */
54
55
  CONFIG_TYPE_PORT,         /**< A port from 1...65535, 0 for "not set", or
                             * "auto".  */
56
  CONFIG_TYPE_INTERVAL,     /**< A number of seconds, with optional units*/
57
58
  CONFIG_TYPE_MSEC_INTERVAL,/**< A number of milliseconds, with optional
                              * units */
59
  CONFIG_TYPE_MEMUNIT,      /**< A number of bytes, with optional units*/
60
61
  CONFIG_TYPE_DOUBLE,       /**< A floating-point value */
  CONFIG_TYPE_BOOL,         /**< A boolean value, expressed as 0 or 1. */
62
63
  CONFIG_TYPE_AUTOBOOL,     /**< A boolean+auto value, expressed 0 for false,
                             * 1 for true, and -1 for auto  */
Nick Mathewson's avatar
Nick Mathewson committed
64
  CONFIG_TYPE_ISOTIME,      /**< An ISO-formatted time relative to GMT. */
65
66
  CONFIG_TYPE_CSV,          /**< A list of strings, separated by commas and
                              * optional whitespace. */
67
  CONFIG_TYPE_LINELIST,     /**< Uninterpreted config lines */
68
69
70
71
72
  CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
                             * mixed with other keywords. */
  CONFIG_TYPE_LINELIST_V,   /**< Catch-all "virtual" option to summarize
                             * context-sensitive config lines when fetching.
                             */
73
74
  CONFIG_TYPE_ROUTERSET,    /**< A list of router names, addrs, and fps,
                             * parsed into a routerset_t. */
75
  CONFIG_TYPE_OBSOLETE,     /**< Obsolete (ignored) option. */
Nick Mathewson's avatar
Nick Mathewson committed
76
} config_type_t;
77

78
/** An abbreviation for a configuration option allowed on the command line. */
79
typedef struct config_abbrev_t {
80
81
  const char *abbreviated;
  const char *full;
82
  int commandline_only;
83
  int warn;
84
85
} config_abbrev_t;

86
87
/* Handy macro for declaring "In the config file or on the command line,
 * you can abbreviate <b>tok</b>s as <b>tok</b>". */
88
#define PLURAL(tok) { #tok, #tok "s", 0, 0 }
89

90
91
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
92
static config_abbrev_t _option_abbrevs[] = {
93
94
95
96
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
97
  PLURAL(ExitNode),
98
  PLURAL(EntryNode),
99
100
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
101
  PLURAL(LongLivedPort),
102
103
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
104
  PLURAL(NumCPU),
105
106
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
107
108
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
109
  PLURAL(StrictNode),
110
  { "l", "Log", 1, 0},
111
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
112
113
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
114
115
116
117
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
  { "MaxConn", "ConnLimit", 0, 1},
118
119
120
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
121
122
123
124
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
125
126
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
127
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
128
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
129
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
130
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
131
132
  { "StrictEntryNodes", "StrictNodes", 0, 1},
  { "StrictExitNodes", "StrictNodes", 0, 1},
133
134
  { NULL, NULL, 0, 0},
};
135
136

/** A list of state-file "abbreviations," for compatibility. */
137
static config_abbrev_t _state_abbrevs[] = {
138
  { "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
139
140
141
142
143
144
  { "HelperNode", "EntryGuard", 0, 0 },
  { "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
  { "EntryNode", "EntryGuard", 0, 0 },
  { "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
145
  { NULL, NULL, 0, 0},
146
};
147
#undef PLURAL
148

149
/** A variable allowed in the configuration file or on the command line. */
150
typedef struct config_var_t {
151
  const char *name; /**< The full keyword (case insensitive). */
152
153
  config_type_t type; /**< How to interpret the type and turn it into a
                       * value. */
154
155
  off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
  const char *initvalue; /**< String (or null) describing initial value. */
156
157
} config_var_t;

Nick Mathewson's avatar
Nick Mathewson committed
158
159
160
161
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
162
163
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
164
      initvalue }
165
166
167
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
168
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
169
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
170

171
172
173
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
174
175
176
177
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
178
static config_var_t _option_vars[] = {
179
  OBSOLETE("AccountingMaxKB"),
180
181
182
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
183
  V(AllowDotExit,                BOOL,     "0"),
184
185
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
186
187
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
188
189
190
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
  V(AlternateHSAuthority,        LINELIST, NULL),
191
  V(AssumeReachable,             BOOL,     "0"),
192
  V(AuthDirBadDir,               LINELIST, NULL),
193
  V(AuthDirBadDirCCs,            CSV,      ""),
194
  V(AuthDirBadExit,              LINELIST, NULL),
195
  V(AuthDirBadExitCCs,           CSV,      ""),
196
  V(AuthDirInvalid,              LINELIST, NULL),
197
  V(AuthDirInvalidCCs,           CSV,      ""),
198
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
199
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
200
  V(AuthDirReject,               LINELIST, NULL),
201
  V(AuthDirRejectCCs,            CSV,      ""),
202
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
203
  V(AuthDirListBadDirs,          BOOL,     "0"),
204
  V(AuthDirListBadExits,         BOOL,     "0"),
205
206
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
207
  V(AuthDirHasIPv6Connectivity,  AUTOBOOL, "0"),
208
209
210
211
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
212
213
  V(BandwidthBurst,              MEMUNIT,  "10 MB"),
  V(BandwidthRate,               MEMUNIT,  "5 MB"),
214
215
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
216
  V(BridgePassword,              STRING,   NULL),
217
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
218
  V(BridgeRelay,                 BOOL,     "0"),
219
  V(CellStatistics,              BOOL,     "0"),
220
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
221
  V(CircuitBuildTimeout,         INTERVAL, "0"),
222
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
223
  V(CircuitStreamTimeout,        INTERVAL, "0"),
224
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
225
226
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
227
  V(ClientPreferIPv6ORPort,      BOOL,     "0"),
228
  V(ClientRejectInternalAddresses, BOOL,   "1"),
229
  V(ClientTransportPlugin,       LINELIST, NULL),
230
  V(ClientUseIPv6,               BOOL,     "0"),
231
  V(ConsensusParams,             STRING,   NULL),
232
  V(ConnLimit,                   UINT,     "1000"),
233
  V(ConnDirectionStatistics,     BOOL,     "0"),
234
235
236
237
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
238
  VPORT(ControlPort,                 LINELIST, NULL),
239
  V(ControlPortFileGroupReadable,BOOL,     "0"),
240
  V(ControlPortWriteToFile,      FILENAME, NULL),
241
  V(ControlSocket,               LINELIST, NULL),
242
  V(ControlSocketsGroupWritable, BOOL,     "0"),
243
244
245
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
246
  V(CountPrivateBandwidth,       BOOL,     "0"),
247
  V(DataDirectory,               FILENAME, NULL),
248
  OBSOLETE("DebugLogFile"),
249
  V(DisableNetwork,              BOOL,     "0"),
250
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
251
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
252
  V(DirListenAddress,            LINELIST, NULL),
253
  OBSOLETE("DirFetchPeriod"),
254
  V(DirPolicy,                   LINELIST, NULL),
255
  VPORT(DirPort,                     LINELIST, NULL),
256
  V(DirPortFrontPage,            FILENAME, NULL),
257
  OBSOLETE("DirPostPeriod"),
258
259
260
261
  OBSOLETE("DirRecordUsageByCountry"),
  OBSOLETE("DirRecordUsageGranularity"),
  OBSOLETE("DirRecordUsageRetainIPs"),
  OBSOLETE("DirRecordUsageSaveInterval"),
262
  V(DirReqStatistics,            BOOL,     "1"),
263
  VAR("DirServer",               LINELIST, DirServers, NULL),
264
  V(DisableAllSwap,              BOOL,     "0"),
265
  V(DisableDebuggerAttachment,   BOOL,     "1"),
266
  V(DisableIOCP,                 BOOL,     "1"),
267
  V(DynamicDHGroups,             BOOL,     "0"),
268
  VPORT(DNSPort,                     LINELIST, NULL),
269
270
271
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
  V(EnforceDistinctSubnets,      BOOL,     "1"),
272
  V(EntryNodes,                  ROUTERSET,   NULL),
273
  V(EntryStatistics,             BOOL,     "0"),
274
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
275
276
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
277
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
278
  V(ExitNodes,                   ROUTERSET, NULL),
279
280
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
281
  V(ExitPortStatistics,          BOOL,     "0"),
282
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
283
  V(ExtraInfoStatistics,         BOOL,     "1"),
284

valerino's avatar
valerino committed
285
286
287
#if defined (WINCE)
  V(FallbackNetworkstatusFile,   FILENAME, "fallback-consensus"),
#else
288
  V(FallbackNetworkstatusFile,   FILENAME,
289
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
valerino's avatar
valerino committed
290
#endif
291
292
293
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
  V(FastFirstHopPK,              BOOL,     "1"),
294
  V(FetchDirInfoEarly,           BOOL,     "0"),
295
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
296
297
298
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
299
  V(FetchV2Networkstatus,        BOOL,     "0"),
300
#ifdef _WIN32
301
  V(GeoIPFile,                   FILENAME, "<default>"),
302
#else
303
304
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
305
#endif
306
  OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
307
  OBSOLETE("Group"),
308
  V(HardwareAccel,               BOOL,     "0"),
309
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
310
311
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
312
  V(HashedControlPassword,       LINELIST, NULL),
313
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
314
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
315
316
  OBSOLETE("HiddenServiceExcludeNodes"),
  OBSOLETE("HiddenServiceNodes"),
Nick Mathewson's avatar
Nick Mathewson committed
317
318
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
319
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
320
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
321
  V(HidServAuth,                 LINELIST, NULL),
322
  V(HSAuthoritativeDir,          BOOL,     "0"),
323
  OBSOLETE("HSAuthorityRecordStats"),
324
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
325
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
326
327
328
329
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
330
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
331
332
333
334
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
335
  OBSOLETE("IgnoreVersion"),
336
337
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
338
  V(LogMessageDomains,           BOOL,     "0"),
339
  OBSOLETE("LinkPadding"),
340
341
  OBSOLETE("LogLevel"),
  OBSOLETE("LogFile"),
342
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
343
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
344
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
345
346
347
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
348
  V(MaxClientCircuitsPending,    UINT,     "32"),
349
  V(MaxOnionsPending,            UINT,     "100"),
350
  OBSOLETE("MonthlyAccountingStart"),
351
352
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
353
  VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
354
  V(NATDListenAddress,           LINELIST, NULL),
355
  VPORT(NATDPort,                    LINELIST, NULL),
356
  V(Nickname,                    STRING,   NULL),
357
  V(WarnUnsafeSocks,              BOOL,     "1"),
Sebastian Hahn's avatar
Sebastian Hahn committed
358
  OBSOLETE("NoPublish"),
359
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
360
  V(NumCPUs,                     UINT,     "0"),
361
362
  V(NumEntryGuards,              UINT,     "3"),
  V(ORListenAddress,             LINELIST, NULL),
363
  VPORT(ORPort,                      LINELIST, NULL),
364
  V(OutboundBindAddress,         STRING,   NULL),
365
366
367
368
369
370
371

  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
  V(PathBiasDisableRate,         DOUBLE,   "-1"),
  V(PathBiasScaleThreshold,      INT,      "-1"),
  V(PathBiasScaleFactor,         INT,      "-1"),

372
  OBSOLETE("PathlenCoinWeight"),
373
374
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
375
  V(PidFile,                     STRING,   NULL),
376
  V(TestingTorNetwork,           BOOL,     "0"),
377
  V(OptimisticData,              AUTOBOOL, "auto"),
378
379
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
Roger Dingledine's avatar
Roger Dingledine committed
380
  V(PreferTunneledDirConns,      BOOL,     "1"),
381
  V(ProtocolWarnings,            BOOL,     "0"),
382
  V(PublishServerDescriptor,     CSV,      "1"),
383
384
385
386
387
388
389
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
390
  OBSOLETE("RedirectExit"),
391
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
392
  V(RejectPlaintextPorts,        CSV,      ""),
393
394
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
395
396
  OBSOLETE("RendExcludeNodes"),
  OBSOLETE("RendNodes"),
397
398
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
399
  OBSOLETE("RouterFile"),
400
  V(RunAsDaemon,                 BOOL,     "0"),
401
402
//  V(RunTesting,                  BOOL,     "0"),
  OBSOLETE("RunTesting"), // currently unused
403
  V(SafeLogging,                 STRING,   "1"),
404
  V(SafeSocks,                   BOOL,     "0"),
405
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
406
407
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
408
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
409
410
411
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
412
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
413
414
415
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
416
  VPORT(SocksPort,                   LINELIST, NULL),
417
  V(SocksTimeout,                INTERVAL, "2 minutes"),
418
  OBSOLETE("StatusFetchPeriod"),
419
  V(StrictNodes,                 BOOL,     "0"),
420
  OBSOLETE("SysLog"),
421
  V(TestSocks,                   BOOL,     "0"),
422
  OBSOLETE("TestVia"),
423
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
424
  V(Tor2webMode,                 BOOL,     "0"),
425
426
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
427
  OBSOLETE("TrafficShaping"),
428
  V(TransListenAddress,          LINELIST, NULL),
429
  VPORT(TransPort,                   LINELIST, NULL),
Roger Dingledine's avatar
Roger Dingledine committed
430
  V(TunnelDirConns,              BOOL,     "1"),
431
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
432
  V(UseBridges,                  BOOL,     "0"),
433
  V(UseEntryGuards,              BOOL,     "1"),
434
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
435
  V(User,                        STRING,   NULL),
436
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
437
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
438
  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
439
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
440
441
442
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
443
444
445
446
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
447
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
448
  V(V3BandwidthsFile,            FILENAME, NULL),
449
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
450
  V(VirtualAddrNetwork,          STRING,   "127.192.0.0/10"),
451
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
452
  V(_UseFilteringSSLBufferevents, BOOL,    "0"),
453
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
454
455
456
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
457
458
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
459
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
460
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
461
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
462
  V(_UsingTestNetworkDefaults,   BOOL,     "0"),
463

464
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
465
};
466

467
468
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
469
static const config_var_t testing_tor_network_defaults[] = {
470
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
471
472
473
474
475
476
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
477
  V(ClientRejectInternalAddresses, BOOL,   "0"),
478
  V(CountPrivateBandwidth,       BOOL,     "1"),
479
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
480
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
481
482
483
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
484
485
486
487
488
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
489
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
490
  V(_UsingTestNetworkDefaults,   BOOL,     "1"),
491

492
493
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
494
495
#undef VAR

496
497
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member),  \
498
      initvalue }
499
500

/** Array of "state" variables saved to the ~/.tor/state file. */
501
static config_var_t _state_vars[] = {
502
503
  /* Remember to document these in state-contents.txt ! */

504
505
506
507
508
  V(AccountingBytesReadInInterval,    MEMUNIT,  NULL),
  V(AccountingBytesWrittenInInterval, MEMUNIT,  NULL),
  V(AccountingExpectedUsage,          MEMUNIT,  NULL),
  V(AccountingIntervalStart,          ISOTIME,  NULL),
  V(AccountingSecondsActive,          INTERVAL, NULL),
509
510
511
  V(AccountingSecondsToReachSoftLimit,INTERVAL, NULL),
  V(AccountingSoftLimitHitAt,         ISOTIME,  NULL),
  V(AccountingBytesAtSoftLimit,       MEMUNIT,  NULL),
Roger Dingledine's avatar
Roger Dingledine committed
512

513
514
515
  VAR("EntryGuard",              LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardDownSince",     LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardUnlistedSince", LINELIST_S,  EntryGuards,             NULL),
516
  VAR("EntryGuardAddedBy",       LINELIST_S,  EntryGuards,             NULL),
517
  VAR("EntryGuardPathBias",      LINELIST_S,  EntryGuards,             NULL),
518
  V(EntryGuards,                 LINELIST_V,  NULL),
Nick Mathewson's avatar
Nick Mathewson committed
519

520
521
522
  VAR("TransportProxy",               LINELIST_S, TransportProxies, NULL),
  V(TransportProxies,                 LINELIST_V, NULL),

523
524
525
  V(BWHistoryReadEnds,                ISOTIME,  NULL),
  V(BWHistoryReadInterval,            UINT,     "900"),
  V(BWHistoryReadValues,              CSV,      ""),
526
  V(BWHistoryReadMaxima,              CSV,      ""),
527
528
529
  V(BWHistoryWriteEnds,               ISOTIME,  NULL),
  V(BWHistoryWriteInterval,           UINT,     "900"),
  V(BWHistoryWriteValues,             CSV,      ""),
530
  V(BWHistoryWriteMaxima,             CSV,      ""),
531
532
533
  V(BWHistoryDirReadEnds,             ISOTIME,  NULL),
  V(BWHistoryDirReadInterval,         UINT,     "900"),
  V(BWHistoryDirReadValues,           CSV,      ""),
534
  V(BWHistoryDirReadMaxima,           CSV,      ""),
535
536
537
  V(BWHistoryDirWriteEnds,            ISOTIME,  NULL),
  V(BWHistoryDirWriteInterval,        UINT,     "900"),
  V(BWHistoryDirWriteValues,          CSV,      ""),
538
  V(BWHistoryDirWriteMaxima,          CSV,      ""),
539

540
  V(TorVersion,                       STRING,   NULL),
541

542
543
  V(LastRotatedOnionKey,              ISOTIME,  NULL),
  V(LastWritten,                      ISOTIME,  NULL),
544

545
  V(TotalBuildTimes,                  UINT,     NULL),
546
  V(CircuitBuildAbandonedCount,       UINT,     "0"),
547
548
  VAR("CircuitBuildTimeBin",          LINELIST_S, BuildtimeHistogram, NULL),
  VAR("BuildtimeHistogram",           LINELIST_V, BuildtimeHistogram, NULL),
549
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
550
551
};

552
#undef VAR
553
#undef V
554
555
#undef OBSOLETE

556
557
/** Represents an English description of a configuration variable; used when
 * generating configuration file comments. */
558
559
560
561
562
typedef struct config_var_description_t {
  const char *name;
  const char *description;
} config_var_description_t;

563
/** Type of a callback to validate whether a given configuration is
Roger Dingledine's avatar
Roger Dingledine committed
564
 * well-formed and consistent. See options_trial_assign() for documentation
565
 * of arguments. */
566
typedef int (*validate_fn_t)(void*,void*,int,char**);
567

568
569
570
/** Information on the keys, value types, key-to-struct-member mappings,
 * variable descriptions, validation functions, and abbreviations for a
 * configuration or storage format. */
571
typedef struct {
572
573
574
  size_t size; /**< Size of the struct that everything gets parsed into. */
  uint32_t magic; /**< Required 'magic value' to make sure we have a struct
                   * of the right type. */
Roger Dingledine's avatar
Roger Dingledine committed
575
  off_t magic_offset; /**< Offset of the magic value within the struct. */
576
  config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
Roger Dingledine's avatar
Roger Dingledine committed
577
                             * parsing this format. */
578
579
580
  config_var_t *vars; /**< List of variables we recognize, their default
                       * values, and where we stick them in the structure. */
  validate_fn_t validate_fn; /**< Function to validate config. */
Roger Dingledine's avatar
Roger Dingledine committed
581
582
583
  /** If present, extra is a LINELIST variable for unrecognized
   * lines.  Otherwise, unrecognized lines are an error. */
  config_var_t *extra;
584
585
} config_format_t;

586
587
/** Macro: assert that <b>cfg</b> has the right magic field for format
 * <b>fmt</b>. */
588
#define CHECK(fmt, cfg) STMT_BEGIN                                      \
589
    tor_assert(fmt && cfg);                                             \
590
    tor_assert((fmt)->magic ==                                          \
591
               *(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset));        \
592
  STMT_END
593

594
#ifdef _WIN32
595
596
static char *get_windows_conf_root(void);
#endif
597
static void config_line_append(config_line_t **lst,
598
                               const char *key, const char *val);
599
600
601
602
603
static void option_clear(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var);
static void option_reset(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var, int use_defaults);
static void config_free(const config_format_t *fmt, void *options);
604
static int config_lines_eq(config_line_t *a, config_line_t *b);
605
static int config_count_key(const config_line_t *a, const char *key);
606
607
static int option_is_same(const config_format_t *fmt,
                          const or_options_t *o1, const or_options_t *o2,
608
                          const char *name);
609
610
611
612
static or_options_t *options_dup(const config_format_t *fmt,
                                 const or_options_t *old);
static int options_validate(or_options_t *old_options,
                            or_options_t *options,
613
                            int from_setconf, char **msg);
614
615
616
617
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
618
                                      char **msg);
619
620
621
622
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
623
static int check_nickname_list(const char *lst, const char *name, char **msg);
624

625
static int parse_bridge_line(const char *line, int validate_only);
George Kadianakis's avatar
George Kadianakis committed
626
static int parse_client_transport_line(const char *line, int validate_only);
627
628

static int parse_server_transport_line(const char *line, int validate_only);
629
static int parse_dir_server_line(const char *line,
630
                                 dirinfo_type_t required_type,
631
                                 int validate_only);
632
static void port_cfg_free(port_cfg_t *port);
633
static int parse_ports(or_options_t *options, int validate_only,
634
                              char **msg_out, int *n_ports_out);
635
636
637
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

638
static int validate_data_directory(or_options_t *options);
639
640
641
642
643
644
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
static config_line_t *get_assigned_option(const config_format_t *fmt,
                                        const void *options, const char *key,
                                        int escape_val);
static void config_init(const config_format_t *fmt, void *options);
645
static int or_state_validate(or_state_t *old_options, or_state_t *options,
646
                             int from_setconf, char **msg);
647
648
static int or_state_load(void);
static int options_init_logs(or_options_t *options, int validate_only);
649

650
static uint64_t config_parse_memunit(const char *s, int *ok);
651
static int config_parse_msec_interval(const char *s, int *ok);
652
static int config_parse_interval(const char *s, int *ok);
653
static void init_libevent(const or_options_t *options);
654
static int opt_streq(const char *s1, const char *s2);
655

656
/** Magic value for or_options_t. */
657
658
#define OR_OPTIONS_MAGIC 9090909

659
/** Configuration format for or_options_t. */
660
static config_format_t options_format = {
661
662
663
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
  STRUCT_OFFSET(or_options_t, _magic),
664
665
666
  _option_abbrevs,
  _option_vars,
  (validate_fn_t)options_validate,
667
  NULL
668
669
};

670
/** Magic value for or_state_t. */
671
672
#define OR_STATE_MAGIC 0x57A73f57

673
674
/** "Extra" variable in the state that receives lines we can't parse. This
 * lets us preserve options from versions of Tor newer than us. */
675
676
677
678
static config_var_t state_extra_var = {
  "__extra", CONFIG_TYPE_LINELIST, STRUCT_OFFSET(or_state_t, ExtraLines), NULL
};

679
/** Configuration format for or_state_t. */
680
static const config_format_t state_format = {
681
682
683
  sizeof(or_state_t),
  OR_STATE_MAGIC,
  STRUCT_OFFSET(or_state_t, _magic),
684
  _state_abbrevs,
685
686
  _state_vars,
  (validate_fn_t)or_state_validate,
687
  &state_extra_var,
688
689
};

690
691
692
693
694
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
695
static or_options_t *global_options = NULL;
696
697
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
698
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
699
/** Name of most recently read torrc file. */
700
static char *torrc_fname = NULL;
701
/** Name of the most recently read torrc-defaults file.*/
702
static char *torrc_defaults_fname;
703
/** Persistent serialized state. */
704
static or_state_t *global_state = NULL;
705
706
/** Configuration Options set by command line. */
static config_line_t *global_cmdline_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
707
/** Contents of most recently read DirPortFrontPage file. */
708
static char *global_dirfrontpagecontents = NULL;
709
710
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
711
712
713
714
715
716
717

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
718

719
/** Allocate an empty configuration object of a given format type. */
720
static void *
721
config_alloc(const config_format_t *fmt)
722
{
723
  void *opts = tor_malloc_zero(fmt->size);
724
  *(uint32_t*)STRUCT_VAR_P(opts, fmt->magic_offset) = fmt->magic;