June 2018 - tor-commits - lists.torproject.org

[tor/master] Merge branch 'split_or_h'
by nickm＠torproject.org 18 Jun '18

18 Jun '18

1 0

[tor/master] Make server_port_cfg_t and port_cfg_t into separate headers.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit df9a3fe86f6dfabbe5ae777c3e60ec91edf09d23 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 14 16:41:54 2018 -0400 Make server_port_cfg_t and port_cfg_t into separate headers. --- src/or/config.c | 2 ++ src/or/connection.c | 2 ++ src/or/include.am | 2 ++ src/or/main.c | 2 ++ src/or/or.h | 32 ++------------------------------ src/or/policies.c | 2 ++ src/or/port_cfg_st.h | 35 +++++++++++++++++++++++++++++++++++ src/or/router.c | 2 ++ src/or/server_port_cfg_st.h | 20 ++++++++++++++++++++ src/test/test_config.c | 1 + src/test/test_dir.c | 2 ++ src/test/test_policy.c | 2 ++ 12 files changed, 74 insertions(+), 30 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index 94a58f348..51ecca431 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -116,6 +116,8 @@ #include "dirauth/dirvote.h" #include "dirauth/mode.h" +#include "port_cfg_st.h" + #ifdef HAVE_SYSTEMD # if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__) /* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse diff --git a/src/or/connection.c b/src/or/connection.c index 5185b45b1..0f6498225 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -113,6 +113,8 @@ #include <sys/un.h> #endif +#include "port_cfg_st.h" + static connection_t *connection_listener_new( const struct sockaddr *listensockaddr, socklen_t listensocklen, int type, diff --git a/src/or/include.am b/src/or/include.am index c38e677a6..1dc6c79ca 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -246,6 +246,7 @@ ORHEADERS = \ src/or/transports.h \ src/or/parsecommon.h \ src/or/periodic.h \ + src/or/port_cfg_st.h \ src/or/policies.h \ src/or/protover.h \ src/or/proto_cell.h \ @@ -270,6 +271,7 @@ ORHEADERS = \ src/or/routerset.h \ src/or/routerparse.h \ src/or/scheduler.h \ + src/or/server_port_cfg_st.h \ src/or/shared_random_client.h \ src/or/statefile.h \ src/or/status.h \ diff --git a/src/or/main.c b/src/or/main.c index 9dce158b3..1f6d16a19 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -122,6 +122,8 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "port_cfg_st.h" + #ifdef HAVE_SYSTEMD # if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__) /* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse diff --git a/src/or/or.h b/src/or/or.h index 5321c81c8..6c54c2752 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1248,15 +1248,7 @@ typedef struct { typedef struct socks_request_t socks_request_t; typedef struct entry_port_cfg_t entry_port_cfg_t; - -typedef struct server_port_cfg_t { - /* Server port types (or, dir) only: */ - unsigned int no_advertise : 1; - unsigned int no_listen : 1; - unsigned int all_addrs : 1; - unsigned int bind_ipv4_only : 1; - unsigned int bind_ipv6_only : 1; -} server_port_cfg_t; +typedef struct server_port_cfg_t server_port_cfg_t; /* Values for connection_t.magic: used to make sure that downcasts (casts from * connection_t to foo_connection_t) are safe. */ @@ -3585,27 +3577,7 @@ static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT( /** First automatically allocated session group number */ #define SESSION_GROUP_FIRST_AUTO -4 -/** Configuration for a single port that we're listening on. */ -typedef struct port_cfg_t { - tor_addr_t addr; /**< The actual IP to listen on, if !is_unix_addr. */ - int port; /**< The configured port, or CFG_AUTO_PORT to tell Tor to pick its - * own port. */ - uint8_t type; /**< One of CONN_TYPE_*_LISTENER */ - unsigned is_unix_addr : 1; /**< True iff this is an AF_UNIX address. */ - - unsigned is_group_writable : 1; - unsigned is_world_writable : 1; - unsigned relax_dirmode_check : 1; - - entry_port_cfg_t entry_cfg; - - server_port_cfg_t server_cfg; - - /* Unix sockets only: */ - /** Path for an AF_UNIX address */ - char unix_addr[FLEXIBLE_ARRAY_MEMBER]; -} port_cfg_t; - +typedef struct port_cfg_t port_cfg_t; typedef struct routerset_t routerset_t; /** A magic value for the (Socks|OR|...)Port options below, telling Tor diff --git a/src/or/policies.c b/src/or/policies.c index 1210ca687..a78e8a1c8 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -30,6 +30,8 @@ #include "geoip.h" #include "ht.h" +#include "port_cfg_st.h" + /** Policy that addresses for incoming SOCKS connections must match. */ static smartlist_t *socks_policy = NULL; /** Policy that addresses for incoming directory connections must match. */ diff --git a/src/or/port_cfg_st.h b/src/or/port_cfg_st.h new file mode 100644 index 000000000..8b6b018c5 --- /dev/null +++ b/src/or/port_cfg_st.h @@ -0,0 +1,35 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef PORT_CFG_ST_H +#define PORT_CFG_ST_H + +#include "entry_port_cfg_st.h" +#include "server_port_cfg_st.h" + +/** Configuration for a single port that we're listening on. */ +struct port_cfg_t { + tor_addr_t addr; /**< The actual IP to listen on, if !is_unix_addr. */ + int port; /**< The configured port, or CFG_AUTO_PORT to tell Tor to pick its + * own port. */ + uint8_t type; /**< One of CONN_TYPE_*_LISTENER */ + unsigned is_unix_addr : 1; /**< True iff this is an AF_UNIX address. */ + + unsigned is_group_writable : 1; + unsigned is_world_writable : 1; + unsigned relax_dirmode_check : 1; + + entry_port_cfg_t entry_cfg; + + server_port_cfg_t server_cfg; + + /* Unix sockets only: */ + /** Path for an AF_UNIX address */ + char unix_addr[FLEXIBLE_ARRAY_MEMBER]; +}; + +#endif + diff --git a/src/or/router.c b/src/or/router.c index 3879863e8..9eaef4460 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -39,6 +39,8 @@ #include "dirauth/mode.h" +#include "port_cfg_st.h" + /** * \file router.c * \brief Miscellaneous relay functionality, including RSA key maintenance, diff --git a/src/or/server_port_cfg_st.h b/src/or/server_port_cfg_st.h new file mode 100644 index 000000000..7a6a0a53f --- /dev/null +++ b/src/or/server_port_cfg_st.h @@ -0,0 +1,20 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef SERVER_PORT_CFG_ST_H +#define SERVER_PORT_CFG_ST_H + +struct server_port_cfg_t { + /* Server port types (or, dir) only: */ + unsigned int no_advertise : 1; + unsigned int no_listen : 1; + unsigned int all_addrs : 1; + unsigned int bind_ipv4_only : 1; + unsigned int bind_ipv6_only : 1; +}; + +#endif + diff --git a/src/test/test_config.c b/src/test/test_config.c index 461aa646d..e8bfe9e12 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -43,6 +43,7 @@ #include "statefile.h" #include "test_helpers.h" +#include "port_cfg_st.h" static void test_config_addressmap(void *arg) diff --git a/src/test/test_dir.c b/src/test/test_dir.c index 0106e40d9..538fb8db1 100644 --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@ -44,6 +44,8 @@ #include "log_test_helpers.h" #include "voting_schedule.h" +#include "port_cfg_st.h" + #define NS_MODULE dir static void diff --git a/src/test/test_policy.c b/src/test/test_policy.c index e89d49aaf..e55452d3e 100644 --- a/src/test/test_policy.c +++ b/src/test/test_policy.c @@ -10,6 +10,8 @@ #include "policies.h" #include "test.h" +#include "port_cfg_st.h" + /* Helper: assert that short_policy parses and writes back out as itself, or as expected if that's provided. */ static void

1 0

[tor/master] Split entry and edge_connection_t into their own headers.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 5d5c442e6ad726382c7b8efc0e999825a783bd9e Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:07:17 2018 -0400 Split entry and edge_connection_t into their own headers. --- src/or/addressmap.c | 2 + src/or/circuitbuild.c | 2 + src/or/circuitlist.c | 2 + src/or/circuituse.c | 2 + src/or/connection.c | 1 + src/or/connection_edge.c | 26 ++++++ src/or/connection_edge.h | 6 +- src/or/control.c | 2 + src/or/directory.c | 1 + src/or/dns.c | 3 + src/or/dnsserv.c | 3 + src/or/edge_connection_st.h | 75 ++++++++++++++++ src/or/entry_connection_st.h | 100 ++++++++++++++++++++++ src/or/hs_client.c | 2 + src/or/hs_common.c | 2 + src/or/hs_service.c | 2 + src/or/include.am | 2 + src/or/main.c | 1 + src/or/or.h | 174 +------------------------------------- src/or/relay.c | 2 + src/or/rendclient.c | 2 + src/or/rendservice.c | 2 + src/test/fuzz/fuzz_http_connect.c | 2 + src/test/test_connection.c | 3 + src/test/test_dns.c | 2 + src/test/test_entryconn.c | 2 + src/test/test_hs_client.c | 2 + src/test/test_oom.c | 2 + src/test/test_relaycell.c | 2 + 29 files changed, 256 insertions(+), 173 deletions(-) diff --git a/src/or/addressmap.c b/src/or/addressmap.c index 7f861e4d2..9808b7bdd 100644 --- a/src/or/addressmap.c +++ b/src/or/addressmap.c @@ -26,6 +26,8 @@ #include "nodelist.h" #include "routerset.h" +#include "entry_connection_st.h" + /** A client-side struct to remember requests to rewrite addresses * to new addresses. These structs are stored in the hash table * "addressmap" below. diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 3d1c9c1ab..883f93074 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -65,6 +65,8 @@ #include "routerset.h" #include "transports.h" +#include "entry_connection_st.h" + static channel_t * channel_connect_for_circuit(const tor_addr_t *addr, uint16_t port, const char *id_digest, diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 45fff7cc1..e0ee28428 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -91,6 +91,8 @@ #include "ht.h" +#include "edge_connection_st.h" + /********* START VARIABLES **********/ /** A global list of all circuits at this hop. */ diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 8e007ce92..5494bf94e 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -56,6 +56,8 @@ #include "router.h" #include "routerlist.h" +#include "entry_connection_st.h" + static void circuit_expire_old_circuits_clientside(void); static void circuit_increment_failure_count(void); diff --git a/src/or/connection.c b/src/or/connection.c index 0f6498225..fb16ac7b5 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -113,6 +113,7 @@ #include <sys/un.h> #endif +#include "entry_connection_st.h" #include "port_cfg_st.h" static connection_t *connection_listener_new( diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 046369af6..4bd50398b 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -97,6 +97,8 @@ #include "routerset.h" #include "circuitbuild.h" +#include "entry_connection_st.h" + #ifdef HAVE_LINUX_TYPES_H #include <linux/types.h> #endif @@ -137,6 +139,30 @@ static int connection_exit_connect_dir(edge_connection_t *exitconn); static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port); static int connection_ap_supports_optimistic_data(const entry_connection_t *); +/** Convert a connection_t* to an edge_connection_t*; assert if the cast is + * invalid. */ +edge_connection_t * +TO_EDGE_CONN(connection_t *c) +{ + tor_assert(c->magic == EDGE_CONNECTION_MAGIC || + c->magic == ENTRY_CONNECTION_MAGIC); + return DOWNCAST(edge_connection_t, c); +} + +entry_connection_t * +TO_ENTRY_CONN(connection_t *c) +{ + tor_assert(c->magic == ENTRY_CONNECTION_MAGIC); + return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_.base_); +} + +entry_connection_t * +EDGE_TO_ENTRY_CONN(edge_connection_t *c) +{ + tor_assert(c->base_.magic == ENTRY_CONNECTION_MAGIC); + return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_); +} + /** An AP stream has failed/finished. If it hasn't already sent back * a socks reply, send one now (based on endreason). Also set * has_sent_end to 1, and mark the conn. diff --git a/src/or/connection_edge.h b/src/or/connection_edge.h index c6583d384..27d2c8614 100644 --- a/src/or/connection_edge.h +++ b/src/or/connection_edge.h @@ -14,7 +14,11 @@ #include "testsupport.h" -#define connection_mark_unattached_ap(conn, endreason) \ +edge_connection_t *TO_EDGE_CONN(connection_t *); +entry_connection_t *TO_ENTRY_CONN(connection_t *); +entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *); + +#define connection_mark_unattached_ap(conn, endreason) \ connection_mark_unattached_ap_((conn), (endreason), __LINE__, SHORT_FILE__) MOCK_DECL(void,connection_mark_unattached_ap_, diff --git a/src/or/control.c b/src/or/control.c index 0d637dce7..7efa6d73b 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -81,6 +81,8 @@ #include "routerparse.h" #include "shared_random_client.h" +#include "entry_connection_st.h" + #ifndef _WIN32 #include <pwd.h> #include <sys/resource.h> diff --git a/src/or/directory.c b/src/or/directory.c index a65f1fb14..7321a97fc 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -54,6 +54,7 @@ #include "dirauth/shared_random.h" #include "dir_server_st.h" +#include "entry_connection_st.h" /** * \file directory.c diff --git a/src/or/dns.c b/src/or/dns.c index ba734ed90..422751553 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -64,6 +64,9 @@ #include "router.h" #include "ht.h" #include "sandbox.h" + +#include "edge_connection_st.h" + #include <event2/event.h> #include <event2/dns.h> diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index 7e344deea..39c96ee00 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -29,6 +29,9 @@ #include "control.h" #include "main.h" #include "policies.h" + +#include "entry_connection_st.h" + #include <event2/dns.h> #include <event2/dns_compat.h> /* XXXX this implies we want an improved evdns */ diff --git a/src/or/edge_connection_st.h b/src/or/edge_connection_st.h new file mode 100644 index 000000000..3cffdea32 --- /dev/null +++ b/src/or/edge_connection_st.h @@ -0,0 +1,75 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef EDGE_CONNECTION_ST_H +#define EDGE_CONNECTION_ST_H + +#include "or.h" + +/** Subtype of connection_t for an "edge connection" -- that is, an entry (ap) + * connection, or an exit. */ +struct edge_connection_t { + connection_t base_; + + struct edge_connection_t *next_stream; /**< Points to the next stream at this + * edge, if any */ + int package_window; /**< How many more relay cells can I send into the + * circuit? */ + int deliver_window; /**< How many more relay cells can end at me? */ + + struct circuit_t *on_circuit; /**< The circuit (if any) that this edge + * connection is using. */ + + /** A pointer to which node in the circ this conn exits at. Set for AP + * connections and for hidden service exit connections. */ + struct crypt_path_t *cpath_layer; + /** What rendezvous service are we querying for (if an AP) or providing (if + * an exit)? */ + rend_data_t *rend_data; + + /* Hidden service connection identifier for edge connections. Used by the HS + * client-side code to identify client SOCKS connections and by the + * service-side code to match HS circuits with their streams. */ + struct hs_ident_edge_conn_t *hs_ident; + + uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit + * connection. Exit connections only. */ + uint32_t begincell_flags; /** Flags sent or received in the BEGIN cell + * for this connection */ + + streamid_t stream_id; /**< The stream ID used for this edge connection on its + * circuit */ + + /** The reason why this connection is closing; passed to the controller. */ + uint16_t end_reason; + + /** Bytes read since last call to control_event_stream_bandwidth_used() */ + uint32_t n_read; + + /** Bytes written since last call to control_event_stream_bandwidth_used() */ + uint32_t n_written; + + /** True iff this connection is for a DNS request only. */ + unsigned int is_dns_request:1; + /** True iff this connection is for a PTR DNS request. (exit only) */ + unsigned int is_reverse_dns_lookup:1; + + unsigned int edge_has_sent_end:1; /**< For debugging; only used on edge + * connections. Set once we've set the stream end, + * and check in connection_about_to_close_connection(). + */ + /** True iff we've blocked reading until the circuit has fewer queued + * cells. */ + unsigned int edge_blocked_on_circ:1; + + /** Unique ID for directory requests; this used to be in connection_t, but + * that's going away and being used on channels instead. We still tag + * edge connections with dirreq_id from circuits, so it's copied here. */ + uint64_t dirreq_id; +}; + +#endif + diff --git a/src/or/entry_connection_st.h b/src/or/entry_connection_st.h new file mode 100644 index 000000000..c3b1ad2ab --- /dev/null +++ b/src/or/entry_connection_st.h @@ -0,0 +1,100 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef ENTRY_CONNECTION_ST_H +#define ENTRY_CONNECTION_ST_H + +#include "edge_connection_st.h" + +/** Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS + * connection, a DNS request, a TransPort connection or a NATD connection */ +struct entry_connection_t { + struct edge_connection_t edge_; + + /** Nickname of planned exit node -- used with .exit support. */ + /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too. + * That's logically part of the UI parts for prop220 though. */ + char *chosen_exit_name; + + socks_request_t *socks_request; /**< SOCKS structure describing request (AP + * only.) */ + + /* === Isolation related, AP only. === */ + entry_port_cfg_t entry_cfg; + /** AP only: The newnym epoch in which we created this connection. */ + unsigned nym_epoch; + + /** AP only: The original requested address before we rewrote it. */ + char *original_dest_address; + /* Other fields to isolate on already exist. The ClientAddr is addr. The + ClientProtocol is a combination of type and socks_request-> + socks_version. SocksAuth is socks_request->username/password. + DestAddr is in socks_request->address. */ + + /** Number of times we've reassigned this application connection to + * a new circuit. We keep track because the timeout is longer if we've + * already retried several times. */ + uint8_t num_socks_retries; + + /** For AP connections only: buffer for data that we have sent + * optimistically, which we might need to re-send if we have to + * retry this connection. */ + struct buf_t *pending_optimistic_data; + /* For AP connections only: buffer for data that we previously sent + * optimistically which we are currently re-sending as we retry this + * connection. */ + struct buf_t *sending_optimistic_data; + + /** If this is a DNSPort connection, this field holds the pending DNS + * request that we're going to try to answer. */ + struct evdns_server_request *dns_server_request; + +#define DEBUGGING_17659 + +#ifdef DEBUGGING_17659 + uint16_t marked_pending_circ_line; + const char *marked_pending_circ_file; +#endif + +#define NUM_CIRCUITS_LAUNCHED_THRESHOLD 10 + /** Number of times we've launched a circuit to handle this stream. If + * it gets too high, that could indicate an inconsistency between our + * "launch a circuit to handle this stream" logic and our "attach our + * stream to one of the available circuits" logic. */ + unsigned int num_circuits_launched:4; + + /** True iff this stream must attach to a one-hop circuit (e.g. for + * begin_dir). */ + unsigned int want_onehop:1; + /** True iff this stream should use a BEGIN_DIR relay command to establish + * itself rather than BEGIN (either via onehop or via a whole circuit). */ + unsigned int use_begindir:1; + + /** For AP connections only. If 1, and we fail to reach the chosen exit, + * stop requiring it. */ + unsigned int chosen_exit_optional:1; + /** For AP connections only. If non-zero, this exit node was picked as + * a result of the TrackHostExit, and the value decrements every time + * we fail to complete a circuit to our chosen exit -- if it reaches + * zero, abandon the associated mapaddress. */ + unsigned int chosen_exit_retries:3; + + /** True iff this is an AP connection that came from a transparent or + * NATd connection */ + unsigned int is_transparent_ap:1; + + /** For AP connections only: Set if this connection's target exit node + * allows optimistic data (that is, data sent on this stream before + * the exit has sent a CONNECTED cell) and we have chosen to use it. + */ + unsigned int may_use_optimistic_data : 1; +}; + +/** Cast a entry_connection_t subtype pointer to a edge_connection_t **/ +#define ENTRY_TO_EDGE_CONN(c) (&(((c))->edge_)) + +#endif + diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 26e8785d9..8c04026a7 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -35,6 +35,8 @@ #include "router.h" #include "routerset.h" +#include "entry_connection_st.h" + /* Return a human-readable string for the client fetch status code. */ static const char * fetch_status_to_string(hs_client_fetch_status_t status) diff --git a/src/or/hs_common.c b/src/or/hs_common.c index 3081ad216..33c09b53f 100644 --- a/src/or/hs_common.c +++ b/src/or/hs_common.c @@ -33,6 +33,8 @@ #include "shared_random_client.h" #include "dirauth/shared_random_state.h" +#include "edge_connection_st.h" + /* Trunnel */ #include "ed25519_cert.h" diff --git a/src/or/hs_service.c b/src/or/hs_service.c index f1f26954a..44ee7bb66 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -39,6 +39,8 @@ #include "hs_service.h" #include "hs_stats.h" +#include "edge_connection_st.h" + /* Trunnel */ #include "ed25519_cert.h" #include "hs/cell_common.h" diff --git a/src/or/include.am b/src/or/include.am index b6e8e6daf..2c5c759ca 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -211,6 +211,8 @@ ORHEADERS = \ src/or/dns_structs.h \ src/or/dnsserv.h \ src/or/dos.h \ + src/or/edge_connection_st.h \ + src/or/entry_connection_st.h \ src/or/entry_port_cfg_st.h \ src/or/ext_orport.h \ src/or/fallback_dirs.inc \ diff --git a/src/or/main.c b/src/or/main.c index 1f6d16a19..3bbd0a1d4 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -122,6 +122,7 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "entry_connection_st.h" #include "port_cfg_st.h" #ifdef HAVE_SYSTEMD diff --git a/src/or/or.h b/src/or/or.h index bf2efd147..b592484a5 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1639,151 +1639,8 @@ typedef struct or_connection_t { uint64_t bytes_xmitted, bytes_xmitted_by_tls; } or_connection_t; -/** Subtype of connection_t for an "edge connection" -- that is, an entry (ap) - * connection, or an exit. */ -typedef struct edge_connection_t { - connection_t base_; - - struct edge_connection_t *next_stream; /**< Points to the next stream at this - * edge, if any */ - int package_window; /**< How many more relay cells can I send into the - * circuit? */ - int deliver_window; /**< How many more relay cells can end at me? */ - - struct circuit_t *on_circuit; /**< The circuit (if any) that this edge - * connection is using. */ - - /** A pointer to which node in the circ this conn exits at. Set for AP - * connections and for hidden service exit connections. */ - struct crypt_path_t *cpath_layer; - /** What rendezvous service are we querying for (if an AP) or providing (if - * an exit)? */ - rend_data_t *rend_data; - - /* Hidden service connection identifier for edge connections. Used by the HS - * client-side code to identify client SOCKS connections and by the - * service-side code to match HS circuits with their streams. */ - struct hs_ident_edge_conn_t *hs_ident; - - uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit - * connection. Exit connections only. */ - uint32_t begincell_flags; /** Flags sent or received in the BEGIN cell - * for this connection */ - - streamid_t stream_id; /**< The stream ID used for this edge connection on its - * circuit */ - - /** The reason why this connection is closing; passed to the controller. */ - uint16_t end_reason; - - /** Bytes read since last call to control_event_stream_bandwidth_used() */ - uint32_t n_read; - - /** Bytes written since last call to control_event_stream_bandwidth_used() */ - uint32_t n_written; - - /** True iff this connection is for a DNS request only. */ - unsigned int is_dns_request:1; - /** True iff this connection is for a PTR DNS request. (exit only) */ - unsigned int is_reverse_dns_lookup:1; - - unsigned int edge_has_sent_end:1; /**< For debugging; only used on edge - * connections. Set once we've set the stream end, - * and check in connection_about_to_close_connection(). - */ - /** True iff we've blocked reading until the circuit has fewer queued - * cells. */ - unsigned int edge_blocked_on_circ:1; - - /** Unique ID for directory requests; this used to be in connection_t, but - * that's going away and being used on channels instead. We still tag - * edge connections with dirreq_id from circuits, so it's copied here. */ - uint64_t dirreq_id; -} edge_connection_t; - -/** Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS - * connection, a DNS request, a TransPort connection or a NATD connection */ -typedef struct entry_connection_t { - edge_connection_t edge_; - - /** Nickname of planned exit node -- used with .exit support. */ - /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too. - * That's logically part of the UI parts for prop220 though. */ - char *chosen_exit_name; - - socks_request_t *socks_request; /**< SOCKS structure describing request (AP - * only.) */ - - /* === Isolation related, AP only. === */ - entry_port_cfg_t entry_cfg; - /** AP only: The newnym epoch in which we created this connection. */ - unsigned nym_epoch; - - /** AP only: The original requested address before we rewrote it. */ - char *original_dest_address; - /* Other fields to isolate on already exist. The ClientAddr is addr. The - ClientProtocol is a combination of type and socks_request-> - socks_version. SocksAuth is socks_request->username/password. - DestAddr is in socks_request->address. */ - - /** Number of times we've reassigned this application connection to - * a new circuit. We keep track because the timeout is longer if we've - * already retried several times. */ - uint8_t num_socks_retries; - - /** For AP connections only: buffer for data that we have sent - * optimistically, which we might need to re-send if we have to - * retry this connection. */ - struct buf_t *pending_optimistic_data; - /* For AP connections only: buffer for data that we previously sent - * optimistically which we are currently re-sending as we retry this - * connection. */ - struct buf_t *sending_optimistic_data; - - /** If this is a DNSPort connection, this field holds the pending DNS - * request that we're going to try to answer. */ - struct evdns_server_request *dns_server_request; - -#define DEBUGGING_17659 - -#ifdef DEBUGGING_17659 - uint16_t marked_pending_circ_line; - const char *marked_pending_circ_file; -#endif - -#define NUM_CIRCUITS_LAUNCHED_THRESHOLD 10 - /** Number of times we've launched a circuit to handle this stream. If - * it gets too high, that could indicate an inconsistency between our - * "launch a circuit to handle this stream" logic and our "attach our - * stream to one of the available circuits" logic. */ - unsigned int num_circuits_launched:4; - - /** True iff this stream must attach to a one-hop circuit (e.g. for - * begin_dir). */ - unsigned int want_onehop:1; - /** True iff this stream should use a BEGIN_DIR relay command to establish - * itself rather than BEGIN (either via onehop or via a whole circuit). */ - unsigned int use_begindir:1; - - /** For AP connections only. If 1, and we fail to reach the chosen exit, - * stop requiring it. */ - unsigned int chosen_exit_optional:1; - /** For AP connections only. If non-zero, this exit node was picked as - * a result of the TrackHostExit, and the value decrements every time - * we fail to complete a circuit to our chosen exit -- if it reaches - * zero, abandon the associated mapaddress. */ - unsigned int chosen_exit_retries:3; - - /** True iff this is an AP connection that came from a transparent or - * NATd connection */ - unsigned int is_transparent_ap:1; - - /** For AP connections only: Set if this connection's target exit node - * allows optimistic data (that is, data sent on this stream before - * the exit has sent a CONNECTED cell) and we have chosen to use it. - */ - unsigned int may_use_optimistic_data : 1; -} entry_connection_t; +typedef struct edge_connection_t edge_connection_t; +typedef struct entry_connection_t entry_connection_t; /** Subtype of connection_t for an "directory connection" -- that is, an HTTP * connection to retrieve or serve directory material. */ @@ -1873,8 +1730,6 @@ typedef struct control_connection_t { /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) -/** Cast a entry_connection_t subtype pointer to a edge_connection_t **/ -#define ENTRY_TO_EDGE_CONN(c) (&(((c))->edge_)) /** Cast a entry_connection_t subtype pointer to a connection_t **/ #define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c))) @@ -1884,15 +1739,6 @@ static or_connection_t *TO_OR_CONN(connection_t *); /** Convert a connection_t* to a dir_connection_t*; assert if the cast is * invalid. */ static dir_connection_t *TO_DIR_CONN(connection_t *); -/** Convert a connection_t* to an edge_connection_t*; assert if the cast is - * invalid. */ -static edge_connection_t *TO_EDGE_CONN(connection_t *); -/** Convert a connection_t* to an entry_connection_t*; assert if the cast is - * invalid. */ -static entry_connection_t *TO_ENTRY_CONN(connection_t *); -/** Convert a edge_connection_t* to an entry_connection_t*; assert if the cast - * is invalid. */ -static entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *); /** Convert a connection_t* to an control_connection_t*; assert if the cast is * invalid. */ static control_connection_t *TO_CONTROL_CONN(connection_t *); @@ -1910,22 +1756,6 @@ static inline dir_connection_t *TO_DIR_CONN(connection_t *c) tor_assert(c->magic == DIR_CONNECTION_MAGIC); return DOWNCAST(dir_connection_t, c); } -static inline edge_connection_t *TO_EDGE_CONN(connection_t *c) -{ - tor_assert(c->magic == EDGE_CONNECTION_MAGIC || - c->magic == ENTRY_CONNECTION_MAGIC); - return DOWNCAST(edge_connection_t, c); -} -static inline entry_connection_t *TO_ENTRY_CONN(connection_t *c) -{ - tor_assert(c->magic == ENTRY_CONNECTION_MAGIC); - return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_.base_); -} -static inline entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *c) -{ - tor_assert(c->base_.magic == ENTRY_CONNECTION_MAGIC); - return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_); -} static inline control_connection_t *TO_CONTROL_CONN(connection_t *c) { tor_assert(c->magic == CONTROL_CONNECTION_MAGIC); diff --git a/src/or/relay.c b/src/or/relay.c index 50f59d6b9..757613e9d 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -81,6 +81,8 @@ #include "scheduler.h" #include "rephist.h" +#include "entry_connection_st.h" + static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell, cell_direction_t cell_direction, crypt_path_t *layer_hint); diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 7ef12a4fa..c153862e6 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -33,6 +33,8 @@ #include "routerlist.h" #include "routerset.h" +#include "entry_connection_st.h" + static extend_info_t *rend_client_get_random_intro_impl( const rend_cache_entry_t *rend_query, const int strict, const int warnings); diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 92c323b10..4d9309e49 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -36,6 +36,8 @@ #include "routerparse.h" #include "routerset.h" +#include "edge_connection_st.h" + struct rend_service_t; static origin_circuit_t *find_intro_circuit(rend_intro_point_t *intro, const char *pk_digest); diff --git a/src/test/fuzz/fuzz_http_connect.c b/src/test/fuzz/fuzz_http_connect.c index dc674070b..4b1ea8c72 100644 --- a/src/test/fuzz/fuzz_http_connect.c +++ b/src/test/fuzz/fuzz_http_connect.c @@ -15,6 +15,8 @@ #include "proto_socks.h" #include "torlog.h" +#include "entry_connection_st.h" + #include "fuzzing.h" static void diff --git a/src/test/test_connection.c b/src/test/test_connection.c index dc0f6860d..05c4bb7f1 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -11,6 +11,7 @@ #include "test.h" #include "connection.h" +#include "connection_edge.h" #include "hs_common.h" #include "main.h" #include "microdesc.h" @@ -23,6 +24,8 @@ #include "test_connection.h" #include "test_helpers.h" +#include "entry_connection_st.h" + static void * test_conn_get_basic_setup(const struct testcase_t *tc); static int test_conn_get_basic_teardown(const struct testcase_t *tc, void *arg); diff --git a/src/test/test_dns.c b/src/test/test_dns.c index 1fee01d2c..c472b9790 100644 --- a/src/test/test_dns.c +++ b/src/test/test_dns.c @@ -10,6 +10,8 @@ #include "connection.h" #include "router.h" +#include "edge_connection_st.h" + #define NS_MODULE dns #define NS_SUBMODULE clip_ttl diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c index 9d8a072c7..ec8d7196e 100644 --- a/src/test/test_entryconn.c +++ b/src/test/test_entryconn.c @@ -19,6 +19,8 @@ #include "hs_cache.h" #include "rendcache.h" +#include "entry_connection_st.h" + static void * entryconn_rewrite_setup(const struct testcase_t *tc) { diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 50dca588e..0828364e8 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -37,6 +37,8 @@ #include "connection_edge.h" #include "networkstatus.h" +#include "entry_connection_st.h" + static int mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn) { diff --git a/src/test/test_oom.c b/src/test/test_oom.c index abf889645..98935fe45 100644 --- a/src/test/test_oom.c +++ b/src/test/test_oom.c @@ -18,6 +18,8 @@ #include "test.h" #include "test_helpers.h" +#include "entry_connection_st.h" + /* small replacement mock for circuit_mark_for_close_ to avoid doing all * the other bookkeeping that comes with marking circuits. */ static void diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c index 841174982..b4cb9d4bb 100644 --- a/src/test/test_relaycell.c +++ b/src/test/test_relaycell.c @@ -16,6 +16,8 @@ #include "relay.h" #include "test.h" +#include "entry_connection_st.h" + static int srm_ncalls; static entry_connection_t *srm_conn; static int srm_atype;

1 0

[tor/master] Move entry_port_cfg_t into its own header.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 6896ab28b29f614f774fa39145d36586d14d1f22 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 14 16:19:11 2018 -0400 Move entry_port_cfg_t into its own header. --- src/or/entry_port_cfg_st.h | 54 ++++++++++++++++++++++++++++++++++++++++++++++ src/or/include.am | 1 + src/or/or.h | 45 +++++--------------------------------- 3 files changed, 60 insertions(+), 40 deletions(-) diff --git a/src/or/entry_port_cfg_st.h b/src/or/entry_port_cfg_st.h new file mode 100644 index 000000000..0563f2e9f --- /dev/null +++ b/src/or/entry_port_cfg_st.h @@ -0,0 +1,54 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef ENTRY_PORT_CFG_ST_H +#define ENTRY_PORT_CFG_ST_H + +#include "torint.h" +#include "or.h" + +struct entry_port_cfg_t { + /* Client port types (socks, dns, trans, natd) only: */ + uint8_t isolation_flags; /**< Zero or more isolation flags */ + int session_group; /**< A session group, or -1 if this port is not in a + * session group. */ + + /* Socks only: */ + /** When both no-auth and user/pass are advertised by a SOCKS client, select + * no-auth. */ + unsigned int socks_prefer_no_auth : 1; + /** When ISO_SOCKSAUTH is in use, Keep-Alive circuits indefinitely. */ + unsigned int socks_iso_keep_alive : 1; + + /* Client port types only: */ + unsigned int ipv4_traffic : 1; + unsigned int ipv6_traffic : 1; + unsigned int prefer_ipv6 : 1; + unsigned int dns_request : 1; + unsigned int onion_traffic : 1; + + /** For a socks listener: should we cache IPv4/IPv6 DNS information that + * exit nodes tell us? + * + * @{ */ + unsigned int cache_ipv4_answers : 1; + unsigned int cache_ipv6_answers : 1; + /** @} */ + /** For a socks listeners: if we find an answer in our client-side DNS cache, + * should we use it? + * + * @{ */ + unsigned int use_cached_ipv4_answers : 1; + unsigned int use_cached_ipv6_answers : 1; + /** @} */ + /** For socks listeners: When we can automap an address to IPv4 or IPv6, + * do we prefer IPv6? */ + unsigned int prefer_ipv6_virtaddr : 1; + +}; + +#endif + diff --git a/src/or/include.am b/src/or/include.am index 0e2aac4aa..c38e677a6 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -210,6 +210,7 @@ ORHEADERS = \ src/or/dns_structs.h \ src/or/dnsserv.h \ src/or/dos.h \ + src/or/entry_port_cfg_st.h \ src/or/ext_orport.h \ src/or/fallback_dirs.inc \ src/or/fp_pair.h \ diff --git a/src/or/or.h b/src/or/or.h index e106ec66f..5321c81c8 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -84,6 +84,10 @@ #include "util_format.h" #include "hs_circuitmap.h" +// These, more than other includes, are for keeping the other struct +// definitions working. We should remove them when we minimize our includes. +#include "entry_port_cfg_st.h" + /* These signals are defined to help handle_control_signal work. */ #ifndef SIGHUP @@ -1243,46 +1247,7 @@ typedef struct { } relay_header_t; typedef struct socks_request_t socks_request_t; - -typedef struct entry_port_cfg_t { - /* Client port types (socks, dns, trans, natd) only: */ - uint8_t isolation_flags; /**< Zero or more isolation flags */ - int session_group; /**< A session group, or -1 if this port is not in a - * session group. */ - - /* Socks only: */ - /** When both no-auth and user/pass are advertised by a SOCKS client, select - * no-auth. */ - unsigned int socks_prefer_no_auth : 1; - /** When ISO_SOCKSAUTH is in use, Keep-Alive circuits indefinitely. */ - unsigned int socks_iso_keep_alive : 1; - - /* Client port types only: */ - unsigned int ipv4_traffic : 1; - unsigned int ipv6_traffic : 1; - unsigned int prefer_ipv6 : 1; - unsigned int dns_request : 1; - unsigned int onion_traffic : 1; - - /** For a socks listener: should we cache IPv4/IPv6 DNS information that - * exit nodes tell us? - * - * @{ */ - unsigned int cache_ipv4_answers : 1; - unsigned int cache_ipv6_answers : 1; - /** @} */ - /** For a socks listeners: if we find an answer in our client-side DNS cache, - * should we use it? - * - * @{ */ - unsigned int use_cached_ipv4_answers : 1; - unsigned int use_cached_ipv6_answers : 1; - /** @} */ - /** For socks listeners: When we can automap an address to IPv4 or IPv6, - * do we prefer IPv6? */ - unsigned int prefer_ipv6_virtaddr : 1; - -} entry_port_cfg_t; +typedef struct entry_port_cfg_t entry_port_cfg_t; typedef struct server_port_cfg_t { /* Server port types (or, dir) only: */

1 0

[tor/master] Split control_connection_t into its own header.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 3b917b2408748efb2ce84c2725e2e81ee0217e03 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:17:27 2018 -0400 Split control_connection_t into its own header. This one was actually fairly simple. --- src/or/connection.c | 1 + src/or/control.c | 10 ++++++++++ src/or/control.h | 2 ++ src/or/control_connection_st.h | 45 ++++++++++++++++++++++++++++++++++++++++++ src/or/dnsserv.c | 1 + src/or/include.am | 1 + src/or/or.h | 41 +------------------------------------- src/test/test_controller.c | 2 ++ 8 files changed, 63 insertions(+), 40 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index fb16ac7b5..0042d3e0d 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -113,6 +113,7 @@ #include <sys/un.h> #endif +#include "control_connection_st.h" #include "entry_connection_st.h" #include "port_cfg_st.h" diff --git a/src/or/control.c b/src/or/control.c index 7efa6d73b..ba9f26c6b 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -81,6 +81,7 @@ #include "routerparse.h" #include "shared_random_client.h" +#include "control_connection_st.h" #include "entry_connection_st.h" #ifndef _WIN32 @@ -228,6 +229,15 @@ static void flush_queued_events_cb(mainloop_event_t *event, void *arg); static char * download_status_to_string(const download_status_t *dl); static void control_get_bytes_rw_last_sec(uint64_t *r, uint64_t *w); +/** Convert a connection_t* to an control_connection_t*; assert if the cast is + * invalid. */ +control_connection_t * +TO_CONTROL_CONN(connection_t *c) +{ + tor_assert(c->magic == CONTROL_CONNECTION_MAGIC); + return DOWNCAST(control_connection_t, c); +} + /** Given a control event code for a message event, return the corresponding * log severity. */ static inline int diff --git a/src/or/control.h b/src/or/control.h index 92cbf866d..a499e4533 100644 --- a/src/or/control.h +++ b/src/or/control.h @@ -12,6 +12,8 @@ #ifndef TOR_CONTROL_H #define TOR_CONTROL_H +control_connection_t *TO_CONTROL_CONN(connection_t *); + void control_initialize_event_queue(void); void control_update_global_event_mask(void); diff --git a/src/or/control_connection_st.h b/src/or/control_connection_st.h new file mode 100644 index 000000000..2d8efec1f --- /dev/null +++ b/src/or/control_connection_st.h @@ -0,0 +1,45 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef CONTROL_CONNECTION_ST_H +#define CONTROL_CONNECTION_ST_H + +#include "or.h" + +/** Subtype of connection_t for an connection to a controller. */ +struct control_connection_t { + connection_t base_; + + uint64_t event_mask; /**< Bitfield: which events does this controller + * care about? + * EVENT_MAX_ is >31, so we need a 64 bit mask */ + + /** True if we have sent a protocolinfo reply on this connection. */ + unsigned int have_sent_protocolinfo:1; + /** True if we have received a takeownership command on this + * connection. */ + unsigned int is_owning_control_connection:1; + + /** List of ephemeral onion services belonging to this connection. */ + smartlist_t *ephemeral_onion_services; + + /** If we have sent an AUTHCHALLENGE reply on this connection and + * have not received a successful AUTHENTICATE command, points to + * the value which the client must send to authenticate itself; + * otherwise, NULL. */ + char *safecookie_client_hash; + + /** Amount of space allocated in incoming_cmd. */ + uint32_t incoming_cmd_len; + /** Number of bytes currently stored in incoming_cmd. */ + uint32_t incoming_cmd_cur_len; + /** A control command that we're reading from the inbuf, but which has not + * yet arrived completely. */ + char *incoming_cmd; +}; + +#endif + diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index 39c96ee00..46fb8f0a0 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -30,6 +30,7 @@ #include "main.h" #include "policies.h" +#include "control_connection_st.h" #include "entry_connection_st.h" #include <event2/dns.h> diff --git a/src/or/include.am b/src/or/include.am index 2c5c759ca..cff38d0b6 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -202,6 +202,7 @@ ORHEADERS = \ src/or/conscache.h \ src/or/consdiff.h \ src/or/consdiffmgr.h \ + src/or/control_connection_st.h \ src/or/control.h \ src/or/cpuworker.h \ src/or/directory.h \ diff --git a/src/or/or.h b/src/or/or.h index b592484a5..138c5a18d 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1639,6 +1639,7 @@ typedef struct or_connection_t { uint64_t bytes_xmitted, bytes_xmitted_by_tls; } or_connection_t; +typedef struct control_connection_t control_connection_t; typedef struct edge_connection_t edge_connection_t; typedef struct entry_connection_t entry_connection_t; @@ -1695,38 +1696,6 @@ typedef struct dir_connection_t { #endif /* defined(MEASUREMENTS_21206) */ } dir_connection_t; -/** Subtype of connection_t for an connection to a controller. */ -typedef struct control_connection_t { - connection_t base_; - - uint64_t event_mask; /**< Bitfield: which events does this controller - * care about? - * EVENT_MAX_ is >31, so we need a 64 bit mask */ - - /** True if we have sent a protocolinfo reply on this connection. */ - unsigned int have_sent_protocolinfo:1; - /** True if we have received a takeownership command on this - * connection. */ - unsigned int is_owning_control_connection:1; - - /** List of ephemeral onion services belonging to this connection. */ - smartlist_t *ephemeral_onion_services; - - /** If we have sent an AUTHCHALLENGE reply on this connection and - * have not received a successful AUTHENTICATE command, points to - * the value which the client must send to authenticate itself; - * otherwise, NULL. */ - char *safecookie_client_hash; - - /** Amount of space allocated in incoming_cmd. */ - uint32_t incoming_cmd_len; - /** Number of bytes currently stored in incoming_cmd. */ - uint32_t incoming_cmd_cur_len; - /** A control command that we're reading from the inbuf, but which has not - * yet arrived completely. */ - char *incoming_cmd; -} control_connection_t; - /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) @@ -1739,9 +1708,6 @@ static or_connection_t *TO_OR_CONN(connection_t *); /** Convert a connection_t* to a dir_connection_t*; assert if the cast is * invalid. */ static dir_connection_t *TO_DIR_CONN(connection_t *); -/** Convert a connection_t* to an control_connection_t*; assert if the cast is - * invalid. */ -static control_connection_t *TO_CONTROL_CONN(connection_t *); /** Convert a connection_t* to an listener_connection_t*; assert if the cast is * invalid. */ static listener_connection_t *TO_LISTENER_CONN(connection_t *); @@ -1756,11 +1722,6 @@ static inline dir_connection_t *TO_DIR_CONN(connection_t *c) tor_assert(c->magic == DIR_CONNECTION_MAGIC); return DOWNCAST(dir_connection_t, c); } -static inline control_connection_t *TO_CONTROL_CONN(connection_t *c) -{ - tor_assert(c->magic == CONTROL_CONNECTION_MAGIC); - return DOWNCAST(control_connection_t, c); -} static inline listener_connection_t *TO_LISTENER_CONN(connection_t *c) { tor_assert(c->magic == LISTENER_CONNECTION_MAGIC); diff --git a/src/test/test_controller.c b/src/test/test_controller.c index 1a350f66c..6b8edc57c 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -13,6 +13,8 @@ #include "test.h" #include "test_helpers.h" +#include "control_connection_st.h" + static void test_add_onion_helper_keyarg_v3(void *arg) {

1 0

[tor/master] Move dir_server_t into its own header.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 2a574d11ac8747996dcb979b04e38b16c5a0a9de Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Jun 14 16:58:01 2018 -0400 Move dir_server_t into its own header. --- src/or/dir_server_st.h | 54 ++++++++++++++++++++++++++++++++++++++++++ src/or/dirauth/dirvote.c | 2 ++ src/or/directory.c | 2 ++ src/or/include.am | 1 + src/or/networkstatus.c | 2 ++ src/or/nodelist.c | 2 ++ src/or/or.h | 40 +------------------------------ src/or/policies.c | 1 + src/or/router.c | 1 + src/or/routerlist.c | 2 ++ src/test/test_config.c | 2 ++ src/test/test_dir_handle_get.c | 2 ++ src/test/test_shared_random.c | 2 ++ 13 files changed, 74 insertions(+), 39 deletions(-) diff --git a/src/or/dir_server_st.h b/src/or/dir_server_st.h new file mode 100644 index 000000000..d2222c26f --- /dev/null +++ b/src/or/dir_server_st.h @@ -0,0 +1,54 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef DIR_SERVER_ST_H +#define DIR_SERVER_ST_H + +#include "torint.h" +#include "or.h" + +/** Represents information about a single trusted or fallback directory + * server. */ +typedef struct dir_server_t { + char *description; + char *nickname; + char *address; /**< Hostname. */ + /* XX/teor - why do we duplicate the address and port fields here and in + * fake_status? Surely we could just use fake_status (#17867). */ + tor_addr_t ipv6_addr; /**< IPv6 address if present; AF_UNSPEC if not */ + uint32_t addr; /**< IPv4 address. */ + uint16_t dir_port; /**< Directory port. */ + uint16_t or_port; /**< OR port: Used for tunneling connections. */ + uint16_t ipv6_orport; /**< OR port corresponding to ipv6_addr. */ + double weight; /** Weight used when selecting this node at random */ + char digest[DIGEST_LEN]; /**< Digest of identity key. */ + char v3_identity_digest[DIGEST_LEN]; /**< Digest of v3 (authority only, + * high-security) identity key. */ + + unsigned int is_running:1; /**< True iff we think this server is running. */ + unsigned int is_authority:1; /**< True iff this is a directory authority + * of some kind. */ + + /** True iff this server has accepted the most recent server descriptor + * we tried to upload to it. */ + unsigned int has_accepted_serverdesc:1; + + /** What kind of authority is this? (Bitfield.) */ + dirinfo_type_t type; + + time_t addr_current_at; /**< When was the document that we derived the + * address information from published? */ + + routerstatus_t fake_status; /**< Used when we need to pass this trusted + * dir_server_t to + * directory_request_set_routerstatus. + * as a routerstatus_t. Not updated by the + * router-status management code! + **/ +} dir_server_t; + +#endif + diff --git a/src/or/dirauth/dirvote.c b/src/or/dirauth/dirvote.c index b097b10cf..3a2df5ee6 100644 --- a/src/or/dirauth/dirvote.c +++ b/src/or/dirauth/dirvote.c @@ -28,6 +28,8 @@ #include "dirauth/mode.h" #include "dirauth/shared_random_state.h" +#include "dir_server_st.h" + /** * \file dirvote.c * \brief Functions to compute directory consensus, and schedule voting. diff --git a/src/or/directory.c b/src/or/directory.c index c7da80490..a65f1fb14 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -53,6 +53,8 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "dir_server_st.h" + /** * \file directory.c * \brief Code to send and fetch information from directory authorities and diff --git a/src/or/include.am b/src/or/include.am index 1dc6c79ca..b6e8e6daf 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -206,6 +206,7 @@ ORHEADERS = \ src/or/cpuworker.h \ src/or/directory.h \ src/or/dirserv.h \ + src/or/dir_server_st.h \ src/or/dns.h \ src/or/dns_structs.h \ src/or/dnsserv.h \ diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 998eaf74e..3ed6e3d6c 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -74,6 +74,8 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "dir_server_st.h" + /** Most recently received and validated v3 "ns"-flavored consensus network * status. */ STATIC networkstatus_t *current_ns_consensus = NULL; diff --git a/src/or/nodelist.c b/src/or/nodelist.c index bc9a79940..4d67904c8 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -68,6 +68,8 @@ #include "dirauth/mode.h" +#include "dir_server_st.h" + static void nodelist_drop_node(node_t *node, int remove_from_ht); #define node_free(val) \ FREE_AND_NULL(node_t, node_free_, (val)) diff --git a/src/or/or.h b/src/or/or.h index 6c54c2752..bf2efd147 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -5314,45 +5314,7 @@ typedef struct rend_service_descriptor_t { /********************************* routerlist.c ***************************/ -/** Represents information about a single trusted or fallback directory - * server. */ -typedef struct dir_server_t { - char *description; - char *nickname; - char *address; /**< Hostname. */ - /* XX/teor - why do we duplicate the address and port fields here and in - * fake_status? Surely we could just use fake_status (#17867). */ - tor_addr_t ipv6_addr; /**< IPv6 address if present; AF_UNSPEC if not */ - uint32_t addr; /**< IPv4 address. */ - uint16_t dir_port; /**< Directory port. */ - uint16_t or_port; /**< OR port: Used for tunneling connections. */ - uint16_t ipv6_orport; /**< OR port corresponding to ipv6_addr. */ - double weight; /** Weight used when selecting this node at random */ - char digest[DIGEST_LEN]; /**< Digest of identity key. */ - char v3_identity_digest[DIGEST_LEN]; /**< Digest of v3 (authority only, - * high-security) identity key. */ - - unsigned int is_running:1; /**< True iff we think this server is running. */ - unsigned int is_authority:1; /**< True iff this is a directory authority - * of some kind. */ - - /** True iff this server has accepted the most recent server descriptor - * we tried to upload to it. */ - unsigned int has_accepted_serverdesc:1; - - /** What kind of authority is this? (Bitfield.) */ - dirinfo_type_t type; - - time_t addr_current_at; /**< When was the document that we derived the - * address information from published? */ - - routerstatus_t fake_status; /**< Used when we need to pass this trusted - * dir_server_t to - * directory_request_set_routerstatus. - * as a routerstatus_t. Not updated by the - * router-status management code! - **/ -} dir_server_t; +typedef struct dir_server_t dir_server_t; #define RELAY_REQUIRED_MIN_BANDWIDTH (75*1024) #define BRIDGE_REQUIRED_MIN_BANDWIDTH (50*1024) diff --git a/src/or/policies.c b/src/or/policies.c index a78e8a1c8..51dc83827 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -30,6 +30,7 @@ #include "geoip.h" #include "ht.h" +#include "dir_server_st.h" #include "port_cfg_st.h" /** Policy that addresses for incoming SOCKS connections must match. */ diff --git a/src/or/router.c b/src/or/router.c index 9eaef4460..c361e21a5 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -39,6 +39,7 @@ #include "dirauth/mode.h" +#include "dir_server_st.h" #include "port_cfg_st.h" /** diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 8788dc019..015b1012a 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -125,6 +125,8 @@ #include "dirauth/dirvote.h" #include "dirauth/mode.h" +#include "dir_server_st.h" + // #define DEBUG_ROUTERLIST /****************************************************************************/ diff --git a/src/test/test_config.c b/src/test/test_config.c index e8bfe9e12..2b761d2ba 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -43,6 +43,8 @@ #include "statefile.h" #include "test_helpers.h" + +#include "dir_server_st.h" #include "port_cfg_st.h" static void diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 688d26bdc..4338bba65 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -34,6 +34,8 @@ #include "log_test_helpers.h" #include "voting_schedule.h" +#include "dir_server_st.h" + #ifdef _WIN32 /* For mkdir() */ #include <direct.h> diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c index f6ab0dfab..baafb9813 100644 --- a/src/test/test_shared_random.c +++ b/src/test/test_shared_random.c @@ -22,6 +22,8 @@ #include "shared_random_client.h" #include "voting_schedule.h" +#include "dir_server_st.h" + static authority_cert_t *mock_cert; static authority_cert_t *

1 0

[tor/master] Split dir_connection_t into its own header
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 1416f54d1eb2651e6b82ccbe35585ce71378de8a Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:31:21 2018 -0400 Split dir_connection_t into its own header --- src/or/circuitlist.c | 2 ++ src/or/circuituse.c | 2 ++ src/or/connection.c | 8 ++++++ src/or/connection.h | 11 ++------ src/or/connection_edge.c | 1 + src/or/dir_connection_st.h | 64 ++++++++++++++++++++++++++++++++++++++++++ src/or/directory.c | 10 +++++++ src/or/directory.h | 1 + src/or/dirserv.c | 2 ++ src/or/hs_client.c | 1 + src/or/hs_service.c | 1 + src/or/include.am | 1 + src/or/networkstatus.c | 1 + src/or/or.h | 62 +--------------------------------------- src/or/relay.c | 2 ++ src/or/rendclient.c | 1 + src/or/router.c | 1 + src/or/routerlist.c | 1 + src/test/fuzz/fuzz_http.c | 2 ++ src/test/test_connection.c | 1 + src/test/test_dir_handle_get.c | 1 + src/test/test_entrynodes.c | 2 ++ src/test/test_hs_cache.c | 2 ++ src/test/test_hs_client.c | 1 + src/test/test_oos.c | 2 ++ src/test/test_routerlist.c | 3 ++ 26 files changed, 116 insertions(+), 70 deletions(-) diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index e0ee28428..1a3f3a229 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -67,6 +67,7 @@ #include "control.h" #include "crypto_rand.h" #include "crypto_util.h" +#include "directory.h" #include "entrynodes.h" #include "main.h" #include "hs_circuit.h" @@ -91,6 +92,7 @@ #include "ht.h" +#include "dir_connection_st.h" #include "edge_connection_st.h" /********* START VARIABLES **********/ diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 5494bf94e..45eeff433 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -40,6 +40,7 @@ #include "connection.h" #include "connection_edge.h" #include "control.h" +#include "directory.h" #include "entrynodes.h" #include "hs_common.h" #include "hs_client.h" @@ -56,6 +57,7 @@ #include "router.h" #include "routerlist.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" static void circuit_expire_old_circuits_clientside(void); diff --git a/src/or/connection.c b/src/or/connection.c index 0042d3e0d..8c7341992 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -113,6 +113,7 @@ #include <sys/un.h> #endif +#include "dir_connection_st.h" #include "control_connection_st.h" #include "entry_connection_st.h" #include "port_cfg_st.h" @@ -4112,6 +4113,13 @@ connection_write_to_buf_impl_,(const char *string, size_t len, connection_write_to_buf_commit(conn, written); } +void +connection_buf_add_compress(const char *string, size_t len, + dir_connection_t *conn, int done) +{ + connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1); +} + /** * Add all bytes from buf to conn's outbuf, draining them * from buf. (If the connection is marked and will soon be closed, diff --git a/src/or/connection.h b/src/or/connection.h index ad3129c9d..59720ce3b 100644 --- a/src/or/connection.h +++ b/src/or/connection.h @@ -150,20 +150,13 @@ MOCK_DECL(void, connection_write_to_buf_impl_, /* DOCDOC connection_write_to_buf */ static void connection_buf_add(const char *string, size_t len, connection_t *conn); -/* DOCDOC connection_write_to_buf_compress */ -static void connection_buf_add_compress(const char *string, size_t len, - dir_connection_t *conn, int done); static inline void connection_buf_add(const char *string, size_t len, connection_t *conn) { connection_write_to_buf_impl_(string, len, conn, 0); } -static inline void -connection_buf_add_compress(const char *string, size_t len, - dir_connection_t *conn, int done) -{ - connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1); -} +void connection_buf_add_compress(const char *string, size_t len, + dir_connection_t *conn, int done); void connection_buf_add_buf(connection_t *conn, buf_t *buf); /* DOCDOC connection_get_inbuf_len */ diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 4bd50398b..1ba61609b 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -97,6 +97,7 @@ #include "routerset.h" #include "circuitbuild.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" #ifdef HAVE_LINUX_TYPES_H diff --git a/src/or/dir_connection_st.h b/src/or/dir_connection_st.h new file mode 100644 index 000000000..df1e9b551 --- /dev/null +++ b/src/or/dir_connection_st.h @@ -0,0 +1,64 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef DIR_CONNECTION_ST_H +#define DIR_CONNECTION_ST_H + +/** Subtype of connection_t for an "directory connection" -- that is, an HTTP + * connection to retrieve or serve directory material. */ +struct dir_connection_t { + connection_t base_; + + /** Which 'resource' did we ask the directory for? This is typically the part + * of the URL string that defines, relative to the directory conn purpose, + * what thing we want. For example, in router descriptor downloads by + * descriptor digest, it contains "d/", then one or more +-separated + * fingerprints. + **/ + char *requested_resource; + unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */ + + /** If we're fetching descriptors, what router purpose shall we assign + * to them? */ + uint8_t router_purpose; + + /** List of spooled_resource_t for objects that we're spooling. We use + * it from back to front. */ + smartlist_t *spool; + /** The compression object doing on-the-fly compression for spooled data. */ + tor_compress_state_t *compress_state; + + /** What rendezvous service are we querying for? */ + rend_data_t *rend_data; + + /* Hidden service connection identifier for dir connections: Used by HS + client-side code to fetch HS descriptors, and by the service-side code to + upload descriptors. */ + struct hs_ident_dir_conn_t *hs_ident; + + /** If this is a one-hop connection, tracks the state of the directory guard + * for this connection (if any). */ + struct circuit_guard_state_t *guard_state; + + char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for + * the directory server's signing key. */ + + /** Unique ID for directory requests; this used to be in connection_t, but + * that's going away and being used on channels instead. The dirserver still + * needs this for the incoming side, so it's moved here. */ + uint64_t dirreq_id; + +#ifdef MEASUREMENTS_21206 + /** Number of RELAY_DATA cells received. */ + uint32_t data_cells_received; + + /** Number of RELAY_DATA cells sent. */ + uint32_t data_cells_sent; +#endif /* defined(MEASUREMENTS_21206) */ +}; + +#endif + diff --git a/src/or/directory.c b/src/or/directory.c index 7321a97fc..65aaaa38a 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -53,6 +53,7 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "dir_connection_st.h" #include "dir_server_st.h" #include "entry_connection_st.h" @@ -154,6 +155,15 @@ static void connection_dir_close_consensus_fetches( /********* END VARIABLES ************/ +/** Convert a connection_t* to a dir_connection_t*; assert if the cast is + * invalid. */ +dir_connection_t * +TO_DIR_CONN(connection_t *c) +{ + tor_assert(c->magic == DIR_CONNECTION_MAGIC); + return DOWNCAST(dir_connection_t, c); +} + /** Return false if the directory purpose dir_purpose * does not require an anonymous (three-hop) connection. * diff --git a/src/or/directory.h b/src/or/directory.h index 5f5ff7eca..e94c02b6c 100644 --- a/src/or/directory.h +++ b/src/or/directory.h @@ -14,6 +14,7 @@ #include "hs_ident.h" +dir_connection_t *TO_DIR_CONN(connection_t *c); int directories_have_accepted_server_descriptor(void); void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose, dirinfo_type_t type, const char *payload, diff --git a/src/or/dirserv.c b/src/or/dirserv.c index c01234e0b..f2597aeae 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -36,6 +36,8 @@ #include "dirauth/dirvote.h" +#include "dir_connection_st.h" + /** * \file dirserv.c * \brief Directory server core implementation. Manages directory diff --git a/src/or/hs_client.c b/src/or/hs_client.c index 8c04026a7..ff84296d0 100644 --- a/src/or/hs_client.c +++ b/src/or/hs_client.c @@ -35,6 +35,7 @@ #include "router.h" #include "routerset.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" /* Return a human-readable string for the client fetch status code. */ diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 44ee7bb66..9f12484eb 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -39,6 +39,7 @@ #include "hs_service.h" #include "hs_stats.h" +#include "dir_connection_st.h" #include "edge_connection_st.h" /* Trunnel */ diff --git a/src/or/include.am b/src/or/include.am index cff38d0b6..5249f683d 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -207,6 +207,7 @@ ORHEADERS = \ src/or/cpuworker.h \ src/or/directory.h \ src/or/dirserv.h \ + src/or/dir_connection_st.h \ src/or/dir_server_st.h \ src/or/dns.h \ src/or/dns_structs.h \ diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 3ed6e3d6c..3694da49d 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -74,6 +74,7 @@ #include "dirauth/mode.h" #include "dirauth/shared_random.h" +#include "dir_connection_st.h" #include "dir_server_st.h" /** Most recently received and validated v3 "ns"-flavored consensus network diff --git a/src/or/or.h b/src/or/or.h index 138c5a18d..d9e074d4c 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1640,62 +1640,10 @@ typedef struct or_connection_t { } or_connection_t; typedef struct control_connection_t control_connection_t; +typedef struct dir_connection_t dir_connection_t; typedef struct edge_connection_t edge_connection_t; typedef struct entry_connection_t entry_connection_t; -/** Subtype of connection_t for an "directory connection" -- that is, an HTTP - * connection to retrieve or serve directory material. */ -typedef struct dir_connection_t { - connection_t base_; - - /** Which 'resource' did we ask the directory for? This is typically the part - * of the URL string that defines, relative to the directory conn purpose, - * what thing we want. For example, in router descriptor downloads by - * descriptor digest, it contains "d/", then one or more +-separated - * fingerprints. - **/ - char *requested_resource; - unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */ - - /** If we're fetching descriptors, what router purpose shall we assign - * to them? */ - uint8_t router_purpose; - - /** List of spooled_resource_t for objects that we're spooling. We use - * it from back to front. */ - smartlist_t *spool; - /** The compression object doing on-the-fly compression for spooled data. */ - tor_compress_state_t *compress_state; - - /** What rendezvous service are we querying for? */ - rend_data_t *rend_data; - - /* Hidden service connection identifier for dir connections: Used by HS - client-side code to fetch HS descriptors, and by the service-side code to - upload descriptors. */ - struct hs_ident_dir_conn_t *hs_ident; - - /** If this is a one-hop connection, tracks the state of the directory guard - * for this connection (if any). */ - struct circuit_guard_state_t *guard_state; - - char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for - * the directory server's signing key. */ - - /** Unique ID for directory requests; this used to be in connection_t, but - * that's going away and being used on channels instead. The dirserver still - * needs this for the incoming side, so it's moved here. */ - uint64_t dirreq_id; - -#ifdef MEASUREMENTS_21206 - /** Number of RELAY_DATA cells received. */ - uint32_t data_cells_received; - - /** Number of RELAY_DATA cells sent. */ - uint32_t data_cells_sent; -#endif /* defined(MEASUREMENTS_21206) */ -} dir_connection_t; - /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) @@ -1705,9 +1653,6 @@ typedef struct dir_connection_t { /** Convert a connection_t* to an or_connection_t*; assert if the cast is * invalid. */ static or_connection_t *TO_OR_CONN(connection_t *); -/** Convert a connection_t* to a dir_connection_t*; assert if the cast is - * invalid. */ -static dir_connection_t *TO_DIR_CONN(connection_t *); /** Convert a connection_t* to an listener_connection_t*; assert if the cast is * invalid. */ static listener_connection_t *TO_LISTENER_CONN(connection_t *); @@ -1717,11 +1662,6 @@ static inline or_connection_t *TO_OR_CONN(connection_t *c) tor_assert(c->magic == OR_CONNECTION_MAGIC); return DOWNCAST(or_connection_t, c); } -static inline dir_connection_t *TO_DIR_CONN(connection_t *c) -{ - tor_assert(c->magic == DIR_CONNECTION_MAGIC); - return DOWNCAST(dir_connection_t, c); -} static inline listener_connection_t *TO_LISTENER_CONN(connection_t *c) { tor_assert(c->magic == LISTENER_CONNECTION_MAGIC); diff --git a/src/or/relay.c b/src/or/relay.c index 757613e9d..dca31498f 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -63,6 +63,7 @@ #include "control.h" #include "crypto_rand.h" #include "crypto_util.h" +#include "directory.h" #include "geoip.h" #include "hs_cache.h" #include "main.h" @@ -81,6 +82,7 @@ #include "scheduler.h" #include "rephist.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell, diff --git a/src/or/rendclient.c b/src/or/rendclient.c index c153862e6..c46b8c565 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -33,6 +33,7 @@ #include "routerlist.h" #include "routerset.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" static extend_info_t *rend_client_get_random_intro_impl( diff --git a/src/or/router.c b/src/or/router.c index c361e21a5..f1fff6be2 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -39,6 +39,7 @@ #include "dirauth/mode.h" +#include "dir_connection_st.h" #include "dir_server_st.h" #include "port_cfg_st.h" diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 015b1012a..970eac8d3 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -125,6 +125,7 @@ #include "dirauth/dirvote.h" #include "dirauth/mode.h" +#include "dir_connection_st.h" #include "dir_server_st.h" // #define DEBUG_ROUTERLIST diff --git a/src/test/fuzz/fuzz_http.c b/src/test/fuzz/fuzz_http.c index 2ffeb6024..e93204ea3 100644 --- a/src/test/fuzz/fuzz_http.c +++ b/src/test/fuzz/fuzz_http.c @@ -14,6 +14,8 @@ #include "directory.h" #include "torlog.h" +#include "dir_connection_st.h" + #include "fuzzing.h" static void diff --git a/src/test/test_connection.c b/src/test/test_connection.c index 05c4bb7f1..79c5e2dd8 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -24,6 +24,7 @@ #include "test_connection.h" #include "test_helpers.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" static void * test_conn_get_basic_setup(const struct testcase_t *tc); diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 4338bba65..188735a54 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -34,6 +34,7 @@ #include "log_test_helpers.h" #include "voting_schedule.h" +#include "dir_connection_st.h" #include "dir_server_st.h" #ifdef _WIN32 diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c index cfcb88a66..d4939355d 100644 --- a/src/test/test_entrynodes.c +++ b/src/test/test_entrynodes.c @@ -30,6 +30,8 @@ #include "statefile.h" #include "util.h" +#include "dir_connection_st.h" + #include "test_helpers.h" #include "log_test_helpers.h" diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c index 458ce1a92..b2f892c7f 100644 --- a/src/test/test_hs_cache.c +++ b/src/test/test_hs_cache.c @@ -18,6 +18,8 @@ #include "connection.h" #include "proto_http.h" +#include "dir_connection_st.h" + #include "hs_test_helpers.h" #include "test_helpers.h" #include "test.h" diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 0828364e8..0420f70f8 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -37,6 +37,7 @@ #include "connection_edge.h" #include "networkstatus.h" +#include "dir_connection_st.h" #include "entry_connection_st.h" static int diff --git a/src/test/test_oos.c b/src/test/test_oos.c index e72fcf5de..ddad5a08d 100644 --- a/src/test/test_oos.c +++ b/src/test/test_oos.c @@ -12,6 +12,8 @@ #include "main.h" #include "test.h" +#include "dir_connection_st.h" + static or_options_t mock_options; static void diff --git a/src/test/test_routerlist.c b/src/test/test_routerlist.c index 701227c1c..d66f8933d 100644 --- a/src/test/test_routerlist.c +++ b/src/test/test_routerlist.c @@ -33,6 +33,9 @@ #include "routerparse.h" #include "dirauth/shared_random.h" #include "statefile.h" + +#include "dir_connection_st.h" + #include "test.h" #include "test_dir_common.h" #include "log_test_helpers.h"

1 0

[tor/master] Split or_handshake_{certs, state}_t into their own headers.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit bcc283bcc90ed5ef6f8da22b63df01aea1794b2a Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:56:15 2018 -0400 Split or_handshake_{certs,state}_t into their own headers. --- src/or/channeltls.c | 2 + src/or/connection_or.c | 2 + src/or/include.am | 2 + src/or/or.h | 96 +----------------------------------------- src/or/or_handshake_certs_st.h | 39 +++++++++++++++++ src/or/or_handshake_state_st.h | 78 ++++++++++++++++++++++++++++++++++ src/or/torcert.c | 2 + src/test/test_link_handshake.c | 2 + 8 files changed, 129 insertions(+), 94 deletions(-) diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 20a4d37b4..4d5677821 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -61,6 +61,8 @@ #include "channelpadding.h" #include "or_connection_st.h" +#include "or_handshake_certs_st.h" +#include "or_handshake_state_st.h" /** How many CELL_PADDING cells have we received, ever? */ uint64_t stats_n_padding_cells_processed = 0; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index c2dd36416..070253dce 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -62,6 +62,8 @@ #include "channelpadding.h" #include "or_connection_st.h" +#include "or_handshake_certs_st.h" +#include "or_handshake_state_st.h" static int connection_tls_finish_handshake(or_connection_t *conn); static int connection_or_launch_v3_or_handshake(or_connection_t *conn); diff --git a/src/or/include.am b/src/or/include.am index 673e43ece..f3bbaa11c 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -250,6 +250,8 @@ ORHEADERS = \ src/or/onion_tap.h \ src/or/or.h \ src/or/or_connection_st.h \ + src/or/or_handshake_certs_st.h \ + src/or/or_handshake_state_st.h \ src/or/transports.h \ src/or/parsecommon.h \ src/or/periodic.h \ diff --git a/src/or/or.h b/src/or/or.h index 2a69415e1..990f7f94e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1440,100 +1440,8 @@ typedef struct connection_t { * signs. */ #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16) -/** Structure to hold all the certificates we've received on an OR connection - */ -typedef struct or_handshake_certs_t { - /** True iff we originated this connection. */ - int started_here; - /** The cert for the 'auth' RSA key that's supposed to sign the AUTHENTICATE - * cell. Signed with the RSA identity key. */ - tor_x509_cert_t *auth_cert; - /** The cert for the 'link' RSA key that was used to negotiate the TLS - * connection. Signed with the RSA identity key. */ - tor_x509_cert_t *link_cert; - /** A self-signed identity certificate: the RSA identity key signed - * with itself. */ - tor_x509_cert_t *id_cert; - /** The Ed25519 signing key, signed with the Ed25519 identity key. */ - struct tor_cert_st *ed_id_sign; - /** A digest of the X509 link certificate for the TLS connection, signed - * with the Ed25519 siging key. */ - struct tor_cert_st *ed_sign_link; - /** The Ed25519 authentication key (that's supposed to sign an AUTHENTICATE - * cell) , signed with the Ed25519 siging key. */ - struct tor_cert_st *ed_sign_auth; - /** The Ed25519 identity key, crosssigned with the RSA identity key. */ - uint8_t *ed_rsa_crosscert; - /** The length of ed_rsa_crosscert in bytes */ - size_t ed_rsa_crosscert_len; -} or_handshake_certs_t; - -/** Stores flags and information related to the portion of a v2/v3 Tor OR - * connection handshake that happens after the TLS handshake is finished. - */ -typedef struct or_handshake_state_t { - /** When was the VERSIONS cell sent on this connection? Used to get - * an estimate of the skew in the returning NETINFO reply. */ - time_t sent_versions_at; - /** True iff we originated this connection */ - unsigned int started_here : 1; - /** True iff we have received and processed a VERSIONS cell. */ - unsigned int received_versions : 1; - /** True iff we have received and processed an AUTH_CHALLENGE cell */ - unsigned int received_auth_challenge : 1; - /** True iff we have received and processed a CERTS cell. */ - unsigned int received_certs_cell : 1; - /** True iff we have received and processed an AUTHENTICATE cell */ - unsigned int received_authenticate : 1; - - /* True iff we've received valid authentication to some identity. */ - unsigned int authenticated : 1; - unsigned int authenticated_rsa : 1; - unsigned int authenticated_ed25519 : 1; - - /* True iff we have sent a netinfo cell */ - unsigned int sent_netinfo : 1; - - /** The signing->ed25519 link certificate corresponding to the x509 - * certificate we used on the TLS connection (if this is a server-side - * connection). We make a copy of this here to prevent a race condition - * caused by TLS context rotation. */ - struct tor_cert_st *own_link_cert; - - /** True iff we should feed outgoing cells into digest_sent and - * digest_received respectively. - * - * From the server's side of the v3 handshake, we want to capture everything - * from the VERSIONS cell through and including the AUTH_CHALLENGE cell. - * From the client's, we want to capture everything from the VERSIONS cell - * through but *not* including the AUTHENTICATE cell. - * - * @{ */ - unsigned int digest_sent_data : 1; - unsigned int digest_received_data : 1; - /**@}*/ - - /** Identity RSA digest that we have received and authenticated for our peer - * on this connection. */ - uint8_t authenticated_rsa_peer_id[DIGEST_LEN]; - /** Identity Ed25519 public key that we have received and authenticated for - * our peer on this connection. */ - ed25519_public_key_t authenticated_ed25519_peer_id; - - /** Digests of the cells that we have sent or received as part of a V3 - * handshake. Used for making and checking AUTHENTICATE cells. - * - * @{ - */ - crypto_digest_t *digest_sent; - crypto_digest_t *digest_received; - /** @} */ - - /** Certificates that a connection initiator sent us in a CERTS cell; we're - * holding on to them until we get an AUTHENTICATE cell. - */ - or_handshake_certs_t *certs; -} or_handshake_state_t; +typedef struct or_handshake_certs_t or_handshake_certs_t; +typedef struct or_handshake_state_t or_handshake_state_t; /** Length of Extended ORPort connection identifier. */ #define EXT_OR_CONN_ID_LEN DIGEST_LEN /* 20 */ diff --git a/src/or/or_handshake_certs_st.h b/src/or/or_handshake_certs_st.h new file mode 100644 index 000000000..515866af7 --- /dev/null +++ b/src/or/or_handshake_certs_st.h @@ -0,0 +1,39 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef OR_HANDSHAKE_CERTS_ST +#define OR_HANDSHAKE_CERTS_ST + +/** Structure to hold all the certificates we've received on an OR connection + */ +struct or_handshake_certs_t { + /** True iff we originated this connection. */ + int started_here; + /** The cert for the 'auth' RSA key that's supposed to sign the AUTHENTICATE + * cell. Signed with the RSA identity key. */ + tor_x509_cert_t *auth_cert; + /** The cert for the 'link' RSA key that was used to negotiate the TLS + * connection. Signed with the RSA identity key. */ + tor_x509_cert_t *link_cert; + /** A self-signed identity certificate: the RSA identity key signed + * with itself. */ + tor_x509_cert_t *id_cert; + /** The Ed25519 signing key, signed with the Ed25519 identity key. */ + struct tor_cert_st *ed_id_sign; + /** A digest of the X509 link certificate for the TLS connection, signed + * with the Ed25519 siging key. */ + struct tor_cert_st *ed_sign_link; + /** The Ed25519 authentication key (that's supposed to sign an AUTHENTICATE + * cell) , signed with the Ed25519 siging key. */ + struct tor_cert_st *ed_sign_auth; + /** The Ed25519 identity key, crosssigned with the RSA identity key. */ + uint8_t *ed_rsa_crosscert; + /** The length of ed_rsa_crosscert in bytes */ + size_t ed_rsa_crosscert_len; +}; + +#endif + diff --git a/src/or/or_handshake_state_st.h b/src/or/or_handshake_state_st.h new file mode 100644 index 000000000..d0e3adaef --- /dev/null +++ b/src/or/or_handshake_state_st.h @@ -0,0 +1,78 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef OR_HANDSHAKE_STATE_ST +#define OR_HANDSHAKE_STATE_ST + +/** Stores flags and information related to the portion of a v2/v3 Tor OR + * connection handshake that happens after the TLS handshake is finished. + */ +struct or_handshake_state_t { + /** When was the VERSIONS cell sent on this connection? Used to get + * an estimate of the skew in the returning NETINFO reply. */ + time_t sent_versions_at; + /** True iff we originated this connection */ + unsigned int started_here : 1; + /** True iff we have received and processed a VERSIONS cell. */ + unsigned int received_versions : 1; + /** True iff we have received and processed an AUTH_CHALLENGE cell */ + unsigned int received_auth_challenge : 1; + /** True iff we have received and processed a CERTS cell. */ + unsigned int received_certs_cell : 1; + /** True iff we have received and processed an AUTHENTICATE cell */ + unsigned int received_authenticate : 1; + + /* True iff we've received valid authentication to some identity. */ + unsigned int authenticated : 1; + unsigned int authenticated_rsa : 1; + unsigned int authenticated_ed25519 : 1; + + /* True iff we have sent a netinfo cell */ + unsigned int sent_netinfo : 1; + + /** The signing->ed25519 link certificate corresponding to the x509 + * certificate we used on the TLS connection (if this is a server-side + * connection). We make a copy of this here to prevent a race condition + * caused by TLS context rotation. */ + struct tor_cert_st *own_link_cert; + + /** True iff we should feed outgoing cells into digest_sent and + * digest_received respectively. + * + * From the server's side of the v3 handshake, we want to capture everything + * from the VERSIONS cell through and including the AUTH_CHALLENGE cell. + * From the client's, we want to capture everything from the VERSIONS cell + * through but *not* including the AUTHENTICATE cell. + * + * @{ */ + unsigned int digest_sent_data : 1; + unsigned int digest_received_data : 1; + /**@}*/ + + /** Identity RSA digest that we have received and authenticated for our peer + * on this connection. */ + uint8_t authenticated_rsa_peer_id[DIGEST_LEN]; + /** Identity Ed25519 public key that we have received and authenticated for + * our peer on this connection. */ + ed25519_public_key_t authenticated_ed25519_peer_id; + + /** Digests of the cells that we have sent or received as part of a V3 + * handshake. Used for making and checking AUTHENTICATE cells. + * + * @{ + */ + crypto_digest_t *digest_sent; + crypto_digest_t *digest_received; + /** @} */ + + /** Certificates that a connection initiator sent us in a CERTS cell; we're + * holding on to them until we get an AUTHENTICATE cell. + */ + or_handshake_certs_t *certs; +}; + +#endif + diff --git a/src/or/torcert.c b/src/or/torcert.c index 1c5afd965..5a156f18d 100644 --- a/src/or/torcert.c +++ b/src/or/torcert.c @@ -35,6 +35,8 @@ #include "compat.h" #include "link_handshake.h" +#include "or_handshake_certs_st.h" + /** Helper for tor_cert_create(): signs any 32 bytes, not just an ed25519 * key. */ diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 94e784cdc..1c2e91b83 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -22,6 +22,8 @@ #include "torcert.h" #include "or_connection_st.h" +#include "or_handshake_certs_st.h" +#include "or_handshake_state_st.h" #include "test.h" #include "log_test_helpers.h"

1 0

[tor/master] Split listener_connection_t into its own header
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 6c0fe9d07c40ce453b5c9c7a60cbfd13bf3ca6d7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:37:33 2018 -0400 Split listener_connection_t into its own header For once, it's a type that is used almost nowhere else besides the logical place. --- src/or/connection.c | 10 ++++++++++ src/or/connection.h | 2 ++ src/or/dnsserv.c | 1 + src/or/include.am | 1 + src/or/listener_connection_st.h | 23 +++++++++++++++++++++++ src/or/or.h | 21 +-------------------- 6 files changed, 38 insertions(+), 20 deletions(-) diff --git a/src/or/connection.c b/src/or/connection.c index 8c7341992..11da4fc97 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -116,6 +116,7 @@ #include "dir_connection_st.h" #include "control_connection_st.h" #include "entry_connection_st.h" +#include "listener_connection_st.h" #include "port_cfg_st.h" static connection_t *connection_listener_new( @@ -172,6 +173,15 @@ static smartlist_t *outgoing_addrs = NULL; /**************************************************************/ +/** Convert a connection_t* to an listener_connection_t*; assert if the cast + * is invalid. */ +listener_connection_t * +TO_LISTENER_CONN(connection_t *c) +{ + tor_assert(c->magic == LISTENER_CONNECTION_MAGIC); + return DOWNCAST(listener_connection_t, c); +} + /** * Return the human-readable name for the connection type type */ diff --git a/src/or/connection.h b/src/or/connection.h index 59720ce3b..df3388239 100644 --- a/src/or/connection.h +++ b/src/or/connection.h @@ -12,6 +12,8 @@ #ifndef TOR_CONNECTION_H #define TOR_CONNECTION_H +listener_connection_t *TO_LISTENER_CONN(connection_t *); + /* XXXX For buf_datalen in inline function */ #include "buffers.h" diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index 46fb8f0a0..020cabb16 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -32,6 +32,7 @@ #include "control_connection_st.h" #include "entry_connection_st.h" +#include "listener_connection_st.h" #include <event2/dns.h> #include <event2/dns_compat.h> diff --git a/src/or/include.am b/src/or/include.am index 5249f683d..1de42b7c7 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -238,6 +238,7 @@ ORHEADERS = \ src/or/hs_stats.h \ src/or/hs_service.h \ src/or/keypin.h \ + src/or/listener_connection_st.h \ src/or/main.h \ src/or/microdesc.h \ src/or/networkstatus.h \ diff --git a/src/or/listener_connection_st.h b/src/or/listener_connection_st.h new file mode 100644 index 000000000..67718c5a3 --- /dev/null +++ b/src/or/listener_connection_st.h @@ -0,0 +1,23 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef LISTENER_CONNECTION_ST_H +#define LISTENER_CONNECTION_ST_H + +/** Subtype of connection_t; used for a listener socket. */ +struct listener_connection_t { + connection_t base_; + + /** If the connection is a CONN_TYPE_AP_DNS_LISTENER, this field points + * to the evdns_server_port it uses to listen to and answer connections. */ + struct evdns_server_port *dns_server_port; + + entry_port_cfg_t entry_cfg; + +}; + +#endif + diff --git a/src/or/or.h b/src/or/or.h index d9e074d4c..443e76f35 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1381,18 +1381,6 @@ typedef struct connection_t { uint32_t n_written_conn_bw; } connection_t; -/** Subtype of connection_t; used for a listener socket. */ -typedef struct listener_connection_t { - connection_t base_; - - /** If the connection is a CONN_TYPE_AP_DNS_LISTENER, this field points - * to the evdns_server_port it uses to listen to and answer connections. */ - struct evdns_server_port *dns_server_port; - - entry_port_cfg_t entry_cfg; - -} listener_connection_t; - /** Minimum length of the random part of an AUTH_CHALLENGE cell. */ #define OR_AUTH_CHALLENGE_LEN 32 @@ -1643,6 +1631,7 @@ typedef struct control_connection_t control_connection_t; typedef struct dir_connection_t dir_connection_t; typedef struct edge_connection_t edge_connection_t; typedef struct entry_connection_t entry_connection_t; +typedef struct listener_connection_t listener_connection_t; /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) @@ -1653,20 +1642,12 @@ typedef struct entry_connection_t entry_connection_t; /** Convert a connection_t* to an or_connection_t*; assert if the cast is * invalid. */ static or_connection_t *TO_OR_CONN(connection_t *); -/** Convert a connection_t* to an listener_connection_t*; assert if the cast is - * invalid. */ -static listener_connection_t *TO_LISTENER_CONN(connection_t *); static inline or_connection_t *TO_OR_CONN(connection_t *c) { tor_assert(c->magic == OR_CONNECTION_MAGIC); return DOWNCAST(or_connection_t, c); } -static inline listener_connection_t *TO_LISTENER_CONN(connection_t *c) -{ - tor_assert(c->magic == LISTENER_CONNECTION_MAGIC); - return DOWNCAST(listener_connection_t, c); -} /** What action type does an address policy indicate: accept or reject? */ typedef enum {

1 0

[tor/master] Move or_connection_t to its own header.
by nickm＠torproject.org 18 Jun '18

18 Jun '18

commit 19c34b46589492be3fe19bed7e5729c1c7d231f1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri Jun 15 10:48:50 2018 -0400 Move or_connection_t to its own header. --- src/or/channelpadding.c | 2 + src/or/channeltls.c | 2 + src/or/connection.c | 1 + src/or/connection_or.c | 11 ++++++ src/or/connection_or.h | 2 + src/or/control.c | 1 + src/or/dos.c | 3 ++ src/or/ext_orport.c | 2 + src/or/hibernate.c | 2 + src/or/include.am | 1 + src/or/main.c | 1 + src/or/or.h | 88 +----------------------------------------- src/or/or_connection_st.h | 88 ++++++++++++++++++++++++++++++++++++++++++ src/or/scheduler.c | 2 + src/or/scheduler_kist.c | 2 + src/test/test_channelpadding.c | 2 + src/test/test_channeltls.c | 2 + src/test/test_connection.c | 1 + src/test/test_dos.c | 3 ++ src/test/test_extorport.c | 3 ++ src/test/test_link_handshake.c | 2 + src/test/test_oos.c | 1 + 22 files changed, 135 insertions(+), 87 deletions(-) diff --git a/src/or/channelpadding.c b/src/or/channelpadding.c index a8b9a2b47..7eb0cc282 100644 --- a/src/or/channelpadding.c +++ b/src/or/channelpadding.c @@ -23,6 +23,8 @@ #include "compat_time.h" #include "rendservice.h" +#include "or_connection_st.h" + STATIC int32_t channelpadding_get_netflow_inactive_timeout_ms( const channel_t *); STATIC int channelpadding_send_disable_command(channel_t *); diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 54d94f610..20a4d37b4 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -60,6 +60,8 @@ #include "channelpadding_negotiation.h" #include "channelpadding.h" +#include "or_connection_st.h" + /** How many CELL_PADDING cells have we received, ever? */ uint64_t stats_n_padding_cells_processed = 0; /** How many CELL_VERSIONS cells have we received, ever? */ diff --git a/src/or/connection.c b/src/or/connection.c index 11da4fc97..3c5330154 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -117,6 +117,7 @@ #include "control_connection_st.h" #include "entry_connection_st.h" #include "listener_connection_st.h" +#include "or_connection_st.h" #include "port_cfg_st.h" static connection_t *connection_listener_new( diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 7898fbd42..c2dd36416 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -61,6 +61,8 @@ #include "torcert.h" #include "channelpadding.h" +#include "or_connection_st.h" + static int connection_tls_finish_handshake(or_connection_t *conn); static int connection_or_launch_v3_or_handshake(or_connection_t *conn); static int connection_or_process_cells_from_inbuf(or_connection_t *conn); @@ -86,6 +88,15 @@ static void connection_or_check_canonicity(or_connection_t *conn, /**************************************************************/ +/** Convert a connection_t* to an or_connection_t*; assert if the cast is + * invalid. */ +or_connection_t * +TO_OR_CONN(connection_t *c) +{ + tor_assert(c->magic == OR_CONNECTION_MAGIC); + return DOWNCAST(or_connection_t, c); +} + /** Global map between Extended ORPort identifiers and OR * connections. */ static digestmap_t *orconn_ext_or_id_map = NULL; diff --git a/src/or/connection_or.h b/src/or/connection_or.h index 158eb1fda..4251aacab 100644 --- a/src/or/connection_or.h +++ b/src/or/connection_or.h @@ -12,6 +12,8 @@ #ifndef TOR_CONNECTION_OR_H #define TOR_CONNECTION_OR_H +or_connection_t *TO_OR_CONN(connection_t *); + void connection_or_clear_identity(or_connection_t *conn); void connection_or_clear_identity_map(void); void clear_broken_connection_map(int disable); diff --git a/src/or/control.c b/src/or/control.c index ba9f26c6b..45914f0c1 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -83,6 +83,7 @@ #include "control_connection_st.h" #include "entry_connection_st.h" +#include "or_connection_st.h" #ifndef _WIN32 #include <pwd.h> diff --git a/src/or/dos.c b/src/or/dos.c index ee731acce..8367db4ef 100644 --- a/src/or/dos.c +++ b/src/or/dos.c @@ -11,6 +11,7 @@ #include "or.h" #include "channel.h" #include "config.h" +#include "connection_or.h" #include "crypto_rand.h" #include "geoip.h" #include "main.h" @@ -21,6 +22,8 @@ #include "dos.h" +#include "or_connection_st.h" + /* * Circuit creation denial of service mitigation. * diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c index b842442ca..acbc900ad 100644 --- a/src/or/ext_orport.c +++ b/src/or/ext_orport.c @@ -29,6 +29,8 @@ #include "proto_ext_or.h" #include "util.h" +#include "or_connection_st.h" + /** Allocate and return a structure capable of holding an Extended * ORPort message of body length len. */ ext_or_cmd_t * diff --git a/src/or/hibernate.c b/src/or/hibernate.c index d7d259470..e2e53b353 100644 --- a/src/or/hibernate.c +++ b/src/or/hibernate.c @@ -42,6 +42,8 @@ hibernating, phase 2: #include "router.h" #include "statefile.h" +#include "or_connection_st.h" + /** Are we currently awake, asleep, running out of bandwidth, or shutting * down? */ static hibernate_state_t hibernate_state = HIBERNATE_STATE_INITIAL; diff --git a/src/or/include.am b/src/or/include.am index 1de42b7c7..673e43ece 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -249,6 +249,7 @@ ORHEADERS = \ src/or/onion_ntor.h \ src/or/onion_tap.h \ src/or/or.h \ + src/or/or_connection_st.h \ src/or/transports.h \ src/or/parsecommon.h \ src/or/periodic.h \ diff --git a/src/or/main.c b/src/or/main.c index 3bbd0a1d4..7b6010170 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -123,6 +123,7 @@ #include "dirauth/shared_random.h" #include "entry_connection_st.h" +#include "or_connection_st.h" #include "port_cfg_st.h" #ifdef HAVE_SYSTEMD diff --git a/src/or/or.h b/src/or/or.h index 443e76f35..2a69415e1 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1550,88 +1550,12 @@ typedef struct or_handshake_state_t { * drops below this size. */ #define OR_CONN_LOWWATER (16*1024) -/** Subtype of connection_t for an "OR connection" -- that is, one that speaks - * cells over TLS. */ -typedef struct or_connection_t { - connection_t base_; - - /** Hash of the public RSA key for the other side's identity key, or zeroes - * if the other side hasn't shown us a valid identity key. */ - char identity_digest[DIGEST_LEN]; - - /** Extended ORPort connection identifier. */ - char *ext_or_conn_id; - /** This is the ClientHash value we expect to receive from the - * client during the Extended ORPort authentication protocol. We - * compute it upon receiving the ClientNoce from the client, and we - * compare it with the acual ClientHash value sent by the - * client. */ - char *ext_or_auth_correct_client_hash; - /** String carrying the name of the pluggable transport - * (e.g. "obfs2") that is obfuscating this connection. If no - * pluggable transports are used, it's NULL. */ - char *ext_or_transport; - - char *nickname; /**< Nickname of OR on other side (if any). */ - - tor_tls_t *tls; /**< TLS connection state. */ - int tls_error; /**< Last tor_tls error code. */ - /** When we last used this conn for any client traffic. If not - * recent, we can rate limit it further. */ - - /* Channel using this connection */ - channel_tls_t *chan; - - tor_addr_t real_addr; /**< The actual address that this connection came from - * or went to. The addr field is prone to - * getting overridden by the address from the router - * descriptor matching identity_digest. */ - - /** Should this connection be used for extending circuits to the server - * matching the identity_digest field? Set to true if we're pretty - * sure we aren't getting MITMed, either because we're connected to an - * address listed in a server descriptor, or because an authenticated - * NETINFO cell listed the address we're connected to as recognized. */ - unsigned int is_canonical:1; - - /** True iff this is an outgoing connection. */ - unsigned int is_outgoing:1; - unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */ - unsigned int wide_circ_ids:1; - /** True iff this connection has had its bootstrap failure logged with - * control_event_bootstrap_problem. */ - unsigned int have_noted_bootstrap_problem:1; - /** True iff this is a client connection and its address has been put in the - * geoip cache and handled by the DoS mitigation subsystem. We use this to - * insure we have a coherent count of concurrent connection. */ - unsigned int tracked_for_dos_mitigation : 1; - - uint16_t link_proto; /**< What protocol version are we using? 0 for - * "none negotiated yet." */ - uint16_t idle_timeout; /**< How long can this connection sit with no - * circuits on it before we close it? Based on - * IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and - * on is_canonical, randomized. */ - or_handshake_state_t *handshake_state; /**< If we are setting this connection - * up, state information to do so. */ - - time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/ - - token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is - * in state CONN_OPEN. */ - - /* - * Count the number of bytes flushed out on this orconn, and the number of - * bytes TLS actually sent - used for overhead estimation for scheduling. - */ - uint64_t bytes_xmitted, bytes_xmitted_by_tls; -} or_connection_t; - typedef struct control_connection_t control_connection_t; typedef struct dir_connection_t dir_connection_t; typedef struct edge_connection_t edge_connection_t; typedef struct entry_connection_t entry_connection_t; typedef struct listener_connection_t listener_connection_t; +typedef struct or_connection_t or_connection_t; /** Cast a connection_t subtype pointer to a connection_t **/ #define TO_CONN(c) (&(((c)->base_))) @@ -1639,16 +1563,6 @@ typedef struct listener_connection_t listener_connection_t; /** Cast a entry_connection_t subtype pointer to a connection_t **/ #define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c))) -/** Convert a connection_t* to an or_connection_t*; assert if the cast is - * invalid. */ -static or_connection_t *TO_OR_CONN(connection_t *); - -static inline or_connection_t *TO_OR_CONN(connection_t *c) -{ - tor_assert(c->magic == OR_CONNECTION_MAGIC); - return DOWNCAST(or_connection_t, c); -} - /** What action type does an address policy indicate: accept or reject? */ typedef enum { ADDR_POLICY_ACCEPT=1, diff --git a/src/or/or_connection_st.h b/src/or/or_connection_st.h new file mode 100644 index 000000000..bccfd18f6 --- /dev/null +++ b/src/or/or_connection_st.h @@ -0,0 +1,88 @@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#ifndef OR_CONNECTION_ST_H +#define OR_CONNECTION_ST_H + +/** Subtype of connection_t for an "OR connection" -- that is, one that speaks + * cells over TLS. */ +struct or_connection_t { + connection_t base_; + + /** Hash of the public RSA key for the other side's identity key, or zeroes + * if the other side hasn't shown us a valid identity key. */ + char identity_digest[DIGEST_LEN]; + + /** Extended ORPort connection identifier. */ + char *ext_or_conn_id; + /** This is the ClientHash value we expect to receive from the + * client during the Extended ORPort authentication protocol. We + * compute it upon receiving the ClientNoce from the client, and we + * compare it with the acual ClientHash value sent by the + * client. */ + char *ext_or_auth_correct_client_hash; + /** String carrying the name of the pluggable transport + * (e.g. "obfs2") that is obfuscating this connection. If no + * pluggable transports are used, it's NULL. */ + char *ext_or_transport; + + char *nickname; /**< Nickname of OR on other side (if any). */ + + tor_tls_t *tls; /**< TLS connection state. */ + int tls_error; /**< Last tor_tls error code. */ + /** When we last used this conn for any client traffic. If not + * recent, we can rate limit it further. */ + + /* Channel using this connection */ + channel_tls_t *chan; + + tor_addr_t real_addr; /**< The actual address that this connection came from + * or went to. The addr field is prone to + * getting overridden by the address from the router + * descriptor matching identity_digest. */ + + /** Should this connection be used for extending circuits to the server + * matching the identity_digest field? Set to true if we're pretty + * sure we aren't getting MITMed, either because we're connected to an + * address listed in a server descriptor, or because an authenticated + * NETINFO cell listed the address we're connected to as recognized. */ + unsigned int is_canonical:1; + + /** True iff this is an outgoing connection. */ + unsigned int is_outgoing:1; + unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */ + unsigned int wide_circ_ids:1; + /** True iff this connection has had its bootstrap failure logged with + * control_event_bootstrap_problem. */ + unsigned int have_noted_bootstrap_problem:1; + /** True iff this is a client connection and its address has been put in the + * geoip cache and handled by the DoS mitigation subsystem. We use this to + * insure we have a coherent count of concurrent connection. */ + unsigned int tracked_for_dos_mitigation : 1; + + uint16_t link_proto; /**< What protocol version are we using? 0 for + * "none negotiated yet." */ + uint16_t idle_timeout; /**< How long can this connection sit with no + * circuits on it before we close it? Based on + * IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and + * on is_canonical, randomized. */ + or_handshake_state_t *handshake_state; /**< If we are setting this connection + * up, state information to do so. */ + + time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/ + + token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is + * in state CONN_OPEN. */ + + /* + * Count the number of bytes flushed out on this orconn, and the number of + * bytes TLS actually sent - used for overhead estimation for scheduling. + */ + uint64_t bytes_xmitted, bytes_xmitted_by_tls; +}; + +#endif + diff --git a/src/or/scheduler.c b/src/or/scheduler.c index da894294b..d12b8555d 100644 --- a/src/or/scheduler.c +++ b/src/or/scheduler.c @@ -13,6 +13,8 @@ #define TOR_CHANNEL_INTERNAL_ #include "channeltls.h" +#include "or_connection_st.h" + /** * \file scheduler.c * \brief Channel scheduling system: decides which channels should send and diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c index c6e9b72c4..fc9130641 100644 --- a/src/or/scheduler_kist.c +++ b/src/or/scheduler_kist.c @@ -14,6 +14,8 @@ #define SCHEDULER_PRIVATE_ #include "scheduler.h" +#include "or_connection_st.h" + #define TLS_PER_CELL_OVERHEAD 29 #ifdef HAVE_KIST_SUPPORT diff --git a/src/test/test_channelpadding.c b/src/test/test_channelpadding.c index 2c803c344..b8e3492ea 100644 --- a/src/test/test_channelpadding.c +++ b/src/test/test_channelpadding.c @@ -20,6 +20,8 @@ #include "networkstatus.h" #include "log_test_helpers.h" +#include "or_connection_st.h" + int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan); int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan); int channelpadding_send_disable_command(channel_t*); diff --git a/src/test/test_channeltls.c b/src/test/test_channeltls.c index 94f1893ca..0f134f1e7 100644 --- a/src/test/test_channeltls.c +++ b/src/test/test_channeltls.c @@ -17,6 +17,8 @@ #include "scheduler.h" #include "tortls.h" +#include "or_connection_st.h" + /* Test suite stuff */ #include "test.h" #include "fakechans.h" diff --git a/src/test/test_connection.c b/src/test/test_connection.c index 79c5e2dd8..9f50d9f84 100644 --- a/src/test/test_connection.c +++ b/src/test/test_connection.c @@ -26,6 +26,7 @@ #include "dir_connection_st.h" #include "entry_connection_st.h" +#include "or_connection_st.h" static void * test_conn_get_basic_setup(const struct testcase_t *tc); static int test_conn_get_basic_teardown(const struct testcase_t *tc, diff --git a/src/test/test_dos.c b/src/test/test_dos.c index 8ae967f3a..fcc537499 100644 --- a/src/test/test_dos.c +++ b/src/test/test_dos.c @@ -15,6 +15,9 @@ #include "networkstatus.h" #include "nodelist.h" #include "routerlist.h" + +#include "or_connection_st.h" + #include "test.h" #include "log_test_helpers.h" diff --git a/src/test/test_extorport.c b/src/test/test_extorport.c index e05342cb8..77874a74e 100644 --- a/src/test/test_extorport.c +++ b/src/test/test_extorport.c @@ -13,6 +13,9 @@ #include "crypto_rand.h" #include "ext_orport.h" #include "main.h" + +#include "or_connection_st.h" + #include "test.h" /* Test connection_or_remove_from_ext_or_id_map and diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c index 6840072d7..94e784cdc 100644 --- a/src/test/test_link_handshake.c +++ b/src/test/test_link_handshake.c @@ -21,6 +21,8 @@ #include "scheduler.h" #include "torcert.h" +#include "or_connection_st.h" + #include "test.h" #include "log_test_helpers.h" diff --git a/src/test/test_oos.c b/src/test/test_oos.c index ddad5a08d..b34191803 100644 --- a/src/test/test_oos.c +++ b/src/test/test_oos.c @@ -13,6 +13,7 @@ #include "test.h" #include "dir_connection_st.h" +#include "or_connection_st.h" static or_options_t mock_options;

1 0