config.c 244 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2012, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
13
#define CONFIG_PRIVATE

Roger Dingledine's avatar
Roger Dingledine committed
14
#include "or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
15
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
16
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
19
#include "connection_edge.h"
20
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
24
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "dns.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
26
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "networkstatus.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
31
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "router.h"
36
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "routerlist.h"
38
#include "transports.h"
39
#ifdef _WIN32
40
41
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
42

43
44
45
46
47
#include "procmon.h"

/* From main.c */
extern int quiet_level;

Nick Mathewson's avatar
Nick Mathewson committed
48
49
/** Enumeration of types which option values can take */
typedef enum config_type_t {
50
  CONFIG_TYPE_STRING = 0,   /**< An arbitrary string. */
51
  CONFIG_TYPE_FILENAME,     /**< A filename: some prefixes get expanded. */
52
  CONFIG_TYPE_UINT,         /**< A non-negative integer less than MAX_INT */
53
  CONFIG_TYPE_INT,          /**< Any integer. */
54
55
  CONFIG_TYPE_PORT,         /**< A port from 1...65535, 0 for "not set", or
                             * "auto".  */
56
  CONFIG_TYPE_INTERVAL,     /**< A number of seconds, with optional units*/
57
58
  CONFIG_TYPE_MSEC_INTERVAL,/**< A number of milliseconds, with optional
                              * units */
59
  CONFIG_TYPE_MEMUNIT,      /**< A number of bytes, with optional units*/
60
61
  CONFIG_TYPE_DOUBLE,       /**< A floating-point value */
  CONFIG_TYPE_BOOL,         /**< A boolean value, expressed as 0 or 1. */
62
63
  CONFIG_TYPE_AUTOBOOL,     /**< A boolean+auto value, expressed 0 for false,
                             * 1 for true, and -1 for auto  */
Nick Mathewson's avatar
Nick Mathewson committed
64
  CONFIG_TYPE_ISOTIME,      /**< An ISO-formatted time relative to GMT. */
65
66
  CONFIG_TYPE_CSV,          /**< A list of strings, separated by commas and
                              * optional whitespace. */
67
  CONFIG_TYPE_LINELIST,     /**< Uninterpreted config lines */
68
69
70
71
72
  CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
                             * mixed with other keywords. */
  CONFIG_TYPE_LINELIST_V,   /**< Catch-all "virtual" option to summarize
                             * context-sensitive config lines when fetching.
                             */
73
74
  CONFIG_TYPE_ROUTERSET,    /**< A list of router names, addrs, and fps,
                             * parsed into a routerset_t. */
75
  CONFIG_TYPE_OBSOLETE,     /**< Obsolete (ignored) option. */
Nick Mathewson's avatar
Nick Mathewson committed
76
} config_type_t;
77

78
/** An abbreviation for a configuration option allowed on the command line. */
79
typedef struct config_abbrev_t {
80
81
  const char *abbreviated;
  const char *full;
82
  int commandline_only;
83
  int warn;
84
85
} config_abbrev_t;

86
87
/* Handy macro for declaring "In the config file or on the command line,
 * you can abbreviate <b>tok</b>s as <b>tok</b>". */
88
#define PLURAL(tok) { #tok, #tok "s", 0, 0 }
89

90
91
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
92
static config_abbrev_t _option_abbrevs[] = {
93
94
95
96
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
97
  PLURAL(ExitNode),
98
  PLURAL(EntryNode),
99
100
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
101
  PLURAL(LongLivedPort),
102
103
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
104
  PLURAL(NumCPU),
105
106
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
107
108
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
109
  PLURAL(StrictNode),
110
  { "l", "Log", 1, 0},
111
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
112
113
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
114
115
116
117
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
  { "MaxConn", "ConnLimit", 0, 1},
118
119
120
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
121
122
123
124
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
125
126
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
127
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
128
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
129
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
130
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
131
132
  { "StrictEntryNodes", "StrictNodes", 0, 1},
  { "StrictExitNodes", "StrictNodes", 0, 1},
133
134
  { NULL, NULL, 0, 0},
};
135
136

/** A list of state-file "abbreviations," for compatibility. */
137
static config_abbrev_t _state_abbrevs[] = {
138
  { "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
139
140
141
142
143
144
  { "HelperNode", "EntryGuard", 0, 0 },
  { "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
  { "EntryNode", "EntryGuard", 0, 0 },
  { "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
145
  { NULL, NULL, 0, 0},
146
};
147
#undef PLURAL
148

149
/** A variable allowed in the configuration file or on the command line. */
150
typedef struct config_var_t {
151
  const char *name; /**< The full keyword (case insensitive). */
152
153
  config_type_t type; /**< How to interpret the type and turn it into a
                       * value. */
154
155
  off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
  const char *initvalue; /**< String (or null) describing initial value. */
156
157
} config_var_t;

Nick Mathewson's avatar
Nick Mathewson committed
158
159
160
161
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
162
163
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
164
      initvalue }
165
166
167
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
168
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
169
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
170

171
172
173
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
174
175
176
177
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
178
static config_var_t _option_vars[] = {
179
  OBSOLETE("AccountingMaxKB"),
180
181
182
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
183
  V(AllowDotExit,                BOOL,     "0"),
184
185
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
186
187
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
188
189
190
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
  V(AlternateHSAuthority,        LINELIST, NULL),
191
  V(AssumeReachable,             BOOL,     "0"),
192
  V(AuthDirBadDir,               LINELIST, NULL),
193
  V(AuthDirBadDirCCs,            CSV,      ""),
194
  V(AuthDirBadExit,              LINELIST, NULL),
195
  V(AuthDirBadExitCCs,           CSV,      ""),
196
  V(AuthDirInvalid,              LINELIST, NULL),
197
  V(AuthDirInvalidCCs,           CSV,      ""),
198
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
199
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
200
  V(AuthDirReject,               LINELIST, NULL),
201
  V(AuthDirRejectCCs,            CSV,      ""),
202
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
203
  V(AuthDirListBadDirs,          BOOL,     "0"),
204
  V(AuthDirListBadExits,         BOOL,     "0"),
205
206
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
207
208
209
210
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
211
212
  V(BandwidthBurst,              MEMUNIT,  "10 MB"),
  V(BandwidthRate,               MEMUNIT,  "5 MB"),
213
214
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
215
  V(BridgePassword,              STRING,   NULL),
216
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
217
  V(BridgeRelay,                 BOOL,     "0"),
218
  V(CellStatistics,              BOOL,     "0"),
219
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
220
  V(CircuitBuildTimeout,         INTERVAL, "0"),
221
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
222
  V(CircuitStreamTimeout,        INTERVAL, "0"),
223
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
224
225
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
226
  V(ClientRejectInternalAddresses, BOOL,   "1"),
227
  V(ClientTransportPlugin,       LINELIST, NULL),
228
  V(ConsensusParams,             STRING,   NULL),
229
  V(ConnLimit,                   UINT,     "1000"),
230
  V(ConnDirectionStatistics,     BOOL,     "0"),
231
232
233
234
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
235
  VPORT(ControlPort,                 LINELIST, NULL),
236
  V(ControlPortFileGroupReadable,BOOL,     "0"),
237
  V(ControlPortWriteToFile,      FILENAME, NULL),
238
  V(ControlSocket,               LINELIST, NULL),
239
  V(ControlSocketsGroupWritable, BOOL,     "0"),
240
241
242
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
243
  V(CountPrivateBandwidth,       BOOL,     "0"),
244
  V(DataDirectory,               FILENAME, NULL),
245
  OBSOLETE("DebugLogFile"),
246
  V(DisableNetwork,              BOOL,     "0"),
247
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
248
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
249
  V(DirListenAddress,            LINELIST, NULL),
250
  OBSOLETE("DirFetchPeriod"),
251
  V(DirPolicy,                   LINELIST, NULL),
252
  VPORT(DirPort,                     LINELIST, NULL),
253
  V(DirPortFrontPage,            FILENAME, NULL),
254
  OBSOLETE("DirPostPeriod"),
255
256
257
258
  OBSOLETE("DirRecordUsageByCountry"),
  OBSOLETE("DirRecordUsageGranularity"),
  OBSOLETE("DirRecordUsageRetainIPs"),
  OBSOLETE("DirRecordUsageSaveInterval"),
259
  V(DirReqStatistics,            BOOL,     "1"),
260
  VAR("DirServer",               LINELIST, DirServers, NULL),
261
  V(DisableAllSwap,              BOOL,     "0"),
262
  V(DisableDebuggerAttachment,   BOOL,     "1"),
263
  V(DisableIOCP,                 BOOL,     "1"),
264
  V(DynamicDHGroups,             BOOL,     "0"),
265
  VPORT(DNSPort,                     LINELIST, NULL),
266
267
268
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
  V(EnforceDistinctSubnets,      BOOL,     "1"),
269
  V(EntryNodes,                  ROUTERSET,   NULL),
270
  V(EntryStatistics,             BOOL,     "0"),
271
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
272
273
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
274
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
275
  V(ExitNodes,                   ROUTERSET, NULL),
276
277
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
278
  V(ExitPortStatistics,          BOOL,     "0"),
279
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
280
  V(ExtraInfoStatistics,         BOOL,     "1"),
281

valerino's avatar
valerino committed
282
283
284
#if defined (WINCE)
  V(FallbackNetworkstatusFile,   FILENAME, "fallback-consensus"),
#else
285
  V(FallbackNetworkstatusFile,   FILENAME,
286
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
valerino's avatar
valerino committed
287
#endif
288
289
290
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
  V(FastFirstHopPK,              BOOL,     "1"),
291
  V(FetchDirInfoEarly,           BOOL,     "0"),
292
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
293
294
295
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
296
  V(FetchV2Networkstatus,        BOOL,     "0"),
297
#ifdef _WIN32
298
  V(GeoIPFile,                   FILENAME, "<default>"),
299
#else
300
301
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
302
#endif
303
  OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
304
  OBSOLETE("Group"),
305
  V(HardwareAccel,               BOOL,     "0"),
306
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
307
308
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
309
  V(HashedControlPassword,       LINELIST, NULL),
310
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
311
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
312
313
  OBSOLETE("HiddenServiceExcludeNodes"),
  OBSOLETE("HiddenServiceNodes"),
Nick Mathewson's avatar
Nick Mathewson committed
314
315
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
316
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
317
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
318
  V(HidServAuth,                 LINELIST, NULL),
319
  V(HSAuthoritativeDir,          BOOL,     "0"),
320
  OBSOLETE("HSAuthorityRecordStats"),
321
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
322
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
323
324
325
326
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
327
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
328
329
330
331
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
332
  OBSOLETE("IgnoreVersion"),
333
334
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
335
  V(LogMessageDomains,           BOOL,     "0"),
336
  OBSOLETE("LinkPadding"),
337
338
  OBSOLETE("LogLevel"),
  OBSOLETE("LogFile"),
339
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
340
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
341
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
342
343
344
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
345
  V(MaxClientCircuitsPending,    UINT,     "32"),
346
  V(MaxOnionsPending,            UINT,     "100"),
347
  OBSOLETE("MonthlyAccountingStart"),
348
349
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
350
  VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
351
  V(NATDListenAddress,           LINELIST, NULL),
352
  VPORT(NATDPort,                    LINELIST, NULL),
353
  V(Nickname,                    STRING,   NULL),
354
  V(WarnUnsafeSocks,              BOOL,     "1"),
Sebastian Hahn's avatar
Sebastian Hahn committed
355
  OBSOLETE("NoPublish"),
356
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
357
  V(NumCPUs,                     UINT,     "0"),
358
359
  V(NumEntryGuards,              UINT,     "3"),
  V(ORListenAddress,             LINELIST, NULL),
360
  VPORT(ORPort,                      LINELIST, NULL),
361
  V(OutboundBindAddress,         STRING,   NULL),
362
363
364
365
366
367
368

  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
  V(PathBiasDisableRate,         DOUBLE,   "-1"),
  V(PathBiasScaleThreshold,      INT,      "-1"),
  V(PathBiasScaleFactor,         INT,      "-1"),

369
  OBSOLETE("PathlenCoinWeight"),
370
371
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
372
  V(PidFile,                     STRING,   NULL),
373
  V(TestingTorNetwork,           BOOL,     "0"),
374
  V(OptimisticData,              AUTOBOOL, "auto"),
375
376
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
Roger Dingledine's avatar
Roger Dingledine committed
377
  V(PreferTunneledDirConns,      BOOL,     "1"),
378
  V(ProtocolWarnings,            BOOL,     "0"),
379
  V(PublishServerDescriptor,     CSV,      "1"),
380
381
382
383
384
385
386
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
387
  OBSOLETE("RedirectExit"),
388
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
389
  V(RejectPlaintextPorts,        CSV,      ""),
390
391
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
392
393
  OBSOLETE("RendExcludeNodes"),
  OBSOLETE("RendNodes"),
394
395
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
396
  OBSOLETE("RouterFile"),
397
  V(RunAsDaemon,                 BOOL,     "0"),
398
399
//  V(RunTesting,                  BOOL,     "0"),
  OBSOLETE("RunTesting"), // currently unused
400
  V(SafeLogging,                 STRING,   "1"),
401
  V(SafeSocks,                   BOOL,     "0"),
402
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
403
404
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
405
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
406
407
408
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
409
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
410
411
412
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
413
  VPORT(SocksPort,                   LINELIST, NULL),
414
  V(SocksTimeout,                INTERVAL, "2 minutes"),
415
  OBSOLETE("StatusFetchPeriod"),
416
  V(StrictNodes,                 BOOL,     "0"),
417
  OBSOLETE("SysLog"),
418
  V(TestSocks,                   BOOL,     "0"),
419
  OBSOLETE("TestVia"),
420
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
421
  V(Tor2webMode,                 BOOL,     "0"),
422
423
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
424
  OBSOLETE("TrafficShaping"),
425
  V(TransListenAddress,          LINELIST, NULL),
426
  VPORT(TransPort,                   LINELIST, NULL),
Roger Dingledine's avatar
Roger Dingledine committed
427
  V(TunnelDirConns,              BOOL,     "1"),
428
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
429
  V(UseBridges,                  BOOL,     "0"),
430
  V(UseEntryGuards,              BOOL,     "1"),
431
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
432
  V(User,                        STRING,   NULL),
433
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
434
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
435
  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
436
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
437
438
439
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
440
441
442
443
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
444
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
445
  V(V3BandwidthsFile,            FILENAME, NULL),
446
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
447
  V(VirtualAddrNetwork,          STRING,   "127.192.0.0/10"),
448
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
449
  V(_UseFilteringSSLBufferevents, BOOL,    "0"),
450
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
451
452
453
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
454
455
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
456
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
457
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
458
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
459
  V(_UsingTestNetworkDefaults,   BOOL,     "0"),
460

461
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
462
};
463

464
465
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
466
static const config_var_t testing_tor_network_defaults[] = {
467
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
468
469
470
471
472
473
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
474
  V(ClientRejectInternalAddresses, BOOL,   "0"),
475
  V(CountPrivateBandwidth,       BOOL,     "1"),
476
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
477
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
478
479
480
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
481
482
483
484
485
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
486
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
487
  V(_UsingTestNetworkDefaults,   BOOL,     "1"),
488

489
490
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
491
492
#undef VAR

493
494
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member),  \
495
      initvalue }
496
497

/** Array of "state" variables saved to the ~/.tor/state file. */
498
static config_var_t _state_vars[] = {
499
500
  /* Remember to document these in state-contents.txt ! */

501
502
503
504
505
  V(AccountingBytesReadInInterval,    MEMUNIT,  NULL),
  V(AccountingBytesWrittenInInterval, MEMUNIT,  NULL),
  V(AccountingExpectedUsage,          MEMUNIT,  NULL),
  V(AccountingIntervalStart,          ISOTIME,  NULL),
  V(AccountingSecondsActive,          INTERVAL, NULL),
506
507
508
  V(AccountingSecondsToReachSoftLimit,INTERVAL, NULL),
  V(AccountingSoftLimitHitAt,         ISOTIME,  NULL),
  V(AccountingBytesAtSoftLimit,       MEMUNIT,  NULL),
Roger Dingledine's avatar
Roger Dingledine committed
509

510
511
512
  VAR("EntryGuard",              LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardDownSince",     LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardUnlistedSince", LINELIST_S,  EntryGuards,             NULL),
513
  VAR("EntryGuardAddedBy",       LINELIST_S,  EntryGuards,             NULL),
514
  VAR("EntryGuardPathBias",      LINELIST_S,  EntryGuards,             NULL),
515
  V(EntryGuards,                 LINELIST_V,  NULL),
Nick Mathewson's avatar
Nick Mathewson committed
516

517
518
519
  VAR("TransportProxy",               LINELIST_S, TransportProxies, NULL),
  V(TransportProxies,                 LINELIST_V, NULL),

520
521
522
  V(BWHistoryReadEnds,                ISOTIME,  NULL),
  V(BWHistoryReadInterval,            UINT,     "900"),
  V(BWHistoryReadValues,              CSV,      ""),
523
  V(BWHistoryReadMaxima,              CSV,      ""),
524
525
526
  V(BWHistoryWriteEnds,               ISOTIME,  NULL),
  V(BWHistoryWriteInterval,           UINT,     "900"),
  V(BWHistoryWriteValues,             CSV,      ""),
527
  V(BWHistoryWriteMaxima,             CSV,      ""),
528
529
530
  V(BWHistoryDirReadEnds,             ISOTIME,  NULL),
  V(BWHistoryDirReadInterval,         UINT,     "900"),
  V(BWHistoryDirReadValues,           CSV,      ""),
531
  V(BWHistoryDirReadMaxima,           CSV,      ""),
532
533
534
  V(BWHistoryDirWriteEnds,            ISOTIME,  NULL),
  V(BWHistoryDirWriteInterval,        UINT,     "900"),
  V(BWHistoryDirWriteValues,          CSV,      ""),
535
  V(BWHistoryDirWriteMaxima,          CSV,      ""),
536

537
  V(TorVersion,                       STRING,   NULL),
538

539
540
  V(LastRotatedOnionKey,              ISOTIME,  NULL),
  V(LastWritten,                      ISOTIME,  NULL),
541

542
  V(TotalBuildTimes,                  UINT,     NULL),
543
  V(CircuitBuildAbandonedCount,       UINT,     "0"),
544
545
  VAR("CircuitBuildTimeBin",          LINELIST_S, BuildtimeHistogram, NULL),
  VAR("BuildtimeHistogram",           LINELIST_V, BuildtimeHistogram, NULL),
546
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
547
548
};

549
#undef VAR
550
#undef V
551
552
#undef OBSOLETE

553
554
/** Represents an English description of a configuration variable; used when
 * generating configuration file comments. */
555
556
557
558
559
typedef struct config_var_description_t {
  const char *name;
  const char *description;
} config_var_description_t;

560
/** Type of a callback to validate whether a given configuration is
Roger Dingledine's avatar
Roger Dingledine committed
561
 * well-formed and consistent. See options_trial_assign() for documentation
562
 * of arguments. */
563
typedef int (*validate_fn_t)(void*,void*,int,char**);
564

565
566
567
/** Information on the keys, value types, key-to-struct-member mappings,
 * variable descriptions, validation functions, and abbreviations for a
 * configuration or storage format. */
568
typedef struct {
569
570
571
  size_t size; /**< Size of the struct that everything gets parsed into. */
  uint32_t magic; /**< Required 'magic value' to make sure we have a struct
                   * of the right type. */
Roger Dingledine's avatar
Roger Dingledine committed
572
  off_t magic_offset; /**< Offset of the magic value within the struct. */
573
  config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
Roger Dingledine's avatar
Roger Dingledine committed
574
                             * parsing this format. */
575
576
577
  config_var_t *vars; /**< List of variables we recognize, their default
                       * values, and where we stick them in the structure. */
  validate_fn_t validate_fn; /**< Function to validate config. */
Roger Dingledine's avatar
Roger Dingledine committed
578
579
580
  /** If present, extra is a LINELIST variable for unrecognized
   * lines.  Otherwise, unrecognized lines are an error. */
  config_var_t *extra;
581
582
} config_format_t;

583
584
/** Macro: assert that <b>cfg</b> has the right magic field for format
 * <b>fmt</b>. */
585
#define CHECK(fmt, cfg) STMT_BEGIN                                      \
586
    tor_assert(fmt && cfg);                                             \
587
    tor_assert((fmt)->magic ==                                          \
588
               *(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset));        \
589
  STMT_END
590

591
#ifdef _WIN32
592
593
static char *get_windows_conf_root(void);
#endif
594
static void config_line_append(config_line_t **lst,
595
                               const char *key, const char *val);
596
597
598
599
600
static void option_clear(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var);
static void option_reset(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var, int use_defaults);
static void config_free(const config_format_t *fmt, void *options);
601
static int config_lines_eq(config_line_t *a, config_line_t *b);
602
static int config_count_key(const config_line_t *a, const char *key);
603
604
static int option_is_same(const config_format_t *fmt,
                          const or_options_t *o1, const or_options_t *o2,
605
                          const char *name);
606
607
608
609
static or_options_t *options_dup(const config_format_t *fmt,
                                 const or_options_t *old);
static int options_validate(or_options_t *old_options,
                            or_options_t *options,
610
                            int from_setconf, char **msg);
611
612
613
614
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
615
                                      char **msg);
616
617
618
619
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
620
static int check_nickname_list(const char *lst, const char *name, char **msg);
621

622
static int parse_bridge_line(const char *line, int validate_only);
George Kadianakis's avatar
George Kadianakis committed
623
static int parse_client_transport_line(const char *line, int validate_only);
624
625

static int parse_server_transport_line(const char *line, int validate_only);
626
static int parse_dir_server_line(const char *line,
627
                                 dirinfo_type_t required_type,
628
                                 int validate_only);
629
static void port_cfg_free(port_cfg_t *port);
630
static int parse_ports(or_options_t *options, int validate_only,
631
                              char **msg_out, int *n_ports_out);
632
633
634
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

635
static int validate_data_directory(or_options_t *options);
636
637
638
639
640
641
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
static config_line_t *get_assigned_option(const config_format_t *fmt,
                                        const void *options, const char *key,
                                        int escape_val);
static void config_init(const config_format_t *fmt, void *options);
642
static int or_state_validate(or_state_t *old_options, or_state_t *options,
643
                             int from_setconf, char **msg);
644
645
static int or_state_load(void);
static int options_init_logs(or_options_t *options, int validate_only);
646

647
static uint64_t config_parse_memunit(const char *s, int *ok);
648
static int config_parse_msec_interval(const char *s, int *ok);
649
static int config_parse_interval(const char *s, int *ok);
650
static void init_libevent(const or_options_t *options);
651
static int opt_streq(const char *s1, const char *s2);
652

653
/** Magic value for or_options_t. */
654
655
#define OR_OPTIONS_MAGIC 9090909

656
/** Configuration format for or_options_t. */
657
static config_format_t options_format = {
658
659
660
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
  STRUCT_OFFSET(or_options_t, _magic),
661
662
663
  _option_abbrevs,
  _option_vars,
  (validate_fn_t)options_validate,
664
  NULL
665
666
};

667
/** Magic value for or_state_t. */
668
669
#define OR_STATE_MAGIC 0x57A73f57

670
671
/** "Extra" variable in the state that receives lines we can't parse. This
 * lets us preserve options from versions of Tor newer than us. */
672
673
674
675
static config_var_t state_extra_var = {
  "__extra", CONFIG_TYPE_LINELIST, STRUCT_OFFSET(or_state_t, ExtraLines), NULL
};

676
/** Configuration format for or_state_t. */
677
static const config_format_t state_format = {
678
679
680
  sizeof(or_state_t),
  OR_STATE_MAGIC,
  STRUCT_OFFSET(or_state_t, _magic),
681
  _state_abbrevs,
682
683
  _state_vars,
  (validate_fn_t)or_state_validate,
684
  &state_extra_var,
685
686
};

687
688
689
690
691
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
692
static or_options_t *global_options = NULL;
693
694
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
695
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
696
/** Name of most recently read torrc file. */
697
static char *torrc_fname = NULL;
698
/** Name of the most recently read torrc-defaults file.*/
699
static char *torrc_defaults_fname;
700
/** Persistent serialized state. */
701
static or_state_t *global_state = NULL;
702
703
/** Configuration Options set by command line. */
static config_line_t *global_cmdline_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
704
/** Contents of most recently read DirPortFrontPage file. */
705
static char *global_dirfrontpagecontents = NULL;
706
707
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
708
709
710
711
712
713
714

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
715

716
/** Allocate an empty configuration object of a given format type. */
717
static void *
718
config_alloc(const config_format_t *fmt)
719
{
720
  void *opts = tor_malloc_zero(fmt->size);
721
  *(uint32_t*)STRUCT_VAR_P(opts, fmt->magic_offset) = fmt->magic;
722
723
724
725
  CHECK(fmt, opts);
  return opts;
}

726
727
/** Return the currently configured options. */
or_options_t *
728
get_options_mutable(void)
729
{
730
731
732
  tor_assert(global_options);
  return global_options;
}