/** Time when we last saw this IP address, in MINUTES since the epoch.
*
* (This will run out of space around 4011 CE. If Tor is still in use around
* 4000 CE, please remember to add more bits to last_seen_in_minutes.) */
unsigned int last_seen_in_minutes:30;
unsigned int action:2;
} clientmap_entry_t;
/** Largest allowable value for last_seen_in_minutes. (It's a 30-bit field,
* so it can hold up to (1u<<30)-1, or 0x3fffffffu.
*/
#define MAX_LAST_SEEN_IN_MINUTES 0X3FFFFFFFu
/** Map from client IP address to last time seen. */
static HT_HEAD(clientmap, clientmap_entry_t) client_history =
HT_INITIALIZER();
/** Hashtable helper: compute a hash of a clientmap_entry_t. */
static INLINE unsigned
clientmap_entry_hash(const clientmap_entry_t *a)
{
return ht_improve_hash(tor_addr_hash(&a->addr));
}
/** Hashtable helper: compare two clientmap_entry_t values for equality. */
static INLINE int
clientmap_entries_eq(const clientmap_entry_t *a, const clientmap_entry_t *b)
{
return !tor_addr_compare(&a->addr, &b->addr, CMP_EXACT) &&
a->action == b->action;
}
* has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key.
* Empty lines, misformed lines, and lines beginning with # are
* ignored. Lines beginning with @ are reserved for future extensions.
*
* The dirserv.c module is the main user of these functions.
*/
static int keypin_journal_append_entry(const uint8_t *rsa_id_digest,
const uint8_t *ed25519_id_key);
static int keypin_check_and_add_impl(const uint8_t *rsa_id_digest,
const uint8_t *ed25519_id_key,
const int do_not_add,
const int replace);
static int keypin_add_or_replace_entry_in_map(keypin_ent_t *ent);
static HT_HEAD(rsamap, keypin_ent_st) the_rsa_map = HT_INITIALIZER();
static HT_HEAD(edmap, keypin_ent_st) the_ed_map = HT_INITIALIZER();
/** Hashtable helper: compare two keypin table entries and return true iff
* they have the same RSA key IDs. */
static inline int
keypin_ents_eq_rsa(const keypin_ent_t *a, const keypin_ent_t *b)
{
return tor_memeq(a->rsa_id, b->rsa_id, sizeof(a->rsa_id));
}
/** Hashtable helper: hash a keypin table entries based on its RSA key ID */
static inline unsigned
keypin_ent_hash_rsa(const keypin_ent_t *a)
{
return (unsigned) siphash24g(a->rsa_id, sizeof(a->rsa_id));
}
static void
cached_getaddrinfo_item_free(cached_getaddrinfo_item_t *item)
{
if (item == NULL)
return;
tor_free(item->name);
if (item->res)
freeaddrinfo(item->res);
tor_free(item);
}
static HT_HEAD(getaddrinfo_cache, cached_getaddrinfo_item_t)
getaddrinfo_cache = HT_INITIALIZER();
HT_PROTOTYPE(getaddrinfo_cache, cached_getaddrinfo_item_t, node,
cached_getaddrinfo_item_hash,
cached_getaddrinfo_items_eq)
HT_GENERATE2(getaddrinfo_cache, cached_getaddrinfo_item_t, node,
cached_getaddrinfo_item_hash,
cached_getaddrinfo_items_eq,
0.6, tor_reallocarray_, tor_free_)
/** If true, don't try to cache getaddrinfo results. */
static int sandbox_getaddrinfo_cache_disabled = 0;
/** Tell the sandbox layer not to try to cache getaddrinfo results. Used as in
* tor-resolve, when we have no intention of initializing crypto or of
* installing the sandbox.*/
orconn_circid_circuit_map_t *b)
{
return a->or_conn == b->or_conn && a->circ_id == b->circ_id;
}
/** Helper: return a hash based on circuit ID and the pointer value of
* or_conn in <b>a</b>. */
static INLINE unsigned int
_orconn_circid_entry_hash(orconn_circid_circuit_map_t *a)
{
return (((unsigned)a->circ_id)<<8) ^ (unsigned)(uintptr_t)(a->or_conn);
}
/** Map from [orconn,circid] to circuit. */
static HT_HEAD(orconn_circid_map, orconn_circid_circuit_map_t)
orconn_circid_circuit_map = HT_INITIALIZER();
HT_PROTOTYPE(orconn_circid_map, orconn_circid_circuit_map_t, node,
_orconn_circid_entry_hash, _orconn_circid_entries_eq)
HT_GENERATE(orconn_circid_map, orconn_circid_circuit_map_t, node,
_orconn_circid_entry_hash, _orconn_circid_entries_eq, 0.6,
malloc, realloc, free)
/** The most recently returned entry from circuit_get_by_circid_orconn;
* used to improve performance when many cells arrive in a row from the
* same circuit.
*/
orconn_circid_circuit_map_t *_last_circid_orconn_ent = NULL;
/** Implementation helper for circuit_set_{p,n}_circid_orconn: A circuit ID
* and/or or_connection for circ has just changed from <b>old_conn, old_id</b>
* to <b>conn, id</b>. Adjust the conn,circid map as appropriate, removing
};
static INLINE unsigned int
process_map_entry_hash_(const waitpid_callback_t *ent)
{
return (unsigned) ent->pid;
}
static INLINE unsigned int
process_map_entries_eq_(const waitpid_callback_t *a,
const waitpid_callback_t *b)
{
return a->pid == b->pid;
}
static HT_HEAD(process_map, waitpid_callback_t) process_map = HT_INITIALIZER();
HT_PROTOTYPE(process_map, waitpid_callback_t, node, process_map_entry_hash_,
process_map_entries_eq_);
HT_GENERATE2(process_map, waitpid_callback_t, node, process_map_entry_hash_,
process_map_entries_eq_, 0.6, tor_reallocarray_, tor_free_);
/**
* Begin monitoring the child pid <b>pid</b> to see if we get a SIGCHLD for
* it. If we eventually do, call <b>fn</b>, passing it the exit status (as
* yielded by waitpid) and the pointer <b>arg</b>.
*
* To cancel this, or clean up after it has triggered, call
* clear_waitpid_callback().
*/
waitpid_callback_t *
}
/** Helper: return a hash value for a tor_tls_t by its SSL. */
static INLINE unsigned int
tor_tls_entry_hash(const tor_tls_t *a)
{
#if SIZEOF_INT == SIZEOF_VOID_P
return ((unsigned int)(uintptr_t)a->ssl);
#else
return (unsigned int) ((((uint64_t)a->ssl)>>2) & UINT_MAX);
#endif
}
/** Map from SSL* pointers to tor_tls_t objects using those pointers.
*/
static HT_HEAD(tlsmap, tor_tls_t) tlsmap_root = HT_INITIALIZER();
HT_PROTOTYPE(tlsmap, tor_tls_t, node, tor_tls_entry_hash,
tor_tls_entries_eq)
HT_GENERATE(tlsmap, tor_tls_t, node, tor_tls_entry_hash,
tor_tls_entries_eq, 0.6, malloc, realloc, free)
/** Helper: given a SSL* pointer, return the tor_tls_t object using that
* pointer. */
static INLINE tor_tls_t *
tor_tls_get_by_ssl(const SSL *ssl)
{
tor_tls_t search, *result;
memset(&search, 0, sizeof(search));
search.ssl = (SSL*)ssl;
result = HT_FIND(tlsmap, &tlsmap_root, &search);