r13266@catbus: nickm | 2007-06-05 16:38:08 -0400

Patch from peter palfrader: control interface via unix domain socket svn:r10504

r13266@catbus: nickm | 2007-06-05 16:38:08 -0400
Patch from peter palfrader: control interface via unix domain socket svn:r10504
210beff5 · Nick Mathewson · f0345d46 · 210beff5 · 210beff5 · 210beff5
Commit 210beff5 authored Jun 05, 2007 by Nick Mathewson 🎨
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,11 @@ Changes in version 0.2.0.3-alpha - 2007-??-??
    - tor-gencert creates all files as readable to the file creator only, and
      write-protects the authority identity key.

+  o Minor feature (controller):
+    - You can now use the ControlSocket option to tell Tor to listen for
+      controller connections on Unix domain sockets on systems that support
+      them.  (Patch from Peter Palfrader.)
+
  o Minor bugfixes (dns):
    - Fix a crash when DNSPort is set more than once. (Patch from Robert
      Hogan.)

--- a/configure.in
+++ b/configure.in
@@ -240,7 +240,7 @@ AC_SYS_LARGEFILE

 AC_CHECK_HEADERS(unistd.h string.h signal.h ctype.h sys/stat.h sys/types.h fcntl.h sys/fcntl.h sys/time.h errno.h assert.h time.h, , AC_MSG_WARN(Some headers were not found, compilation may fail.  If compilation succeeds, please send your orconfig.h to the developers so we can fix this warning.))

-AC_CHECK_HEADERS(netdb.h sys/ioctl.h sys/socket.h arpa/inet.h netinet/in.h pwd.h grp.h)
+AC_CHECK_HEADERS(netdb.h sys/ioctl.h sys/socket.h arpa/inet.h netinet/in.h pwd.h grp.h sys/un.h)

 dnl These headers are not essential


--- a/src/or/config.c
+++ b/src/or/config.c
@@ -149,6 +149,7 @@ static config_var_t _option_vars[] = {
  VAR("ContactInfo",         STRING,   ContactInfo,          NULL),
  VAR("ControlListenAddress",LINELIST, ControlListenAddress, NULL),
  VAR("ControlPort",         UINT,     ControlPort,          "0"),
+  VAR("ControlSocket",       LINELIST, ControlSocket,        NULL),
  VAR("CookieAuthentication",BOOL,     CookieAuthentication, "0"),
  VAR("DataDirectory",       STRING,   DataDirectory,        NULL),
  OBSOLETE("DebugLogFile"),
@@ -811,6 +812,14 @@ options_act_reversible(or_options_t *old_options, char **msg)
    start_daemon();
  }

+#ifndef HAVE_SYS_UN_H
+  if (options->ControlSocket) {
+    *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported"
+                      " on this OS/with this build.");
+    goto rollback;
+  }
+#endif
+
  if (running_tor) {
    /* We need to set the connection limit before we can open the listeners. */
    options->_ConnLimit =

--- a/src/or/connection.c
+++ b/src/or/connection.c
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1916,7 +1916,7 @@ connection_ap_make_bridge(char *address, uint16_t port,
  log_notice(LD_APP,"Making internal anonymized tunnel to %s:%d ...",
             safe_str(address),port); /* XXXX020 Downgrade back to info. */

-  conn = TO_EDGE_CONN(connection_new(CONN_TYPE_AP));
+  conn = TO_EDGE_CONN(connection_new(CONN_TYPE_AP, AF_INET));
  conn->_base.linked = 1; /* so that we can add it safely below. */

  /* populate conn->socks_request */
@@ -2210,7 +2210,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
  }

  log_debug(LD_EXIT,"Creating new exit connection.");
-  n_stream = TO_EDGE_CONN(connection_new(CONN_TYPE_EXIT));
+  n_stream = TO_EDGE_CONN(connection_new(CONN_TYPE_EXIT, AF_INET));
  n_stream->_base.purpose = EXIT_PURPOSE_CONNECT;

  n_stream->stream_id = rh.stream_id;
@@ -2316,7 +2316,7 @@ connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
   * resolved; but if we didn't store them in a connection like this,
   * the housekeeping in dns.c would get way more complicated.)
   */
-  dummy_conn = TO_EDGE_CONN(connection_new(CONN_TYPE_EXIT));
+  dummy_conn = TO_EDGE_CONN(connection_new(CONN_TYPE_EXIT, AF_INET));
  dummy_conn->stream_id = rh.stream_id;
  dummy_conn->_base.address = tor_strndup(cell->payload+RELAY_HEADER_SIZE,
                                          rh.length);
@@ -2450,7 +2450,7 @@ connection_exit_connect_dir(edge_connection_t *exitconn)

  exitconn->_base.state = EXIT_CONN_STATE_OPEN;

-  dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR));
+  dirconn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR, AF_INET));

  dirconn->_base.addr = 0x7f000001;
  dirconn->_base.port = 0;

--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -465,7 +465,7 @@ connection_or_connect(uint32_t addr, uint16_t port, const char *id_digest)
    return NULL;
  }

-  conn = TO_OR_CONN(connection_new(CONN_TYPE_OR));
+  conn = TO_OR_CONN(connection_new(CONN_TYPE_OR, AF_INET));

  /* set up conn so it's got all the data we need to remember */
  connection_or_init_conn_from_address(conn, addr, port, id_digest, 1);

--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@@ -339,7 +339,7 @@ spawn_cpuworker(void)
  tor_free(fdarray);
 #endif

-  conn = connection_new(CONN_TYPE_CPUWORKER);
+  conn = connection_new(CONN_TYPE_CPUWORKER, AF_UNIX);

  set_socket_nonblocking(fd);


--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -490,7 +490,7 @@ directory_initiate_command(const char *address, uint32_t addr,
      tor_assert(0);
  }

-  conn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR));
+  conn = TO_DIR_CONN(connection_new(CONN_TYPE_DIR, AF_INET));

  /* set up conn so it's got all the data we need to remember */
  conn->_base.addr = addr;

--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -110,7 +110,7 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
  /* XXXX020 Send a stream event to the controller. */

  /* Make a new dummy AP connection, and attach the request to it. */
-  conn = TO_EDGE_CONN(connection_new(CONN_TYPE_AP));
+  conn = TO_EDGE_CONN(connection_new(CONN_TYPE_AP, AF_INET));
  conn->_base.state = AP_CONN_STATE_RESOLVE_WAIT;
  if (q->type == EVDNS_TYPE_A)
    conn->socks_request->command = SOCKS_COMMAND_RESOLVE;

--- a/src/or/or.h
+++ b/src/or/or.h
@@ -56,6 +56,9 @@
 #ifdef HAVE_SYS_SOCKET_H
 #include <sys/socket.h>
 #endif
+#ifdef HAVE_SYS_UN_H
+#include <sys/un.h>
+#endif
 #ifdef HAVE_SYS_TIME_H
 #include <sys/time.h>
 #endif
@@ -791,6 +794,9 @@ typedef struct connection_t {
  time_t timestamp_created; /**< When was this connection_t created? */

  /* XXXX020 make this ipv6-capable */
+  int sa_family; /**< Address family of this connection's socket.  Usually
+                  * AF_INET, but it can also be AF_UNIX, or in the future
+                  * AF_INET6 */
  uint32_t addr; /**< IP of the other side of the connection; used to identify
                  * routers, along with port. */
  uint16_t port; /**< If non-zero, port  on the other end
@@ -1825,6 +1831,8 @@ typedef struct {
  int TransPort;
  int NatdPort; /**< Port to listen on for transparent natd connections. */
  int ControlPort; /**< Port to listen on for control connections. */
+  config_line_t * ControlSocket; /**< Unix Domain Socket to listen on
+                                  * for control connections. */
  int DirPort; /**< Port to listen on for directory connections. */
  int DNSPort; /**< Port to listen on for DNS requests. */
  int AssumeReachable; /**< Whether to publish our descriptor regardless. */
@@ -2347,7 +2355,7 @@ or_options_t *options_new(void);
 const char *conn_type_to_string(int type);
 const char *conn_state_to_string(int type, int state);

-connection_t *connection_new(int type);
+connection_t *connection_new(int type, int sa_family);
 void connection_link_connections(connection_t *conn_a, connection_t *conn_b);
 void connection_unregister_events(connection_t *conn);
 void connection_free(connection_t *conn);