config.c 242 KB
Newer Older
1
/* Copyright (c) 2001 Matej Pfajfar.
Roger Dingledine's avatar
Roger Dingledine committed
2
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4
 * Copyright (c) 2007-2015, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
6

Nick Mathewson's avatar
Nick Mathewson committed
7
/**
8
9
 * \file config.c
 * \brief Code to parse and interpret configuration files.
Nick Mathewson's avatar
Nick Mathewson committed
10
11
 **/

12
#define CONFIG_PRIVATE
Roger Dingledine's avatar
Roger Dingledine committed
13
#include "or.h"
14
#include "compat.h"
15
#include "addressmap.h"
16
#include "channel.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
17
#include "circuitbuild.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
18
#include "circuitlist.h"
19
20
#include "circuitmux.h"
#include "circuitmux_ewma.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
21
#include "config.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
22
#include "connection.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
23
#include "connection_edge.h"
24
#include "connection_or.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
25
#include "control.h"
26
#include "confparse.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
27
#include "cpuworker.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
28
#include "dirserv.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
29
#include "dirvote.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
30
#include "dns.h"
31
#include "entrynodes.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
32
#include "geoip.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
33
#include "hibernate.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
34
#include "main.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
35
#include "networkstatus.h"
36
#include "nodelist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
37
#include "policies.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
38
#include "relay.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
39
#include "rendclient.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
40
#include "rendservice.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
41
#include "rephist.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
42
#include "router.h"
43
#include "sandbox.h"
44
#include "util.h"
Sebastian Hahn's avatar
Sebastian Hahn committed
45
#include "routerlist.h"
46
#include "routerset.h"
47
#include "scheduler.h"
48
#include "statefile.h"
49
#include "transports.h"
50
#include "ext_orport.h"
51
#include "torgzip.h"
52
#ifdef _WIN32
53
54
#include <shlobj.h>
#endif
Roger Dingledine's avatar
Roger Dingledine committed
55

56
57
58
59
60
#include "procmon.h"

/* From main.c */
extern int quiet_level;

61
62
/** A list of abbreviations and aliases to map command-line options, obsolete
 * option names, or alternative option names, to their current values. */
63
static config_abbrev_t option_abbrevs_[] = {
64
65
66
67
  PLURAL(AuthDirBadDirCC),
  PLURAL(AuthDirBadExitCC),
  PLURAL(AuthDirInvalidCC),
  PLURAL(AuthDirRejectCC),
68
  PLURAL(EntryNode),
69
70
  PLURAL(ExcludeNode),
  PLURAL(FirewallPort),
71
  PLURAL(LongLivedPort),
72
73
  PLURAL(HiddenServiceNode),
  PLURAL(HiddenServiceExcludeNode),
74
  PLURAL(NumCPU),
75
76
  PLURAL(RendNode),
  PLURAL(RendExcludeNode),
77
78
  PLURAL(StrictEntryNode),
  PLURAL(StrictExitNode),
79
  PLURAL(StrictNode),
80
  { "l", "Log", 1, 0},
81
  { "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
82
83
  { "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
  { "AutomapHostOnResolve", "AutomapHostsOnResolve", 0, 0},
84
85
86
  { "BandwidthRateBytes", "BandwidthRate", 0, 0},
  { "BandwidthBurstBytes", "BandwidthBurst", 0, 0},
  { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
87
  { "DirServer", "DirAuthority", 0, 0}, /* XXXX024 later, make this warn? */
88
  { "MaxConn", "ConnLimit", 0, 1},
89
  { "MaxMemInCellQueues", "MaxMemInQueues", 0, 0},
90
91
92
  { "ORBindAddress", "ORListenAddress", 0, 0},
  { "DirBindAddress", "DirListenAddress", 0, 0},
  { "SocksBindAddress", "SocksListenAddress", 0, 0},
93
94
95
96
  { "UseHelperNodes", "UseEntryGuards", 0, 0},
  { "NumHelperNodes", "NumEntryGuards", 0, 0},
  { "UseEntryNodes", "UseEntryGuards", 0, 0},
  { "NumEntryNodes", "NumEntryGuards", 0, 0},
97
98
  { "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
  { "SearchDomains", "ServerDNSSearchDomains", 0, 1},
99
  { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
100
  { "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
101
  { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
102
  { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
103
  { "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0},
104
  { "_UseFilteringSSLBufferevents", "UseFilteringSSLBufferevents", 0, 1},
105
106
  { NULL, NULL, 0, 0},
};
107

Nick Mathewson's avatar
Nick Mathewson committed
108
109
110
111
/** An entry for config_vars: "The option <b>name</b> has type
 * CONFIG_TYPE_<b>conftype</b>, and corresponds to
 * or_options_t.<b>member</b>"
 */
112
113
#define VAR(name,conftype,member,initvalue)                             \
  { name, CONFIG_TYPE_ ## conftype, STRUCT_OFFSET(or_options_t, member), \
114
      initvalue }
115
116
117
/** As VAR, but the option name and member name are the same. */
#define V(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member, initvalue)
Nick Mathewson's avatar
Nick Mathewson committed
118
/** An entry for config_vars: "The option <b>name</b> is obsolete." */
119
#define OBSOLETE(name) { name, CONFIG_TYPE_OBSOLETE, 0, NULL }
120

121
122
123
#define VPORT(member,conftype,initvalue)                                    \
  VAR(#member, conftype, member ## _lines, initvalue)

Nick Mathewson's avatar
Nick Mathewson committed
124
125
126
127
/** Array of configuration options.  Until we disallow nonstandard
 * abbreviations, order is significant, since the first matching option will
 * be chosen first.
 */
128
static config_var_t option_vars_[] = {
129
  V(AccountingMax,               MEMUNIT,  "0 bytes"),
130
  VAR("AccountingRule",          STRING,   AccountingRule_option,  "max"),
131
132
  V(AccountingStart,             STRING,   NULL),
  V(Address,                     STRING,   NULL),
133
  V(AllowDotExit,                BOOL,     "0"),
134
135
  V(AllowInvalidNodes,           CSV,      "middle,rendezvous"),
  V(AllowNonRFC953Hostnames,     BOOL,     "0"),
136
137
  V(AllowSingleHopCircuits,      BOOL,     "0"),
  V(AllowSingleHopExits,         BOOL,     "0"),
138
139
  V(AlternateBridgeAuthority,    LINELIST, NULL),
  V(AlternateDirAuthority,       LINELIST, NULL),
140
  OBSOLETE("AlternateHSAuthority"),
141
  V(AssumeReachable,             BOOL,     "0"),
142
143
  OBSOLETE("AuthDirBadDir"),
  OBSOLETE("AuthDirBadDirCCs"),
144
  V(AuthDirBadExit,              LINELIST, NULL),
145
  V(AuthDirBadExitCCs,           CSV,      ""),
146
  V(AuthDirInvalid,              LINELIST, NULL),
147
  V(AuthDirInvalidCCs,           CSV,      ""),
148
  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
149
  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "2 MB"),
150
  V(AuthDirReject,               LINELIST, NULL),
151
  V(AuthDirRejectCCs,            CSV,      ""),
152
  OBSOLETE("AuthDirRejectUnlisted"),
153
  OBSOLETE("AuthDirListBadDirs"),
154
  V(AuthDirListBadExits,         BOOL,     "0"),
155
156
  V(AuthDirMaxServersPerAddr,    UINT,     "2"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
157
  V(AuthDirHasIPv6Connectivity,  BOOL,     "0"),
158
159
160
161
  VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
  V(AutomapHostsOnResolve,       BOOL,     "0"),
  V(AutomapHostsSuffixes,        CSV,      ".onion,.exit"),
  V(AvoidDiskWrites,             BOOL,     "0"),
162
163
  V(BandwidthBurst,              MEMUNIT,  "1 GB"),
  V(BandwidthRate,               MEMUNIT,  "1 GB"),
164
165
  V(BridgeAuthoritativeDir,      BOOL,     "0"),
  VAR("Bridge",                  LINELIST, Bridges,    NULL),
166
  V(BridgePassword,              STRING,   NULL),
167
  V(BridgeRecordUsageByCountry,  BOOL,     "1"),
168
  V(BridgeRelay,                 BOOL,     "0"),
169
  V(CellStatistics,              BOOL,     "0"),
170
  V(LearnCircuitBuildTimeout,    BOOL,     "1"),
171
  V(CircuitBuildTimeout,         INTERVAL, "0"),
172
  V(CircuitIdleTimeout,          INTERVAL, "1 hour"),
173
  V(CircuitStreamTimeout,        INTERVAL, "0"),
174
  V(CircuitPriorityHalflife,     DOUBLE,  "-100.0"), /*negative:'Use default'*/
175
176
  V(ClientDNSRejectInternalAddresses, BOOL,"1"),
  V(ClientOnly,                  BOOL,     "0"),
177
  V(ClientPreferIPv6ORPort,      BOOL,     "0"),
178
  V(ClientRejectInternalAddresses, BOOL,   "1"),
179
  V(ClientTransportPlugin,       LINELIST, NULL),
180
  V(ClientUseIPv6,               BOOL,     "0"),
181
  V(ConsensusParams,             STRING,   NULL),
182
  V(ConnLimit,                   UINT,     "1000"),
183
  V(ConnDirectionStatistics,     BOOL,     "0"),
184
185
186
187
  V(ConstrainedSockets,          BOOL,     "0"),
  V(ConstrainedSockSize,         MEMUNIT,  "8192"),
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
188
  VPORT(ControlPort,                 LINELIST, NULL),
189
  V(ControlPortFileGroupReadable,BOOL,     "0"),
190
  V(ControlPortWriteToFile,      FILENAME, NULL),
191
  V(ControlSocket,               LINELIST, NULL),
192
  V(ControlSocketsGroupWritable, BOOL,     "0"),
193
194
195
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
196
  V(CountPrivateBandwidth,       BOOL,     "0"),
197
  V(DataDirectory,               FILENAME, NULL),
198
  V(DisableNetwork,              BOOL,     "0"),
199
  V(DirAllowPrivateAddresses,    BOOL,     "0"),
200
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
201
202
  V(DirListenAddress,            LINELIST, NULL),
  V(DirPolicy,                   LINELIST, NULL),
203
  VPORT(DirPort,                     LINELIST, NULL),
204
  V(DirPortFrontPage,            FILENAME, NULL),
205
  VAR("DirReqStatistics",        BOOL,     DirReqStatistics_option, "1"),
206
  VAR("DirAuthority",            LINELIST, DirAuthorities, NULL),
207
  V(DirAuthorityFallbackRate,    DOUBLE,   "1.0"),
208
  V(DisableAllSwap,              BOOL,     "0"),
209
  V(DisableDebuggerAttachment,   BOOL,     "1"),
210
  V(DisableIOCP,                 BOOL,     "1"),
211
  OBSOLETE("DisableV2DirectoryInfo_"),
212
  V(DynamicDHGroups,             BOOL,     "0"),
213
  VPORT(DNSPort,                     LINELIST, NULL),
214
215
  V(DNSListenAddress,            LINELIST, NULL),
  V(DownloadExtraInfo,           BOOL,     "0"),
216
  V(TestingEnableConnBwEvent,    BOOL,     "0"),
217
  V(TestingEnableCellStatsEvent, BOOL,     "0"),
218
  V(TestingEnableTbEmptyEvent,   BOOL,     "0"),
219
  V(EnforceDistinctSubnets,      BOOL,     "1"),
220
  V(EntryNodes,                  ROUTERSET,   NULL),
221
  V(EntryStatistics,             BOOL,     "0"),
222
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
223
224
  V(ExcludeNodes,                ROUTERSET, NULL),
  V(ExcludeExitNodes,            ROUTERSET, NULL),
225
  V(ExcludeSingleHopRelays,      BOOL,     "1"),
226
  V(ExitNodes,                   ROUTERSET, NULL),
227
228
  V(ExitPolicy,                  LINELIST, NULL),
  V(ExitPolicyRejectPrivate,     BOOL,     "1"),
229
  V(ExitPortStatistics,          BOOL,     "0"),
230
  V(ExtendAllowPrivateAddresses, BOOL,     "0"),
231
  V(ExitRelay,                   AUTOBOOL, "auto"),
232
  VPORT(ExtORPort,               LINELIST, NULL),
233
  V(ExtORPortCookieAuthFile,     STRING,   NULL),
234
  V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
235
  V(ExtraInfoStatistics,         BOOL,     "1"),
236
  V(FallbackDir,                 LINELIST, NULL),
237

238
  OBSOLETE("FallbackNetworkstatusFile"),
239
240
  V(FascistFirewall,             BOOL,     "0"),
  V(FirewallPorts,               CSV,      ""),
241
  V(FastFirstHopPK,              AUTOBOOL, "auto"),
242
  V(FetchDirInfoEarly,           BOOL,     "0"),
243
  V(FetchDirInfoExtraEarly,      BOOL,     "0"),
244
245
246
  V(FetchServerDescriptors,      BOOL,     "1"),
  V(FetchHidServDescriptors,     BOOL,     "1"),
  V(FetchUselessDescriptors,     BOOL,     "0"),
247
  OBSOLETE("FetchV2Networkstatus"),
248
  V(GeoIPExcludeUnknown,         AUTOBOOL, "auto"),
249
#ifdef _WIN32
250
  V(GeoIPFile,                   FILENAME, "<default>"),
nils's avatar
nils committed
251
  V(GeoIPv6File,                 FILENAME, "<default>"),
252
#else
253
254
  V(GeoIPFile,                   FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
nils's avatar
nils committed
255
256
  V(GeoIPv6File,                 FILENAME,
    SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip6"),
257
#endif
258
  OBSOLETE("Group"),
259
  V(GuardLifetime,               INTERVAL, "0 minutes"),
260
  V(HardwareAccel,               BOOL,     "0"),
261
  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
262
263
  V(AccelName,                   STRING,   NULL),
  V(AccelDir,                    FILENAME, NULL),
264
  V(HashedControlPassword,       LINELIST, NULL),
265
  V(HidServDirectoryV2,          BOOL,     "1"),
Nick Mathewson's avatar
Nick Mathewson committed
266
  VAR("HiddenServiceDir",    LINELIST_S, RendConfigLines,    NULL),
267
  VAR("HiddenServiceDirGroupReadable",  LINELIST_S, RendConfigLines, NULL),
Nick Mathewson's avatar
Nick Mathewson committed
268
269
  VAR("HiddenServiceOptions",LINELIST_V, RendConfigLines,    NULL),
  VAR("HiddenServicePort",   LINELIST_S, RendConfigLines,    NULL),
270
  VAR("HiddenServiceVersion",LINELIST_S, RendConfigLines,    NULL),
271
  VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
272
  V(HiddenServiceStatistics,     BOOL,     "0"),
273
  V(HidServAuth,                 LINELIST, NULL),
274
  V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
275
  V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
276
277
278
279
  V(HTTPProxy,                   STRING,   NULL),
  V(HTTPProxyAuthenticator,      STRING,   NULL),
  V(HTTPSProxy,                  STRING,   NULL),
  V(HTTPSProxyAuthenticator,     STRING,   NULL),
280
  V(IPv6Exit,                    BOOL,     "0"),
281
  VAR("ServerTransportPlugin",   LINELIST, ServerTransportPlugin,  NULL),
282
  V(ServerTransportListenAddr,   LINELIST, NULL),
283
  V(ServerTransportOptions,      LINELIST, NULL),
284
285
286
287
  V(Socks4Proxy,                 STRING,   NULL),
  V(Socks5Proxy,                 STRING,   NULL),
  V(Socks5ProxyUsername,         STRING,   NULL),
  V(Socks5ProxyPassword,         STRING,   NULL),
288
289
  V(KeepalivePeriod,             INTERVAL, "5 minutes"),
  VAR("Log",                     LINELIST, Logs,             NULL),
290
  V(LogMessageDomains,           BOOL,     "0"),
291
  V(LogTimeGranularity,          MSEC_INTERVAL, "1 second"),
Arlo Breault's avatar
Arlo Breault committed
292
  V(TruncateLogFile,             BOOL,     "0"),
293
  V(LongLivedPorts,              CSV,
Nick Mathewson's avatar
Nick Mathewson committed
294
        "21,22,706,1863,5050,5190,5222,5223,6523,6667,6697,8300"),
295
296
297
  VAR("MapAddress",              LINELIST, AddressMap,           NULL),
  V(MaxAdvertisedBandwidth,      MEMUNIT,  "1 GB"),
  V(MaxCircuitDirtiness,         INTERVAL, "10 minutes"),
298
  V(MaxClientCircuitsPending,    UINT,     "32"),
299
  VAR("MaxMemInQueues",          MEMUNIT,   MaxMemInQueues_raw, "0"),
300
301
  OBSOLETE("MaxOnionsPending"),
  V(MaxOnionQueueDelay,          MSEC_INTERVAL, "1750 msec"),
302
  V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"),
303
304
  V(MyFamily,                    STRING,   NULL),
  V(NewCircuitPeriod,            INTERVAL, "30 seconds"),
305
  OBSOLETE("NamingAuthoritativeDirectory"),
306
  V(NATDListenAddress,           LINELIST, NULL),
307
  VPORT(NATDPort,                    LINELIST, NULL),
308
  V(Nickname,                    STRING,   NULL),
309
  V(PredictedPortsRelevanceTime,  INTERVAL, "1 hour"),
310
  V(WarnUnsafeSocks,              BOOL,     "1"),
311
  VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
312
  V(NumCPUs,                     UINT,     "0"),
313
  V(NumDirectoryGuards,          UINT,     "0"),
314
  V(NumEntryGuards,              UINT,     "0"),
315
  V(ORListenAddress,             LINELIST, NULL),
316
  VPORT(ORPort,                      LINELIST, NULL),
317
  V(OutboundBindAddress,         LINELIST,   NULL),
318

319
  OBSOLETE("PathBiasDisableRate"),
320
321
  V(PathBiasCircThreshold,       INT,      "-1"),
  V(PathBiasNoticeRate,          DOUBLE,   "-1"),
322
  V(PathBiasWarnRate,            DOUBLE,   "-1"),
323
  V(PathBiasExtremeRate,         DOUBLE,   "-1"),
324
  V(PathBiasScaleThreshold,      INT,      "-1"),
325
326
  OBSOLETE("PathBiasScaleFactor"),
  OBSOLETE("PathBiasMultFactor"),
327
  V(PathBiasDropGuards,          AUTOBOOL, "0"),
328
329
330
331
332
333
  OBSOLETE("PathBiasUseCloseCounts"),

  V(PathBiasUseThreshold,       INT,      "-1"),
  V(PathBiasNoticeUseRate,          DOUBLE,   "-1"),
  V(PathBiasExtremeUseRate,         DOUBLE,   "-1"),
  V(PathBiasScaleUseThreshold,      INT,      "-1"),
334

335
  V(PathsNeededToBuildCircuits,  DOUBLE,   "-1"),
336
337
  V(PerConnBWBurst,              MEMUNIT,  "0"),
  V(PerConnBWRate,               MEMUNIT,  "0"),
338
  V(PidFile,                     STRING,   NULL),
339
  V(TestingTorNetwork,           BOOL,     "0"),
340
  V(TestingMinExitFlagThreshold, MEMUNIT,  "0"),
341
  V(TestingMinFastFlagThreshold, MEMUNIT,  "0"),
342
  V(OptimisticData,              AUTOBOOL, "auto"),
343
344
  V(PortForwarding,              BOOL,     "0"),
  V(PortForwardingHelper,        FILENAME, "tor-fw-helper"),
345
  OBSOLETE("PreferTunneledDirConns"),
346
  V(ProtocolWarnings,            BOOL,     "0"),
347
  V(PublishServerDescriptor,     CSV,      "1"),
348
349
350
351
352
353
354
  V(PublishHidServDescriptors,   BOOL,     "1"),
  V(ReachableAddresses,          LINELIST, NULL),
  V(ReachableDirAddresses,       LINELIST, NULL),
  V(ReachableORAddresses,        LINELIST, NULL),
  V(RecommendedVersions,         LINELIST, NULL),
  V(RecommendedClientVersions,   LINELIST, NULL),
  V(RecommendedServerVersions,   LINELIST, NULL),
355
  V(RefuseUnknownExits,          AUTOBOOL, "auto"),
356
  V(RejectPlaintextPorts,        CSV,      ""),
357
358
359
360
361
  V(RelayBandwidthBurst,         MEMUNIT,  "0"),
  V(RelayBandwidthRate,          MEMUNIT,  "0"),
  V(RendPostPeriod,              INTERVAL, "1 hour"),
  V(RephistTrackTime,            INTERVAL, "24 hours"),
  V(RunAsDaemon,                 BOOL,     "0"),
362
  OBSOLETE("RunTesting"), // currently unused
363
  V(Sandbox,                     BOOL,     "0"),
364
  V(SafeLogging,                 STRING,   "1"),
365
  V(SafeSocks,                   BOOL,     "0"),
366
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
367
368
  V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
  V(ServerDNSDetectHijacking,    BOOL,     "1"),
369
  V(ServerDNSRandomizeCase,      BOOL,     "1"),
370
371
372
  V(ServerDNSResolvConfFile,     STRING,   NULL),
  V(ServerDNSSearchDomains,      BOOL,     "0"),
  V(ServerDNSTestAddresses,      CSV,
373
      "www.google.com,www.mit.edu,www.yahoo.com,www.slashdot.org"),
374
375
376
  V(SchedulerLowWaterMark__,     MEMUNIT,  "100 MB"),
  V(SchedulerHighWaterMark__,    MEMUNIT,  "101 MB"),
  V(SchedulerMaxFlushCells__,    UINT,     "1000"),
377
378
379
  V(ShutdownWaitLength,          INTERVAL, "30 seconds"),
  V(SocksListenAddress,          LINELIST, NULL),
  V(SocksPolicy,                 LINELIST, NULL),
380
  VPORT(SocksPort,                   LINELIST, NULL),
381
  V(SocksTimeout,                INTERVAL, "2 minutes"),
382
  V(SSLKeyLifetime,              INTERVAL, "0"),
383
384
  OBSOLETE("StrictEntryNodes"),
  OBSOLETE("StrictExitNodes"),
385
  V(StrictNodes,                 BOOL,     "0"),
386
  OBSOLETE("Support022HiddenServices"),
387
  V(TestSocks,                   BOOL,     "0"),
388
  V(TokenBucketRefillInterval,   MSEC_INTERVAL, "100 msec"),
389
  V(Tor2webMode,                 BOOL,     "0"),
390
  V(TLSECGroup,                  STRING,   NULL),
391
392
393
  V(TrackHostExits,              CSV,      NULL),
  V(TrackHostExitsExpire,        INTERVAL, "30 minutes"),
  V(TransListenAddress,          LINELIST, NULL),
394
  VPORT(TransPort,                   LINELIST, NULL),
395
  V(TransProxyType,              STRING,   "default"),
396
  OBSOLETE("TunnelDirConns"),
397
  V(UpdateBridgesFromAuthority,  BOOL,     "0"),
398
  V(UseBridges,                  BOOL,     "0"),
399
  V(UseEntryGuards,              BOOL,     "1"),
400
  V(UseEntryGuardsAsDirGuards,   BOOL,     "1"),
401
  V(UseMicrodescriptors,         AUTOBOOL, "auto"),
402
  V(UseNTorHandshake,            AUTOBOOL, "1"),
403
  V(User,                        STRING,   NULL),
404
  V(UserspaceIOCPBuffers,        BOOL,     "0"),
405
  OBSOLETE("V1AuthoritativeDirectory"),
406
  OBSOLETE("V2AuthoritativeDirectory"),
407
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
408
409
410
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "30 minutes"),
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "5 minutes"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "5 minutes"),
411
  V(TestingV3AuthVotingStartOffset, INTERVAL, "0"),
412
413
414
415
  V(V3AuthVotingInterval,        INTERVAL, "1 hour"),
  V(V3AuthVoteDelay,             INTERVAL, "5 minutes"),
  V(V3AuthDistDelay,             INTERVAL, "5 minutes"),
  V(V3AuthNIntervalsValid,       UINT,     "3"),
416
  V(V3AuthUseLegacyKey,          BOOL,     "0"),
417
  V(V3BandwidthsFile,            FILENAME, NULL),
418
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
419
420
  V(VirtualAddrNetworkIPv4,      STRING,   "127.192.0.0/10"),
  V(VirtualAddrNetworkIPv6,      STRING,   "[FE80::]/10"),
421
  V(WarnPlaintextPorts,          CSV,      "23,109,110,143"),
422
  V(UseFilteringSSLBufferevents, BOOL,    "0"),
423
  VAR("__ReloadTorrcOnSIGHUP",   BOOL,  ReloadTorrcOnSIGHUP,      "1"),
424
425
426
  VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
  VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
  VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
427
428
  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
      NULL),
429
  VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
430
  V(MinUptimeHidServDirectoryV2, INTERVAL, "25 hours"),
431
  V(VoteOnHidServDirectoriesV2,  BOOL,     "1"),
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
  V(TestingServerDownloadSchedule, CSV_INTERVAL, "0, 0, 0, 60, 60, 120, "
                                 "300, 900, 2147483647"),
  V(TestingClientDownloadSchedule, CSV_INTERVAL, "0, 0, 60, 300, 600, "
                                 "2147483647"),
  V(TestingServerConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
                                 "300, 600, 1800, 1800, 1800, 1800, "
                                 "1800, 3600, 7200"),
  V(TestingClientConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 60, "
                                 "300, 600, 1800, 3600, 3600, 3600, "
                                 "10800, 21600, 43200"),
  V(TestingBridgeDownloadSchedule, CSV_INTERVAL, "3600, 900, 900, 3600"),
  V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "10 minutes"),
  V(TestingDirConnectionMaxStall, INTERVAL, "5 minutes"),
  V(TestingConsensusMaxDownloadTries, UINT, "8"),
  V(TestingDescriptorMaxDownloadTries, UINT, "8"),
  V(TestingMicrodescMaxDownloadTries, UINT, "8"),
  V(TestingCertMaxDownloadTries, UINT, "8"),
449
  V(TestingDirAuthVoteExit, ROUTERSET, NULL),
450
  V(TestingDirAuthVoteGuard, ROUTERSET, NULL),
451
  VAR("___UsingTestNetworkDefaults", BOOL, UsingTestNetworkDefaults_, "0"),
452

453
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
454
};
455

456
457
/** Override default values with these if the user sets the TestingTorNetwork
 * option. */
458
static const config_var_t testing_tor_network_defaults[] = {
459
  V(ServerDNSAllowBrokenConfig,  BOOL,     "1"),
460
461
462
463
464
465
  V(DirAllowPrivateAddresses,    BOOL,     "1"),
  V(EnforceDistinctSubnets,      BOOL,     "0"),
  V(AssumeReachable,             BOOL,     "1"),
  V(AuthDirMaxServersPerAddr,    UINT,     "0"),
  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
  V(ClientDNSRejectInternalAddresses, BOOL,"0"),
466
  V(ClientRejectInternalAddresses, BOOL,   "0"),
467
  V(CountPrivateBandwidth,       BOOL,     "1"),
468
  V(ExitPolicyRejectPrivate,     BOOL,     "0"),
469
  V(ExtendAllowPrivateAddresses, BOOL,     "1"),
470
471
472
  V(V3AuthVotingInterval,        INTERVAL, "5 minutes"),
  V(V3AuthVoteDelay,             INTERVAL, "20 seconds"),
  V(V3AuthDistDelay,             INTERVAL, "20 seconds"),
473
  V(TestingV3AuthInitialVotingInterval, INTERVAL, "150 seconds"),
474
475
  V(TestingV3AuthInitialVoteDelay, INTERVAL, "20 seconds"),
  V(TestingV3AuthInitialDistDelay, INTERVAL, "20 seconds"),
476
  V(TestingV3AuthVotingStartOffset, INTERVAL, "0"),
477
478
  V(TestingAuthDirTimeToLearnReachability, INTERVAL, "0 minutes"),
  V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "0 minutes"),
479
  V(MinUptimeHidServDirectoryV2, INTERVAL, "0 minutes"),
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
  V(TestingServerDownloadSchedule, CSV_INTERVAL, "0, 0, 0, 5, 10, 15, "
                                 "20, 30, 60"),
  V(TestingClientDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, 15, 20, "
                                 "30, 60"),
  V(TestingServerConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, "
                                 "15, 20, 30, 60"),
  V(TestingClientConsensusDownloadSchedule, CSV_INTERVAL, "0, 0, 5, 10, "
                                 "15, 20, 30, 60"),
  V(TestingBridgeDownloadSchedule, CSV_INTERVAL, "60, 30, 30, 60"),
  V(TestingClientMaxIntervalWithoutRequest, INTERVAL, "5 seconds"),
  V(TestingDirConnectionMaxStall, INTERVAL, "30 seconds"),
  V(TestingConsensusMaxDownloadTries, UINT, "80"),
  V(TestingDescriptorMaxDownloadTries, UINT, "80"),
  V(TestingMicrodescMaxDownloadTries, UINT, "80"),
  V(TestingCertMaxDownloadTries, UINT, "80"),
495
  V(TestingEnableConnBwEvent,    BOOL,     "1"),
496
  V(TestingEnableCellStatsEvent, BOOL,     "1"),
497
  V(TestingEnableTbEmptyEvent,   BOOL,     "1"),
498
  VAR("___UsingTestNetworkDefaults", BOOL, UsingTestNetworkDefaults_, "1"),
499
  V(RendPostPeriod,              INTERVAL, "2 minutes"),
500

501
502
  { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
503

504
#undef VAR
505
#undef V
506
507
#undef OBSOLETE

508
#ifdef _WIN32
509
510
static char *get_windows_conf_root(void);
#endif
511
512
513
514
static int options_act_reversible(const or_options_t *old_options, char **msg);
static int options_act(const or_options_t *old_options);
static int options_transition_allowed(const or_options_t *old,
                                      const or_options_t *new,
515
                                      char **msg);
516
517
518
519
static int options_transition_affects_workers(
      const or_options_t *old_options, const or_options_t *new_options);
static int options_transition_affects_descriptor(
      const or_options_t *old_options, const or_options_t *new_options);
520
static int check_nickname_list(char **lst, const char *name, char **msg);
521
522
static char *get_bindaddr_from_transport_listen_line(const char *line,
                                                     const char *transport);
523
static int parse_dir_authority_line(const char *line,
524
                                 dirinfo_type_t required_type,
525
                                 int validate_only);
526
527
static int parse_dir_fallback_line(const char *line,
                                   int validate_only);
528
static void port_cfg_free(port_cfg_t *port);
529
static int parse_ports(or_options_t *options, int validate_only,
530
                              char **msg_out, int *n_ports_out);
531
532
533
static int check_server_ports(const smartlist_t *ports,
                              const or_options_t *options);

534
static int validate_data_directory(or_options_t *options);
535
536
static int write_configuration_file(const char *fname,
                                    const or_options_t *options);
Arlo Breault's avatar
Arlo Breault committed
537
538
static int options_init_logs(const or_options_t *old_options,
                             or_options_t *options, int validate_only);
539

540
static void init_libevent(const or_options_t *options);
541
static int opt_streq(const char *s1, const char *s2);
542
543
static int parse_outbound_addresses(or_options_t *options, int validate_only,
                                    char **msg);
Linus Nordberg's avatar
Linus Nordberg committed
544
545
static void config_maybe_load_geoip_files_(const or_options_t *options,
                                           const or_options_t *old_options);
546
547
548
static int options_validate_cb(void *old_options, void *options,
                               void *default_options,
                               int from_setconf, char **msg);
549
550
static uint64_t compute_real_max_mem_in_queues(const uint64_t val,
                                               int log_guess);
551

552
/** Magic value for or_options_t. */
553
554
#define OR_OPTIONS_MAGIC 9090909

555
/** Configuration format for or_options_t. */
556
STATIC config_format_t options_format = {
557
558
  sizeof(or_options_t),
  OR_OPTIONS_MAGIC,
559
560
561
  STRUCT_OFFSET(or_options_t, magic_),
  option_abbrevs_,
  option_vars_,
562
  options_validate_cb,
563
  NULL
564
565
};

566
567
568
569
570
/*
 * Functions to read and write the global options pointer.
 */

/** Command-line and config-file options. */
571
static or_options_t *global_options = NULL;
572
573
/** The fallback options_t object; this is where we look for options not
 * in torrc before we fall back to Tor's defaults. */
574
static or_options_t *global_default_options = NULL;
Roger Dingledine's avatar
Roger Dingledine committed
575
/** Name of most recently read torrc file. */
576
static char *torrc_fname = NULL;
577
/** Name of the most recently read torrc-defaults file.*/
578
static char *torrc_defaults_fname;
579
/** Configuration options set by command line. */
580
static config_line_t *global_cmdline_options = NULL;
581
582
583
584
/** Non-configuration options set by the command line */
static config_line_t *global_cmdline_only_options = NULL;
/** Boolean: Have we parsed the command line? */
static int have_parsed_cmdline = 0;
Roger Dingledine's avatar
Roger Dingledine committed
585
/** Contents of most recently read DirPortFrontPage file. */
586
static char *global_dirfrontpagecontents = NULL;
587
588
/** List of port_cfg_t for all configured ports. */
static smartlist_t *configured_ports = NULL;
589
590
591
592
593
594
595

/** Return the contents of our frontpage string, or NULL if not configured. */
const char *
get_dirportfrontpage(void)
{
  return global_dirfrontpagecontents;
}
596

597
598
/** Return the currently configured options. */
or_options_t *
599
get_options_mutable(void)
600
{
601
602
603
  tor_assert(global_options);
  return global_options;
}
604

605
/** Returns the currently configured options */
606
607
MOCK_IMPL(const or_options_t *,
get_options,(void))
608
609
610
611
{
  return get_options_mutable();
}

612
613
/** Change the current global options to contain <b>new_val</b> instead of
 * their current value; take action based on the new value; free the old value
614
 * as necessary.  Returns 0 on success, -1 on failure.
615
 */
616
int
617
set_options(or_options_t *new_val, char **msg)
618
{
619
620
621
  int i;
  smartlist_t *elements;
  config_line_t *line;
622
  or_options_t *old_options = global_options;
623
  global_options = new_val;
624
625
  /* Note that we pass the *old* options below, for comparison. It
   * pulls the new options directly out of global_options. */
626
627
  if (options_act_reversible(old_options, msg)<0) {
    tor_assert(*msg);
628
629
630
    global_options = old_options;
    return -1;
  }
631
  if (options_act(old_options) < 0) { /* acting on the options failed. die. */
632
    log_err(LD_BUG,
Roger Dingledine's avatar
Roger Dingledine committed
633
            "Acting on config options left us in a broken state. Dying.");
634
635
    exit(1);
  }
636
637
  /* Issues a CONF_CHANGED event to notify controller of the change. If Tor is
   * just starting up then the old_options will be undefined. */
638
  if (old_options && old_options != global_options) {
639
    elements = smartlist_new();
640
    for (i=0; options_format.vars[i].name; ++i) {
641
642
      const config_var_t *var = &options_format.vars[i];
      const char *var_name = var->name;
643
644
645
646
      if (var->type == CONFIG_TYPE_LINELIST_S ||
          var->type == CONFIG_TYPE_OBSOLETE) {
        continue;
      }
647
648
649
      if (!config_is_same(&options_format, new_val, old_options, var_name)) {
        line = config_get_assigned_option(&options_format, new_val,
                                          var_name, 1);
650
651

        if (line) {
Nick Mathewson's avatar
Nick Mathewson committed
652
653
654
          config_line_t *next;
          for (; line; line = next) {
            next = line->next;
655
656
            smartlist_add(elements, line->key);
            smartlist_add(elements, line->value);
Nick Mathewson's avatar
Nick Mathewson committed
657
            tor_free(line);
658
659
          }
        } else {
660
          smartlist_add(elements, tor_strdup(options_format.vars[i].name));
661
          smartlist_add(elements, NULL);
662
663
664
        }
      }
    }
665
    control_event_conf_changed(elements);
666
    SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
667
668
    smartlist_free(elements);
  }
669
670
671

  if (old_options != global_options)
    config_free(&options_format, old_options);
672
673

  return 0;
674
675
}

676
extern const char tor_git_revision[]; /* from tor_main.c */
677

678
/** The version of this Tor process, as parsed. */
679
static char *the_tor_version = NULL;
Nick Mathewson's avatar
Nick Mathewson committed
680
681
/** A shorter version of this Tor process's version, for export in our router
 *  descriptor.  (Does not include the git version, if any.) */
682
static char *the_short_tor_version = NULL;
683

684
/** Return the current Tor version. */
685
686
687
const char *
get_version(void)
{
688
  if (the_tor_version == NULL) {
689
    if (strlen(tor_git_revision)) {
690
691
      tor_asprintf(&the_tor_version, "%s (git-%s)", get_short_version(),
                   tor_git_revision);
692
    } else {
693
      the_tor_version = tor_strdup(get_short_version());
694
695
    }
  }
696
  return the_tor_version;
697
698
}

699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
/** Return the current Tor version, without any git tag. */
const char *
get_short_version(void)
{

  if (the_short_tor_version == NULL) {
#ifdef TOR_BUILD_TAG
    tor_asprintf(&the_short_tor_version, "%s (%s)", VERSION, TOR_BUILD_TAG);
#else
    the_short_tor_version = tor_strdup(VERSION);
#endif
  }
  return the_short_tor_version;
}

714
715
/** Release additional memory allocated in options
 */
716
STATIC void
717
718
or_options_free(or_options_t *options)
{
719
720
721
  if (!options)
    return;

722
  routerset_free(options->ExcludeExitNodesUnion_);
723
724
725
726
727
  if (options->NodeFamilySets) {
    SMARTLIST_FOREACH(options->NodeFamilySets, routerset_t *,
                      rs, routerset_free(rs));
    smartlist_free(options->NodeFamilySets);
  }
728
  tor_free(options->BridgePassword_AuthDigest_);
729
  tor_free(options->command_arg);
730
731
732
  config_free(&options_format, options);
}

733
734
/** Release all memory and resources held by global configuration structures.
 */
735
736
737
void
config_free_all(void)
{