diff --git a/ChangeLog b/ChangeLog
index c00fcdb4e55af6d4a705ffda4aca7b0048f9e6b4..44af8ec5de6169476025c47aa1c23b42ad4fa6d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,183 @@
+Changes in version 0.2.1.23 - 2010-0?-??
+ o Major bugfixes (performance):
+ - We were selecting our guards uniformly at random, and then weighting
+ which of our guards we'd use uniformly at random. This imbalance
+ meant that Tor clients were severely limited on throughput (and
+ probably latency too) by the first hop in their circuit. Now we
+ select guards weighted by currently advertised bandwidth. We also
+ automatically discard guards picked using the old algorithm. Fixes
+ bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
+
+ o Minor features:
+ - Avoid a mad rush at the beginning of each month when each client
+ rotates half of its guards. Instead we spread the rotation out
+ throughout the month, but we still avoid leaving a precise timestamp
+ in the state file about when we first picked the guard. Improves
+ over the behavior introduced in 0.1.2.17.
+
+
+Changes in version 0.2.2.7-alpha - 2010-01-19
+ o Major features (performance):
+ - We were selecting our guards uniformly at random, and then weighting
+ which of our guards we'd use uniformly at random. This imbalance
+ meant that Tor clients were severely limited on throughput (and
+ probably latency too) by the first hop in their circuit. Now we
+ select guards weighted by currently advertised bandwidth. We also
+ automatically discard guards picked using the old algorithm. Fixes
+ bug 1217; bugfix on 0.2.1.3-alpha. Found by Mike Perry.
+ - When choosing which cells to relay first, relays can now favor
+ circuits that have been quiet recently, to provide lower latency
+ for low-volume circuits. By default, relays enable or disable this
+ feature based on a setting in the consensus. You can override
+ this default by using the new "CircuitPriorityHalflife" config
+ option. Design and code by Ian Goldberg, Can Tang, and Chris
+ Alexander.
+ - Add separate per-conn write limiting to go with the per-conn read
+ limiting. We added a global write limit in Tor 0.1.2.5-alpha,
+ but never per-conn write limits.
+ - New consensus params "bwconnrate" and "bwconnburst" to let us
+ rate-limit client connections as they enter the network. It's
+ controlled in the consensus so we can turn it on and off for
+ experiments. It's starting out off. Based on proposal 163.
+
+ o Major features (relay selection options):
+ - Switch to a StrictNodes config option, rather than the previous
+ "StrictEntryNodes" / "StrictExitNodes" separation that was missing a
+ "StrictExcludeNodes" option.
+ - If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes
+ change during a config reload, mark and discard all our origin
+ circuits. This fix should address edge cases where we change the
+ config options and but then choose a circuit that we created before
+ the change.
+ - If EntryNodes or ExitNodes are set, be more willing to use an
+ unsuitable (e.g. slow or unstable) circuit. The user asked for it,
+ they get it.
+ - Make EntryNodes config option much more aggressive even when
+ StrictNodes is not set. Before it would prepend your requested
+ entrynodes to your list of guard nodes, but feel free to use others
+ after that. Now it chooses only from your EntryNodes if any of
+ those are available, and only falls back to others if a) they're
+ all down and b) StrictNodes is not set.
+ - Now we refresh your entry guards from EntryNodes at each consensus
+ fetch -- rather than just at startup and then they slowly rot as
+ the network changes.
+
+ o Minor features:
+ - Log a notice when we get a new control connection. Now it's easier
+ for security-conscious users to recognize when a local application
+ is knocking on their controller door. Suggested by bug 1196.
+ - New config option "CircuitStreamTimeout" to override our internal
+ timeout schedule for how many seconds until we detach a stream from
+ a circuit and try a new circuit. If your network is particularly
+ slow, you might want to set this to a number like 60.
+ - New controller command "getinfo config-text". It returns the
+ contents that Tor would write if you send it a SAVECONF command,
+ so the controller can write the file to disk itself.
+ - New options for SafeLogging to allow scrubbing only log messages
+ generated while acting as a relay.
+ - Ship the bridges spec file in the tarball too.
+ - Avoid a mad rush at the beginning of each month when each client
+ rotates half of its guards. Instead we spread the rotation out
+ throughout the month, but we still avoid leaving a precise timestamp
+ in the state file about when we first picked the guard. Improves
+ over the behavior introduced in 0.1.2.17.
+
+ o Minor bugfixes (compiling):
+ - Fix compilation on OS X 10.3, which has a stub mlockall() but
+ hides it. Bugfix on 0.2.2.6-alpha.
+ - Fix compilation on Solaris by removing support for the
+ DisableAllSwap config option. Solaris doesn't have an rlimit for
+ mlockall, so we cannot use it safely. Fixes bug 1198; bugfix on
+ 0.2.2.6-alpha.
+
+ o Minor bugfixes (crashes):
+ - Do not segfault when writing buffer stats when we haven't observed
+ a single circuit to report about. Found by Fabian Lanze. Bugfix on
+ 0.2.2.1-alpha.
+ - If we're in the pathological case where there's no exit bandwidth
+ but there is non-exit bandwidth, or no guard bandwidth but there
+ is non-guard bandwidth, don't crash during path selection. Bugfix
+ on 0.2.0.3-alpha.
+ - Fix an impossible-to-actually-trigger buffer overflow in relay
+ descriptor generation. Bugfix on 0.1.0.15.
+
+ o Minor bugfixes (privacy):
+ - Fix an instance where a Tor directory mirror might accidentally
+ log the IP address of a misbehaving Tor client. Bugfix on
+ 0.1.0.1-rc.
+ - Don't list Windows capabilities in relay descriptors. We never made
+ use of them, and maybe it's a bad idea to publish them. Bugfix
+ on 0.1.1.8-alpha.
+
+ o Minor bugfixes (other):
+ - Resolve an edge case in path weighting that could make us misweight
+ our relay selection. Fixes bug 1203; bugfix on 0.0.8rc1.
+ - Fix statistics on client numbers by country as seen by bridges that
+ were broken in 0.2.2.1-alpha. Also switch to reporting full 24-hour
+ intervals instead of variable 12-to-48-hour intervals.
+ - After we free an internal connection structure, overwrite it
+ with a different memory value than we use for overwriting a freed
+ internal circuit structure. Should help with debugging. Suggested
+ by bug 1055.
+ - Update our OpenSSL 0.9.8l fix so that it works with OpenSSL 0.9.8m
+ too.
+
+ o Removed features:
+ - Remove the HSAuthorityRecordStats option that version 0 hidden
+ service authorities could have used to track statistics of overall
+ hidden service usage.
+
+
+Changes in version 0.2.1.22 - 2010-01-19
+ Tor 0.2.1.22 fixes a critical privacy problem in bridge directory
+ authorities -- it would tell you its whole history of bridge descriptors
+ if you make the right directory request. This stable update also
+ rotates two of the seven v3 directory authority keys and locations.
+
+ o Directory authority changes:
+ - Rotate keys (both v3 identity and relay identity) for moria1
+ and gabelmoo.
+
+ o Major bugfixes:
+ - Stop bridge directory authorities from answering dbg-stability.txt
+ directory queries, which would let people fetch a list of all
+ bridge identities they track. Bugfix on 0.2.1.6-alpha.
+
+
+Changes in version 0.2.1.21 - 2009-12-21
+ Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
+ library. If you use Tor on Linux / Unix and you're getting SSL
+ renegotiation errors, upgrading should help. We also recommend an
+ upgrade if you're an exit relay.
+
+ o Major bugfixes:
+ - Work around a security feature in OpenSSL 0.9.8l that prevents our
+ handshake from working unless we explicitly tell OpenSSL that we
+ are using SSL renegotiation safely. We are, of course, but OpenSSL
+ 0.9.8l won't work unless we say we are.
+ - Avoid crashing if the client is trying to upload many bytes and the
+ circuit gets torn down at the same time, or if the flip side
+ happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.
+
+ o Minor bugfixes:
+ - Do not refuse to learn about authority certs and v2 networkstatus
+ documents that are older than the latest consensus. This bug might
+ have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
+ Spotted and fixed by xmux.
+ - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
+ trigger platform-specific option misparsing case found by Coverity
+ Scan.
+ - Fix a compilation warning on Fedora 12 by removing an impossible-to-
+ trigger assert. Fixes bug 1173.
+
+
Changes in version 0.2.2.6-alpha - 2009-11-19
+ Tor 0.2.2.6-alpha lays the groundwork for many upcoming features:
+ support for the new lower-footprint "microdescriptor" directory design,
+ future-proofing our consensus format against new hash functions or
+ other changes, and an Android port. It also makes Tor compatible with
+ the upcoming OpenSSL 0.9.8l release, and fixes a variety of bugs.
+
o Major features:
- Directory authorities can now create, vote on, and serve multiple
parallel formats of directory data as part of their voting process.
@@ -55,6 +234,81 @@ Changes in version 0.2.2.6-alpha - 2009-11-19
introduced in 0.2.2.1-alpha. Found via valgrind.
+Changes in version 0.2.1.20 - 2009-10-15
+ Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
+ services at once, prepares for more performance improvements, and
+ fixes a bunch of smaller bugs.
+
+ The Windows and OS X bundles also include a more recent Vidalia,
+ and switch from Privoxy to Polipo.
+
+ The OS X installers are now drag and drop. It's best to un-install
+ Tor/Vidalia and then install this new bundle, rather than upgrade. If
+ you want to upgrade, you'll need to update the paths for Tor and Polipo
+ in the Vidalia Settings window.
+
+ o Major bugfixes:
+ - Send circuit or stream sendme cells when our window has decreased
+ by 100 cells, not when it has decreased by 101 cells. Bug uncovered
+ by Karsten when testing the "reduce circuit window" performance
+ patch. Bugfix on the 54th commit on Tor -- from July 2002,
+ before the release of Tor 0.0.0. This is the new winner of the
+ oldest-bug prize.
+ - Fix a remotely triggerable memory leak when a consensus document
+ contains more than one signature from the same voter. Bugfix on
+ 0.2.0.3-alpha.
+ - Avoid segfault in rare cases when finishing an introduction circuit
+ as a client and finding out that we don't have an introduction key
+ for it. Fixes bug 1073. Reported by Aaron Swartz.
+
+ o Major features:
+ - Tor now reads the "circwindow" parameter out of the consensus,
+ and uses that value for its circuit package window rather than the
+ default of 1000 cells. Begins the implementation of proposal 168.
+
+ o New directory authorities:
+ - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
+ authority.
+ - Move moria1 and tonga to alternate IP addresses.
+
+ o Minor bugfixes:
+ - Fix a signed/unsigned compile warning in 0.2.1.19.
+ - Fix possible segmentation fault on directory authorities. Bugfix on
+ 0.2.1.14-rc.
+ - Fix an extremely rare infinite recursion bug that could occur if
+ we tried to log a message after shutting down the log subsystem.
+ Found by Matt Edman. Bugfix on 0.2.0.16-alpha.
+ - Fix an obscure bug where hidden services on 64-bit big-endian
+ systems might mis-read the timestamp in v3 introduce cells, and
+ refuse to connect back to the client. Discovered by "rotor".
+ Bugfix on 0.2.1.6-alpha.
+ - We were triggering a CLOCK_SKEW controller status event whenever
+ we connect via the v2 connection protocol to any relay that has
+ a wrong clock. Instead, we should only inform the controller when
+ it's a trusted authority that claims our clock is wrong. Bugfix
+ on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
+ - We were telling the controller about CHECKING_REACHABILITY and
+ REACHABILITY_FAILED status events whenever we launch a testing
+ circuit or notice that one has failed. Instead, only tell the
+ controller when we want to inform the user of overall success or
+ overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
+ by SwissTorExit.
+ - Don't warn when we're using a circuit that ends with a node
+ excluded in ExcludeExitNodes, but the circuit is not used to access
+ the outside world. This should help fix bug 1090. Bugfix on
+ 0.2.1.6-alpha.
+ - Work around a small memory leak in some versions of OpenSSL that
+ stopped the memory used by the hostname TLS extension from being
+ freed.
+
+ o Minor features:
+ - Add a "getinfo status/accepted-server-descriptor" controller
+ command, which is the recommended way for controllers to learn
+ whether our server descriptor has been successfully received by at
+ least on directory authority. Un-recommend good-server-descriptor
+ getinfo and status events until we have a better design for them.
+
+
Changes in version 0.2.2.5-alpha - 2009-10-11
Tor 0.2.2.5-alpha fixes a few compile problems in 0.2.2.4-alpha.
@@ -311,98 +565,6 @@ Changes in version 0.2.2.1-alpha - 2009-08-26
occurred with the upgrade to Vidalia 0.2.3.
-Changes in Version 0.2.1.21 - 20??-??-??
- o Major bugfixes:
- - Work around a security feature in OpenSSL 0.9.8l that prevents our
- handshake from working unless we explicitly tell OpenSSL that we are
- using SSL renegotiation safely. We are, of course, but OpenSSL
- 0.9.8l won't work unless we say we are.
-
- o Minor bugfixes:
- - Do not refuse to learn about authority certs and v2 networkstatus
- documents that are older than the latest consensus. This bug might
- have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
- Spotted and fixed by xmux.
- - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
- trigger platform-specific option misparsing case found by Coverity
- Scan.
-
-
-Changes in version 0.2.1.20 - 2009-10-15
- Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
- services at once, prepares for more performance improvements, and
- fixes a bunch of smaller bugs.
-
- The Windows and OS X bundles also include a more recent Vidalia,
- and switch from Privoxy to Polipo.
-
- The OS X installers are now drag and drop. It's best to un-install
- Tor/Vidalia and then install this new bundle, rather than upgrade. If
- you want to upgrade, you'll need to update the paths for Tor and Polipo
- in the Vidalia Settings window.
-
- o Major bugfixes:
- - Send circuit or stream sendme cells when our window has decreased
- by 100 cells, not when it has decreased by 101 cells. Bug uncovered
- by Karsten when testing the "reduce circuit window" performance
- patch. Bugfix on the 54th commit on Tor -- from July 2002,
- before the release of Tor 0.0.0. This is the new winner of the
- oldest-bug prize.
- - Fix a remotely triggerable memory leak when a consensus document
- contains more than one signature from the same voter. Bugfix on
- 0.2.0.3-alpha.
- - Avoid segfault in rare cases when finishing an introduction circuit
- as a client and finding out that we don't have an introduction key
- for it. Fixes bug 1073. Reported by Aaron Swartz.
-
- o Major features:
- - Tor now reads the "circwindow" parameter out of the consensus,
- and uses that value for its circuit package window rather than the
- default of 1000 cells. Begins the implementation of proposal 168.
-
- o New directory authorities:
- - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
- authority.
- - Move moria1 and tonga to alternate IP addresses.
-
- o Minor bugfixes:
- - Fix a signed/unsigned compile warning in 0.2.1.19.
- - Fix possible segmentation fault on directory authorities. Bugfix on
- 0.2.1.14-rc.
- - Fix an extremely rare infinite recursion bug that could occur if
- we tried to log a message after shutting down the log subsystem.
- Found by Matt Edman. Bugfix on 0.2.0.16-alpha.
- - Fix an obscure bug where hidden services on 64-bit big-endian
- systems might mis-read the timestamp in v3 introduce cells, and
- refuse to connect back to the client. Discovered by "rotor".
- Bugfix on 0.2.1.6-alpha.
- - We were triggering a CLOCK_SKEW controller status event whenever
- we connect via the v2 connection protocol to any relay that has
- a wrong clock. Instead, we should only inform the controller when
- it's a trusted authority that claims our clock is wrong. Bugfix
- on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
- - We were telling the controller about CHECKING_REACHABILITY and
- REACHABILITY_FAILED status events whenever we launch a testing
- circuit or notice that one has failed. Instead, only tell the
- controller when we want to inform the user of overall success or
- overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
- by SwissTorExit.
- - Don't warn when we're using a circuit that ends with a node
- excluded in ExcludeExitNodes, but the circuit is not used to access
- the outside world. This should help fix bug 1090. Bugfix on
- 0.2.1.6-alpha.
- - Work around a small memory leak in some versions of OpenSSL that
- stopped the memory used by the hostname TLS extension from being
- freed.
-
- o Minor features:
- - Add a "getinfo status/accepted-server-descriptor" controller
- command, which is the recommended way for controllers to learn
- whether our server descriptor has been successfully received by at
- least on directory authority. Un-recommend good-server-descriptor
- getinfo and status events until we have a better design for them.
-
-
Changes in version 0.2.1.19 - 2009-07-28
Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
services on Tor 0.2.1.3-alpha through 0.2.1.18.
diff --git a/Makefile.am b/Makefile.am
index 24b30bc0921d6bc6be34f6422e577132834fbb80..850ab71bb5d400ecfd30dc12de67d9d1f02e721a 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -61,7 +61,8 @@ doxygen:
test: all
./src/test/test
-# Avoid strlcpy.c, strlcat.c, tree.h
+# Avoid strlcpy.c, strlcat.c, aes.c, OpenBSD_malloc_Linux.c, sha256.c,
+# eventdns.[hc], tinytest.[ch]
check-spaces:
./contrib/checkSpace.pl -C \
src/common/*.h \
diff --git a/ReleaseNotes b/ReleaseNotes
index a93a56d377c03ed3814298c9fbe8df0170a2ecb7..3790142d3defbc1957e431efb08d7c1f186d8f73 100644
--- a/ReleaseNotes
+++ b/ReleaseNotes
@@ -3,6 +3,49 @@ This document summarizes new features and bugfixes in each stable release
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
+Changes in version 0.2.1.22 - 2010-01-19
+ Tor 0.2.1.22 fixes a critical privacy problem in bridge directory
+ authorities -- it would tell you its whole history of bridge descriptors
+ if you make the right directory request. This stable update also
+ rotates two of the seven v3 directory authority keys and locations.
+
+ o Directory authority changes:
+ - Rotate keys (both v3 identity and relay identity) for moria1
+ and gabelmoo.
+
+ o Major bugfixes:
+ - Stop bridge directory authorities from answering dbg-stability.txt
+ directory queries, which would let people fetch a list of all
+ bridge identities they track. Bugfix on 0.2.1.6-alpha.
+
+
+Changes in version 0.2.1.21 - 2009-12-21
+ Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
+ library. If you use Tor on Linux / Unix and you're getting SSL
+ renegotiation errors, upgrading should help. We also recommend an
+ upgrade if you're an exit relay.
+
+ o Major bugfixes:
+ - Work around a security feature in OpenSSL 0.9.8l that prevents our
+ handshake from working unless we explicitly tell OpenSSL that we
+ are using SSL renegotiation safely. We are, of course, but OpenSSL
+ 0.9.8l won't work unless we say we are.
+ - Avoid crashing if the client is trying to upload many bytes and the
+ circuit gets torn down at the same time, or if the flip side
+ happens on the exit relay. Bugfix on 0.2.0.1-alpha; fixes bug 1150.
+
+ o Minor bugfixes:
+ - Do not refuse to learn about authority certs and v2 networkstatus
+ documents that are older than the latest consensus. This bug might
+ have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
+ Spotted and fixed by xmux.
+ - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
+ trigger platform-specific option misparsing case found by Coverity
+ Scan.
+ - Fix a compilation warning on Fedora 12 by removing an impossible-to-
+ trigger assert. Fixes bug 1173.
+
+
Changes in version 0.2.1.20 - 2009-10-15
Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
services at once, prepares for more performance improvements, and
diff --git a/configure.in b/configure.in
index 6f2baf7e0161ed36125352f2e5939ba15f806ca0..a8890ff04914dc79d7df39932bd381ba685ea184 100644
--- a/configure.in
+++ b/configure.in
@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_INIT
-AM_INIT_AUTOMAKE(tor, 0.2.2.6-alpha)
+AM_INIT_AUTOMAKE(tor, 0.2.2.7-alpha)
AM_CONFIG_HEADER(orconfig.h)
AC_CANONICAL_HOST
@@ -629,9 +629,14 @@ if test x$tcmalloc = xyes ; then
fi
# By default, we're going to assume we don't have mlockall()
-# bionic and other platforms have various broken mlockall subsystems
-# some of systems don't have a working mlockall, some aren't linkable
+# bionic and other platforms have various broken mlockall subsystems.
+# Some systems don't have a working mlockall, some aren't linkable,
+# and some have it but don't declare it.
AC_CHECK_FUNCS(mlockall)
+AC_CHECK_DECLS([mlockall], , , [
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif])
# Allow user to specify an alternate syslog facility
AC_ARG_WITH(syslog-facility,
diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in
index 5cf9f2245c5c098439989ad37e35cfd3d4991e6a..83bcf50b88f9a7b1abf38faa8626d880c6406598 100644
--- a/contrib/tor-mingw.nsi.in
+++ b/contrib/tor-mingw.nsi.in
@@ -8,8 +8,7 @@
!include "LogicLib.nsh"
!include "FileFunc.nsh"
!insertmacro GetParameters
-
-!define VERSION "0.2.2.6-alpha"
+!define VERSION "0.2.2.7-alpha"
!define INSTALLER "tor-${VERSION}-win32.exe"
!define WEBSITE "https://www.torproject.org/"
!define LICENSE "LICENSE"
diff --git a/doc/spec/Makefile.am b/doc/spec/Makefile.am
index 208901d9db2e3a519e8fb01afdeb21a79f7a4abc..e2fef42e815780fbd535ed882f0e7d6717f3c0de 100644
--- a/doc/spec/Makefile.am
+++ b/doc/spec/Makefile.am
@@ -1,5 +1,5 @@
EXTRA_DIST = tor-spec.txt rend-spec.txt control-spec.txt \
dir-spec.txt socks-extensions.txt path-spec.txt \
- version-spec.txt address-spec.txt
+ version-spec.txt address-spec.txt bridges-spec.txt
diff --git a/doc/spec/control-spec.txt b/doc/spec/control-spec.txt
index eb01641109aba17c3903186e9a9155e3575911cc..73f0b020a9f600abc713c9a81c147c572b67678e 100644
--- a/doc/spec/control-spec.txt
+++ b/doc/spec/control-spec.txt
@@ -270,6 +270,9 @@
returns "250 OK" if successful, or "551 Unable to write configuration
to disk" if it can't write the file or some other error occurs.
+ See also the "getinfo config-text" command, if the controller wants
+ to write the torrc file itself.
+
3.7. SIGNAL
Sent from the client to the server. The syntax is:
@@ -378,6 +381,10 @@
"config-file" -- The location of Tor's configuration file ("torrc").
+ "config-text" -- The contents that Tor would write if you send it
+ a SAVECONF command, so the controller can write the file to
+ disk itself. [First implemented in 0.2.2.7-alpha.]
+
["exit-policy/prepend" -- The default exit policy lines that Tor will
*prepend* to the ExitPolicy config option.
-- Never implemented. Useful?]
@@ -1630,11 +1637,11 @@
TimeStarted is a quoted string indicating when the reported summary
counts from (in GMT).
- The CountrySummary keyword has as its argument a comma-separated
- set of "countrycode=count" pairs. For example,
- 650-CLIENTS_SEEN TimeStarted="Thu Dec 25 23:50:43 EST 2008"
- 650 CountrySummary=us=16,de=8,uk=8
-[XXX Matt Edman informs me that the time format above is wrong. -RD]
+ The CountrySummary keyword has as its argument a comma-separated,
+ possibly empty set of "countrycode=count" pairs. For example (without
+ linebreak),
+ 650-CLIENTS_SEEN TimeStarted="2008-12-25 23:50:43"
+ CountrySummary=us=16,de=8,uk=8
4.1.15. New consensus networkstatus has arrived.
diff --git a/doc/spec/dir-spec.txt b/doc/spec/dir-spec.txt
index 5eedbd5348368f7d01542f52545b7db71874482c..19a32027afc19013087217d2e7bb3a8d987eae41 100644
--- a/doc/spec/dir-spec.txt
+++ b/doc/spec/dir-spec.txt
@@ -627,8 +627,8 @@
As documented in 2.1 above. See migration notes in section 2.2.1.
- "geoip-start" YYYY-MM-DD HH:MM:SS NL
- "geoip-client-origins" CC=N,CC=N,... NL
+ ("geoip-start" YYYY-MM-DD HH:MM:SS NL)
+ ("geoip-client-origins" CC=N,CC=N,... NL)
Only generated by bridge routers (see blocking.pdf), and only
when they have been configured with a geoip database.
@@ -641,6 +641,33 @@
"geoip-start" is the time at which we began collecting geoip
statistics.
+ "geoip-start" and "geoip-client-origins" have been replaced by
+ "bridge-stats-end" and "bridge-stats-ips" in 0.2.2.4-alpha. The
+ reason is that the measurement interval with "geoip-stats" as
+ determined by subtracting "geoip-start" from "published" could
+ have had a variable length, whereas the measurement interval in
+ 0.2.2.4-alpha and later is set to be exactly 24 hours long. In
+ order to clearly distinguish the new measurement intervals from
+ the old ones, the new keywords have been introduced.
+
+ "bridge-stats-end" YYYY-MM-DD HH:MM:SS (NSEC s) NL
+ [At most once.]
+
+ YYYY-MM-DD HH:MM:SS defines the end of the included measurement
+ interval of length NSEC seconds (86400 seconds by default).
+
+ A "bridge-stats-end" line, as well as any other "bridge-*" line,
+ is only added when the relay has been running as a bridge for at
+ least 24 hours.
+
+ "bridge-ips" CC=N,CC=N,... NL
+ [At most once.]
+
+ List of mappings from two-letter country codes to the number of
+ unique IP addresses that have connected from that country to the
+ bridge and which are no known relays, rounded up to the nearest
+ multiple of 8.
+
"dirreq-stats-end" YYYY-MM-DD HH:MM:SS (NSEC s) NL
[At most once.]
@@ -1113,6 +1140,18 @@
(Only included when the vote is generated with consensus-method 7 or
later.)
+ Commonly used "param" arguments at this point include:
+
+ "CircWindow" -- the default package window that circuits should
+ be established with. It started out at 1000 cells, but some
+ research indicates that a lower value would mean fewer cells in
+ transit in the network at any given time. Obeyed by Tor 0.2.1.20
+ and later.
+
+ "CircPriorityHalflifeMsec" -- the halflife parameter used when
+ weighting which circuit will send the next cell. Obeyed by Tor
+ 0.2.2.7-alpha and later.
+
The authority section of a vote contains the following items, followed
in turn by the authority's current key certificate:
@@ -1246,7 +1285,7 @@
selection.
Additionally, the Measured= keyword is present in votes by
- participating bandwidth measurement authorites to indicate
+ participating bandwidth measurement authorities to indicate
a measured bandwidth currently produced by measuring stream
capacities.
@@ -1394,10 +1433,10 @@
per second, and capped at some arbitrary value (currently 10 MB/s).
The Measured= keyword on a "w" line vote is currently computed
- by multiplying the previous published consensus bandwidth by the
- ratio of the measured average node stream capacity to the network
- average. If 3 or more authorities provide a Measured= keyword for
- a router, the authorites produce a consensus containing a "w"
+ by multiplying the previous published consensus bandwidth by the
+ ratio of the measured average node stream capacity to the network
+ average. If 3 or more authorities provide a Measured= keyword for
+ a router, the authorities produce a consensus containing a "w"
Bandwidth= keyword equal to the median of the Measured= votes.
The ports listed in a "p" line should be taken as those ports for
@@ -2118,7 +2157,6 @@
A. Consensus-negotiation timeline.
-
Period begins: this is the Published time.
Everybody sends votes
Reconciliation: everybody tries to fetch missing votes.
diff --git a/doc/spec/tor-spec.txt b/doc/spec/tor-spec.txt
index efa6029f22e942317ec83e8443ebe007e5118cde..e94ac7faaa31e237fa6b0d94e179bd47886af951 100644
--- a/doc/spec/tor-spec.txt
+++ b/doc/spec/tor-spec.txt
@@ -20,7 +20,7 @@ see tor-design.pdf.
PK -- a public key.
SK -- a private key.
- K -- a key for a symmetric cypher.
+ K -- a key for a symmetric cipher.
a|b -- concatenation of 'a' and 'b'.
@@ -171,8 +171,8 @@ see tor-design.pdf.
In "renegotiation", the connection initiator sends no certificates, and
the responder sends a single connection certificate. Once the TLS
handshake is complete, the initiator renegotiates the handshake, with each
- parties sending a two-certificate chain as in "certificates up-front".
- The initiator's ClientHello MUST include at least once ciphersuite not in
+ party sending a two-certificate chain as in "certificates up-front".
+ The initiator's ClientHello MUST include at least one ciphersuite not in
the list above. The responder SHOULD NOT select any ciphersuite besides
those in the list above.
[The above "should not" is because some of the ciphers that
@@ -200,9 +200,9 @@ see tor-design.pdf.
to decide which to use.
In all of the above handshake variants, certificates sent in the clear
- SHOULD NOT include any strings to identify the host as a Tor server. In
- the "renegotation" and "backwards-compatible renegotiation", the
- initiator SHOULD chose a list of ciphersuites and TLS extensions chosen
+ SHOULD NOT include any strings to identify the host as a Tor server. In
+ the "renegotiation" and "backwards-compatible renegotiation" steps, the
+ initiator SHOULD choose a list of ciphersuites and TLS extensions
to mimic one used by a popular web browser.
Responders MUST NOT select any TLS ciphersuite that lacks ephemeral keys,
@@ -288,7 +288,7 @@ see tor-design.pdf.
6 -- CREATED_FAST (Circuit created, no PK) (See Sec 5.1)
7 -- VERSIONS (Negotiate proto version) (See Sec 4)
8 -- NETINFO (Time and address info) (See Sec 4)
- 9 -- RELAY_EARLY (End-to-end data; limited) (See sec 5.6)
+ 9 -- RELAY_EARLY (End-to-end data; limited)(See Sec 5.6)
The interpretation of 'Payload' depends on the type of the cell.
PADDING: Payload is unused.
@@ -356,7 +356,7 @@ see tor-design.pdf.
The address format is a type/length/value sequence as given in section
6.4 below. The timestamp is a big-endian unsigned integer number of
- seconds since the unix epoch.
+ seconds since the Unix epoch.
Implementations MAY use the timestamp value to help decide if their
clocks are skewed. Initiators MAY use "other OR's address" to help
@@ -398,7 +398,7 @@ see tor-design.pdf.
Onion skin [DH_LEN+KEY_LEN+PK_PAD_LEN bytes]
Identity fingerprint [HASH_LEN bytes]
- The port and address field denote the IPV4 address and port of the next
+ The port and address field denote the IPv4 address and port of the next
onion router in the circuit; the public key hash is the hash of the PKCS#1
ASN1 encoding of the next onion router's identity (signing) key. (See 0.3
above.) Including this hash allows the extending OR verify that it is
@@ -885,7 +885,7 @@ see tor-design.pdf.
6.4. Remote hostname lookup
To find the address associated with a hostname, the OP sends a
- RELAY_RESOLVE cell containing the hostname to be resolved with a nul
+ RELAY_RESOLVE cell containing the hostname to be resolved with a NUL
terminating byte. (For a reverse lookup, the OP sends a RELAY_RESOLVE
cell containing an in-addr.arpa address.) The OR replies with a
RELAY_RESOLVED cell containing a status byte, and any number of
diff --git a/doc/tor.1.in b/doc/tor.1.in
index 1a71026aad535d7c23cc15d6a497825f9f5c04ae..8cd9e1e00e0f4a52977812421204ee80500cac25 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -97,6 +97,20 @@ _relayed traffic_ to the
given number of bytes in each direction. (Default: 0)
.LP
.TP
+\fBPerConnBWRate \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
+If set, do separate rate limiting for each connection from a non-relay.
+You should never need to change this value, since a network-wide value
+is published in the consensus and your relay will use that value.
+(Default: 0)
+.LP
+.TP
+\fBPerConnBWBurst \fR\fIN\fR \fBbytes\fR|\fBKB\fR|\fBMB\fR|\fBGB\fR|\fBTB\fP
+If set, do separate rate limiting for each connection from a non-relay.
+You should never need to change this value, since a network-wide value
+is published in the consensus and your relay will use that value.
+(Default: 0)
+.LP
+.TP
\fBConnLimit \fR\fINUM\fP
The minimum number of file descriptors that must be available to
the Tor process before it will start. Tor will ask the OS for as
@@ -377,11 +391,16 @@ no effect on Windows; instead you should use the --service command-line
option. (Default: 0)
.LP
.TP
-\fBSafeLogging \fR\fB0\fR|\fB1\fP
-If 1, Tor replaces potentially sensitive strings in the logs
-(e.g. addresses) with the string [scrubbed]. This way logs can still be
+\fBSafeLogging \fR\fB0\fR|\fB1\fR|\fBrelay\fP
+Tor can scrub potentially sensitive strings from log messages (e.g. addresses)
+by replacing them with the string [scrubbed]. This way logs can still be
useful, but they don't leave behind personally identifying information
-about what sites a user might have visited. (Default: 1)
+about what sites a user might have visited.
+
+If this option is set to 0, Tor will not perform any scrubbing, if it is set
+to 1, all potentially sensitive strings are replaced. If it is set to
+relay, all log messages generated when acting as a relay are sanitized, but all
+messages generated when acting as a client are not. (Default: 1)
.LP
.TP
\fBUser \fR\fIUID\fP
@@ -419,6 +438,19 @@ ORPort. (Default: 1)
\fBPreferTunneledDirConns \fR\fB0\fR|\fB1\fP
If non-zero, we will avoid directory servers that don't support tunneled
directory connections, when possible. (Default: 1)
+.LP
+.TP
+\fBCircuitPriorityHalflife \fR\fBNUM\fB1\fP
+If this value is set, we override the default algorithm for choosing which
+circuit's cell to deliver or relay next. When the value is 0, we
+round-robin between the active circuits on a connection, delivering one cell
+from each in turn. When the value is positive, we prefer delivering cells
+from whichever connection has the lowest weighted cell count, where cells are
+weighted exponentially according to the supplied CircuitPriorityHalflife
+value (in seconds). If this option is not set at all, we use the behavior
+recommended in the current consensus networkstatus.
+This is an advanced option; you generally shouldn't have mess with it.
+(Default: not set.)
.SH CLIENT OPTIONS
.PP
@@ -466,6 +498,13 @@ circuit list.
(Default: 1 hour.)
.LP
.TP
+\fBCircuitStreamTimeout \fR\fINUM\fP
+If non-zero, this option overrides our internal timeout schedule for
+how many seconds until we detach a stream from a circuit and try a new
+circuit. If your network is particularly slow, you might want to set
+this to a number like 60. (Default: 0)
+.LP
+.TP
\fBClientOnly \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will under no circumstances run as a server or serve
directory requests. The default
@@ -490,26 +529,25 @@ list.
.TP
\fBEntryNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
A list of identity fingerprints, nicknames, country codes and address patterns
-of nodes to use for the first hop in the circuit.
-These are treated only as preferences unless StrictEntryNodes (see
+of nodes to use for the first hop in normal circuits.
+These are treated only as preferences unless StrictNodes (see
below) is also set.
.LP
.TP
\fBExitNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
A list of identity fingerprints, nicknames, country codes and address patterns
-of nodes to use for the last hop in the circuit.
-These are treated only as preferences unless StrictExitNodes (see
+of nodes to use for the last hop in normal exit circuits.
+These are treated only as preferences unless StrictNodes (see
below) is also set.
.LP
.TP
-\fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP
-If 1, Tor will never use any nodes besides those listed in "EntryNodes" for
-the first hop of a circuit.
-.LP
-.TP
-\fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP
-If 1, Tor will never use any nodes besides those listed in "ExitNodes" for
-the last hop of a circuit.
+\fBStrictNodes \fR\fB0\fR|\fB1\fR\fP
+If 1 and EntryNodes config option is set, Tor will never use any
+nodes besides those listed in EntryNodes for the first hop of a normal
+circuit. If 1 and ExitNodes config option is set, Tor will never use any
+nodes besides those listed in ExitNodes for the last hop of a normal exit
+circuit. Note that Tor might still use these nodes for non-exit circuits
+such as one-hop directory fetches or hidden service support circuits.
.LP
.TP
\fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP
@@ -1185,12 +1223,6 @@ When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor also
accepts and serves hidden service descriptors. (Default: 0)
.LP
.TP
-\fBHSAuthorityRecordStats \fR\fB0\fR|\fB1\fR\fP
-When this option is set in addition to \fBHSAuthoritativeDir\fP, Tor
-periodically (every 15 minutes) writes statistics about hidden service
-usage to a file \fBhsusage\fP in its data directory. (Default: 0)
-.LP
-.TP
\fBHidServDirectoryV2 \fR\fB0\fR|\fB1\fR\fP
When this option is set, Tor accepts and serves v2 hidden service
descriptors. Setting DirPort is not required for this, because clients
diff --git a/doc/translations.txt b/doc/translations.txt
index 874abe1bc1bfeec001ccea44dfb25f20a7f7a334..06d16f4462b2877b49522603cdb4b209de5a6d47 100644
--- a/doc/translations.txt
+++ b/doc/translations.txt
@@ -31,7 +31,7 @@ The current pootle configuration is checked into subversion as well:
TorCheck uses our translation portal to accept translations. Users use
the portal to check in their changes. To make use of the translations
-that users have commited to the translations/ subversion module, you'll
+that users have committed to the translations/ subversion module, you'll
need to ensure that you have a current checked out copy of TorCheck:
cd check/trunk/i18n/
@@ -75,59 +75,32 @@ And finally check in the changes:
Torbutton uses our translation portal to accept translations. Users use
the portal to check in their changes.
-To make use of the translations that users have commited to the translations/
+To make use of the translations that users have committed to the translations/
subversion module, you'll need to ensure that you have a current checked out
-copy of Torbutton:
+copy of them in your torbutton git checkout:
- cd torbutton/trans_tools
- torbutton/trans_tools$ svn up
+ cd torbutton.git/trans_tools
+ torbutton.git/trans_tools$ svn co https://tor-svn.freehaven.net/svn/translation/trunk/projects/torbutton pootle
You should see something like the following:
- Fetching external item into 'pootle'
- External at revision 15300.
-
- At revision 15300.
-
-Now if you had changes, you need to convert from .po and move
-the newly updated mozilla files into the current stable locale
-directory. First convert them with the 'mkmoz.sh' script and then
-move the proper mozilla files from 'torbutton/trans_tools/moz/' into
-'torbutton/src/chrome/locale/' directory while properly naming the files
-for their respective locale.
-
-Here's an example of how to move all of the current pootle translations into
-the svn trunk area of Torbutton:
-
- cd torbutton/trans_tools
- ./mkmoz.sh
- for locale in `ls -1 moz/`;
- do
- mv -v moz/$locale/*.{dtd,properties} ../src/chrome/locale/$locale/;
- done
-
-Now check the differences (ensure the output looks reasonable):
+ Checked out revision 21092.
- svn diff
+If you made changes to strings in Torbutton, you need to rebuild the
+templates in torbutton.git/trans_tools/pootle/templates. This is done with
+the following command from within the torbutton.git checkout directory:
-And finally check in the changes:
-
- svn commit
-
-
-If you make changes to strings in Torbutton, you need to rebuild the
-templates in torbutton/trans_tools/pootle/templates. This is done via:
-
- moz2po -P -i torbutton/src/chrome/locale/en/ -o torbutton/trans_tools/templates/
+ moz2po -P -i src/chrome/locale/en/ -o trans_tools/pootle/templates/
You now have two options:
-Option 1 (The Pootle Web UI Way):
+Option 1 (The [shitty] Pootle Web UI Way):
View then commit the changes to the template with:
- svn diff torbutton/trans_tools/templates/
- svn commit torbutton/trans_tools/templates/
+ cd trans_tools/pootle
+ svn diff templates
+ svn commit templates
Then poke Jake to 'svn up' on the Pootle side. If you do this enough
times, he may give you a button to click to update templates in Pootle,
@@ -150,7 +123,7 @@ Option 2 (Use your own msgmerge: YMMV, may change .po flags and formatting):
Run msgmerge yourself for each language:
- cd torbutton/trans_tools
+ cd trans_tools
for i in `ls -1 pootle`
do
msgmerge -U ./pootle/$i/torbutton.dtd.po ./pootle/templates/torbutton.dtd.pot
@@ -171,6 +144,36 @@ breaks :)
After this process is done, you then need to regenerate the mozilla
.dtd and .properties files as specified above.
+
+Regardless of whether or not you had changes in the torbutton strings, if there
+were updated strings in pootle that you checked out from svn you now need to
+convert from .po and move the newly updated mozilla files into the current
+stable locale directory. First convert them with the 'mkmoz.sh' script and
+then move the proper mozilla files from 'torbutton.git/trans_tools/moz/' into
+'torbutton.git/src/chrome/locale/' directory while properly naming the files
+for their respective locale.
+
+Here's an example of how to move all of the current pootle translations into
+the svn trunk area of Torbutton:
+
+ cd trans_tools
+ ./mkmoz.sh
+ for locale in `ls -1 moz/`;
+ do
+ mv -v moz/$locale/*.{dtd,properties} ../src/chrome/locale/$locale/
+ done
+
+Now check the differences to your git branch to ensure the output looks
+reasonable:
+
+ cd ..
+ git diff
+
+And finally check in the changes:
+
+ cd src/chrome/locale
+ git commit .
+
---------------------------- Vidalia -------------------------------
Vidalia uses our translation portal to accept translations. Users use the
diff --git a/src/common/aes.c b/src/common/aes.c
index e07665635b9894e0b78dd37910cfc42bbc720618..451c31f02a3bb744eab0df7a6e98592bed9166da 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -263,7 +263,8 @@ aes_set_key(aes_cnt_cipher_t *cipher, const char *key, int key_bits)
void
aes_free_cipher(aes_cnt_cipher_t *cipher)
{
- tor_assert(cipher);
+ if (!cipher)
+ return;
#ifdef USE_OPENSSL_EVP
EVP_CIPHER_CTX_cleanup(&cipher->key);
#endif
diff --git a/src/common/compat.c b/src/common/compat.c
index 96012e2e0172ff83956fa0d079a39e276e756b01..d45fda0be34a03a73e8d787f8190853ded2b59e5 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1608,7 +1608,6 @@ get_uname(void)
#ifdef MS_WINDOWS
OSVERSIONINFOEX info;
int i;
- unsigned int leftover_mask;
const char *plat = NULL;
const char *extra = NULL;
static struct {
@@ -1625,25 +1624,6 @@ get_uname(void)
{ 3, 51, "Windows NT 3.51" },
{ 0, 0, NULL }
};
-#ifdef VER_SUITE_BACKOFFICE
- static struct {
- unsigned int mask; const char *str;
- } win_mask_table[] = {
- { VER_SUITE_BACKOFFICE, " {backoffice}" },
- { VER_SUITE_BLADE, " {\"blade\" (2003, web edition)}" },
- { VER_SUITE_DATACENTER, " {datacenter}" },
- { VER_SUITE_ENTERPRISE, " {enterprise}" },
- { VER_SUITE_EMBEDDEDNT, " {embedded}" },
- { VER_SUITE_PERSONAL, " {personal}" },
- { VER_SUITE_SINGLEUSERTS,
- " {terminal services, single user}" },
- { VER_SUITE_SMALLBUSINESS, " {small business}" },
- { VER_SUITE_SMALLBUSINESS_RESTRICTED,
- " {small business, restricted}" },
- { VER_SUITE_TERMINAL, " {terminal services}" },
- { 0, NULL },
- };
-#endif
memset(&info, 0, sizeof(info));
info.dwOSVersionInfoSize = sizeof(info);
if (! GetVersionEx((LPOSVERSIONINFO)&info)) {
@@ -1702,18 +1682,6 @@ get_uname(void)
} else if (info.wProductType == VER_NT_WORKSTATION) {
strlcat(uname_result, " [workstation]", sizeof(uname_result));
}
- leftover_mask = info.wSuiteMask;
- for (i = 0; win_mask_table[i].mask; ++i) {
- if (info.wSuiteMask & win_mask_table[i].mask) {
- strlcat(uname_result, win_mask_table[i].str, sizeof(uname_result));
- leftover_mask &= ~win_mask_table[i].mask;
- }
- }
- if (leftover_mask) {
- size_t len = strlen(uname_result);
- tor_snprintf(uname_result+len, sizeof(uname_result)-len,
- " {0x%x}", info.wSuiteMask);
- }
#endif
#else
strlcpy(uname_result, "Unknown platform", sizeof(uname_result));
@@ -2044,6 +2012,8 @@ tor_mutex_new(void)
void
tor_mutex_free(tor_mutex_t *m)
{
+ if (!m)
+ return;
tor_mutex_uninit(m);
tor_free(m);
}
@@ -2071,7 +2041,8 @@ tor_cond_new(void)
void
tor_cond_free(tor_cond_t *cond)
{
- tor_assert(cond);
+ if (!cond)
+ return;
if (pthread_cond_destroy(&cond->cond)) {
log_warn(LD_GENERAL,"Error freeing condition: %s", strerror(errno));
return;
@@ -2128,7 +2099,8 @@ tor_cond_new(void)
void
tor_cond_free(tor_cond_t *cond)
{
- tor_assert(cond);
+ if (!cond)
+ return;
DeleteCriticalSection(&cond->mutex);
/* XXXX notify? */
smartlist_free(cond->events);
@@ -2204,7 +2176,7 @@ tor_threads_init(void)
}
#endif
-#ifdef HAVE_SYS_MMAN_H
+#if defined(HAVE_MLOCKALL) && HAVE_DECL_MLOCKALL && defined(RLIMIT_MEMLOCK)
/** Attempt to raise the current and max rlimit to infinity for our process.
* This only needs to be done once and can probably only be done when we have
* not already dropped privileges.
@@ -2258,7 +2230,6 @@ int
tor_mlockall(void)
{
static int memory_lock_attempted = 0;
- int ret;
if (memory_lock_attempted) {
return 1;
@@ -2273,15 +2244,13 @@ tor_mlockall(void)
* http://msdn.microsoft.com/en-us/library/aa366895(VS.85).aspx
*/
-#ifdef HAVE_MLOCKALL
- ret = tor_set_max_memlock();
- if (ret == 0) {
+#if defined(HAVE_MLOCKALL) && HAVE_DECL_MLOCKALL && defined(RLIMIT_MEMLOCK)
+ if (tor_set_max_memlock() == 0) {
/* Perhaps we only want to log this if we're in a verbose mode? */
log_notice(LD_GENERAL, "RLIMIT_MEMLOCK is now set to RLIM_INFINITY.");
}
- ret = mlockall(MCL_CURRENT|MCL_FUTURE);
- if (ret == 0) {
+ if (mlockall(MCL_CURRENT|MCL_FUTURE) == 0) {
log_notice(LD_GENERAL, "Insecure OS paging is effectively disabled.");
return 0;
} else {
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index 32c6d4c8bcc373d89879230031cd2370d5203a40..dcf51cbbd36a033f21ae98c31e80aa6d15b1767f 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -26,7 +26,7 @@
/** A number representing a version of Libevent.
This is a 4-byte number, with the first three bytes representing the
- major, minor, and patchlevel respectively of the the library. The fourth
+ major, minor, and patchlevel respectively of the library. The fourth
byte is unused.
This is equivalent to the format of LIBEVENT_VERSION_NUMBER on Libevent
diff --git a/src/common/container.c b/src/common/container.c
index f3540f74d8c6e5992b901b5e064ebbbe940c11d7..f452a51e428b8f05b42c9da0fb77d47c3b36707d 100644
--- a/src/common/container.c
+++ b/src/common/container.c
@@ -44,7 +44,8 @@ smartlist_create(void)
void
smartlist_free(smartlist_t *sl)
{
- tor_assert(sl != NULL);
+ if (!sl)
+ return;
tor_free(sl->list);
tor_free(sl);
}
@@ -604,6 +605,38 @@ smartlist_uniq_strings(smartlist_t *sl)
/* Heap-based priority queue implementation for O(lg N) insert and remove.
* Recall that the heap property is that, for every index I, h[I] <
* H[LEFT_CHILD[I]] and h[I] < H[RIGHT_CHILD[I]].
+ *
+ * For us to remove items other than the topmost item, each item must store
+ * its own index within the heap. When calling the pqueue functions, tell
+ * them about the offset of the field that stores the index within the item.
+ *
+ * Example:
+ *
+ * typedef struct timer_t {
+ * struct timeval tv;
+ * int heap_index;
+ * } timer_t;
+ *
+ * static int compare(const void *p1, const void *p2) {
+ * const timer_t *t1 = p1, *t2 = p2;
+ * if (t1->tv.tv_sec < t2->tv.tv_sec) {
+ * return -1;
+ * } else if (t1->tv.tv_sec > t2->tv.tv_sec) {
+ * return 1;
+ * } else {
+ * return t1->tv.tv_usec - t2->tv_usec;
+ * }
+ * }
+ *
+ * void timer_heap_insert(smartlist_t *heap, timer_t *timer) {
+ * smartlist_pqueue_add(heap, compare, STRUCT_OFFSET(timer_t, heap_index),
+ * timer);
+ * }
+ *
+ * void timer_heap_pop(smartlist_t *heap) {
+ * return smartlist_pqueue_pop(heap, compare,
+ * STRUCT_OFFSET(timer_t, heap_index));
+ * }
*/
/* For a 1-indexed array, we would use LEFT_CHILD[x] = 2*x and RIGHT_CHILD[x]
@@ -615,12 +648,22 @@ smartlist_uniq_strings(smartlist_t *sl)
#define RIGHT_CHILD(i) ( 2*(i) + 2 )
#define PARENT(i) ( ((i)-1) / 2 )
+#define IDXP(p) ((int*)STRUCT_VAR_P(p, idx_field_offset))
+
+#define UPDATE_IDX(i) do { \
+ void *updated = sl->list[i]; \
+ *IDXP(updated) = i; \
+ } while (0)
+
+#define IDX_OF_ITEM(p) (*IDXP(p))
+
/** Helper. <b>sl</b> may have at most one violation of the heap property:
* the item at <b>idx</b> may be greater than one or both of its children.
* Restore the heap property. */
static INLINE void
smartlist_heapify(smartlist_t *sl,
int (*compare)(const void *a, const void *b),
+ int idx_field_offset,
int idx)
{
while (1) {
@@ -643,21 +686,28 @@ smartlist_heapify(smartlist_t *sl,
void *tmp = sl->list[idx];
sl->list[idx] = sl->list[best_idx];
sl->list[best_idx] = tmp;
+ UPDATE_IDX(idx);
+ UPDATE_IDX(best_idx);
idx = best_idx;
}
}
}
-/** Insert <b>item</b> into the heap stored in <b>sl</b>, where order
- * is determined by <b>compare</b>. */
+/** Insert <b>item</b> into the heap stored in <b>sl</b>, where order is
+ * determined by <b>compare</b> and the offset of the item in the heap is
+ * stored in an int-typed field at position <b>idx_field_offset</b> within
+ * item.
+ */
void
smartlist_pqueue_add(smartlist_t *sl,
int (*compare)(const void *a, const void *b),
+ int idx_field_offset,
void *item)
{
int idx;
smartlist_add(sl,item);
+ UPDATE_IDX(sl->num_used-1);
for (idx = sl->num_used - 1; idx; ) {
int parent = PARENT(idx);
@@ -665,6 +715,8 @@ smartlist_pqueue_add(smartlist_t *sl,
void *tmp = sl->list[parent];
sl->list[parent] = sl->list[idx];
sl->list[idx] = tmp;
+ UPDATE_IDX(parent);
+ UPDATE_IDX(idx);
idx = parent;
} else {
return;
@@ -673,32 +725,63 @@ smartlist_pqueue_add(smartlist_t *sl,
}
/** Remove and return the top-priority item from the heap stored in <b>sl</b>,
- * where order is determined by <b>compare</b>. <b>sl</b> must not be
- * empty. */
+ * where order is determined by <b>compare</b> and the item's position is
+ * stored at position <b>idx_field_offset</b> within the item. <b>sl</b> must
+ * not be empty. */
void *
smartlist_pqueue_pop(smartlist_t *sl,
- int (*compare)(const void *a, const void *b))
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset)
{
void *top;
tor_assert(sl->num_used);
top = sl->list[0];
+ *IDXP(top)=-1;
if (--sl->num_used) {
sl->list[0] = sl->list[sl->num_used];
- smartlist_heapify(sl, compare, 0);
+ UPDATE_IDX(0);
+ smartlist_heapify(sl, compare, idx_field_offset, 0);
}
return top;
}
+/** Remove the item <b>item</b> from the heap stored in <b>sl</b>,
+ * where order is determined by <b>compare</b> and the item's position is
+ * stored at position <b>idx_field_offset</b> within the item. <b>sl</b> must
+ * not be empty. */
+void
+smartlist_pqueue_remove(smartlist_t *sl,
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset,
+ void *item)
+{
+ int idx = IDX_OF_ITEM(item);
+ tor_assert(idx >= 0);
+ tor_assert(sl->list[idx] == item);
+ --sl->num_used;
+ *IDXP(item) = -1;
+ if (idx == sl->num_used) {
+ return;
+ } else {
+ sl->list[idx] = sl->list[sl->num_used];
+ UPDATE_IDX(idx);
+ smartlist_heapify(sl, compare, idx_field_offset, idx);
+ }
+}
+
/** Assert that the heap property is correctly maintained by the heap stored
* in <b>sl</b>, where order is determined by <b>compare</b>. */
void
smartlist_pqueue_assert_ok(smartlist_t *sl,
- int (*compare)(const void *a, const void *b))
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset)
{
int i;
- for (i = sl->num_used - 1; i > 0; --i) {
- tor_assert(compare(sl->list[PARENT(i)], sl->list[i]) <= 0);
+ for (i = sl->num_used - 1; i >= 0; --i) {
+ if (i>0)
+ tor_assert(compare(sl->list[PARENT(i)], sl->list[i]) <= 0);
+ tor_assert(IDX_OF_ITEM(sl->list[i]) == i);
}
}
@@ -1187,6 +1270,9 @@ void
strmap_free(strmap_t *map, void (*free_val)(void*))
{
strmap_entry_t **ent, **next, *this;
+ if (!map)
+ return;
+
for (ent = HT_START(strmap_impl, &map->head); ent != NULL; ent = next) {
this = *ent;
next = HT_NEXT_RMV(strmap_impl, &map->head, ent);
@@ -1208,6 +1294,8 @@ void
digestmap_free(digestmap_t *map, void (*free_val)(void*))
{
digestmap_entry_t **ent, **next, *this;
+ if (!map)
+ return;
for (ent = HT_START(digestmap_impl, &map->head); ent != NULL; ent = next) {
this = *ent;
next = HT_NEXT_RMV(digestmap_impl, &map->head, ent);
@@ -1323,6 +1411,8 @@ digestset_new(int max_elements)
void
digestset_free(digestset_t *set)
{
+ if (!set)
+ return;
bitarray_free(set->ba);
tor_free(set);
}
diff --git a/src/common/container.h b/src/common/container.h
index 41c0c6870542e7b497ed55bc9bb29f8202825b81..8077d56ebddaf5f4470434be695f2daf39820f1e 100644
--- a/src/common/container.h
+++ b/src/common/container.h
@@ -118,11 +118,18 @@ int smartlist_bsearch_idx(const smartlist_t *sl, const void *key,
void smartlist_pqueue_add(smartlist_t *sl,
int (*compare)(const void *a, const void *b),
+ int idx_field_offset,
void *item);
void *smartlist_pqueue_pop(smartlist_t *sl,
- int (*compare)(const void *a, const void *b));
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset);
+void smartlist_pqueue_remove(smartlist_t *sl,
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset,
+ void *item);
void smartlist_pqueue_assert_ok(smartlist_t *sl,
- int (*compare)(const void *a, const void *b));
+ int (*compare)(const void *a, const void *b),
+ int idx_field_offset);
#define SPLIT_SKIP_SPACE 0x01
#define SPLIT_IGNORE_BLANK 0x02
diff --git a/src/common/crypto.c b/src/common/crypto.c
index 4c880f6b6f4c1bd6a9d3d402ad9555d9eb54ce9e..e7b0ff194fee462671bb17b4c8be6b1584e8e2f2 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -400,7 +400,8 @@ crypto_new_pk_env(void)
void
crypto_free_pk_env(crypto_pk_env_t *env)
{
- tor_assert(env);
+ if (!env)
+ return;
if (--env->refs > 0)
return;
@@ -426,10 +427,7 @@ crypto_create_init_cipher(const char *key, int encrypt_mode)
return NULL;
}
- if (crypto_cipher_set_key(crypto, key)) {
- crypto_log_errors(LOG_WARN, "setting symmetric key");
- goto error;
- }
+ crypto_cipher_set_key(crypto, key);
if (encrypt_mode)
r = crypto_cipher_encrypt_init_cipher(crypto);
@@ -463,7 +461,8 @@ crypto_new_cipher_env(void)
void
crypto_free_cipher_env(crypto_cipher_env_t *env)
{
- tor_assert(env);
+ if (!env)
+ return;
tor_assert(env->cipher);
aes_free_cipher(env->cipher);
@@ -611,7 +610,6 @@ crypto_pk_write_key_to_string_impl(crypto_pk_env_t *env, char **dest,
(void)BIO_set_close(b, BIO_NOCLOSE); /* so BIO_free doesn't free buf */
BIO_free(b);
- tor_assert(buf->length >= 0);
*dest = tor_malloc(buf->length+1);
memcpy(*dest, buf->data, buf->length);
(*dest)[buf->length] = 0; /* nul terminate it */
@@ -1252,16 +1250,14 @@ crypto_cipher_generate_key(crypto_cipher_env_t *env)
/** Set the symmetric key for the cipher in <b>env</b> to the first
* CIPHER_KEY_LEN bytes of <b>key</b>. Does not initialize the cipher.
- * Return 0 on success, -1 on failure.
*/
-int
+void
crypto_cipher_set_key(crypto_cipher_env_t *env, const char *key)
{
tor_assert(env);
tor_assert(key);
memcpy(env->key, key, CIPHER_KEY_LEN);
- return 0;
}
/** Generate an initialization vector for our AES-CTR cipher; store it
@@ -1528,6 +1524,8 @@ crypto_new_digest256_env(digest_algorithm_t algorithm)
void
crypto_free_digest_env(crypto_digest_env_t *digest)
{
+ if (!digest)
+ return;
memset(digest, 0, sizeof(crypto_digest_env_t));
tor_free(digest);
}
@@ -1899,7 +1897,8 @@ crypto_expand_key_material(const char *key_in, size_t key_in_len,
void
crypto_dh_free(crypto_dh_env_t *dh)
{
- tor_assert(dh);
+ if (!dh)
+ return;
tor_assert(dh->dh);
DH_free(dh->dh);
tor_free(dh);
diff --git a/src/common/crypto.h b/src/common/crypto.h
index d9adb16f80ebf3b67a697ff931d31f4739ef5f11..239acb5871911b0e59b6847c2d3a7ba5d3f94ca1 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -151,7 +151,7 @@ int crypto_pk_check_fingerprint_syntax(const char *s);
/* symmetric crypto */
int crypto_cipher_generate_key(crypto_cipher_env_t *env);
-int crypto_cipher_set_key(crypto_cipher_env_t *env, const char *key);
+void crypto_cipher_set_key(crypto_cipher_env_t *env, const char *key);
void crypto_cipher_generate_iv(char *iv_out);
int crypto_cipher_set_iv(crypto_cipher_env_t *env, const char *iv);
const char *crypto_cipher_get_key(crypto_cipher_env_t *env);
diff --git a/src/common/log.c b/src/common/log.c
index a83f945459acfa78f3132fd73befc0b08d8b2c76..ef65be8a3d4fb90840b80eaeeea5a18dd2a11108 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -81,7 +81,7 @@ should_log_function_name(log_domain_mask_t domain, int severity)
/* All debugging messages occur in interesting places. */
return 1;
case LOG_NOTICE:
- case LOG_WARN:
+ case LOG_WARN:
case LOG_ERR:
/* We care about places where bugs occur. */
return (domain == LD_BUG);
@@ -328,7 +328,7 @@ logv(int severity, log_domain_mask_t domain, const char *funcname,
/** Output a message to the log. */
void
-_log(int severity, log_domain_mask_t domain, const char *format, ...)
+tor_log(int severity, log_domain_mask_t domain, const char *format, ...)
{
va_list ap;
if (severity > _log_global_min_severity)
@@ -426,6 +426,8 @@ _log_err(log_domain_mask_t domain, const char *format, ...)
static void
log_free(logfile_t *victim)
{
+ if (!victim)
+ return;
tor_free(victim->severities);
tor_free(victim->filename);
tor_free(victim);
diff --git a/src/common/log.h b/src/common/log.h
index f1a6164f7d1df8e006847c297cca51628ab43ce5..9f9a4277fb5db86d5ae2318332ac9bf6c7a52e8d 100644
--- a/src/common/log.h
+++ b/src/common/log.h
@@ -140,9 +140,9 @@ void change_callback_log_severity(int loglevelMin, int loglevelMax,
void log_set_application_name(const char *name);
/* Outputs a message to stdout */
-void _log(int severity, log_domain_mask_t domain, const char *format, ...)
+void tor_log(int severity, log_domain_mask_t domain, const char *format, ...)
CHECK_PRINTF(3,4);
-#define log _log /* hack it so we don't conflict with log() as much */
+#define log tor_log /* hack it so we don't conflict with log() as much */
#ifdef __GNUC__
extern int _log_global_min_severity;
diff --git a/src/common/memarea.c b/src/common/memarea.c
index e7f6720646856f2f262c1676784f9b0d4c141390..661bd85da889361214e966c5b5b3466e1a42d57b 100644
--- a/src/common/memarea.c
+++ b/src/common/memarea.c
@@ -121,7 +121,7 @@ alloc_chunk(size_t sz, int freelist_ok)
/** Release <b>chunk</b> from a memarea, either by adding it to the freelist
* or by freeing it if the freelist is already too big. */
static void
-chunk_free(memarea_chunk_t *chunk)
+chunk_free_unchecked(memarea_chunk_t *chunk)
{
CHECK_SENTINEL(chunk);
if (freelist_len < MAX_FREELIST_LEN) {
@@ -151,7 +151,7 @@ memarea_drop_all(memarea_t *area)
memarea_chunk_t *chunk, *next;
for (chunk = area->first; chunk; chunk = next) {
next = chunk->next_chunk;
- chunk_free(chunk);
+ chunk_free_unchecked(chunk);
}
area->first = NULL; /*fail fast on */
tor_free(area);
@@ -167,7 +167,7 @@ memarea_clear(memarea_t *area)
if (area->first->next_chunk) {
for (chunk = area->first->next_chunk; chunk; chunk = next) {
next = chunk->next_chunk;
- chunk_free(chunk);
+ chunk_free_unchecked(chunk);
}
area->first->next_chunk = NULL;
}
diff --git a/src/common/torgzip.c b/src/common/torgzip.c
index 762f2e71bf04628986e8fdb19a316202b72ed2da..4f1b46adde1d91e29009aa0573ec723a8851502a 100644
--- a/src/common/torgzip.c
+++ b/src/common/torgzip.c
@@ -165,9 +165,7 @@ tor_gzip_compress(char **out, size_t *out_len,
deflateEnd(stream);
tor_free(stream);
}
- if (*out) {
- tor_free(*out);
- }
+ tor_free(*out);
return -1;
}
@@ -423,7 +421,8 @@ tor_zlib_process(tor_zlib_state_t *state,
void
tor_zlib_free(tor_zlib_state_t *state)
{
- tor_assert(state);
+ if (!state)
+ return;
if (state->compress)
deflateEnd(&state->stream);
diff --git a/src/common/tortls.c b/src/common/tortls.c
index ff49ecf9c52c8095ac22ac240f216221972559b0..86f07a270a71d93dfa9aa44b4ae22eb29a8fdfc2 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -588,6 +588,18 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
SSL_CTX_set_options(result->ctx,
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
+#endif
+#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ /* Yes, we know what we are doing here. No, we do not treat a renegotiation
+ * as authenticating any earlier-received data.
+ *
+ * (OpenSSL 0.9.8l introdeced SSL3_FLAGS_ALLOW_UNSAGE_LEGACY_RENEGOTIATION
+ * here. OpenSSL 0.9.8m thoughtfully turned it into an option and (it
+ * seems) broke anything that used SSL3_FLAGS_* for the purpose. So we need
+ * to do both.)
+ */
+ SSL_CTX_set_options(result->ctx,
+ SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
#endif
/* Don't actually allow compression; it uses ram and time, but the data
* we transmit is all encrypted anyway. */
@@ -974,7 +986,9 @@ void
tor_tls_free(tor_tls_t *tls)
{
tor_tls_t *removed;
- tor_assert(tls && tls->ssl);
+ if (!tls)
+ return;
+ tor_assert(tls->ssl);
removed = HT_REMOVE(tlsmap, &tlsmap_root, tls);
if (!removed) {
log_warn(LD_BUG, "Freeing a TLS that was not in the ssl->tls map.");
@@ -1300,10 +1314,8 @@ log_cert_lifetime(X509 *cert, const char *problem)
tls_log_errors(NULL, LOG_WARN, LD_NET, "getting certificate lifetime");
if (bio)
BIO_free(bio);
- if (s1)
- tor_free(s1);
- if (s2)
- tor_free(s2);
+ tor_free(s1);
+ tor_free(s2);
}
/** Helper function: try to extract a link certificate and an identity
diff --git a/src/common/util.c b/src/common/util.c
index 989efd9581486cb2e336b9e885cecb832cd50c36..a15af7ed572fb3f362b22529e893062285b7a59a 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -16,6 +16,7 @@
#include "orconfig.h"
#include "util.h"
#include "log.h"
+#undef log
#include "crypto.h"
#include "torint.h"
#include "container.h"
@@ -30,6 +31,11 @@
#include <pwd.h>
#endif
+/* math.h needs this on Linux */
+#ifndef __USE_ISOC99
+#define __USE_ISOC99 1
+#endif
+#include <math.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -278,7 +284,7 @@ tor_log_mallinfo(int severity)
struct mallinfo mi;
memset(&mi, 0, sizeof(mi));
mi = mallinfo();
- log(severity, LD_MM,
+ tor_log(severity, LD_MM,
"mallinfo() said: arena=%d, ordblks=%d, smblks=%d, hblks=%d, "
"hblkhd=%d, usmblks=%d, fsmblks=%d, uordblks=%d, fordblks=%d, "
"keepcost=%d",
@@ -301,6 +307,25 @@ tor_log_mallinfo(int severity)
* Math
* ===== */
+/**
+ * Returns the natural logarithm of d base 2. We define this wrapper here so
+ * as to make it easier not to conflict with Tor's log() macro.
+ */
+double
+tor_mathlog(double d)
+{
+ return log(d);
+}
+
+/** Return the long integer closest to d. We define this wrapper here so
+ * that not all users of math.h need to use the right incancations to get
+ * the c99 functions. */
+long
+tor_lround(double d)
+{
+ return lround(d);
+}
+
/** Returns floor(log2(u64)). If u64 is 0, (incorrectly) returns 0. */
int
tor_log2(uint64_t u64)
@@ -657,6 +682,29 @@ find_whitespace_eos(const char *s, const char *eos)
return s;
}
+/** Return the first occurrence of <b>needle</b> in <b>haystack</b> that
+ * occurs at the start of a line (that is, at the beginning of <b>haystack</b>
+ * or immediately after a newline). Return NULL if no such string is found.
+ */
+const char *
+find_str_at_start_of_line(const char *haystack, const char *needle)
+{
+ size_t needle_len = strlen(needle);
+
+ do {
+ if (!strncmp(haystack, needle, needle_len))
+ return haystack;
+
+ haystack = strchr(haystack, '\n');
+ if (!haystack)
+ return NULL;
+ else
+ ++haystack;
+ } while (*haystack);
+
+ return NULL;
+}
+
/** Return true iff the 'len' bytes at 'mem' are all zero. */
int
tor_mem_is_zero(const char *mem, size_t len)
@@ -953,8 +1001,7 @@ const char *
escaped(const char *s)
{
static char *_escaped_val = NULL;
- if (_escaped_val)
- tor_free(_escaped_val);
+ tor_free(_escaped_val);
if (s)
_escaped_val = esc_for_log(s);
@@ -1190,7 +1237,7 @@ format_rfc1123_time(char *buf, time_t t)
memcpy(buf+8, MONTH_NAMES[tm.tm_mon], 3);
}
-/** Parse the the RFC1123 encoding of some time (in GMT) from <b>buf</b>,
+/** Parse the RFC1123 encoding of some time (in GMT) from <b>buf</b>,
* and store the result in *<b>t</b>.
*
* Return 0 on success, -1 on failure.
@@ -1651,12 +1698,12 @@ check_private_dir(const char *dirname, cpd_check_t check)
tor_free(f);
if (r) {
if (errno != ENOENT) {
- log(LOG_WARN, LD_FS, "Directory %s cannot be read: %s", dirname,
- strerror(errno));
+ log_warn(LD_FS, "Directory %s cannot be read: %s", dirname,
+ strerror(errno));
return -1;
}
if (check == CPD_NONE) {
- log(LOG_WARN, LD_FS, "Directory %s does not exist.", dirname);
+ log_warn(LD_FS, "Directory %s does not exist.", dirname);
return -1;
} else if (check == CPD_CREATE) {
log_info(LD_GENERAL, "Creating directory %s", dirname);
@@ -1666,7 +1713,7 @@ check_private_dir(const char *dirname, cpd_check_t check)
r = mkdir(dirname, 0700);
#endif
if (r) {
- log(LOG_WARN, LD_FS, "Error creating directory %s: %s", dirname,
+ log_warn(LD_FS, "Error creating directory %s: %s", dirname,
strerror(errno));
return -1;
}
@@ -1676,7 +1723,7 @@ check_private_dir(const char *dirname, cpd_check_t check)
return 0;
}
if (!(st.st_mode & S_IFDIR)) {
- log(LOG_WARN, LD_FS, "%s is not a directory", dirname);
+ log_warn(LD_FS, "%s is not a directory", dirname);
return -1;
}
#ifndef MS_WINDOWS
@@ -1689,7 +1736,7 @@ check_private_dir(const char *dirname, cpd_check_t check)
pw = getpwuid(st.st_uid);
- log(LOG_WARN, LD_FS, "%s is not owned by this user (%s, %d) but by "
+ log_warn(LD_FS, "%s is not owned by this user (%s, %d) but by "
"%s (%d). Perhaps you are running Tor as the wrong user?",
dirname, process_ownername, (int)getuid(),
pw ? pw->pw_name : "<unknown>", (int)st.st_uid);
@@ -1698,9 +1745,9 @@ check_private_dir(const char *dirname, cpd_check_t check)
return -1;
}
if (st.st_mode & 0077) {
- log(LOG_WARN, LD_FS, "Fixing permissions on directory %s", dirname);
+ log_warn(LD_FS, "Fixing permissions on directory %s", dirname);
if (chmod(dirname, 0700)) {
- log(LOG_WARN, LD_FS, "Could not chmod directory %s: %s", dirname,
+ log_warn(LD_FS, "Could not chmod directory %s: %s", dirname,
strerror(errno));
return -1;
} else {
@@ -1731,7 +1778,7 @@ write_str_to_file(const char *fname, const char *str, int bin)
}
/** Represents a file that we're writing to, with support for atomic commit:
- * we can write into a a temporary file, and either remove the file on
+ * we can write into a temporary file, and either remove the file on
* failure, or replace the original file on success. */
struct open_file_t {
char *tempname; /**< Name of the temporary file. */
@@ -1785,7 +1832,7 @@ start_writing_to_file(const char *fname, int open_flags, int mode,
} else {
open_name = new_file->tempname = tor_malloc(tempname_len);
if (tor_snprintf(new_file->tempname, tempname_len, "%s.tmp", fname)<0) {
- log(LOG_WARN, LD_GENERAL, "Failed to generate filename");
+ log_warn(LD_GENERAL, "Failed to generate filename");
goto err;
}
/* We always replace an existing temporary file if there is one. */
@@ -1797,7 +1844,7 @@ start_writing_to_file(const char *fname, int open_flags, int mode,
new_file->binary = 1;
if ((new_file->fd = open(open_name, open_flags, mode)) < 0) {
- log(LOG_WARN, LD_FS, "Couldn't open \"%s\" (%s) for writing: %s",
+ log_warn(LD_FS, "Couldn't open \"%s\" (%s) for writing: %s",
open_name, fname, strerror(errno));
goto err;
}
@@ -1934,7 +1981,7 @@ write_chunks_to_file_impl(const char *fname, const smartlist_t *chunks,
{
result = write_all(fd, chunk->bytes, chunk->len, 0);
if (result < 0) {
- log(LOG_WARN, LD_FS, "Error writing to \"%s\": %s", fname,
+ log_warn(LD_FS, "Error writing to \"%s\": %s", fname,
strerror(errno));
goto err;
}
@@ -2451,7 +2498,7 @@ tor_vsscanf(const char *buf, const char *pattern, va_list ap)
* long widths. %u does not consume any space. Is locale-independent.
* Returns -1 on malformed patterns.
*
- * (As with other local-independent functions, we need this to parse data that
+ * (As with other locale-independent functions, we need this to parse data that
* is in ASCII without worrying that the C library's locale-handling will make
* miscellaneous characters look like numbers, spaces, and so on.)
*/
diff --git a/src/common/util.h b/src/common/util.h
index 85234f515719001b7d80872033e61e80cafb5c28..b55bb91c51f9acfa650a530d68500779bfd436eb 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -43,7 +43,7 @@
* stderr. */
#define tor_assert(expr) STMT_BEGIN \
if (PREDICT_UNLIKELY(!(expr))) { \
- log(LOG_ERR, LD_BUG, "%s:%d: %s: Assertion %s failed; aborting.", \
+ log_err(LD_BUG, "%s:%d: %s: Assertion %s failed; aborting.", \
_SHORT_FILE_, __LINE__, __func__, #expr); \
fprintf(stderr,"%s:%d %s: Assertion %s failed; aborting.\n", \
_SHORT_FILE_, __LINE__, __func__, #expr); \
@@ -152,6 +152,8 @@ void tor_log_mallinfo(int severity);
#define bool_neq(a,b) (!(a)!=!(b))
/* Math functions */
+double tor_mathlog(double d) ATTR_CONST;
+long tor_lround(double d) ATTR_CONST;
int tor_log2(uint64_t u64) ATTR_CONST;
uint64_t round_to_power_of_2(uint64_t u64);
unsigned round_to_next_multiple_of(unsigned number, unsigned divisor);
@@ -193,6 +195,8 @@ const char *eat_whitespace_no_nl(const char *s) ATTR_PURE;
const char *eat_whitespace_eos_no_nl(const char *s, const char *eos) ATTR_PURE;
const char *find_whitespace(const char *s) ATTR_PURE;
const char *find_whitespace_eos(const char *s, const char *eos) ATTR_PURE;
+const char *find_str_at_start_of_line(const char *haystack, const char *needle)
+ ATTR_PURE;
int tor_mem_is_zero(const char *mem, size_t len) ATTR_PURE;
int tor_digest_is_zero(const char *digest) ATTR_PURE;
int tor_digest256_is_zero(const char *digest) ATTR_PURE;
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 1a1b2077cc6d0e8b1b1cc40c0c3b984da339cf09..c990b6619acf51229c1db15b08e8277344a3d6b0 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -147,10 +147,13 @@ get_freelist(size_t alloc)
/** Deallocate a chunk or put it on a freelist */
static void
-chunk_free(chunk_t *chunk)
+chunk_free_unchecked(chunk_t *chunk)
{
- size_t alloc = CHUNK_ALLOC_SIZE(chunk->memlen);
- chunk_freelist_t *freelist = get_freelist(alloc);
+ size_t alloc;
+ chunk_freelist_t *freelist;
+
+ alloc = CHUNK_ALLOC_SIZE(chunk->memlen);
+ freelist = get_freelist(alloc);
if (freelist && freelist->cur_length < freelist->max_length) {
chunk->next = freelist->head;
freelist->head = chunk;
@@ -195,7 +198,7 @@ chunk_new_with_alloc_size(size_t alloc)
}
#else
static void
-chunk_free(chunk_t *chunk)
+chunk_free_unchecked(chunk_t *chunk)
{
tor_free(chunk);
}
@@ -403,7 +406,7 @@ buf_pullup(buf_t *buf, size_t bytes, int nulterminate)
dest->next = src->next;
if (buf->tail == src)
buf->tail = dest;
- chunk_free(src);
+ chunk_free_unchecked(src);
} else {
memcpy(CHUNK_WRITE_PTR(dest), src->data, n);
dest->datalen += n;
@@ -449,7 +452,7 @@ buf_remove_from_front(buf_t *buf, size_t n)
buf->head = victim->next;
if (buf->tail == victim)
buf->tail = NULL;
- chunk_free(victim);
+ chunk_free_unchecked(victim);
}
}
check();
@@ -483,7 +486,7 @@ buf_clear(buf_t *buf)
buf->datalen = 0;
for (chunk = buf->head; chunk; chunk = next) {
next = chunk->next;
- chunk_free(chunk);
+ chunk_free_unchecked(chunk);
}
buf->head = buf->tail = NULL;
}
@@ -522,6 +525,8 @@ buf_slack(const buf_t *buf)
void
buf_free(buf_t *buf)
{
+ if (!buf)
+ return;
buf_clear(buf);
buf->magic = 0xdeadbeef;
tor_free(buf);
@@ -1490,7 +1495,8 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
return -1;
}
log_debug(LD_APP,
- "socks4: successfully read destip (%s)", safe_str(tmpbuf));
+ "socks4: successfully read destip (%s)",
+ safe_str_client(tmpbuf));
socks4_prot = socks4;
}
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 91fa9d8db57d65d250866a78019ae2dd221ccf98..300da7eed049144d503d33ec05119a58f3a90c63 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -13,41 +13,13 @@
#include "or.h"
#include "crypto.h"
+#undef log
+#include <math.h>
#ifndef MIN
#define MIN(a,b) ((a)<(b)?(a):(b))
#endif
-/*
- * This madness is needed because if we simply #undef log
- * before including or.h or log.h, we get linker collisions
- * and random segfaults due to memory corruption (and
- * not even at calls to log() either!)
- */
- /* XXX022 somebody should rename Tor's log() function, so we can
- * remove this wart. -RD */
-#undef log
-
-/*
- * Linux doesn't provide lround in math.h by default, but mac os does...
- * It's best just to leave math.h out of the picture entirely.
- */
-//#define log math_h_log
-//#include <math.h>
-//#undef log
-long int lround(double x);
-double ln(double x);
-double log(double x);
-double pow(double x, double y);
-
-double
-ln(double x)
-{
- return log(x);
-}
-
-#define log _log
-
/********* START VARIABLES **********/
/** Global list of circuit build times */
// FIXME: Add this as a member for entry_guard_t instead of global?
@@ -106,7 +78,6 @@ static int count_acceptable_routers(smartlist_t *routers);
static int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice);
static void entry_guards_changed(void);
-static time_t start_of_month(time_t when);
/** Make a note that we're running unit tests (rather than running Tor
* itself), so we avoid clobbering our state file. */
@@ -364,7 +335,7 @@ circuit_build_times_update_state(circuit_build_times_t *cbt,
or_state_mark_dirty(get_or_state(), 0);
}
- if (histogram) tor_free(histogram);
+ tor_free(histogram);
}
/**
@@ -523,9 +494,9 @@ circuit_build_times_update_alpha(circuit_build_times_t *cbt)
}
if (x[i] < cbt->Xm) {
- a += ln(cbt->Xm);
+ a += tor_mathlog(cbt->Xm);
} else {
- a += ln(x[i]);
+ a += tor_mathlog(x[i]);
}
n++;
}
@@ -536,7 +507,7 @@ circuit_build_times_update_alpha(circuit_build_times_t *cbt)
}
tor_assert(n==cbt->total_build_times);
- a -= n*ln(cbt->Xm);
+ a -= n*tor_mathlog(cbt->Xm);
a = n/a;
cbt->alpha = a;
@@ -611,7 +582,8 @@ circuit_build_times_generate_sample(circuit_build_times_t *cbt,
tor_assert(0 <= u && u < 1.0);
/* circuit_build_times_calculate_timeout returns <= INT32_MAX */
- ret = (build_time_t)lround(circuit_build_times_calculate_timeout(cbt, u));
+ ret = (build_time_t)
+ tor_lround(circuit_build_times_calculate_timeout(cbt, u));
tor_assert(ret > 0);
return ret;
}
@@ -624,7 +596,7 @@ circuit_build_times_add_timeout_worker(circuit_build_times_t *cbt,
build_time_t gentime = circuit_build_times_generate_sample(cbt,
quantile_cutoff, MAX_SYNTHETIC_QUANTILE);
- if (gentime < (build_time_t)lround(cbt->timeout_ms)) {
+ if (gentime < (build_time_t)tor_lround(cbt->timeout_ms)) {
log_warn(LD_CIRC,
"Generated a synthetic timeout LESS than the current timeout: "
"%ums vs %lfms using Xm: %d a: %lf, q: %lf",
@@ -658,7 +630,8 @@ circuit_build_times_initial_alpha(circuit_build_times_t *cbt,
// -ln(1-0.8)/(ln(CircBuildTimeout)-ln(Xm))=a
tor_assert(quantile >= 0);
tor_assert(cbt->Xm > 0);
- cbt->alpha = ln(1.0-quantile)/(ln(cbt->Xm)-ln(timeout_ms));
+ cbt->alpha = tor_mathlog(1.0-quantile)/
+ (tor_mathlog(cbt->Xm)-tor_mathlog(timeout_ms));
tor_assert(cbt->alpha > 0);
}
@@ -795,7 +768,7 @@ circuit_build_times_network_check_live(circuit_build_times_t *cbt)
"Network is flaky. No activity for %ld seconds. "
"Temporarily raising timeout to %lds.",
(long int)(now - cbt->liveness.network_last_live),
- lround(circuit_build_times_get_initial_timeout()/1000));
+ tor_lround(circuit_build_times_get_initial_timeout()/1000));
cbt->timeout_ms = circuit_build_times_get_initial_timeout();
}
@@ -849,7 +822,8 @@ circuit_build_times_network_check_changed(circuit_build_times_t *cbt)
log_notice(LD_CIRC,
"Network connection speed appears to have changed. Resetting "
"timeout to %lds after %d timeouts and %d buildtimes.",
- lround(cbt->timeout_ms/1000), timeout_count, total_build_times);
+ tor_lround(cbt->timeout_ms/1000), timeout_count,
+ total_build_times);
return 1;
}
@@ -921,7 +895,7 @@ circuit_build_times_set_timeout(circuit_build_times_t *cbt)
log_info(LD_CIRC,
"Set circuit build timeout to %lds (%lfms, Xm: %d, a: %lf) "
- "based on %d circuit times", lround(cbt->timeout_ms/1000),
+ "based on %d circuit times", tor_lround(cbt->timeout_ms/1000),
cbt->timeout_ms, cbt->Xm, cbt->alpha, cbt->total_build_times);
}
@@ -1083,7 +1057,7 @@ void
circuit_log_path(int severity, unsigned int domain, origin_circuit_t *circ)
{
char *s = circuit_list_path(circ,1);
- log(severity,domain,"%s",s);
+ tor_log(severity,domain,"%s",s);
tor_free(s);
}
@@ -1229,7 +1203,8 @@ circuit_handle_first_hop(origin_circuit_t *circ)
/* not currently connected in a useful way. */
const char *name = strlen(firsthop->extend_info->nickname) ?
firsthop->extend_info->nickname : fmt_addr(&firsthop->extend_info->addr);
- log_info(LD_CIRC, "Next router is %s: %s ", safe_str(name), msg?msg:"???");
+ log_info(LD_CIRC, "Next router is %s: %s ",
+ safe_str_client(name), msg?msg:"???");
circ->_base.n_hop = extend_info_dup(firsthop->extend_info);
if (should_launch) {
@@ -1402,7 +1377,7 @@ inform_testing_reachability(void)
"CHECKING_REACHABILITY DIRADDRESS=%s:%d",
me->address, me->dir_port);
}
- log(LOG_NOTICE, LD_OR, "Now checking whether ORPort %s:%d%s %s reachable... "
+ log_notice(LD_OR, "Now checking whether ORPort %s:%d%s %s reachable... "
"(this may take up to %d minutes -- look for log "
"messages indicating success)",
me->address, me->or_port,
@@ -1527,7 +1502,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
or_options_t *options = get_options();
has_completed_circuit=1;
/* FFFF Log a count of known routers here */
- log(LOG_NOTICE, LD_GENERAL,
+ log_notice(LD_GENERAL,
"Tor has successfully opened a circuit. "
"Looks like client functionality is working.");
control_event_bootstrap(BOOTSTRAP_STATUS_DONE, 0);
@@ -1582,7 +1557,7 @@ void
circuit_note_clock_jumped(int seconds_elapsed)
{
int severity = server_mode(get_options()) ? LOG_WARN : LOG_NOTICE;
- log(severity, LD_GENERAL, "Your system clock just jumped %d seconds %s; "
+ tor_log(severity, LD_GENERAL, "Your system clock just jumped %d seconds %s; "
"assuming established circuits no longer work.",
seconds_elapsed >=0 ? seconds_elapsed : -seconds_elapsed,
seconds_elapsed >=0 ? "forward" : "backward");
@@ -1819,10 +1794,9 @@ circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
return -END_CIRC_REASON_TORPROTOCOL;
}
- if (hop->dh_handshake_state) {
- crypto_dh_free(hop->dh_handshake_state); /* don't need it anymore */
- hop->dh_handshake_state = NULL;
- }
+ crypto_dh_free(hop->dh_handshake_state); /* don't need it anymore */
+ hop->dh_handshake_state = NULL;
+
memset(hop->fast_handshake_state, 0, sizeof(hop->fast_handshake_state));
if (circuit_init_cpath_crypto(hop, keys, 0)<0) {
@@ -2130,9 +2104,16 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
n_supported[i] = -1;
continue; /* skip routers that are known to be down or bad exits */
}
- if (router_is_unreliable(router, need_uptime, need_capacity, 0)) {
+ if (router_is_unreliable(router, need_uptime, need_capacity, 0) &&
+ (!options->ExitNodes ||
+ !routerset_contains_router(options->ExitNodes, router))) {
+ /* FFFF Someday, differentiate between a routerset that names
+ * routers, and a routerset that names countries, and only do this
+ * check if they've asked for specific exit relays. Or if the country
+ * they ask for is rare. Or something. */
n_supported[i] = -1;
- continue; /* skip routers that are not suitable */
+ continue; /* skip routers that are not suitable, unless we have
+ * ExitNodes set, in which case we asked for it */
}
if (!(router->is_valid || options->_AllowInvalid & ALLOW_INVALID_EXIT)) {
/* if it's invalid and we don't want it */
@@ -2157,7 +2138,7 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
{
if (!ap_stream_wants_exit_attention(conn))
continue; /* Skip everything but APs in CIRCUIT_WAIT */
- if (connection_ap_can_use_exit(TO_EDGE_CONN(conn), router)) {
+ if (connection_ap_can_use_exit(TO_EDGE_CONN(conn), router, 1)) {
++n_supported[i];
// log_fn(LOG_DEBUG,"%s is supported. n_supported[%d] now %d.",
// router->nickname, i, n_supported[i]);
@@ -2199,7 +2180,8 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
routersets_get_disjunction(use, supporting, options->ExitNodes,
options->_ExcludeExitNodesUnion, 1);
- if (smartlist_len(use) == 0 && !options->StrictExitNodes) {
+ if (smartlist_len(use) == 0 && options->ExitNodes &&
+ !options->StrictNodes) { /* give up on exitnodes and try again */
routersets_get_disjunction(use, supporting, NULL,
options->_ExcludeExitNodesUnion, 1);
}
@@ -2224,8 +2206,9 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
tor_free(n_supported);
return choose_good_exit_server_general(dir, 0, 0);
}
- log_notice(LD_CIRC, "All routers are down or won't exit -- choosing a "
- "doomed exit at random.");
+ log_notice(LD_CIRC, "All routers are down or won't exit%s -- "
+ "choosing a doomed exit at random.",
+ options->_ExcludeExitNodesUnion ? " or are Excluded" : "");
}
supporting = smartlist_create();
use = smartlist_create();
@@ -2245,12 +2228,14 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
routersets_get_disjunction(use, supporting, options->ExitNodes,
options->_ExcludeExitNodesUnion, 1);
- if (smartlist_len(use) == 0 && !options->StrictExitNodes) {
+ if (smartlist_len(use) == 0 && options->ExitNodes &&
+ !options->StrictNodes) { /* give up on exitnodes and try again */
routersets_get_disjunction(use, supporting, NULL,
options->_ExcludeExitNodesUnion, 1);
}
- /* XXX sometimes the above results in null, when the requested
- * exit node is down. we should pick it anyway. */
+ /* FFF sometimes the above results in null, when the requested
+ * exit node is considered down by the consensus. we should pick
+ * it anyway, since the user asked for it. */
router = routerlist_sl_choose_by_bandwidth(use, WEIGHT_FOR_EXIT);
if (router)
break;
@@ -2268,10 +2253,10 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
log_info(LD_CIRC, "Chose exit server '%s'", router->nickname);
return router;
}
- if (options->StrictExitNodes) {
+ if (options->ExitNodes && options->StrictNodes) {
log_warn(LD_CIRC,
"No specified exit routers seem to be running, and "
- "StrictExitNodes is set: can't choose an exit.");
+ "StrictNodes is set: can't choose an exit.");
}
return NULL;
}
@@ -2302,15 +2287,13 @@ choose_good_exit_server(uint8_t purpose, routerlist_t *dir,
if (options->_AllowInvalid & ALLOW_INVALID_MIDDLE)
flags |= CRN_ALLOW_INVALID;
if (is_internal) /* pick it like a middle hop */
- return router_choose_random_node(NULL, NULL,
- options->ExcludeNodes, flags);
+ return router_choose_random_node(NULL, options->ExcludeNodes, flags);
else
return choose_good_exit_server_general(dir,need_uptime,need_capacity);
case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
if (options->_AllowInvalid & ALLOW_INVALID_RENDEZVOUS)
flags |= CRN_ALLOW_INVALID;
- return router_choose_random_node(NULL, NULL,
- options->ExcludeNodes, flags);
+ return router_choose_random_node(NULL, options->ExcludeNodes, flags);
}
log_warn(LD_BUG,"Unhandled purpose %d", purpose);
tor_fragile_assert();
@@ -2430,8 +2413,7 @@ circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *exit)
state = circ->build_state;
tor_assert(state);
- if (state->chosen_exit)
- extend_info_free(state->chosen_exit);
+ extend_info_free(state->chosen_exit);
state->chosen_exit = extend_info_dup(exit);
++circ->build_state->desired_path_len;
@@ -2553,8 +2535,7 @@ choose_good_middle_server(uint8_t purpose,
flags |= CRN_NEED_CAPACITY;
if (options->_AllowInvalid & ALLOW_INVALID_MIDDLE)
flags |= CRN_ALLOW_INVALID;
- choice = router_choose_random_node(NULL,
- excluded, options->ExcludeNodes, flags);
+ choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
smartlist_free(excluded);
return choice;
}
@@ -2573,7 +2554,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
routerinfo_t *r, *choice;
smartlist_t *excluded;
or_options_t *options = get_options();
- router_crn_flags_t flags = 0;
+ router_crn_flags_t flags = CRN_NEED_GUARD;
if (state && options->UseEntryGuards &&
(purpose != CIRCUIT_PURPOSE_TESTING || options->BridgeRelay)) {
@@ -2610,7 +2591,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
}
if (state) {
- flags |= CRN_NEED_GUARD;
if (state->need_uptime)
flags |= CRN_NEED_UPTIME;
if (state->need_capacity)
@@ -2619,11 +2599,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
if (options->_AllowInvalid & ALLOW_INVALID_ENTRY)
flags |= CRN_ALLOW_INVALID;
- choice = router_choose_random_node(
- NULL,
- excluded,
- options->ExcludeNodes,
- flags);
+ choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
smartlist_free(excluded);
return choice;
}
@@ -2744,9 +2720,9 @@ extend_info_from_router(routerinfo_t *r)
void
extend_info_free(extend_info_t *info)
{
- tor_assert(info);
- if (info->onion_key)
- crypto_free_pk_env(info->onion_key);
+ if (!info)
+ return;
+ crypto_free_pk_env(info->onion_key);
tor_free(info);
}
@@ -2869,35 +2845,58 @@ entry_is_time_to_retry(entry_guard_t *e, time_t now)
* - Listed as either up or never yet contacted;
* - Present in the routerlist;
* - Listed as 'stable' or 'fast' by the current dirserver consensus,
- * if demanded by <b>need_uptime</b> or <b>need_capacity</b>;
- * (This check is currently redundant with the Guard flag, but in
- * the future that might change. Best to leave it in for now.)
+ * if demanded by <b>need_uptime</b> or <b>need_capacity</b>
+ * (unless it's a configured EntryNode);
* - Allowed by our current ReachableORAddresses config option; and
- * - Currently thought to be reachable by us (unless assume_reachable
+ * - Currently thought to be reachable by us (unless <b>assume_reachable</b>
* is true).
+ *
+ * If the answer is no, set *<b>msg</b> to an explanation of why.
*/
static INLINE routerinfo_t *
entry_is_live(entry_guard_t *e, int need_uptime, int need_capacity,
- int assume_reachable)
+ int assume_reachable, const char **msg)
{
routerinfo_t *r;
- if (e->bad_since)
+ or_options_t *options = get_options();
+ tor_assert(msg);
+
+ if (e->bad_since) {
+ *msg = "bad";
return NULL;
+ }
/* no good if it's unreachable, unless assume_unreachable or can_retry. */
if (!assume_reachable && !e->can_retry &&
- e->unreachable_since && !entry_is_time_to_retry(e, time(NULL)))
+ e->unreachable_since && !entry_is_time_to_retry(e, time(NULL))) {
+ *msg = "unreachable";
return NULL;
+ }
r = router_get_by_digest(e->identity);
- if (!r)
+ if (!r) {
+ *msg = "no descriptor";
return NULL;
- if (get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_BRIDGE)
+ }
+ if (get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_BRIDGE) {
+ *msg = "not a bridge";
return NULL;
- if (!get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_GENERAL)
+ }
+ if (!get_options()->UseBridges && r->purpose != ROUTER_PURPOSE_GENERAL) {
+ *msg = "not general-purpose";
return NULL;
- if (router_is_unreliable(r, need_uptime, need_capacity, 0))
+ }
+ if (options->EntryNodes &&
+ routerset_contains_router(options->EntryNodes, r)) {
+ /* they asked for it, they get it */
+ need_uptime = need_capacity = 0;
+ }
+ if (router_is_unreliable(r, need_uptime, need_capacity, 0)) {
+ *msg = "not fast/stable";
return NULL;
- if (!fascist_firewall_allows_or(r))
+ }
+ if (!fascist_firewall_allows_or(r)) {
+ *msg = "unreachable by config";
return NULL;
+ }
return r;
}
@@ -2906,11 +2905,12 @@ static int
num_live_entry_guards(void)
{
int n = 0;
+ const char *msg;
if (! entry_guards)
return 0;
SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
{
- if (entry_is_live(entry, 0, 1, 0))
+ if (entry_is_live(entry, 0, 1, 0, &msg))
++n;
});
return n;
@@ -2939,10 +2939,15 @@ log_entry_guards(int severity)
SMARTLIST_FOREACH(entry_guards, entry_guard_t *, e,
{
- tor_snprintf(buf, sizeof(buf), "%s (%s%s)",
- e->nickname,
- entry_is_live(e, 0, 1, 0) ? "up " : "down ",
- e->made_contact ? "made-contact" : "never-contacted");
+ const char *msg = NULL;
+ if (entry_is_live(e, 0, 1, 0, &msg))
+ tor_snprintf(buf, sizeof(buf), "%s (up %s)",
+ e->nickname,
+ e->made_contact ? "made-contact" : "never-contacted");
+ else
+ tor_snprintf(buf, sizeof(buf), "%s (%s, %s)",
+ e->nickname, msg,
+ e->made_contact ? "made-contact" : "never-contacted");
smartlist_add(elements, tor_strdup(buf));
});
@@ -2967,12 +2972,13 @@ control_event_guard_deferred(void)
**/
#if 0
int n = 0;
+ const char *msg;
or_options_t *options = get_options();
if (!entry_guards)
return;
SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
{
- if (entry_is_live(entry, 0, 1, 0)) {
+ if (entry_is_live(entry, 0, 1, 0, &msg)) {
if (n++ == options->NumEntryGuards) {
control_event_guard(entry->nickname, entry->identity, "DEFERRED");
return;
@@ -3014,7 +3020,12 @@ add_an_entry_guard(routerinfo_t *chosen, int reset_status)
log_info(LD_CIRC, "Chose '%s' as new entry guard.", router->nickname);
strlcpy(entry->nickname, router->nickname, sizeof(entry->nickname));
memcpy(entry->identity, router->cache_info.identity_digest, DIGEST_LEN);
- entry->chosen_on_date = start_of_month(time(NULL));
+ /* Choose expiry time smudged over the past month. The goal here
+ * is to a) spread out when Tor clients rotate their guards, so they
+ * don't all select them on the same day, and b) avoid leaving a
+ * precise timestamp in the state file about when we first picked
+ * this guard. For details, see the Jan 2010 or-dev thread. */
+ entry->chosen_on_date = time(NULL) - crypto_rand_int(3600*24*30);
entry->chosen_by_version = tor_strdup(VERSION);
if (chosen) /* prepend */
smartlist_insert(entry_guards, 0, entry);
@@ -3053,7 +3064,8 @@ pick_entry_guards(void)
static void
entry_guard_free(entry_guard_t *e)
{
- tor_assert(e);
+ if (!e)
+ return;
tor_free(e->chosen_by_version);
tor_free(e);
}
@@ -3065,7 +3077,7 @@ static int
remove_obsolete_entry_guards(void)
{
int changed = 0, i;
- time_t this_month = start_of_month(time(NULL));
+ time_t now = time(NULL);
for (i = 0; i < smartlist_len(entry_guards); ++i) {
entry_guard_t *entry = smartlist_get(entry_guards, i);
@@ -3079,15 +3091,26 @@ remove_obsolete_entry_guards(void)
} else if (tor_version_parse(ver, &v)) {
msg = "does not seem to be from any recognized version of Tor";
version_is_bad = 1;
- } else if ((tor_version_as_new_as(ver, "0.1.0.10-alpha") &&
- !tor_version_as_new_as(ver, "0.1.2.16-dev")) ||
- (tor_version_as_new_as(ver, "0.2.0.0-alpha") &&
- !tor_version_as_new_as(ver, "0.2.0.6-alpha"))) {
- msg = "was selected without regard for guard bandwidth";
- version_is_bad = 1;
- } else if (entry->chosen_on_date + 3600*24*35 < this_month) {
- /* It's been more than a month, and probably more like two since
- * chosen_on_date is clipped to the beginning of its month. */
+ } else {
+ size_t len = strlen(ver)+5;
+ char *tor_ver = tor_malloc(len);
+ tor_snprintf(tor_ver, len, "Tor %s", ver);
+ if ((tor_version_as_new_as(tor_ver, "0.1.0.10-alpha") &&
+ !tor_version_as_new_as(tor_ver, "0.1.2.16-dev")) ||
+ (tor_version_as_new_as(tor_ver, "0.2.0.0-alpha") &&
+ !tor_version_as_new_as(tor_ver, "0.2.0.6-alpha")) ||
+ /* above are bug 440; below are bug 1217 */
+ (tor_version_as_new_as(tor_ver, "0.2.1.3-alpha") &&
+ !tor_version_as_new_as(tor_ver, "0.2.1.23")) ||
+ (tor_version_as_new_as(tor_ver, "0.2.2.0-alpha") &&
+ !tor_version_as_new_as(tor_ver, "0.2.2.7-alpha"))) {
+ msg = "was selected without regard for guard bandwidth";
+ version_is_bad = 1;
+ }
+ tor_free(tor_ver);
+ }
+ if (!version_is_bad && entry->chosen_on_date + 3600*24*60 < now) {
+ /* It's been 2 months since the date listed in our state file. */
msg = "was selected several months ago";
date_is_bad = 1;
}
@@ -3160,10 +3183,13 @@ entry_guards_compute_status(void)
int severity = LOG_DEBUG;
or_options_t *options;
digestmap_t *reasons;
+
if (! entry_guards)
return;
options = get_options();
+ if (options->EntryNodes) /* reshuffle the entry guard list if needed */
+ entry_nodes_should_be_added();
now = time(NULL);
@@ -3190,13 +3216,16 @@ entry_guards_compute_status(void)
if (changed) {
SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) {
const char *reason = digestmap_get(reasons, entry->identity);
- log_info(LD_CIRC, "Summary: Entry '%s' is %s, %s%s%s, and %s.",
+ const char *live_msg = "";
+ routerinfo_t *r = entry_is_live(entry, 0, 1, 0, &live_msg);
+ log_info(LD_CIRC, "Summary: Entry '%s' is %s, %s%s%s, and %s%s.",
entry->nickname,
entry->unreachable_since ? "unreachable" : "reachable",
entry->bad_since ? "unusable" : "usable",
reason ? ", ": "",
reason ? reason : "",
- entry_is_live(entry, 0, 1, 0) ? "live" : "not live");
+ r ? "live" : "not live / ",
+ r ? "" : live_msg);
} SMARTLIST_FOREACH_END(entry);
log_info(LD_CIRC, " (%d/%d entry guards are usable/new)",
num_live_entry_guards(), smartlist_len(entry_guards));
@@ -3303,7 +3332,8 @@ entry_guard_register_connect_status(const char *digest, int succeeded,
if (e == entry)
break;
if (e->made_contact) {
- routerinfo_t *r = entry_is_live(e, 0, 1, 1);
+ const char *msg;
+ routerinfo_t *r = entry_is_live(e, 0, 1, 1, &msg);
if (r && e->unreachable_since) {
refuse_conn = 1;
e->can_retry = 1;
@@ -3334,7 +3364,8 @@ static int should_add_entry_nodes = 0;
void
entry_nodes_should_be_added(void)
{
- log_info(LD_CIRC, "New EntryNodes config option detected. Will use.");
+ log_info(LD_CIRC, "EntryNodes config option set. Putting configured "
+ "relays at the front of the entry guard list.");
should_add_entry_nodes = 1;
}
@@ -3358,7 +3389,7 @@ entry_guards_prepend_from_config(void)
return;
}
- if (options->EntryNodes) {
+ {
char *string = routerset_to_string(options->EntryNodes);
log_info(LD_CIRC,"Adding configured EntryNodes '%s'.", string);
tor_free(string);
@@ -3402,8 +3433,9 @@ entry_guards_prepend_from_config(void)
SMARTLIST_FOREACH(entry_routers, routerinfo_t *, ri, {
add_an_entry_guard(ri, 0);
});
- /* Finally, the remaining EntryNodes, unless we're strict */
- if (options->StrictEntryNodes) {
+ /* Finally, the remaining previously configured guards that are not in
+ * EntryNodes, unless we're strict in which case we drop them */
+ if (options->StrictNodes) {
SMARTLIST_FOREACH(old_entry_guards_not_on_list, entry_guard_t *, e,
entry_guard_free(e));
} else {
@@ -3417,16 +3449,30 @@ entry_guards_prepend_from_config(void)
entry_guards_changed();
}
-/** Return 1 if we're fine adding arbitrary routers out of the
- * directory to our entry guard list. Else return 0. */
+/** Return 0 if we're fine adding arbitrary routers out of the
+ * directory to our entry guard list, or return 1 if we have a
+ * list already and we'd prefer to stick to it.
+ */
int
-entry_list_can_grow(or_options_t *options)
+entry_list_is_constrained(or_options_t *options)
{
- if (options->StrictEntryNodes)
- return 0;
+ if (options->EntryNodes)
+ return 1;
if (options->UseBridges)
- return 0;
- return 1;
+ return 1;
+ return 0;
+}
+
+/* Are we dead set against changing our entry guard list, or would we
+ * change it if it means keeping Tor usable? */
+static int
+entry_list_is_totally_static(or_options_t *options)
+{
+ if (options->EntryNodes && options->StrictNodes)
+ return 1;
+ if (options->UseBridges)
+ return 1;
+ return 0;
}
/** Pick a live (up and listed) entry guard from entry_guards. If
@@ -3444,7 +3490,7 @@ choose_random_entry(cpath_build_state_t *state)
routerinfo_t *r = NULL;
int need_uptime = state ? state->need_uptime : 0;
int need_capacity = state ? state->need_capacity : 0;
- int consider_exit_family = 0;
+ int preferred_min, consider_exit_family = 0;
if (chosen_exit) {
smartlist_add(exit_family, chosen_exit);
@@ -3458,36 +3504,60 @@ choose_random_entry(cpath_build_state_t *state)
if (should_add_entry_nodes)
entry_guards_prepend_from_config();
- if (entry_list_can_grow(options) &&
- (! entry_guards ||
- smartlist_len(entry_guards) < options->NumEntryGuards))
+ if (!entry_list_is_constrained(options) &&
+ smartlist_len(entry_guards) < options->NumEntryGuards)
pick_entry_guards();
retry:
smartlist_clear(live_entry_guards);
SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
{
- r = entry_is_live(entry, need_uptime, need_capacity, 0);
- if (r && (!consider_exit_family || !smartlist_isin(exit_family, r))) {
- smartlist_add(live_entry_guards, r);
- if (!entry->made_contact) {
- /* Always start with the first not-yet-contacted entry
- * guard. Otherwise we might add several new ones, pick
- * the second new one, and now we've expanded our entry
- * guard list without needing to. */
- goto choose_and_finish;
+ const char *msg;
+ r = entry_is_live(entry, need_uptime, need_capacity, 0, &msg);
+ if (!r)
+ continue; /* down, no point */
+ if (consider_exit_family && smartlist_isin(exit_family, r))
+ continue; /* avoid relays that are family members of our exit */
+ if (options->EntryNodes &&
+ !routerset_contains_router(options->EntryNodes, r)) {
+ /* We've come to the end of our preferred entry nodes. */
+ if (smartlist_len(live_entry_guards))
+ goto choose_and_finish; /* only choose from the ones we like */
+ if (options->StrictNodes) {
+ /* in theory this case should never happen, since
+ * entry_guards_prepend_from_config() drops unwanted relays */
+ tor_fragile_assert();
+ } else {
+ log_info(LD_CIRC,
+ "No relays from EntryNodes available. Using others.");
}
- if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
- break; /* we have enough */
}
+ smartlist_add(live_entry_guards, r);
+ if (!entry->made_contact) {
+ /* Always start with the first not-yet-contacted entry
+ * guard. Otherwise we might add several new ones, pick
+ * the second new one, and now we've expanded our entry
+ * guard list without needing to. */
+ goto choose_and_finish;
+ }
+ if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
+ break; /* we have enough */
});
- /* Try to have at least 2 choices available. This way we don't
- * get stuck with a single live-but-crummy entry and just keep
- * using him.
- * (We might get 2 live-but-crummy entry guards, but so be it.) */
- if (smartlist_len(live_entry_guards) < 2) {
- if (entry_list_can_grow(options)) {
+ if (entry_list_is_constrained(options)) {
+ /* If we prefer the entry nodes we've got, and we have at least
+ * one choice, that's great. Use it. */
+ preferred_min = 1;
+ } else {
+ /* Try to have at least 2 choices available. This way we don't
+ * get stuck with a single live-but-crummy entry and just keep
+ * using him.
+ * (We might get 2 live-but-crummy entry guards, but so be it.) */
+ preferred_min = 2;
+ }
+
+ if (smartlist_len(live_entry_guards) < preferred_min) {
+ if (!entry_list_is_totally_static(options)) {
/* still no? try adding a new entry then */
/* XXX if guard doesn't imply fast and stable, then we need
* to tell add_an_entry_guard below what we want, or it might
@@ -3512,7 +3582,7 @@ choose_random_entry(cpath_build_state_t *state)
need_capacity = 0;
goto retry;
}
- if (!r && !entry_list_can_grow(options) && consider_exit_family) {
+ if (!r && entry_list_is_constrained(options) && consider_exit_family) {
/* still no? if we're using bridges or have strictentrynodes
* set, and our chosen exit is in the same family as all our
* bridges/entry guards, then be flexible about families. */
@@ -3523,34 +3593,21 @@ choose_random_entry(cpath_build_state_t *state)
}
choose_and_finish:
- if (entry_list_can_grow(options)) {
+ if (entry_list_is_constrained(options)) {
+ /* We need to weight by bandwidth, because our bridges or entryguards
+ * were not already selected proportional to their bandwidth. */
+ r = routerlist_sl_choose_by_bandwidth(live_entry_guards, WEIGHT_FOR_GUARD);
+ } else {
/* We choose uniformly at random here, because choose_good_entry_server()
* already weights its choices by bandwidth, so we don't want to
* *double*-weight our guard selection. */
r = smartlist_choose(live_entry_guards);
- } else {
- /* We need to weight by bandwidth, because our bridges or entryguards
- * were not already selected proportional to their bandwidth. */
- r = routerlist_sl_choose_by_bandwidth(live_entry_guards, WEIGHT_FOR_GUARD);
}
smartlist_free(live_entry_guards);
smartlist_free(exit_family);
return r;
}
-/** Helper: Return the start of the month containing <b>time</b>. */
-static time_t
-start_of_month(time_t now)
-{
- struct tm tm;
- tor_gmtime_r(&now, &tm);
- tm.tm_sec = 0;
- tm.tm_min = 0;
- tm.tm_hour = 0;
- tm.tm_mday = 1;
- return tor_timegm(&tm);
-}
-
/** Parse <b>state</b> and learn about the entry guards it describes.
* If <b>set</b> is true, and there are no errors, replace the global
* entry_list with what we find.
@@ -3659,7 +3716,7 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg)
} else {
if (state_version) {
e->chosen_by_version = tor_strdup(state_version);
- e->chosen_on_date = start_of_month(time(NULL));
+ e->chosen_on_date = time(NULL) - crypto_rand_int(3600*24*30);
}
}
});
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 560bec55f13ca224cada38fa5342dd3ee4f9ee46..fed1ccf9e631195043339bf00b10d49e6268b663 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -385,6 +385,12 @@ init_circuit_base(circuit_t *circ)
circ->package_window = circuit_initial_package_window();
circ->deliver_window = CIRCWINDOW_START;
+ /* Initialize the cell_ewma_t structure */
+ circ->n_cell_ewma.last_adjusted_tick = cell_ewma_get_tick();
+ circ->n_cell_ewma.cell_count = 0.0;
+ circ->n_cell_ewma.heap_index = -1;
+ circ->n_cell_ewma.is_for_p_conn = 0;
+
circuit_add(circ);
}
@@ -432,6 +438,16 @@ or_circuit_new(circid_t p_circ_id, or_connection_t *p_conn)
init_circuit_base(TO_CIRCUIT(circ));
+ /* Initialize the cell_ewma_t structure */
+
+ /* Initialize the cell counts to 0 */
+ circ->p_cell_ewma.cell_count = 0.0;
+ circ->p_cell_ewma.last_adjusted_tick = cell_ewma_get_tick();
+ circ->p_cell_ewma.is_for_p_conn = 1;
+
+ /* It's not in any heap yet. */
+ circ->p_cell_ewma.heap_index = -1;
+
return circ;
}
@@ -442,25 +458,24 @@ circuit_free(circuit_t *circ)
{
void *mem;
size_t memlen;
- tor_assert(circ);
+ if (!circ)
+ return;
+
if (CIRCUIT_IS_ORIGIN(circ)) {
origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
mem = ocirc;
memlen = sizeof(origin_circuit_t);
tor_assert(circ->magic == ORIGIN_CIRCUIT_MAGIC);
if (ocirc->build_state) {
- if (ocirc->build_state->chosen_exit)
extend_info_free(ocirc->build_state->chosen_exit);
- if (ocirc->build_state->pending_final_cpath)
circuit_free_cpath_node(ocirc->build_state->pending_final_cpath);
}
tor_free(ocirc->build_state);
circuit_free_cpath(ocirc->cpath);
- if (ocirc->intro_key)
- crypto_free_pk_env(ocirc->intro_key);
- if (ocirc->rend_data)
- rend_data_free(ocirc->rend_data);
+
+ crypto_free_pk_env(ocirc->intro_key);
+ rend_data_free(ocirc->rend_data);
} else {
or_circuit_t *ocirc = TO_OR_CIRCUIT(circ);
/* Remember cell statistics for this circuit before deallocating. */
@@ -470,14 +485,10 @@ circuit_free(circuit_t *circ)
memlen = sizeof(or_circuit_t);
tor_assert(circ->magic == OR_CIRCUIT_MAGIC);
- if (ocirc->p_crypto)
- crypto_free_cipher_env(ocirc->p_crypto);
- if (ocirc->p_digest)
- crypto_free_digest_env(ocirc->p_digest);
- if (ocirc->n_crypto)
- crypto_free_cipher_env(ocirc->n_crypto);
- if (ocirc->n_digest)
- crypto_free_digest_env(ocirc->n_digest);
+ crypto_free_cipher_env(ocirc->p_crypto);
+ crypto_free_digest_env(ocirc->p_digest);
+ crypto_free_cipher_env(ocirc->n_crypto);
+ crypto_free_digest_env(ocirc->n_digest);
if (ocirc->rend_splice) {
or_circuit_t *other = ocirc->rend_splice;
@@ -493,8 +504,7 @@ circuit_free(circuit_t *circ)
cell_queue_clear(ô->p_conn_cells);
}
- if (circ->n_hop)
- extend_info_free(circ->n_hop);
+ extend_info_free(circ->n_hop);
tor_free(circ->n_conn_onionskin);
/* Remove from map. */
@@ -504,7 +514,7 @@ circuit_free(circuit_t *circ)
* "active" checks will be violated. */
cell_queue_clear(&circ->n_conn_cells);
- memset(circ, 0xAA, memlen); /* poison memory */
+ memset(mem, 0xAA, memlen); /* poison memory */
tor_free(mem);
}
@@ -547,10 +557,10 @@ circuit_free_all(void)
circuit_free(global_circuitlist);
global_circuitlist = next;
}
- if (circuits_pending_or_conns) {
- smartlist_free(circuits_pending_or_conns);
- circuits_pending_or_conns = NULL;
- }
+
+ smartlist_free(circuits_pending_or_conns);
+ circuits_pending_or_conns = NULL;
+
HT_CLEAR(orconn_circid_map, &orconn_circid_circuit_map);
}
@@ -558,18 +568,15 @@ circuit_free_all(void)
static void
circuit_free_cpath_node(crypt_path_t *victim)
{
- if (victim->f_crypto)
- crypto_free_cipher_env(victim->f_crypto);
- if (victim->b_crypto)
- crypto_free_cipher_env(victim->b_crypto);
- if (victim->f_digest)
- crypto_free_digest_env(victim->f_digest);
- if (victim->b_digest)
- crypto_free_digest_env(victim->b_digest);
- if (victim->dh_handshake_state)
- crypto_dh_free(victim->dh_handshake_state);
- if (victim->extend_info)
- extend_info_free(victim->extend_info);
+ if (!victim)
+ return;
+
+ crypto_free_cipher_env(victim->f_crypto);
+ crypto_free_cipher_env(victim->b_crypto);
+ crypto_free_digest_env(victim->f_digest);
+ crypto_free_digest_env(victim->b_digest);
+ crypto_dh_free(victim->dh_handshake_state);
+ extend_info_free(victim->extend_info);
memset(victim, 0xBB, sizeof(crypt_path_t)); /* poison memory */
tor_free(victim);
@@ -1089,9 +1096,9 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line,
tor_assert(ocirc->rend_data);
/* treat this like getting a nack from it */
log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). "
- "Removing from descriptor.",
- safe_str(ocirc->rend_data->onion_address),
- safe_str(build_state_get_exit_nickname(ocirc->build_state)));
+ "Removing from descriptor.",
+ safe_str_client(ocirc->rend_data->onion_address),
+ safe_str_client(build_state_get_exit_nickname(ocirc->build_state)));
rend_client_remove_intro_point(ocirc->build_state->chosen_exit,
ocirc->rend_data);
}
@@ -1103,6 +1110,7 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line,
edge_connection_t *conn;
for (conn=or_circ->n_streams; conn; conn=conn->next_stream)
connection_edge_destroy(or_circ->p_circ_id, conn);
+ or_circ->n_streams = NULL;
while (or_circ->resolving_streams) {
conn = or_circ->resolving_streams;
@@ -1126,6 +1134,7 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line,
edge_connection_t *conn;
for (conn=ocirc->p_streams; conn; conn=conn->next_stream)
connection_edge_destroy(circ->n_circ_id, conn);
+ ocirc->p_streams = NULL;
}
circ->marked_for_close = line;
@@ -1240,11 +1249,6 @@ assert_circuit_ok(const circuit_t *c)
tor_assert(c == c2);
}
}
-#if 0 /* false now that rendezvous exits are attached to p_streams */
- if (origin_circ)
- for (conn = origin_circ->p_streams; conn; conn = conn->next_stream)
- tor_assert(conn->_base.type == CONN_TYPE_AP);
-#endif
if (or_circ)
for (conn = or_circ->n_streams; conn; conn = conn->next_stream)
tor_assert(conn->_base.type == CONN_TYPE_EXIT);
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 1022ae16c5cc93f3196d8609f96fe5e8d3e862cc..59b6998b9924a4c166b78e45ba196ea3ea154ede 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -115,7 +115,7 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn,
return 0;
}
}
- if (exitrouter && !connection_ap_can_use_exit(conn, exitrouter)) {
+ if (exitrouter && !connection_ap_can_use_exit(conn, exitrouter, 0)) {
/* can't exit from this router */
return 0;
}
@@ -424,7 +424,7 @@ circuit_stream_is_being_handled(edge_connection_t *conn,
if (exitrouter && (!need_uptime || build_state->need_uptime)) {
int ok;
if (conn) {
- ok = connection_ap_can_use_exit(conn, exitrouter);
+ ok = connection_ap_can_use_exit(conn, exitrouter, 0);
} else {
addr_policy_result_t r = compare_addr_to_addr_policy(
0, port, exitrouter->exit_policy);
@@ -928,8 +928,8 @@ circuit_launch_by_router(uint8_t purpose,
if (exit)
info = extend_info_from_router(exit);
circ = circuit_launch_by_extend_info(purpose, info, flags);
- if (info)
- extend_info_free(info);
+
+ extend_info_free(info);
return circ;
}
@@ -1103,7 +1103,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
need_uptime)) {
log_notice(LD_APP,
"No Tor server allows exit to %s:%d. Rejecting.",
- safe_str(conn->socks_request->address),
+ safe_str_client(conn->socks_request->address),
conn->socks_request->port);
return -1;
}
@@ -1111,7 +1111,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
/* XXXX022 Duplicates checks in connection_ap_handshake_attach_circuit */
routerinfo_t *router = router_get_by_nickname(conn->chosen_exit_name, 1);
int opt = conn->chosen_exit_optional;
- if (router && !connection_ap_can_use_exit(conn, router)) {
+ if (router && !connection_ap_can_use_exit(conn, router, 0)) {
log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
"Requested exit point '%s' would refuse request. %s.",
conn->chosen_exit_name, opt ? "Trying others" : "Closing");
@@ -1144,14 +1144,14 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
if (!extend_info) {
log_info(LD_REND,
"No intro points for '%s': re-fetching service descriptor.",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
rend_client_refetch_v2_renddesc(conn->rend_data);
conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
return 0;
}
log_info(LD_REND,"Chose '%s' as intro point for '%s'.",
extend_info->nickname,
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
}
/* If we have specified a particular exit node for our
@@ -1180,7 +1180,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
}
if (tor_addr_from_str(&addr, conn->socks_request->address) < 0) {
log_info(LD_DIR, "Broken address %s on tunnel conn. Closing.",
- escaped_safe_str(conn->socks_request->address));
+ escaped_safe_str_client(conn->socks_request->address));
return -1;
}
extend_info = extend_info_alloc(conn->chosen_exit_name+1,
@@ -1222,8 +1222,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
flags);
}
- if (extend_info)
- extend_info_free(extend_info);
+ extend_info_free(extend_info);
if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL) {
/* help predict this next time */
@@ -1405,7 +1404,7 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn)
LOG_INFO : LOG_NOTICE;
log_fn(severity, LD_APP,
"Tried for %d seconds to get a connection to %s:%d. Giving up.",
- conn_age, safe_str(conn->socks_request->address),
+ conn_age, safe_str_client(conn->socks_request->address),
conn->socks_request->port);
return -1;
}
@@ -1432,7 +1431,7 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn)
}
return -1;
}
- if (router && !connection_ap_can_use_exit(conn, router)) {
+ if (router && !connection_ap_can_use_exit(conn, router, 0)) {
log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP,
"Requested exit point '%s' would refuse request. %s.",
conn->chosen_exit_name, opt ? "Trying others" : "Closing");
diff --git a/src/or/command.c b/src/or/command.c
index 8ed5a960192f07176bedce55ae3d33fd7708cd13..b1e6fa23a3988b2fb9bd9ec432e2f477f3a8fa28 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -405,7 +405,8 @@ command_process_relay_cell(cell_t *cell, or_connection_t *conn)
log_fn(LOG_PROTOCOL_WARN, LD_OR,
"Received too many RELAY_EARLY cells on circ %d from %s:%d."
" Closing circuit.",
- cell->circ_id, safe_str(conn->_base.address), conn->_base.port);
+ cell->circ_id, safe_str(conn->_base.address),
+ conn->_base.port);
circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
return;
}
@@ -513,7 +514,8 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn)
conn->handshake_state->received_versions = 1;
log_info(LD_OR, "Negotiated version %d with %s:%d; sending NETINFO.",
- highest_supported_version, safe_str(conn->_base.address),
+ highest_supported_version,
+ safe_str_client(conn->_base.address),
conn->_base.port);
tor_assert(conn->link_proto >= 2);
@@ -627,8 +629,8 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
else
log_info(LD_OR, "Got good NETINFO cell from %s:%d; OR connection is now "
"open, using protocol version %d",
- safe_str(conn->_base.address), conn->_base.port,
- (int)conn->link_proto);
+ safe_str_client(conn->_base.address),
+ conn->_base.port, (int)conn->link_proto);
assert_connection_ok(TO_CONN(conn),time(NULL));
}
diff --git a/src/or/config.c b/src/or/config.c
index b6a52a85de7c2002e1e8ef06900d1fcd334db775..b8356e2fc0f9704c68a00921f5dcc254f4942bd3 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -66,6 +66,7 @@ static config_abbrev_t _option_abbrevs[] = {
PLURAL(RendExcludeNode),
PLURAL(StrictEntryNode),
PLURAL(StrictExitNode),
+ PLURAL(StrictNode),
{ "l", "Log", 1, 0},
{ "AllowUnverifiedNodes", "AllowInvalidNodes", 0, 0},
{ "AutomapHostSuffixes", "AutomapHostsSuffixes", 0, 0},
@@ -83,10 +84,12 @@ static config_abbrev_t _option_abbrevs[] = {
{ "NumEntryNodes", "NumEntryGuards", 0, 0},
{ "ResolvConf", "ServerDNSResolvConfFile", 0, 1},
{ "SearchDomains", "ServerDNSSearchDomains", 0, 1},
- { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0 },
+ { "ServerDNSAllowBrokenResolvConf", "ServerDNSAllowBrokenConfig", 0, 0},
{ "PreferTunnelledDirConns", "PreferTunneledDirConns", 0, 0},
{ "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
{ "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
+ { "StrictEntryNodes", "StrictNodes", 0, 1},
+ { "StrictExitNodes", "StrictNodes", 0, 1},
{ NULL, NULL, 0, 0},
};
@@ -166,6 +169,8 @@ static config_var_t _option_vars[] = {
V(CellStatistics, BOOL, "0"),
V(CircuitBuildTimeout, INTERVAL, "0"),
V(CircuitIdleTimeout, INTERVAL, "1 hour"),
+ V(CircuitStreamTimeout, INTERVAL, "0"),
+ V(CircuitPriorityHalflife, DOUBLE, "-100.0"), /*negative:'Use default'*/
V(ClientDNSRejectInternalAddresses, BOOL,"1"),
V(ClientOnly, BOOL, "0"),
V(ConsensusParams, STRING, NULL),
@@ -211,6 +216,7 @@ static config_var_t _option_vars[] = {
V(ExitPolicyRejectPrivate, BOOL, "1"),
V(ExitPortStatistics, BOOL, "0"),
V(ExtraInfoStatistics, BOOL, "0"),
+
V(FallbackNetworkstatusFile, FILENAME,
SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "fallback-consensus"),
V(FascistFirewall, BOOL, "0"),
@@ -242,7 +248,7 @@ static config_var_t _option_vars[] = {
VAR("HiddenServiceAuthorizeClient",LINELIST_S,RendConfigLines, NULL),
V(HidServAuth, LINELIST, NULL),
V(HSAuthoritativeDir, BOOL, "0"),
- V(HSAuthorityRecordStats, BOOL, "0"),
+ OBSOLETE("HSAuthorityRecordStats"),
V(HttpProxy, STRING, NULL),
V(HttpProxyAuthenticator, STRING, NULL),
V(HttpsProxy, STRING, NULL),
@@ -278,6 +284,8 @@ static config_var_t _option_vars[] = {
V(ORPort, UINT, "0"),
V(OutboundBindAddress, STRING, NULL),
OBSOLETE("PathlenCoinWeight"),
+ V(PerConnBWBurst, MEMUNIT, "0"),
+ V(PerConnBWRate, MEMUNIT, "0"),
V(PidFile, STRING, NULL),
V(TestingTorNetwork, BOOL, "0"),
V(PreferTunneledDirConns, BOOL, "1"),
@@ -301,7 +309,7 @@ static config_var_t _option_vars[] = {
OBSOLETE("RouterFile"),
V(RunAsDaemon, BOOL, "0"),
V(RunTesting, BOOL, "0"),
- V(SafeLogging, BOOL, "1"),
+ V(SafeLogging, STRING, "1"),
V(SafeSocks, BOOL, "0"),
V(ServerDNSAllowBrokenConfig, BOOL, "1"),
V(ServerDNSAllowNonRFC953Hostnames, BOOL,"0"),
@@ -317,8 +325,7 @@ static config_var_t _option_vars[] = {
V(SocksPort, UINT, "9050"),
V(SocksTimeout, INTERVAL, "2 minutes"),
OBSOLETE("StatusFetchPeriod"),
- V(StrictEntryNodes, BOOL, "0"),
- V(StrictExitNodes, BOOL, "0"),
+ V(StrictNodes, BOOL, "0"),
OBSOLETE("SysLog"),
V(TestSocks, BOOL, "0"),
OBSOLETE("TestVia"),
@@ -354,6 +361,7 @@ static config_var_t _option_vars[] = {
VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
NULL),
V(MinUptimeHidServDirectoryV2, INTERVAL, "24 hours"),
+
{ NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
@@ -428,223 +436,6 @@ typedef struct config_var_description_t {
const char *description;
} config_var_description_t;
-/** Descriptions of the configuration options, to be displayed by online
- * option browsers */
-/* XXXX022 did anybody want this? at all? If not, kill it.*/
-static config_var_description_t options_description[] = {
- /* ==== general options */
- { "AvoidDiskWrites", "If non-zero, try to write to disk less frequently than"
- " we would otherwise." },
- { "BandwidthRate", "A token bucket limits the average incoming bandwidth on "
- "this node to the specified number of bytes per second." },
- { "BandwidthBurst", "Limit the maximum token buffer size (also known as "
- "burst) to the given number of bytes." },
- { "ConnLimit", "Minimum number of simultaneous sockets we must have." },
- { "ConstrainedSockets", "Shrink tx and rx buffers for sockets to avoid "
- "system limits on vservers and related environments. See man page for "
- "more information regarding this option." },
- { "ConstrainedSockSize", "Limit socket buffers to this size when "
- "ConstrainedSockets is enabled." },
- /* ControlListenAddress */
- { "ControlPort", "If set, Tor will accept connections from the same machine "
- "(localhost only) on this port, and allow those connections to control "
- "the Tor process using the Tor Control Protocol (described in "
- "control-spec.txt).", },
- { "CookieAuthentication", "If this option is set to 1, don't allow any "
- "connections to the control port except when the connecting process "
- "can read a file that Tor creates in its data directory." },
- { "DataDirectory", "Store working data, state, keys, and caches here." },
- { "DirServer", "Tor only trusts directories signed with one of these "
- "servers' keys. Used to override the standard list of directory "
- "authorities." },
- { "DisableAllSwap", "Tor will attempt a simple memory lock that "
- "will prevent leaking of all information in memory to the swap file." },
- /* { "FastFirstHopPK", "" }, */
- /* FetchServerDescriptors, FetchHidServDescriptors,
- * FetchUselessDescriptors */
- { "HardwareAccel", "If set, Tor tries to use hardware crypto accelerators "
- "when it can." },
- { "AccelName", "If set, try to use hardware crypto accelerator with this "
- "specific ID." },
- { "AccelDir", "If set, look in this directory for the dynamic hardware "
- "engine in addition to OpenSSL default path." },
- /* HashedControlPassword */
- { "HTTPProxy", "Force Tor to make all HTTP directory requests through this "
- "host:port (or host:80 if port is not set)." },
- { "HTTPProxyAuthenticator", "A username:password pair to be used with "
- "HTTPProxy." },
- { "HTTPSProxy", "Force Tor to make all TLS (SSL) connections through this "
- "host:port (or host:80 if port is not set)." },
- { "HTTPSProxyAuthenticator", "A username:password pair to be used with "
- "HTTPSProxy." },
- { "KeepalivePeriod", "Send a padding cell every N seconds to keep firewalls "
- "from closing our connections while Tor is not in use." },
- { "Log", "Where to send logging messages. Format is "
- "minSeverity[-maxSeverity] (stderr|stdout|syslog|file FILENAME)." },
- { "OutboundBindAddress", "Make all outbound connections originate from the "
- "provided IP address (only useful for multiple network interfaces)." },
- { "PIDFile", "On startup, write our PID to this file. On clean shutdown, "
- "remove the file." },
- { "PreferTunneledDirConns", "If non-zero, avoid directory servers that "
- "don't support tunneled connections." },
- /* PreferTunneledDirConns */
- /* ProtocolWarnings */
- /* RephistTrackTime */
- { "RunAsDaemon", "If set, Tor forks and daemonizes to the background when "
- "started. Unix only." },
- { "SafeLogging", "If set to 0, Tor logs potentially sensitive strings "
- "rather than replacing them with the string [scrubbed]." },
- { "TunnelDirConns", "If non-zero, when a directory server we contact "
- "supports it, we will build a one-hop circuit and make an encrypted "
- "connection via its ORPort." },
- { "User", "On startup, setuid to this user." },
-
- /* ==== client options */
- { "AllowInvalidNodes", "Where on our circuits should Tor allow servers "
- "that the directory authorities haven't called \"valid\"?" },
- { "AllowNonRFC953Hostnames", "If set to 1, we don't automatically reject "
- "hostnames for having invalid characters." },
- /* CircuitBuildTimeout, CircuitIdleTimeout */
- { "ClientOnly", "If set to 1, Tor will under no circumstances run as a "
- "server, even if ORPort is enabled." },
- { "EntryNodes", "A list of preferred entry nodes to use for the first hop "
- "in circuits, when possible." },
- /* { "EnforceDistinctSubnets" , "" }, */
- { "ExitNodes", "A list of preferred nodes to use for the last hop in "
- "circuits, when possible." },
- { "ExcludeNodes", "A list of nodes never to use when building a circuit." },
- { "FascistFirewall", "If set, Tor will only create outgoing connections to "
- "servers running on the ports listed in FirewallPorts." },
- { "FirewallPorts", "A list of ports that we can connect to. Only used "
- "when FascistFirewall is set." },
- { "LongLivedPorts", "A list of ports for services that tend to require "
- "high-uptime connections." },
- { "MapAddress", "Force Tor to treat all requests for one address as if "
- "they were for another." },
- { "NewCircuitPeriod", "Force Tor to consider whether to build a new circuit "
- "every NUM seconds." },
- { "MaxCircuitDirtiness", "Do not attach new streams to a circuit that has "
- "been used more than this many seconds ago." },
- /* NatdPort, NatdListenAddress */
- { "NodeFamily", "A list of servers that constitute a 'family' and should "
- "never be used in the same circuit." },
- { "NumEntryGuards", "How many entry guards should we keep at a time?" },
- /* PathlenCoinWeight */
- { "ReachableAddresses", "Addresses we can connect to, as IP/bits:port-port. "
- "By default, we assume all addresses are reachable." },
- /* reachablediraddresses, reachableoraddresses. */
- /* SafeSOCKS */
- { "SOCKSPort", "The port where we listen for SOCKS connections from "
- "applications." },
- { "SOCKSListenAddress", "Bind to this address to listen to connections from "
- "SOCKS-speaking applications." },
- { "SOCKSPolicy", "Set an entry policy to limit which addresses can connect "
- "to the SOCKSPort." },
- /* SocksTimeout */
- { "StrictExitNodes", "If set, Tor will fail to operate when none of the "
- "configured ExitNodes can be used." },
- { "StrictEntryNodes", "If set, Tor will fail to operate when none of the "
- "configured EntryNodes can be used." },
- /* TestSocks */
- { "TrackHostsExit", "Hosts and domains which should, if possible, be "
- "accessed from the same exit node each time we connect to them." },
- { "TrackHostsExitExpire", "Time after which we forget which exit we were "
- "using to connect to hosts in TrackHostsExit." },
- /* "TransPort", "TransListenAddress */
- { "UseEntryGuards", "Set to 0 if we want to pick from the whole set of "
- "servers for the first position in each circuit, rather than picking a "
- "set of 'Guards' to prevent profiling attacks." },
-
- /* === server options */
- { "Address", "The advertised (external) address we should use." },
- /* Accounting* options. */
- /* AssumeReachable */
- { "ContactInfo", "Administrative contact information to advertise for this "
- "server." },
- { "ExitPolicy", "Address/port ranges for which to accept or reject outgoing "
- "connections on behalf of Tor users." },
- /* { "ExitPolicyRejectPrivate, "" }, */
- { "MaxAdvertisedBandwidth", "If set, we will not advertise more than this "
- "amount of bandwidth for our bandwidth rate, regardless of how much "
- "bandwidth we actually detect." },
- { "MaxOnionsPending", "Reject new attempts to extend circuits when we "
- "already have this many pending." },
- { "MyFamily", "Declare a list of other servers as belonging to the same "
- "family as this one, so that clients will not use two from the same "
- "family in the same circuit." },
- { "Nickname", "Set the server nickname." },
- { "NoPublish", "{DEPRECATED}" },
- { "NumCPUs", "How many processes to use at once for public-key crypto." },
- { "ORPort", "Advertise this port to listen for connections from Tor clients "
- "and servers." },
- { "ORListenAddress", "Bind to this address to listen for connections from "
- "clients and servers, instead of the default 0.0.0.0:ORPort." },
- { "PublishServerDescriptor", "Set to 0 to keep the server from "
- "uploading info to the directory authorities." },
- /* ServerDNS: DetectHijacking, ResolvConfFile, SearchDomains */
- { "ShutdownWaitLength", "Wait this long for clients to finish when "
- "shutting down because of a SIGINT." },
-
- /* === directory cache options */
- { "DirPort", "Serve directory information from this port, and act as a "
- "directory cache." },
- { "DirPortFrontPage", "Serve a static html disclaimer on DirPort." },
- { "DirListenAddress", "Bind to this address to listen for connections from "
- "clients and servers, instead of the default 0.0.0.0:DirPort." },
- { "DirPolicy", "Set a policy to limit who can connect to the directory "
- "port." },
-
- /* Authority options: AuthDirBadExit, AuthDirInvalid, AuthDirReject,
- * AuthDirRejectUnlisted, AuthDirListBadExits, AuthoritativeDirectory,
- * DirAllowPrivateAddresses, HSAuthoritativeDir,
- * NamingAuthoritativeDirectory, RecommendedVersions,
- * RecommendedClientVersions, RecommendedServerVersions, RendPostPeriod,
- * RunTesting, V1AuthoritativeDirectory, VersioningAuthoritativeDirectory, */
-
- /* Hidden service options: HiddenService: dir,excludenodes, nodes,
- * options, port. PublishHidServDescriptor */
-
- /* Circuit build time histogram options */
- { "CircuitBuildTimeBin", "Histogram of recent circuit build times"},
- { "TotalBuildTimes", "Total number of buildtimes in histogram"},
-
- /* Nonpersistent options: __LeaveStreamsUnattached, __AllDirActionsPrivate */
- { NULL, NULL },
-};
-
-/** Online description of state variables. */
-static config_var_description_t state_description[] = {
- { "AccountingBytesReadInInterval",
- "How many bytes have we read in this accounting period?" },
- { "AccountingBytesWrittenInInterval",
- "How many bytes have we written in this accounting period?" },
- { "AccountingExpectedUsage",
- "How many bytes did we expect to use per minute? (0 for no estimate.)" },
- { "AccountingIntervalStart", "When did this accounting period begin?" },
- { "AccountingSecondsActive", "How long have we been awake in this period?" },
-
- { "BWHistoryReadEnds", "When does the last-recorded read-interval end?" },
- { "BWHistoryReadInterval", "How long is each read-interval (in seconds)?" },
- { "BWHistoryReadValues", "Number of bytes read in each interval." },
- { "BWHistoryWriteEnds", "When does the last-recorded write-interval end?" },
- { "BWHistoryWriteInterval", "How long is each write-interval (in seconds)?"},
- { "BWHistoryWriteValues", "Number of bytes written in each interval." },
-
- { "EntryGuard", "One of the nodes we have chosen as a fixed entry" },
- { "EntryGuardDownSince",
- "The last entry guard has been unreachable since this time." },
- { "EntryGuardUnlistedSince",
- "The last entry guard has been unusable since this time." },
-
- { "LastRotatedOnionKey",
- "The last time at which we changed the medium-term private key used for "
- "building circuits." },
- { "LastWritten", "When was this state file last regenerated?" },
-
- { "TorVersion", "Which version of Tor generated this state file?" },
- { NULL, NULL },
-};
-
/** Type of a callback to validate whether a given configuration is
* well-formed and consistent. See options_trial_assign() for documentation
* of arguments. */
@@ -663,8 +454,6 @@ typedef struct {
config_var_t *vars; /**< List of variables we recognize, their default
* values, and where we stick them in the structure. */
validate_fn_t validate_fn; /**< Function to validate config. */
- /** Documentation for configuration variables. */
- config_var_description_t *descriptions;
/** If present, extra is a LINELIST variable for unrecognized
* lines. Otherwise, unrecognized lines are an error. */
config_var_t *extra;
@@ -740,7 +529,6 @@ static config_format_t options_format = {
_option_abbrevs,
_option_vars,
(validate_fn_t)options_validate,
- options_description,
NULL
};
@@ -761,7 +549,6 @@ static config_format_t state_format = {
_state_abbrevs,
_state_vars,
(validate_fn_t)or_state_validate,
- state_description,
&state_extra_var,
};
@@ -826,8 +613,8 @@ set_options(or_options_t *new_val, char **msg)
"Acting on config options left us in a broken state. Dying.");
exit(1);
}
- if (old_options)
- config_free(&options_format, old_options);
+
+ config_free(&options_format, old_options);
return 0;
}
@@ -858,8 +645,10 @@ get_version(void)
static void
or_options_free(or_options_t *options)
{
- if (options->_ExcludeExitNodesUnion)
- routerset_free(options->_ExcludeExitNodesUnion);
+ if (!options)
+ return;
+
+ routerset_free(options->_ExcludeExitNodesUnion);
config_free(&options_format, options);
}
@@ -868,43 +657,72 @@ or_options_free(or_options_t *options)
void
config_free_all(void)
{
- if (global_options) {
- or_options_free(global_options);
- global_options = NULL;
- }
- if (global_state) {
- config_free(&state_format, global_state);
- global_state = NULL;
- }
- if (global_cmdline_options) {
- config_free_lines(global_cmdline_options);
- global_cmdline_options = NULL;
- }
+ or_options_free(global_options);
+ global_options = NULL;
+
+ config_free(&state_format, global_state);
+ global_state = NULL;
+
+ config_free_lines(global_cmdline_options);
+ global_cmdline_options = NULL;
+
tor_free(torrc_fname);
tor_free(_version);
tor_free(global_dirfrontpagecontents);
}
-/** If options->SafeLogging is on, return a not very useful string,
- * else return address.
+/** Make <b>address</b> -- a piece of information related to our operation as
+ * a client -- safe to log according to the settings in options->SafeLogging,
+ * and return it.
+ *
+ * (We return "[scrubbed]" if SafeLogging is "1", and address otherwise.)
+ */
+const char *
+safe_str_client(const char *address)
+{
+ tor_assert(address);
+ if (get_options()->_SafeLogging == SAFELOG_SCRUB_ALL)
+ return "[scrubbed]";
+ else
+ return address;
+}
+
+/** Make <b>address</b> -- a piece of information of unspecified sensitivity
+ * -- safe to log according to the settings in options->SafeLogging, and
+ * return it.
+ *
+ * (We return "[scrubbed]" if SafeLogging is anything besides "0", and address
+ * otherwise.)
*/
const char *
safe_str(const char *address)
{
tor_assert(address);
- if (get_options()->SafeLogging)
+ if (get_options()->_SafeLogging != SAFELOG_SCRUB_NONE)
return "[scrubbed]";
else
return address;
}
+/** Equivalent to escaped(safe_str_client(address)). See reentrancy note on
+ * escaped(): don't use this outside the main thread, or twice in the same
+ * log statement. */
+const char *
+escaped_safe_str_client(const char *address)
+{
+ if (get_options()->_SafeLogging == SAFELOG_SCRUB_ALL)
+ return "[scrubbed]";
+ else
+ return escaped(address);
+}
+
/** Equivalent to escaped(safe_str(address)). See reentrancy note on
* escaped(): don't use this outside the main thread, or twice in the same
* log statement. */
const char *
escaped_safe_str(const char *address)
{
- if (get_options()->SafeLogging)
+ if (get_options()->_SafeLogging != SAFELOG_SCRUB_NONE)
return "[scrubbed]";
else
return escaped(address);
@@ -917,8 +735,9 @@ add_default_trusted_dir_authorities(authority_type_t type)
{
int i;
const char *dirservers[] = {
- "moria1 v1 orport=9001 v3ident=E2A2AF570166665D738736D0DD58169CC61D8A8B "
- "128.31.0.39:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441",
+ "moria1 orport=9101 no-v2 "
+ "v3ident=D586D18309DED4CD6D57C18FDB97EFA96D330566 "
+ "128.31.0.39:9131 9695 DFC3 5FFE B861 329B 9F1A B04C 4639 7020 CE31",
"moria2 v1 orport=9002 128.31.0.34:9032 "
"719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF",
"tor26 v1 orport=443 v3ident=14C131DFC5C6F93646BE72FA1401C02A8DF2E8B4 "
@@ -929,9 +748,9 @@ add_default_trusted_dir_authorities(authority_type_t type)
"4A0C CD2D DC79 9508 3D73 F5D6 6710 0C8A 5831 F16D",
"ides orport=9090 no-v2 v3ident=27B6B5996C426270A5C95488AA5BCEB6BCC86956 "
"216.224.124.114:9030 F397 038A DC51 3361 35E7 B80B D99C A384 4360 292B",
- "gabelmoo orport=443 no-v2 "
- "v3ident=81349FC1F2DBA2C2C11B45CB9706637D480AB913 "
- "80.190.246.100:80 6833 3D07 61BC F397 A587 A0C0 B963 E4A9 E99E C4D3",
+ "gabelmoo orport=8080 no-v2 "
+ "v3ident=ED03BB616EB2F60BEC80151114BB25CEF515B226 "
+ "80.190.246.100:8180 F204 4413 DAC2 E02E 3D6B CF47 35A1 9BCA 1DE9 7281",
"dannenberg orport=443 no-v2 "
"v3ident=585769C78764D58426B8B52B6651A5A71137189A "
"213.73.91.31:80 7BE6 83E6 5D48 1413 21C5 ED92 F075 C553 64AC 7123",
@@ -1374,11 +1193,26 @@ options_act(or_options_t *old_options)
if (accounting_is_enabled(options))
configure_accounting(time(NULL));
+ /* Change the cell EWMA settings */
+ cell_ewma_set_scale_factor(options, networkstatus_get_latest_consensus());
+
/* Check for transitions that need action. */
if (old_options) {
- if (options->UseEntryGuards && !old_options->UseEntryGuards) {
+
+ if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
+ (options->ExcludeNodes &&
+ !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes)) ||
+ (options->ExcludeExitNodes &&
+ !routerset_equal(old_options->ExcludeExitNodes,
+ options->ExcludeExitNodes)) ||
+ (options->EntryNodes &&
+ !routerset_equal(old_options->EntryNodes, options->EntryNodes)) ||
+ (options->ExitNodes &&
+ !routerset_equal(old_options->ExitNodes, options->ExitNodes)) ||
+ options->StrictNodes != old_options->StrictNodes) {
log_info(LD_CIRC,
- "Switching to entry guards; abandoning previous circuits");
+ "Changed to using entry guards, or changed preferred or "
+ "excluded node lists. Abandoning previous circuits.");
circuit_mark_all_unused_circs();
circuit_expire_all_dirty_circs();
}
@@ -1575,7 +1409,10 @@ config_get_commandlines(int argc, char **argv, config_line_t **result)
*new = tor_malloc_zero(sizeof(config_line_t));
s = argv[i];
- while (*s == '-')
+ /* Each keyword may be prefixed with one or two dashes. */
+ if (*s == '-')
+ s++;
+ if (*s == '-')
s++;
(*new)->key = tor_strdup(expand_abbrev(&options_format, s, 1, 1));
@@ -1667,19 +1504,6 @@ config_free_lines(config_line_t *front)
}
}
-/** Return the description for a given configuration variable, or NULL if no
- * description exists. */
-static const char *
-config_find_description(config_format_t *fmt, const char *name)
-{
- int i;
- for (i=0; fmt->descriptions[i].name; ++i) {
- if (!strcasecmp(name, fmt->descriptions[i].name))
- return fmt->descriptions[i].description;
- }
- return NULL;
-}
-
/** If <b>key</b> is a configuration option, return the corresponding
* config_var_t. Otherwise, if <b>key</b> is a non-standard abbreviation,
* warn, and return the corresponding config_var_t. Otherwise return NULL.
@@ -2347,20 +2171,10 @@ list_torrc_options(void)
smartlist_t *lines = smartlist_create();
for (i = 0; _option_vars[i].name; ++i) {
config_var_t *var = &_option_vars[i];
- const char *desc;
if (var->type == CONFIG_TYPE_OBSOLETE ||
var->type == CONFIG_TYPE_LINELIST_V)
continue;
- desc = config_find_description(&options_format, var->name);
printf("%s\n", var->name);
- if (desc) {
- wrap_string(lines, desc, 76, " ", " ");
- SMARTLIST_FOREACH(lines, char *, cp, {
- printf("%s", cp);
- tor_free(cp);
- });
- smartlist_clear(lines);
- }
}
smartlist_free(lines);
}
@@ -2608,7 +2422,10 @@ config_free(config_format_t *fmt, void *options)
{
int i;
- tor_assert(options);
+ if (!options)
+ return;
+
+ tor_assert(fmt);
for (i=0; fmt->vars[i].name; ++i)
option_clear(fmt, options, &(fmt->vars[i]));
@@ -2761,7 +2578,6 @@ config_dump(config_format_t *fmt, void *options, int minimal,
config_line_t *line, *assigned;
char *result;
int i;
- const char *desc;
char *msg = NULL;
defaults = config_alloc(fmt);
@@ -2789,14 +2605,8 @@ config_dump(config_format_t *fmt, void *options, int minimal,
option_is_same(fmt, options, defaults, fmt->vars[i].name))
comment_option = 1;
- desc = config_find_description(fmt, fmt->vars[i].name);
line = assigned = get_assigned_option(fmt, options, fmt->vars[i].name, 1);
- if (line && desc) {
- /* Only dump the description if there's something to describe. */
- wrap_string(elements, desc, 78, "# ", "# ");
- }
-
for (; line; line = line->next) {
size_t len = strlen(line->key) + strlen(line->value) + 5;
char *tmp;
@@ -2837,7 +2647,7 @@ config_dump(config_format_t *fmt, void *options, int minimal,
* the configuration in <b>options</b>. If <b>minimal</b> is true, do not
* include options that are the same as Tor's defaults.
*/
-static char *
+char *
options_dump(or_options_t *options, int minimal)
{
return config_dump(&options_format, options, minimal, 0);
@@ -2942,6 +2752,10 @@ compute_publishserverdescriptor(or_options_t *options)
* will generate too many circuits and potentially overload the network. */
#define MIN_MAX_CIRCUIT_DIRTINESS 10
+/** Lowest allowable value for CircuitStreamTimeout; if this is too low, Tor
+ * will generate too many circuits and potentially overload the network. */
+#define MIN_CIRCUIT_STREAM_TIMEOUT 10
+
/** Return 0 if every setting in <b>options</b> is reasonable, and a
* permissible transition from <b>old_options</b>. Else return -1.
* Should have no side effects, except for normalizing the contents of
@@ -3146,19 +2960,11 @@ options_validate(or_options_t *old_options, or_options_t *options,
routerset_union(options->_ExcludeExitNodesUnion,options->ExcludeNodes);
}
- if (options->StrictExitNodes &&
- (!options->ExitNodes) &&
- (!old_options ||
- (old_options->StrictExitNodes != options->StrictExitNodes) ||
- (!routerset_equal(old_options->ExitNodes,options->ExitNodes))))
- COMPLAIN("StrictExitNodes set, but no ExitNodes listed.");
-
- if (options->StrictEntryNodes &&
- (!options->EntryNodes) &&
- (!old_options ||
- (old_options->StrictEntryNodes != options->StrictEntryNodes) ||
- (!routerset_equal(old_options->EntryNodes,options->EntryNodes))))
- COMPLAIN("StrictEntryNodes set, but no EntryNodes listed.");
+ if (options->ExcludeNodes && options->StrictNodes) {
+ COMPLAIN("You have asked to exclude certain relays from all positions "
+ "in your circuits. Expect hidden services and other Tor "
+ "features to be broken in unpredictable ways.");
+ }
if (options->EntryNodes && !routerset_is_list(options->EntryNodes)) {
/* XXXX fix this; see entry_guards_prepend_from_config(). */
@@ -3211,10 +3017,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->AuthoritativeDir && options->ClientOnly)
REJECT("Running as authoritative directory, but ClientOnly also set.");
- if (options->HSAuthorityRecordStats && !options->HSAuthoritativeDir)
- REJECT("HSAuthorityRecordStats is set but we're not running as "
- "a hidden service authority.");
-
if (options->FetchDirInfoExtraEarly && !options->FetchDirInfoEarly)
REJECT("FetchDirInfoExtraEarly requires that you also set "
"FetchDirInfoEarly");
@@ -3350,6 +3152,21 @@ options_validate(or_options_t *old_options, or_options_t *options,
});
}
+ if (!options->SafeLogging ||
+ !strcasecmp(options->SafeLogging, "0")) {
+ options->_SafeLogging = SAFELOG_SCRUB_NONE;
+ } else if (!strcasecmp(options->SafeLogging, "relay")) {
+ options->_SafeLogging = SAFELOG_SCRUB_RELAY;
+ } else if (!strcasecmp(options->SafeLogging, "1")) {
+ options->_SafeLogging = SAFELOG_SCRUB_ALL;
+ } else {
+ r = tor_snprintf(buf, sizeof(buf),
+ "Unrecognized value '%s' in SafeLogging",
+ escaped(options->SafeLogging));
+ *msg = tor_strdup(r >= 0 ? buf : "internal error");
+ return -1;
+ }
+
if (compute_publishserverdescriptor(options) < 0) {
r = tor_snprintf(buf, sizeof(buf),
"Unrecognized value in PublishServerDescriptor");
@@ -3373,23 +3190,30 @@ options_validate(or_options_t *old_options, or_options_t *options,
}
if (options->RendPostPeriod < MIN_REND_POST_PERIOD) {
- log(LOG_WARN,LD_CONFIG,"RendPostPeriod option is too short; "
- "raising to %d seconds.", MIN_REND_POST_PERIOD);
+ log_warn(LD_CONFIG, "RendPostPeriod option is too short; "
+ "raising to %d seconds.", MIN_REND_POST_PERIOD);
options->RendPostPeriod = MIN_REND_POST_PERIOD;
}
if (options->RendPostPeriod > MAX_DIR_PERIOD) {
- log(LOG_WARN, LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.",
- MAX_DIR_PERIOD);
+ log_warn(LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.",
+ MAX_DIR_PERIOD);
options->RendPostPeriod = MAX_DIR_PERIOD;
}
if (options->MaxCircuitDirtiness < MIN_MAX_CIRCUIT_DIRTINESS) {
- log(LOG_WARN, LD_CONFIG, "MaxCircuitDirtiness option is too short; "
- "raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS);
+ log_warn(LD_CONFIG, "MaxCircuitDirtiness option is too short; "
+ "raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS);
options->MaxCircuitDirtiness = MIN_MAX_CIRCUIT_DIRTINESS;
}
+ if (options->CircuitStreamTimeout &&
+ options->CircuitStreamTimeout < MIN_CIRCUIT_STREAM_TIMEOUT) {
+ log_warn(LD_CONFIG, "CircuitStreamTimeout option is too short; "
+ "raising to %d seconds.", MIN_CIRCUIT_STREAM_TIMEOUT);
+ options->CircuitStreamTimeout = MIN_CIRCUIT_STREAM_TIMEOUT;
+ }
+
if (options->KeepalivePeriod < 1)
REJECT("KeepalivePeriod option must be positive.");
@@ -4697,7 +4521,7 @@ normalize_data_directory(or_options_t *options)
}
/** Check and normalize the value of options->DataDirectory; return 0 if it
- * sane, -1 otherwise. */
+ * is sane, -1 otherwise. */
static int
validate_data_directory(or_options_t *options)
{
@@ -5071,8 +4895,7 @@ or_state_set(or_state_t *new_state)
{
char *err = NULL;
tor_assert(new_state);
- if (global_state)
- config_free(&state_format, global_state);
+ config_free(&state_format, global_state);
global_state = new_state;
if (entry_guards_parse_state(global_state, 1, &err)<0) {
log_warn(LD_GENERAL,"%s",err);
@@ -5284,10 +5107,9 @@ getinfo_helper_config(control_connection_t *conn,
int i;
for (i = 0; _option_vars[i].name; ++i) {
config_var_t *var = &_option_vars[i];
- const char *type, *desc;
+ const char *type;
char *line;
size_t len;
- desc = config_find_description(&options_format, var->name);
switch (var->type) {
case CONFIG_TYPE_STRING: type = "String"; break;
case CONFIG_TYPE_FILENAME: type = "Filename"; break;
@@ -5309,13 +5131,8 @@ getinfo_helper_config(control_connection_t *conn,
if (!type)
continue;
len = strlen(var->name)+strlen(type)+16;
- if (desc)
- len += strlen(desc);
line = tor_malloc(len);
- if (desc)
- tor_snprintf(line, len, "%s %s %s\n",var->name,type,desc);
- else
- tor_snprintf(line, len, "%s %s\n",var->name,type);
+ tor_snprintf(line, len, "%s %s\n",var->name,type);
smartlist_add(sl, line);
}
*answer = smartlist_join_strings(sl, "", 0, NULL);
diff --git a/src/or/connection.c b/src/or/connection.c
index aca9b8b116a0e0cc7585ac49349a2fb46224b9be..6506cf81fd68fc6dc3138d3d1a2b85b1b139d2dd 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -21,7 +21,8 @@ static void connection_init(time_t now, connection_t *conn, int type,
static int connection_init_accepted_conn(connection_t *conn,
uint8_t listener_type);
static int connection_handle_listener_read(connection_t *conn, int new_type);
-static int connection_read_bucket_should_increase(or_connection_t *conn);
+static int connection_bucket_should_increase(int bucket,
+ or_connection_t *conn);
static int connection_finished_flushing(connection_t *conn);
static int connection_flushed_some(connection_t *conn);
static int connection_finished_connecting(connection_t *conn);
@@ -180,6 +181,9 @@ or_connection_new(int socket_family)
or_conn->timestamp_last_added_nonpadding = time(NULL);
or_conn->next_circ_id = crypto_rand_int(1<<15);
+ or_conn->active_circuit_pqueue = smartlist_create();
+ or_conn->active_circuit_pqueue_last_recalibrated = cell_ewma_get_tick();
+
return or_conn;
}
@@ -205,6 +209,7 @@ control_connection_new(int socket_family)
tor_malloc_zero(sizeof(control_connection_t));
connection_init(time(NULL),
TO_CONN(control_conn), CONN_TYPE_CONTROL, socket_family);
+ log_notice(LD_CONTROL, "New control connection opened.");
return control_conn;
}
@@ -311,6 +316,9 @@ _connection_free(connection_t *conn)
{
void *mem;
size_t memlen;
+ if (!conn)
+ return;
+
switch (conn->type) {
case CONN_TYPE_OR:
tor_assert(conn->magic == OR_CONNECTION_MAGIC);
@@ -368,14 +376,11 @@ _connection_free(connection_t *conn)
if (connection_speaks_cells(conn)) {
or_connection_t *or_conn = TO_OR_CONN(conn);
- if (or_conn->tls) {
- tor_tls_free(or_conn->tls);
- or_conn->tls = NULL;
- }
- if (or_conn->handshake_state) {
- or_handshake_state_free(or_conn->handshake_state);
- or_conn->handshake_state = NULL;
- }
+ tor_tls_free(or_conn->tls);
+ or_conn->tls = NULL;
+ or_handshake_state_free(or_conn->handshake_state);
+ or_conn->handshake_state = NULL;
+ smartlist_free(or_conn->active_circuit_pqueue);
tor_free(or_conn->nickname);
}
if (CONN_IS_EDGE(conn)) {
@@ -385,8 +390,8 @@ _connection_free(connection_t *conn)
memset(edge_conn->socks_request, 0xcc, sizeof(socks_request_t));
tor_free(edge_conn->socks_request);
}
- if (edge_conn->rend_data)
- rend_data_free(edge_conn->rend_data);
+
+ rend_data_free(edge_conn->rend_data);
}
if (conn->type == CONN_TYPE_CONTROL) {
control_connection_t *control_conn = TO_CONTROL_CONN(conn);
@@ -399,16 +404,15 @@ _connection_free(connection_t *conn)
if (conn->type == CONN_TYPE_DIR) {
dir_connection_t *dir_conn = TO_DIR_CONN(conn);
tor_free(dir_conn->requested_resource);
- if (dir_conn->zlib_state)
- tor_zlib_free(dir_conn->zlib_state);
+
+ tor_zlib_free(dir_conn->zlib_state);
if (dir_conn->fingerprint_stack) {
SMARTLIST_FOREACH(dir_conn->fingerprint_stack, char *, cp, tor_free(cp));
smartlist_free(dir_conn->fingerprint_stack);
}
- if (dir_conn->cached_dir)
- cached_dir_decref(dir_conn->cached_dir);
- if (dir_conn->rend_data)
- rend_data_free(dir_conn->rend_data);
+
+ cached_dir_decref(dir_conn->cached_dir);
+ rend_data_free(dir_conn->rend_data);
}
if (conn->s >= 0) {
@@ -423,7 +427,7 @@ _connection_free(connection_t *conn)
connection_or_remove_from_identity_map(TO_OR_CONN(conn));
}
- memset(conn, 0xAA, memlen); /* poison memory */
+ memset(mem, 0xCC, memlen); /* poison memory */
tor_free(mem);
}
@@ -432,7 +436,8 @@ _connection_free(connection_t *conn)
void
connection_free(connection_t *conn)
{
- tor_assert(conn);
+ if (!conn)
+ return;
tor_assert(!connection_is_on_closeable_list(conn));
tor_assert(!connection_in_array(conn));
if (conn->linked_conn) {
@@ -1262,7 +1267,8 @@ connection_connect(connection_t *conn, const char *address,
dest_addr_len = tor_addr_to_sockaddr(addr, port, dest_addr, sizeof(addrbuf));
tor_assert(dest_addr_len > 0);
- log_debug(LD_NET,"Connecting to %s:%u.",escaped_safe_str(address),port);
+ log_debug(LD_NET, "Connecting to %s:%u.",
+ escaped_safe_str_client(address), port);
if (connect(s, dest_addr, dest_addr_len) < 0) {
int e = tor_socket_errno(s);
@@ -1270,7 +1276,8 @@ connection_connect(connection_t *conn, const char *address,
/* yuck. kill it. */
*socket_error = e;
log_info(LD_NET,
- "connect() to %s:%u failed: %s",escaped_safe_str(address),
+ "connect() to %s:%u failed: %s",
+ escaped_safe_str_client(address),
port, tor_socket_strerror(e));
tor_close_socket(s);
return -1;
@@ -1284,7 +1291,8 @@ connection_connect(connection_t *conn, const char *address,
/* it succeeded. we're connected. */
log_fn(inprogress?LOG_DEBUG:LOG_INFO, LD_NET,
- "Connection to %s:%u %s (sock %d).",escaped_safe_str(address),
+ "Connection to %s:%u %s (sock %d).",
+ escaped_safe_str_client(address),
port, inprogress?"in progress":"established", s);
conn->s = s;
if (connection_add(conn) < 0) /* no space, forget it */
@@ -1373,7 +1381,7 @@ connection_proxy_connect(connection_t *conn, int type)
/* Send a SOCKS4 connect request with empty user id */
if (tor_addr_family(&conn->addr) != AF_INET) {
- log_warn(LD_NET, "SOCKS4 client is incompatible with with IPv6");
+ log_warn(LD_NET, "SOCKS4 client is incompatible with IPv6");
return -1;
}
@@ -1967,6 +1975,7 @@ connection_bucket_write_limit(connection_t *conn, time_t now)
int base = connection_speaks_cells(conn) ?
CELL_NETWORK_SIZE : RELAY_PAYLOAD_SIZE;
int priority = conn->type != CONN_TYPE_DIR;
+ int conn_bucket = (int)conn->outbuf_flushlen;
int global_bucket = global_write_bucket;
if (!connection_is_rate_limited(conn)) {
@@ -1974,12 +1983,22 @@ connection_bucket_write_limit(connection_t *conn, time_t now)
return conn->outbuf_flushlen;
}
+ if (connection_speaks_cells(conn)) {
+ /* use the per-conn write limit if it's lower, but if it's less
+ * than zero just use zero */
+ or_connection_t *or_conn = TO_OR_CONN(conn);
+ if (conn->state == OR_CONN_STATE_OPEN)
+ if (or_conn->write_bucket < conn_bucket)
+ conn_bucket = or_conn->write_bucket >= 0 ?
+ or_conn->write_bucket : 0;
+ }
+
if (connection_counts_as_relayed_traffic(conn, now) &&
global_relayed_write_bucket <= global_write_bucket)
global_bucket = global_relayed_write_bucket;
- return connection_bucket_round_robin(base, priority, global_bucket,
- conn->outbuf_flushlen);
+ return connection_bucket_round_robin(base, priority,
+ global_bucket, conn_bucket);
}
/** Return 1 if the global write buckets are low enough that we
@@ -2033,8 +2052,8 @@ global_write_bucket_low(connection_t *conn, size_t attempt, int priority)
return 0;
}
-/** We just read num_read and wrote num_written onto conn.
- * Decrement buckets appropriately. */
+/** We just read <b>num_read</b> and wrote <b>num_written</b> bytes
+ * onto <b>conn</b>. Decrement buckets appropriately. */
static void
connection_buckets_decrement(connection_t *conn, time_t now,
size_t num_read, size_t num_written)
@@ -2069,8 +2088,10 @@ connection_buckets_decrement(connection_t *conn, time_t now,
}
global_read_bucket -= (int)num_read;
global_write_bucket -= (int)num_written;
- if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN)
+ if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
TO_OR_CONN(conn)->read_bucket -= (int)num_read;
+ TO_OR_CONN(conn)->write_bucket -= (int)num_written;
+ }
}
/** If we have exhausted our global buckets, or the buckets for conn,
@@ -2109,12 +2130,10 @@ connection_consider_empty_write_buckets(connection_t *conn)
} else if (connection_counts_as_relayed_traffic(conn, approx_time()) &&
global_relayed_write_bucket <= 0) {
reason = "global relayed write bucket exhausted. Pausing.";
-#if 0
} else if (connection_speaks_cells(conn) &&
conn->state == OR_CONN_STATE_OPEN &&
TO_OR_CONN(conn)->write_bucket <= 0) {
reason = "connection write bucket exhausted. Pausing.";
-#endif
} else
return; /* all good, no need to stop it */
@@ -2210,14 +2229,19 @@ connection_bucket_refill(int seconds_elapsed, time_t now)
{
if (connection_speaks_cells(conn)) {
or_connection_t *or_conn = TO_OR_CONN(conn);
- if (connection_read_bucket_should_increase(or_conn)) {
+ if (connection_bucket_should_increase(or_conn->read_bucket, or_conn)) {
connection_bucket_refill_helper(&or_conn->read_bucket,
or_conn->bandwidthrate,
or_conn->bandwidthburst,
seconds_elapsed,
"or_conn->read_bucket");
- //log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i,
- // conn->read_bucket);
+ }
+ if (connection_bucket_should_increase(or_conn->write_bucket, or_conn)) {
+ connection_bucket_refill_helper(&or_conn->write_bucket,
+ or_conn->bandwidthrate,
+ or_conn->bandwidthburst,
+ seconds_elapsed,
+ "or_conn->write_bucket");
}
}
@@ -2238,8 +2262,10 @@ connection_bucket_refill(int seconds_elapsed, time_t now)
if (conn->write_blocked_on_bw == 1
&& global_write_bucket > 0 /* and we're allowed to write */
&& (!connection_counts_as_relayed_traffic(conn, now) ||
- global_relayed_write_bucket > 0)) {
- /* even if we're relayed traffic */
+ global_relayed_write_bucket > 0) /* even if it's relayed traffic */
+ && (!connection_speaks_cells(conn) ||
+ conn->state != OR_CONN_STATE_OPEN ||
+ TO_OR_CONN(conn)->write_bucket > 0)) {
LOG_FN_CONN(conn, (LOG_DEBUG,LD_NET,
"waking up conn (fd %d) for write", conn->s));
conn->write_blocked_on_bw = 0;
@@ -2248,17 +2274,17 @@ connection_bucket_refill(int seconds_elapsed, time_t now)
});
}
-/** Is the receiver bucket for connection <b>conn</b> low enough that we
+/** Is the <b>bucket</b> for connection <b>conn</b> low enough that we
* should add another pile of tokens to it?
*/
static int
-connection_read_bucket_should_increase(or_connection_t *conn)
+connection_bucket_should_increase(int bucket, or_connection_t *conn)
{
tor_assert(conn);
if (conn->_base.state != OR_CONN_STATE_OPEN)
return 0; /* only open connections play the rate limiting game */
- if (conn->read_bucket >= conn->bandwidthburst)
+ if (bucket >= conn->bandwidthburst)
return 0;
return 1;
@@ -2276,8 +2302,8 @@ connection_read_bucket_should_increase(or_connection_t *conn)
* Mark the connection and return -1 if you want to close it, else
* return 0.
*/
-int
-connection_handle_read(connection_t *conn)
+static int
+connection_handle_read_impl(connection_t *conn)
{
int max_to_read=-1, try_to_read;
size_t before, n_read = 0;
@@ -2372,6 +2398,16 @@ loop_again:
return 0;
}
+int
+connection_handle_read(connection_t *conn)
+{
+ int res;
+
+ tor_gettimeofday_cache_clear();
+ res = connection_handle_read_impl(conn);
+ return res;
+}
+
/** Pull in new bytes from conn-\>s or conn-\>linked_conn onto conn-\>inbuf,
* either directly or via TLS. Reduce the token buckets by the number of bytes
* read.
@@ -2573,8 +2609,8 @@ connection_outbuf_too_full(connection_t *conn)
* Mark the connection and return -1 if you want to close it, else
* return 0.
*/
-int
-connection_handle_write(connection_t *conn, int force)
+static int
+connection_handle_write_impl(connection_t *conn, int force)
{
int e;
socklen_t len=(socklen_t)sizeof(e);
@@ -2741,6 +2777,15 @@ connection_handle_write(connection_t *conn, int force)
return 0;
}
+int
+connection_handle_write(connection_t *conn, int force)
+{
+ int res;
+ tor_gettimeofday_cache_clear();
+ res = connection_handle_write_impl(conn, force);
+ return res;
+}
+
/** OpenSSL TLS record size is 16383; this is close. The goal here is to
* push data out as soon as we know there's enough for a TLS record, so
* during periods of high load we won't read entire megabytes from
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 97d6595e973766b138dce554cdc25c56e85b473b..d7e8394614aa5b8127c8058c3450a2986a161b17 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -330,7 +330,7 @@ connection_edge_finished_connecting(edge_connection_t *edge_conn)
tor_assert(conn->state == EXIT_CONN_STATE_CONNECTING);
log_info(LD_EXIT,"Exit connection to %s:%u (%s) established.",
- escaped_safe_str(conn->address),conn->port,
+ escaped_safe_str(conn->address), conn->port,
safe_str(fmt_addr(&conn->addr)));
rep_hist_note_exit_stream_opened(conn->port);
@@ -377,13 +377,16 @@ connection_edge_finished_connecting(edge_connection_t *edge_conn)
static int
compute_retry_timeout(edge_connection_t *conn)
{
+ int timeout = get_options()->CircuitStreamTimeout;
+ if (timeout) /* if our config options override the default, use them */
+ return timeout;
if (conn->num_socks_retries < 2) /* try 0 and try 1 */
return 10;
return 15;
}
/** Find all general-purpose AP streams waiting for a response that sent their
- * begin/resolve cell >=15 seconds ago. Detach from their current circuit, and
+ * begin/resolve cell too long ago. Detach from their current circuit, and
* mark their current circuit as unsuitable for new streams. Then call
* connection_ap_handshake_attach_circuit() to attach to a new circuit (if
* available) or launch a new one.
@@ -425,7 +428,8 @@ connection_ap_expire_beginning(void)
log_fn(severity, LD_APP,
"Tried for %d seconds to get a connection to %s:%d. "
"Giving up. (%s)",
- seconds_since_born, safe_str(conn->socks_request->address),
+ seconds_since_born,
+ safe_str_client(conn->socks_request->address),
conn->socks_request->port,
conn_state_to_string(CONN_TYPE_AP, conn->_base.state));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
@@ -442,7 +446,7 @@ connection_ap_expire_beginning(void)
circ = circuit_get_by_edge_conn(conn);
if (!circ) { /* it's vanished? */
log_info(LD_APP,"Conn is waiting (address %s), but lost its circ.",
- safe_str(conn->socks_request->address));
+ safe_str_client(conn->socks_request->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
continue;
}
@@ -452,7 +456,7 @@ connection_ap_expire_beginning(void)
"Rend stream is %d seconds late. Giving up on address"
" '%s.onion'.",
seconds_idle,
- safe_str(conn->socks_request->address));
+ safe_str_client(conn->socks_request->address));
connection_edge_end(conn, END_STREAM_REASON_TIMEOUT);
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
}
@@ -462,7 +466,8 @@ connection_ap_expire_beginning(void)
log_fn(cutoff < 15 ? LOG_INFO : severity, LD_APP,
"We tried for %d seconds to connect to '%s' using exit '%s'."
" Retrying on a new circuit.",
- seconds_idle, safe_str(conn->socks_request->address),
+ seconds_idle,
+ safe_str_client(conn->socks_request->address),
conn->cpath_layer ?
conn->cpath_layer->extend_info->nickname : "*unnamed*");
/* send an end down the circuit */
@@ -579,8 +584,8 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info)
tor_assert(edge_conn->socks_request);
if (edge_conn->chosen_exit_optional) {
log_info(LD_APP, "Giving up on enclave exit '%s' for destination %s.",
- safe_str(edge_conn->chosen_exit_name),
- escaped_safe_str(edge_conn->socks_request->address));
+ safe_str_client(edge_conn->chosen_exit_name),
+ escaped_safe_str_client(edge_conn->socks_request->address));
edge_conn->chosen_exit_optional = 0;
tor_free(edge_conn->chosen_exit_name); /* clears it */
/* if this port is dangerous, warn or reject it now that we don't
@@ -685,7 +690,11 @@ addressmap_init(void)
static void
addressmap_ent_free(void *_ent)
{
- addressmap_entry_t *ent = _ent;
+ addressmap_entry_t *ent;
+ if (!_ent)
+ return;
+
+ ent = _ent;
tor_free(ent->new_address);
tor_free(ent);
}
@@ -694,7 +703,11 @@ addressmap_ent_free(void *_ent)
static void
addressmap_virtaddress_ent_free(void *_ent)
{
- virtaddress_entry_t *ent = _ent;
+ virtaddress_entry_t *ent;
+ if (!_ent)
+ return;
+
+ ent = _ent;
tor_free(ent->ipv4_address);
tor_free(ent->hostname_address);
tor_free(ent);
@@ -784,14 +797,11 @@ addressmap_clean(time_t now)
void
addressmap_free_all(void)
{
- if (addressmap) {
- strmap_free(addressmap, addressmap_ent_free);
- addressmap = NULL;
- }
- if (virtaddress_reversemap) {
- strmap_free(virtaddress_reversemap, addressmap_virtaddress_ent_free);
- virtaddress_reversemap = NULL;
- }
+ strmap_free(addressmap, addressmap_ent_free);
+ addressmap = NULL;
+
+ strmap_free(virtaddress_reversemap, addressmap_virtaddress_ent_free);
+ virtaddress_reversemap = NULL;
}
/** Look at address, and rewrite it until it doesn't want any
@@ -818,9 +828,9 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
return (rewrites > 0); /* done, no rewrite needed */
}
- cp = tor_strdup(escaped_safe_str(ent->new_address));
+ cp = tor_strdup(escaped_safe_str_client(ent->new_address));
log_info(LD_APP, "Addressmap: rewriting %s to %s",
- escaped_safe_str(address), cp);
+ escaped_safe_str_client(address), cp);
if (ent->expires > 1 && ent->expires < expires)
expires = ent->expires;
tor_free(cp);
@@ -828,7 +838,7 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
}
log_warn(LD_CONFIG,
"Loop detected: we've rewritten %s 16 times! Using it as-is.",
- escaped_safe_str(address));
+ escaped_safe_str_client(address));
/* it's fine to rewrite a rewrite, but don't loop forever */
if (expires_out)
*expires_out = TIME_MAX;
@@ -850,9 +860,9 @@ addressmap_rewrite_reverse(char *address, size_t maxlen, time_t *expires_out)
tor_snprintf(s, len, "REVERSE[%s]", address);
ent = strmap_get(addressmap, s);
if (ent) {
- cp = tor_strdup(escaped_safe_str(ent->new_address));
+ cp = tor_strdup(escaped_safe_str_client(ent->new_address));
log_info(LD_APP, "Rewrote reverse lookup %s -> %s",
- escaped_safe_str(s), cp);
+ escaped_safe_str_client(s), cp);
tor_free(cp);
strlcpy(address, ent->new_address, maxlen);
r = 1;
@@ -914,7 +924,9 @@ addressmap_register(const char *address, char *new_address, time_t expires,
if (expires > 1) {
log_info(LD_APP,"Temporary addressmap ('%s' to '%s') not performed, "
"since it's already mapped to '%s'",
- safe_str(address), safe_str(new_address), safe_str(ent->new_address));
+ safe_str_client(address),
+ safe_str_client(new_address),
+ safe_str_client(ent->new_address));
tor_free(new_address);
return;
}
@@ -933,7 +945,8 @@ addressmap_register(const char *address, char *new_address, time_t expires,
ent->source = source;
log_info(LD_CONFIG, "Addressmap: (re)mapped '%s' to '%s'",
- safe_str(address), safe_str(ent->new_address));
+ safe_str_client(address),
+ safe_str_client(ent->new_address));
control_event_address_mapped(address, ent->new_address, expires, NULL);
}
@@ -953,7 +966,8 @@ client_dns_incr_failures(const char *address)
if (ent->num_resolve_failures < SHORT_MAX)
++ent->num_resolve_failures; /* don't overflow */
log_info(LD_APP, "Address %s now has %d resolve failures.",
- safe_str(address), ent->num_resolve_failures);
+ safe_str_client(address),
+ ent->num_resolve_failures);
return ent->num_resolve_failures;
}
@@ -1232,8 +1246,10 @@ addressmap_register_virtual_address(int type, char *new_address)
log_warn(LD_BUG,
"Internal confusion: I thought that '%s' was mapped to by "
"'%s', but '%s' really maps to '%s'. This is a harmless bug.",
- safe_str(new_address), safe_str(*addrp), safe_str(*addrp),
- ent?safe_str(ent->new_address):"(nothing)");
+ safe_str_client(new_address),
+ safe_str_client(*addrp),
+ safe_str_client(*addrp),
+ ent?safe_str_client(ent->new_address):"(nothing)");
}
tor_free(*addrp);
@@ -1254,7 +1270,8 @@ addressmap_register_virtual_address(int type, char *new_address)
(type == RESOLVED_TYPE_IPV4) ?
vent->ipv4_address : vent->hostname_address));
log_info(LD_APP, "Map from %s to %s okay.",
- safe_str(*addrp),safe_str(new_address));
+ safe_str_client(*addrp),
+ safe_str_client(new_address));
}
#endif
@@ -1402,7 +1419,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
tor_strlower(socks->address); /* normalize it */
strlcpy(orig_address, socks->address, sizeof(orig_address));
log_debug(LD_APP,"Client asked for %s:%d",
- safe_str(socks->address),
+ safe_str_client(socks->address),
socks->port);
if (socks->command == SOCKS_COMMAND_RESOLVE &&
@@ -1419,7 +1436,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
tor_assert(new_addr);
log_info(LD_APP, "Automapping %s to %s",
- escaped_safe_str(socks->address), safe_str(new_addr));
+ escaped_safe_str_client(socks->address),
+ safe_str_client(new_addr));
strlcpy(socks->address, new_addr, sizeof(socks->address));
}
}
@@ -1475,7 +1493,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
* information.
*/
log_warn(LD_APP,"Missing mapping for virtual address '%s'. Refusing.",
- socks->address); /* don't safe_str() this yet. */
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -1488,7 +1506,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (addresstype == BAD_HOSTNAME) {
log_warn(LD_APP, "Invalid onion hostname %s; rejecting",
- safe_str(socks->address));
+ safe_str_client(socks->address));
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
@@ -1508,7 +1526,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
*s = 0;
} else {
log_warn(LD_APP,"Malformed exit address '%s.exit'. Refusing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
@@ -1524,7 +1542,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
} else {
log_warn(LD_APP,
"Unrecognized server in exit address '%s.exit'. Refusing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1538,7 +1556,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
escaped(socks->address));
log_warn(LD_APP,
"Destination '%s' seems to be an invalid hostname. Failing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1576,7 +1594,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (r) {
log_info(LD_APP,
"Redirecting address %s to exit at enclave router %s",
- safe_str(socks->address), r->nickname);
+ safe_str_client(socks->address), r->nickname);
/* use the hex digest, not nickname, in case there are two
routers with this nickname */
conn->chosen_exit_name =
@@ -1640,12 +1658,12 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
strlcpy(conn->rend_data->onion_address, socks->address,
sizeof(conn->rend_data->onion_address));
log_info(LD_REND,"Got a hidden service request for ID '%s'",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
/* see if we already have it cached */
r = rend_cache_lookup_entry(conn->rend_data->onion_address, -1, &entry);
if (r<0) {
log_warn(LD_BUG,"Invalid service name '%s'",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1667,7 +1685,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (r==0) {
conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
log_info(LD_REND, "Unknown descriptor %s. Fetching.",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
rend_client_refetch_v2_renddesc(conn->rend_data);
} else { /* r > 0 */
conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
@@ -2126,7 +2144,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
r = tor_addr_parse_reverse_lookup_name(&addr, a, AF_INET, 1);
if (r <= 0) {
log_warn(LD_APP, "Rejecting ill-formed reverse lookup of %s",
- safe_str(a));
+ safe_str_client(a));
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -2134,7 +2152,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
r = tor_addr_to_reverse_lookup_name(inaddr_buf, sizeof(inaddr_buf), &addr);
if (r < 0) {
log_warn(LD_BUG, "Couldn't generate reverse lookup hostname of %s",
- safe_str(a));
+ safe_str_client(a));
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -2175,7 +2193,8 @@ connection_ap_make_link(char *address, uint16_t port,
edge_connection_t *conn;
log_info(LD_APP,"Making internal %s tunnel to %s:%d ...",
- want_onehop ? "direct" : "anonymized" , safe_str(address),port);
+ want_onehop ? "direct" : "anonymized",
+ safe_str_client(address), port);
conn = edge_connection_new(CONN_TYPE_AP, AF_INET);
conn->_base.linked = 1; /* so that we can add it safely below. */
@@ -2678,7 +2697,7 @@ connection_exit_connect(edge_connection_t *edge_conn)
if (!connection_edge_is_rendezvous_stream(edge_conn) &&
router_compare_to_my_exit_policy(edge_conn)) {
log_info(LD_EXIT,"%s:%d failed exit policy. Closing.",
- escaped_safe_str(conn->address), conn->port);
+ escaped_safe_str_client(conn->address), conn->port);
connection_edge_end(edge_conn, END_STREAM_REASON_EXITPOLICY);
circuit_detach_stream(circuit_get_by_edge_conn(edge_conn), edge_conn);
connection_free(conn);
@@ -2821,10 +2840,16 @@ connection_edge_is_rendezvous_stream(edge_connection_t *conn)
* to exit from it, or 0 if it probably will not allow it.
* (We might be uncertain if conn's destination address has not yet been
* resolved.)
+ *
+ * If <b>excluded_means_no</b> is 1 and Exclude*Nodes is set and excludes
+ * this relay, return 0.
*/
int
-connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit)
+connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit,
+ int excluded_means_no)
{
+ or_options_t *options = get_options();
+
tor_assert(conn);
tor_assert(conn->_base.type == CONN_TYPE_AP);
tor_assert(conn->socks_request);
@@ -2870,6 +2895,21 @@ connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit)
if (!conn->chosen_exit_name && policy_is_reject_star(exit->exit_policy))
return 0;
}
+ if (options->_ExcludeExitNodesUnion &&
+ (options->StrictNodes || excluded_means_no) &&
+ routerset_contains_router(options->_ExcludeExitNodesUnion, exit)) {
+ /* If we are trying to avoid this node as exit, and we have StrictNodes
+ * set, then this is not a suitable exit. Refuse it.
+ *
+ * If we don't have StrictNodes set, then this function gets called in
+ * two contexts. First, we've got a circuit open and we want to know
+ * whether we can use it. In that case, we somehow built this circuit
+ * despite having the last hop in ExcludeExitNodes, so we should be
+ * willing to use it. Second, we are evaluating whether this is an
+ * acceptable exit for a new circuit. In that case, skip it. */
+ return 0;
+ }
+
return 1;
}
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index bbd64393c3b754a773622bef390af94a9043e6bd..1aa0bb35b77c5fbc3a86e24a599647fc3625508c 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -80,10 +80,8 @@ connection_or_clear_identity_map(void)
}
});
- if (orconn_identity_map) {
- digestmap_free(orconn_identity_map, NULL);
- orconn_identity_map = NULL;
- }
+ digestmap_free(orconn_identity_map, NULL);
+ orconn_identity_map = NULL;
}
/** Change conn->identity_digest to digest, and add conn into
@@ -322,6 +320,19 @@ connection_or_finished_connecting(or_connection_t *or_conn)
return 0;
}
+/** Return 1 if identity digest <b>id_digest</b> is known to be a
+ * currently or recently running relay. Otherwise return 0. */
+static int
+connection_or_digest_is_known_relay(const char *id_digest)
+{
+ if (router_get_consensus_status_by_id(id_digest))
+ return 1; /* It's in the consensus: "yes" */
+ if (router_get_by_digest(id_digest))
+ return 1; /* Not in the consensus, but we have a descriptor for
+ * it. Probably it was in a recent consensus. "Yes". */
+ return 0;
+}
+
/** If we don't necessarily know the router we're connecting to, but we
* have an addr/port/id_digest, then fill in as much as we can. Start
* by checking to see if this describes a router we know. */
@@ -332,11 +343,31 @@ connection_or_init_conn_from_address(or_connection_t *conn,
int started_here)
{
or_options_t *options = get_options();
+ int rate, burst; /* per-connection rate limiting params */
routerinfo_t *r = router_get_by_digest(id_digest);
- conn->bandwidthrate = (int)options->BandwidthRate;
- conn->read_bucket = conn->bandwidthburst = (int)options->BandwidthBurst;
connection_or_set_identity_digest(conn, id_digest);
+ if (connection_or_digest_is_known_relay(id_digest)) {
+ /* It's in the consensus, or we have a descriptor for it meaning it
+ * was probably in a recent consensus. It's a recognized relay:
+ * give it full bandwidth. */
+ rate = (int)options->BandwidthRate;
+ burst = (int)options->BandwidthBurst;
+ } else {
+ /* Not a recognized relay. Squeeze it down based on the suggested
+ * bandwidth parameters in the consensus, but allow local config
+ * options to override. */
+ rate = options->PerConnBWRate ? (int)options->PerConnBWRate :
+ (int)networkstatus_get_param(NULL, "bwconnrate",
+ (int)options->BandwidthRate);
+ burst = options->PerConnBWBurst ? (int)options->PerConnBWBurst :
+ (int)networkstatus_get_param(NULL, "bwconnburst",
+ (int)options->BandwidthBurst);
+ }
+
+ conn->bandwidthrate = rate;
+ conn->read_bucket = conn->write_bucket = conn->bandwidthburst = burst;
+
conn->_base.port = port;
tor_addr_copy(&conn->_base.addr, addr);
tor_addr_copy(&conn->real_addr, addr);
@@ -774,7 +805,8 @@ connection_tls_start_handshake(or_connection_t *conn, int receiving)
{
conn->_base.state = OR_CONN_STATE_TLS_HANDSHAKING;
conn->tls = tor_tls_new(conn->_base.s, receiving);
- tor_tls_set_logged_address(conn->tls, escaped_safe_str(conn->_base.address));
+ tor_tls_set_logged_address(conn->tls, // XXX client and relay?
+ escaped_safe_str(conn->_base.address));
if (!conn->tls) {
log_warn(LD_BUG,"tor_tls_new failed. Closing.");
return -1;
@@ -887,7 +919,7 @@ connection_or_nonopen_was_started_here(or_connection_t *conn)
* return -1 if he is lying, broken, or otherwise something is wrong.
*
* If we initiated this connection (<b>started_here</b> is true), make sure
- * the other side sent sent a correctly formed certificate. If I initiated the
+ * the other side sent a correctly formed certificate. If I initiated the
* connection, make sure it's the right guy.
*
* Otherwise (if we _didn't_ initiate this connection), it's okay for
@@ -914,7 +946,8 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn,
or_options_t *options = get_options();
int severity = server_mode(options) ? LOG_PROTOCOL_WARN : LOG_WARN;
const char *safe_address =
- started_here ? conn->_base.address : safe_str(conn->_base.address);
+ started_here ? conn->_base.address :
+ safe_str_client(conn->_base.address);
const char *conn_type = started_here ? "outgoing" : "incoming";
int has_cert = 0, has_identity=0;
@@ -1030,7 +1063,7 @@ connection_tls_finish_handshake(or_connection_t *conn)
int started_here = connection_or_nonopen_was_started_here(conn);
log_debug(LD_HANDSHAKE,"tls handshake with %s done. verifying.",
- safe_str(conn->_base.address));
+ safe_str_client(conn->_base.address));
directory_set_dirty();
@@ -1075,7 +1108,8 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here)
void
or_handshake_state_free(or_handshake_state_t *state)
{
- tor_assert(state);
+ if (!state)
+ return;
memset(state, 0xBE, sizeof(or_handshake_state_t));
tor_free(state);
}
@@ -1117,10 +1151,10 @@ connection_or_set_state_open(or_connection_t *conn)
}
}
}
- if (conn->handshake_state) {
- or_handshake_state_free(conn->handshake_state);
- conn->handshake_state = NULL;
- }
+
+ or_handshake_state_free(conn->handshake_state);
+ conn->handshake_state = NULL;
+
connection_start_reading(TO_CONN(conn));
circuit_n_conn_done(conn, 1); /* send the pending creates, if any. */
diff --git a/src/or/control.c b/src/or/control.c
index 009994302ef835f0fda1f120fc771325ec5ddf45..be1e921f31405f22894342dc8e4d5ae0ec45eb57 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -114,8 +114,6 @@ static int handle_control_setevents(control_connection_t *conn, uint32_t len,
static int handle_control_authenticate(control_connection_t *conn,
uint32_t len,
const char *body);
-static int handle_control_saveconf(control_connection_t *conn, uint32_t len,
- const char *body);
static int handle_control_signal(control_connection_t *conn, uint32_t len,
const char *body);
static int handle_control_mapaddress(control_connection_t *conn, uint32_t len,
@@ -281,7 +279,7 @@ connection_write_str_to_buf(const char *s, control_connection_t *conn)
/** Given a <b>len</b>-character string in <b>data</b>, made of lines
* terminated by CRLF, allocate a new string in *<b>out</b>, and copy the
* contents of <b>data</b> into *<b>out</b>, adding a period before any period
- * that that appears at the start of a line, and adding a period-CRLF line at
+ * that appears at the start of a line, and adding a period-CRLF line at
* the end. Replace all LF characters sequences with CRLF. Return the number
* of bytes in *<b>out</b>.
*/
@@ -1248,7 +1246,7 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len,
smartlist_add(reply, ans);
log_warn(LD_CONTROL,
"Unable to allocate address for '%s' in MapAddress msg",
- safe_str(line));
+ safe_str_client(line));
} else {
tor_snprintf(ans, anslen, "250-%s=%s", address, to);
smartlist_add(reply, ans);
@@ -1265,7 +1263,8 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len,
"not of expected form 'foo=bar'.", line);
smartlist_add(reply, ans);
log_info(LD_CONTROL, "Skipping MapAddress '%s': wrong "
- "number of items.", safe_str(line));
+ "number of items.",
+ safe_str_client(line));
}
SMARTLIST_FOREACH(elts, char *, cp, tor_free(cp));
smartlist_clear(elts);
@@ -1301,6 +1300,8 @@ getinfo_helper_misc(control_connection_t *conn, const char *question,
*answer = tor_strdup(get_version());
} else if (!strcmp(question, "config-file")) {
*answer = tor_strdup(get_torrc_fname());
+ } else if (!strcmp(question, "config-text")) {
+ *answer = options_dump(get_options(), 1);
} else if (!strcmp(question, "info/names")) {
*answer = list_getinfo_options();
} else if (!strcmp(question, "events/names")) {
@@ -1754,21 +1755,10 @@ getinfo_helper_events(control_connection_t *control_conn,
"information", question);
}
} else if (!strcmp(question, "status/clients-seen")) {
- char geoip_start[ISO_TIME_LEN+1];
- size_t answer_len;
- char *geoip_summary = extrainfo_get_client_geoip_summary(time(NULL));
-
- if (!geoip_summary)
+ char *bridge_stats = geoip_get_bridge_stats_controller(time(NULL));
+ if (!bridge_stats)
return -1;
-
- answer_len = strlen("TimeStarted=\"\" CountrySummary=") +
- ISO_TIME_LEN + strlen(geoip_summary) + 1;
- *answer = tor_malloc(answer_len);
- format_iso_time(geoip_start, geoip_get_history_start());
- tor_snprintf(*answer, answer_len,
- "TimeStarted=\"%s\" CountrySummary=%s",
- geoip_start, geoip_summary);
- tor_free(geoip_summary);
+ *answer = bridge_stats;
} else {
return 0;
}
@@ -1802,6 +1792,8 @@ typedef struct getinfo_item_t {
static const getinfo_item_t getinfo_items[] = {
ITEM("version", misc, "The current version of Tor."),
ITEM("config-file", misc, "Current location of the \"torrc\" file."),
+ ITEM("config-text", misc,
+ "Return the string that would be written by a saveconf command."),
ITEM("accounting/bytes", accounting,
"Number of bytes read/written so far in the accounting interval."),
ITEM("accounting/bytes-left", accounting,
@@ -2143,8 +2135,7 @@ handle_control_extendcircuit(control_connection_t *conn, uint32_t len,
done:
SMARTLIST_FOREACH(router_nicknames, char *, n, tor_free(n));
smartlist_free(router_nicknames);
- if (routers)
- smartlist_free(routers);
+ smartlist_free(routers);
return 0;
}
@@ -3844,10 +3835,9 @@ control_event_bootstrap_problem(const char *warn, int reason)
* from recently. Send a copy to the controller in case it wants to
* display it for the user. */
void
-control_event_clients_seen(const char *timestarted, const char *countries)
+control_event_clients_seen(const char *controller_str)
{
send_control_event(EVENT_CLIENTS_SEEN, 0,
- "650 CLIENTS_SEEN TimeStarted=\"%s\" CountrySummary=%s\r\n",
- timestarted, countries);
+ "650 CLIENTS_SEEN %s\r\n", controller_str);
}
diff --git a/src/or/directory.c b/src/or/directory.c
index 1d3c43ec0c9a89a33998354c763ccc1eccbbb08d..30c08b84b246de0ad0c31914b29b7ef1bfe08f9e 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -96,8 +96,9 @@ static void directory_initiate_command_rend(const char *address,
/********* END VARIABLES ************/
-/** Return true iff the directory purpose 'purpose' must use an
- * anonymous connection to a directory. */
+/** Return true iff the directory purpose <b>dir_purpose</b> (and if it's
+ * fetching descriptors, it's fetching them for <b>router_purpose</b>)
+ * must use an anonymous connection to a directory. */
static int
purpose_needs_anonymity(uint8_t dir_purpose, uint8_t router_purpose)
{
@@ -229,7 +230,7 @@ directories_have_accepted_server_descriptor(void)
/** Start a connection to every suitable directory authority, using
* connection purpose 'purpose' and uploading the payload 'payload'
- * (length 'payload_len'). The purpose should be one of
+ * (length 'payload_len'). dir_purpose should be one of
* 'DIR_PURPOSE_UPLOAD_DIR' or 'DIR_PURPOSE_UPLOAD_RENDDESC'.
*
* <b>type</b> specifies what sort of dir authorities (V1, V2,
@@ -557,7 +558,7 @@ connection_dir_request_failed(dir_connection_t *conn)
if (directory_conn_is_self_reachability_test(conn)) {
return; /* this was a test fetch. don't retry. */
}
- if (entry_list_can_grow(get_options()))
+ if (entry_list_is_constrained(get_options()))
router_set_status(conn->identity_digest, 0); /* don't try him again */
if (conn->_base.purpose == DIR_PURPOSE_FETCH_V2_NETWORKSTATUS) {
log_info(LD_DIR, "Giving up on directory server at '%s'; retrying",
@@ -664,7 +665,7 @@ connection_dir_download_cert_failed(dir_connection_t *conn, int status)
* 1) If or_port is 0, or it's a direct conn and or_port is firewalled
* or we're a dir mirror, no.
* 2) If we prefer to avoid begindir conns, and we're not fetching or
- * publishing a bridge relay descriptor, no.
+ * publishing a bridge relay descriptor, no.
* 3) Else yes.
*/
static int
@@ -919,7 +920,7 @@ directory_get_consensus_url(int supports_conditional_consensus)
}
/** Queue an appropriate HTTP command on conn-\>outbuf. The other args
- * are as in directory_initiate_command.
+ * are as in directory_initiate_command().
*/
static void
directory_send_command(dir_connection_t *conn,
@@ -1147,7 +1148,7 @@ parse_http_url(const char *headers, char **url)
if (s-tmp >= 3 && !strcmpstart(tmp,"://")) {
tmp = strchr(tmp+3, '/');
if (tmp && tmp < s) {
- log_debug(LD_DIR,"Skipping over 'http[s]://hostname' string");
+ log_debug(LD_DIR,"Skipping over 'http[s]://hostname/' string");
start = tmp;
}
}
@@ -1463,21 +1464,22 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
}
(void) skewed; /* skewed isn't used yet. */
- if (status_code == 503 && body_len < 16) {
- routerstatus_t *rs;
- trusted_dir_server_t *ds;
- log_info(LD_DIR,"Received http status code %d (%s) from server "
- "'%s:%d'. I'll try again soon.",
- status_code, escaped(reason), conn->_base.address,
- conn->_base.port);
- if ((rs = router_get_consensus_status_by_id(conn->identity_digest)))
- rs->last_dir_503_at = now;
- if ((ds = router_get_trusteddirserver_by_digest(conn->identity_digest)))
- ds->fake_status.last_dir_503_at = now;
+ if (status_code == 503) {
+ if (body_len < 16) {
+ routerstatus_t *rs;
+ trusted_dir_server_t *ds;
+ log_info(LD_DIR,"Received http status code %d (%s) from server "
+ "'%s:%d'. I'll try again soon.",
+ status_code, escaped(reason), conn->_base.address,
+ conn->_base.port);
+ if ((rs = router_get_consensus_status_by_id(conn->identity_digest)))
+ rs->last_dir_503_at = now;
+ if ((ds = router_get_trusteddirserver_by_digest(conn->identity_digest)))
+ ds->fake_status.last_dir_503_at = now;
- tor_free(body); tor_free(headers); tor_free(reason);
- return -1;
- } else if (status_code == 503) {
+ tor_free(body); tor_free(headers); tor_free(reason);
+ return -1;
+ }
/* XXXX022 Remove this once every server with bug 539 is obsolete. */
log_info(LD_DIR, "Server at '%s:%d' sent us a 503 response, but included "
"a body anyway. We'll pretend it gave us a 200.",
@@ -1549,7 +1551,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
v2_networkstatus_source_t source;
char *cp;
log_info(LD_DIR,"Received networkstatus objects (size %d) from server "
- "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
+ "'%s:%d'", (int)body_len, conn->_base.address, conn->_base.port);
if (status_code != 200) {
log_warn(LD_DIR,
"Received http status code %d (%s) from server "
@@ -1623,7 +1625,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
return -1;
}
log_info(LD_DIR,"Received consensus directory (size %d) from server "
- "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
+ "'%s:%d'", (int)body_len, conn->_base.address, conn->_base.port);
if ((r=networkstatus_set_current_consensus(body, "ns", 0))<0) {
log_fn(r<-1?LOG_WARN:LOG_INFO, LD_DIR,
"Unable to load consensus directory downloaded from "
@@ -1651,7 +1653,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
return -1;
}
log_info(LD_DIR,"Received authority certificates (size %d) from server "
- "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
+ "'%s:%d'", (int)body_len, conn->_base.address, conn->_base.port);
if (trusted_dirs_load_certs_from_string(body, 0, 1)<0) {
log_warn(LD_DIR, "Unable to parse fetched certificates");
/* if we fetched more than one and only some failed, the successful
@@ -1666,7 +1668,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
const char *msg;
int st;
log_info(LD_DIR,"Got votes (size %d) from server %s:%d",
- (int) body_len, conn->_base.address, conn->_base.port);
+ (int)body_len, conn->_base.address, conn->_base.port);
if (status_code != 200) {
log_warn(LD_DIR,
"Received http status code %d (%s) from server "
@@ -1686,7 +1688,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
if (conn->_base.purpose == DIR_PURPOSE_FETCH_DETACHED_SIGNATURES) {
const char *msg = NULL;
log_info(LD_DIR,"Got detached signatures (size %d) from server %s:%d",
- (int) body_len, conn->_base.address, conn->_base.port);
+ (int)body_len, conn->_base.address, conn->_base.port);
if (status_code != 200) {
log_warn(LD_DIR,
"Received http status code %d (%s) from server '%s:%d' while fetching "
@@ -1996,12 +1998,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
"'%s:%d'. Malformed rendezvous descriptor?",
escaped(reason), conn->_base.address, conn->_base.port);
break;
- case 503:
- log_info(LD_REND,"http status 503 (%s) response from dirserver "
- "'%s:%d'. Node is (currently) not acting as v2 hidden "
- "service directory.",
- escaped(reason), conn->_base.address, conn->_base.port);
- break;
default:
log_warn(LD_REND,"http status %d (%s) response unexpected (server "
"'%s:%d').",
@@ -2308,7 +2304,7 @@ directory_dump_request_log(void)
}
#endif
-/** Decide whether a client would accept the consensus we have
+/** Decide whether a client would accept the consensus we have.
*
* Clients can say they only want a consensus if it's signed by more
* than half the authorities in a list. They pass this list in
@@ -2955,18 +2951,9 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
note_request("/tor/rendezvous?/", desc_len);
/* need to send descp separately, because it may include NULs */
connection_write_to_buf(descp, desc_len, TO_CONN(conn));
- /* report successful fetch to statistic */
- if (options->HSAuthorityRecordStats) {
- hs_usage_note_fetch_total(query, time(NULL));
- hs_usage_note_fetch_successful(query, time(NULL));
- }
break;
case 0: /* well-formed but not present */
write_http_status_line(conn, 404, "Not found");
- /* report (unsuccessful) fetch to statistic */
- if (options->HSAuthorityRecordStats) {
- hs_usage_note_fetch_total(query, time(NULL));
- }
break;
case -1: /* not well-formed */
write_http_status_line(conn, 400, "Bad request");
@@ -3024,7 +3011,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
if (!strcmp(url,"/tor/dbg-stability.txt")) {
const char *stability;
size_t len;
- if (! authdir_mode_tests_reachability(options) ||
+ if (options->BridgeAuthoritativeDir ||
+ ! authdir_mode_tests_reachability(options) ||
! (stability = rep_hist_get_router_stability_doc(time(NULL)))) {
write_http_status_line(conn, 404, "Not found.");
goto done;
@@ -3242,8 +3230,8 @@ directory_handle_command(dir_connection_t *conn)
&body, &body_len, MAX_DIR_UL_SIZE, 0)) {
case -1: /* overflow */
log_warn(LD_DIRSERV,
- "Invalid input from address '%s'. Closing.",
- conn->_base.address);
+ "Request too large from address '%s' to DirPort. Closing.",
+ safe_str(conn->_base.address));
return -1;
case 0:
log_debug(LD_DIRSERV,"command not all here yet.");
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 3700cd134ed37971f8cc9307655d02e117b0d2ff..30246123579c885cf020a31b94b0eacb0cd25f6a 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -72,7 +72,7 @@ static int dirserv_add_extrainfo(extrainfo_t *ei, const char **msg);
#define FP_INVALID 2 /**< Believed invalid. */
#define FP_REJECT 4 /**< We will not publish this router. */
#define FP_BADDIR 8 /**< We'll tell clients to avoid using this as a dir. */
-#define FP_BADEXIT 16 /**< We'll tell clients not to use this as an exit. */
+#define FP_BADEXIT 16 /**< We'll tell clients not to use this as an exit. */
#define FP_UNNAMED 32 /**< Another router has this name in fingerprint file. */
/** Encapsulate a nickname and an FP_* status; target of status_by_digest
@@ -102,7 +102,7 @@ authdir_config_new(void)
return list;
}
-/** Add the fingerprint <b>fp</b> for the nickname <b>nickname</b> to
+/** Add the fingerprint <b>fp</b> for <b>nickname</b> to
* the smartlist of fingerprint_entry_t's <b>list</b>. Return 0 if it's
* new, or 1 if we replaced the old value.
*/
@@ -184,8 +184,7 @@ dirserv_add_own_fingerprint(const char *nickname, crypto_pk_env_t *pk)
* file. The file format is line-based, with each non-blank holding one
* nickname, some space, and a fingerprint for that nickname. On success,
* replace the current fingerprint list with the new list and return 0. On
- * failure, leave the current fingerprint list untouched, and
- * return -1. */
+ * failure, leave the current fingerprint list untouched, and return -1. */
int
dirserv_load_fingerprint_file(void)
{
@@ -1292,7 +1291,11 @@ clear_cached_dir(cached_dir_t *d)
static void
_free_cached_dir(void *_d)
{
- cached_dir_t *d = (cached_dir_t *)_d;
+ cached_dir_t *d;
+ if (!_d)
+ return;
+
+ d = (cached_dir_t *)_d;
cached_dir_decref(d);
}
@@ -2814,10 +2817,8 @@ generate_v2_networkstatus_opinion(void)
tor_free(status);
tor_free(hostname);
tor_free(identity_pkey);
- if (routers)
- smartlist_free(routers);
- if (omit_as_sybil)
- digestmap_free(omit_as_sybil, NULL);
+ smartlist_free(routers);
+ digestmap_free(omit_as_sybil, NULL);
return r;
}
@@ -3493,8 +3494,7 @@ connection_dirserv_add_networkstatus_bytes_to_outbuf(dir_connection_t *conn)
}
} else {
connection_dirserv_finish_spooling(conn);
- if (conn->fingerprint_stack)
- smartlist_free(conn->fingerprint_stack);
+ smartlist_free(conn->fingerprint_stack);
conn->fingerprint_stack = NULL;
return 0;
}
@@ -3541,13 +3541,10 @@ dirserv_free_all(void)
cached_dir_decref(the_v2_networkstatus);
cached_dir_decref(cached_directory);
clear_cached_dir(&cached_runningrouters);
- if (cached_v2_networkstatus) {
- digestmap_free(cached_v2_networkstatus, _free_cached_dir);
- cached_v2_networkstatus = NULL;
- }
- if (cached_consensuses) {
- strmap_free(cached_consensuses, _free_cached_dir);
- cached_consensuses = NULL;
- }
+
+ digestmap_free(cached_v2_networkstatus, _free_cached_dir);
+ cached_v2_networkstatus = NULL;
+ strmap_free(cached_consensuses, _free_cached_dir);
+ cached_consensuses = NULL;
}
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index f745db6fc4ddf23db9ab20eb161bbc20dbece837..7227ac9740c4508954ba1a701d40e3c0f556b7f2 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -1697,6 +1697,8 @@ get_detached_signatures_from_pending_consensuses(pending_consensus_t *pending,
void
ns_detached_signatures_free(ns_detached_signatures_t *s)
{
+ if (!s)
+ return;
if (s->signatures) {
STRMAP_FOREACH(s->signatures, flavor, smartlist_t *, sigs) {
SMARTLIST_FOREACH(sigs, document_signature_t *, sig,
@@ -2060,10 +2062,9 @@ dirvote_clear_pending_consensuses(void)
for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
pending_consensus_t *pc = &pending_consensuses[i];
tor_free(pc->body);
- if (pc->consensus) {
- networkstatus_vote_free(pc->consensus);
- pc->consensus = NULL;
- }
+
+ networkstatus_vote_free(pc->consensus);
+ pc->consensus = NULL;
}
}
@@ -2265,8 +2266,7 @@ dirvote_add_vote(const char *vote_body, const char **msg_out, int *status_out)
*status_out = 400;
discard:
- if (vote)
- networkstatus_vote_free(vote);
+ networkstatus_vote_free(vote);
if (end_of_vote && !strcmpstart(end_of_vote, "network-status-version ")) {
vote_body = end_of_vote;
@@ -2451,8 +2451,7 @@ dirvote_compute_consensuses(void)
return 0;
err:
- if (votes)
- smartlist_free(votes);
+ smartlist_free(votes);
tor_free(consensus_body);
tor_free(signatures);
networkstatus_vote_free(consensus);
@@ -2580,8 +2579,7 @@ dirvote_add_signatures_to_all_pending_consensuses(
if (!*msg_out)
*msg_out = "Unrecognized error while adding detached signatures.";
done:
- if (sigs)
- ns_detached_signatures_free(sigs);
+ ns_detached_signatures_free(sigs);
/* XXXX NM Check how return is used. We can now have an error *and*
signatures added. */
return r;
diff --git a/src/or/dns.c b/src/or/dns.c
index ffd30c89d800a801a5d914666f2b39f1bbb8c1f9..08bff763a349402b9d798bec7d0c8a69fc5e23e4 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -128,6 +128,8 @@ typedef struct cached_resolve_t {
uint32_t ttl; /**< What TTL did the nameserver tell us? */
/** Connections that want to know when we get an answer for this resolve. */
pending_connection_t *pending_connections;
+ /** Position of this element in the heap*/
+ int minheap_idx;
} cached_resolve_t;
static void purge_expired_resolves(time_t now);
@@ -301,6 +303,8 @@ dns_get_expiry_ttl(uint32_t ttl)
static void
_free_cached_resolve(cached_resolve_t *r)
{
+ if (!r)
+ return;
while (r->pending_connections) {
pending_connection_t *victim = r->pending_connections;
r->pending_connections = victim->next;
@@ -342,6 +346,7 @@ set_expiry(cached_resolve_t *resolve, time_t expires)
resolve->expire = expires;
smartlist_pqueue_add(cached_resolve_pqueue,
_compare_cached_resolves_by_expiry,
+ STRUCT_OFFSET(cached_resolve_t, minheap_idx),
resolve);
}
@@ -364,8 +369,7 @@ dns_free_all(void)
_free_cached_resolve(item);
}
HT_CLEAR(cache_map, &cache_root);
- if (cached_resolve_pqueue)
- smartlist_free(cached_resolve_pqueue);
+ smartlist_free(cached_resolve_pqueue);
cached_resolve_pqueue = NULL;
tor_free(resolv_conf_fname);
}
@@ -388,7 +392,8 @@ purge_expired_resolves(time_t now)
if (resolve->expire > now)
break;
smartlist_pqueue_pop(cached_resolve_pqueue,
- _compare_cached_resolves_by_expiry);
+ _compare_cached_resolves_by_expiry,
+ STRUCT_OFFSET(cached_resolve_t, minheap_idx));
if (resolve->state == CACHE_STATE_PENDING) {
log_debug(LD_EXIT,
@@ -750,6 +755,7 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
resolve = tor_malloc_zero(sizeof(cached_resolve_t));
resolve->magic = CACHED_RESOLVE_MAGIC;
resolve->state = CACHE_STATE_PENDING;
+ resolve->minheap_idx = -1;
resolve->is_reverse = is_reverse;
strlcpy(resolve->address, exitconn->_base.address, sizeof(resolve->address));
@@ -846,7 +852,8 @@ connection_dns_remove(edge_connection_t *conn)
tor_free(pend);
log_debug(LD_EXIT, "First connection (fd %d) no longer waiting "
"for resolve of %s",
- conn->_base.s, escaped_safe_str(conn->_base.address));
+ conn->_base.s,
+ escaped_safe_str(conn->_base.address));
return;
} else {
for ( ; pend->next; pend = pend->next) {
@@ -1386,7 +1393,8 @@ launch_resolve(edge_connection_t *exitconn)
r = 0;
if (!req) {
- log_warn(LD_EXIT, "eventdns rejected address %s.", escaped_safe_str(addr));
+ log_warn(LD_EXIT, "eventdns rejected address %s.",
+ escaped_safe_str(addr));
r = -1;
tor_free(addr); /* There is no evdns request in progress; stop
* addr from getting leaked. */
@@ -1642,10 +1650,9 @@ dns_seems_to_be_broken(void)
void
dns_reset_correctness_checks(void)
{
- if (dns_wildcard_response_count) {
- strmap_free(dns_wildcard_response_count, _tor_free);
- dns_wildcard_response_count = NULL;
- }
+ strmap_free(dns_wildcard_response_count, _tor_free);
+ dns_wildcard_response_count = NULL;
+
n_wildcard_requests = 0;
if (dns_wildcard_list) {
@@ -1734,7 +1741,8 @@ _assert_cache_ok(void)
return;
smartlist_pqueue_assert_ok(cached_resolve_pqueue,
- _compare_cached_resolves_by_expiry);
+ _compare_cached_resolves_by_expiry,
+ STRUCT_OFFSET(cached_resolve_t, minheap_idx));
SMARTLIST_FOREACH(cached_resolve_pqueue, cached_resolve_t *, res,
{
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index b1e0ff104f89feb1eac27b6e754b16bdcd22e50d..256dcbd75ba337ef91c62253f2849effac8fef83 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -138,13 +138,13 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
* immediately if it's in the cache, or completely bogus, or automapped),
* and then attached to a circuit. */
log_info(LD_APP, "Passing request for %s to rewrite_and_attach.",
- escaped_safe_str(q->name));
+ escaped_safe_str_client(q->name));
q_name = tor_strdup(q->name); /* q could be freed in rewrite_and_attach */
connection_ap_handshake_rewrite_and_attach(conn, NULL, NULL);
/* Now, the connection is marked if it was bad. */
log_info(LD_APP, "Passed request for %s to rewrite_and_attach.",
- escaped_safe_str(q_name));
+ escaped_safe_str_client(q_name));
tor_free(q_name);
}
@@ -183,13 +183,13 @@ dnsserv_launch_request(const char *name, int reverse)
* immediately if it's in the cache, or completely bogus, or automapped),
* and then attached to a circuit. */
log_info(LD_APP, "Passing request for %s to rewrite_and_attach.",
- escaped_safe_str(name));
+ escaped_safe_str_client(name));
q_name = tor_strdup(name); /* q could be freed in rewrite_and_attach */
connection_ap_handshake_rewrite_and_attach(conn, NULL, NULL);
/* Now, the connection is marked if it was bad. */
log_info(LD_APP, "Passed request for %s to rewrite_and_attach.",
- escaped_safe_str(q_name));
+ escaped_safe_str_client(q_name));
tor_free(q_name);
return 0;
}
diff --git a/src/or/geoip.c b/src/or/geoip.c
index 5b40c2e058b1efdf28007336f04e354dbbe856ff..a00280e39dafa079a77b80d12b126fbe1270e9d1 100644
--- a/src/or/geoip.c
+++ b/src/or/geoip.c
@@ -988,7 +988,7 @@ geoip_dirreq_stats_write(time_t now)
statsdir = get_datadir_fname("stats");
if (check_private_dir(statsdir, CPD_CREATE) < 0)
goto done;
- filename = get_datadir_fname("stats"PATH_SEPARATOR"dirreq-stats");
+ filename = get_datadir_fname2("stats", "dirreq-stats");
data_v2 = geoip_get_client_history_dirreq(now,
GEOIP_CLIENT_NETWORKSTATUS_V2);
data_v3 = geoip_get_client_history_dirreq(now,
@@ -1081,6 +1081,195 @@ geoip_dirreq_stats_write(time_t now)
tor_free(data_v3);
}
+/** Start time of bridge stats. */
+static time_t start_of_bridge_stats_interval;
+
+/** Initialize bridge stats. */
+void
+geoip_bridge_stats_init(time_t now)
+{
+ start_of_bridge_stats_interval = now;
+}
+
+/** Parse the bridge statistics as they are written to extra-info
+ * descriptors for being returned to controller clients. Return the
+ * controller string if successful, or NULL otherwise. */
+static char *
+parse_bridge_stats_controller(const char *stats_str, time_t now)
+{
+ char stats_end_str[ISO_TIME_LEN+1], stats_start_str[ISO_TIME_LEN+1],
+ *controller_str, *eos, *eol, *summary;
+
+ const char *BRIDGE_STATS_END = "bridge-stats-end ";
+ const char *BRIDGE_IPS = "bridge-ips ";
+ const char *BRIDGE_IPS_EMPTY_LINE = "bridge-ips\n";
+ const char *tmp;
+ time_t stats_end_time;
+ size_t controller_len;
+ int seconds;
+ tor_assert(stats_str);
+
+ /* Parse timestamp and number of seconds from
+ "bridge-stats-end YYYY-MM-DD HH:MM:SS (N s)" */
+ tmp = find_str_at_start_of_line(stats_str, BRIDGE_STATS_END);
+ if (!tmp)
+ return NULL;
+ tmp += strlen(BRIDGE_STATS_END);
+
+ if (strlen(tmp) < ISO_TIME_LEN + 6)
+ return NULL;
+ strlcpy(stats_end_str, tmp, sizeof(stats_end_str));
+ if (parse_iso_time(stats_end_str, &stats_end_time) < 0)
+ return NULL;
+ if (stats_end_time < now - (25*60*60) ||
+ stats_end_time > now + (1*60*60))
+ return NULL;
+ seconds = (int)strtol(tmp + ISO_TIME_LEN + 2, &eos, 10);
+ if (!eos || seconds < 23*60*60)
+ return NULL;
+ format_iso_time(stats_start_str, stats_end_time - seconds);
+
+ /* Parse: "bridge-ips CC=N,CC=N,..." */
+ tmp = find_str_at_start_of_line(stats_str, BRIDGE_IPS);
+ if (tmp) {
+ tmp += strlen(BRIDGE_IPS);
+ tmp = eat_whitespace_no_nl(tmp);
+ eol = strchr(tmp, '\n');
+ if (eol)
+ summary = tor_strndup(tmp, eol-tmp);
+ else
+ summary = tor_strdup(tmp);
+ } else {
+ /* Look if there is an empty "bridge-ips" line */
+ tmp = find_str_at_start_of_line(stats_str, BRIDGE_IPS_EMPTY_LINE);
+ if (!tmp)
+ return NULL;
+ summary = tor_strdup("");
+ }
+
+ controller_len = strlen("TimeStarted=\"\" CountrySummary=") +
+ strlen(summary) + 42;
+ controller_str = tor_malloc(controller_len);
+ if (tor_snprintf(controller_str, controller_len,
+ "TimeStarted=\"%s\" CountrySummary=%s",
+ stats_start_str, summary) < 0) {
+ tor_free(controller_str);
+ tor_free(summary);
+ return NULL;
+ }
+ tor_free(summary);
+ return controller_str;
+}
+
+/** Most recent bridge statistics formatted to be written to extra-info
+ * descriptors. */
+static char *bridge_stats_extrainfo = NULL;
+
+/** Most recent bridge statistics formatted to be returned to controller
+ * clients. */
+static char *bridge_stats_controller = NULL;
+
+/** Write bridge statistics to $DATADIR/stats/bridge-stats and return
+ * when we should next try to write statistics. */
+time_t
+geoip_bridge_stats_write(time_t now)
+{
+ char *statsdir = NULL, *filename = NULL, *data = NULL,
+ written[ISO_TIME_LEN+1], *out = NULL, *controller_str;
+ size_t len;
+
+ /* If we changed from relay to bridge recently, adapt starting time
+ * of current measurements. */
+ if (start_of_bridge_stats_interval < client_history_starts)
+ start_of_bridge_stats_interval = client_history_starts;
+
+ /* Check if 24 hours have passed since starting measurements. */
+ if (now < start_of_bridge_stats_interval +
+ DIR_ENTRY_RECORD_USAGE_RETAIN_IPS)
+ return start_of_bridge_stats_interval +
+ DIR_ENTRY_RECORD_USAGE_RETAIN_IPS;
+
+ /* Discard all items in the client history that are too old. */
+ geoip_remove_old_clients(start_of_bridge_stats_interval);
+
+ statsdir = get_datadir_fname("stats");
+ if (check_private_dir(statsdir, CPD_CREATE) < 0)
+ goto done;
+ filename = get_datadir_fname2("stats", "bridge-stats");
+ data = geoip_get_client_history_bridge(now, GEOIP_CLIENT_CONNECT);
+ format_iso_time(written, now);
+ len = strlen("bridge-stats-end (999999 s)\nbridge-ips \n") +
+ ISO_TIME_LEN + (data ? strlen(data) : 0) + 42;
+ out = tor_malloc(len);
+ if (tor_snprintf(out, len, "bridge-stats-end %s (%u s)\nbridge-ips %s\n",
+ written, (unsigned) (now - start_of_bridge_stats_interval),
+ data ? data : "") < 0)
+ goto done;
+ write_str_to_file(filename, out, 0);
+ controller_str = parse_bridge_stats_controller(out, now);
+ if (!controller_str)
+ goto done;
+ start_of_bridge_stats_interval = now;
+ tor_free(bridge_stats_extrainfo);
+ tor_free(bridge_stats_controller);
+ bridge_stats_extrainfo = out;
+ out = NULL;
+ bridge_stats_controller = controller_str;
+ control_event_clients_seen(controller_str);
+ done:
+ tor_free(filename);
+ tor_free(statsdir);
+ tor_free(data);
+ tor_free(out);
+ return start_of_bridge_stats_interval +
+ DIR_ENTRY_RECORD_USAGE_RETAIN_IPS;
+}
+
+/** Try to load the most recent bridge statistics from disk, unless we
+ * have finished a measurement interval lately. */
+static void
+load_bridge_stats(time_t now)
+{
+ char *statsdir, *fname=NULL, *contents, *controller_str;
+ if (bridge_stats_extrainfo)
+ return;
+ statsdir = get_datadir_fname("stats");
+ if (check_private_dir(statsdir, CPD_CREATE) < 0)
+ goto done;
+ fname = get_datadir_fname2("stats", "bridge-stats");
+ contents = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
+ if (contents) {
+ controller_str = parse_bridge_stats_controller(contents, now);
+ if (controller_str) {
+ bridge_stats_extrainfo = contents;
+ bridge_stats_controller = controller_str;
+ } else {
+ tor_free(contents);
+ }
+ }
+ done:
+ tor_free(fname);
+ tor_free(statsdir);
+}
+
+/** Return most recent bridge statistics for inclusion in extra-info
+ * descriptors, or NULL if we don't have recent bridge statistics. */
+char *
+geoip_get_bridge_stats_extrainfo(time_t now)
+{
+ load_bridge_stats(now);
+ return bridge_stats_extrainfo;
+}
+
+/** Return most recent bridge statistics to be returned to controller
+ * clients, or NULL if we don't have recent bridge statistics. */
+char *
+geoip_get_bridge_stats_controller(time_t now)
+{
+ load_bridge_stats(now);
+ return bridge_stats_controller;
+}
+
/** Start time of entry stats. */
static time_t start_of_entry_stats_interval;
@@ -1110,7 +1299,7 @@ geoip_entry_stats_write(time_t now)
statsdir = get_datadir_fname("stats");
if (check_private_dir(statsdir, CPD_CREATE) < 0)
goto done;
- filename = get_datadir_fname("stats"PATH_SEPARATOR"entry-stats");
+ filename = get_datadir_fname2("stats", "entry-stats");
data = geoip_get_client_history_dirreq(now, GEOIP_CLIENT_CONNECT);
format_iso_time(written, now);
out = start_writing_to_stdio_file(filename, OPEN_FLAGS_APPEND,
@@ -1162,8 +1351,8 @@ clear_geoip_db(void)
SMARTLIST_FOREACH(geoip_countries, geoip_country_t *, c, tor_free(c));
smartlist_free(geoip_countries);
}
- if (country_idxplus1_by_lc_code)
- strmap_free(country_idxplus1_by_lc_code, NULL);
+
+ strmap_free(country_idxplus1_by_lc_code, NULL);
if (geoip_entries) {
SMARTLIST_FOREACH(geoip_entries, geoip_entry_t *, ent, tor_free(ent));
smartlist_free(geoip_entries);
diff --git a/src/or/main.c b/src/or/main.c
index 537abcc8326d8b225afc679e377d364cdb3afb28..f4ee16ca1f35f24c7067385997b7f8930d5b77c6 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -563,7 +563,7 @@ conn_close_if_marked(int i)
log_info(LD_NET,
"Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
"to flush %d bytes. (Marked at %s:%d)",
- escaped_safe_str(conn->address),
+ escaped_safe_str_client(conn->address),
conn->s, conn_type_to_string(conn->type), conn->state,
(int)conn->outbuf_flushlen,
conn->marked_for_close_file, conn->marked_for_close);
@@ -616,8 +616,8 @@ conn_close_if_marked(int i)
"something is wrong with theirs. "
"(fd %d, type %s, state %d, marked at %s:%d).",
(int)buf_datalen(conn->outbuf),
- escaped_safe_str(conn->address), conn->s,
- conn_type_to_string(conn->type), conn->state,
+ escaped_safe_str_client(conn->address),
+ conn->s, conn_type_to_string(conn->type), conn->state,
conn->marked_for_close_file,
conn->marked_for_close);
}
@@ -646,7 +646,7 @@ directory_all_unreachable(time_t now)
log_notice(LD_NET,
"Is your network connection down? "
"Failing connection to '%s:%d'.",
- safe_str(edge_conn->socks_request->address),
+ safe_str_client(edge_conn->socks_request->address),
edge_conn->socks_request->port);
connection_mark_unattached_ap(edge_conn,
END_STREAM_REASON_NET_UNREACHABLE);
@@ -824,7 +824,6 @@ run_scheduled_events(time_t now)
static time_t time_to_try_getting_descriptors = 0;
static time_t time_to_reset_descriptor_failures = 0;
static time_t time_to_add_entropy = 0;
- static time_t time_to_write_hs_statistics = 0;
static time_t time_to_write_bridge_status_file = 0;
static time_t time_to_downrate_stability = 0;
static time_t time_to_save_stability = 0;
@@ -832,6 +831,8 @@ run_scheduled_events(time_t now)
static time_t time_to_recheck_bandwidth = 0;
static time_t time_to_check_for_expired_networkstatus = 0;
static time_t time_to_write_stats_files = 0;
+ static time_t time_to_write_bridge_stats = 0;
+ static int should_init_bridge_stats = 1;
static time_t time_to_retry_dns_init = 0;
or_options_t *options = get_options();
int i;
@@ -966,7 +967,8 @@ run_scheduled_events(time_t now)
if (options->CellStatistics || options->DirReqStatistics ||
options->EntryStatistics || options->ExitPortStatistics) {
if (!time_to_write_stats_files) {
- /* Initialize stats. */
+ /* Initialize stats. We're doing this here and not in options_act,
+ * so that we know exactly when the 24 hours interval ends. */
if (options->CellStatistics)
rep_hist_buffer_stats_init(now);
if (options->DirReqStatistics)
@@ -998,6 +1000,28 @@ run_scheduled_events(time_t now)
}
}
+ /* 1h. Check whether we should write bridge statistics to disk.
+ */
+ if (should_record_bridge_info(options)) {
+ if (time_to_write_bridge_stats < now) {
+ if (should_init_bridge_stats) {
+ /* (Re-)initialize bridge statistics. */
+ geoip_bridge_stats_init(now);
+ time_to_write_bridge_stats = now + WRITE_STATS_INTERVAL;
+ should_init_bridge_stats = 0;
+ } else {
+ /* Possibly write bridge statistics to disk and ask when to write
+ * them next time. */
+ time_to_write_bridge_stats = geoip_bridge_stats_write(
+ time_to_write_bridge_stats);
+ }
+ }
+ } else if (!should_init_bridge_stats) {
+ /* Bridge mode was turned off. Ensure that stats are re-initialized
+ * next time bridge mode is turned on. */
+ should_init_bridge_stats = 1;
+ }
+
/* Remove old information from rephist and the rend cache. */
if (time_to_clean_caches < now) {
rep_history_clean(now - options->RephistTrackTime);
@@ -1165,12 +1189,6 @@ run_scheduled_events(time_t now)
}
}
- /** 10. write hidden service usage statistic to disk */
- if (options->HSAuthorityRecordStats && time_to_write_hs_statistics < now) {
- hs_usage_write_statistics_to_file(now);
-#define WRITE_HSUSAGE_INTERVAL (30*60)
- time_to_write_hs_statistics = now+WRITE_HSUSAGE_INTERVAL;
- }
/** 10b. write bridge networkstatus file to disk */
if (options->BridgeAuthoritativeDir &&
time_to_write_bridge_status_file < now) {
@@ -1278,14 +1296,6 @@ second_elapsed_callback(int fd, short event, void *args)
current_second = now; /* remember which second it is, for next time */
-#if 0
- if (current_second % 300 == 0) {
- rep_history_clean(current_second - options->RephistTrackTime);
- dumpmemusage(get_min_log_level()<LOG_INFO ?
- get_min_log_level() : LOG_INFO);
- }
-#endif
-
if (event_add(timeout_event, &one_second))
log_err(LD_NET,
"Error from libevent when setting one-second timeout event");
@@ -1678,7 +1688,8 @@ dumpstats(int severity)
if (!connection_is_listener(conn)) {
log(severity,LD_GENERAL,
"Conn %d is to %s:%d.", i,
- safe_str(conn->address), conn->port);
+ safe_str_client(conn->address),
+ conn->port);
log(severity,LD_GENERAL,
"Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",
i,
@@ -1978,7 +1989,6 @@ tor_free_all(int postfork)
rend_cache_free_all();
rend_service_authorization_free_all();
rep_hist_free_all();
- hs_usage_free_all();
dns_free_all();
clear_pending_onions();
circuit_free_all();
@@ -1997,12 +2007,10 @@ tor_free_all(int postfork)
tor_tls_free_all();
}
/* stuff in main.c */
- if (connection_array)
- smartlist_free(connection_array);
- if (closeable_connection_lst)
- smartlist_free(closeable_connection_lst);
- if (active_linked_connection_lst)
- smartlist_free(active_linked_connection_lst);
+
+ smartlist_free(connection_array);
+ smartlist_free(closeable_connection_lst);
+ smartlist_free(active_linked_connection_lst);
tor_free(timeout_event);
if (!postfork) {
release_lockfile();
diff --git a/src/or/microdesc.c b/src/or/microdesc.c
index 7a6570508859726fc4e1bc4d80c90ccb9d260d65..c1f447c5df0604b0339f0f26529eb9ff32ad341d 100644
--- a/src/or/microdesc.c
+++ b/src/or/microdesc.c
@@ -337,6 +337,8 @@ microdesc_cache_rebuild(microdesc_cache_t *cache)
void
microdesc_free(microdesc_t *md)
{
+ if (!md)
+ return;
/* Must be removed from hash table! */
if (md->onion_pkey)
crypto_free_pk_env(md->onion_pkey);
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index e9e86630620c7c7912abb833751a5795c6c6ad1c..507875ab2a893f21859fa9600512efe4cdbdf1fc 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -266,6 +266,8 @@ static void
vote_routerstatus_free(vote_routerstatus_t *rs)
{
vote_microdesc_hash_t *h, *next;
+ if (!rs)
+ return;
tor_free(rs->version);
tor_free(rs->status.exitsummary);
for (h = rs->microdesc; h; h = next) {
@@ -280,6 +282,8 @@ vote_routerstatus_free(vote_routerstatus_t *rs)
void
routerstatus_free(routerstatus_t *rs)
{
+ if (!rs)
+ return;
tor_free(rs->exitsummary);
tor_free(rs);
}
@@ -288,6 +292,8 @@ routerstatus_free(routerstatus_t *rs)
void
networkstatus_v2_free(networkstatus_v2_t *ns)
{
+ if (!ns)
+ return;
tor_free(ns->source_address);
tor_free(ns->contact);
if (ns->signing_key)
@@ -355,8 +361,7 @@ networkstatus_vote_free(networkstatus_t *ns)
} SMARTLIST_FOREACH_END(voter);
smartlist_free(ns->voters);
}
- if (ns->cert)
- authority_cert_free(ns->cert);
+ authority_cert_free(ns->cert);
if (ns->routerstatus_list) {
if (ns->type == NS_TYPE_VOTE || ns->type == NS_TYPE_OPINION) {
@@ -369,8 +374,8 @@ networkstatus_vote_free(networkstatus_t *ns)
smartlist_free(ns->routerstatus_list);
}
- if (ns->desc_digest_map)
- digestmap_free(ns->desc_digest_map, NULL);
+
+ digestmap_free(ns->desc_digest_map, NULL);
memset(ns, 11, sizeof(*ns));
tor_free(ns);
@@ -1511,7 +1516,7 @@ networkstatus_set_current_consensus(const char *consensus,
goto done;
}
- if (c->flavor != flav) {
+ if ((int)c->flavor != flav) {
/* This wasn't the flavor we thought we were getting. */
if (require_flavor) {
log_warn(LD_DIR, "Got consensus with unexpected flavor %s (wanted %s)",
@@ -1586,8 +1591,7 @@ networkstatus_set_current_consensus(const char *consensus,
if (!current_valid_after ||
c->valid_after > current_valid_after) {
waiting = &consensus_waiting_for_certs[flav];
- if (waiting->consensus)
- networkstatus_vote_free(waiting->consensus);
+ networkstatus_vote_free(waiting->consensus);
tor_free(waiting->body);
waiting->consensus = c;
c = NULL; /* Prevent free. */
@@ -1675,6 +1679,7 @@ networkstatus_set_current_consensus(const char *consensus,
update_consensus_networkstatus_fetch_time(now);
dirvote_recalculate_timing(get_options(), now);
routerstatus_list_update_named_server_map();
+ cell_ewma_set_scale_factor(get_options(), current_consensus);
}
if (!from_cache) {
@@ -1699,8 +1704,7 @@ networkstatus_set_current_consensus(const char *consensus,
result = 0;
done:
- if (c)
- networkstatus_vote_free(c);
+ networkstatus_vote_free(c);
tor_free(consensus_fname);
tor_free(unverified_fname);
return result;
@@ -1832,11 +1836,9 @@ routerstatus_list_update_named_server_map(void)
if (!current_consensus)
return;
- if (named_server_map)
- strmap_free(named_server_map, _tor_free);
+ strmap_free(named_server_map, _tor_free);
named_server_map = strmap_new();
- if (unnamed_server_map)
- strmap_free(unnamed_server_map, NULL);
+ strmap_free(unnamed_server_map, NULL);
unnamed_server_map = strmap_new();
SMARTLIST_FOREACH(current_consensus->routerstatus_list, routerstatus_t *, rs,
{
@@ -2083,7 +2085,7 @@ networkstatus_get_flavor_name(consensus_flavor_t flav)
}
/** Return the consensus_flavor_t value for the flavor called <b>flavname</b>,
- * or -1 if the flavor is not recongized. */
+ * or -1 if the flavor is not recognized. */
int
networkstatus_parse_flavor_name(const char *flavname)
{
@@ -2153,14 +2155,12 @@ networkstatus_free_all(void)
smartlist_free(networkstatus_v2_list);
networkstatus_v2_list = NULL;
}
- if (v2_download_status_map) {
- digestmap_free(v2_download_status_map, _tor_free);
- v2_download_status_map = NULL;
- }
- if (current_consensus) {
- networkstatus_vote_free(current_consensus);
- current_consensus = NULL;
- }
+
+ digestmap_free(v2_download_status_map, _tor_free);
+ v2_download_status_map = NULL;
+ networkstatus_vote_free(current_consensus);
+ current_consensus = NULL;
+
for (i=0; i < N_CONSENSUS_FLAVORS; ++i) {
consensus_waiting_for_certs_t *waiting = &consensus_waiting_for_certs[i];
if (waiting->consensus) {
@@ -2169,11 +2169,8 @@ networkstatus_free_all(void)
}
tor_free(waiting->body);
}
- if (named_server_map) {
- strmap_free(named_server_map, _tor_free);
- }
- if (unnamed_server_map) {
- strmap_free(unnamed_server_map, NULL);
- }
+
+ strmap_free(named_server_map, _tor_free);
+ strmap_free(unnamed_server_map, NULL);
}
diff --git a/src/or/or.h b/src/or/or.h
index 767ad95720afb7d92dd909922d304d1de4eb8c67..091d819f792704ac76c6015c93425d7364a274f0 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -928,7 +928,7 @@ typedef struct connection_t {
* again once the bandwidth throttler allows it? */
unsigned int write_blocked_on_bw:1; /**< Boolean: should we start writing
* again once the bandwidth throttler allows
- * reads? */
+ * writes? */
unsigned int hold_open_until_flushed:1; /**< Despite this connection's being
* marked for close, do we flush it
* before closing it? */
@@ -1062,12 +1062,13 @@ typedef struct or_connection_t {
time_t timestamp_last_added_nonpadding; /** When did we last add a
* non-padding cell to the outbuf? */
- /* bandwidth* and read_bucket only used by ORs in OPEN state: */
+ /* bandwidth* and *_bucket only used by ORs in OPEN state: */
int bandwidthrate; /**< Bytes/s added to the bucket. (OPEN ORs only.) */
int bandwidthburst; /**< Max bucket size for this conn. (OPEN ORs only.) */
int read_bucket; /**< When this hits 0, stop receiving. Every second we
* add 'bandwidthrate' to this, capping it at
* bandwidthburst. (OPEN ORs only) */
+ int write_bucket; /**< When this hits 0, stop writing. Like read_bucket. */
int n_circuits; /**< How many circuits use this connection as p_conn or
* n_conn ? */
@@ -1075,6 +1076,17 @@ typedef struct or_connection_t {
* free up on this connection's outbuf. Every time we pull cells from a
* circuit, we advance this pointer to the next circuit in the ring. */
struct circuit_t *active_circuits;
+ /** Priority queue of cell_ewma_t for circuits with queued cells waiting for
+ * room to free up on this connection's outbuf. Kept in heap order
+ * according to EWMA.
+ *
+ * This is redundant with active_circuits; if we ever decide only to use the
+ * cell_ewma algorithm for choosing circuits, we can remove active_circuits.
+ */
+ smartlist_t *active_circuit_pqueue;
+ /** The tick on which the cell_ewma_ts in active_circuit_pqueue last had
+ * their ewma values rescaled. */
+ unsigned active_circuit_pqueue_last_recalibrated;
struct or_connection_t *next_with_same_id; /**< Next connection with same
* identity digest as this one. */
} or_connection_t;
@@ -1992,6 +2004,29 @@ typedef struct {
time_t expiry_time;
} cpath_build_state_t;
+/**
+ * The cell_ewma_t structure keeps track of how many cells a circuit has
+ * transferred recently. It keeps an EWMA (exponentially weighted moving
+ * average) of the number of cells flushed from the circuit queue onto a
+ * connection in connection_or_flush_from_first_active_circuit().
+ */
+typedef struct {
+ /** The last 'tick' at which we recalibrated cell_count.
+ *
+ * A cell sent at exactly the start of this tick has weight 1.0. Cells sent
+ * since the start of this tick have weight greater than 1.0; ones sent
+ * earlier have less weight. */
+ unsigned last_adjusted_tick;
+ /** The EWMA of the cell count. */
+ double cell_count;
+ /** True iff this is the cell count for a circuit's previous
+ * connection. */
+ unsigned int is_for_p_conn : 1;
+ /** The position of the circuit within the OR connection's priority
+ * queue. */
+ int heap_index;
+} cell_ewma_t;
+
#define ORIGIN_CIRCUIT_MAGIC 0x35315243u
#define OR_CIRCUIT_MAGIC 0x98ABC04Fu
@@ -2081,6 +2116,11 @@ typedef struct circuit_t {
/** Unique ID for measuring tunneled network status requests. */
uint64_t dirreq_id;
+
+ /** The EWMA count for the number of cells flushed from the
+ * n_conn_cells queue. Used to determine which circuit to flush from next.
+ */
+ cell_ewma_t n_cell_ewma;
} circuit_t;
/** Largest number of relay_early cells that we can send on a given
@@ -2212,6 +2252,10 @@ typedef struct or_circuit_t {
* exit-ward queues of this circuit; reset every time when writing
* buffer stats to disk. */
uint64_t total_cell_waiting_time;
+
+ /** The EWMA count for the number of cells flushed from the
+ * p_conn_cells queue. */
+ cell_ewma_t p_cell_ewma;
} or_circuit_t;
/** Convert a circuit subtype to a circuit_t.*/
@@ -2283,16 +2327,13 @@ typedef struct {
routerset_t *EntryNodes;/**< Structure containing nicknames, digests,
* country codes and IP address patterns of ORs to
* consider as entry points. */
- int StrictExitNodes; /**< Boolean: When none of our ExitNodes are up, do we
- * stop building circuits? */
- int StrictEntryNodes; /**< Boolean: When none of our EntryNodes are up, do we
- * stop building circuits? */
- int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our
- * process for all current and future memory. */
-
+ int StrictNodes; /**< Boolean: When none of our EntryNodes or ExitNodes
+ * are up, or we need to access a node in ExcludeNodes,
+ * do we just fail instead? */
routerset_t *ExcludeNodes;/**< Structure containing nicknames, digests,
* country codes and IP address patterns of ORs
- * not to use in circuits. */
+ * not to use in circuits. But see StrictNodes
+ * above. */
routerset_t *ExcludeExitNodes;/**< Structure containing nicknames, digests,
* country codes and IP address patterns of
* ORs not to consider as exits. */
@@ -2300,6 +2341,9 @@ typedef struct {
/** Union of ExcludeNodes and ExcludeExitNodes */
struct routerset_t *_ExcludeExitNodesUnion;
+ int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our
+ * process for all current and future memory. */
+
/** List of "entry", "middle", "exit", "introduction", "rendezvous". */
smartlist_t *AllowInvalidNodes;
/** Bitmask; derived from AllowInvalidNodes. */
@@ -2354,8 +2398,6 @@ typedef struct {
* for version 3 directories? */
int HSAuthoritativeDir; /**< Boolean: does this an authoritative directory
* handle hidden service requests? */
- int HSAuthorityRecordStats; /**< Boolean: does this HS authoritative
- * directory record statistics? */
int NamingAuthoritativeDir; /**< Boolean: is this an authoritative directory
* that's willing to bind names? */
int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative
@@ -2445,10 +2487,15 @@ typedef struct {
* connections alive? */
int SocksTimeout; /**< How long do we let a socks connection wait
* unattached before we fail it? */
- int CircuitBuildTimeout; /**< Cull non-open circuits that were born
- * at least this many seconds ago. */
+ int CircuitBuildTimeout; /**< If non-zero, cull non-open circuits that
+ * were born at least this many seconds ago. If
+ * zero, use the internal adaptive algorithm. */
int CircuitIdleTimeout; /**< Cull open clean circuits that were born
* at least this many seconds ago. */
+ int CircuitStreamTimeout; /**< If non-zero, detach streams from circuits
+ * and try a new circuit if the stream has been
+ * waiting for this many seconds. If zero, use
+ * our default internal timeout schedule. */
int MaxOnionsPending; /**< How many circuit CREATE requests do we allow
* to wait simultaneously before we start dropping
* them? */
@@ -2466,6 +2513,8 @@ typedef struct {
* willing to use for all relayed conns? */
uint64_t RelayBandwidthBurst; /**< How much bandwidth, at maximum, will we
* use in a second for all relayed conns? */
+ uint64_t PerConnBWRate; /**< Long-term bw on a single TLS conn, if set. */
+ uint64_t PerConnBWBurst; /**< Allowed burst on a single TLS conn, if set. */
int NumCpus; /**< How many CPUs should we try to use? */
int RunTesting; /**< If true, create testing circuits to measure how well the
* other ORs are running. */
@@ -2556,8 +2605,13 @@ typedef struct {
* or not (1)? */
int ShutdownWaitLength; /**< When we get a SIGINT and we're a server, how
* long do we wait before exiting? */
- int SafeLogging; /**< Boolean: are we allowed to log sensitive strings
- * such as addresses (0), or do we scrub them first (1)? */
+ char *SafeLogging; /**< Contains "relay", "1", "0" (meaning no scrubbing). */
+
+ /* Derived from SafeLogging */
+ enum {
+ SAFELOG_SCRUB_ALL, SAFELOG_SCRUB_RELAY, SAFELOG_SCRUB_NONE
+ } _SafeLogging;
+
int SafeSocks; /**< Boolean: should we outright refuse application
* connections that use socks4 or socks5-with-local-dns? */
#define LOG_PROTOCOL_WARN (get_options()->ProtocolWarnings ? \
@@ -2715,19 +2769,6 @@ typedef struct {
* the bridge authority guess which countries have blocked access to us. */
int BridgeRecordUsageByCountry;
-#if 0
- /** If true, and Tor is built with DIRREQ_STATS support, and we're a
- * directory, record how many directory requests we get from each country. */
- int DirRecordUsageByCountry;
- /** Round all GeoIP results to the next multiple of this value, to avoid
- * leaking information. */
- int DirRecordUsageGranularity;
- /** Time interval: purge geoip stats after this long. */
- int DirRecordUsageRetainIPs;
- /** Time interval: Flush geoip data to disk this often. */
- int DirRecordUsageSaveInterval;
-#endif
-
/** Optionally, a file with GeoIP data. */
char *GeoIPFile;
@@ -2735,6 +2776,21 @@ typedef struct {
* to make this false. */
int ReloadTorrcOnSIGHUP;
+ /* The main parameter for picking circuits within a connection.
+ *
+ * If this value is positive, when picking a cell to relay on a connection,
+ * we always relay from the circuit whose weighted cell count is lowest.
+ * Cells are weighted exponentially such that if one cell is sent
+ * 'CircuitPriorityHalflife' seconds before another, it counts for half as
+ * much.
+ *
+ * If this value is zero, we're disabling the cell-EWMA algorithm.
+ *
+ * If this value is negative, we're using the default approach
+ * according to either Tor or a parameter set in the consensus.
+ */
+ double CircuitPriorityHalflife;
+
} or_options_t;
/** Persistent state for an onion router, as saved to disk. */
@@ -2923,7 +2979,7 @@ void entry_guards_compute_status(void);
int entry_guard_register_connect_status(const char *digest, int succeeded,
int mark_relay_status, time_t now);
void entry_nodes_should_be_added(void);
-int entry_list_can_grow(or_options_t *options);
+int entry_list_is_constrained(or_options_t *options);
routerinfo_t *choose_random_entry(cpath_build_state_t *state);
int entry_guards_parse_state(or_state_t *state, int set, char **msg);
void entry_guards_update_state(or_state_t *state);
@@ -2997,7 +3053,7 @@ typedef uint32_t build_time_t;
* at which point we switch back to computing the timeout from
* our saved history.
*/
-#define NETWORK_NONLIVE_TIMEOUT_COUNT (lround(RECENT_CIRCUITS*0.15))
+#define NETWORK_NONLIVE_TIMEOUT_COUNT (RECENT_CIRCUITS*3/20)
/**
* This tells us when to toss out the last streak of N timeouts.
@@ -3005,7 +3061,7 @@ typedef uint32_t build_time_t;
* If instead we start getting cells, we switch back to computing the timeout
* from our saved history.
*/
-#define NETWORK_NONLIVE_DISCARD_COUNT (lround(NETWORK_NONLIVE_TIMEOUT_COUNT*2))
+#define NETWORK_NONLIVE_DISCARD_COUNT (NETWORK_NONLIVE_TIMEOUT_COUNT*2)
/**
* Maximum count of timeouts that finish the first hop in the past
@@ -3014,7 +3070,12 @@ typedef uint32_t build_time_t;
* This tells us to abandon timeout history and set
* the timeout back to BUILD_TIMEOUT_INITIAL_VALUE.
*/
-#define MAX_RECENT_TIMEOUT_COUNT (lround(RECENT_CIRCUITS*0.8))
+#define MAX_RECENT_TIMEOUT_COUNT (RECENT_CIRCUITS*4/5)
+
+#if MAX_RECENT_TIMEOUT_COUNT < 1 || NETWORK_NONLIVE_DISCARD_COUNT < 1 || \
+ NETWORK_NONLIVE_TIMEOUT_COUNT < 1
+#error "RECENT_CIRCUITS is set too low."
+#endif
/** Information about the state of our local network connection */
typedef struct {
@@ -3202,7 +3263,9 @@ const char *get_dirportfrontpage(void);
or_options_t *get_options(void);
int set_options(or_options_t *new_val, char **msg);
void config_free_all(void);
+const char *safe_str_client(const char *address);
const char *safe_str(const char *address);
+const char *escaped_safe_str_client(const char *address);
const char *escaped_safe_str(const char *address);
const char *get_version(void);
@@ -3214,6 +3277,7 @@ int resolve_my_address(int warn_severity, or_options_t *options,
uint32_t *addr, char **hostname_out);
int is_local_addr(const tor_addr_t *addr) ATTR_PURE;
void options_init(or_options_t *options);
+char *options_dump(or_options_t *options, int minimal);
int options_init_from_torrc(int argc, char **argv);
setopt_err_t options_init_from_string(const char *cf,
int command, const char *command_arg, char **msg);
@@ -3378,7 +3442,8 @@ int connection_exit_begin_conn(cell_t *cell, circuit_t *circ);
int connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ);
void connection_exit_connect(edge_connection_t *conn);
int connection_edge_is_rendezvous_stream(edge_connection_t *conn);
-int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit);
+int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit,
+ int excluded_means_no);
void connection_ap_expire_beginning(void);
void connection_ap_attach_pending(void);
void connection_ap_fail_onehop(const char *failed_digest,
@@ -3612,8 +3677,7 @@ typedef enum {
void control_event_bootstrap(bootstrap_status_t status, int progress);
void control_event_bootstrap_problem(const char *warn, int reason);
-void control_event_clients_seen(const char *timestarted,
- const char *countries);
+void control_event_clients_seen(const char *controller_str);
#ifdef CONTROL_PRIVATE
/* Used only by control.c and test.c */
@@ -4071,6 +4135,10 @@ void geoip_dirreq_stats_init(time_t now);
void geoip_dirreq_stats_write(time_t now);
void geoip_entry_stats_init(time_t now);
void geoip_entry_stats_write(time_t now);
+void geoip_bridge_stats_init(time_t now);
+time_t geoip_bridge_stats_write(time_t now);
+char *geoip_get_bridge_stats_extrainfo(time_t);
+char *geoip_get_bridge_stats_controller(time_t);
/********************************* hibernate.c **********************/
@@ -4434,6 +4502,9 @@ int append_address_to_payload(char *payload_out, const tor_addr_t *addr);
const char *decode_address_from_payload(tor_addr_t *addr_out,
const char *payload,
int payload_len);
+unsigned cell_ewma_get_tick(void);
+void cell_ewma_set_scale_factor(or_options_t *options,
+ networkstatus_t *consensus);
/********************************* rephist.c ***************************/
@@ -4731,7 +4802,6 @@ int router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
crypto_pk_env_t *ident_key);
int extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
crypto_pk_env_t *ident_key);
-char *extrainfo_get_client_geoip_summary(time_t);
int is_legal_nickname(const char *s);
int is_legal_nickname_or_hexdigest(const char *s);
int is_legal_hexdigest(const char *s);
@@ -4870,13 +4940,10 @@ typedef enum {
CRN_NEED_GUARD = 1<<2,
CRN_ALLOW_INVALID = 1<<3,
/* XXXX not used, apparently. */
- CRN_STRICT_PREFERRED = 1<<4,
- /* XXXX not used, apparently. */
CRN_WEIGHT_AS_EXIT = 1<<5
} router_crn_flags_t;
-routerinfo_t *router_choose_random_node(const char *preferred,
- smartlist_t *excludedsmartlist,
+routerinfo_t *router_choose_random_node(smartlist_t *excludedsmartlist,
struct routerset_t *excludedset,
router_crn_flags_t flags);
@@ -5117,5 +5184,7 @@ int rend_parse_introduction_points(rend_service_descriptor_t *parsed,
size_t intro_points_encoded_size);
int rend_parse_client_keys(strmap_t *parsed_clients, const char *str);
+void tor_gettimeofday_cache_clear(void);
+
#endif
diff --git a/src/or/policies.c b/src/or/policies.c
index 023cd472f2b280b9b78274224e0a0112822a1919..453138eb464b724271e89cceef274aee5eede699 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -376,12 +376,6 @@ validate_addr_policies(or_options_t *options, char **msg)
if (parse_addr_policy(options->ReachableDirAddresses, &addr_policy,
ADDR_POLICY_ACCEPT))
REJECT("Error in ReachableDirAddresses entry.");
- if (parse_addr_policy(options->AuthDirReject, &addr_policy,
- ADDR_POLICY_REJECT))
- REJECT("Error in AuthDirReject entry.");
- if (parse_addr_policy(options->AuthDirInvalid, &addr_policy,
- ADDR_POLICY_REJECT))
- REJECT("Error in AuthDirInvalid entry.");
err:
addr_policy_list_free(addr_policy);
@@ -1276,7 +1270,8 @@ getinfo_helper_policies(control_connection_t *conn,
void
addr_policy_list_free(smartlist_t *lst)
{
- if (!lst) return;
+ if (!lst)
+ return;
SMARTLIST_FOREACH(lst, addr_policy_t *, policy, addr_policy_free(policy));
smartlist_free(lst);
}
@@ -1285,19 +1280,20 @@ addr_policy_list_free(smartlist_t *lst)
void
addr_policy_free(addr_policy_t *p)
{
- if (p) {
- if (--p->refcnt <= 0) {
- if (p->is_canonical) {
- policy_map_ent_t search, *found;
- search.policy = p;
- found = HT_REMOVE(policy_map, &policy_root, &search);
- if (found) {
- tor_assert(p == found->policy);
- tor_free(found);
- }
+ if (!p)
+ return;
+
+ if (--p->refcnt <= 0) {
+ if (p->is_canonical) {
+ policy_map_ent_t search, *found;
+ search.policy = p;
+ found = HT_REMOVE(policy_map, &policy_root, &search);
+ if (found) {
+ tor_assert(p == found->policy);
+ tor_free(found);
}
- tor_free(p);
}
+ tor_free(p);
}
}
diff --git a/src/or/relay.c b/src/or/relay.c
index 2151ddeb9b6e3bb72e9d1000bd6944ce5978946e..ae1b062cf67b6bbae446ab15eaeb0f597c00688e 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -10,6 +10,7 @@
* receiving from circuits, plus queuing on circuits.
**/
+#include <math.h>
#include "or.h"
#include "mempool.h"
@@ -35,6 +36,26 @@ circuit_resume_edge_reading_helper(edge_connection_t *conn,
static int
circuit_consider_stop_edge_reading(circuit_t *circ, crypt_path_t *layer_hint);
+/** Cache the current hi-res time; the cache gets reset when libevent
+ * calls us. */
+
+static struct timeval cached_time_hires = {0, 0};
+
+static void
+tor_gettimeofday_cached(struct timeval *tv)
+{
+ if (cached_time_hires.tv_sec == 0) {
+ tor_gettimeofday(&cached_time_hires);
+ }
+ *tv = cached_time_hires;
+}
+
+void
+tor_gettimeofday_cache_clear(void)
+{
+ cached_time_hires.tv_sec = 0;
+}
+
/** Stats: how many relay cells have originated at this hop, or have
* been relayed onward (not recognized at this hop)?
*/
@@ -1563,7 +1584,7 @@ clean_cell_pool(void)
/** Release storage held by <b>cell</b>. */
static INLINE void
-packed_cell_free(packed_cell_t *cell)
+packed_cell_free_unchecked(packed_cell_t *cell)
{
--total_cells_allocated;
mp_pool_release(cell);
@@ -1633,7 +1654,7 @@ cell_queue_append_packed_copy(cell_queue_t *queue, const cell_t *cell)
insertion_time_queue_t *it_queue = queue->insertion_times;
if (!it_pool)
it_pool = mp_pool_new(sizeof(insertion_time_elem_t), 1024);
- tor_gettimeofday(&now);
+ tor_gettimeofday_cached(&now);
#define SECONDS_IN_A_DAY 86400L
added = (uint32_t)(((now.tv_sec % SECONDS_IN_A_DAY) * 100L)
+ ((uint32_t)now.tv_usec / (uint32_t)10000L));
@@ -1667,7 +1688,7 @@ cell_queue_clear(cell_queue_t *queue)
cell = queue->head;
while (cell) {
next = cell->next;
- packed_cell_free(cell);
+ packed_cell_free_unchecked(cell);
cell = next;
}
queue->head = queue->tail = NULL;
@@ -1731,6 +1752,224 @@ prev_circ_on_conn_p(circuit_t *circ, or_connection_t *conn)
}
}
+/** Helper for sorting cell_ewma_t values in their priority queue. */
+static int
+compare_cell_ewma_counts(const void *p1, const void *p2)
+{
+ const cell_ewma_t *e1=p1, *e2=p2;
+ if (e1->cell_count < e2->cell_count)
+ return -1;
+ else if (e1->cell_count > e2->cell_count)
+ return 1;
+ else
+ return 0;
+}
+
+/** Given a cell_ewma_t, return a pointer to the circuit containing it. */
+static circuit_t *
+cell_ewma_to_circuit(cell_ewma_t *ewma)
+{
+ if (ewma->is_for_p_conn) {
+ /* This is an or_circuit_t's p_cell_ewma. */
+ or_circuit_t *orcirc = SUBTYPE_P(ewma, or_circuit_t, p_cell_ewma);
+ return TO_CIRCUIT(orcirc);
+ } else {
+ /* This is some circuit's n_cell_ewma. */
+ return SUBTYPE_P(ewma, circuit_t, n_cell_ewma);
+ }
+}
+
+/* ==== Functions for scaling cell_ewma_t ====
+
+ When choosing which cells to relay first, we favor circuits that have been
+ quiet recently. This gives better latency on connections that aren't
+ pushing lots of data, and makes the network feel more interactive.
+
+ Conceptually, we take an exponentially weighted mean average of the number
+ of cells a circuit has sent, and allow active circuits (those with cells to
+ relay) to send cells in reverse order of their exponentially-weighted mean
+ average (EWMA) cell count. [That is, a cell sent N seconds ago 'counts'
+ F^N times as much as a cell sent now, for 0<F<1.0, and we favor the
+ circuit that has sent the fewest cells]
+
+ If 'double' had infinite precision, we could do this simply by counting a
+ cell sent at startup as having weight 1.0, and a cell sent N seconds later
+ as having weight F^-N. This way, we would never need to re-scale
+ any already-sent cells.
+
+ To prevent double from overflowing, we could count a cell sent now as
+ having weight 1.0 and a cell sent N seconds ago as having weight F^N.
+ This, however, would mean we'd need to re-scale *ALL* old circuits every
+ time we wanted to send a cell.
+
+ So as a compromise, we divide time into 'ticks' (currently, 10-second
+ increments) and say that a cell sent at the start of a current tick is
+ worth 1.0, a cell sent N seconds before the start of the current tick is
+ worth F^N, and a cell sent N seconds after the start of the current tick is
+ worth F^-N. This way we don't overflow, and we don't need to constantly
+ rescale.
+ */
+
+/** How long does a tick last (seconds)? */
+#define EWMA_TICK_LEN 10
+
+/** The default per-tick scale factor, if it hasn't been overridden by a
+ * consensus or a configuration setting. zero means "disabled". */
+#define EWMA_DEFAULT_HALFLIFE 0.0
+
+/** Given a timeval <b>now</b>, compute the cell_ewma tick in which it occurs
+ * and the fraction of the tick that has elapsed between the start of the tick
+ * and <b>now</b>. Return the former and store the latter in
+ * *<b>remainder_out</b>.
+ *
+ * These tick values are not meant to be shared between Tor instances, or used
+ * for other purposes. */
+static unsigned
+cell_ewma_tick_from_timeval(const struct timeval *now,
+ double *remainder_out)
+{
+ unsigned res = (unsigned) (now->tv_sec / EWMA_TICK_LEN);
+ /* rem */
+ double rem = (now->tv_sec % EWMA_TICK_LEN) +
+ ((double)(now->tv_usec)) / 1.0e6;
+ *remainder_out = rem / EWMA_TICK_LEN;
+ return res;
+}
+
+/** Compute and return the current cell_ewma tick. */
+unsigned
+cell_ewma_get_tick(void)
+{
+ return ((unsigned)approx_time() / EWMA_TICK_LEN);
+}
+
+/** The per-tick scale factor to be used when computing cell-count EWMA
+ * values. (A cell sent N ticks before the start of the current tick
+ * has value ewma_scale_factor ** N.)
+ */
+static double ewma_scale_factor = 0.1;
+static int ewma_enabled = 0;
+
+#define EPSILON 0.00001
+#define LOG_ONEHALF -0.69314718055994529
+
+/** Adjust the global cell scale factor based on <b>options</b> */
+void
+cell_ewma_set_scale_factor(or_options_t *options, networkstatus_t *consensus)
+{
+ int32_t halflife_ms;
+ double halflife;
+ const char *source;
+ if (options && options->CircuitPriorityHalflife >= -EPSILON) {
+ halflife = options->CircuitPriorityHalflife;
+ source = "CircuitPriorityHalflife in configuration";
+ } else if (consensus &&
+ (halflife_ms = networkstatus_get_param(
+ consensus, "CircPriorityHalflifeMsec", -1) >= 0)) {
+ halflife = ((double)halflife_ms)/1000.0;
+ source = "CircPriorityHalflifeMsec in consensus";
+ } else {
+ halflife = EWMA_DEFAULT_HALFLIFE;
+ source = "Default value";
+ }
+
+ if (halflife <= EPSILON) {
+ /* The cell EWMA algorithm is disabled. */
+ ewma_scale_factor = 0.1;
+ ewma_enabled = 0;
+ log_info(LD_OR,
+ "Disabled cell_ewma algorithm because of value in %s",
+ source);
+ } else {
+ /* convert halflife into halflife-per-tick. */
+ halflife /= EWMA_TICK_LEN;
+ /* compute per-tick scale factor. */
+ ewma_scale_factor = exp( LOG_ONEHALF / halflife );
+ ewma_enabled = 1;
+ log_info(LD_OR,
+ "Enabled cell_ewma algorithm because of value in %s; "
+ "scale factor is %lf per %d seconds",
+ source, ewma_scale_factor, EWMA_TICK_LEN);
+ }
+}
+
+/** Return the multiplier necessary to convert the value of a cell sent in
+ * 'from_tick' to one sent in 'to_tick'. */
+static INLINE double
+get_scale_factor(unsigned from_tick, unsigned to_tick)
+{
+ /* This math can wrap around, but that's okay: unsigned overflow is
+ well-defined */
+ int diff = (int)(to_tick - from_tick);
+ return pow(ewma_scale_factor, diff);
+}
+
+/** Adjust the cell count of <b>ewma</b> so that it is scaled with respect to
+ * <b>cur_tick</b> */
+static void
+scale_single_cell_ewma(cell_ewma_t *ewma, unsigned cur_tick)
+{
+ double factor = get_scale_factor(ewma->last_adjusted_tick, cur_tick);
+ ewma->cell_count *= factor;
+ ewma->last_adjusted_tick = cur_tick;
+}
+
+/** Adjust the cell count of every active circuit on <b>conn</b> so
+ * that they are scaled with respect to <b>cur_tick</b> */
+static void
+scale_active_circuits(or_connection_t *conn, unsigned cur_tick)
+{
+
+ double factor = get_scale_factor(
+ conn->active_circuit_pqueue_last_recalibrated,
+ cur_tick);
+ /** Ordinarily it isn't okay to change the value of an element in a heap,
+ * but it's okay here, since we are preserving the order. */
+ SMARTLIST_FOREACH(conn->active_circuit_pqueue, cell_ewma_t *, e, {
+ tor_assert(e->last_adjusted_tick ==
+ conn->active_circuit_pqueue_last_recalibrated);
+ e->cell_count *= factor;
+ e->last_adjusted_tick = cur_tick;
+ });
+ conn->active_circuit_pqueue_last_recalibrated = cur_tick;
+}
+
+/** Rescale <b>ewma</b> to the same scale as <b>conn</b>, and add it to
+ * <b>conn</b>'s priority queue of active circuits */
+static void
+add_cell_ewma_to_conn(or_connection_t *conn, cell_ewma_t *ewma)
+{
+ tor_assert(ewma->heap_index == -1);
+ scale_single_cell_ewma(ewma,
+ conn->active_circuit_pqueue_last_recalibrated);
+
+ smartlist_pqueue_add(conn->active_circuit_pqueue,
+ compare_cell_ewma_counts,
+ STRUCT_OFFSET(cell_ewma_t, heap_index),
+ ewma);
+}
+
+/** Remove <b>ewma</b> from <b>conn</b>'s priority queue of active circuits */
+static void
+remove_cell_ewma_from_conn(or_connection_t *conn, cell_ewma_t *ewma)
+{
+ tor_assert(ewma->heap_index != -1);
+ smartlist_pqueue_remove(conn->active_circuit_pqueue,
+ compare_cell_ewma_counts,
+ STRUCT_OFFSET(cell_ewma_t, heap_index),
+ ewma);
+}
+
+/** Remove and return the first cell_ewma_t from conn's priority queue of
+ * active circuits. Requires that the priority queue is nonempty. */
+static cell_ewma_t *
+pop_first_cell_ewma_from_conn(or_connection_t *conn)
+{
+ return smartlist_pqueue_pop(conn->active_circuit_pqueue,
+ compare_cell_ewma_counts,
+ STRUCT_OFFSET(cell_ewma_t, heap_index));
+}
+
/** Add <b>circ</b> to the list of circuits with pending cells on
* <b>conn</b>. No effect if <b>circ</b> is already linked. */
void
@@ -1744,6 +1983,8 @@ make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn)
return;
}
+ assert_active_circuits_ok_paranoid(conn);
+
if (! conn->active_circuits) {
conn->active_circuits = circ;
*prevp = *nextp = circ;
@@ -1755,6 +1996,15 @@ make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn)
*prev_circ_on_conn_p(head, conn) = circ;
*prevp = old_tail;
}
+
+ if (circ->n_conn == conn) {
+ add_cell_ewma_to_conn(conn, &circ->n_cell_ewma);
+ } else {
+ or_circuit_t *orcirc = TO_OR_CIRCUIT(circ);
+ tor_assert(conn == orcirc->p_conn);
+ add_cell_ewma_to_conn(conn, &orcirc->p_cell_ewma);
+ }
+
assert_active_circuits_ok_paranoid(conn);
}
@@ -1772,6 +2022,8 @@ make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn)
return;
}
+ assert_active_circuits_ok_paranoid(conn);
+
tor_assert(next && prev);
tor_assert(*prev_circ_on_conn_p(next, conn) == circ);
tor_assert(*next_circ_on_conn_p(prev, conn) == circ);
@@ -1785,6 +2037,15 @@ make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn)
conn->active_circuits = next;
}
*prevp = *nextp = NULL;
+
+ if (circ->n_conn == conn) {
+ remove_cell_ewma_from_conn(conn, &circ->n_cell_ewma);
+ } else {
+ or_circuit_t *orcirc = TO_OR_CIRCUIT(circ);
+ tor_assert(conn == orcirc->p_conn);
+ remove_cell_ewma_from_conn(conn, &orcirc->p_cell_ewma);
+ }
+
assert_active_circuits_ok_paranoid(conn);
}
@@ -1804,6 +2065,10 @@ connection_or_unlink_all_active_circs(or_connection_t *orconn)
cur = next;
} while (cur != head);
orconn->active_circuits = NULL;
+
+ SMARTLIST_FOREACH(orconn->active_circuit_pqueue, cell_ewma_t *, e,
+ e->heap_index = -1);
+ smartlist_clear(orconn->active_circuit_pqueue);
}
/** Block (if <b>block</b> is true) or unblock (if <b>block</b> is false)
@@ -1846,7 +2111,7 @@ set_streams_blocked_on_circ(circuit_t *circ, or_connection_t *orconn,
}
/** Pull as many cells as possible (but no more than <b>max</b>) from the
- * queue of the first active circuit on <b>conn</b>, and write then to
+ * queue of the first active circuit on <b>conn</b>, and write them to
* <b>conn</b>->outbuf. Return the number of cells written. Advance
* the active circuit pointer to the next active circuit in the ring. */
int
@@ -1857,9 +2122,35 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max,
cell_queue_t *queue;
circuit_t *circ;
int streams_blocked;
+
+ /* The current (hi-res) time */
+ struct timeval now_hires;
+
+ /* The EWMA cell counter for the circuit we're flushing. */
+ cell_ewma_t *cell_ewma = NULL;
+ double ewma_increment = -1;
+
circ = conn->active_circuits;
if (!circ) return 0;
assert_active_circuits_ok_paranoid(conn);
+
+ /* See if we're doing the ewma circuit selection algorithm. */
+ if (ewma_enabled) {
+ unsigned tick;
+ double fractional_tick;
+ tor_gettimeofday_cached(&now_hires);
+ tick = cell_ewma_tick_from_timeval(&now_hires, &fractional_tick);
+
+ if (tick != conn->active_circuit_pqueue_last_recalibrated) {
+ scale_active_circuits(conn, tick);
+ }
+
+ ewma_increment = pow(ewma_scale_factor, -fractional_tick);
+
+ cell_ewma = smartlist_get(conn->active_circuit_pqueue, 0);
+ circ = cell_ewma_to_circuit(cell_ewma);
+ }
+
if (circ->n_conn == conn) {
queue = &circ->n_conn_cells;
streams_blocked = circ->streams_blocked_on_n_conn;
@@ -1879,7 +2170,7 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max,
uint32_t flushed;
uint32_t cell_waiting_time;
insertion_time_queue_t *it_queue = queue->insertion_times;
- tor_gettimeofday(&now);
+ tor_gettimeofday_cached(&now);
flushed = (uint32_t)((now.tv_sec % SECONDS_IN_A_DAY) * 100L +
(uint32_t)now.tv_usec / (uint32_t)10000L);
if (!it_queue || !it_queue->first) {
@@ -1913,8 +2204,18 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max,
connection_write_to_buf(cell->body, CELL_NETWORK_SIZE, TO_CONN(conn));
- packed_cell_free(cell);
+ packed_cell_free_unchecked(cell);
++n_flushed;
+ if (cell_ewma) {
+ cell_ewma_t *tmp;
+ cell_ewma->cell_count += ewma_increment;
+ /* We pop and re-add the cell_ewma_t here, not above, since we need to
+ * re-add it immediately to keep the priority queue consistent with
+ * the linked-list implementation */
+ tmp = pop_first_cell_ewma_from_conn(conn);
+ tor_assert(tmp == cell_ewma);
+ add_cell_ewma_to_conn(conn, cell_ewma);
+ }
if (circ != conn->active_circuits) {
/* If this happens, the current circuit just got made inactive by
* a call in connection_write_to_buf(). That's nothing to worry about:
@@ -1934,7 +2235,7 @@ connection_or_flush_from_first_active_circuit(or_connection_t *conn, int max,
if (streams_blocked && queue->n <= CELL_QUEUE_LOWWATER_SIZE)
set_streams_blocked_on_circ(circ, conn, 0); /* unblock streams */
- /* Did we just ran out of cells on this queue? */
+ /* Did we just run out of cells on this circuit's queue? */
if (queue->n == 0) {
log_debug(LD_GENERAL, "Made a circuit inactive.");
make_circuit_inactive_on_conn(circ, conn);
@@ -2057,16 +2358,31 @@ assert_active_circuits_ok(or_connection_t *orconn)
{
circuit_t *head = orconn->active_circuits;
circuit_t *cur = head;
+ int n = 0;
if (! head)
return;
do {
circuit_t *next = *next_circ_on_conn_p(cur, orconn);
circuit_t *prev = *prev_circ_on_conn_p(cur, orconn);
+ cell_ewma_t *ewma;
tor_assert(next);
tor_assert(prev);
tor_assert(*next_circ_on_conn_p(prev, orconn) == cur);
tor_assert(*prev_circ_on_conn_p(next, orconn) == cur);
+ if (orconn == cur->n_conn) {
+ ewma = &cur->n_cell_ewma;
+ tor_assert(!ewma->is_for_p_conn);
+ } else {
+ ewma = &TO_OR_CIRCUIT(cur)->p_cell_ewma;
+ tor_assert(ewma->is_for_p_conn);
+ }
+ tor_assert(ewma->heap_index != -1);
+ tor_assert(ewma == smartlist_get(orconn->active_circuit_pqueue,
+ ewma->heap_index));
+ n++;
cur = next;
} while (cur != head);
+
+ tor_assert(n == smartlist_len(orconn->active_circuit_pqueue));
}
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index b7ea40eed7c4e29b647f89f01ce190f4893398a2..cce8437472582a76dd1931a287ecf501146ea40d 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -76,7 +76,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
&entry) < 1) {
log_warn(LD_REND,
"query %s didn't have valid rend desc in cache. Failing.",
- escaped_safe_str(introcirc->rend_data->onion_address));
+ escaped_safe_str_client(introcirc->rend_data->onion_address));
goto err;
}
@@ -269,7 +269,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
extend_info = rend_client_get_random_intro(circ->rend_data);
if (!extend_info) {
log_warn(LD_REND, "No introduction points left for %s. Closing.",
- escaped_safe_str(circ->rend_data->onion_address));
+ escaped_safe_str_client(circ->rend_data->onion_address));
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
return -1;
}
@@ -277,7 +277,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
log_info(LD_REND,
"Got nack for %s from %s. Re-extending circ %d, "
"this time to %s.",
- escaped_safe_str(circ->rend_data->onion_address),
+ escaped_safe_str_client(circ->rend_data->onion_address),
circ->build_state->chosen_exit->nickname,
circ->_base.n_circ_id, extend_info->nickname);
result = circuit_extend_to_new_exit(circ, extend_info);
@@ -285,7 +285,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
log_info(LD_REND,
"Got nack for %s from %s. Building a new introduction "
"circuit, this time to %s.",
- escaped_safe_str(circ->rend_data->onion_address),
+ escaped_safe_str_client(circ->rend_data->onion_address),
circ->build_state->chosen_exit->nickname,
extend_info->nickname);
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
@@ -445,7 +445,7 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
rend_query->onion_address, desc_id_base32,
rend_query->auth_type,
(rend_query->auth_type == REND_NO_AUTH ? "[none]" :
- escaped_safe_str(descriptor_cookie_base64)),
+ escaped_safe_str_client(descriptor_cookie_base64)),
hs_dir->nickname, hs_dir->dir_port);
return 1;
}
@@ -474,7 +474,7 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query)
return;
}
log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s",
- safe_str(rend_query->onion_address));
+ safe_str_client(rend_query->onion_address));
/* Randomly iterate over the replicas until a descriptor can be fetched
* from one of the consecutive nodes, or no options are left. */
tries_left = REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
@@ -522,12 +522,12 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
r = rend_cache_lookup_entry(rend_query->onion_address, -1, &ent);
if (r<0) {
log_warn(LD_BUG, "Malformed service ID %s.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
return -1;
}
if (r==0) {
log_info(LD_REND, "Unknown service %s. Re-fetching descriptor.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
rend_client_refetch_v2_renddesc(rend_query);
return 0;
}
@@ -545,7 +545,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
if (smartlist_len(ent->parsed->intro_nodes) == 0) {
log_info(LD_REND,
"No more intro points remain for %s. Re-fetching descriptor.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
rend_client_refetch_v2_renddesc(rend_query);
/* move all pending streams back to renddesc_wait */
@@ -559,7 +559,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
}
log_info(LD_REND,"%d options left for %s.",
smartlist_len(ent->parsed->intro_nodes),
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
return 1;
}
@@ -705,7 +705,8 @@ rend_client_desc_trynow(const char *query)
}
} else { /* 404, or fetch didn't get that far */
log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
- "unavailable (try again later).", safe_str(query));
+ "unavailable (try again later).",
+ safe_str_client(query));
connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED);
}
} SMARTLIST_FOREACH_END(_conn);
@@ -726,7 +727,7 @@ rend_client_get_random_intro(const rend_data_t *rend_query)
if (rend_cache_lookup_entry(rend_query->onion_address, -1, &entry) < 1) {
log_warn(LD_REND,
"Query '%s' didn't have valid rend desc in cache. Failing.",
- safe_str(rend_query->onion_address));
+ safe_str_client(rend_query->onion_address));
return NULL;
}
@@ -876,8 +877,7 @@ rend_parse_service_authorization(or_options_t *options, int validate_only)
err:
res = -1;
done:
- if (auth)
- rend_service_authorization_free(auth);
+ rend_service_authorization_free(auth);
SMARTLIST_FOREACH(sl, char *, c, tor_free(c););
smartlist_free(sl);
if (!validate_only && res == 0) {
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 9055f981bb53900519562f820a8f26fa7b40db72..e4dc5b3d3ca7cc99e18a75ebb834b7f149afaee8 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -22,6 +22,8 @@ rend_cmp_service_ids(const char *one, const char *two)
void
rend_service_descriptor_free(rend_service_descriptor_t *desc)
{
+ if (!desc)
+ return;
if (desc->pk)
crypto_free_pk_env(desc->pk);
if (desc->intro_nodes) {
@@ -125,7 +127,8 @@ rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
if (!service_id ||
strlen(service_id) != REND_SERVICE_ID_LEN_BASE32) {
log_warn(LD_REND, "Could not compute v2 descriptor ID: "
- "Illegal service ID: %s", safe_str(service_id));
+ "Illegal service ID: %s",
+ safe_str(service_id));
return -1;
}
if (replica >= REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS) {
@@ -138,7 +141,7 @@ rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
service_id, REND_SERVICE_ID_LEN_BASE32) < 0) {
log_warn(LD_REND, "Could not compute v2 descriptor ID: "
"Illegal characters in service ID: %s",
- safe_str(service_id));
+ safe_str_client(service_id));
return -1;
}
/* Calculate current time-period. */
@@ -403,8 +406,7 @@ rend_desc_v2_is_parsable(rend_encoded_v2_service_descriptor_t *desc)
&test_intro_size,
&test_encoded_size,
&test_next, desc->desc_str);
- if (test_parsed)
- rend_service_descriptor_free(test_parsed);
+ rend_service_descriptor_free(test_parsed);
tor_free(test_intro_content);
return (res >= 0);
}
@@ -414,6 +416,8 @@ void
rend_encoded_v2_service_descriptor_free(
rend_encoded_v2_service_descriptor_t *desc)
{
+ if (!desc)
+ return;
tor_free(desc->desc_str);
tor_free(desc);
}
@@ -422,10 +426,11 @@ rend_encoded_v2_service_descriptor_free(
void
rend_intro_point_free(rend_intro_point_t *intro)
{
- if (intro->extend_info)
- extend_info_free(intro->extend_info);
- if (intro->intro_key)
- crypto_free_pk_env(intro->intro_key);
+ if (!intro)
+ return;
+
+ extend_info_free(intro->extend_info);
+ crypto_free_pk_env(intro->intro_key);
tor_free(intro);
}
@@ -772,22 +777,27 @@ rend_cache_init(void)
/** Helper: free storage held by a single service descriptor cache entry. */
static void
-_rend_cache_entry_free(void *p)
+rend_cache_entry_free(rend_cache_entry_t *e)
{
- rend_cache_entry_t *e = p;
+ if (!e)
+ return;
rend_service_descriptor_free(e->parsed);
tor_free(e->desc);
tor_free(e);
}
+static void
+_rend_cache_entry_free(void *p)
+{
+ rend_cache_entry_free(p);
+}
+
/** Free all storage held by the service descriptor cache. */
void
rend_cache_free_all(void)
{
- if (rend_cache)
- strmap_free(rend_cache, _rend_cache_entry_free);
- if (rend_cache_v2_dir)
- digestmap_free(rend_cache_v2_dir, _rend_cache_entry_free);
+ strmap_free(rend_cache, _rend_cache_entry_free);
+ digestmap_free(rend_cache_v2_dir, _rend_cache_entry_free);
rend_cache = NULL;
rend_cache_v2_dir = NULL;
}
@@ -808,7 +818,7 @@ rend_cache_clean(void)
ent = (rend_cache_entry_t*)val;
if (ent->parsed->timestamp < cutoff) {
iter = strmap_iter_next_rmv(rend_cache, iter);
- _rend_cache_entry_free(ent);
+ rend_cache_entry_free(ent);
} else {
iter = strmap_iter_next(rend_cache, iter);
}
@@ -834,9 +844,9 @@ rend_cache_clean_v2_descs_as_dir(void)
char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
- safe_str(key_base32));
+ safe_str_client(key_base32));
iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
- _rend_cache_entry_free(ent);
+ rend_cache_entry_free(ent);
} else {
iter = digestmap_iter_next(rend_cache_v2_dir, iter);
}
@@ -995,7 +1005,6 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
char query[REND_SERVICE_ID_LEN_BASE32+1];
char key[REND_SERVICE_ID_LEN_BASE32+2]; /* 0<query>\0 */
time_t now;
- or_options_t *options = get_options();
tor_assert(rend_cache);
parsed = rend_parse_service_descriptor(desc,desc_len);
if (!parsed) {
@@ -1010,13 +1019,15 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
now = time(NULL);
if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_fn(LOG_PROTOCOL_WARN, LD_REND,
- "Service descriptor %s is too old.", safe_str(query));
+ "Service descriptor %s is too old.",
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -2;
}
if (parsed->timestamp > now+REND_CACHE_MAX_SKEW) {
log_fn(LOG_PROTOCOL_WARN, LD_REND,
- "Service descriptor %s is too far in the future.", safe_str(query));
+ "Service descriptor %s is too far in the future.",
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -2;
}
@@ -1024,25 +1035,22 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
tor_snprintf(key, sizeof(key), "2%s", query);
if (!published && strmap_get_lc(rend_cache, key)) {
log_info(LD_REND, "We already have a v2 descriptor for service %s.",
- safe_str(query));
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -1;
}
- /* report novel publication to statistics */
- if (published && options->HSAuthorityRecordStats) {
- hs_usage_note_publish_total(query, now);
- }
tor_snprintf(key, sizeof(key), "0%s", query);
e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
if (e && e->parsed->timestamp > parsed->timestamp) {
log_info(LD_REND,"We already have a newer service descriptor %s with the "
- "same ID and version.", safe_str(query));
+ "same ID and version.",
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return 0;
}
if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
log_info(LD_REND,"We already have this service descriptor %s.",
- safe_str(query));
+ safe_str_client(query));
e->received = time(NULL);
rend_service_descriptor_free(parsed);
return 0;
@@ -1050,10 +1058,6 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
if (!e) {
e = tor_malloc_zero(sizeof(rend_cache_entry_t));
strmap_set_lc(rend_cache, key, e);
- /* report novel publication to statistics */
- if (published && options->HSAuthorityRecordStats) {
- hs_usage_note_publish_novel(query, now);
- }
} else {
rend_service_descriptor_free(e->parsed);
tor_free(e->desc);
@@ -1065,7 +1069,7 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
memcpy(e->desc, desc, desc_len);
log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str(query), (int)desc_len);
+ safe_str_client(query), (int)desc_len);
return 1;
}
@@ -1116,7 +1120,7 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
if (!hid_serv_responsible_for_desc_id(desc_id)) {
log_info(LD_REND, "Service descriptor with desc ID %s is not in "
"interval that we are responsible for.",
- safe_str(desc_id_base32));
+ safe_str_client(desc_id_base32));
goto skip;
}
/* Is descriptor too old? */
@@ -1281,14 +1285,14 @@ rend_cache_store_v2_desc_as_client(const char *desc,
/* Is descriptor too old? */
if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = -2;
goto err;
}
/* Is descriptor too far in the future? */
if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
- "the future.", safe_str(service_id));
+ "the future.", safe_str_client(service_id));
retval = -2;
goto err;
}
@@ -1296,7 +1300,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
tor_snprintf(key, sizeof(key), "0%s", service_id);
if (strmap_get_lc(rend_cache, key)) {
log_info(LD_REND, "We already have a v0 descriptor for service ID %s.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = -1;
goto err;
}
@@ -1306,14 +1310,14 @@ rend_cache_store_v2_desc_as_client(const char *desc,
if (e && e->parsed->timestamp > parsed->timestamp) {
log_info(LD_REND, "We already have a newer service descriptor for "
"service ID %s with the same desc ID and version.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = 0;
goto err;
}
/* Do we already have this descriptor? */
if (e && !strcmp(desc, e->desc)) {
log_info(LD_REND,"We already have this service descriptor %s.",
- safe_str(service_id));
+ safe_str_client(service_id));
e->received = time(NULL);
retval = 0;
goto err;
@@ -1331,12 +1335,11 @@ rend_cache_store_v2_desc_as_client(const char *desc,
strlcpy(e->desc, desc, encoded_size + 1);
e->len = encoded_size;
log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str(service_id), (int)encoded_size);
+ safe_str_client(service_id), (int)encoded_size);
return 1;
err:
- if (parsed)
- rend_service_descriptor_free(parsed);
+ rend_service_descriptor_free(parsed);
tor_free(intro_content);
return retval;
}
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index b6981d6258f7154f474b97d947a554e2235874eb..9fcf248c37154ac60e385e82bd841c9f187a10c9 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -87,7 +87,8 @@ num_rend_services(void)
static void
rend_authorized_client_free(rend_authorized_client_t *client)
{
- if (!client) return;
+ if (!client)
+ return;
if (client->client_key)
crypto_free_pk_env(client->client_key);
tor_free(client->client_name);
@@ -106,7 +107,9 @@ rend_authorized_client_strmap_item_free(void *authorized_client)
static void
rend_service_free(rend_service_t *service)
{
- if (!service) return;
+ if (!service)
+ return;
+
tor_free(service->directory);
SMARTLIST_FOREACH(service->ports, void*, p, tor_free(p));
smartlist_free(service->ports);
@@ -117,15 +120,14 @@ rend_service_free(rend_service_t *service)
rend_intro_point_free(intro););
smartlist_free(service->intro_nodes);
}
- if (service->desc)
- rend_service_descriptor_free(service->desc);
+
+ rend_service_descriptor_free(service->desc);
if (service->clients) {
SMARTLIST_FOREACH(service->clients, rend_authorized_client_t *, c,
rend_authorized_client_free(c););
smartlist_free(service->clients);
}
- if (service->accepted_intros)
- digestmap_free(service->accepted_intros, _tor_free);
+ digestmap_free(service->accepted_intros, _tor_free);
tor_free(service);
}
@@ -134,9 +136,9 @@ rend_service_free(rend_service_t *service)
void
rend_service_free_all(void)
{
- if (!rend_service_list) {
+ if (!rend_service_list)
return;
- }
+
SMARTLIST_FOREACH(rend_service_list, rend_service_t*, ptr,
rend_service_free(ptr));
smartlist_free(rend_service_list);
@@ -458,7 +460,7 @@ rend_config_services(or_options_t *options, int validate_only)
if (keep_it)
continue;
log_info(LD_REND, "Closing intro point %s for service %s.",
- safe_str(oc->build_state->chosen_exit->nickname),
+ safe_str_client(oc->build_state->chosen_exit->nickname),
oc->rend_data->onion_address);
circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
/* XXXX Is there another reason we should use here? */
@@ -482,10 +484,10 @@ rend_service_update_descriptor(rend_service_t *service)
rend_service_descriptor_t *d;
origin_circuit_t *circ;
int i;
- if (service->desc) {
- rend_service_descriptor_free(service->desc);
- service->desc = NULL;
- }
+
+ rend_service_descriptor_free(service->desc);
+ service->desc = NULL;
+
d = service->desc = tor_malloc_zero(sizeof(rend_service_descriptor_t));
d->pk = crypto_pk_dup_key(service->private_key);
d->timestamp = time(NULL);
@@ -1015,7 +1017,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
router = router_get_by_nickname(rp_nickname, 0);
if (!router) {
log_info(LD_REND, "Couldn't find router %s named in introduce2 cell.",
- escaped_safe_str(rp_nickname));
+ escaped_safe_str_client(rp_nickname));
/* XXXX Add a no-such-router reason? */
reason = END_CIRC_REASON_TORPROTOCOL;
goto err;
@@ -1117,14 +1119,16 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
if (!launched) { /* give up */
log_warn(LD_REND, "Giving up launching first hop of circuit to rendezvous "
"point %s for service %s.",
- escaped_safe_str(extend_info->nickname), serviceid);
+ escaped_safe_str_client(extend_info->nickname),
+ serviceid);
reason = END_CIRC_REASON_CONNECTFAILED;
goto err;
}
log_info(LD_REND,
"Accepted intro; launching circuit to %s "
"(cookie %s) for service %s.",
- escaped_safe_str(extend_info->nickname), hexcookie, serviceid);
+ escaped_safe_str_client(extend_info->nickname),
+ hexcookie, serviceid);
tor_assert(launched->build_state);
/* Fill in the circuit's state. */
launched->rend_data = tor_malloc_zero(sizeof(rend_data_t));
@@ -1219,7 +1223,7 @@ rend_service_launch_establish_intro(rend_service_t *service,
log_info(LD_REND,
"Launching circuit to introduction point %s for service %s",
- escaped_safe_str(intro->extend_info->nickname),
+ escaped_safe_str_client(intro->extend_info->nickname),
service->service_id);
rep_hist_note_used_internal(time(NULL), 1, 0);
@@ -1232,7 +1236,7 @@ rend_service_launch_establish_intro(rend_service_t *service,
if (!launched) {
log_info(LD_REND,
"Can't launch circuit to establish introduction at %s.",
- escaped_safe_str(intro->extend_info->nickname));
+ escaped_safe_str_client(intro->extend_info->nickname));
return -1;
}
@@ -1580,8 +1584,8 @@ directory_post_to_hs_dir(rend_service_descriptor_t *renddesc,
"service '%s' with descriptor ID '%s' with validity "
"of %d seconds to hidden service directory '%s' on "
"%s:%d.",
- safe_str(service_id),
- safe_str(desc_id_base32),
+ safe_str_client(service_id),
+ safe_str_client(desc_id_base32),
seconds_valid,
hs_dir->nickname,
hs_dir_ip,
@@ -1821,7 +1825,7 @@ rend_services_introduce(void)
router_crn_flags_t flags = CRN_NEED_UPTIME;
if (get_options()->_AllowInvalid & ALLOW_INVALID_INTRODUCTION)
flags |= CRN_ALLOW_INVALID;
- router = router_choose_random_node(NULL, intro_routers,
+ router = router_choose_random_node(intro_routers,
options->ExcludeNodes, flags);
if (!router) {
log_warn(LD_REND,
@@ -1953,7 +1957,7 @@ rend_service_dump_stats(int severity)
service->directory);
for (j=0; j < smartlist_len(service->intro_nodes); ++j) {
intro = smartlist_get(service->intro_nodes, j);
- safe_name = safe_str(intro->extend_info->nickname);
+ safe_name = safe_str_client(intro->extend_info->nickname);
circ = find_intro_circuit(intro, service->pk_digest);
if (!circ) {
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 1ff9cde69fb706ca1073e7b0c04fe87e9f27ef2d..e606db3b7b2e0eff2987ed3b26050579ac864d01 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -14,7 +14,6 @@
static void bw_arrays_init(void);
static void predicted_ports_init(void);
-static void hs_usage_init(void);
/** Total number of bytes currently allocated in fields used by rephist.c. */
uint64_t rephist_total_alloc=0;
@@ -185,7 +184,6 @@ rep_hist_init(void)
history_map = digestmap_new();
bw_arrays_init();
predicted_ports_init();
- hs_usage_init();
}
/** Helper: note that we are no longer connected to the router with history
@@ -1377,7 +1375,7 @@ rep_hist_exit_stats_write(time_t now)
statsdir = get_datadir_fname("stats");
if (check_private_dir(statsdir, CPD_CREATE) < 0)
goto done;
- filename = get_datadir_fname("stats"PATH_SEPARATOR"exit-stats");
+ filename = get_datadir_fname2("stats", "exit-stats");
format_iso_time(t, now);
log_info(LD_HIST, "Writing exit port statistics to disk for period "
"ending at %s.", t);
@@ -1615,7 +1613,7 @@ rep_hist_get_bandwidth_lines(int for_extrainfo)
size_t len;
/* opt (read|write)-history yyyy-mm-dd HH:MM:SS (n s) n,n,n,n,n... */
- len = (60+20*NUM_TOTALS)*2;
+ len = (60+21*NUM_TOTALS)*2;
buf = tor_malloc_zero(len);
cp = buf;
for (r=0;r<2;++r) {
@@ -2057,554 +2055,6 @@ rep_hist_free_all(void)
predicted_ports_free();
}
-/****************** hidden service usage statistics ******************/
-
-/** How large are the intervals for which we track and report hidden service
- * use? */
-#define NUM_SECS_HS_USAGE_SUM_INTERVAL (15*60)
-/** How far in the past do we remember and publish hidden service use? */
-#define NUM_SECS_HS_USAGE_SUM_IS_VALID (24*60*60)
-/** How many hidden service usage intervals do we remember? (derived) */
-#define NUM_TOTALS_HS_USAGE (NUM_SECS_HS_USAGE_SUM_IS_VALID/ \
- NUM_SECS_HS_USAGE_SUM_INTERVAL)
-
-/** List element containing a service id and the count. */
-typedef struct hs_usage_list_elem_t {
- /** Service id of this elem. */
- char service_id[REND_SERVICE_ID_LEN_BASE32+1];
- /** Number of occurrences for the given service id. */
- uint32_t count;
- /* Pointer to next list elem */
- struct hs_usage_list_elem_t *next;
-} hs_usage_list_elem_t;
-
-/** Ordered list that stores service ids and the number of observations. It is
- * ordered by the number of occurrences in descending order. Its purpose is to
- * calculate the frequency distribution when the period is over. */
-typedef struct hs_usage_list_t {
- /* Pointer to the first element in the list. */
- hs_usage_list_elem_t *start;
- /* Number of total occurrences for all list elements. */
- uint32_t total_count;
- /* Number of service ids, i.e. number of list elements. */
- uint32_t total_service_ids;
-} hs_usage_list_t;
-
-/** Tracks service-related observations in the current period and their
- * history. */
-typedef struct hs_usage_service_related_observation_t {
- /** Ordered list that stores service ids and the number of observations in
- * the current period. It is ordered by the number of occurrences in
- * descending order. Its purpose is to calculate the frequency distribution
- * when the period is over. */
- hs_usage_list_t *list;
- /** Circular arrays that store the history of observations. totals stores all
- * observations, twenty (ten, five) the number of observations related to a
- * service id being accounted for the top 20 (10, 5) percent of all
- * observations. */
- uint32_t totals[NUM_TOTALS_HS_USAGE];
- uint32_t five[NUM_TOTALS_HS_USAGE];
- uint32_t ten[NUM_TOTALS_HS_USAGE];
- uint32_t twenty[NUM_TOTALS_HS_USAGE];
-} hs_usage_service_related_observation_t;
-
-/** Tracks the history of general period-related observations, i.e. those that
- * cannot be related to a specific service id. */
-typedef struct hs_usage_general_period_related_observations_t {
- /** Circular array that stores the history of observations. */
- uint32_t totals[NUM_TOTALS_HS_USAGE];
-} hs_usage_general_period_related_observations_t;
-
-/** Keeps information about the current observation period and its relation to
- * the histories of observations. */
-typedef struct hs_usage_current_observation_period_t {
- /** Where do we write the next history entry? */
- int next_idx;
- /** How many values in history have been set ever? (upper bound!) */
- int num_set;
- /** When did this period begin? */
- time_t start_of_current_period;
- /** When does the next period begin? */
- time_t start_of_next_period;
-} hs_usage_current_observation_period_t;
-
-/** Usage statistics for the current observation period. */
-static hs_usage_current_observation_period_t *current_period = NULL;
-
-/** Total number of descriptor publish requests in the current observation
- * period. */
-static hs_usage_service_related_observation_t *publish_total = NULL;
-
-/** Number of descriptor publish requests for services that have not been
- * seen before in the current observation period. */
-static hs_usage_service_related_observation_t *publish_novel = NULL;
-
-/** Total number of descriptor fetch requests in the current observation
- * period. */
-static hs_usage_service_related_observation_t *fetch_total = NULL;
-
-/** Number of successful descriptor fetch requests in the current
- * observation period. */
-static hs_usage_service_related_observation_t *fetch_successful = NULL;
-
-/** Number of descriptors stored in the current observation period. */
-static hs_usage_general_period_related_observations_t *descs = NULL;
-
-/** Creates an empty ordered list element. */
-static hs_usage_list_elem_t *
-hs_usage_list_elem_new(void)
-{
- hs_usage_list_elem_t *e;
- e = tor_malloc_zero(sizeof(hs_usage_list_elem_t));
- rephist_total_alloc += sizeof(hs_usage_list_elem_t);
- e->count = 1;
- e->next = NULL;
- return e;
-}
-
-/** Creates an empty ordered list. */
-static hs_usage_list_t *
-hs_usage_list_new(void)
-{
- hs_usage_list_t *l;
- l = tor_malloc_zero(sizeof(hs_usage_list_t));
- rephist_total_alloc += sizeof(hs_usage_list_t);
- l->start = NULL;
- l->total_count = 0;
- l->total_service_ids = 0;
- return l;
-}
-
-/** Creates an empty structure for storing service-related observations. */
-static hs_usage_service_related_observation_t *
-hs_usage_service_related_observation_new(void)
-{
- hs_usage_service_related_observation_t *h;
- h = tor_malloc_zero(sizeof(hs_usage_service_related_observation_t));
- rephist_total_alloc += sizeof(hs_usage_service_related_observation_t);
- h->list = hs_usage_list_new();
- return h;
-}
-
-/** Creates an empty structure for storing general period-related
- * observations. */
-static hs_usage_general_period_related_observations_t *
-hs_usage_general_period_related_observations_new(void)
-{
- hs_usage_general_period_related_observations_t *p;
- p = tor_malloc_zero(sizeof(hs_usage_general_period_related_observations_t));
- rephist_total_alloc+= sizeof(hs_usage_general_period_related_observations_t);
- return p;
-}
-
-/** Creates an empty structure for storing period-specific information. */
-static hs_usage_current_observation_period_t *
-hs_usage_current_observation_period_new(void)
-{
- hs_usage_current_observation_period_t *c;
- time_t now;
- c = tor_malloc_zero(sizeof(hs_usage_current_observation_period_t));
- rephist_total_alloc += sizeof(hs_usage_current_observation_period_t);
- now = time(NULL);
- c->start_of_current_period = now;
- c->start_of_next_period = now + NUM_SECS_HS_USAGE_SUM_INTERVAL;
- return c;
-}
-
-/** Initializes the structures for collecting hidden service usage data. */
-static void
-hs_usage_init(void)
-{
- current_period = hs_usage_current_observation_period_new();
- publish_total = hs_usage_service_related_observation_new();
- publish_novel = hs_usage_service_related_observation_new();
- fetch_total = hs_usage_service_related_observation_new();
- fetch_successful = hs_usage_service_related_observation_new();
- descs = hs_usage_general_period_related_observations_new();
-}
-
-/** Clears the given ordered list by resetting its attributes and releasing
- * the memory allocated by its elements. */
-static void
-hs_usage_list_clear(hs_usage_list_t *lst)
-{
- /* walk through elements and free memory */
- hs_usage_list_elem_t *current = lst->start;
- hs_usage_list_elem_t *tmp;
- while (current != NULL) {
- tmp = current->next;
- rephist_total_alloc -= sizeof(hs_usage_list_elem_t);
- tor_free(current);
- current = tmp;
- }
- /* reset attributes */
- lst->start = NULL;
- lst->total_count = 0;
- lst->total_service_ids = 0;
- return;
-}
-
-/** Frees the memory used by the given list. */
-static void
-hs_usage_list_free(hs_usage_list_t *lst)
-{
- if (!lst)
- return;
- hs_usage_list_clear(lst);
- rephist_total_alloc -= sizeof(hs_usage_list_t);
- tor_free(lst);
-}
-
-/** Frees the memory used by the given service-related observations. */
-static void
-hs_usage_service_related_observation_free(
- hs_usage_service_related_observation_t *s)
-{
- if (!s)
- return;
- hs_usage_list_free(s->list);
- rephist_total_alloc -= sizeof(hs_usage_service_related_observation_t);
- tor_free(s);
-}
-
-/** Frees the memory used by the given period-specific observations. */
-static void
-hs_usage_general_period_related_observations_free(
- hs_usage_general_period_related_observations_t *s)
-{
- rephist_total_alloc-=sizeof(hs_usage_general_period_related_observations_t);
- tor_free(s);
-}
-
-/** Frees the memory used by period-specific information. */
-static void
-hs_usage_current_observation_period_free(
- hs_usage_current_observation_period_t *s)
-{
- rephist_total_alloc -= sizeof(hs_usage_current_observation_period_t);
- tor_free(s);
-}
-
-/** Frees all memory that was used for collecting hidden service usage data. */
-void
-hs_usage_free_all(void)
-{
- hs_usage_general_period_related_observations_free(descs);
- descs = NULL;
- hs_usage_service_related_observation_free(fetch_successful);
- hs_usage_service_related_observation_free(fetch_total);
- hs_usage_service_related_observation_free(publish_novel);
- hs_usage_service_related_observation_free(publish_total);
- fetch_successful = fetch_total = publish_novel = publish_total = NULL;
- hs_usage_current_observation_period_free(current_period);
- current_period = NULL;
-}
-
-/** Inserts a new occurrence for the given service id to the given ordered
- * list. */
-static void
-hs_usage_insert_value(hs_usage_list_t *lst, const char *service_id)
-{
- /* search if there is already an elem with same service_id in list */
- hs_usage_list_elem_t *current = lst->start;
- hs_usage_list_elem_t *previous = NULL;
- while (current != NULL && strcasecmp(current->service_id,service_id)) {
- previous = current;
- current = current->next;
- }
- /* found an element with same service_id? */
- if (current == NULL) {
- /* not found! append to end (which could also be the end of a zero-length
- * list), don't need to sort (1 is smallest value). */
- /* create elem */
- hs_usage_list_elem_t *e = hs_usage_list_elem_new();
- /* update list attributes (one new elem, one new occurrence) */
- lst->total_count++;
- lst->total_service_ids++;
- /* copy service id to elem */
- strlcpy(e->service_id,service_id,sizeof(e->service_id));
- /* let either l->start or previously last elem point to new elem */
- if (lst->start == NULL) {
- /* this is the first elem */
- lst->start = e;
- } else {
- /* there were elems in the list before */
- previous->next = e;
- }
- } else {
- /* found! add occurrence to elem and consider resorting */
- /* update list attributes (no new elem, but one new occurrence) */
- lst->total_count++;
- /* add occurrence to elem */
- current->count++;
- /* is it another than the first list elem? and has previous elem fewer
- * count than current? then we need to resort */
- if (previous != NULL && previous->count < current->count) {
- /* yes! we need to resort */
- /* remove current elem first */
- previous->next = current->next;
- /* can we prepend elem to all other elements? */
- if (lst->start->count <= current->count) {
- /* yes! prepend elem */
- current->next = lst->start;
- lst->start = current;
- } else {
- /* no! walk through list a second time and insert at correct place */
- hs_usage_list_elem_t *insert_current = lst->start->next;
- hs_usage_list_elem_t *insert_previous = lst->start;
- while (insert_current != NULL &&
- insert_current->count > current->count) {
- insert_previous = insert_current;
- insert_current = insert_current->next;
- }
- /* insert here */
- current->next = insert_current;
- insert_previous->next = current;
- }
- }
- }
-}
-
-/** Writes the current service-related observations to the history array and
- * clears the observations of the current period. */
-static void
-hs_usage_write_service_related_observations_to_history(
- hs_usage_current_observation_period_t *p,
- hs_usage_service_related_observation_t *h)
-{
- /* walk through the first 20 % of list elements and calculate frequency
- * distributions */
- /* maximum indices for the three frequencies */
- int five_percent_idx = h->list->total_service_ids/20;
- int ten_percent_idx = h->list->total_service_ids/10;
- int twenty_percent_idx = h->list->total_service_ids/5;
- /* temp values */
- uint32_t five_percent = 0;
- uint32_t ten_percent = 0;
- uint32_t twenty_percent = 0;
- /* walk through list */
- hs_usage_list_elem_t *current = h->list->start;
- int i=0;
- while (current != NULL && i <= twenty_percent_idx) {
- twenty_percent += current->count;
- if (i <= ten_percent_idx)
- ten_percent += current->count;
- if (i <= five_percent_idx)
- five_percent += current->count;
- current = current->next;
- i++;
- }
- /* copy frequencies */
- h->twenty[p->next_idx] = twenty_percent;
- h->ten[p->next_idx] = ten_percent;
- h->five[p->next_idx] = five_percent;
- /* copy total number of observations */
- h->totals[p->next_idx] = h->list->total_count;
- /* free memory of old list */
- hs_usage_list_clear(h->list);
-}
-
-/** Advances to next observation period. */
-static void
-hs_usage_advance_current_observation_period(void)
-{
- /* aggregate observations to history, including frequency distribution
- * arrays */
- hs_usage_write_service_related_observations_to_history(
- current_period, publish_total);
- hs_usage_write_service_related_observations_to_history(
- current_period, publish_novel);
- hs_usage_write_service_related_observations_to_history(
- current_period, fetch_total);
- hs_usage_write_service_related_observations_to_history(
- current_period, fetch_successful);
- /* write current number of descriptors to descs history */
- descs->totals[current_period->next_idx] = rend_cache_size();
- /* advance to next period */
- current_period->next_idx++;
- if (current_period->next_idx == NUM_TOTALS_HS_USAGE)
- current_period->next_idx = 0;
- if (current_period->num_set < NUM_TOTALS_HS_USAGE)
- ++current_period->num_set;
- current_period->start_of_current_period=current_period->start_of_next_period;
- current_period->start_of_next_period += NUM_SECS_HS_USAGE_SUM_INTERVAL;
-}
-
-/** Checks if the current period is up to date, and if not, advances it. */
-static void
-hs_usage_check_if_current_period_is_up_to_date(time_t now)
-{
- while (now > current_period->start_of_next_period) {
- hs_usage_advance_current_observation_period();
- }
-}
-
-/** Adds a service-related observation, maybe after advancing to next
- * observation period. */
-static void
-hs_usage_add_service_related_observation(
- hs_usage_service_related_observation_t *h,
- time_t now,
- const char *service_id)
-{
- if (now < current_period->start_of_current_period) {
- /* don't record old data */
- return;
- }
- /* check if we are up-to-date */
- hs_usage_check_if_current_period_is_up_to_date(now);
- /* add observation */
- hs_usage_insert_value(h->list, service_id);
-}
-
-/** Adds the observation of storing a rendezvous service descriptor to our
- * cache in our role as HS authoritative directory. */
-void
-hs_usage_note_publish_total(const char *service_id, time_t now)
-{
- hs_usage_add_service_related_observation(publish_total, now, service_id);
-}
-
-/** Adds the observation of storing a novel rendezvous service descriptor to
- * our cache in our role as HS authoritative directory. */
-void
-hs_usage_note_publish_novel(const char *service_id, time_t now)
-{
- hs_usage_add_service_related_observation(publish_novel, now, service_id);
-}
-
-/** Adds the observation of being requested for a rendezvous service descriptor
- * in our role as HS authoritative directory. */
-void
-hs_usage_note_fetch_total(const char *service_id, time_t now)
-{
- hs_usage_add_service_related_observation(fetch_total, now, service_id);
-}
-
-/** Adds the observation of being requested for a rendezvous service descriptor
- * in our role as HS authoritative directory and being able to answer that
- * request successfully. */
-void
-hs_usage_note_fetch_successful(const char *service_id, time_t now)
-{
- hs_usage_add_service_related_observation(fetch_successful, now, service_id);
-}
-
-/** Writes the given circular array to a string. */
-static size_t
-hs_usage_format_history(char *buf, size_t len, uint32_t *data)
-{
- char *cp = buf; /* pointer where we are in the buffer */
- int i, n;
- if (current_period->num_set <= current_period->next_idx) {
- i = 0; /* not been through circular array */
- } else {
- i = current_period->next_idx;
- }
- for (n = 0; n < current_period->num_set; ++n,++i) {
- if (i >= NUM_TOTALS_HS_USAGE)
- i -= NUM_TOTALS_HS_USAGE;
- tor_assert(i < NUM_TOTALS_HS_USAGE);
- if (n == (current_period->num_set-1))
- tor_snprintf(cp, len-(cp-buf), "%d", data[i]);
- else
- tor_snprintf(cp, len-(cp-buf), "%d,", data[i]);
- cp += strlen(cp);
- }
- return cp-buf;
-}
-
-/** Writes the complete usage history as hidden service authoritative directory
- * to a string. */
-static char *
-hs_usage_format_statistics(void)
-{
- char *buf, *cp, *s = NULL;
- char t[ISO_TIME_LEN+1];
- int r;
- uint32_t *data = NULL;
- size_t len;
- len = (70+20*NUM_TOTALS_HS_USAGE)*11;
- buf = tor_malloc_zero(len);
- cp = buf;
- for (r = 0; r < 11; ++r) {
- switch (r) {
- case 0:
- s = (char*) "publish-total-history";
- data = publish_total->totals;
- break;
- case 1:
- s = (char*) "publish-novel-history";
- data = publish_novel->totals;
- break;
- case 2:
- s = (char*) "publish-top-5-percent-history";
- data = publish_total->five;
- break;
- case 3:
- s = (char*) "publish-top-10-percent-history";
- data = publish_total->ten;
- break;
- case 4:
- s = (char*) "publish-top-20-percent-history";
- data = publish_total->twenty;
- break;
- case 5:
- s = (char*) "fetch-total-history";
- data = fetch_total->totals;
- break;
- case 6:
- s = (char*) "fetch-successful-history";
- data = fetch_successful->totals;
- break;
- case 7:
- s = (char*) "fetch-top-5-percent-history";
- data = fetch_total->five;
- break;
- case 8:
- s = (char*) "fetch-top-10-percent-history";
- data = fetch_total->ten;
- break;
- case 9:
- s = (char*) "fetch-top-20-percent-history";
- data = fetch_total->twenty;
- break;
- case 10:
- s = (char*) "desc-total-history";
- data = descs->totals;
- break;
- }
- format_iso_time(t, current_period->start_of_current_period);
- tor_snprintf(cp, len-(cp-buf), "%s %s (%d s) ", s, t,
- NUM_SECS_HS_USAGE_SUM_INTERVAL);
- cp += strlen(cp);
- cp += hs_usage_format_history(cp, len-(cp-buf), data);
- strlcat(cp, "\n", len-(cp-buf));
- ++cp;
- }
- return buf;
-}
-
-/** Write current statistics about hidden service usage to file. */
-void
-hs_usage_write_statistics_to_file(time_t now)
-{
- char *buf;
- size_t len;
- char *fname;
- or_options_t *options = get_options();
- /* check if we are up-to-date */
- hs_usage_check_if_current_period_is_up_to_date(now);
- buf = hs_usage_format_statistics();
- len = strlen(options->DataDirectory) + 16;
- fname = tor_malloc(len);
- tor_snprintf(fname, len, "%s"PATH_SEPARATOR"hsusage",
- options->DataDirectory);
- write_str_to_file(fname,buf,0);
- tor_free(buf);
- tor_free(fname);
-}
-
/*** cell statistics ***/
/** Start of the current buffer stats interval. */
@@ -2701,9 +2151,16 @@ rep_hist_buffer_stats_write(time_t now)
memset(circs_in_share, 0, SHARES * sizeof(int));
memset(queued_cells, 0, SHARES * sizeof(double));
memset(time_in_queue, 0, SHARES * sizeof(double));
+ if (!circuits_for_buffer_stats)
+ circuits_for_buffer_stats = smartlist_create();
smartlist_sort(circuits_for_buffer_stats,
_buffer_stats_compare_entries);
number_of_circuits = smartlist_len(circuits_for_buffer_stats);
+ if (number_of_circuits < 1) {
+ log_info(LD_HIST, "Attempt to write cell statistics to disk failed. "
+ "We haven't seen a single circuit to report about.");
+ goto done;
+ }
i = 0;
SMARTLIST_FOREACH_BEGIN(circuits_for_buffer_stats,
circ_buffer_stats_t *, stat)
@@ -2723,7 +2180,7 @@ rep_hist_buffer_stats_write(time_t now)
statsdir = get_datadir_fname("stats");
if (check_private_dir(statsdir, CPD_CREATE) < 0)
goto done;
- filename = get_datadir_fname("stats"PATH_SEPARATOR"buffer-stats");
+ filename = get_datadir_fname2("stats", "buffer-stats");
out = start_writing_to_stdio_file(filename, OPEN_FLAGS_APPEND,
0600, &open_file);
if (!out)
diff --git a/src/or/router.c b/src/or/router.c
index 2f5a9fd80b1bdebcb47bd78b522ed06fc01b5e11..e14f237728befbd8e29093dd77666852f3f341fc 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -61,8 +61,7 @@ static void
set_onion_key(crypto_pk_env_t *k)
{
tor_mutex_acquire(key_lock);
- if (onionkey)
- crypto_free_pk_env(onionkey);
+ crypto_free_pk_env(onionkey);
onionkey = k;
onionkey_set_at = time(NULL);
tor_mutex_release(key_lock);
@@ -111,8 +110,7 @@ get_onion_key_set_at(void)
void
set_identity_key(crypto_pk_env_t *k)
{
- if (identitykey)
- crypto_free_pk_env(identitykey);
+ crypto_free_pk_env(identitykey);
identitykey = k;
crypto_pk_get_digest(identitykey, identitykey_digest);
}
@@ -201,8 +199,7 @@ rotate_onion_key(void)
}
log_info(LD_GENERAL, "Rotating onion key");
tor_mutex_acquire(key_lock);
- if (lastonionkey)
- crypto_free_pk_env(lastonionkey);
+ crypto_free_pk_env(lastonionkey);
lastonionkey = onionkey;
onionkey = prkey;
now = time(NULL);
@@ -331,10 +328,9 @@ load_authority_keyset(int legacy, crypto_pk_env_t **key_out,
goto done;
}
- if (*key_out)
- crypto_free_pk_env(*key_out);
- if (*cert_out)
- authority_cert_free(*cert_out);
+ crypto_free_pk_env(*key_out);
+ authority_cert_free(*cert_out);
+
*key_out = signing_key;
*cert_out = parsed;
r = 0;
@@ -344,10 +340,8 @@ load_authority_keyset(int legacy, crypto_pk_env_t **key_out,
done:
tor_free(fname);
tor_free(cert);
- if (signing_key)
- crypto_free_pk_env(signing_key);
- if (parsed)
- authority_cert_free(parsed);
+ crypto_free_pk_env(signing_key);
+ authority_cert_free(parsed);
return r;
}
@@ -1425,11 +1419,9 @@ router_rebuild_descriptor(int force)
tor_assert(! routerinfo_incompatible_with_extrainfo(ri, ei, NULL, NULL));
- if (desc_routerinfo)
- routerinfo_free(desc_routerinfo);
+ routerinfo_free(desc_routerinfo);
desc_routerinfo = ri;
- if (desc_extrainfo)
- extrainfo_free(desc_extrainfo);
+ extrainfo_free(desc_extrainfo);
desc_extrainfo = ei;
desc_clean_since = time(NULL);
@@ -1668,7 +1660,7 @@ router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router,
return -1;
}
- /* PEM-encode the identity key key */
+ /* PEM-encode the identity key */
if (crypto_pk_write_public_key_to_string(router->identity_pkey,
&identity_pkey,&identity_pkeylen)<0) {
log_warn(LD_BUG,"write identity_pkey to string failed!");
@@ -1890,6 +1882,7 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
int result;
size_t len;
static int write_stats_to_extrainfo = 1;
+ time_t now = time(NULL);
base16_encode(identity, sizeof(identity),
extrainfo->cache_info.identity_digest, DIGEST_LEN);
@@ -1904,7 +1897,6 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
if (options->ExtraInfoStatistics && write_stats_to_extrainfo) {
char *contents = NULL;
- time_t now = time(NULL);
log_info(LD_GENERAL, "Adding stats to extra-info descriptor.");
if (options->DirReqStatistics &&
load_stats_file("stats"PATH_SEPARATOR"dirreq-stats",
@@ -1961,18 +1953,16 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
return -1;
if (should_record_bridge_info(options)) {
- char *geoip_summary = extrainfo_get_client_geoip_summary(time(NULL));
- if (geoip_summary) {
- char geoip_start[ISO_TIME_LEN+1];
- format_iso_time(geoip_start, geoip_get_history_start());
- result = tor_snprintf(s+strlen(s), maxlen-strlen(s),
- "geoip-start-time %s\n"
- "geoip-client-origins %s\n",
- geoip_start, geoip_summary);
- control_event_clients_seen(geoip_start, geoip_summary);
- tor_free(geoip_summary);
- if (result<0)
- return -1;
+ char *bridge_stats = geoip_get_bridge_stats_extrainfo(now);
+ if (bridge_stats) {
+ size_t pos = strlen(s);
+ if (strlcpy(s + pos, bridge_stats, maxlen - strlen(s)) !=
+ strlen(bridge_stats)) {
+ log_warn(LD_DIR, "Could not write bridge-stats to extra-info "
+ "descriptor.");
+ s[pos] = '\0';
+ }
+ tor_free(bridge_stats);
}
}
@@ -2021,30 +2011,6 @@ extrainfo_dump_to_string(char *s, size_t maxlen, extrainfo_t *extrainfo,
return (int)strlen(s)+1;
}
-/** Wrapper function for geoip_get_client_history(). It first discards
- * any items in the client history that are too old -- it dumps anything
- * more than 48 hours old, but it only considers whether to dump at most
- * once per 48 hours, so we aren't too precise to an observer (see also
- * r14780).
- */
-char *
-extrainfo_get_client_geoip_summary(time_t now)
-{
- static time_t last_purged_at = 0;
- int geoip_purge_interval =
- (get_options()->DirReqStatistics || get_options()->EntryStatistics) ?
- DIR_ENTRY_RECORD_USAGE_RETAIN_IPS : 48*60*60;
- if (now > last_purged_at+geoip_purge_interval) {
- /* (Note that this also discards items in the client history with
- * action GEOIP_CLIENT_NETWORKSTATUS{_V2}, which doesn't matter
- * because bridge and directory stats are independent. Keep in mind
- * for future extensions, though.) */
- geoip_remove_old_clients(now-geoip_purge_interval);
- last_purged_at = now;
- }
- return geoip_get_client_history_bridge(now, GEOIP_CLIENT_CONNECT);
-}
-
/** Return true iff <b>s</b> is a legally valid server nickname. */
int
is_legal_nickname(const char *s)
@@ -2169,26 +2135,16 @@ router_purpose_from_string(const char *s)
void
router_free_all(void)
{
- if (onionkey)
- crypto_free_pk_env(onionkey);
- if (lastonionkey)
- crypto_free_pk_env(lastonionkey);
- if (identitykey)
- crypto_free_pk_env(identitykey);
- if (key_lock)
- tor_mutex_free(key_lock);
- if (desc_routerinfo)
- routerinfo_free(desc_routerinfo);
- if (desc_extrainfo)
- extrainfo_free(desc_extrainfo);
- if (authority_signing_key)
- crypto_free_pk_env(authority_signing_key);
- if (authority_key_certificate)
- authority_cert_free(authority_key_certificate);
- if (legacy_signing_key)
- crypto_free_pk_env(legacy_signing_key);
- if (legacy_key_certificate)
- authority_cert_free(legacy_key_certificate);
+ crypto_free_pk_env(onionkey);
+ crypto_free_pk_env(lastonionkey);
+ crypto_free_pk_env(identitykey);
+ tor_mutex_free(key_lock);
+ routerinfo_free(desc_routerinfo);
+ extrainfo_free(desc_extrainfo);
+ crypto_free_pk_env(authority_signing_key);
+ authority_cert_free(authority_key_certificate);
+ crypto_free_pk_env(legacy_signing_key);
+ authority_cert_free(legacy_key_certificate);
if (warned_nonexistent_family) {
SMARTLIST_FOREACH(warned_nonexistent_family, char *, cp, tor_free(cp));
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 18d656d222ba1408d4e7acb69ad6e9f8ecf69bbf..1b9df560315ced4841d7e62a71694a75891ed57a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -757,8 +757,7 @@ router_rebuild_store(int flags, desc_store_t *store)
store->journal_len = 0;
store->bytes_dropped = 0;
done:
- if (signed_descriptors)
- smartlist_free(signed_descriptors);
+ smartlist_free(signed_descriptors);
tor_free(fname);
tor_free(fname_tmp);
if (chunk_list) {
@@ -1699,12 +1698,12 @@ smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
* For detailed derivation of this formula, see
* http://archives.seul.org/or/dev/Jul-2007/msg00056.html
*/
- if (rule == WEIGHT_FOR_EXIT)
+ if (rule == WEIGHT_FOR_EXIT || !total_exit_bw)
exit_weight = 1.0;
else
exit_weight = 1.0 - all_bw/(3.0*exit_bw);
- if (rule == WEIGHT_FOR_GUARD)
+ if (rule == WEIGHT_FOR_GUARD || !total_guard_bw)
guard_weight = 1.0;
else
guard_weight = 1.0 - all_bw/(3.0*guard_bw);
@@ -1753,6 +1752,8 @@ smartlist_choose_by_bandwidth(smartlist_t *sl, bandwidth_weight_rule_t rule,
/* Almost done: choose a random value from the bandwidth weights. */
rand_bw = crypto_rand_uint64(total_bw);
+ rand_bw++; /* crypto_rand_uint64() counts from 0, and we need to count
+ * from 1 below. See bug 1203 for details. */
/* Last, count through sl until we get to the element we picked */
tmp = 0;
@@ -1809,13 +1810,10 @@ routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
return smartlist_choose_by_bandwidth(sl, NO_WEIGHTING, 1);
}
-/** Return a random running router from the routerlist. If any node
- * named in <b>preferred</b> is available, pick one of those. Never
+/** Return a random running router from the routerlist. Never
* pick a node whose routerinfo is in
* <b>excludedsmartlist</b>, or whose routerinfo matches <b>excludedset</b>,
- * even if they are the only nodes
- * available. If <b>CRN_STRICT_PREFERRED</b> is set in flags, never pick
- * any node besides those in <b>preferred</b>.
+ * even if they are the only nodes available.
* If <b>CRN_NEED_UPTIME</b> is set in flags and any router has more than
* a minimum uptime, return one of those.
* If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
@@ -1828,8 +1826,7 @@ routerstatus_sl_choose_by_bandwidth(smartlist_t *sl)
* node (that is, possibly discounting exit nodes).
*/
routerinfo_t *
-router_choose_random_node(const char *preferred,
- smartlist_t *excludedsmartlist,
+router_choose_random_node(smartlist_t *excludedsmartlist,
routerset_t *excludedset,
router_crn_flags_t flags)
{
@@ -1837,10 +1834,10 @@ router_choose_random_node(const char *preferred,
const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
const int need_guard = (flags & CRN_NEED_GUARD) != 0;
const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
- const int strict = (flags & CRN_STRICT_PREFERRED) != 0;
const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
- smartlist_t *sl, *excludednodes;
+ smartlist_t *sl=smartlist_create(),
+ *excludednodes=smartlist_create();
routerinfo_t *choice = NULL, *r;
bandwidth_weight_rule_t rule;
@@ -1848,8 +1845,6 @@ router_choose_random_node(const char *preferred,
rule = weight_for_exit ? WEIGHT_FOR_EXIT :
(need_guard ? WEIGHT_FOR_GUARD : NO_WEIGHTING);
- excludednodes = smartlist_create();
-
/* Exclude relays that allow single hop exit circuits, if the user
* wants to (such relays might be risky) */
if (get_options()->ExcludeSingleHopRelays) {
@@ -1865,60 +1860,37 @@ router_choose_random_node(const char *preferred,
routerlist_add_family(excludednodes, r);
}
- /* Try the preferred nodes first. Ignore need_uptime and need_capacity
- * and need_guard, since the user explicitly asked for these nodes. */
- if (preferred) {
- sl = smartlist_create();
- add_nickname_list_to_smartlist(sl,preferred,1);
- smartlist_subtract(sl,excludednodes);
- if (excludedsmartlist)
- smartlist_subtract(sl,excludedsmartlist);
- if (excludedset)
- routerset_subtract_routers(sl,excludedset);
+ router_add_running_routers_to_smartlist(sl, allow_invalid,
+ need_uptime, need_capacity,
+ need_guard);
+ smartlist_subtract(sl,excludednodes);
+ if (excludedsmartlist)
+ smartlist_subtract(sl,excludedsmartlist);
+ if (excludedset)
+ routerset_subtract_routers(sl,excludedset);
+
+ if (need_capacity || need_guard)
+ choice = routerlist_sl_choose_by_bandwidth(sl, rule);
+ else
choice = smartlist_choose(sl);
- smartlist_free(sl);
- }
- if (!choice && !strict) {
- /* Then give up on our preferred choices: any node
- * will do that has the required attributes. */
- sl = smartlist_create();
- router_add_running_routers_to_smartlist(sl, allow_invalid,
- need_uptime, need_capacity,
- need_guard);
- smartlist_subtract(sl,excludednodes);
- if (excludedsmartlist)
- smartlist_subtract(sl,excludedsmartlist);
- if (excludedset)
- routerset_subtract_routers(sl,excludedset);
-
- if (need_capacity || need_guard)
- choice = routerlist_sl_choose_by_bandwidth(sl, rule);
- else
- choice = smartlist_choose(sl);
-
- smartlist_free(sl);
- if (!choice && (need_uptime || need_capacity || need_guard)) {
- /* try once more -- recurse but with fewer restrictions. */
- log_info(LD_CIRC,
- "We couldn't find any live%s%s%s routers; falling back "
- "to list of all routers.",
- need_capacity?", fast":"",
- need_uptime?", stable":"",
- need_guard?", guard":"");
- flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
- choice = router_choose_random_node(
- NULL, excludedsmartlist, excludedset, flags);
- }
+
+ smartlist_free(sl);
+ if (!choice && (need_uptime || need_capacity || need_guard)) {
+ /* try once more -- recurse but with fewer restrictions. */
+ log_info(LD_CIRC,
+ "We couldn't find any live%s%s%s routers; falling back "
+ "to list of all routers.",
+ need_capacity?", fast":"",
+ need_uptime?", stable":"",
+ need_guard?", guard":"");
+ flags &= ~ (CRN_NEED_UPTIME|CRN_NEED_CAPACITY|CRN_NEED_GUARD);
+ choice = router_choose_random_node(
+ excludedsmartlist, excludedset, flags);
}
smartlist_free(excludednodes);
if (!choice) {
- if (strict) {
- log_warn(LD_CIRC, "All preferred nodes were down when trying to choose "
- "node, and the Strict[...]Nodes option is set. Failing.");
- } else {
- log_warn(LD_CIRC,
- "No available nodes when trying to choose node. Failing.");
- }
+ log_warn(LD_CIRC,
+ "No available nodes when trying to choose node. Failing.");
}
return choice;
}
@@ -2378,6 +2350,9 @@ extrainfo_free(extrainfo_t *extrainfo)
static void
signed_descriptor_free(signed_descriptor_t *sd)
{
+ if (!sd)
+ return;
+
tor_free(sd->signed_descriptor_body);
/* XXXX remove this once more bugs go away. */
@@ -2409,7 +2384,8 @@ _extrainfo_free(void *e)
void
routerlist_free(routerlist_t *rl)
{
- tor_assert(rl);
+ if (!rl)
+ return;
rimap_free(rl->identity_map, NULL);
sdmap_free(rl->desc_digest_map, NULL);
sdmap_free(rl->desc_by_eid_map, NULL);
@@ -2448,46 +2424,6 @@ dump_routerlist_mem_usage(int severity)
"In %d old descriptors: "U64_FORMAT" bytes.",
smartlist_len(routerlist->routers), U64_PRINTF_ARG(livedescs),
smartlist_len(routerlist->old_routers), U64_PRINTF_ARG(olddescs));
-
-#if 0
- {
- const smartlist_t *networkstatus_v2_list = networkstatus_get_v2_list();
- networkstatus_t *consensus = networkstatus_get_latest_consensus();
- log(severity, LD_DIR, "Now let's look through old_descriptors!");
- SMARTLIST_FOREACH(routerlist->old_routers, signed_descriptor_t *, sd, {
- int in_v2 = 0;
- int in_v3 = 0;
- char published[ISO_TIME_LEN+1];
- char last_valid_until[ISO_TIME_LEN+1];
- char last_served_at[ISO_TIME_LEN+1];
- char id[HEX_DIGEST_LEN+1];
- routerstatus_t *rs;
- format_iso_time(published, sd->published_on);
- format_iso_time(last_valid_until, sd->last_listed_as_valid_until);
- format_iso_time(last_served_at, sd->last_served_at);
- base16_encode(id, sizeof(id), sd->identity_digest, DIGEST_LEN);
- SMARTLIST_FOREACH(networkstatus_v2_list, networkstatus_v2_t *, ns,
- {
- rs = networkstatus_v2_find_entry(ns, sd->identity_digest);
- if (rs && !memcmp(rs->descriptor_digest,
- sd->signed_descriptor_digest, DIGEST_LEN)) {
- in_v2 = 1; break;
- }
- });
- if (consensus) {
- rs = networkstatus_vote_find_entry(consensus, sd->identity_digest);
- if (rs && !memcmp(rs->descriptor_digest,
- sd->signed_descriptor_digest, DIGEST_LEN))
- in_v3 = 1;
- }
- log(severity, LD_DIR,
- "Old descriptor for %s (published %s) %sin v2 ns, %sin v3 "
- "consensus. Last valid until %s; last served at %s.",
- id, published, in_v2 ? "" : "not ", in_v3 ? "" : "not ",
- last_valid_until, last_served_at);
- });
- }
-#endif
}
/** Debugging helper: If <b>idx</b> is nonnegative, assert that <b>ri</b> is
@@ -2857,8 +2793,7 @@ routerlist_reparse_old(routerlist_t *rl, signed_descriptor_t *sd)
void
routerlist_free_all(void)
{
- if (routerlist)
- routerlist_free(routerlist);
+ routerlist_free(routerlist);
routerlist = NULL;
if (warned_nicknames) {
SMARTLIST_FOREACH(warned_nicknames, char *, cp, tor_free(cp));
@@ -3747,12 +3682,8 @@ add_trusted_dir_server(const char *nickname, const char *address,
if (ent->or_port)
ent->fake_status.version_supports_begindir = 1;
-/* XX021 - wait until authorities are upgraded */
-#if 0
+
ent->fake_status.version_supports_conditional_consensus = 1;
-#else
- ent->fake_status.version_supports_conditional_consensus = 0;
-#endif
smartlist_add(trusted_dir_servers, ent);
router_dir_info_changed();
@@ -3767,10 +3698,8 @@ authority_cert_free(authority_cert_t *cert)
return;
tor_free(cert->cache_info.signed_descriptor_body);
- if (cert->signing_key)
- crypto_free_pk_env(cert->signing_key);
- if (cert->identity_key)
- crypto_free_pk_env(cert->identity_key);
+ crypto_free_pk_env(cert->signing_key);
+ crypto_free_pk_env(cert->identity_key);
tor_free(cert);
}
@@ -3779,6 +3708,9 @@ authority_cert_free(authority_cert_t *cert)
static void
trusted_dir_server_free(trusted_dir_server_t *ds)
{
+ if (!ds)
+ return;
+
tor_free(ds->nickname);
tor_free(ds->description);
tor_free(ds->address);
@@ -3934,7 +3866,7 @@ client_would_use_router(routerstatus_t *rs, time_t now, or_options_t *options)
* this number per server. */
#define MIN_DL_PER_REQUEST 4
/** To prevent a single screwy cache from confusing us by selective reply,
- * try to split our requests into at least this this many requests. */
+ * try to split our requests into at least this many requests. */
#define MIN_REQUESTS 3
/** If we want fewer than this many descriptors, wait until we
* want more, or until MAX_CLIENT_INTERVAL_WITHOUT_REQUEST has
@@ -4151,7 +4083,7 @@ update_router_descriptor_cache_downloads_v2(time_t now)
pds_flags |= PDS_NO_EXISTING_SERVERDESC_FETCH; /* XXXX ignored*/
if (!ds) {
- log_warn(LD_BUG, "Networkstatus with no corresponding authority!");
+ log_info(LD_DIR, "Networkstatus with no corresponding authority!");
continue;
}
if (! smartlist_len(dl))
@@ -4822,8 +4754,8 @@ esc_router_info(routerinfo_t *router)
static char *info=NULL;
char *esc_contact, *esc_platform;
size_t len;
- if (info)
- tor_free(info);
+ tor_free(info);
+
if (!router)
return NULL; /* we're exiting; just free the memory we use */
@@ -4958,9 +4890,8 @@ void
routerset_refresh_countries(routerset_t *target)
{
int cc;
- if (target->countries) {
- bitarray_free(target->countries);
- }
+ bitarray_free(target->countries);
+
if (!geoip_is_loaded()) {
target->countries = NULL;
target->n_countries = 0;
@@ -5204,9 +5135,13 @@ routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset,
}
}
-/** Add to <b>target</b> every routerinfo_t from <b>source</b> that is in
- * <b>include</b>, but not excluded in a more specific fashion by
- * <b>exclude</b>. If <b>running_only</b>, only include running routers.
+/** Add to <b>target</b> every routerinfo_t from <b>source</b> except:
+ *
+ * 1) Don't add it if <b>include</b> is non-empty and the relay isn't in
+ * <b>include</b>; and
+ * 2) Don't add it if <b>exclude</b> is non-empty and the relay is
+ * excluded in a more specific fashion by <b>exclude</b>.
+ * 3) If <b>running_only</b>, don't add non-running routers.
*/
void
routersets_get_disjunction(smartlist_t *target,
@@ -5276,35 +5211,15 @@ routerset_equal(const routerset_t *old, const routerset_t *new)
});
return 1;
-
-#if 0
- /* XXXX: This won't work if the names/digests are identical but in a
- different order. Checking for exact equality would be heavy going,
- is it worth it? -RH*/
- /* This code is totally bogus; sizeof doesn't work even remotely like this
- * code seems to think. Let's revert to a string-based comparison for
- * now. -NM*/
- if (sizeof(old->names) != sizeof(new->names))
- return 0;
-
- if (memcmp(old->names,new->names,sizeof(new->names)))
- return 0;
- if (sizeof(old->digests) != sizeof(new->digests))
- return 0;
- if (memcmp(old->digests,new->digests,sizeof(new->digests)))
- return 0;
- if (sizeof(old->countries) != sizeof(new->countries))
- return 0;
- if (memcmp(old->countries,new->countries,sizeof(new->countries)))
- return 0;
- return 1;
-#endif
}
/** Free all storage held in <b>routerset</b>. */
void
routerset_free(routerset_t *routerset)
{
+ if (!routerset)
+ return;
+
SMARTLIST_FOREACH(routerset->list, char *, cp, tor_free(cp));
smartlist_free(routerset->list);
SMARTLIST_FOREACH(routerset->policies, addr_policy_t *, p,
@@ -5315,8 +5230,7 @@ routerset_free(routerset_t *routerset)
strmap_free(routerset->names, NULL);
digestmap_free(routerset->digests, NULL);
- if (routerset->countries)
- bitarray_free(routerset->countries);
+ bitarray_free(routerset->countries);
tor_free(routerset);
}
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 1f89cffa018790990b339f2e684a8c30f1898e54..13dc10c0ea44f6e9f14c12a68d554d8d9a1341fa 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -151,7 +151,7 @@ typedef enum {
* type.
*
* This structure is only allocated in memareas; do not allocate it on
- * the heap, or token_free() won't work.
+ * the heap, or token_clear() won't work.
*/
typedef struct directory_token_t {
directory_keyword tp; /**< Type of the token. */
@@ -523,7 +523,7 @@ static int router_get_hash_impl(const char *s, char *digest,
static int router_get_hashes_impl(const char *s, digests_t *digests,
const char *start_str, const char *end_str,
char end_char);
-static void token_free(directory_token_t *tok);
+static void token_clear(directory_token_t *tok);
static smartlist_t *find_all_exitpolicy(smartlist_t *s);
static directory_token_t *_find_by_keyword(smartlist_t *s,
directory_keyword keyword,
@@ -844,7 +844,7 @@ router_parse_directory(const char *str)
CST_CHECK_AUTHORITY, "directory")<0)
goto err;
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_clear(tokens);
memarea_clear(area);
@@ -882,7 +882,7 @@ router_parse_directory(const char *str)
done:
if (declared_key) crypto_free_pk_env(declared_key);
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
if (area) {
@@ -948,7 +948,7 @@ router_parse_runningrouters(const char *str)
dump_desc(str_dup, "v1 running-routers");
if (declared_key) crypto_free_pk_env(declared_key);
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
if (area) {
@@ -998,7 +998,7 @@ find_dir_signing_key(const char *str, const char *eos)
}
done:
- if (tok) token_free(tok);
+ if (tok) token_clear(tok);
if (area) {
DUMP_AREA(area, "dir-signing-key token");
memarea_drop_all(area);
@@ -1551,12 +1551,10 @@ router_parse_entry_from_string(const char *s, const char *end,
router = NULL;
done:
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
- if (exit_policy_tokens) {
- smartlist_free(exit_policy_tokens);
- }
+ smartlist_free(exit_policy_tokens);
if (area) {
DUMP_AREA(area, "routerinfo");
memarea_drop_all(area);
@@ -1672,12 +1670,11 @@ extrainfo_parse_entry_from_string(const char *s, const char *end,
goto done;
err:
dump_desc(s_dup, "extra-info descriptor");
- if (extrainfo)
- extrainfo_free(extrainfo);
+ extrainfo_free(extrainfo);
extrainfo = NULL;
done:
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
if (area) {
@@ -1848,7 +1845,7 @@ authority_cert_parse_from_string(const char *s, const char **end_of_string)
if (end_of_string) {
*end_of_string = eat_whitespace(eos);
}
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
if (area) {
DUMP_AREA(area, "authority cert");
@@ -1858,7 +1855,7 @@ authority_cert_parse_from_string(const char *s, const char **end_of_string)
err:
dump_desc(s_dup, "authority cert");
authority_cert_free(cert);
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
if (area) {
DUMP_AREA(area, "authority cert");
@@ -2129,7 +2126,7 @@ routerstatus_parse_entry_from_string(memarea_t *area,
routerstatus_free(rs);
rs = NULL;
done:
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_clear(tokens);
if (area) {
DUMP_AREA(area, "routerstatus entry");
@@ -2280,7 +2277,7 @@ networkstatus_v2_parse_from_string(const char *s)
ns->entries = smartlist_create();
s = eos;
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_clear(tokens);
memarea_clear(area);
while (!strcmpstart(s, "r ")) {
@@ -2316,13 +2313,12 @@ networkstatus_v2_parse_from_string(const char *s)
goto done;
err:
dump_desc(s_dup, "v2 networkstatus");
- if (ns)
- networkstatus_v2_free(ns);
+ networkstatus_v2_free(ns);
ns = NULL;
done:
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
- SMARTLIST_FOREACH(footer_tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(footer_tokens, directory_token_t *, t, token_clear(t));
smartlist_free(footer_tokens);
if (area) {
DUMP_AREA(area, "v2 networkstatus");
@@ -2794,12 +2790,11 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
goto done;
err:
dump_desc(s_dup, "v3 networkstatus");
- if (ns)
- networkstatus_vote_free(ns);
+ networkstatus_vote_free(ns);
ns = NULL;
done:
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
if (voter) {
@@ -2814,11 +2809,11 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
tor_free(voter);
}
if (rs_tokens) {
- SMARTLIST_FOREACH(rs_tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(rs_tokens, directory_token_t *, t, token_clear(t));
smartlist_free(rs_tokens);
}
if (footer_tokens) {
- SMARTLIST_FOREACH(footer_tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(footer_tokens, directory_token_t *, t, token_clear(t));
smartlist_free(footer_tokens);
}
if (area) {
@@ -2933,7 +2928,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
}
if (base16_decode(digests->d[alg], DIGEST256_LEN,
hexdigest, strlen(hexdigest)) < 0) {
- log_warn(LD_DIR, "Bad encoding on on consensus-digest in detached "
+ log_warn(LD_DIR, "Bad encoding on consensus-digest in detached "
"networkstatus signatures");
goto err;
}
@@ -3052,7 +3047,7 @@ networkstatus_parse_detached_signatures(const char *s, const char *eos)
ns_detached_signatures_free(sigs);
sigs = NULL;
done:
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
if (area) {
DUMP_AREA(area, "detached signatures");
@@ -3108,7 +3103,7 @@ router_parse_addr_policy_item_from_string(const char *s, int assume_action)
err:
r = NULL;
done:
- token_free(tok);
+ token_clear(tok);
if (area) {
DUMP_AREA(area, "policy item");
memarea_drop_all(area);
@@ -3231,9 +3226,8 @@ assert_addr_policy_ok(smartlist_t *lst)
/** Free all resources allocated for <b>tok</b> */
static void
-token_free(directory_token_t *tok)
+token_clear(directory_token_t *tok)
{
- tor_assert(tok);
if (tok->key)
crypto_free_pk_env(tok->key);
}
@@ -3245,7 +3239,7 @@ token_free(directory_token_t *tok)
#define RET_ERR(msg) \
STMT_BEGIN \
- if (tok) token_free(tok); \
+ if (tok) token_clear(tok); \
tok = ALLOC_ZERO(sizeof(directory_token_t)); \
tok->tp = _ERR; \
tok->error = STRDUP(msg); \
@@ -3523,7 +3517,7 @@ tokenize_string(memarea_t *area,
tok = get_next_token(area, s, end, table);
if (tok->tp == _ERR) {
log_warn(LD_DIR, "parse error: %s", tok->error);
- token_free(tok);
+ token_clear(tok);
return -1;
}
++counts[tok->tp];
@@ -3860,8 +3854,7 @@ microdescs_parse_from_string(const char *s, const char *eos,
md = NULL;
next:
- if (md)
- microdesc_free(md);
+ microdesc_free(md);
memarea_clear(area);
smartlist_clear(tokens);
@@ -4265,12 +4258,11 @@ rend_parse_v2_service_descriptor(rend_service_descriptor_t **parsed_out,
}
goto done;
err:
- if (result)
- rend_service_descriptor_free(result);
+ rend_service_descriptor_free(result);
result = NULL;
done:
if (tokens) {
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
}
if (area)
@@ -4428,7 +4420,7 @@ rend_parse_introduction_points(rend_service_descriptor_t *parsed,
eos = eos+1;
tor_assert(eos <= intro_points_encoded+intro_points_encoded_size);
/* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_clear(tokens);
memarea_clear(area);
/* Tokenize string. */
@@ -4501,7 +4493,7 @@ rend_parse_introduction_points(rend_service_descriptor_t *parsed,
done:
/* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
if (area)
memarea_drop_all(area);
@@ -4540,7 +4532,7 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
else
eos = eos + 1;
/* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_clear(tokens);
memarea_clear(area);
/* Tokenize string. */
@@ -4612,7 +4604,7 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr)
result = -1;
done:
/* Free tokens and clear token list. */
- SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_free(t));
+ SMARTLIST_FOREACH(tokens, directory_token_t *, t, token_clear(t));
smartlist_free(tokens);
if (area)
memarea_drop_all(area);
diff --git a/src/test/test_containers.c b/src/test/test_containers.c
index fc48ac966ae6babdb268d18e8c7b4285d96012d6..efc879b8c28c9038fe8aab5348e0c2523f4937d2 100644
--- a/src/test/test_containers.c
+++ b/src/test/test_containers.c
@@ -515,11 +515,17 @@ test_container_digestset(void)
smartlist_free(included);
}
-/** Helper: return a tristate based on comparing two strings. */
+typedef struct pq_entry_t {
+ const char *val;
+ int idx;
+} pq_entry_t;
+
+/** Helper: return a tristate based on comparing two pq_entry_t values. */
static int
-_compare_strings_for_pqueue(const void *s1, const void *s2)
+_compare_strings_for_pqueue(const void *p1, const void *p2)
{
- return strcmp((const char*)s1, (const char*)s2);
+ const pq_entry_t *e1=p1, *e2=p2;
+ return strcmp(e1->val, e2->val);
}
/** Run unit tests for heap-based priority queue functions. */
@@ -528,50 +534,90 @@ test_container_pqueue(void)
{
smartlist_t *sl = smartlist_create();
int (*cmp)(const void *, const void*);
-#define OK() smartlist_pqueue_assert_ok(sl, cmp)
+ const int offset = STRUCT_OFFSET(pq_entry_t, idx);
+#define ENTRY(s) pq_entry_t s = { #s, -1 }
+ ENTRY(cows);
+ ENTRY(zebras);
+ ENTRY(fish);
+ ENTRY(frogs);
+ ENTRY(apples);
+ ENTRY(squid);
+ ENTRY(daschunds);
+ ENTRY(eggplants);
+ ENTRY(weissbier);
+ ENTRY(lobsters);
+ ENTRY(roquefort);
+ ENTRY(chinchillas);
+ ENTRY(fireflies);
+
+#define OK() smartlist_pqueue_assert_ok(sl, cmp, offset)
cmp = _compare_strings_for_pqueue;
-
- smartlist_pqueue_add(sl, cmp, (char*)"cows");
- smartlist_pqueue_add(sl, cmp, (char*)"zebras");
- smartlist_pqueue_add(sl, cmp, (char*)"fish");
- smartlist_pqueue_add(sl, cmp, (char*)"frogs");
- smartlist_pqueue_add(sl, cmp, (char*)"apples");
- smartlist_pqueue_add(sl, cmp, (char*)"squid");
- smartlist_pqueue_add(sl, cmp, (char*)"daschunds");
- smartlist_pqueue_add(sl, cmp, (char*)"eggplants");
- smartlist_pqueue_add(sl, cmp, (char*)"weissbier");
- smartlist_pqueue_add(sl, cmp, (char*)"lobsters");
- smartlist_pqueue_add(sl, cmp, (char*)"roquefort");
+ smartlist_pqueue_add(sl, cmp, offset, &cows);
+ smartlist_pqueue_add(sl, cmp, offset, &zebras);
+ smartlist_pqueue_add(sl, cmp, offset, &fish);
+ smartlist_pqueue_add(sl, cmp, offset, &frogs);
+ smartlist_pqueue_add(sl, cmp, offset, &apples);
+ smartlist_pqueue_add(sl, cmp, offset, &squid);
+ smartlist_pqueue_add(sl, cmp, offset, &daschunds);
+ smartlist_pqueue_add(sl, cmp, offset, &eggplants);
+ smartlist_pqueue_add(sl, cmp, offset, &weissbier);
+ smartlist_pqueue_add(sl, cmp, offset, &lobsters);
+ smartlist_pqueue_add(sl, cmp, offset, &roquefort);
OK();
test_eq(smartlist_len(sl), 11);
- test_streq(smartlist_get(sl, 0), "apples");
- test_streq(smartlist_pqueue_pop(sl, cmp), "apples");
+ test_eq_ptr(smartlist_get(sl, 0), &apples);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &apples);
test_eq(smartlist_len(sl), 10);
OK();
- test_streq(smartlist_pqueue_pop(sl, cmp), "cows");
- test_streq(smartlist_pqueue_pop(sl, cmp), "daschunds");
- smartlist_pqueue_add(sl, cmp, (char*)"chinchillas");
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &cows);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &daschunds);
+ smartlist_pqueue_add(sl, cmp, offset, &chinchillas);
+ OK();
+ smartlist_pqueue_add(sl, cmp, offset, &fireflies);
+ OK();
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &chinchillas);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &eggplants);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &fireflies);
+ OK();
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &fish);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &frogs);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &lobsters);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &roquefort);
+ OK();
+ test_eq(smartlist_len(sl), 3);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &squid);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &weissbier);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &zebras);
+ test_eq(smartlist_len(sl), 0);
OK();
- smartlist_pqueue_add(sl, cmp, (char*)"fireflies");
+
+ /* Now test remove. */
+ smartlist_pqueue_add(sl, cmp, offset, &cows);
+ smartlist_pqueue_add(sl, cmp, offset, &fish);
+ smartlist_pqueue_add(sl, cmp, offset, &frogs);
+ smartlist_pqueue_add(sl, cmp, offset, &apples);
+ smartlist_pqueue_add(sl, cmp, offset, &squid);
+ smartlist_pqueue_add(sl, cmp, offset, &zebras);
+ test_eq(smartlist_len(sl), 6);
OK();
- test_streq(smartlist_pqueue_pop(sl, cmp), "chinchillas");
- test_streq(smartlist_pqueue_pop(sl, cmp), "eggplants");
- test_streq(smartlist_pqueue_pop(sl, cmp), "fireflies");
+ smartlist_pqueue_remove(sl, cmp, offset, &zebras);
+ test_eq(smartlist_len(sl), 5);
OK();
- test_streq(smartlist_pqueue_pop(sl, cmp), "fish");
- test_streq(smartlist_pqueue_pop(sl, cmp), "frogs");
- test_streq(smartlist_pqueue_pop(sl, cmp), "lobsters");
- test_streq(smartlist_pqueue_pop(sl, cmp), "roquefort");
+ smartlist_pqueue_remove(sl, cmp, offset, &cows);
+ test_eq(smartlist_len(sl), 4);
OK();
+ smartlist_pqueue_remove(sl, cmp, offset, &apples);
test_eq(smartlist_len(sl), 3);
- test_streq(smartlist_pqueue_pop(sl, cmp), "squid");
- test_streq(smartlist_pqueue_pop(sl, cmp), "weissbier");
- test_streq(smartlist_pqueue_pop(sl, cmp), "zebras");
+ OK();
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &fish);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &frogs);
+ test_eq_ptr(smartlist_pqueue_pop(sl, cmp, offset), &squid);
test_eq(smartlist_len(sl), 0);
OK();
+
#undef OK
done:
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 51b788e725720a04dff3534e9152f75655b692c3..ba0f8cdf2db7345da0d7c84d211e2db2b3212493 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -1023,9 +1023,38 @@ test_util_strtok(void)
;
}
+static void
+test_util_find_str_at_start_of_line(void *ptr)
+{
+ const char *long_string =
+ "hello world. hello world. hello hello. howdy.\n"
+ "hello hello world\n";
+
+ (void)ptr;
+
+ /* not-found case. */
+ tt_assert(! find_str_at_start_of_line(long_string, "fred"));
+
+ /* not-found case where haystack doesn't end with \n */
+ tt_assert(! find_str_at_start_of_line("foobar\nbaz", "fred"));
+
+ /* start-of-string case */
+ tt_assert(long_string ==
+ find_str_at_start_of_line(long_string, "hello world."));
+
+ /* start-of-line case */
+ tt_assert(strchr(long_string,'\n')+1 ==
+ find_str_at_start_of_line(long_string, "hello hello"));
+ done:
+ ;
+}
+
#define UTIL_LEGACY(name) \
{ #name, legacy_test_helper, 0, &legacy_setup, test_util_ ## name }
+#define UTIL_TEST(name, flags) \
+ { #name, test_util_ ## name, flags, NULL, NULL }
+
struct testcase_t util_tests[] = {
UTIL_LEGACY(time),
UTIL_LEGACY(config_line),
@@ -1040,6 +1069,7 @@ struct testcase_t util_tests[] = {
UTIL_LEGACY(threads),
UTIL_LEGACY(sscanf),
UTIL_LEGACY(strtok),
+ UTIL_TEST(find_str_at_start_of_line, 0),
END_OF_TESTCASES
};
diff --git a/src/tools/Makefile.am b/src/tools/Makefile.am
index b1e8bafb26e1e9d1292e379e8f57c297ebd60610..39c8277ccd8754fb930e2b083879cc025c76b0ba 100644
--- a/src/tools/Makefile.am
+++ b/src/tools/Makefile.am
@@ -3,16 +3,16 @@ noinst_PROGRAMS = tor-checkkey
tor_resolve_SOURCES = tor-resolve.c
tor_resolve_LDFLAGS = @TOR_LDFLAGS_libevent@
-tor_resolve_LDADD = ../common/libor.a @TOR_LIB_WS32@
+tor_resolve_LDADD = ../common/libor.a -lm @TOR_LIB_WS32@
tor_gencert_SOURCES = tor-gencert.c
tor_gencert_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ \
@TOR_LDFLAGS_libevent@
tor_gencert_LDADD = ../common/libor.a ../common/libor-crypto.a \
- -lz -lcrypto @TOR_LIB_WS32@ @TOR_LIB_GDI@
+ -lm -lz -lcrypto @TOR_LIB_WS32@ @TOR_LIB_GDI@
tor_checkkey_SOURCES = tor-checkkey.c
tor_checkkey_LDFLAGS = @TOR_LDFLAGS_zlib@ @TOR_LDFLAGS_openssl@ \
@TOR_LDFLAGS_libevent@
tor_checkkey_LDADD = ../common/libor.a ../common/libor-crypto.a \
- -lz -lcrypto @TOR_LIB_WS32@ @TOR_LIB_GDI@
+ -lm -lz -lcrypto @TOR_LIB_WS32@ @TOR_LIB_GDI@
diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h
index 101fd0cad09af426c56296f626cadcf4e064015b..67e21ae22b66de154d08ca289e621c3c35585849 100644
--- a/src/win32/orconfig.h
+++ b/src/win32/orconfig.h
@@ -226,7 +226,5 @@
#define USING_TWOS_COMPLEMENT
/* Version number of package */
-#define VERSION "0.2.2.6-alpha"
-
-
+#define VERSION "0.2.2.7-alpha"