config.c 244 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2012, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
13
#define CONFIG_PRIVATE

Roger Dingledine's avatar
Roger Dingledine committed
14
#include "or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
15
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
16
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
19
#include "connection_edge.h"
20
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
24
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "dns.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
26
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "networkstatus.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
31
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "router.h"
36
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "routerlist.h"
38
#include "transports.h"
39
#ifdef _WIN32
40
41
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
42

43
44
45
46
47
#include "procmon.h"

/* From main.c */
extern int quiet_level;

Nick Mathewson's avatar
Nick Mathewson committed
48
49
/** Enumeration of types which option values can take */
typedef enum config_type_t {
50
  CONFIG_TYPE_STRING = 0,   /**< An arbitrary string. */
51
  CONFIG_TYPE_FILENAME,     /**< A filename: some prefixes get expanded. */
52
  CONFIG_TYPE_UINT,         /**< A non-negative integer less than MAX_INT */
53
  CONFIG_TYPE_INT,          /**< Any integer. */
54
55
  CONFIG_TYPE_PORT,         /**< A port from 1...65535, 0 for "not set", or
                             * "auto".  */
56
  CONFIG_TYPE_INTERVAL,     /**< A number of seconds, with optional units*/
57
58
  CONFIG_TYPE_MSEC_INTERVAL,/**< A number of milliseconds, with optional
                              * units */
59
  CONFIG_TYPE_MEMUNIT,      /**< A number of bytes, with optional units*/
60
61
  CONFIG_TYPE_DOUBLE,       /**< A floating-point value */
  CONFIG_TYPE_BOOL,         /**< A boolean value, expressed as 0 or 1. */
62
63
  CONFIG_TYPE_AUTOBOOL,     /**< A boolean+auto value, expressed 0 for false,
                             * 1 for true, and -1 for auto  */
Nick Mathewson's avatar
Nick Mathewson committed
64
  CONFIG_TYPE_ISOTIME,      /**< An ISO-formatted time relative to GMT. */
65
66
  CONFIG_TYPE_CSV,          /**< A list of strings, separated by commas and
                              * optional whitespace. */
67
  CONFIG_TYPE_LINELIST,     /**< Uninterpreted config lines */
68
69
70
71
72
  CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
                             * mixed with other keywords. */
  CONFIG_TYPE_LINELIST_V,   /**< Catch-all "virtual" option to summarize
                             * context-sensitive config lines when fetching.
                             */
73
74
  CONFIG_TYPE_ROUTERSET,    /**< A list of router names, addrs, and fps,
                             * parsed into a routerset_t. */
75
  CONFIG_TYPE_OBSOLETE,     /**< Obsolete (ignored) option. */
Nick Mathewson's avatar
Nick Mathewson committed
76
} config_type_t;
77

78
/** An abbreviation for a configuration option allowed on the command line. */
79
typedef struct config_abbrev_t {
80
81
  const char *abbreviated;
  const char *full;
82
  int commandline_only;
83
  int warn;
84
85
} config_abbrev_t;

86
87
/* Handy macro for declaring "In the config file or on the command line,
 * you can abbreviate <b>tok</b>s as <b>tok</b>". */
88
#define PLURAL(tok) { #tok, #tok "s", 0, 0 }
89

90
91
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
92
static config_abbrev_t _option_abbrevs[] = {
93
94
95
96
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
97
  PLURAL(ExitNode),
98
  PLURAL(EntryNode),
99
100
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
101
  PLURAL(LongLivedPort),
102
103
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
104
  PLURAL(NumCPU),
105
106
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
107
108
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
109
  PLURAL(StrictNode),
110
  { "l", "Log", 1, 0},
111
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
112
113
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
114
115
116
117
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
  { "MaxConn", "ConnLimit", 0, 1},
118
119
120
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
121
122
123
124
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
125
126
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
127
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
128
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
129
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
130
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
131
132
  { "StrictEntryNodes", "StrictNodes", 0, 1},
  { "StrictExitNodes", "StrictNodes", 0, 1},
133
134
  { NULL, NULL, 0, 0},
};
135
136

/** A list of state-file "abbreviations," for compatibility. */
137
static config_abbrev_t _state_abbrevs[] = {
138
  { "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
139
140
141
142
143
144
  { "HelperNode", "EntryGuard", 0, 0 },
  { "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
  { "EntryNode", "EntryGuard", 0, 0 },
  { "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
145
  { NULL, NULL, 0, 0},
146
};
147
#undef PLURAL
148

149
/** A variable allowed in the configuration file or on the command line. */
150
typedef struct config_var_t {
151
  const char *name; /**< The full keyword (case insensitive). */
152
153
  config_type_t type; /**< How to interpret the type and turn it into a
                       * value. */
154
155
  off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
  const char *initvalue; /**< String (or null) describing initial value. */
156
157
} config_var_t;

Nick Mathewson's avatar
Nick Mathewson committed
158
159
160
161
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
162
163
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
164
      initvalue }
165
166
167
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
168
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
169
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
170

171
172
173
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
174
175
176
177
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
178
static config_var_t _option_vars[] = {
179
  OBSOLETE("AccountingMaxKB"),
180
181
182
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
183
  V(AllowDotExit,                BOOL,     "0"),
184
185
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
186
187
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
188
189
190
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
  V(AlternateHSAuthority,        LINELIST, NULL),
191
  V(AssumeReachable,             BOOL,     "0"),
192
  V(AuthDirBadDir,               LINELIST, NULL),
193
  V(AuthDirBadDirCCs,            CSV,      ""),
194
  V(AuthDirBadExit,              LINELIST, NULL),
195
  V(AuthDirBadExitCCs,           CSV,      ""),
196
  V(AuthDirInvalid,              LINELIST, NULL),
197
  V(AuthDirInvalidCCs,           CSV,      ""),
198
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
199
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
200
  V(AuthDirReject,               LINELIST, NULL),
201
  V(AuthDirRejectCCs,            CSV,      ""),
202
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
203
  V(AuthDirListBadDirs,          BOOL,     "0"),
204
  V(AuthDirListBadExits,         BOOL,     "0"),
205
206
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
207
208
209
210
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
211
212
  V(BandwidthBurst,              MEMUNIT,  "10 MB"),
  V(BandwidthRate,               MEMUNIT,  "5 MB"),
213
214
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
215
  V(BridgePassword,              STRING,   NULL),
216
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
217
  V(BridgeRelay,                 BOOL,     "0"),
218
  V(CellStatistics,              BOOL,     "0"),
219
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
220
  V(CircuitBuildTimeout,         INTERVAL, "0"),
221
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
222
  V(CircuitStreamTimeout,        INTERVAL, "0"),
223
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
224
225
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
226
  V(ClientRejectInternalAddresses, BOOL,   "1"),
227
  V(ClientTransportPlugin,       LINELIST, NULL),
228
  V(ConsensusParams,             STRING,   NULL),
229
  V(ConnLimit,                   UINT,     "1000"),
230
  V(ConnDirectionStatistics,     BOOL,     "0"),
231
232
233
234
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
235
  VPORT(ControlPort,                 LINELIST, NULL),
236
  V(ControlPortFileGroupReadable,BOOL,     "0"),
237
  V(ControlPortWriteToFile,      FILENAME, NULL),
238
  V(ControlSocket,               LINELIST, NULL),
239
  V(ControlSocketsGroupWritable, BOOL,     "0"),
240
241
242
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
243
  V(CountPrivateBandwidth,       BOOL,     "0"),
244
  V(DataDirectory,               FILENAME, NULL),
245
  OBSOLETE("DebugLogFile"),
246
  V(DisableNetwork,              BOOL,     "0"),
247
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
248
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
249
  V(DirListenAddress,            LINELIST, NULL),
250
  OBSOLETE("DirFetchPeriod"),
251
  V(DirPolicy,                   LINELIST, NULL),
252
  VPORT(DirPort,                     LINELIST, NULL),
253
  V(DirPortFrontPage,            FILENAME, NULL),
254
  OBSOLETE("DirPostPeriod"),
255
256
257
258
  OBSOLETE("DirRecordUsageByCountry"),
  OBSOLETE("DirRecordUsageGranularity"),
  OBSOLETE("DirRecordUsageRetainIPs"),
  OBSOLETE("DirRecordUsageSaveInterval"),
259
  V(DirReqStatistics,            BOOL,     "1"),
260
  VAR("DirServer",               LINELIST, DirServers, NULL),
261
  V(DisableAllSwap,              BOOL,     "0"),
262
  V(DisableDebuggerAttachment,   BOOL,     "1"),
263
  V(DisableIOCP,                 BOOL,     "1"),
264
  V(DynamicDHGroups,             BOOL,     "0"),
265
  VPORT(DNSPort,                     LINELIST, NULL),
266
267
268
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
  V(EnforceDistinctSubnets,      BOOL,     "1"),
269
  V(EntryNodes,                  ROUTERSET,   NULL),
270
  V(EntryStatistics,             BOOL,     "0"),
271
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
272
273
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
274
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
275
  V(ExitNodes,                   ROUTERSET, NULL),
276
277
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
278
  V(ExitPortStatistics,          BOOL,     "0"),
279
  V(ExtraInfoStatistics,         BOOL,     "1"),
280

valerino's avatar
valerino committed
281
282
283
#if defined (WINCE)
  V(FallbackNetworkstatusFile,   FILENAME, "fallback-consensus"),
#else
284
  V(FallbackNetworkstatusFile,   FILENAME,
285
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
valerino's avatar
valerino committed
286
#endif
287
288
289
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
  V(FastFirstHopPK,              BOOL,     "1"),
290
  V(FetchDirInfoEarly,           BOOL,     "0"),
291
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
292
293
294
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
295
  V(FetchV2Networkstatus,        BOOL,     "0"),
296
#ifdef _WIN32
297
  V(GeoIPFile,                   FILENAME, "<default>"),
298
#else
299
300
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
301
#endif
302
  OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
303
  OBSOLETE("Group"),
304
  V(HardwareAccel,               BOOL,     "0"),
305
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
306
307
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
308
  V(HashedControlPassword,       LINELIST, NULL),
309
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
310
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
311
312
  OBSOLETE("HiddenServiceExcludeNodes"),
  OBSOLETE("HiddenServiceNodes"),
Nick Mathewson's avatar
Nick Mathewson committed
313
314
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
315
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
316
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
317
  V(HidServAuth,                 LINELIST, NULL),
318
  V(HSAuthoritativeDir,          BOOL,     "0"),
319
  OBSOLETE("HSAuthorityRecordStats"),
320
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
321
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
322
323
324
325
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
326
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
327
328
329
330
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
331
  OBSOLETE("IgnoreVersion"),
332
333
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
334
  V(LogMessageDomains,           BOOL,     "0"),
335
  OBSOLETE("LinkPadding"),
336
337
  OBSOLETE("LogLevel"),
  OBSOLETE("LogFile"),
338
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
339
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
340
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
341
342
343
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
344
  V(MaxClientCircuitsPending,    UINT,     "32"),
345
  V(MaxOnionsPending,            UINT,     "100"),
346
  OBSOLETE("MonthlyAccountingStart"),
347
348
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
349
  VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
350
  V(NATDListenAddress,           LINELIST, NULL),
351
  VPORT(NATDPort,                    LINELIST, NULL),
352
  V(Nickname,                    STRING,   NULL),
353
  V(WarnUnsafeSocks,              BOOL,     "1"),
Sebastian Hahn's avatar
Sebastian Hahn committed
354
  OBSOLETE("NoPublish"),
355
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
356
  V(NumCPUs,                     UINT,     "0"),
357
358
  V(NumEntryGuards,              UINT,     "3"),
  V(ORListenAddress,             LINELIST, NULL),
359
  VPORT(ORPort,                      LINELIST, NULL),
360
  V(OutboundBindAddress,         STRING,   NULL),
361
362
363
364
365
366
367

  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
  V(PathBiasDisableRate,         DOUBLE,   "-1"),
  V(PathBiasScaleThreshold,      INT,      "-1"),
  V(PathBiasScaleFactor,         INT,      "-1"),

368
  OBSOLETE("PathlenCoinWeight"),
369
370
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
371
  V(PidFile,                     STRING,   NULL),
372
  V(TestingTorNetwork,           BOOL,     "0"),
373
  V(OptimisticData,              AUTOBOOL, "auto"),
374
375
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
Roger Dingledine's avatar
Roger Dingledine committed
376
  V(PreferTunneledDirConns,      BOOL,     "1"),
377
  V(ProtocolWarnings,            BOOL,     "0"),
378
  V(PublishServerDescriptor,     CSV,      "1"),
379
380
381
382
383
384
385
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
386
  OBSOLETE("RedirectExit"),
387
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
388
  V(RejectPlaintextPorts,        CSV,      ""),
389
390
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
391
392
  OBSOLETE("RendExcludeNodes"),
  OBSOLETE("RendNodes"),
393
394
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
395
  OBSOLETE("RouterFile"),
396
  V(RunAsDaemon,                 BOOL,     "0"),
397
398
//  V(RunTesting,                  BOOL,     "0"),
  OBSOLETE("RunTesting"), // currently unused
399
  V(SafeLogging,                 STRING,   "1"),
400
  V(SafeSocks,                   BOOL,     "0"),
401
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
402
403
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
404
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
405
406
407
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
408
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
409
410
411
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
412
  VPORT(SocksPort,                   LINELIST, NULL),
413
  V(SocksTimeout,                INTERVAL, "2 minutes"),
414
  OBSOLETE("StatusFetchPeriod"),
415
  V(StrictNodes,                 BOOL,     "0"),
416
  OBSOLETE("SysLog"),
417
  V(TestSocks,                   BOOL,     "0"),
418
  OBSOLETE("TestVia"),
419
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
420
  V(Tor2webMode,                 BOOL,     "0"),
421
422
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
423
  OBSOLETE("TrafficShaping"),
424
  V(TransListenAddress,          LINELIST, NULL),
425
  VPORT(TransPort,                   LINELIST, NULL),
Roger Dingledine's avatar
Roger Dingledine committed
426
  V(TunnelDirConns,              BOOL,     "1"),
427
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
428
  V(UseBridges,                  BOOL,     "0"),
429
  V(UseEntryGuards,              BOOL,     "1"),
430
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
431
  V(User,                        STRING,   NULL),
432
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
433
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
434
  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
435
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
436
437
438
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
439
440
441
442
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
443
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
444
  V(V3BandwidthsFile,            FILENAME, NULL),
445
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
446
  V(VirtualAddrNetwork,          STRING,   "127.192.0.0/10"),
447
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
448
  V(_UseFilteringSSLBufferevents, BOOL,    "0"),
449
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
450
451
452
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
453
454
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
455
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
456
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
457
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
458
  V(_UsingTestNetworkDefaults,   BOOL,     "0"),
459

460
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
461
};
462

463
464
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
465
static const config_var_t testing_tor_network_defaults[] = {
466
  V(ServerDNSAllowBrokenConfig,  BOOL,  "1"),
467
468
469
470
471
472
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
473
  V(ClientRejectInternalAddresses, BOOL,   "0"),
474
  V(CountPrivateBandwidth,       BOOL,     "1"),
475
476
477
478
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
479
480
481
482
483
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
484
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
485
  V(_UsingTestNetworkDefaults,   BOOL,     "1"),
486

487
488
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
489
490
#undef VAR

491
492
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member),  \
493
      initvalue }
494
495

/** Array of "state" variables saved to the ~/.tor/state file. */
496
static config_var_t _state_vars[] = {
497
498
  /* Remember to document these in state-contents.txt ! */

499
500
501
502
503
  V(AccountingBytesReadInInterval,    MEMUNIT,  NULL),
  V(AccountingBytesWrittenInInterval, MEMUNIT,  NULL),
  V(AccountingExpectedUsage,          MEMUNIT,  NULL),
  V(AccountingIntervalStart,          ISOTIME,  NULL),
  V(AccountingSecondsActive,          INTERVAL, NULL),
504
505
506
  V(AccountingSecondsToReachSoftLimit,INTERVAL, NULL),
  V(AccountingSoftLimitHitAt,         ISOTIME,  NULL),
  V(AccountingBytesAtSoftLimit,       MEMUNIT,  NULL),
Roger Dingledine's avatar
Roger Dingledine committed
507

508
509
510
  VAR("EntryGuard",              LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardDownSince",     LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardUnlistedSince", LINELIST_S,  EntryGuards,             NULL),
511
  VAR("EntryGuardAddedBy",       LINELIST_S,  EntryGuards,             NULL),
512
  VAR("EntryGuardPathBias",      LINELIST_S,  EntryGuards,             NULL),
513
  V(EntryGuards,                 LINELIST_V,  NULL),
Nick Mathewson's avatar
Nick Mathewson committed
514

515
516
517
  VAR("TransportProxy",               LINELIST_S, TransportProxies, NULL),
  V(TransportProxies,                 LINELIST_V, NULL),

518
519
520
  V(BWHistoryReadEnds,                ISOTIME,  NULL),
  V(BWHistoryReadInterval,            UINT,     "900"),
  V(BWHistoryReadValues,              CSV,      ""),
521
  V(BWHistoryReadMaxima,              CSV,      ""),
522
523
524
  V(BWHistoryWriteEnds,               ISOTIME,  NULL),
  V(BWHistoryWriteInterval,           UINT,     "900"),
  V(BWHistoryWriteValues,             CSV,      ""),
525
  V(BWHistoryWriteMaxima,             CSV,      ""),
526
527
528
  V(BWHistoryDirReadEnds,             ISOTIME,  NULL),
  V(BWHistoryDirReadInterval,         UINT,     "900"),
  V(BWHistoryDirReadValues,           CSV,      ""),
529
  V(BWHistoryDirReadMaxima,           CSV,      ""),
530
531
532
  V(BWHistoryDirWriteEnds,            ISOTIME,  NULL),
  V(BWHistoryDirWriteInterval,        UINT,     "900"),
  V(BWHistoryDirWriteValues,          CSV,      ""),
533
  V(BWHistoryDirWriteMaxima,          CSV,      ""),
534

535
  V(TorVersion,                       STRING,   NULL),
536

537
538
  V(LastRotatedOnionKey,              ISOTIME,  NULL),
  V(LastWritten,                      ISOTIME,  NULL),
539

540
  V(TotalBuildTimes,                  UINT,     NULL),
541
  V(CircuitBuildAbandonedCount,       UINT,     "0"),
542
543
  VAR("CircuitBuildTimeBin",          LINELIST_S, BuildtimeHistogram, NULL),
  VAR("BuildtimeHistogram",           LINELIST_V, BuildtimeHistogram, NULL),
544
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
545
546
};

547
#undef VAR
548
#undef V
549
550
#undef OBSOLETE

551
552
/** Represents an English description of a configuration variable; used when
 * generating configuration file comments. */
553
554
555
556
557
typedef struct config_var_description_t {
  const char *name;
  const char *description;
} config_var_description_t;

558
/** Type of a callback to validate whether a given configuration is
Roger Dingledine's avatar
Roger Dingledine committed
559
 * well-formed and consistent. See options_trial_assign() for documentation
560
 * of arguments. */
561
typedef int (*validate_fn_t)(void*,void*,int,char**);
562

563
564
565
/** Information on the keys, value types, key-to-struct-member mappings,
 * variable descriptions, validation functions, and abbreviations for a
 * configuration or storage format. */
566
typedef struct {
567
568
569
  size_t size; /**< Size of the struct that everything gets parsed into. */
  uint32_t magic; /**< Required 'magic value' to make sure we have a struct
                   * of the right type. */
Roger Dingledine's avatar
Roger Dingledine committed
570
  off_t magic_offset; /**< Offset of the magic value within the struct. */
571
  config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
Roger Dingledine's avatar
Roger Dingledine committed
572
                             * parsing this format. */
573
574
575
  config_var_t *vars; /**< List of variables we recognize, their default
                       * values, and where we stick them in the structure. */
  validate_fn_t validate_fn; /**< Function to validate config. */
Roger Dingledine's avatar
Roger Dingledine committed
576
577
578
  /** If present, extra is a LINELIST variable for unrecognized
   * lines.  Otherwise, unrecognized lines are an error. */
  config_var_t *extra;
579
580
} config_format_t;

581
582
/** Macro: assert that <b>cfg</b> has the right magic field for format
 * <b>fmt</b>. */
583
#define CHECK(fmt, cfg) STMT_BEGIN                                      \
584
    tor_assert(fmt && cfg);                                             \
585
    tor_assert((fmt)->magic ==                                          \
586
               *(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset));        \
587
  STMT_END
588

589
#ifdef _WIN32
590
591
static char *get_windows_conf_root(void);
#endif
592
static void config_line_append(config_line_t **lst,
593
                               const char *key, const char *val);
594
595
596
597
598
static void option_clear(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var);
static void option_reset(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var, int use_defaults);
static void config_free(const config_format_t *fmt, void *options);
599
static int config_lines_eq(config_line_t *a, config_line_t *b);
600
static int config_count_key(const config_line_t *a, const char *key);
601
602
static int option_is_same(const config_format_t *fmt,
                          const or_options_t *o1, const or_options_t *o2,
603
                          const char *name);
604
605
606
607
static or_options_t *options_dup(const config_format_t *fmt,
                                 const or_options_t *old);
static int options_validate(or_options_t *old_options,
                            or_options_t *options,
608
                            int from_setconf, char **msg);
609
610
611
612
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
613
                                      char **msg);
614
615
616
617
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
618
static int check_nickname_list(const char *lst, const char *name, char **msg);
619

620
static int parse_bridge_line(const char *line, int validate_only);
George Kadianakis's avatar
George Kadianakis committed
621
static int parse_client_transport_line(const char *line, int validate_only);
622
623

static int parse_server_transport_line(const char *line, int validate_only);
624
static int parse_dir_server_line(const char *line,
625
                                 dirinfo_type_t required_type,
626
                                 int validate_only);
627
static void port_cfg_free(port_cfg_t *port);
628
static int parse_ports(or_options_t *options, int validate_only,
629
                              char **msg_out, int *n_ports_out);
630
631
632
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

633
static int validate_data_directory(or_options_t *options);
634
635
636
637
638
639
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
static config_line_t *get_assigned_option(const config_format_t *fmt,
                                        const void *options, const char *key,
                                        int escape_val);
static void config_init(const config_format_t *fmt, void *options);
640
static int or_state_validate(or_state_t *old_options, or_state_t *options,
641
                             int from_setconf, char **msg);
642
643
static int or_state_load(void);
static int options_init_logs(or_options_t *options, int validate_only);
644

645
static uint64_t config_parse_memunit(const char *s, int *ok);
646
static int config_parse_msec_interval(const char *s, int *ok);
647
static int config_parse_interval(const char *s, int *ok);
648
static void init_libevent(const or_options_t *options);
649
static int opt_streq(const char *s1, const char *s2);
650

651
/** Magic value for or_options_t. */
652
653
#define OR_OPTIONS_MAGIC 9090909

654
/** Configuration format for or_options_t. */
655
static config_format_t options_format = {
656
657
658
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
  STRUCT_OFFSET(or_options_t, _magic),
659
660
661
  _option_abbrevs,
  _option_vars,
  (validate_fn_t)options_validate,
662
  NULL
663
664
};

665
/** Magic value for or_state_t. */
666
667
#define OR_STATE_MAGIC 0x57A73f57

668
669
/** "Extra" variable in the state that receives lines we can't parse. This
 * lets us preserve options from versions of Tor newer than us. */
670
671
672
673
static config_var_t state_extra_var = {
  "__extra", CONFIG_TYPE_LINELIST, STRUCT_OFFSET(or_state_t, ExtraLines), NULL
};

674
/** Configuration format for or_state_t. */
675
static const config_format_t state_format = {
676
677
678
  sizeof(or_state_t),
  OR_STATE_MAGIC,
  STRUCT_OFFSET(or_state_t, _magic),
679
  _state_abbrevs,
680
681
  _state_vars,
  (validate_fn_t)or_state_validate,
682
  &state_extra_var,
683
684
};

685
686
687
688
689
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
690
static or_options_t *global_options = NULL;
691
692
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
693
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
694
/** Name of most recently read torrc file. */
695
static char *torrc_fname = NULL;
696
/** Name of the most recently read torrc-defaults file.*/
697
static char *torrc_defaults_fname;
698
/** Persistent serialized state. */
699
static or_state_t *global_state = NULL;
700
701
/** Configuration Options set by command line. */
static config_line_t *global_cmdline_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
702
/** Contents of most recently read DirPortFrontPage file. */
703
static char *global_dirfrontpagecontents = NULL;
704
705
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
706
707
708
709
710
711
712

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
713

714
/** Allocate an empty configuration object of a given format type. */
715
static void *
716
config_alloc(const config_format_t *fmt)
717
{
718
  void *opts = tor_malloc_zero(fmt->size);
719
  *(uint32_t*)STRUCT_VAR_P(opts, fmt->magic_offset) = fmt->magic;
720
721
722
723
  CHECK(fmt, opts);
  return opts;
}

724
725
/** Return the currently configured options. */
or_options_t *
726
get_options_mutable(void)
727
{
728
729
730
  tor_assert(global_options);
  return global_options;
}
731