config.c 244 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2012, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
13
#define CONFIG_PRIVATE

Roger Dingledine's avatar
Roger Dingledine committed
14
#include "or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
15
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
16
#include "circuitlist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
19
#include "connection_edge.h"
20
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "control.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
24
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "dns.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
26
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "networkstatus.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
31
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "router.h"
36
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "routerlist.h"
38
#include "transports.h"
39
#ifdef _WIN32
40
41
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
42

43
44
45
46
47
#include "procmon.h"

/* From main.c */
extern int quiet_level;

Nick Mathewson's avatar
Nick Mathewson committed
48
49
/** Enumeration of types which option values can take */
typedef enum config_type_t {
50
  CONFIG_TYPE_STRING = 0,   /**< An arbitrary string. */
51
  CONFIG_TYPE_FILENAME,     /**< A filename: some prefixes get expanded. */
52
  CONFIG_TYPE_UINT,         /**< A non-negative integer less than MAX_INT */
53
  CONFIG_TYPE_INT,          /**< Any integer. */
54
55
  CONFIG_TYPE_PORT,         /**< A port from 1...65535, 0 for "not set", or
                             * "auto".  */
56
  CONFIG_TYPE_INTERVAL,     /**< A number of seconds, with optional units*/
57
58
  CONFIG_TYPE_MSEC_INTERVAL,/**< A number of milliseconds, with optional
                              * units */
59
  CONFIG_TYPE_MEMUNIT,      /**< A number of bytes, with optional units*/
60
61
  CONFIG_TYPE_DOUBLE,       /**< A floating-point value */
  CONFIG_TYPE_BOOL,         /**< A boolean value, expressed as 0 or 1. */
62
63
  CONFIG_TYPE_AUTOBOOL,     /**< A boolean+auto value, expressed 0 for false,
                             * 1 for true, and -1 for auto  */
Nick Mathewson's avatar
Nick Mathewson committed
64
  CONFIG_TYPE_ISOTIME,      /**< An ISO-formatted time relative to GMT. */
65
66
  CONFIG_TYPE_CSV,          /**< A list of strings, separated by commas and
                              * optional whitespace. */
67
  CONFIG_TYPE_LINELIST,     /**< Uninterpreted config lines */
68
69
70
71
72
  CONFIG_TYPE_LINELIST_S,   /**< Uninterpreted, context-sensitive config lines,
                             * mixed with other keywords. */
  CONFIG_TYPE_LINELIST_V,   /**< Catch-all "virtual" option to summarize
                             * context-sensitive config lines when fetching.
                             */
73
74
  CONFIG_TYPE_ROUTERSET,    /**< A list of router names, addrs, and fps,
                             * parsed into a routerset_t. */
75
  CONFIG_TYPE_OBSOLETE,     /**< Obsolete (ignored) option. */
Nick Mathewson's avatar
Nick Mathewson committed
76
} config_type_t;
77

78
/** An abbreviation for a configuration option allowed on the command line. */
79
typedef struct config_abbrev_t {
80
81
  const char *abbreviated;
  const char *full;
82
  int commandline_only;
83
  int warn;
84
85
} config_abbrev_t;

86
87
/* Handy macro for declaring "In the config file or on the command line,
 * you can abbreviate <b>tok</b>s as <b>tok</b>". */
88
#define PLURAL(tok) { #tok, #tok "s", 0, 0 }
89

90
91
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
92
static config_abbrev_t _option_abbrevs[] = {
93
94
95
96
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
97
  PLURAL(ExitNode),
98
  PLURAL(EntryNode),
99
100
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
101
  PLURAL(LongLivedPort),
102
103
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
104
  PLURAL(NumCPU),
105
106
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
107
108
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
109
  PLURAL(StrictNode),
110
  { "l", "Log", 1, 0},
111
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
112
113
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
114
115
116
117
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
  { "MaxConn", "ConnLimit", 0, 1},
118
119
120
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
121
122
123
124
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
125
126
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
127
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
128
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
129
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
130
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
131
132
  { "StrictEntryNodes", "StrictNodes", 0, 1},
  { "StrictExitNodes", "StrictNodes", 0, 1},
133
134
  { NULL, NULL, 0, 0},
};
135
136

/** A list of state-file "abbreviations," for compatibility. */
137
static config_abbrev_t _state_abbrevs[] = {
138
  { "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
139
140
141
142
143
144
  { "HelperNode", "EntryGuard", 0, 0 },
  { "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
  { "EntryNode", "EntryGuard", 0, 0 },
  { "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
  { "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
145
  { NULL, NULL, 0, 0},
146
};
147
#undef PLURAL
148

149
/** A variable allowed in the configuration file or on the command line. */
150
typedef struct config_var_t {
151
  const char *name; /**< The full keyword (case insensitive). */
152
153
  config_type_t type; /**< How to interpret the type and turn it into a
                       * value. */
154
155
  off_t var_offset; /**< Offset of the corresponding member of or_options_t. */
  const char *initvalue; /**< String (or null) describing initial value. */
156
157
} config_var_t;

Nick Mathewson's avatar
Nick Mathewson committed
158
159
160
161
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
162
163
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
164
      initvalue }
165
166
167
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
168
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
169
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
170

171
172
173
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
174
175
176
177
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
178
static config_var_t _option_vars[] = {
179
  OBSOLETE("AccountingMaxKB"),
180
181
182
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
183
  V(AllowDotExit,                BOOL,     "0"),
184
185
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
186
187
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
188
189
190
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
  V(AlternateHSAuthority,        LINELIST, NULL),
191
  V(AssumeReachable,             BOOL,     "0"),
192
  V(AuthDirBadDir,               LINELIST, NULL),
193
  V(AuthDirBadDirCCs,            CSV,      ""),
194
  V(AuthDirBadExit,              LINELIST, NULL),
195
  V(AuthDirBadExitCCs,           CSV,      ""),
196
  V(AuthDirInvalid,              LINELIST, NULL),
197
  V(AuthDirInvalidCCs,           CSV,      ""),
198
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
199
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "250 KB"),
200
  V(AuthDirReject,               LINELIST, NULL),
201
  V(AuthDirRejectCCs,            CSV,      ""),
202
  V(AuthDirRejectUnlisted,       BOOL,     "0"),
203
  V(AuthDirListBadDirs,          BOOL,     "0"),
204
  V(AuthDirListBadExits,         BOOL,     "0"),
205
206
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
207
  V(AuthDirHasIPv6Connectivity,  AUTOBOOL, "auto"),
208
  V(AuthDirPublishIPv6,          BOOL,     "0"),
209
210
211
212
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
213
214
  V(BandwidthBurst,              MEMUNIT,  "10 MB"),
  V(BandwidthRate,               MEMUNIT,  "5 MB"),
215
216
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
217
  V(BridgePassword,              STRING,   NULL),
218
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
219
  V(BridgeRelay,                 BOOL,     "0"),
220
  V(CellStatistics,              BOOL,     "0"),
221
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
222
  V(CircuitBuildTimeout,         INTERVAL, "0"),
223
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
224
  V(CircuitStreamTimeout,        INTERVAL, "0"),
225
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
226
227
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
228
  V(ClientRejectInternalAddresses, BOOL,   "1"),
229
  V(ClientTransportPlugin,       LINELIST, NULL),
230
  V(ConsensusParams,             STRING,   NULL),
231
  V(ConnLimit,                   UINT,     "1000"),
232
  V(ConnDirectionStatistics,     BOOL,     "0"),
233
234
235
236
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
237
  VPORT(ControlPort,                 LINELIST, NULL),
238
  V(ControlPortFileGroupReadable,BOOL,     "0"),
239
  V(ControlPortWriteToFile,      FILENAME, NULL),
240
  V(ControlSocket,               LINELIST, NULL),
241
  V(ControlSocketsGroupWritable, BOOL,     "0"),
242
243
244
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
245
  V(CountPrivateBandwidth,       BOOL,     "0"),
246
  V(DataDirectory,               FILENAME, NULL),
247
  OBSOLETE("DebugLogFile"),
248
  V(DisableNetwork,              BOOL,     "0"),
249
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
250
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
251
  V(DirListenAddress,            LINELIST, NULL),
252
  OBSOLETE("DirFetchPeriod"),
253
  V(DirPolicy,                   LINELIST, NULL),
254
  VPORT(DirPort,                     LINELIST, NULL),
255
  V(DirPortFrontPage,            FILENAME, NULL),
256
  OBSOLETE("DirPostPeriod"),
257
258
259
260
  OBSOLETE("DirRecordUsageByCountry"),
  OBSOLETE("DirRecordUsageGranularity"),
  OBSOLETE("DirRecordUsageRetainIPs"),
  OBSOLETE("DirRecordUsageSaveInterval"),
261
  V(DirReqStatistics,            BOOL,     "1"),
262
  VAR("DirServer",               LINELIST, DirServers, NULL),
263
  V(DisableAllSwap,              BOOL,     "0"),
264
  V(DisableDebuggerAttachment,   BOOL,     "1"),
265
  V(DisableIOCP,                 BOOL,     "1"),
266
  V(DynamicDHGroups,             BOOL,     "0"),
267
  VPORT(DNSPort,                     LINELIST, NULL),
268
269
270
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
  V(EnforceDistinctSubnets,      BOOL,     "1"),
271
  V(EntryNodes,                  ROUTERSET,   NULL),
272
  V(EntryStatistics,             BOOL,     "0"),
273
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
274
275
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
276
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
277
  V(ExitNodes,                   ROUTERSET, NULL),
278
279
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
280
  V(ExitPortStatistics,          BOOL,     "0"),
281
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
282
  V(ExtraInfoStatistics,         BOOL,     "1"),
283

valerino's avatar
valerino committed
284
285
286
#if defined (WINCE)
  V(FallbackNetworkstatusFile,   FILENAME, "fallback-consensus"),
#else
287
  V(FallbackNetworkstatusFile,   FILENAME,
288
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
valerino's avatar
valerino committed
289
#endif
290
291
292
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
  V(FastFirstHopPK,              BOOL,     "1"),
293
  V(FetchDirInfoEarly,           BOOL,     "0"),
294
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
295
296
297
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
298
  V(FetchV2Networkstatus,        BOOL,     "0"),
299
#ifdef _WIN32
300
  V(GeoIPFile,                   FILENAME, "<default>"),
301
#else
302
303
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
304
#endif
305
  OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
306
  OBSOLETE("Group"),
307
  V(HardwareAccel,               BOOL,     "0"),
308
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
309
310
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
311
  V(HashedControlPassword,       LINELIST, NULL),
312
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
313
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
314
315
  OBSOLETE("HiddenServiceExcludeNodes"),
  OBSOLETE("HiddenServiceNodes"),
Nick Mathewson's avatar
Nick Mathewson committed
316
317
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
318
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
319
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
320
  V(HidServAuth,                 LINELIST, NULL),
321
  V(HSAuthoritativeDir,          BOOL,     "0"),
322
  OBSOLETE("HSAuthorityRecordStats"),
323
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
324
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
325
326
327
328
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
329
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
330
331
332
333
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
334
  OBSOLETE("IgnoreVersion"),
335
336
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
337
  V(LogMessageDomains,           BOOL,     "0"),
338
  OBSOLETE("LinkPadding"),
339
340
  OBSOLETE("LogLevel"),
  OBSOLETE("LogFile"),
341
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
342
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
343
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
344
345
346
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
347
  V(MaxClientCircuitsPending,    UINT,     "32"),
348
  V(MaxOnionsPending,            UINT,     "100"),
349
  OBSOLETE("MonthlyAccountingStart"),
350
351
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
352
  VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
353
  V(NATDListenAddress,           LINELIST, NULL),
354
  VPORT(NATDPort,                    LINELIST, NULL),
355
  V(Nickname,                    STRING,   NULL),
356
  V(WarnUnsafeSocks,              BOOL,     "1"),
Sebastian Hahn's avatar
Sebastian Hahn committed
357
  OBSOLETE("NoPublish"),
358
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
359
  V(NumCPUs,                     UINT,     "0"),
360
361
  V(NumEntryGuards,              UINT,     "3"),
  V(ORListenAddress,             LINELIST, NULL),
362
  VPORT(ORPort,                      LINELIST, NULL),
363
  V(OutboundBindAddress,         STRING,   NULL),
364
365
366
367
368
369
370

  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
  V(PathBiasDisableRate,         DOUBLE,   "-1"),
  V(PathBiasScaleThreshold,      INT,      "-1"),
  V(PathBiasScaleFactor,         INT,      "-1"),

371
  OBSOLETE("PathlenCoinWeight"),
372
373
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
374
  V(PidFile,                     STRING,   NULL),
375
  V(TestingTorNetwork,           BOOL,     "0"),
376
  V(OptimisticData,              AUTOBOOL, "auto"),
377
378
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
Roger Dingledine's avatar
Roger Dingledine committed
379
  V(PreferTunneledDirConns,      BOOL,     "1"),
380
  V(ProtocolWarnings,            BOOL,     "0"),
381
  V(PublishServerDescriptor,     CSV,      "1"),
382
383
384
385
386
387
388
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
389
  OBSOLETE("RedirectExit"),
390
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
391
  V(RejectPlaintextPorts,        CSV,      ""),
392
393
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
394
395
  OBSOLETE("RendExcludeNodes"),
  OBSOLETE("RendNodes"),
396
397
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
398
  OBSOLETE("RouterFile"),
399
  V(RunAsDaemon,                 BOOL,     "0"),
400
401
//  V(RunTesting,                  BOOL,     "0"),
  OBSOLETE("RunTesting"), // currently unused
402
  V(SafeLogging,                 STRING,   "1"),
403
  V(SafeSocks,                   BOOL,     "0"),
404
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
405
406
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
407
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
408
409
410
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
411
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
412
413
414
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
415
  VPORT(SocksPort,                   LINELIST, NULL),
416
  V(SocksTimeout,                INTERVAL, "2 minutes"),
417
  OBSOLETE("StatusFetchPeriod"),
418
  V(StrictNodes,                 BOOL,     "0"),
419
  OBSOLETE("SysLog"),
420
  V(TestSocks,                   BOOL,     "0"),
421
  OBSOLETE("TestVia"),
422
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
423
  V(Tor2webMode,                 BOOL,     "0"),
424
425
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
426
  OBSOLETE("TrafficShaping"),
427
  V(TransListenAddress,          LINELIST, NULL),
428
  VPORT(TransPort,                   LINELIST, NULL),
Roger Dingledine's avatar
Roger Dingledine committed
429
  V(TunnelDirConns,              BOOL,     "1"),
430
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
431
  V(UseBridges,                  BOOL,     "0"),
432
  V(UseEntryGuards,              BOOL,     "1"),
433
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
434
  V(User,                        STRING,   NULL),
435
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
436
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
437
  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
438
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
439
440
441
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
442
443
444
445
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
446
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
447
  V(V3BandwidthsFile,            FILENAME, NULL),
448
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
449
  V(VirtualAddrNetwork,          STRING,   "127.192.0.0/10"),
450
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
451
  V(_UseFilteringSSLBufferevents, BOOL,    "0"),
452
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
453
454
455
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
456
457
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
458
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
459
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
460
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
461
  V(_UsingTestNetworkDefaults,   BOOL,     "0"),
462

463
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
464
};
465

466
467
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
468
static const config_var_t testing_tor_network_defaults[] = {
469
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
470
471
472
473
474
475
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
476
  V(ClientRejectInternalAddresses, BOOL,   "0"),
477
  V(CountPrivateBandwidth,       BOOL,     "1"),
478
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
479
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
480
481
482
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
483
484
485
486
487
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
488
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
489
  V(_UsingTestNetworkDefaults,   BOOL,     "1"),
490

491
492
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
493
494
#undef VAR

495
496
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_state_t, member),  \
497
      initvalue }
498
499

/** Array of "state" variables saved to the ~/.tor/state file. */
500
static config_var_t _state_vars[] = {
501
502
  /* Remember to document these in state-contents.txt ! */

503
504
505
506
507
  V(AccountingBytesReadInInterval,    MEMUNIT,  NULL),
  V(AccountingBytesWrittenInInterval, MEMUNIT,  NULL),
  V(AccountingExpectedUsage,          MEMUNIT,  NULL),
  V(AccountingIntervalStart,          ISOTIME,  NULL),
  V(AccountingSecondsActive,          INTERVAL, NULL),
508
509
510
  V(AccountingSecondsToReachSoftLimit,INTERVAL, NULL),
  V(AccountingSoftLimitHitAt,         ISOTIME,  NULL),
  V(AccountingBytesAtSoftLimit,       MEMUNIT,  NULL),
Roger Dingledine's avatar
Roger Dingledine committed
511

512
513
514
  VAR("EntryGuard",              LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardDownSince",     LINELIST_S,  EntryGuards,             NULL),
  VAR("EntryGuardUnlistedSince", LINELIST_S,  EntryGuards,             NULL),
515
  VAR("EntryGuardAddedBy",       LINELIST_S,  EntryGuards,             NULL),
516
  VAR("EntryGuardPathBias",      LINELIST_S,  EntryGuards,             NULL),
517
  V(EntryGuards,                 LINELIST_V,  NULL),
Nick Mathewson's avatar
Nick Mathewson committed
518

519
520
521
  VAR("TransportProxy",               LINELIST_S, TransportProxies, NULL),
  V(TransportProxies,                 LINELIST_V, NULL),

522
523
524
  V(BWHistoryReadEnds,                ISOTIME,  NULL),
  V(BWHistoryReadInterval,            UINT,     "900"),
  V(BWHistoryReadValues,              CSV,      ""),
525
  V(BWHistoryReadMaxima,              CSV,      ""),
526
527
528
  V(BWHistoryWriteEnds,               ISOTIME,  NULL),
  V(BWHistoryWriteInterval,           UINT,     "900"),
  V(BWHistoryWriteValues,             CSV,      ""),
529
  V(BWHistoryWriteMaxima,             CSV,      ""),
530
531
532
  V(BWHistoryDirReadEnds,             ISOTIME,  NULL),
  V(BWHistoryDirReadInterval,         UINT,     "900"),
  V(BWHistoryDirReadValues,           CSV,      ""),
533
  V(BWHistoryDirReadMaxima,           CSV,      ""),
534
535
536
  V(BWHistoryDirWriteEnds,            ISOTIME,  NULL),
  V(BWHistoryDirWriteInterval,        UINT,     "900"),
  V(BWHistoryDirWriteValues,          CSV,      ""),
537
  V(BWHistoryDirWriteMaxima,          CSV,      ""),
538

539
  V(TorVersion,                       STRING,   NULL),
540

541
542
  V(LastRotatedOnionKey,              ISOTIME,  NULL),
  V(LastWritten,                      ISOTIME,  NULL),
543

544
  V(TotalBuildTimes,                  UINT,     NULL),
545
  V(CircuitBuildAbandonedCount,       UINT,     "0"),
546
547
  VAR("CircuitBuildTimeBin",          LINELIST_S, BuildtimeHistogram, NULL),
  VAR("BuildtimeHistogram",           LINELIST_V, BuildtimeHistogram, NULL),
548
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
549
550
};

551
#undef VAR
552
#undef V
553
554
#undef OBSOLETE

555
556
/** Represents an English description of a configuration variable; used when
 * generating configuration file comments. */
557
558
559
560
561
typedef struct config_var_description_t {
  const char *name;
  const char *description;
} config_var_description_t;

562
/** Type of a callback to validate whether a given configuration is
Roger Dingledine's avatar
Roger Dingledine committed
563
 * well-formed and consistent. See options_trial_assign() for documentation
564
 * of arguments. */
565
typedef int (*validate_fn_t)(void*,void*,int,char**);
566

567
568
569
/** Information on the keys, value types, key-to-struct-member mappings,
 * variable descriptions, validation functions, and abbreviations for a
 * configuration or storage format. */
570
typedef struct {
571
572
573
  size_t size; /**< Size of the struct that everything gets parsed into. */
  uint32_t magic; /**< Required 'magic value' to make sure we have a struct
                   * of the right type. */
Roger Dingledine's avatar
Roger Dingledine committed
574
  off_t magic_offset; /**< Offset of the magic value within the struct. */
575
  config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
Roger Dingledine's avatar
Roger Dingledine committed
576
                             * parsing this format. */
577
578
579
  config_var_t *vars; /**< List of variables we recognize, their default
                       * values, and where we stick them in the structure. */
  validate_fn_t validate_fn; /**< Function to validate config. */
Roger Dingledine's avatar
Roger Dingledine committed
580
581
582
  /** If present, extra is a LINELIST variable for unrecognized
   * lines.  Otherwise, unrecognized lines are an error. */
  config_var_t *extra;
583
584
} config_format_t;

585
586
/** Macro: assert that <b>cfg</b> has the right magic field for format
 * <b>fmt</b>. */
587
#define CHECK(fmt, cfg) STMT_BEGIN                                      \
588
    tor_assert(fmt && cfg);                                             \
589
    tor_assert((fmt)->magic ==                                          \
590
               *(uint32_t*)STRUCT_VAR_P(cfg,fmt->magic_offset));        \
591
  STMT_END
592

593
#ifdef _WIN32
594
595
static char *get_windows_conf_root(void);
#endif
596
static void config_line_append(config_line_t **lst,
597
                               const char *key, const char *val);
598
599
600
601
602
static void option_clear(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var);
static void option_reset(const config_format_t *fmt, or_options_t *options,
                         const config_var_t *var, int use_defaults);
static void config_free(const config_format_t *fmt, void *options);
603
static int config_lines_eq(config_line_t *a, config_line_t *b);
604
static int config_count_key(const config_line_t *a, const char *key);
605
606
static int option_is_same(const config_format_t *fmt,
                          const or_options_t *o1, const or_options_t *o2,
607
                          const char *name);
608
609
610
611
static or_options_t *options_dup(const config_format_t *fmt,
                                 const or_options_t *old);
static int options_validate(or_options_t *old_options,
                            or_options_t *options,
612
                            int from_setconf, char **msg);
613
614
615
616
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
617
                                      char **msg);
618
619
620
621
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
622
static int check_nickname_list(const char *lst, const char *name, char **msg);
623

624
static int parse_bridge_line(const char *line, int validate_only);
George Kadianakis's avatar
George Kadianakis committed
625
static int parse_client_transport_line(const char *line, int validate_only);
626
627

static int parse_server_transport_line(const char *line, int validate_only);
628
static int parse_dir_server_line(const char *line,
629
                                 dirinfo_type_t required_type,
630
                                 int validate_only);
631
static void port_cfg_free(port_cfg_t *port);
632
static int parse_ports(or_options_t *options, int validate_only,
633
                              char **msg_out, int *n_ports_out);
634
635
636
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

637
static int validate_data_directory(or_options_t *options);
638
639
640
641
642
643
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
static config_line_t *get_assigned_option(const config_format_t *fmt,
                                        const void *options, const char *key,
                                        int escape_val);
static void config_init(const config_format_t *fmt, void *options);
644
static int or_state_validate(or_state_t *old_options, or_state_t *options,
645
                             int from_setconf, char **msg);
646
647
static int or_state_load(void);
static int options_init_logs(or_options_t *options, int validate_only);
648

649
static uint64_t config_parse_memunit(const char *s, int *ok);
650
static int config_parse_msec_interval(const char *s, int *ok);
651
static int config_parse_interval(const char *s, int *ok);
652
static void init_libevent(const or_options_t *options);
653
static int opt_streq(const char *s1, const char *s2);
654

655
/** Magic value for or_options_t. */
656
657
#define OR_OPTIONS_MAGIC 9090909

658
/** Configuration format for or_options_t. */
659
static config_format_t options_format = {
660
661
662
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
  STRUCT_OFFSET(or_options_t, _magic),
663
664
665
  _option_abbrevs,
  _option_vars,
  (validate_fn_t)options_validate,
666
  NULL
667
668
};

669
/** Magic value for or_state_t. */
670
671
#define OR_STATE_MAGIC 0x57A73f57

672
673
/** "Extra" variable in the state that receives lines we can't parse. This
 * lets us preserve options from versions of Tor newer than us. */
674
675
676
677
static config_var_t state_extra_var = {
  "__extra", CONFIG_TYPE_LINELIST, STRUCT_OFFSET(or_state_t, ExtraLines), NULL
};

678
/** Configuration format for or_state_t. */
679
static const config_format_t state_format = {
680
681
682
  sizeof(or_state_t),
  OR_STATE_MAGIC,
  STRUCT_OFFSET(or_state_t, _magic),
683
  _state_abbrevs,
684
685
  _state_vars,
  (validate_fn_t)or_state_validate,
686
  &state_extra_var,
687
688
};

689
690
691
692
693
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
694
static or_options_t *global_options = NULL;
695
696
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
697
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
698
/** Name of most recently read torrc file. */
699
static char *torrc_fname = NULL;
700
/** Name of the most recently read torrc-defaults file.*/
701
static char *torrc_defaults_fname;
702
/** Persistent serialized state. */
703
static or_state_t *global_state = NULL;
704
705
/** Configuration Options set by command line. */
static config_line_t *global_cmdline_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
706
/** Contents of most recently read DirPortFrontPage file. */
707
static char *global_dirfrontpagecontents = NULL;
708
709
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
710
711
712
713
714
715
716

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
717

718
/** Allocate an empty configuration object of a given format type. */
719
static void *
720
config_alloc(const config_format_t *fmt)
721
{
722
  void *opts = tor_malloc_zero(fmt->size);
723
  *(uint32_t*)STRUCT_VAR_P(opts, fmt->magic_offset) = fmt->magic;
724
725
726
727
  CHECK(fmt, opts);
  return opts;
}

728
729
/** Return the currently configured options. */
or_options_t *
730
get_options_mutable(void)
Nick Mathewson's avatar