📄 circuitbuild.c
字号:
uint16_t *port;
smartlist_t *sl = circuit_get_unhandled_ports(now);
smartlist_t *LongLivedServices = get_options()->LongLivedPorts;
tor_assert(need_uptime);
tor_assert(need_capacity);
enough = (smartlist_len(sl) == 0);
for (i = 0; i < smartlist_len(sl); ++i) {
port = smartlist_get(sl, i);
if (smartlist_string_num_isin(LongLivedServices, *port))
*need_uptime = 1;
tor_free(port);
}
smartlist_free(sl);
return enough;
}
/** Return 1 if <b>router</b> can handle one or more of the ports in
* <b>needed_ports</b>, else return 0.
*/
static int
router_handles_some_port(routerinfo_t *router, smartlist_t *needed_ports)
{
int i;
uint16_t port;
for (i = 0; i < smartlist_len(needed_ports); ++i) {
addr_policy_result_t r;
port = *(uint16_t *)smartlist_get(needed_ports, i);
tor_assert(port);
r = compare_addr_to_addr_policy(0, port, router->exit_policy);
if (r != ADDR_POLICY_REJECTED && r != ADDR_POLICY_PROBABLY_REJECTED)
return 1;
}
return 0;
}
/** Return true iff <b>conn</b> needs another general circuit to be
* built. */
static int
ap_stream_wants_exit_attention(connection_t *conn)
{
if (conn->type == CONN_TYPE_AP &&
conn->state == AP_CONN_STATE_CIRCUIT_WAIT &&
!conn->marked_for_close &&
!connection_edge_is_rendezvous_stream(TO_EDGE_CONN(conn)) &&
!circuit_stream_is_being_handled(TO_EDGE_CONN(conn), 0,
MIN_CIRCUITS_HANDLING_STREAM))
return 1;
return 0;
}
/** Return a pointer to a suitable router to be the exit node for the
* general-purpose circuit we're about to build.
*
* Look through the connection array, and choose a router that maximizes
* the number of pending streams that can exit from this router.
*
* Return NULL if we can't find any suitable routers.
*/
static routerinfo_t *
choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
int need_capacity)
{
int *n_supported;
int i;
int n_pending_connections = 0;
smartlist_t *connections;
int best_support = -1;
int n_best_support=0;
smartlist_t *sl, *preferredexits, *excludedexits;
routerinfo_t *router;
or_options_t *options = get_options();
connections = get_connection_array();
/* Count how many connections are waiting for a circuit to be built.
* We use this for log messages now, but in the future we may depend on it.
*/
SMARTLIST_FOREACH(connections, connection_t *, conn,
{
if (ap_stream_wants_exit_attention(conn))
++n_pending_connections;
});
// log_fn(LOG_DEBUG, "Choosing exit node; %d connections are pending",
// n_pending_connections);
/* Now we count, for each of the routers in the directory, how many
* of the pending connections could possibly exit from that
* router (n_supported[i]). (We can't be sure about cases where we
* don't know the IP address of the pending connection.)
*/
n_supported = tor_malloc(sizeof(int)*smartlist_len(dir->routers));
for (i = 0; i < smartlist_len(dir->routers); ++i) {/* iterate over routers */
router = smartlist_get(dir->routers, i);
if (router_is_me(router)) {
n_supported[i] = -1;
// log_fn(LOG_DEBUG,"Skipping node %s -- it's me.", router->nickname);
/* XXX there's probably a reverse predecessor attack here, but
* it's slow. should we take this out? -RD
*/
continue;
}
if (!router->is_running || router->is_bad_exit) {
n_supported[i] = -1;
continue; /* skip routers that are known to be down or bad exits */
}
if (router_is_unreliable(router, need_uptime, need_capacity, 0)) {
n_supported[i] = -1;
continue; /* skip routers that are not suitable */
}
if (!(router->is_valid || options->_AllowInvalid & ALLOW_INVALID_EXIT)) {
/* if it's invalid and we don't want it */
n_supported[i] = -1;
// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- invalid router.",
// router->nickname, i);
continue; /* skip invalid routers */
}
if (router_exit_policy_rejects_all(router)) {
n_supported[i] = -1;
// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it rejects all.",
// router->nickname, i);
continue; /* skip routers that reject all */
}
n_supported[i] = 0;
/* iterate over connections */
SMARTLIST_FOREACH(connections, connection_t *, conn,
{
if (!ap_stream_wants_exit_attention(conn))
continue; /* Skip everything but APs in CIRCUIT_WAIT */
if (connection_ap_can_use_exit(TO_EDGE_CONN(conn), router)) {
++n_supported[i];
// log_fn(LOG_DEBUG,"%s is supported. n_supported[%d] now %d.",
// router->nickname, i, n_supported[i]);
} else {
// log_fn(LOG_DEBUG,"%s (index %d) would reject this stream.",
// router->nickname, i);
}
}); /* End looping over connections. */
if (n_supported[i] > best_support) {
/* If this router is better than previous ones, remember its index
* and goodness, and start counting how many routers are this good. */
best_support = n_supported[i]; n_best_support=1;
// log_fn(LOG_DEBUG,"%s is new best supported option so far.",
// router->nickname);
} else if (n_supported[i] == best_support) {
/* If this router is _as good_ as the best one, just increment the
* count of equally good routers.*/
++n_best_support;
}
}
log_info(LD_CIRC,
"Found %d servers that might support %d/%d pending connections.",
n_best_support, best_support >= 0 ? best_support : 0,
n_pending_connections);
preferredexits = smartlist_create();
add_nickname_list_to_smartlist(preferredexits,options->ExitNodes,1);
excludedexits = smartlist_create();
add_nickname_list_to_smartlist(excludedexits,options->ExcludeNodes,0);
sl = smartlist_create();
/* If any routers definitely support any pending connections, choose one
* at random. */
if (best_support > 0) {
for (i = 0; i < smartlist_len(dir->routers); i++)
if (n_supported[i] == best_support)
smartlist_add(sl, smartlist_get(dir->routers, i));
smartlist_subtract(sl,excludedexits);
if (options->StrictExitNodes || smartlist_overlap(sl,preferredexits))
smartlist_intersect(sl,preferredexits);
router = routerlist_sl_choose_by_bandwidth(sl, WEIGHT_FOR_EXIT);
} else {
/* Either there are no pending connections, or no routers even seem to
* possibly support any of them. Choose a router at random that satisfies
* at least one predicted exit port. */
int try;
smartlist_t *needed_ports;
if (best_support == -1) {
if (need_uptime || need_capacity) {
log_info(LD_CIRC,
"We couldn't find any live%s%s routers; falling back "
"to list of all routers.",
need_capacity?", fast":"",
need_uptime?", stable":"");
smartlist_free(preferredexits);
smartlist_free(excludedexits);
smartlist_free(sl);
tor_free(n_supported);
return choose_good_exit_server_general(dir, 0, 0);
}
log_notice(LD_CIRC, "All routers are down or won't exit -- choosing a "
"doomed exit at random.");
}
needed_ports = circuit_get_unhandled_ports(time(NULL));
for (try = 0; try < 2; try++) {
/* try once to pick only from routers that satisfy a needed port,
* then if there are none, pick from any that support exiting. */
for (i = 0; i < smartlist_len(dir->routers); i++) {
router = smartlist_get(dir->routers, i);
if (n_supported[i] != -1 &&
(try || router_handles_some_port(router, needed_ports))) {
// log_fn(LOG_DEBUG,"Try %d: '%s' is a possibility.",
// try, router->nickname);
smartlist_add(sl, router);
}
}
smartlist_subtract(sl,excludedexits);
if (options->StrictExitNodes || smartlist_overlap(sl,preferredexits))
smartlist_intersect(sl,preferredexits);
/* XXX sometimes the above results in null, when the requested
* exit node is down. we should pick it anyway. */
router = routerlist_sl_choose_by_bandwidth(sl, WEIGHT_FOR_EXIT);
if (router)
break;
}
SMARTLIST_FOREACH(needed_ports, uint16_t *, cp, tor_free(cp));
smartlist_free(needed_ports);
}
smartlist_free(preferredexits);
smartlist_free(excludedexits);
smartlist_free(sl);
tor_free(n_supported);
if (router) {
log_info(LD_CIRC, "Chose exit server '%s'", router->nickname);
return router;
}
if (options->StrictExitNodes) {
log_warn(LD_CIRC,
"No specified exit routers seem to be running, and "
"StrictExitNodes is set: can't choose an exit.");
}
return NULL;
}
/** Return a pointer to a suitable router to be the exit node for the
* circuit of purpose <b>purpose</b> that we're about to build (or NULL
* if no router is suitable).
*
* For general-purpose circuits, pass it off to
* choose_good_exit_server_general()
*
* For client-side rendezvous circuits, choose a random node, weighted
* toward the preferences in 'options'.
*/
static routerinfo_t *
choose_good_exit_server(uint8_t purpose, routerlist_t *dir,
int need_uptime, int need_capacity, int is_internal)
{
or_options_t *options = get_options();
switch (purpose) {
case CIRCUIT_PURPOSE_C_GENERAL:
if (is_internal) /* pick it like a middle hop */
return router_choose_random_node(NULL, get_options()->ExcludeNodes,
NULL, need_uptime, need_capacity, 0,
get_options()->_AllowInvalid & ALLOW_INVALID_MIDDLE, 0, 0);
else
return choose_good_exit_server_general(dir,need_uptime,need_capacity);
case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
return router_choose_random_node(
options->RendNodes, options->RendExcludeNodes,
NULL, need_uptime, need_capacity, 0,
options->_AllowInvalid & ALLOW_INVALID_RENDEZVOUS, 0, 0);
}
log_warn(LD_BUG,"Unhandled purpose %d", purpose);
tor_fragile_assert();
return NULL;
}
/** Decide a suitable length for circ's cpath, and pick an exit
* router (or use <b>exit</b> if provided). Store these in the
* cpath. Return 0 if ok, -1 if circuit should be closed. */
static int
onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit)
{
cpath_build_state_t *state = circ->build_state;
routerlist_t *rl = router_get_routerlist();
if (state->onehop_tunnel) {
log_debug(LD_CIRC, "Launching a one-hop circuit for dir tunnel.");
state->desired_path_len = 1;
} else {
int r = new_route_len(circ->_base.purpose, exit, rl->routers);
if (r < 1) /* must be at least 1 */
return -1;
state->desired_path_len = r;
}
if (exit) { /* the circuit-builder pre-requested one */
log_info(LD_CIRC,"Using requested exit node '%s'", exit->nickname);
exit = extend_info_dup(exit);
} else { /* we have to decide one */
routerinfo_t *router =
choose_good_exit_server(circ->_base.purpose, rl, state->need_uptime,
state->need_capacity, state->is_internal);
if (!router) {
log_warn(LD_CIRC,"failed to choose an exit server");
return -1;
}
exit = extend_info_from_router(router);
}
state->chosen_exit = exit;
return 0;
}
/** Give <b>circ</b> a new exit destination to <b>exit</b>, and add a
* hop to the cpath reflecting this. Don't send the next extend cell --
* the caller will do this if it wants to.
*/
int
circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *exit)
{
cpath_build_state_t *state;
tor_assert(exit);
tor_assert(circ);
state = circ->build_state;
tor_assert(state);
if (state->chosen_exit)
extend_info_free(state->chosen_exit);
state->chosen_exit = extend_info_dup(exit);
++circ->build_state->desired_path_len;
onion_append_hop(&circ->cpath, exit);
return 0;
}
/** Take an open <b>circ</b>, and add a new hop at the end, based on
* <b>info</b>. Set its state back to CIRCUIT_STATE_BUILDING, and then
* send the next extend cell to begin connecting to that hop.
*/
int
circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit)
{
int err_reason = 0;
circuit_append_new_exit(circ, exit);
circuit_set_state(TO_CIRCUIT(circ), CIRCUIT_STATE_BUILDING);
if ((err_reason = circuit_send_next_onion_skin(circ))<0) {
log_warn(LD_CIRC, "Couldn't extend circuit to new point '%s'.",
exit->nickname);
circuit_mark_for_close(TO_CIRCUIT(circ), -err_reason);
return -1;
}
return 0;
}
/** Return the number of routers in <b>routers</b> that are currently up
* and available for building circuits through.
*/
static int
count_acceptable_routers(smartlist_t *routers)
{
int i, n;
int num=0;
routerinfo_t *r;
n = smartlist_len(routers);
for (i=0;i<n;i++) {
r = smartlist_get(routers, i);
// log_debug(LD_CIRC,
// "Contemplating whether router %d (%s) is a new option.",
// i, r->nickname);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -