tor
master
|
OR/OP-to-OR channel abstraction layer. A channel's job is to transfer cells from Tor instance to Tor instance. Currently, there is only one implementation of the channel abstraction: in channeltls.c. More...
#include "or.h"
#include "channel.h"
#include "channeltls.h"
#include "channelpadding.h"
#include "circuitbuild.h"
#include "circuitlist.h"
#include "circuitstats.h"
#include "config.h"
#include "connection_or.h"
#include "circuitmux.h"
#include "entrynodes.h"
#include "geoip.h"
#include "main.h"
#include "nodelist.h"
#include "relay.h"
#include "rephist.h"
#include "router.h"
#include "routerlist.h"
#include "scheduler.h"
#include "compat_time.h"
#include "networkstatus.h"
#include "rendservice.h"
Macros | |
#define | TOR_CHANNEL_INTERNAL_ |
#define | CHANNEL_PRIVATE_ |
#define | MIN_RELAY_CONNECTIONS_TO_WARN 5 |
#define | MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED 256 |
Variables | |
channel_idmap_entry_t | |
OR/OP-to-OR channel abstraction layer. A channel's job is to transfer cells from Tor instance to Tor instance. Currently, there is only one implementation of the channel abstraction: in channeltls.c.
Channels are a higher-level abstraction than or_connection_t: In general, any means that two Tor relays use to exchange cells, or any means that a relay and a client use to exchange cells, is a channel.
Channels differ from pluggable transports in that they do not wrap an underlying protocol over which cells are transmitted: they are the underlying protocol.
This module defines the generic parts of the channel_t interface, and provides the machinery necessary for specialized implementations to be created. At present, there is one specialized implementation in channeltls.c, which uses connection_or.c to send cells over a TLS connection.
Every channel implementation is responsible for being able to transmit cells that are passed to it
For inbound cells, the entry point is: channel_process_cell(). It takes a cell and will pass it to the cell handler set by channel_set_cell_handlers(). Currently, this is passed back to the command subsystem which is command_process_cell().
NOTE: For now, the separation between channels and specialized channels (like channeltls) is not that well defined. So the channeltls layer calls channel_process_cell() which originally comes from the connection subsytem. This should be hopefully be fixed with #23993.
For outbound cells, the entry point is: channel_write_packed_cell(). Only packed cells are dequeued from the circuit queue by the scheduler which uses channel_flush_from_first_active_circuit() to decide which cells to flush from which circuit on the channel. They are then passed down to the channel subsystem. This calls the low layer with the function pointer .write_packed_cell().
Each specialized channel (currently only channeltls_t) MUST implement a series of function found in channel_t. See channel.h for more documentation.
STATIC void channel_add_to_digest_map | ( | channel_t * | chan | ) |
Add a channel to the digest map.
This function adds a channel to the digest map and inserts it into the correct linked list if channels with that remote endpoint identity digest already exist.
void channel_change_state | ( | channel_t * | chan, |
channel_state_t | to_state | ||
) |
As channel_change_state_, but change the state to any state but open.
void channel_change_state_open | ( | channel_t * | chan | ) |
As channel_change_state, but change the state to open.
void channel_check_for_duplicates | ( | void | ) |
Relays run this once an hour to look over our list of channels to other relays. It prints out some statistics if there are multiple connections to many relays.
This function is similar to connection_or_set_bad_connections(), and probably could be adapted to replace it, if it was modified to actually take action on any of these connections.
void channel_clear_client | ( | channel_t * | chan | ) |
Clear the client flag.
Mark a channel as being not from a client.
void channel_clear_identity_digest | ( | channel_t * | chan | ) |
Clear the identity_digest of a channel.
This function clears the identity digest of the remote endpoint for a channel; this is intended for use by the lower layer.
void channel_clear_remote_end | ( | channel_t * | chan | ) |
Clear the remote end metadata (identity_digest) of a channel.
This function clears all the remote end info from a channel; this is intended for use by the lower layer.
void channel_close_for_error | ( | channel_t * | chan | ) |
Notify that the channel is being closed due to an error condition.
This function is called by the lower layer implementing the transport when a channel must be closed due to an error condition. This does not call the channel's close method, since the lower layer already knows.
void channel_close_from_lower_layer | ( | channel_t * | chan | ) |
Close a channel from the lower layer.
Notify the channel code that the channel is being closed due to a non-error condition in the lower layer. This does not call the close() method, since the lower layer already knows.
void channel_closed | ( | channel_t * | chan | ) |
Notify that the lower layer is finished closing the channel.
This function should be called by the lower layer when a channel is finished closing and it should be regarded as inactive and freed by the channel code.
channel_t* channel_connect | ( | const tor_addr_t * | addr, |
uint16_t | port, | ||
const char * | id_digest, | ||
const ed25519_public_key_t * | ed_id | ||
) |
Connect to a given addr/port/digest.
This sets up a new outgoing channel; in the future if multiple channel_t subclasses are available, this is where the selection policy should go. It may also be desirable to fold port into tor_addr_t or make a new type including a tor_addr_t and port, so we have a single abstract object encapsulating all the protocol details of how to contact an OR.
const char* channel_describe_transport | ( | channel_t * | chan | ) |
Describe the transport subclass for a channel.
Invoke a method to get a string description of the lower-layer transport for this channel.
void channel_do_open_actions | ( | channel_t * | chan | ) |
Take actions required when a channel becomes open.
Handle actions we should do when we know a channel is open; a lot of this comes from the old connection_or_set_state_open() of connection_or.c.
Because of this mechanism, future channel_t subclasses should take care not to change a channel from CHANNEL_STATE_OPENING to CHANNEL_STATE_OPEN until there is positive confirmation that the network is operational. In particular, anything UDP-based should not make this transition until a packet is received from the other side.
void channel_dump_transport_statistics | ( | channel_t * | chan, |
int | severity | ||
) |
Invoke transport-specific stats dump for channel.
If there is a lower-layer statistics dump method, invoke it.
void channel_dumpstats | ( | int | severity | ) |
Dump channel statistics to the log.
This is called from dumpstats() in main.c and spams the log with statistics on channels.
channel_t* channel_find_by_global_id | ( | uint64_t | global_identifier | ) |
Find channel by global ID.
This function searches for a channel by the global_identifier assigned at initialization time. This identifier is unique for the lifetime of the Tor process.
channel_t* channel_find_by_remote_identity | ( | const char * | rsa_id_digest, |
const ed25519_public_key_t * | ed_id | ||
) |
Find channel by RSA/Ed25519 identity of of the remote endpoint.
This function looks up a channel by the digest of its remote endpoint's RSA identity key. If ed_id is provided and nonzero, only a channel matching the ed_id will be returned.
It's possible that more than one channel to a given endpoint exists. Use channel_next_with_rsa_identity() to walk the list of channels; make sure to test for Ed25519 identity match too (as appropriate)
void channel_free_ | ( | channel_t * | chan | ) |
Free a channel; nothing outside of channel.c and subclasses should call this - it frees channels after they have closed and been unregistered.
void channel_free_all | ( | void | ) |
Close all channels and free everything.
This gets called from tor_free_all() in main.c to clean up on exit. It will close all registered channels and free associated storage, then free the all_channels, active_channels, listening_channels and finished_channels lists and also channel_identity_map.
const char* channel_get_actual_remote_address | ( | channel_t * | chan | ) |
Return the text address of the remote endpoint.
Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr} may invalidate the return value from this function.
const char* channel_get_actual_remote_descr | ( | channel_t * | chan | ) |
Return text description of the remote endpoint.
This function return a test provided by the lower layer of the remote endpoint for this channel; it should specify the actual address connected to/from.
Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr} may invalidate the return value from this function.
const char* channel_get_canonical_remote_descr | ( | channel_t * | chan | ) |
Return text description of the remote endpoint canonical address.
This function return a test provided by the lower layer of the remote endpoint for this channel; it should use the known canonical address for this OR's identity digest if possible.
Subsequent calls to channel_get_{actual,canonical}_remote_{address,descr} may invalidate the return value from this function.
channel_cell_handler_fn_ptr channel_get_cell_handler | ( | channel_t * | chan | ) |
Return the fixed-length cell handler for a channel.
This function gets the handler for incoming fixed-length cells installed on a channel.
channel_t* channel_get_for_extend | ( | const char * | rsa_id_digest, |
const ed25519_public_key_t * | ed_id, | ||
const tor_addr_t * | target_addr, | ||
const char ** | msg_out, | ||
int * | launch_out | ||
) |
Get a channel to extend a circuit.
Pick a suitable channel to extend a circuit to given the desired digest the address we believe is correct for that digest; this tries to see if we already have one for the requested endpoint, but if there is no good channel, set *msg_out to a message describing the channel's state and our next action, and set *launch_out to a boolean indicated whether the caller should try to launch a new channel with channel_connect().
channel_var_cell_handler_fn_ptr channel_get_var_cell_handler | ( | channel_t * | chan | ) |
Return the variable-length cell handler for a channel.
This function gets the handler for incoming variable-length cells installed on a channel.
int channel_has_queued_writes | ( | channel_t * | chan | ) |
Return true iff the channel has any cells on the connection outbuf waiting to be sent onto the network.
void channel_init | ( | channel_t * | chan | ) |
Initialize a channel.
This function should be called by subclasses to set up some per-channel variables. I.e., this is the superclass constructor. Before this, the channel should be allocated with tor_malloc_zero().
void channel_init_listener | ( | channel_listener_t * | chan_l | ) |
Initialize a channel listener.
This function should be called by subclasses to set up some per-channel variables. I.e., this is the superclass constructor. Before this, the channel listener should be allocated with tor_malloc_zero().
int channel_is_bad_for_new_circs | ( | channel_t * | chan | ) |
Check the is_bad_for_new_circs flag.
This function returns the is_bad_for_new_circs flag of the specified channel.
Decide which of two channels to prefer for extending a circuit.
This function is called while extending a circuit and returns true iff a is 'better' than b. The most important criterion here is that a canonical channel is always better than a non-canonical one, but the number of circuits and the age are used as tie-breakers.
This is based on the former connection_or_is_better() of connection_or.c
int channel_is_canonical | ( | channel_t * | chan | ) |
Get the canonical flag for a channel.
This returns the is_canonical for a channel; this flag is determined by the lower layer and can't be set in a transport-independent way.
int channel_is_canonical_is_reliable | ( | channel_t * | chan | ) |
Test if the canonical flag is reliable.
This function asks if the lower layer thinks it's safe to trust the result of channel_is_canonical().
int channel_is_client | ( | const channel_t * | chan | ) |
Get the client flag.
This returns the client flag of a channel, which will be set if command_process_create_cell() in command.c thinks this is a connection from a client.
int channel_is_incoming | ( | channel_t * | chan | ) |
Test incoming flag.
This function gets the incoming flag; this is set when a listener spawns a channel. If this returns true the channel was remotely initiated.
int channel_is_local | ( | channel_t * | chan | ) |
Test local flag.
This function gets the local flag; the lower layer should set this when setting up the channel if is_local_addr() is true for all of the destinations it will communicate with on behalf of this channel. It's used to decide whether to declare the network reachable when seeing incoming traffic on the channel.
int channel_is_outgoing | ( | channel_t * | chan | ) |
Test outgoing flag.
This function gets the outgoing flag; this is the inverse of the incoming bit set when a listener spawns a channel. If this returns true the channel was locally initiated.
void channel_listener_change_state | ( | channel_listener_t * | chan_l, |
channel_listener_state_t | to_state | ||
) |
Change channel listener state.
This internal and subclass use only function is used to change channel listener state, performing all transition validity checks and whatever actions are appropriate to the state transition in question.
const char* channel_listener_describe_transport | ( | channel_listener_t * | chan_l | ) |
Describe the transport subclass for a channel listener.
Invoke a method to get a string description of the lower-layer transport for this channel listener.
void channel_listener_dump_statistics | ( | channel_listener_t * | chan_l, |
int | severity | ||
) |
Dump channel listener statistics.
Dump statistics for one channel listener to the log.
void channel_listener_dump_transport_statistics | ( | channel_listener_t * | chan_l, |
int | severity | ||
) |
Invoke transport-specific stats dump for channel listener.
If there is a lower-layer statistics dump method, invoke it.
void channel_listener_dumpstats | ( | int | severity | ) |
Dump channel listener statistics to the log.
This is called from dumpstats() in main.c and spams the log with statistics on channel listeners.
void channel_listener_free_ | ( | channel_listener_t * | chan_l | ) |
Free a channel listener; nothing outside of channel.c and subclasses should call this - it frees channel listeners after they have closed and been unregistered.
void channel_listener_mark_for_close | ( | channel_listener_t * | chan_l | ) |
Mark a channel listener for closure.
This function tries to close a channel_listener_t; it will go into the CLOSING state, and eventually the lower layer should put it into the CLOSED or ERROR state. Then, channel_run_cleanup() will eventually free it.
void channel_listener_process_incoming | ( | channel_listener_t * | listener | ) |
Process the queue of incoming channels on a listener.
Use a listener's registered callback to process as many entries in the queue of incoming channels as possible.
void channel_listener_queue_incoming | ( | channel_listener_t * | listener, |
channel_t * | incoming | ||
) |
Queue an incoming channel on a listener.
Internal and subclass use only function to queue an incoming channel from a listener. A subclass of channel_listener_t should call this when a new incoming channel is created.
void channel_listener_register | ( | channel_listener_t * | chan_l | ) |
Register a channel listener.
This function registers a newly created channel listener in the global lists/maps of active channel listeners.
void channel_listener_run_cleanup | ( | void | ) |
Clean up channel listeners.
This gets called periodically from run_scheduled_events() in main.c; it cleans up after closed channel listeners.
void channel_listener_set_listener_fn | ( | channel_listener_t * | chan_l, |
channel_listener_fn_ptr | listener | ||
) |
Set the listener for a channel listener.
This function sets the handler for new incoming channels on a channel listener.
int channel_listener_state_can_transition | ( | channel_listener_state_t | from, |
channel_listener_state_t | to | ||
) |
Indicate whether a channel listener state transition is valid.
This function takes two channel listener states and indicates whether a transition between them is permitted (see the state definitions and transition table in or.h at the channel_listener_state_t typedef).
int channel_listener_state_is_valid | ( | channel_listener_state_t | state | ) |
Indicate whether a given channel listener state is valid.
const char* channel_listener_state_to_string | ( | channel_listener_state_t | state | ) |
Return a human-readable description for a channel listener state.
void channel_listener_timestamp_accepted | ( | channel_listener_t * | chan_l | ) |
Update the last accepted timestamp.
This function updates the channel listener's last accepted timestamp; it should be called whenever a new incoming channel is accepted on a listener.
void channel_listener_timestamp_active | ( | channel_listener_t * | chan_l | ) |
Update the last active timestamp for a channel listener.
void channel_listener_timestamp_created | ( | channel_listener_t * | chan_l | ) |
Update the created timestamp for a channel listener.
This updates the channel listener's created timestamp and should only be called from channel_init_listener().
void channel_listener_unregister | ( | channel_listener_t * | chan_l | ) |
Unregister a channel listener.
This function removes a channel listener from the global lists and maps and is used when freeing a closed/errored channel listener.
void channel_mark_bad_for_new_circs | ( | channel_t * | chan | ) |
Mark a channel as bad for new circuits.
Set the is_bad_for_new_circs_flag on chan.
void channel_mark_client | ( | channel_t * | chan | ) |
Set the client flag.
Mark a channel as being from a client.
void channel_mark_for_close | ( | channel_t * | chan | ) |
Mark a channel for closure.
This function tries to close a channel_t; it will go into the CLOSING state, and eventually the lower layer should put it into the CLOSED or ERROR state. Then, channel_run_cleanup() will eventually free it.
void channel_mark_incoming | ( | channel_t * | chan | ) |
Set the incoming flag.
This function is called when a channel arrives on a listening channel to mark it as incoming.
void channel_mark_local | ( | channel_t * | chan | ) |
Set the local flag.
This internal-only function should be called by the lower layer if the channel is to a local address. See channel_is_local() above or the description of the is_local bit in channel.h.
void channel_mark_outgoing | ( | channel_t * | chan | ) |
Mark a channel as outgoing.
This function clears the incoming flag and thus marks a channel as outgoing.
void channel_mark_remote | ( | channel_t * | chan | ) |
Mark a channel as remote.
This internal-only function should be called by the lower layer if the channel is not to a local address but has previously been marked local. See channel_is_local() above or the description of the is_local bit in channel.h
int channel_matches_extend_info | ( | channel_t * | chan, |
extend_info_t * | extend_info | ||
) |
Check if a channel matches an extend_info_t.
This function calls the lower layer and asks if this channel matches a given extend_info_t.
int channel_matches_target_addr_for_extend | ( | channel_t * | chan, |
const tor_addr_t * | target | ||
) |
Check if a channel matches a given target address; return true iff we do.
This function calls into the lower layer and asks if this channel thinks it matches a given target address for circuit extension purposes.
Get next channel with digest.
This function takes a channel and finds the next channel in the list with the same digest.
void channel_notify_flushed | ( | channel_t * | chan | ) |
Notify the channel we're done flushing the output in the lower layer.
Connection.c will call this when we've flushed the output; there's some dirreq-related maintenance to do.
int channel_num_cells_writeable | ( | channel_t * | chan | ) |
Estimate the number of writeable cells.
Ask the lower layer for an estimate of how many cells it can accept.
unsigned int channel_num_circuits | ( | channel_t * | chan | ) |
Return the total number of circuits used by a channel.
chan | Channel to query |
Process a cell from the given channel.
void channel_register | ( | channel_t * | chan | ) |
Register a channel.
This function registers a newly created channel in the global lists/maps of active channels.
void channel_run_cleanup | ( | void | ) |
Clean up channels.
This gets called periodically from run_scheduled_events() in main.c; it cleans up after closed channels.
Send destroy cell on a channel.
Write a destroy cell with circ ID circ_id and reason reason onto channel chan. Don't perform range-checking on reason: we may want to propagate reasons from other cells.
void channel_set_cell_handlers | ( | channel_t * | chan, |
channel_cell_handler_fn_ptr | cell_handler, | ||
channel_var_cell_handler_fn_ptr | var_cell_handler | ||
) |
Set both cell handlers for a channel.
This function sets both the fixed-length and variable length cell handlers for a channel.
void channel_set_identity_digest | ( | channel_t * | chan, |
const char * | identity_digest, | ||
const ed25519_public_key_t * | ed_identity | ||
) |
Set the identity_digest of a channel.
This function sets the identity digest of the remote endpoint for a channel; this is intended for use by the lower layer.
int channel_state_can_transition | ( | channel_state_t | from, |
channel_state_t | to | ||
) |
Indicate whether a channel state transition is valid.
This function takes two channel states and indicates whether a transition between them is permitted (see the state definitions and transition table in or.h at the channel_state_t typedef).
const char* channel_state_to_string | ( | channel_state_t | state | ) |
Return a human-readable description for a channel state.
void channel_timestamp_active | ( | channel_t * | chan | ) |
Update the last active timestamp for a channel.
This function updates the channel's last active timestamp; it should be called by the lower layer whenever there is activity on the channel which does not lead to a cell being transmitted or received; the active timestamp is also updated from channel_timestamp_recv() and channel_timestamp_xmit(), but it should be updated for things like the v3 handshake and stuff that produce activity only visible to the lower layer.
void channel_timestamp_client | ( | channel_t * | chan | ) |
Update client timestamp.
This function is called by relay.c to timestamp a channel that appears to be used as a client.
void channel_timestamp_created | ( | channel_t * | chan | ) |
Update the created timestamp for a channel.
This updates the channel's created timestamp and should only be called from channel_init().
void channel_timestamp_recv | ( | channel_t * | chan | ) |
Update the recv timestamp.
This is called whenever we get an incoming cell from the lower layer. This also updates the active timestamp.
void channel_timestamp_xmit | ( | channel_t * | chan | ) |
Update the xmit timestamp.
This is called whenever we pass an outgoing cell to the lower layer. This also updates the active timestamp.
void channel_unregister | ( | channel_t * | chan | ) |
Unregister a channel.
This function removes a channel from the global lists and maps and is used when freeing a closed/errored channel.
void channel_update_bad_for_new_circs | ( | const char * | digest, |
int | force | ||
) |
Go through all the channels (or if digest is non-NULL, just the OR connections with that digest), and set the is_bad_for_new_circs flag based on the rules in connection_or_group_set_badness() (or just always set it if force is true).
time_t channel_when_created | ( | channel_t * | chan | ) |
Query created timestamp for a channel.
time_t channel_when_last_client | ( | channel_t * | chan | ) |
Query client timestamp.
time_t channel_when_last_xmit | ( | channel_t * | chan | ) |
Query xmit timestamp.
int channel_write_packed_cell | ( | channel_t * | chan, |
packed_cell_t * | cell | ||
) |
Write a packed cell to a channel.
Write a packed cell to a channel using the write_cell() method. This is called by the transport-independent code to deliver a packed cell to a channel for transmission.
Return 0 on success else a negative value. In both cases, the caller should not access the cell anymore, it is freed both on success and error.
HT_PROTOTYPE | ( | ) |
Indicate whether a given channel state is valid.
MOCK_IMPL | ( | ssize_t | , |
channel_flush_some_cells | , | ||
(channel_t *chan, ssize_t num_cells) | |||
) |
Try to flush cells of the given channel chan up to a maximum of num_cells.
This is called by the scheduler when it wants to flush cells from the channel's circuit queue(s) to the connection outbuf (not yet on the wire).
If the channel is not in state CHANNEL_STATE_OPEN, this does nothing and will return 0 meaning no cells were flushed.
If num_cells is -1, we'll try to flush up to the maximum cells allowed defined in MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED.
On success, the number of flushed cells are returned and it can never be above num_cells. If 0 is returned, no cells were flushed either because the channel was not opened or we had no cells on the channel. A negative number can NOT be sent back.
This function is part of the fast path.
MOCK_IMPL | ( | int | , |
channel_more_to_flush | , | ||
(channel_t *chan) | |||
) |
Check if any cells are available.
This is used by the scheduler to know if the channel has more to flush after a scheduling round.
MOCK_IMPL | ( | void | , |
channel_dump_statistics | , | ||
(channel_t *chan, int severity) | |||
) |
Dump channel statistics.
Dump statistics for one channel to the log.
MOCK_IMPL | ( | int | , |
channel_get_addr_if_possible | , | ||
(channel_t *chan, tor_addr_t *addr_out) | |||
) |
Get remote address if possible.
Write the remote address out to a tor_addr_t if the underlying transport supports this operation, and return 1. Return 0 if the underlying transport doesn't let us do this.
MOCK_IMPL | ( | void | , |
channel_set_circid_type | , | ||
(channel_t *chan, crypto_pk_t *identity_rcvd, int consider_identity) | |||
) |
Set up circuit ID generation.
This is called when setting up a channel and replaces the old connection_or_set_circid_type().
int packed_cell_is_destroy | ( | channel_t * | chan, |
const packed_cell_t * | packed_cell, | ||
circid_t * | circid_out | ||
) |
If packed_cell on chan is a destroy cell, then set *circid_out to its circuit ID, and return true. Otherwise, return false.