main.c 117 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
Nick Mathewson's avatar
Nick Mathewson committed
4
 * Copyright (c) 2007-2016, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
Roger Dingledine's avatar
Roger Dingledine committed
6

Roger Dingledine's avatar
Roger Dingledine committed
7
8
/**
 * \file main.c
9
10
 * \brief Toplevel module. Handles signals, multiplexes between
 * connections, implements main loop, and drives scheduled events.
Nick Mathewson's avatar
Nick Mathewson committed
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 *
 * For the main loop itself; see run_main_loop_once().  It invokes the rest of
 * Tor mostly through Libevent callbacks.  Libevent callbacks can happen when
 * a timer elapses, a signal is received, a socket is ready to read or write,
 * or an event is manually activated.
 *
 * Most events in Tor are driven from these callbacks:
 *  <ul>
 *   <li>conn_read_callback() and conn_write_callback() here, which are
 *     invoked when a socket is ready to read or write respectively.
 *   <li>signal_callback(), which handles incoming signals.
 *  </ul>
 * Other events are used for specific purposes, or for building more complex
 * control structures.  If you search for usage of tor_libevent_new(), you
 * will find all the events that we construct in Tor.
 *
 * Tor has numerous housekeeping operations that need to happen
 * regularly. They are handled in different ways:
 * <ul>
 *   <li>The most frequent operations are handled after every read or write
 *    event, at the end of connection_handle_read() and
 *    connection_handle_write().
 *
 *   <li>The next most frequent operations happen after each invocation of the
 *     main loop, in run_main_loop_once().
 *
 *   <li>Once per second, we run all of the operations listed in
 *     second_elapsed_callback(), and in its child, run_scheduled_events().
 *
 *   <li>Once-a-second operations are handled in second_elapsed_callback().
 *
 *   <li>More infrequent operations take place based on the periodic event
 *     driver in periodic.c .  These are stored in the periodic_events[]
 *     table.
 * </ul>
 *
Roger Dingledine's avatar
Roger Dingledine committed
47
 **/
48

49
#define MAIN_PRIVATE
Roger Dingledine's avatar
Roger Dingledine committed
50
#include "or.h"
51
#include "addressmap.h"
Nick Mathewson's avatar
Nick Mathewson committed
52
#include "backtrace.h"
53
#include "bridges.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
54
#include "buffers.h"
55
56
#include "channel.h"
#include "channeltls.h"
57
#include "channelpadding.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
58
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
59
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
60
#include "circuituse.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
61
#include "command.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
62
#include "config.h"
63
#include "confparse.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
64
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
65
#include "connection_edge.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
66
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
67
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
68
#include "cpuworker.h"
69
#include "crypto_s2k.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
70
#include "directory.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
71
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
72
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
73
#include "dns.h"
74
#include "dnsserv.h"
75
#include "entrynodes.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
76
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
77
#include "hibernate.h"
78
#include "hs_cache.h"
79
#include "hs_circuitmap.h"
80
#include "keypin.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
81
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
82
#include "microdesc.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
83
#include "networkstatus.h"
84
#include "nodelist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
85
#include "ntmain.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
86
#include "onion.h"
87
#include "periodic.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
88
#include "policies.h"
89
#include "protover.h"
90
#include "transports.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
91
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
92
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
93
#include "rendcommon.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
94
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
95
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
96
#include "router.h"
97
#include "routerkeys.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
98
#include "routerlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
99
#include "routerparse.h"
100
#include "scheduler.h"
101
#include "shared_random.h"
102
#include "statefile.h"
103
#include "status.h"
104
#include "util_process.h"
105
#include "ext_orport.h"
106
107
#ifdef USE_DMALLOC
#include <dmalloc.h>
108
#include <openssl/crypto.h>
109
#endif
110
#include "memarea.h"
111
#include "sandbox.h"
112

113
114
#include <event2/event.h>

115
#ifdef HAVE_SYSTEMD
116
117
118
119
120
121
#   if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
/* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse
 * Coverity. Here's a kludge to unconfuse it.
 */
#   define __INCLUDE_LEVEL__ 2
#   endif
122
123
124
#include <systemd/sd-daemon.h>
#endif

125
void evdns_shutdown(int);
Roger Dingledine's avatar
Roger Dingledine committed
126

127
/********* PROTOTYPES **********/
Roger Dingledine's avatar
Roger Dingledine committed
128

129
static void dumpmemusage(int severity);
130
static void dumpstats(int severity); /* log stats */
131
132
static void conn_read_callback(evutil_socket_t fd, short event, void *_conn);
static void conn_write_callback(evutil_socket_t fd, short event, void *_conn);
133
static void second_elapsed_callback(periodic_timer_t *timer, void *args);
134
static int conn_close_if_marked(int i);
135
static void connection_start_reading_from_linked_conn(connection_t *conn);
136
static int connection_should_read_from_linked_conn(connection_t *conn);
137
static int run_main_loop_until_done(void);
138
static void process_signal(int sig);
Roger Dingledine's avatar
Roger Dingledine committed
139

Roger Dingledine's avatar
Roger Dingledine committed
140
/********* START VARIABLES **********/
141
int global_read_bucket; /**< Max number of bytes I can read this second. */
142
int global_write_bucket; /**< Max number of bytes I can write this second. */
Roger Dingledine's avatar
Roger Dingledine committed
143

144
145
146
147
/** Max number of relayed (bandwidth class 1) bytes I can read this second. */
int global_relayed_read_bucket;
/** Max number of relayed (bandwidth class 1) bytes I can write this second. */
int global_relayed_write_bucket;
148
/** What was the read bucket before the last second_elapsed_callback() call?
149
 * (used to determine how many bytes we've read). */
150
static int stats_prev_global_read_bucket;
151
/** What was the write bucket before the last second_elapsed_callback() call?
152
153
 * (used to determine how many bytes we've written). */
static int stats_prev_global_write_bucket;
154

155
/* DOCDOC stats_prev_n_read */
156
static uint64_t stats_prev_n_read = 0;
157
/* DOCDOC stats_prev_n_written */
158
159
static uint64_t stats_prev_n_written = 0;

160
/* XXX we might want to keep stats about global_relayed_*_bucket too. Or not.*/
161
/** How many bytes have we read since we started the process? */
162
static uint64_t stats_n_bytes_read = 0;
163
/** How many bytes have we written since we started the process? */
164
static uint64_t stats_n_bytes_written = 0;
165
/** What time did this process start up? */
166
time_t time_of_process_start = 0;
Roger Dingledine's avatar
Roger Dingledine committed
167
/** How many seconds have we been running? */
168
long stats_n_seconds_working = 0;
169
170
171
172
173
174
175

/** How often will we honor SIGNEWNYM requests? */
#define MAX_SIGNEWNYM_RATE 10
/** When did we last process a SIGNEWNYM request? */
static time_t time_of_last_signewnym = 0;
/** Is there a signewnym request we're currently waiting to handle? */
static int signewnym_is_pending = 0;
176
177
/** How many times have we called newnym? */
static unsigned newnym_epoch = 0;
178

179
/** Smartlist of all open connections. */
180
STATIC smartlist_t *connection_array = NULL;
181
182
/** List of connections that have been marked for close and need to be freed
 * and removed from connection_array. */
183
static smartlist_t *closeable_connection_lst = NULL;
184
185
/** List of linked connections that are currently reading data into their
 * inbuf from their partner's outbuf. */
186
static smartlist_t *active_linked_connection_lst = NULL;
187
188
189
/** Flag: Set to true iff we entered the current libevent main loop via
 * <b>loop_once</b>. If so, there's no need to trigger a loopexit in order
 * to handle linked connections. */
190
static int called_loop_once = 0;
Roger Dingledine's avatar
Roger Dingledine committed
191

Roger Dingledine's avatar
Roger Dingledine committed
192
/** We set this to 1 when we've opened a circuit, so we can print a log
193
194
195
196
197
 * entry to inform the user that Tor is working.  We set it to 0 when
 * we think the fact that we once opened a circuit doesn't mean we can do so
 * any longer (a big time jump happened, when we notice our directory is
 * heinously out-of-date, etc.
 */
198
static int can_complete_circuits = 0;
199

200
201
202
203
204
205
/** How often do we check for router descriptors that we should download
 * when we have too little directory info? */
#define GREEDY_DESCRIPTOR_RETRY_INTERVAL (10)
/** How often do we check for router descriptors that we should download
 * when we have enough directory info? */
#define LAZY_DESCRIPTOR_RETRY_INTERVAL (60)
206

207
208
209
210
211
212
/** Decides our behavior when no logs are configured/before any
 * logs have been configured.  For 0, we log notice to stdout as normal.
 * For 1, we log warnings only.  For 2, we log nothing.
 */
int quiet_level = 0;

Roger Dingledine's avatar
Roger Dingledine committed
213
214
/********* END VARIABLES ************/

Roger Dingledine's avatar
Roger Dingledine committed
215
/****************************************************************************
216
217
218
219
220
 *
 * This section contains accessors and other methods on the connection_array
 * variables (which are global within this file and unavailable outside it).
 *
 ****************************************************************************/
Roger Dingledine's avatar
Roger Dingledine committed
221

222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
/** Return 1 if we have successfully built a circuit, and nothing has changed
 * to make us think that maybe we can't.
 */
int
have_completed_a_circuit(void)
{
  return can_complete_circuits;
}

/** Note that we have successfully built a circuit, so that reachability
 * testing and introduction points and so on may be attempted. */
void
note_that_we_completed_a_circuit(void)
{
  can_complete_circuits = 1;
}

/** Note that something has happened (like a clock jump, or DisableNetwork) to
 * make us think that maybe we can't complete circuits. */
void
note_that_we_maybe_cant_complete_circuits(void)
{
  can_complete_circuits = 0;
}

Roger Dingledine's avatar
Roger Dingledine committed
247
/** Add <b>conn</b> to the array of connections that we can poll on.  The
248
249
250
 * connection's socket must be set; the connection starts out
 * non-reading and non-writing.
 */
251
int
252
connection_add_impl(connection_t *conn, int is_connecting)
253
{
Roger Dingledine's avatar
Roger Dingledine committed
254
  tor_assert(conn);
255
  tor_assert(SOCKET_OK(conn->s) ||
256
257
             conn->linked ||
             (conn->type == CONN_TYPE_AP &&
258
              TO_EDGE_CONN(conn)->is_dns_request));
Roger Dingledine's avatar
Roger Dingledine committed
259

260
  tor_assert(conn->conn_array_index == -1); /* can only connection_add once */
261
262
  conn->conn_array_index = smartlist_len(connection_array);
  smartlist_add(connection_array, conn);
Roger Dingledine's avatar
Roger Dingledine committed
263

264
  (void) is_connecting;
265

266
  if (SOCKET_OK(conn->s) || conn->linked) {
267
268
269
270
    conn->read_event = tor_event_new(tor_libevent_get_base(),
         conn->s, EV_READ|EV_PERSIST, conn_read_callback, conn);
    conn->write_event = tor_event_new(tor_libevent_get_base(),
         conn->s, EV_WRITE|EV_PERSIST, conn_write_callback, conn);
271
    /* XXXX CHECK FOR NULL RETURN! */
272
  }
Roger Dingledine's avatar
Roger Dingledine committed
273

Roger Dingledine's avatar
Roger Dingledine committed
274
  log_debug(LD_NET,"new conn type %s, socket %d, address %s, n_conns %d.",
275
            conn_type_to_string(conn->type), (int)conn->s, conn->address,
276
            smartlist_len(connection_array));
Roger Dingledine's avatar
Roger Dingledine committed
277
278
279
280

  return 0;
}

281
282
283
284
285
286
/** Tell libevent that we don't care about <b>conn</b> any more. */
void
connection_unregister_events(connection_t *conn)
{
  if (conn->read_event) {
    if (event_del(conn->read_event))
287
      log_warn(LD_BUG, "Error removing read event for %d", (int)conn->s);
288
289
290
291
    tor_free(conn->read_event);
  }
  if (conn->write_event) {
    if (event_del(conn->write_event))
292
      log_warn(LD_BUG, "Error removing write event for %d", (int)conn->s);
293
294
    tor_free(conn->write_event);
  }
295
  if (conn->type == CONN_TYPE_AP_DNS_LISTENER) {
296
297
298
299
    dnsserv_close_listener(conn);
  }
}

Roger Dingledine's avatar
Roger Dingledine committed
300
/** Remove the connection from the global list, and remove the
Nick Mathewson's avatar
Nick Mathewson committed
301
302
303
 * corresponding poll entry.  Calling this function will shift the last
 * connection (if any) into the position occupied by conn.
 */
304
305
306
int
connection_remove(connection_t *conn)
{
Roger Dingledine's avatar
Roger Dingledine committed
307
  int current_index;
308
  connection_t *tmp;
Roger Dingledine's avatar
Roger Dingledine committed
309

Roger Dingledine's avatar
Roger Dingledine committed
310
  tor_assert(conn);
Roger Dingledine's avatar
Roger Dingledine committed
311

312
  log_debug(LD_NET,"removing socket %d (type %s), n_conns now %d",
313
            (int)conn->s, conn_type_to_string(conn->type),
314
            smartlist_len(connection_array));
Roger Dingledine's avatar
Roger Dingledine committed
315

316
  if (conn->type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
317
    log_info(LD_NET, "Closing SOCKS SocksSocket connection");
318
319
  }

Karsten Loesing's avatar
Karsten Loesing committed
320
321
  control_event_conn_bandwidth(conn);

322
323
  tor_assert(conn->conn_array_index >= 0);
  current_index = conn->conn_array_index;
324
  connection_unregister_events(conn); /* This is redundant, but cheap. */
325
326
  if (current_index == smartlist_len(connection_array)-1) { /* at the end */
    smartlist_del(connection_array, current_index);
Roger Dingledine's avatar
Roger Dingledine committed
327
    return 0;
Roger Dingledine's avatar
Roger Dingledine committed
328
  }
Roger Dingledine's avatar
Roger Dingledine committed
329

330
  /* replace this one with the one at the end */
331
332
333
  smartlist_del(connection_array, current_index);
  tmp = smartlist_get(connection_array, current_index);
  tmp->conn_array_index = current_index;
Roger Dingledine's avatar
Roger Dingledine committed
334

Roger Dingledine's avatar
Roger Dingledine committed
335
  return 0;
Roger Dingledine's avatar
Roger Dingledine committed
336
337
}

338
/** If <b>conn</b> is an edge conn, remove it from the list
339
340
341
 * of conn's on this circuit. If it's not on an edge,
 * flush and send destroys for all circuits on this conn.
 *
342
343
 * Remove it from connection_array (if applicable) and
 * from closeable_connection_list.
344
345
346
 *
 * Then free it.
 */
347
static void
348
connection_unlink(connection_t *conn)
349
{
350
  connection_about_to_close_connection(conn);
351
  if (conn->conn_array_index >= 0) {
352
353
    connection_remove(conn);
  }
354
355
356
357
358
359
360
  if (conn->linked_conn) {
    conn->linked_conn->linked_conn = NULL;
    if (! conn->linked_conn->marked_for_close &&
        conn->linked_conn->reading_from_linked_conn)
      connection_start_reading(conn->linked_conn);
    conn->linked_conn = NULL;
  }
361
  smartlist_remove(closeable_connection_lst, conn);
362
  smartlist_remove(active_linked_connection_lst, conn);
363
  if (conn->type == CONN_TYPE_EXIT) {
364
    assert_connection_edge_not_dns_pending(TO_EDGE_CONN(conn));
365
  }
366
367
  if (conn->type == CONN_TYPE_OR) {
    if (!tor_digest_is_zero(TO_OR_CONN(conn)->identity_digest))
368
      connection_or_clear_identity(TO_OR_CONN(conn));
369
370
371
372
373
374
375
376
377
378
379
380
    /* connection_unlink() can only get called if the connection
     * was already on the closeable list, and it got there by
     * connection_mark_for_close(), which was called from
     * connection_or_close_normally() or
     * connection_or_close_for_error(), so the channel should
     * already be in CHANNEL_STATE_CLOSING, and then the
     * connection_about_to_close_connection() goes to
     * connection_or_about_to_close(), which calls channel_closed()
     * to notify the channel_t layer, and closed the channel, so
     * nothing more to do here to deal with the channel associated
     * with an orconn.
     */
381
  }
382
383
384
  connection_free(conn);
}

385
386
387
388
389
390
391
392
393
394
395
396
397
/** Initialize the global connection list, closeable connection list,
 * and active connection list. */
STATIC void
init_connection_lists(void)
{
  if (!connection_array)
    connection_array = smartlist_new();
  if (!closeable_connection_lst)
    closeable_connection_lst = smartlist_new();
  if (!active_linked_connection_lst)
    active_linked_connection_lst = smartlist_new();
}

398
/** Schedule <b>conn</b> to be closed. **/
399
400
401
void
add_connection_to_closeable_list(connection_t *conn)
{
Nick Mathewson's avatar
Nick Mathewson committed
402
  tor_assert(!smartlist_contains(closeable_connection_lst, conn));
403
  tor_assert(conn->marked_for_close);
404
  assert_connection_ok(conn, time(NULL));
405
406
407
  smartlist_add(closeable_connection_lst, conn);
}

408
/** Return 1 if conn is on the closeable list, else return 0. */
409
410
411
int
connection_is_on_closeable_list(connection_t *conn)
{
Nick Mathewson's avatar
Nick Mathewson committed
412
  return smartlist_contains(closeable_connection_lst, conn);
413
414
}

415
/** Return true iff conn is in the current poll array. */
416
417
418
int
connection_in_array(connection_t *conn)
{
Nick Mathewson's avatar
Nick Mathewson committed
419
  return smartlist_contains(connection_array, conn);
420
421
}

422
/** Set <b>*array</b> to an array of all connections. <b>*array</b> must not
Roger Dingledine's avatar
Roger Dingledine committed
423
 * be modified.
424
 */
425
426
MOCK_IMPL(smartlist_t *,
get_connection_array, (void))
427
{
428
  if (!connection_array)
429
    connection_array = smartlist_new();
430
  return connection_array;
431
432
}

433
434
/** Provides the traffic read and written over the life of the process. */

435
436
MOCK_IMPL(uint64_t,
get_bytes_read,(void))
437
438
439
440
{
  return stats_n_bytes_read;
}

441
/* DOCDOC get_bytes_written */
442
443
MOCK_IMPL(uint64_t,
get_bytes_written,(void))
444
445
446
447
{
  return stats_n_bytes_written;
}

448
/** Set the event mask on <b>conn</b> to <b>events</b>.  (The event
449
 * mask is a bitmask whose bits are READ_EVENT and WRITE_EVENT)
450
 */
451
void
452
connection_watch_events(connection_t *conn, watchable_events_t events)
453
{
454
  if (events & READ_EVENT)
455
456
457
458
    connection_start_reading(conn);
  else
    connection_stop_reading(conn);

459
  if (events & WRITE_EVENT)
460
461
462
    connection_start_writing(conn);
  else
    connection_stop_writing(conn);
Roger Dingledine's avatar
Roger Dingledine committed
463
464
}

Roger Dingledine's avatar
Roger Dingledine committed
465
/** Return true iff <b>conn</b> is listening for read events. */
466
467
468
int
connection_is_reading(connection_t *conn)
{
469
  tor_assert(conn);
470

471
472
  return conn->reading_from_linked_conn ||
    (conn->read_event && event_pending(conn->read_event, EV_READ, NULL));
Roger Dingledine's avatar
Roger Dingledine committed
473
474
}

475
/** Check whether <b>conn</b> is correct in having (or not having) a
476
 * read/write event (passed in <b>ev</b>). On success, return 0. On failure,
477
 * log a warning and return -1. */
478
479
480
481
482
483
static int
connection_check_event(connection_t *conn, struct event *ev)
{
  int bad;

  if (conn->type == CONN_TYPE_AP && TO_EDGE_CONN(conn)->is_dns_request) {
484
485
486
487
    /* DNS requests which we launch through the dnsserv.c module do not have
     * any underlying socket or any underlying linked connection, so they
     * shouldn't have any attached events either.
     */
488
489
    bad = ev != NULL;
  } else {
Chelsea H. Komlo's avatar
Chelsea H. Komlo committed
490
    /* Everything else should have an underlying socket, or a linked
491
492
     * connection (which is also tracked with a read_event/write_event pair).
     */
493
494
495
496
497
498
499
500
501
502
503
    bad = ev == NULL;
  }

  if (bad) {
    log_warn(LD_BUG, "Event missing on connection %p [%s;%s]. "
             "socket=%d. linked=%d. "
             "is_dns_request=%d. Marked_for_close=%s:%d",
             conn,
             conn_type_to_string(conn->type),
             conn_state_to_string(conn->type, conn->state),
             (int)conn->s, (int)conn->linked,
Nick Mathewson's avatar
Nick Mathewson committed
504
505
             (conn->type == CONN_TYPE_AP &&
                               TO_EDGE_CONN(conn)->is_dns_request),
506
507
508
509
510
511
512
513
514
             conn->marked_for_close_file ? conn->marked_for_close_file : "-",
             conn->marked_for_close
             );
    log_backtrace(LOG_WARN, LD_BUG, "Backtrace attached.");
    return -1;
  }
  return 0;
}

Roger Dingledine's avatar
Roger Dingledine committed
515
/** Tell the main loop to stop notifying <b>conn</b> of any read events. */
516
517
MOCK_IMPL(void,
connection_stop_reading,(connection_t *conn))
518
{
519
  tor_assert(conn);
520

521
  if (connection_check_event(conn, conn->read_event) < 0) {
522
523
    return;
  }
524

525
526
527
528
529
530
531
  if (conn->linked) {
    conn->reading_from_linked_conn = 0;
    connection_stop_reading_from_linked_conn(conn);
  } else {
    if (event_del(conn->read_event))
      log_warn(LD_NET, "Error from libevent setting read event state for %d "
               "to unwatched: %s",
532
               (int)conn->s,
533
534
               tor_socket_strerror(tor_socket_errno(conn->s)));
  }
535
536
}

Roger Dingledine's avatar
Roger Dingledine committed
537
/** Tell the main loop to start notifying <b>conn</b> of any read events. */
538
539
MOCK_IMPL(void,
connection_start_reading,(connection_t *conn))
540
{
541
  tor_assert(conn);
542

543
  if (connection_check_event(conn, conn->read_event) < 0) {
544
545
    return;
  }
546

547
548
549
550
551
552
553
554
  if (conn->linked) {
    conn->reading_from_linked_conn = 1;
    if (connection_should_read_from_linked_conn(conn))
      connection_start_reading_from_linked_conn(conn);
  } else {
    if (event_add(conn->read_event, NULL))
      log_warn(LD_NET, "Error from libevent setting read event state for %d "
               "to watched: %s",
555
               (int)conn->s,
556
557
               tor_socket_strerror(tor_socket_errno(conn->s)));
  }
558
559
}

Roger Dingledine's avatar
Roger Dingledine committed
560
/** Return true iff <b>conn</b> is listening for write events. */
561
562
563
int
connection_is_writing(connection_t *conn)
{
564
565
  tor_assert(conn);

566
567
  return conn->writing_to_linked_conn ||
    (conn->write_event && event_pending(conn->write_event, EV_WRITE, NULL));
568
569
}

Roger Dingledine's avatar
Roger Dingledine committed
570
/** Tell the main loop to stop notifying <b>conn</b> of any write events. */
571
572
MOCK_IMPL(void,
connection_stop_writing,(connection_t *conn))
573
{
574
  tor_assert(conn);
575

576
577
578
  if (connection_check_event(conn, conn->write_event) < 0) {
    return;
  }
579

580
581
582
583
584
585
586
587
  if (conn->linked) {
    conn->writing_to_linked_conn = 0;
    if (conn->linked_conn)
      connection_stop_reading_from_linked_conn(conn->linked_conn);
  } else {
    if (event_del(conn->write_event))
      log_warn(LD_NET, "Error from libevent setting write event state for %d "
               "to unwatched: %s",
588
               (int)conn->s,
589
590
               tor_socket_strerror(tor_socket_errno(conn->s)));
  }
591
592
}

Roger Dingledine's avatar
Roger Dingledine committed
593
/** Tell the main loop to start notifying <b>conn</b> of any write events. */
594
595
MOCK_IMPL(void,
connection_start_writing,(connection_t *conn))
596
{
597
  tor_assert(conn);
598

599
600
601
  if (connection_check_event(conn, conn->write_event) < 0) {
    return;
  }
602

603
604
605
606
607
608
609
610
611
  if (conn->linked) {
    conn->writing_to_linked_conn = 1;
    if (conn->linked_conn &&
        connection_should_read_from_linked_conn(conn->linked_conn))
      connection_start_reading_from_linked_conn(conn->linked_conn);
  } else {
    if (event_add(conn->write_event, NULL))
      log_warn(LD_NET, "Error from libevent setting write event state for %d "
               "to watched: %s",
612
               (int)conn->s,
613
614
615
616
               tor_socket_strerror(tor_socket_errno(conn->s)));
  }
}

617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
/** Return true iff <b>conn</b> is linked conn, and reading from the conn
 * linked to it would be good and feasible.  (Reading is "feasible" if the
 * other conn exists and has data in its outbuf, and is "good" if we have our
 * reading_from_linked_conn flag set and the other conn has its
 * writing_to_linked_conn flag set.)*/
static int
connection_should_read_from_linked_conn(connection_t *conn)
{
  if (conn->linked && conn->reading_from_linked_conn) {
    if (! conn->linked_conn ||
        (conn->linked_conn->writing_to_linked_conn &&
         buf_datalen(conn->linked_conn->outbuf)))
      return 1;
  }
  return 0;
}

634
635
636
637
638
639
640
641
642
643
644
645
646
/** If we called event_base_loop() and told it to never stop until it
 * runs out of events, now we've changed our mind: tell it we want it to
 * finish. */
void
tell_event_loop_to_finish(void)
{
  if (!called_loop_once) {
    struct timeval tv = { 0, 0 };
    tor_event_base_loopexit(tor_libevent_get_base(), &tv);
    called_loop_once = 1; /* hack to avoid adding more exit events */
  }
}

647
648
649
650
/** Helper: Tell the main loop to begin reading bytes into <b>conn</b> from
 * its linked connection, if it is not doing so already.  Called by
 * connection_start_reading and connection_start_writing as appropriate. */
static void
651
652
653
654
655
656
657
658
connection_start_reading_from_linked_conn(connection_t *conn)
{
  tor_assert(conn);
  tor_assert(conn->linked == 1);

  if (!conn->active_on_link) {
    conn->active_on_link = 1;
    smartlist_add(active_linked_connection_lst, conn);
659
660
661
662
    /* make sure that the event_base_loop() function exits at
     * the end of its run through the current connections, so we can
     * activate read events for linked connections. */
    tell_event_loop_to_finish();
663
  } else {
Nick Mathewson's avatar
Nick Mathewson committed
664
    tor_assert(smartlist_contains(active_linked_connection_lst, conn));
665
666
667
  }
}

668
669
670
/** Tell the main loop to stop reading bytes into <b>conn</b> from its linked
 * connection, if is currently doing so.  Called by connection_stop_reading,
 * connection_stop_writing, and connection_read. */
671
672
673
674
675
676
677
678
void
connection_stop_reading_from_linked_conn(connection_t *conn)
{
  tor_assert(conn);
  tor_assert(conn->linked == 1);

  if (conn->active_on_link) {
    conn->active_on_link = 0;
679
680
681
    /* FFFF We could keep an index here so we can smartlist_del
     * cleanly.  On the other hand, this doesn't show up on profiles,
     * so let's leave it alone for now. */
682
683
    smartlist_remove(active_linked_connection_lst, conn);
  } else {
Nick Mathewson's avatar
Nick Mathewson committed
684
    tor_assert(!smartlist_contains(active_linked_connection_lst, conn));
685
  }
686
687
}

688
/** Close all connections that have been scheduled to get closed. */
689
STATIC void
690
691
692
693
694
close_closeable_connections(void)
{
  int i;
  for (i = 0; i < smartlist_len(closeable_connection_lst); ) {
    connection_t *conn = smartlist_get(closeable_connection_lst, i);
695
    if (conn->conn_array_index < 0) {
696
      connection_unlink(conn); /* blow it away right now */
697
    } else {
698
      if (!conn_close_if_marked(conn->conn_array_index))
699
700
        ++i;
    }
701
702
703
  }
}

704
/** Count moribund connections for the OOS handler */
705
706
MOCK_IMPL(int,
connection_count_moribund, (void))
707
{
708
  int moribund = 0;
709
710
711
712
713

  /*
   * Count things we'll try to kill when close_closeable_connections()
   * runs next.
   */
714
  SMARTLIST_FOREACH_BEGIN(closeable_connection_lst, connection_t *, conn) {
715
    if (SOCKET_OK(conn->s) && connection_is_moribund(conn)) ++moribund;
716
  } SMARTLIST_FOREACH_END(conn);
717
718
719
720

  return moribund;
}

721
722
/** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
 * some data to read. */
723
static void
724
conn_read_callback(evutil_socket_t fd, short event, void *_conn)
725
726
{
  connection_t *conn = _conn;
727
728
  (void)fd;
  (void)event;
729

730
  log_debug(LD_NET,"socket %d wants to read.",(int)conn->s);
731

732
  /* assert_connection_ok(conn, time(NULL)); */
733
734
735

  if (connection_handle_read(conn) < 0) {
    if (!conn->marked_for_close) {
736
#ifndef _WIN32
737
      log_warn(LD_BUG,"Unhandled error on read for %s connection "
738
               "(fd %d); removing",
739
               conn_type_to_string(conn->type), (int)conn->s);
740
      tor_fragile_assert();
741
#endif
742
      if (CONN_IS_EDGE(conn))
743
        connection_edge_end_errno(TO_EDGE_CONN(conn));
744
745
746
747
748
749
750
751
752
      connection_mark_for_close(conn);
    }
  }
  assert_connection_ok(conn, time(NULL));

  if (smartlist_len(closeable_connection_lst))
    close_closeable_connections();
}

753
754
/** Libevent callback: this gets invoked when (connection_t*)<b>conn</b> has
 * some data to write. */
755
static void
756
conn_write_callback(evutil_socket_t fd, short events, void *_conn)
757
758
{
  connection_t *conn = _conn;
759
760
  (void)fd;
  (void)events;
761

762
763
  LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "socket %d wants to write.",
                     (int)conn->s));
764

765
  /* assert_connection_ok(conn, time(NULL)); */
766

767
  if (connection_handle_write(conn, 0) < 0) {
768
769
    if (!conn->marked_for_close) {
      /* this connection is broken. remove it. */
770
      log_fn(LOG_WARN,LD_BUG,
Roger Dingledine's avatar
Roger Dingledine committed
771
             "unhandled error on write for %s connection (fd %d); removing",
772
             conn_type_to_string(conn->type), (int)conn->s);
773
      tor_fragile_assert();
774
775
      if (CONN_IS_EDGE(conn)) {
        /* otherwise we cry wolf about duplicate close */
776
777
778
        edge_connection_t *edge_conn = TO_EDGE_CONN(conn);
        if (!edge_conn->end_reason)
          edge_conn->end_reason = END_STREAM_REASON_INTERNAL;
779
        edge_conn->edge_has_sent_end = 1;
780
      }
781
      connection_close_immediate(conn); /* So we don't try to flush. */
782
783
784
785
786
787
788
789
790
      connection_mark_for_close(conn);
    }
  }
  assert_connection_ok(conn, time(NULL));

  if (smartlist_len(closeable_connection_lst))
    close_closeable_connections();
}

Roger Dingledine's avatar
Roger Dingledine committed
791
/** If the connection at connection_array[i] is marked for close, then:
792
793
794
795
796
 *    - If it has data that it wants to flush, try to flush it.
 *    - If it _still_ has data to flush, and conn->hold_open_until_flushed is
 *      true, then leave the connection open and return.
 *    - Otherwise, remove the connection from connection_array and from
 *      all other lists, close it, and free it.
797
 * Returns 1 if the connection was closed, 0 otherwise.
798
 */
799
800
801
static int
conn_close_if_marked(int i)
{
Roger Dingledine's avatar
Roger Dingledine committed
802
  connection_t *conn;
803
  int retval;
804
  time_t now;
Roger Dingledine's avatar
Roger Dingledine committed
805

806
  conn = smartlist_get(connection_array, i);
807
  if (!conn->marked_for_close)
808
    return 0; /* nothing to see here, move along */
809
810
  now = time(NULL);
  assert_connection_ok(conn, now);
811
  /* assert_all_pending_dns_resolves_ok(); */
812

Nick Mathewson's avatar
Nick Mathewson committed
813
814
  log_debug(LD_NET,"Cleaning up connection (fd "TOR_SOCKET_T_FORMAT").",
            conn->s);
815
816
817

  /* If the connection we are about to close was trying to connect to
  a proxy server and failed, the client won't be able to use that
818
  proxy. We should warn the user about this. */
819
820
  if (conn->proxy_state == PROXY_INFANT)
    log_failed_proxy_connection(conn);
821

822
823
  if ((SOCKET_OK(conn->s) || conn->linked_conn) &&
      connection_wants_to_flush(conn)) {
824
    /* s == -1 means it's an incomplete edge connection, or that the socket
825
     * has already been closed as unflushable. */
826
    ssize_t sz = connection_bucket_write_limit(conn, now);
827
    if (!conn->hold_open_until_flushed)
828
829
830
      log_info(LD_NET,
               "Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
               "to flush %d bytes. (Marked at %s:%d)",
831
               escaped_safe_str_client(conn->address),
832
               (int)conn->s, conn_type_to_string(conn->type), conn->state,
833
834
               (int)conn->outbuf_flushlen,
                conn->marked_for_close_file, conn->marked_for_close);
835
836
837
838
839
840
841
842
    if (conn->linked_conn) {
      retval = move_buf_to_buf(conn->linked_conn->inbuf, conn->outbuf,
                               &conn->outbuf_flushlen);
      if (retval >= 0) {
        /* The linked conn will notice that it has data when it notices that
         * we're gone. */
        connection_start_reading_from_linked_conn(conn->linked_conn);
      }
843
      log_debug(LD_GENERAL, "Flushed last %d bytes from a linked conn; "
844
               "%d left; flushlen %d; wants-to-flush==%d", retval,
845
846
                (int)connection_get_outbuf_len(conn),
                (int)conn->outbuf_flushlen,
847
                connection_wants_to_flush(conn));
848
    } else if (connection_speaks_cells(conn)) {
849
      if (conn->state == OR_CONN_STATE_OPEN) {
850
        retval = flush_buf_tls(TO_OR_CONN(conn)->tls, conn->outbuf, sz,
851
                               &conn->outbuf_flushlen);
852
      } else
853
        retval = -1; /* never flush non-open broken tls connections */
854
    } else {
855
      retval = flush_buf(conn->s, conn->outbuf, sz, &conn->outbuf_flushlen);
856
    }
857
858
859
    if (retval >= 0 && /* Technically, we could survive things like
                          TLS_WANT_WRITE here. But don't bother for now. */
        conn->hold_open_until_flushed && connection_wants_to_flush(conn)) {
860
      if (retval > 0) {
861
862
        LOG_FN_CONN(conn, (LOG_INFO,LD_NET,
                           "Holding conn (fd %d) open for more flushing.",
863
                           (int)conn->s));
864
        conn->timestamp_lastwritten = now; /* reset so we can flush more */
865
866
867
868
      } else if (sz == 0) {
        /* Also, retval==0.  If we get here, we didn't want to write anything
         * (because of rate-limiting) and we didn't. */

869
870
871
872
873
874
        /* Connection must flush before closing, but it's being rate-limited.
         * Let's remove from Libevent, and mark it as blocked on bandwidth
         * so it will be re-added on next token bucket refill. Prevents
         * busy Libevent loops where we keep ending up here and returning
         * 0 until we are no longer blocked on bandwidth.
         */
875
876
877
878
        if (connection_is_writing(conn)) {
          conn->write_blocked_on_bw = 1;
          connection_stop_writing(conn);
        }
879
        if (connection_is_reading(conn)) {
880
          /* XXXX+ We should make this code unreachable; if a connection is
881
882
883
884
885
           * marked for close and flushing, there is no point in reading to it
           * at all. Further, checking at this point is a bit of a hack: it
           * would make much more sense to react in
           * connection_handle_read_impl, or to just stop reading in
           * mark_and_flush */
886
887
888
          conn->read_blocked_on_bw = 1;
          connection_stop_reading(conn);
        }
889
      }
890
      return 0;
891
    }
892
    if (connection_wants_to_flush(conn)) {
893
      log_fn(LOG_INFO, LD_NET, "We stalled too much while trying to write %d "
894
             "bytes to address %s.  If this happens a lot, either "
895
896
897
             "something is wrong with your network connection, or "
             "something is wrong with theirs. "
             "(fd %d, type %s, state %d, marked at %s:%d).",
898
             (int)connection_get_outbuf_len(conn),
899
             escaped_safe_str_client(conn->address),
900
             (int)conn->s, conn_type_to_string(conn->type), conn->state,
901
             conn->marked_for_close_file,
902
             conn->marked_for_close);
Roger Dingledine's avatar
Roger Dingledine committed
903
904
    }
  }
905

906
  connection_unlink(conn); /* unlink, remove, free */
907
  return 1;
Roger Dingledine's avatar
Roger Dingledine committed
908
909
}

910
911
912
/** Implementation for directory_all_unreachable.  This is done in a callback,
 * since otherwise it would complicate Tor's control-flow graph beyond all
 * reason.
913
 */
914
915
static void
directory_all_unreachable_cb(evutil_socket_t fd, short event, void *arg)
916
{
917
918
919
  (void)fd;
  (void)event;
  (void)arg;