Back to index

tor  0.2.3.18-rc
buffers.c
Go to the documentation of this file.
00001 /* Copyright (c) 2001 Matej Pfajfar.
00002  * Copyright (c) 2001-2004, Roger Dingledine.
00003  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
00004  * Copyright (c) 2007-2012, The Tor Project, Inc. */
00005 /* See LICENSE for licensing information */
00006 
00013 #define BUFFERS_PRIVATE
00014 #include "or.h"
00015 #include "buffers.h"
00016 #include "config.h"
00017 #include "connection_edge.h"
00018 #include "connection_or.h"
00019 #include "control.h"
00020 #include "reasons.h"
00021 #include "../common/util.h"
00022 #include "../common/torlog.h"
00023 #ifdef HAVE_UNISTD_H
00024 #include <unistd.h>
00025 #endif
00026 
00027 //#define PARANOIA
00028 
00029 #ifdef PARANOIA
00030 
00032 #define check() STMT_BEGIN assert_buf_ok(buf); STMT_END
00033 #else
00034 #define check() STMT_NIL
00035 #endif
00036 
00037 /* Implementation notes:
00038  *
00039  * After flirting with memmove, and dallying with ring-buffers, we're finally
00040  * getting up to speed with the 1970s and implementing buffers as a linked
00041  * list of small chunks.  Each buffer has such a list; data is removed from
00042  * the head of the list, and added at the tail.  The list is singly linked,
00043  * and the buffer keeps a pointer to the head and the tail.
00044  *
00045  * Every chunk, except the tail, contains at least one byte of data.  Data in
00046  * each chunk is contiguous.
00047  *
00048  * When you need to treat the first N characters on a buffer as a contiguous
00049  * string, use the buf_pullup function to make them so.  Don't do this more
00050  * than necessary.
00051  *
00052  * The major free Unix kernels have handled buffers like this since, like,
00053  * forever.
00054  */
00055 
00056 static int parse_socks(const char *data, size_t datalen, socks_request_t *req,
00057                        int log_sockstype, int safe_socks, ssize_t *drain_out,
00058                        size_t *want_length_out);
00059 static int parse_socks_client(const uint8_t *data, size_t datalen,
00060                               int state, char **reason,
00061                               ssize_t *drain_out);
00062 
00063 /* Chunk manipulation functions */
00064 
00066 typedef struct chunk_t {
00067   struct chunk_t *next; 
00068   size_t datalen; 
00069   size_t memlen; 
00070   char *data; 
00071   char mem[FLEXIBLE_ARRAY_MEMBER]; 
00073 } chunk_t;
00074 
00075 #define CHUNK_HEADER_LEN STRUCT_OFFSET(chunk_t, mem[0])
00076 
00079 #define CHUNK_ALLOC_SIZE(memlen) (CHUNK_HEADER_LEN + (memlen))
00080 
00082 #define CHUNK_SIZE_WITH_ALLOC(memlen) ((memlen) - CHUNK_HEADER_LEN)
00083 
00086 static INLINE char *
00087 CHUNK_WRITE_PTR(chunk_t *chunk)
00088 {
00089   return chunk->data + chunk->datalen;
00090 }
00091 
00094 static INLINE size_t
00095 CHUNK_REMAINING_CAPACITY(const chunk_t *chunk)
00096 {
00097   return (chunk->mem + chunk->memlen) - (chunk->data + chunk->datalen);
00098 }
00099 
00102 static INLINE void
00103 chunk_repack(chunk_t *chunk)
00104 {
00105   if (chunk->datalen && chunk->data != &chunk->mem[0]) {
00106     memmove(chunk->mem, chunk->data, chunk->datalen);
00107   }
00108   chunk->data = &chunk->mem[0];
00109 }
00110 
00111 #if defined(ENABLE_BUF_FREELISTS) || defined(RUNNING_DOXYGEN)
00112 
00113 typedef struct chunk_freelist_t {
00114   size_t alloc_size; 
00115   int max_length; 
00117   int slack; 
00119   int cur_length; 
00120   int lowest_length; 
00122   uint64_t n_alloc;
00123   uint64_t n_free;
00124   uint64_t n_hit;
00125   chunk_t *head; 
00126 } chunk_freelist_t;
00127 
00129 #define FL(a,m,s) { a, m, s, 0, 0, 0, 0, 0, NULL }
00130 
00133 static chunk_freelist_t freelists[] = {
00134   FL(4096, 256, 8), FL(8192, 128, 4), FL(16384, 64, 4), FL(32768, 32, 2),
00135   FL(0, 0, 0)
00136 };
00137 #undef FL
00138 
00140 static uint64_t n_freelist_miss = 0;
00141 
00142 static void assert_freelist_ok(chunk_freelist_t *fl);
00143 
00146 static INLINE chunk_freelist_t *
00147 get_freelist(size_t alloc)
00148 {
00149   int i;
00150   for (i=0; freelists[i].alloc_size <= alloc; ++i) {
00151     if (freelists[i].alloc_size == alloc) {
00152       return &freelists[i];
00153     }
00154   }
00155   return NULL;
00156 }
00157 
00159 static void
00160 chunk_free_unchecked(chunk_t *chunk)
00161 {
00162   size_t alloc;
00163   chunk_freelist_t *freelist;
00164 
00165   alloc = CHUNK_ALLOC_SIZE(chunk->memlen);
00166   freelist = get_freelist(alloc);
00167   if (freelist && freelist->cur_length < freelist->max_length) {
00168     chunk->next = freelist->head;
00169     freelist->head = chunk;
00170     ++freelist->cur_length;
00171   } else {
00172     if (freelist)
00173       ++freelist->n_free;
00174     tor_free(chunk);
00175   }
00176 }
00177 
00181 static INLINE chunk_t *
00182 chunk_new_with_alloc_size(size_t alloc)
00183 {
00184   chunk_t *ch;
00185   chunk_freelist_t *freelist;
00186   tor_assert(alloc >= sizeof(chunk_t));
00187   freelist = get_freelist(alloc);
00188   if (freelist && freelist->head) {
00189     ch = freelist->head;
00190     freelist->head = ch->next;
00191     if (--freelist->cur_length < freelist->lowest_length)
00192       freelist->lowest_length = freelist->cur_length;
00193     ++freelist->n_hit;
00194   } else {
00195     /* XXXX take advantage of tor_malloc_roundup, once we know how that
00196      * affects freelists. */
00197     if (freelist)
00198       ++freelist->n_alloc;
00199     else
00200       ++n_freelist_miss;
00201     ch = tor_malloc(alloc);
00202   }
00203   ch->next = NULL;
00204   ch->datalen = 0;
00205   ch->memlen = CHUNK_SIZE_WITH_ALLOC(alloc);
00206   ch->data = &ch->mem[0];
00207   return ch;
00208 }
00209 #else
00210 static void
00211 chunk_free_unchecked(chunk_t *chunk)
00212 {
00213   tor_free(chunk);
00214 }
00215 static INLINE chunk_t *
00216 chunk_new_with_alloc_size(size_t alloc)
00217 {
00218   chunk_t *ch;
00219   ch = tor_malloc_roundup(&alloc);
00220   ch->next = NULL;
00221   ch->datalen = 0;
00222   ch->memlen = CHUNK_SIZE_WITH_ALLOC(alloc);
00223   ch->data = &ch->mem[0];
00224   return ch;
00225 }
00226 #endif
00227 
00230 static INLINE chunk_t *
00231 chunk_grow(chunk_t *chunk, size_t sz)
00232 {
00233   off_t offset;
00234   tor_assert(sz > chunk->memlen);
00235   offset = chunk->data - chunk->mem;
00236   chunk = tor_realloc(chunk, CHUNK_ALLOC_SIZE(sz));
00237   chunk->memlen = sz;
00238   chunk->data = chunk->mem + offset;
00239   return chunk;
00240 }
00241 
00244 #define MIN_READ_LEN 8
00245 
00246 #define MIN_CHUNK_ALLOC 256
00247 
00248 #define MAX_CHUNK_ALLOC 65536
00249 
00252 static INLINE size_t
00253 preferred_chunk_size(size_t target)
00254 {
00255   size_t sz = MIN_CHUNK_ALLOC;
00256   while (CHUNK_SIZE_WITH_ALLOC(sz) < target) {
00257     sz <<= 1;
00258   }
00259   return sz;
00260 }
00261 
00264 void
00265 buf_shrink_freelists(int free_all)
00266 {
00267 #ifdef ENABLE_BUF_FREELISTS
00268   int i;
00269   disable_control_logging();
00270   for (i = 0; freelists[i].alloc_size; ++i) {
00271     int slack = freelists[i].slack;
00272     assert_freelist_ok(&freelists[i]);
00273     if (free_all || freelists[i].lowest_length > slack) {
00274       int n_to_free = free_all ? freelists[i].cur_length :
00275         (freelists[i].lowest_length - slack);
00276       int n_to_skip = freelists[i].cur_length - n_to_free;
00277       int orig_length = freelists[i].cur_length;
00278       int orig_n_to_free = n_to_free, n_freed=0;
00279       int orig_n_to_skip = n_to_skip;
00280       int new_length = n_to_skip;
00281       chunk_t **chp = &freelists[i].head;
00282       chunk_t *chunk;
00283       while (n_to_skip) {
00284         if (! (*chp)->next) {
00285           log_warn(LD_BUG, "I wanted to skip %d chunks in the freelist for "
00286                    "%d-byte chunks, but only found %d. (Length %d)",
00287                    orig_n_to_skip, (int)freelists[i].alloc_size,
00288                    orig_n_to_skip-n_to_skip, freelists[i].cur_length);
00289           assert_freelist_ok(&freelists[i]);
00290           goto done;
00291         }
00292         // tor_assert((*chp)->next);
00293         chp = &(*chp)->next;
00294         --n_to_skip;
00295       }
00296       chunk = *chp;
00297       *chp = NULL;
00298       while (chunk) {
00299         chunk_t *next = chunk->next;
00300         tor_free(chunk);
00301         chunk = next;
00302         --n_to_free;
00303         ++n_freed;
00304         ++freelists[i].n_free;
00305       }
00306       if (n_to_free) {
00307         log_warn(LD_BUG, "Freelist length for %d-byte chunks may have been "
00308                  "messed up somehow.", (int)freelists[i].alloc_size);
00309         log_warn(LD_BUG, "There were %d chunks at the start.  I decided to "
00310                  "keep %d. I wanted to free %d.  I freed %d.  I somehow think "
00311                  "I have %d left to free.",
00312                  freelists[i].cur_length, n_to_skip, orig_n_to_free,
00313                  n_freed, n_to_free);
00314       }
00315       // tor_assert(!n_to_free);
00316       freelists[i].cur_length = new_length;
00317       log_info(LD_MM, "Cleaned freelist for %d-byte chunks: original "
00318                "length %d, kept %d, dropped %d.",
00319                (int)freelists[i].alloc_size, orig_length,
00320                orig_n_to_skip, orig_n_to_free);
00321     }
00322     freelists[i].lowest_length = freelists[i].cur_length;
00323     assert_freelist_ok(&freelists[i]);
00324   }
00325  done:
00326   enable_control_logging();
00327 #else
00328   (void) free_all;
00329 #endif
00330 }
00331 
00334 void
00335 buf_dump_freelist_sizes(int severity)
00336 {
00337 #ifdef ENABLE_BUF_FREELISTS
00338   int i;
00339   log(severity, LD_MM, "====== Buffer freelists:");
00340   for (i = 0; freelists[i].alloc_size; ++i) {
00341     uint64_t total = ((uint64_t)freelists[i].cur_length) *
00342       freelists[i].alloc_size;
00343     log(severity, LD_MM,
00344         U64_FORMAT" bytes in %d %d-byte chunks ["U64_FORMAT
00345         " misses; "U64_FORMAT" frees; "U64_FORMAT" hits]",
00346         U64_PRINTF_ARG(total),
00347         freelists[i].cur_length, (int)freelists[i].alloc_size,
00348         U64_PRINTF_ARG(freelists[i].n_alloc),
00349         U64_PRINTF_ARG(freelists[i].n_free),
00350         U64_PRINTF_ARG(freelists[i].n_hit));
00351   }
00352   log(severity, LD_MM, U64_FORMAT" allocations in non-freelist sizes",
00353       U64_PRINTF_ARG(n_freelist_miss));
00354 #else
00355   (void)severity;
00356 #endif
00357 }
00358 
00360 #define BUFFER_MAGIC 0xB0FFF312u
00361 
00362 struct buf_t {
00363   uint32_t magic; 
00365   size_t datalen; 
00366   size_t default_chunk_size; 
00368   chunk_t *head; 
00369   chunk_t *tail; 
00370 };
00371 
00378 static void
00379 buf_pullup(buf_t *buf, size_t bytes, int nulterminate)
00380 {
00381   chunk_t *dest, *src;
00382   size_t capacity;
00383   if (!buf->head)
00384     return;
00385 
00386   check();
00387   if (buf->datalen < bytes)
00388     bytes = buf->datalen;
00389 
00390   if (nulterminate) {
00391     capacity = bytes + 1;
00392     if (buf->head->datalen >= bytes && CHUNK_REMAINING_CAPACITY(buf->head)) {
00393       *CHUNK_WRITE_PTR(buf->head) = '\0';
00394       return;
00395     }
00396   } else {
00397     capacity = bytes;
00398     if (buf->head->datalen >= bytes)
00399       return;
00400   }
00401 
00402   if (buf->head->memlen >= capacity) {
00403     /* We don't need to grow the first chunk, but we might need to repack it.*/
00404     size_t needed = capacity - buf->head->datalen;
00405     if (CHUNK_REMAINING_CAPACITY(buf->head) < needed)
00406       chunk_repack(buf->head);
00407     tor_assert(CHUNK_REMAINING_CAPACITY(buf->head) >= needed);
00408   } else {
00409     chunk_t *newhead;
00410     size_t newsize;
00411     /* We need to grow the chunk. */
00412     chunk_repack(buf->head);
00413     newsize = CHUNK_SIZE_WITH_ALLOC(preferred_chunk_size(capacity));
00414     newhead = chunk_grow(buf->head, newsize);
00415     tor_assert(newhead->memlen >= capacity);
00416     if (newhead != buf->head) {
00417       if (buf->tail == buf->head)
00418         buf->tail = newhead;
00419       buf->head = newhead;
00420     }
00421   }
00422 
00423   dest = buf->head;
00424   while (dest->datalen < bytes) {
00425     size_t n = bytes - dest->datalen;
00426     src = dest->next;
00427     tor_assert(src);
00428     if (n > src->datalen) {
00429       memcpy(CHUNK_WRITE_PTR(dest), src->data, src->datalen);
00430       dest->datalen += src->datalen;
00431       dest->next = src->next;
00432       if (buf->tail == src)
00433         buf->tail = dest;
00434       chunk_free_unchecked(src);
00435     } else {
00436       memcpy(CHUNK_WRITE_PTR(dest), src->data, n);
00437       dest->datalen += n;
00438       src->data += n;
00439       src->datalen -= n;
00440       tor_assert(dest->datalen == bytes);
00441     }
00442   }
00443 
00444   if (nulterminate) {
00445     tor_assert(CHUNK_REMAINING_CAPACITY(buf->head));
00446     *CHUNK_WRITE_PTR(buf->head) = '\0';
00447   }
00448 
00449   check();
00450 }
00451 
00455 void
00456 buf_shrink(buf_t *buf)
00457 {
00458   (void)buf;
00459 }
00460 
00462 static INLINE void
00463 buf_remove_from_front(buf_t *buf, size_t n)
00464 {
00465   tor_assert(buf->datalen >= n);
00466   while (n) {
00467     tor_assert(buf->head);
00468     if (buf->head->datalen > n) {
00469       buf->head->datalen -= n;
00470       buf->head->data += n;
00471       buf->datalen -= n;
00472       return;
00473     } else {
00474       chunk_t *victim = buf->head;
00475       n -= victim->datalen;
00476       buf->datalen -= victim->datalen;
00477       buf->head = victim->next;
00478       if (buf->tail == victim)
00479         buf->tail = NULL;
00480       chunk_free_unchecked(victim);
00481     }
00482   }
00483   check();
00484 }
00485 
00488 buf_t *
00489 buf_new_with_capacity(size_t size)
00490 {
00491   buf_t *b = buf_new();
00492   b->default_chunk_size = preferred_chunk_size(size);
00493   return b;
00494 }
00495 
00497 buf_t *
00498 buf_new(void)
00499 {
00500   buf_t *buf = tor_malloc_zero(sizeof(buf_t));
00501   buf->magic = BUFFER_MAGIC;
00502   buf->default_chunk_size = 4096;
00503   return buf;
00504 }
00505 
00507 void
00508 buf_clear(buf_t *buf)
00509 {
00510   chunk_t *chunk, *next;
00511   buf->datalen = 0;
00512   for (chunk = buf->head; chunk; chunk = next) {
00513     next = chunk->next;
00514     chunk_free_unchecked(chunk);
00515   }
00516   buf->head = buf->tail = NULL;
00517 }
00518 
00520 size_t
00521 buf_datalen(const buf_t *buf)
00522 {
00523   return buf->datalen;
00524 }
00525 
00527 size_t
00528 buf_allocation(const buf_t *buf)
00529 {
00530   size_t total = 0;
00531   const chunk_t *chunk;
00532   for (chunk = buf->head; chunk; chunk = chunk->next) {
00533     total += chunk->memlen;
00534   }
00535   return total;
00536 }
00537 
00540 size_t
00541 buf_slack(const buf_t *buf)
00542 {
00543   if (!buf->tail)
00544     return 0;
00545   else
00546     return CHUNK_REMAINING_CAPACITY(buf->tail);
00547 }
00548 
00550 void
00551 buf_free(buf_t *buf)
00552 {
00553   if (!buf)
00554     return;
00555 
00556   buf_clear(buf);
00557   buf->magic = 0xdeadbeef;
00558   tor_free(buf);
00559 }
00560 
00562 static chunk_t *
00563 chunk_copy(const chunk_t *in_chunk)
00564 {
00565   chunk_t *newch = tor_memdup(in_chunk, CHUNK_ALLOC_SIZE(in_chunk->memlen));
00566   newch->next = NULL;
00567   if (in_chunk->data) {
00568     off_t offset = in_chunk->data - in_chunk->mem;
00569     newch->data = newch->mem + offset;
00570   }
00571   return newch;
00572 }
00573 
00575 buf_t *
00576 buf_copy(const buf_t *buf)
00577 {
00578   chunk_t *ch;
00579   buf_t *out = buf_new();
00580   out->default_chunk_size = buf->default_chunk_size;
00581   for (ch = buf->head; ch; ch = ch->next) {
00582     chunk_t *newch = chunk_copy(ch);
00583     if (out->tail) {
00584       out->tail->next = newch;
00585       out->tail = newch;
00586     } else {
00587       out->head = out->tail = newch;
00588     }
00589   }
00590   out->datalen = buf->datalen;
00591   return out;
00592 }
00593 
00597 static chunk_t *
00598 buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped)
00599 {
00600   chunk_t *chunk;
00601   if (CHUNK_ALLOC_SIZE(capacity) < buf->default_chunk_size) {
00602     chunk = chunk_new_with_alloc_size(buf->default_chunk_size);
00603   } else if (capped && CHUNK_ALLOC_SIZE(capacity) > MAX_CHUNK_ALLOC) {
00604     chunk = chunk_new_with_alloc_size(MAX_CHUNK_ALLOC);
00605   } else {
00606     chunk = chunk_new_with_alloc_size(preferred_chunk_size(capacity));
00607   }
00608   if (buf->tail) {
00609     tor_assert(buf->head);
00610     buf->tail->next = chunk;
00611     buf->tail = chunk;
00612   } else {
00613     tor_assert(!buf->head);
00614     buf->head = buf->tail = chunk;
00615   }
00616   check();
00617   return chunk;
00618 }
00619 
00624 static INLINE int
00625 read_to_chunk(buf_t *buf, chunk_t *chunk, tor_socket_t fd, size_t at_most,
00626               int *reached_eof, int *socket_error)
00627 {
00628   ssize_t read_result;
00629   if (at_most > CHUNK_REMAINING_CAPACITY(chunk))
00630     at_most = CHUNK_REMAINING_CAPACITY(chunk);
00631   read_result = tor_socket_recv(fd, CHUNK_WRITE_PTR(chunk), at_most, 0);
00632 
00633   if (read_result < 0) {
00634     int e = tor_socket_errno(fd);
00635     if (!ERRNO_IS_EAGAIN(e)) { /* it's a real error */
00636 #ifdef _WIN32
00637       if (e == WSAENOBUFS)
00638         log_warn(LD_NET,"recv() failed: WSAENOBUFS. Not enough ram?");
00639 #endif
00640       *socket_error = e;
00641       return -1;
00642     }
00643     return 0; /* would block. */
00644   } else if (read_result == 0) {
00645     log_debug(LD_NET,"Encountered eof on fd %d", (int)fd);
00646     *reached_eof = 1;
00647     return 0;
00648   } else { /* actually got bytes. */
00649     buf->datalen += read_result;
00650     chunk->datalen += read_result;
00651     log_debug(LD_NET,"Read %ld bytes. %d on inbuf.", (long)read_result,
00652               (int)buf->datalen);
00653     tor_assert(read_result < INT_MAX);
00654     return (int)read_result;
00655   }
00656 }
00657 
00660 static INLINE int
00661 read_to_chunk_tls(buf_t *buf, chunk_t *chunk, tor_tls_t *tls,
00662                   size_t at_most)
00663 {
00664   int read_result;
00665 
00666   tor_assert(CHUNK_REMAINING_CAPACITY(chunk) >= at_most);
00667   read_result = tor_tls_read(tls, CHUNK_WRITE_PTR(chunk), at_most);
00668   if (read_result < 0)
00669     return read_result;
00670   buf->datalen += read_result;
00671   chunk->datalen += read_result;
00672   return read_result;
00673 }
00674 
00680 /* XXXX024 indicate "read blocked" somehow? */
00681 int
00682 read_to_buf(tor_socket_t s, size_t at_most, buf_t *buf, int *reached_eof,
00683             int *socket_error)
00684 {
00685   /* XXXX024 It's stupid to overload the return values for these functions:
00686    * "error status" and "number of bytes read" are not mutually exclusive.
00687    */
00688   int r = 0;
00689   size_t total_read = 0;
00690 
00691   check();
00692   tor_assert(reached_eof);
00693   tor_assert(SOCKET_OK(s));
00694 
00695   while (at_most > total_read) {
00696     size_t readlen = at_most - total_read;
00697     chunk_t *chunk;
00698     if (!buf->tail || CHUNK_REMAINING_CAPACITY(buf->tail) < MIN_READ_LEN) {
00699       chunk = buf_add_chunk_with_capacity(buf, at_most, 1);
00700       if (readlen > chunk->memlen)
00701         readlen = chunk->memlen;
00702     } else {
00703       size_t cap = CHUNK_REMAINING_CAPACITY(buf->tail);
00704       chunk = buf->tail;
00705       if (cap < readlen)
00706         readlen = cap;
00707     }
00708 
00709     r = read_to_chunk(buf, chunk, s, readlen, reached_eof, socket_error);
00710     check();
00711     if (r < 0)
00712       return r; /* Error */
00713     tor_assert(total_read+r < INT_MAX);
00714     total_read += r;
00715     if ((size_t)r < readlen) { /* eof, block, or no more to read. */
00716       break;
00717     }
00718   }
00719   return (int)total_read;
00720 }
00721 
00742 int
00743 read_to_buf_tls(tor_tls_t *tls, size_t at_most, buf_t *buf)
00744 {
00745   int r = 0;
00746   size_t total_read = 0;
00747 
00748   check_no_tls_errors();
00749 
00750   check();
00751 
00752   while (at_most > total_read) {
00753     size_t readlen = at_most - total_read;
00754     chunk_t *chunk;
00755     if (!buf->tail || CHUNK_REMAINING_CAPACITY(buf->tail) < MIN_READ_LEN) {
00756       chunk = buf_add_chunk_with_capacity(buf, at_most, 1);
00757       if (readlen > chunk->memlen)
00758         readlen = chunk->memlen;
00759     } else {
00760       size_t cap = CHUNK_REMAINING_CAPACITY(buf->tail);
00761       chunk = buf->tail;
00762       if (cap < readlen)
00763         readlen = cap;
00764     }
00765 
00766     r = read_to_chunk_tls(buf, chunk, tls, readlen);
00767     check();
00768     if (r < 0)
00769       return r; /* Error */
00770     tor_assert(total_read+r < INT_MAX);
00771      total_read += r;
00772     if ((size_t)r < readlen) /* eof, block, or no more to read. */
00773       break;
00774   }
00775   return (int)total_read;
00776 }
00777 
00783 static INLINE int
00784 flush_chunk(tor_socket_t s, buf_t *buf, chunk_t *chunk, size_t sz,
00785             size_t *buf_flushlen)
00786 {
00787   ssize_t write_result;
00788 
00789   if (sz > chunk->datalen)
00790     sz = chunk->datalen;
00791   write_result = tor_socket_send(s, chunk->data, sz, 0);
00792 
00793   if (write_result < 0) {
00794     int e = tor_socket_errno(s);
00795     if (!ERRNO_IS_EAGAIN(e)) { /* it's a real error */
00796 #ifdef _WIN32
00797       if (e == WSAENOBUFS)
00798         log_warn(LD_NET,"write() failed: WSAENOBUFS. Not enough ram?");
00799 #endif
00800       return -1;
00801     }
00802     log_debug(LD_NET,"write() would block, returning.");
00803     return 0;
00804   } else {
00805     *buf_flushlen -= write_result;
00806     buf_remove_from_front(buf, write_result);
00807     tor_assert(write_result < INT_MAX);
00808     return (int)write_result;
00809   }
00810 }
00811 
00818 static INLINE int
00819 flush_chunk_tls(tor_tls_t *tls, buf_t *buf, chunk_t *chunk,
00820                 size_t sz, size_t *buf_flushlen)
00821 {
00822   int r;
00823   size_t forced;
00824   char *data;
00825 
00826   forced = tor_tls_get_forced_write_size(tls);
00827   if (forced > sz)
00828     sz = forced;
00829   if (chunk) {
00830     data = chunk->data;
00831     tor_assert(sz <= chunk->datalen);
00832   } else {
00833     data = NULL;
00834     tor_assert(sz == 0);
00835   }
00836   r = tor_tls_write(tls, data, sz);
00837   if (r < 0)
00838     return r;
00839   if (*buf_flushlen > (size_t)r)
00840     *buf_flushlen -= r;
00841   else
00842     *buf_flushlen = 0;
00843   buf_remove_from_front(buf, r);
00844   log_debug(LD_NET,"flushed %d bytes, %d ready to flush, %d remain.",
00845             r,(int)*buf_flushlen,(int)buf->datalen);
00846   return r;
00847 }
00848 
00855 int
00856 flush_buf(tor_socket_t s, buf_t *buf, size_t sz, size_t *buf_flushlen)
00857 {
00858   /* XXXX024 It's stupid to overload the return values for these functions:
00859    * "error status" and "number of bytes flushed" are not mutually exclusive.
00860    */
00861   int r;
00862   size_t flushed = 0;
00863   tor_assert(buf_flushlen);
00864   tor_assert(SOCKET_OK(s));
00865   tor_assert(*buf_flushlen <= buf->datalen);
00866   tor_assert(sz <= *buf_flushlen);
00867 
00868   check();
00869   while (sz) {
00870     size_t flushlen0;
00871     tor_assert(buf->head);
00872     if (buf->head->datalen >= sz)
00873       flushlen0 = sz;
00874     else
00875       flushlen0 = buf->head->datalen;
00876 
00877     r = flush_chunk(s, buf, buf->head, flushlen0, buf_flushlen);
00878     check();
00879     if (r < 0)
00880       return r;
00881     flushed += r;
00882     sz -= r;
00883     if (r == 0 || (size_t)r < flushlen0) /* can't flush any more now. */
00884       break;
00885   }
00886   tor_assert(flushed < INT_MAX);
00887   return (int)flushed;
00888 }
00889 
00893 int
00894 flush_buf_tls(tor_tls_t *tls, buf_t *buf, size_t flushlen,
00895               size_t *buf_flushlen)
00896 {
00897   int r;
00898   size_t flushed = 0;
00899   ssize_t sz;
00900   tor_assert(buf_flushlen);
00901   tor_assert(*buf_flushlen <= buf->datalen);
00902   tor_assert(flushlen <= *buf_flushlen);
00903   sz = (ssize_t) flushlen;
00904 
00905   /* we want to let tls write even if flushlen is zero, because it might
00906    * have a partial record pending */
00907   check_no_tls_errors();
00908 
00909   check();
00910   do {
00911     size_t flushlen0;
00912     if (buf->head) {
00913       if ((ssize_t)buf->head->datalen >= sz)
00914         flushlen0 = sz;
00915       else
00916         flushlen0 = buf->head->datalen;
00917     } else {
00918       flushlen0 = 0;
00919     }
00920 
00921     r = flush_chunk_tls(tls, buf, buf->head, flushlen0, buf_flushlen);
00922     check();
00923     if (r < 0)
00924       return r;
00925     flushed += r;
00926     sz -= r;
00927     if (r == 0) /* Can't flush any more now. */
00928       break;
00929   } while (sz > 0);
00930   tor_assert(flushed < INT_MAX);
00931   return (int)flushed;
00932 }
00933 
00939 int
00940 write_to_buf(const char *string, size_t string_len, buf_t *buf)
00941 {
00942   if (!string_len)
00943     return (int)buf->datalen;
00944   check();
00945 
00946   while (string_len) {
00947     size_t copy;
00948     if (!buf->tail || !CHUNK_REMAINING_CAPACITY(buf->tail))
00949       buf_add_chunk_with_capacity(buf, string_len, 1);
00950 
00951     copy = CHUNK_REMAINING_CAPACITY(buf->tail);
00952     if (copy > string_len)
00953       copy = string_len;
00954     memcpy(CHUNK_WRITE_PTR(buf->tail), string, copy);
00955     string_len -= copy;
00956     string += copy;
00957     buf->datalen += copy;
00958     buf->tail->datalen += copy;
00959   }
00960 
00961   check();
00962   tor_assert(buf->datalen < INT_MAX);
00963   return (int)buf->datalen;
00964 }
00965 
00969 static INLINE void
00970 peek_from_buf(char *string, size_t string_len, const buf_t *buf)
00971 {
00972   chunk_t *chunk;
00973 
00974   tor_assert(string);
00975   /* make sure we don't ask for too much */
00976   tor_assert(string_len <= buf->datalen);
00977   /* assert_buf_ok(buf); */
00978 
00979   chunk = buf->head;
00980   while (string_len) {
00981     size_t copy = string_len;
00982     tor_assert(chunk);
00983     if (chunk->datalen < copy)
00984       copy = chunk->datalen;
00985     memcpy(string, chunk->data, copy);
00986     string_len -= copy;
00987     string += copy;
00988     chunk = chunk->next;
00989   }
00990 }
00991 
00996 int
00997 fetch_from_buf(char *string, size_t string_len, buf_t *buf)
00998 {
00999   /* There must be string_len bytes in buf; write them onto string,
01000    * then memmove buf back (that is, remove them from buf).
01001    *
01002    * Return the number of bytes still on the buffer. */
01003 
01004   check();
01005   peek_from_buf(string, string_len, buf);
01006   buf_remove_from_front(buf, string_len);
01007   check();
01008   tor_assert(buf->datalen < INT_MAX);
01009   return (int)buf->datalen;
01010 }
01011 
01014 static INLINE int
01015 cell_command_is_var_length(uint8_t command, int linkproto)
01016 {
01017   /* If linkproto is v2 (2), CELL_VERSIONS is the only variable-length cells
01018    * work as implemented here. If it's 1, there are no variable-length cells.
01019    * Tor does not support other versions right now, and so can't negotiate
01020    * them.
01021    */
01022   switch (linkproto) {
01023   case 1:
01024     /* Link protocol version 1 has no variable-length cells. */
01025     return 0;
01026   case 2:
01027     /* In link protocol version 2, VERSIONS is the only variable-length cell */
01028     return command == CELL_VERSIONS;
01029   case 0:
01030   case 3:
01031   default:
01032     /* In link protocol version 3 and later, and in version "unknown",
01033      * commands 128 and higher indicate variable-length. VERSIONS is
01034      * grandfathered in. */
01035     return command == CELL_VERSIONS || command >= 128;
01036   }
01037 }
01038 
01046 int
01047 fetch_var_cell_from_buf(buf_t *buf, var_cell_t **out, int linkproto)
01048 {
01049   char hdr[VAR_CELL_HEADER_SIZE];
01050   var_cell_t *result;
01051   uint8_t command;
01052   uint16_t length;
01053   check();
01054   *out = NULL;
01055   if (buf->datalen < VAR_CELL_HEADER_SIZE)
01056     return 0;
01057   peek_from_buf(hdr, sizeof(hdr), buf);
01058 
01059   command = get_uint8(hdr+2);
01060   if (!(cell_command_is_var_length(command, linkproto)))
01061     return 0;
01062 
01063   length = ntohs(get_uint16(hdr+3));
01064   if (buf->datalen < (size_t)(VAR_CELL_HEADER_SIZE+length))
01065     return 1;
01066   result = var_cell_new(length);
01067   result->command = command;
01068   result->circ_id = ntohs(get_uint16(hdr));
01069 
01070   buf_remove_from_front(buf, VAR_CELL_HEADER_SIZE);
01071   peek_from_buf((char*) result->payload, length, buf);
01072   buf_remove_from_front(buf, length);
01073   check();
01074 
01075   *out = result;
01076   return 1;
01077 }
01078 
01079 #ifdef USE_BUFFEREVENTS
01080 
01087 static ssize_t
01088 inspect_evbuffer(struct evbuffer *buf, char **data_out, size_t n,
01089                  int *free_out, struct evbuffer_ptr *pos)
01090 {
01091   int n_vecs, i;
01092 
01093   if (evbuffer_get_length(buf) < n)
01094     n = evbuffer_get_length(buf);
01095   if (n == 0)
01096     return 0;
01097   n_vecs = evbuffer_peek(buf, n, pos, NULL, 0);
01098   tor_assert(n_vecs > 0);
01099   if (n_vecs == 1) {
01100     struct evbuffer_iovec v;
01101     i = evbuffer_peek(buf, n, pos, &v, 1);
01102     tor_assert(i == 1);
01103     *data_out = v.iov_base;
01104     *free_out = 0;
01105     return v.iov_len;
01106   } else {
01107     ev_ssize_t copied;
01108     *data_out = tor_malloc(n);
01109     *free_out = 1;
01110     copied = evbuffer_copyout(buf, *data_out, n);
01111     tor_assert(copied >= 0 && (size_t)copied == n);
01112     return copied;
01113   }
01114 }
01115 
01117 int
01118 fetch_var_cell_from_evbuffer(struct evbuffer *buf, var_cell_t **out,
01119                              int linkproto)
01120 {
01121   char *hdr = NULL;
01122   int free_hdr = 0;
01123   size_t n;
01124   size_t buf_len;
01125   uint8_t command;
01126   uint16_t cell_length;
01127   var_cell_t *cell;
01128   int result = 0;
01129 
01130   *out = NULL;
01131   buf_len = evbuffer_get_length(buf);
01132   if (buf_len < VAR_CELL_HEADER_SIZE)
01133     return 0;
01134 
01135   n = inspect_evbuffer(buf, &hdr, VAR_CELL_HEADER_SIZE, &free_hdr, NULL);
01136   tor_assert(n >= VAR_CELL_HEADER_SIZE);
01137 
01138   command = get_uint8(hdr+2);
01139   if (!(cell_command_is_var_length(command, linkproto))) {
01140     goto done;
01141   }
01142 
01143   cell_length = ntohs(get_uint16(hdr+3));
01144   if (buf_len < (size_t)(VAR_CELL_HEADER_SIZE+cell_length)) {
01145     result = 1; /* Not all here yet. */
01146     goto done;
01147   }
01148 
01149   cell = var_cell_new(cell_length);
01150   cell->command = command;
01151   cell->circ_id = ntohs(get_uint16(hdr));
01152   evbuffer_drain(buf, VAR_CELL_HEADER_SIZE);
01153   evbuffer_remove(buf, cell->payload, cell_length);
01154   *out = cell;
01155   result = 1;
01156 
01157  done:
01158   if (free_hdr && hdr)
01159     tor_free(hdr);
01160   return result;
01161 }
01162 #endif
01163 
01168 int
01169 move_buf_to_buf(buf_t *buf_out, buf_t *buf_in, size_t *buf_flushlen)
01170 {
01171   /* We can do way better here, but this doesn't turn up in any profiles. */
01172   char b[4096];
01173   size_t cp, len;
01174   len = *buf_flushlen;
01175   if (len > buf_in->datalen)
01176     len = buf_in->datalen;
01177 
01178   cp = len; /* Remember the number of bytes we intend to copy. */
01179   tor_assert(cp < INT_MAX);
01180   while (len) {
01181     /* This isn't the most efficient implementation one could imagine, since
01182      * it does two copies instead of 1, but I kinda doubt that this will be
01183      * critical path. */
01184     size_t n = len > sizeof(b) ? sizeof(b) : len;
01185     fetch_from_buf(b, n, buf_in);
01186     write_to_buf(b, n, buf_out);
01187     len -= n;
01188   }
01189   *buf_flushlen -= cp;
01190   return (int)cp;
01191 }
01192 
01194 typedef struct buf_pos_t {
01195   const chunk_t *chunk; 
01196   int pos;
01197   size_t chunk_pos; 
01198 } buf_pos_t;
01199 
01201 static void
01202 buf_pos_init(const buf_t *buf, buf_pos_t *out)
01203 {
01204   out->chunk = buf->head;
01205   out->pos = 0;
01206   out->chunk_pos = 0;
01207 }
01208 
01212 static off_t
01213 buf_find_pos_of_char(char ch, buf_pos_t *out)
01214 {
01215   const chunk_t *chunk;
01216   int pos;
01217   tor_assert(out);
01218   if (out->chunk) {
01219     if (out->chunk->datalen) {
01220       tor_assert(out->pos < (off_t)out->chunk->datalen);
01221     } else {
01222       tor_assert(out->pos == 0);
01223     }
01224   }
01225   pos = out->pos;
01226   for (chunk = out->chunk; chunk; chunk = chunk->next) {
01227     char *cp = memchr(chunk->data+pos, ch, chunk->datalen - pos);
01228     if (cp) {
01229       out->chunk = chunk;
01230       tor_assert(cp - chunk->data < INT_MAX);
01231       out->pos = (int)(cp - chunk->data);
01232       return out->chunk_pos + out->pos;
01233     } else {
01234       out->chunk_pos += chunk->datalen;
01235       pos = 0;
01236     }
01237   }
01238   return -1;
01239 }
01240 
01243 static INLINE int
01244 buf_pos_inc(buf_pos_t *pos)
01245 {
01246   ++pos->pos;
01247   if (pos->pos == (off_t)pos->chunk->datalen) {
01248     if (!pos->chunk->next)
01249       return -1;
01250     pos->chunk_pos += pos->chunk->datalen;
01251     pos->chunk = pos->chunk->next;
01252     pos->pos = 0;
01253   }
01254   return 0;
01255 }
01256 
01259 static int
01260 buf_matches_at_pos(const buf_pos_t *pos, const char *s, size_t n)
01261 {
01262   buf_pos_t p;
01263   if (!n)
01264     return 1;
01265 
01266   memcpy(&p, pos, sizeof(p));
01267 
01268   while (1) {
01269     char ch = p.chunk->data[p.pos];
01270     if (ch != *s)
01271       return 0;
01272     ++s;
01273     /* If we're out of characters that don't match, we match.  Check this
01274      * _before_ we test incrementing pos, in case we're at the end of the
01275      * string. */
01276     if (--n == 0)
01277       return 1;
01278     if (buf_pos_inc(&p)<0)
01279       return 0;
01280   }
01281 }
01282 
01285 /*private*/ int
01286 buf_find_string_offset(const buf_t *buf, const char *s, size_t n)
01287 {
01288   buf_pos_t pos;
01289   buf_pos_init(buf, &pos);
01290   while (buf_find_pos_of_char(*s, &pos) >= 0) {
01291     if (buf_matches_at_pos(&pos, s, n)) {
01292       tor_assert(pos.chunk_pos + pos.pos < INT_MAX);
01293       return (int)(pos.chunk_pos + pos.pos);
01294     } else {
01295       if (buf_pos_inc(&pos)<0)
01296         return -1;
01297     }
01298   }
01299   return -1;
01300 }
01301 
01321 int
01322 fetch_from_buf_http(buf_t *buf,
01323                     char **headers_out, size_t max_headerlen,
01324                     char **body_out, size_t *body_used, size_t max_bodylen,
01325                     int force_complete)
01326 {
01327   char *headers, *p;
01328   size_t headerlen, bodylen, contentlen;
01329   int crlf_offset;
01330 
01331   check();
01332   if (!buf->head)
01333     return 0;
01334 
01335   crlf_offset = buf_find_string_offset(buf, "\r\n\r\n", 4);
01336   if (crlf_offset > (int)max_headerlen ||
01337       (crlf_offset < 0 && buf->datalen > max_headerlen)) {
01338     log_debug(LD_HTTP,"headers too long.");
01339     return -1;
01340   } else if (crlf_offset < 0) {
01341     log_debug(LD_HTTP,"headers not all here yet.");
01342     return 0;
01343   }
01344   /* Okay, we have a full header.  Make sure it all appears in the first
01345    * chunk. */
01346   if ((int)buf->head->datalen < crlf_offset + 4)
01347     buf_pullup(buf, crlf_offset+4, 0);
01348   headerlen = crlf_offset + 4;
01349 
01350   headers = buf->head->data;
01351   bodylen = buf->datalen - headerlen;
01352   log_debug(LD_HTTP,"headerlen %d, bodylen %d.", (int)headerlen, (int)bodylen);
01353 
01354   if (max_headerlen <= headerlen) {
01355     log_warn(LD_HTTP,"headerlen %d larger than %d. Failing.",
01356              (int)headerlen, (int)max_headerlen-1);
01357     return -1;
01358   }
01359   if (max_bodylen <= bodylen) {
01360     log_warn(LD_HTTP,"bodylen %d larger than %d. Failing.",
01361              (int)bodylen, (int)max_bodylen-1);
01362     return -1;
01363   }
01364 
01365 #define CONTENT_LENGTH "\r\nContent-Length: "
01366   p = (char*) tor_memstr(headers, headerlen, CONTENT_LENGTH);
01367   if (p) {
01368     int i;
01369     i = atoi(p+strlen(CONTENT_LENGTH));
01370     if (i < 0) {
01371       log_warn(LD_PROTOCOL, "Content-Length is less than zero; it looks like "
01372                "someone is trying to crash us.");
01373       return -1;
01374     }
01375     contentlen = i;
01376     /* if content-length is malformed, then our body length is 0. fine. */
01377     log_debug(LD_HTTP,"Got a contentlen of %d.",(int)contentlen);
01378     if (bodylen < contentlen) {
01379       if (!force_complete) {
01380         log_debug(LD_HTTP,"body not all here yet.");
01381         return 0; /* not all there yet */
01382       }
01383     }
01384     if (bodylen > contentlen) {
01385       bodylen = contentlen;
01386       log_debug(LD_HTTP,"bodylen reduced to %d.",(int)bodylen);
01387     }
01388   }
01389   /* all happy. copy into the appropriate places, and return 1 */
01390   if (headers_out) {
01391     *headers_out = tor_malloc(headerlen+1);
01392     fetch_from_buf(*headers_out, headerlen, buf);
01393     (*headers_out)[headerlen] = 0; /* NUL terminate it */
01394   }
01395   if (body_out) {
01396     tor_assert(body_used);
01397     *body_used = bodylen;
01398     *body_out = tor_malloc(bodylen+1);
01399     fetch_from_buf(*body_out, bodylen, buf);
01400     (*body_out)[bodylen] = 0; /* NUL terminate it */
01401   }
01402   check();
01403   return 1;
01404 }
01405 
01406 #ifdef USE_BUFFEREVENTS
01407 
01408 int
01409 fetch_from_evbuffer_http(struct evbuffer *buf,
01410                     char **headers_out, size_t max_headerlen,
01411                     char **body_out, size_t *body_used, size_t max_bodylen,
01412                     int force_complete)
01413 {
01414   struct evbuffer_ptr crlf, content_length;
01415   size_t headerlen, bodylen, contentlen;
01416 
01417   /* Find the first \r\n\r\n in the buffer */
01418   crlf = evbuffer_search(buf, "\r\n\r\n", 4, NULL);
01419   if (crlf.pos < 0) {
01420     /* We didn't find one. */
01421     if (evbuffer_get_length(buf) > max_headerlen)
01422       return -1; /* Headers too long. */
01423     return 0; /* Headers not here yet. */
01424   } else if (crlf.pos > (int)max_headerlen) {
01425     return -1; /* Headers too long. */
01426   }
01427 
01428   headerlen = crlf.pos + 4;  /* Skip over the \r\n\r\n */
01429   bodylen = evbuffer_get_length(buf) - headerlen;
01430   if (bodylen > max_bodylen)
01431     return -1; /* body too long */
01432 
01433   /* Look for the first occurrence of CONTENT_LENGTH insize buf before the
01434    * crlfcrlf */
01435   content_length = evbuffer_search_range(buf, CONTENT_LENGTH,
01436                                          strlen(CONTENT_LENGTH), NULL, &crlf);
01437 
01438   if (content_length.pos >= 0) {
01439     /* We found a content_length: parse it and figure out if the body is here
01440      * yet. */
01441     struct evbuffer_ptr eol;
01442     char *data = NULL;
01443     int free_data = 0;
01444     int n, i;
01445     n = evbuffer_ptr_set(buf, &content_length, strlen(CONTENT_LENGTH),
01446                          EVBUFFER_PTR_ADD);
01447     tor_assert(n == 0);
01448     eol = evbuffer_search_eol(buf, &content_length, NULL, EVBUFFER_EOL_CRLF);
01449     tor_assert(eol.pos > content_length.pos);
01450     tor_assert(eol.pos <= crlf.pos);
01451     inspect_evbuffer(buf, &data, eol.pos - content_length.pos, &free_data,
01452                          &content_length);
01453 
01454     i = atoi(data);
01455     if (free_data)
01456       tor_free(data);
01457     if (i < 0) {
01458       log_warn(LD_PROTOCOL, "Content-Length is less than zero; it looks like "
01459                "someone is trying to crash us.");
01460       return -1;
01461     }
01462     contentlen = i;
01463     /* if content-length is malformed, then our body length is 0. fine. */
01464     log_debug(LD_HTTP,"Got a contentlen of %d.",(int)contentlen);
01465     if (bodylen < contentlen) {
01466       if (!force_complete) {
01467         log_debug(LD_HTTP,"body not all here yet.");
01468         return 0; /* not all there yet */
01469       }
01470     }
01471     if (bodylen > contentlen) {
01472       bodylen = contentlen;
01473       log_debug(LD_HTTP,"bodylen reduced to %d.",(int)bodylen);
01474     }
01475   }
01476 
01477   if (headers_out) {
01478     *headers_out = tor_malloc(headerlen+1);
01479     evbuffer_remove(buf, *headers_out, headerlen);
01480     (*headers_out)[headerlen] = '\0';
01481   }
01482   if (body_out) {
01483     tor_assert(headers_out);
01484     tor_assert(body_used);
01485     *body_used = bodylen;
01486     *body_out = tor_malloc(bodylen+1);
01487     evbuffer_remove(buf, *body_out, bodylen);
01488     (*body_out)[bodylen] = '\0';
01489   }
01490   return 1;
01491 }
01492 #endif
01493 
01497 #define SOCKS_WARN_INTERVAL 5
01498 
01502 static void
01503 log_unsafe_socks_warning(int socks_protocol, const char *address,
01504                          uint16_t port, int safe_socks)
01505 {
01506   static ratelim_t socks_ratelim = RATELIM_INIT(SOCKS_WARN_INTERVAL);
01507 
01508   const or_options_t *options = get_options();
01509   char *m = NULL;
01510   if (! options->WarnUnsafeSocks)
01511     return;
01512   if (safe_socks || (m = rate_limit_log(&socks_ratelim, approx_time()))) {
01513     log_warn(LD_APP,
01514              "Your application (using socks%d to port %d) is giving "
01515              "Tor only an IP address. Applications that do DNS resolves "
01516              "themselves may leak information. Consider using Socks4A "
01517              "(e.g. via privoxy or socat) instead. For more information, "
01518              "please see https://wiki.torproject.org/TheOnionRouter/"
01519              "TorFAQ#SOCKSAndDNS.%s%s",
01520              socks_protocol,
01521              (int)port,
01522              safe_socks ? " Rejecting." : "",
01523              m ? m : "");
01524     tor_free(m);
01525   }
01526   control_event_client_status(LOG_WARN,
01527                               "DANGEROUS_SOCKS PROTOCOL=SOCKS%d ADDRESS=%s:%d",
01528                               socks_protocol, address, (int)port);
01529 }
01530 
01533 #define MAX_SOCKS_MESSAGE_LEN 512
01534 
01536 socks_request_t *
01537 socks_request_new(void)
01538 {
01539   return tor_malloc_zero(sizeof(socks_request_t));
01540 }
01541 
01543 void
01544 socks_request_free(socks_request_t *req)
01545 {
01546   if (!req)
01547     return;
01548   if (req->username) {
01549     memset(req->username, 0x10, req->usernamelen);
01550     tor_free(req->username);
01551   }
01552   if (req->password) {
01553     memset(req->password, 0x04, req->passwordlen);
01554     tor_free(req->password);
01555   }
01556   memset(req, 0xCC, sizeof(socks_request_t));
01557   tor_free(req);
01558 }
01559 
01585 int
01586 fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
01587                      int log_sockstype, int safe_socks)
01588 {
01589   int res;
01590   ssize_t n_drain;
01591   size_t want_length = 128;
01592 
01593   if (buf->datalen < 2) /* version and another byte */
01594     return 0;
01595 
01596   do {
01597     n_drain = 0;
01598     buf_pullup(buf, want_length, 0);
01599     tor_assert(buf->head && buf->head->datalen >= 2);
01600     want_length = 0;
01601 
01602     res = parse_socks(buf->head->data, buf->head->datalen, req, log_sockstype,
01603                       safe_socks, &n_drain, &want_length);
01604 
01605     if (n_drain < 0)
01606       buf_clear(buf);
01607     else if (n_drain > 0)
01608       buf_remove_from_front(buf, n_drain);
01609 
01610   } while (res == 0 && buf->head && want_length < buf->datalen &&
01611            buf->datalen >= 2);
01612 
01613   return res;
01614 }
01615 
01616 #ifdef USE_BUFFEREVENTS
01617 /* As fetch_from_buf_socks(), but targets an evbuffer instead. */
01618 int
01619 fetch_from_evbuffer_socks(struct evbuffer *buf, socks_request_t *req,
01620                           int log_sockstype, int safe_socks)
01621 {
01622   char *data;
01623   ssize_t n_drain;
01624   size_t datalen, buflen, want_length;
01625   int res;
01626 
01627   buflen = evbuffer_get_length(buf);
01628   if (buflen < 2)
01629     return 0;
01630 
01631   {
01632     /* See if we can find the socks request in the first chunk of the buffer.
01633      */
01634     struct evbuffer_iovec v;
01635     int i;
01636     n_drain = 0;
01637     i = evbuffer_peek(buf, -1, NULL, &v, 1);
01638     tor_assert(i == 1);
01639     data = v.iov_base;
01640     datalen = v.iov_len;
01641     want_length = 0;
01642 
01643     res = parse_socks(data, datalen, req, log_sockstype,
01644                       safe_socks, &n_drain, &want_length);
01645 
01646     if (n_drain < 0)
01647       evbuffer_drain(buf, evbuffer_get_length(buf));
01648     else if (n_drain > 0)
01649       evbuffer_drain(buf, n_drain);
01650 
01651     if (res)
01652       return res;
01653   }
01654 
01655   /* Okay, the first chunk of the buffer didn't have a complete socks request.
01656    * That means that either we don't have a whole socks request at all, or
01657    * it's gotten split up.  We're going to try passing parse_socks() bigger
01658    * and bigger chunks until either it says "Okay, I got it", or it says it
01659    * will need more data than we currently have. */
01660 
01661   /* Loop while we have more data that we haven't given parse_socks() yet. */
01662   do {
01663     int free_data = 0;
01664     const size_t last_wanted = want_length;
01665     n_drain = 0;
01666     data = NULL;
01667     datalen = inspect_evbuffer(buf, &data, want_length, &free_data, NULL);
01668 
01669     want_length = 0;
01670     res = parse_socks(data, datalen, req, log_sockstype,
01671                       safe_socks, &n_drain, &want_length);
01672 
01673     if (free_data)
01674       tor_free(data);
01675 
01676     if (n_drain < 0)
01677       evbuffer_drain(buf, evbuffer_get_length(buf));
01678     else if (n_drain > 0)
01679       evbuffer_drain(buf, n_drain);
01680 
01681     if (res == 0 && n_drain == 0 && want_length <= last_wanted) {
01682       /* If we drained nothing, and we didn't ask for more than last time,
01683        * then we probably wanted more data than the buffer actually had,
01684        * and we're finding out that we're not satisified with it. It's
01685        * time to break until we have more data. */
01686       break;
01687     }
01688 
01689     buflen = evbuffer_get_length(buf);
01690   } while (res == 0 && want_length <= buflen && buflen >= 2);
01691 
01692   return res;
01693 }
01694 #endif
01695 
01703 static int
01704 parse_socks(const char *data, size_t datalen, socks_request_t *req,
01705             int log_sockstype, int safe_socks, ssize_t *drain_out,
01706             size_t *want_length_out)
01707 {
01708   unsigned int len;
01709   char tmpbuf[TOR_ADDR_BUF_LEN+1];
01710   tor_addr_t destaddr;
01711   uint32_t destip;
01712   uint8_t socksver;
01713   char *next, *startaddr;
01714   unsigned char usernamelen, passlen;
01715   struct in_addr in;
01716 
01717   if (datalen < 2) {
01718     /* We always need at least 2 bytes. */
01719     *want_length_out = 2;
01720     return 0;
01721   }
01722 
01723   if (req->socks_version == 5 && !req->got_auth) {
01724     /* See if we have received authentication.  Strictly speaking, we should
01725        also check whether we actually negotiated username/password
01726        authentication.  But some broken clients will send us authentication
01727        even if we negotiated SOCKS_NO_AUTH. */
01728     if (*data == 1) { /* username/pass version 1 */
01729       /* Format is: authversion [1 byte] == 1
01730                     usernamelen [1 byte]
01731                     username    [usernamelen bytes]
01732                     passlen     [1 byte]
01733                     password    [passlen bytes] */
01734       usernamelen = (unsigned char)*(data + 1);
01735       if (datalen < 2u + usernamelen + 1u) {
01736         *want_length_out = 2u + usernamelen + 1u;
01737         return 0;
01738       }
01739       passlen = (unsigned char)*(data + 2u + usernamelen);
01740       if (datalen < 2u + usernamelen + 1u + passlen) {
01741         *want_length_out = 2u + usernamelen + 1u + passlen;
01742         return 0;
01743       }
01744       req->replylen = 2; /* 2 bytes of response */
01745       req->reply[0] = 5;
01746       req->reply[1] = 0; /* authentication successful */
01747       log_debug(LD_APP,
01748                "socks5: Accepted username/password without checking.");
01749       if (usernamelen) {
01750         req->username = tor_memdup(data+2u, usernamelen);
01751         req->usernamelen = usernamelen;
01752       }
01753       if (passlen) {
01754         req->password = tor_memdup(data+3u+usernamelen, passlen);
01755         req->passwordlen = passlen;
01756       }
01757       *drain_out = 2u + usernamelen + 1u + passlen;
01758       req->got_auth = 1;
01759       *want_length_out = 7; /* Minimal socks5 sommand. */
01760       return 0;
01761     } else if (req->auth_type == SOCKS_USER_PASS) {
01762       /* unknown version byte */
01763       log_warn(LD_APP, "Socks5 username/password version %d not recognized; "
01764                "rejecting.", (int)*data);
01765       return -1;
01766     }
01767   }
01768 
01769   socksver = *data;
01770 
01771   switch (socksver) { /* which version of socks? */
01772     case 5: /* socks5 */
01773 
01774       if (req->socks_version != 5) { /* we need to negotiate a method */
01775         unsigned char nummethods = (unsigned char)*(data+1);
01776         int r=0;
01777         tor_assert(!req->socks_version);
01778         if (datalen < 2u+nummethods) {
01779           *want_length_out = 2u+nummethods;
01780           return 0;
01781         }
01782         if (!nummethods)
01783           return -1;
01784         req->replylen = 2; /* 2 bytes of response */
01785         req->reply[0] = 5; /* socks5 reply */
01786         if (memchr(data+2, SOCKS_NO_AUTH, nummethods)) {
01787           req->reply[1] = SOCKS_NO_AUTH; /* tell client to use "none" auth
01788                                             method */
01789           req->socks_version = 5; /* remember we've already negotiated auth */
01790           log_debug(LD_APP,"socks5: accepted method 0 (no authentication)");
01791           r=0;
01792         } else if (memchr(data+2, SOCKS_USER_PASS, nummethods)) {
01793           req->auth_type = SOCKS_USER_PASS;
01794           req->reply[1] = SOCKS_USER_PASS; /* tell client to use "user/pass"
01795                                               auth method */
01796           req->socks_version = 5; /* remember we've already negotiated auth */
01797           log_debug(LD_APP,"socks5: accepted method 2 (username/password)");
01798           r=0;
01799         } else {
01800           log_warn(LD_APP,
01801                     "socks5: offered methods don't include 'no auth' or "
01802                     "username/password. Rejecting.");
01803           req->reply[1] = '\xFF'; /* reject all methods */
01804           r=-1;
01805         }
01806         /* Remove packet from buf. Some SOCKS clients will have sent extra
01807          * junk at this point; let's hope it's an authentication message. */
01808         *drain_out = 2u + nummethods;
01809 
01810         return r;
01811       }
01812       if (req->auth_type != SOCKS_NO_AUTH && !req->got_auth) {
01813         log_warn(LD_APP,
01814                  "socks5: negotiated authentication, but none provided");
01815         return -1;
01816       }
01817       /* we know the method; read in the request */
01818       log_debug(LD_APP,"socks5: checking request");
01819       if (datalen < 7) {/* basic info plus >=1 for addr plus 2 for port */
01820         *want_length_out = 7;
01821         return 0; /* not yet */
01822       }
01823       req->command = (unsigned char) *(data+1);
01824       if (req->command != SOCKS_COMMAND_CONNECT &&
01825           req->command != SOCKS_COMMAND_RESOLVE &&
01826           req->command != SOCKS_COMMAND_RESOLVE_PTR) {
01827         /* not a connect or resolve or a resolve_ptr? we don't support it. */
01828         log_warn(LD_APP,"socks5: command %d not recognized. Rejecting.",
01829                  req->command);
01830         return -1;
01831       }
01832       switch (*(data+3)) { /* address type */
01833         case 1: /* IPv4 address */
01834         case 4: /* IPv6 address */ {
01835           const int is_v6 = *(data+3) == 4;
01836           const unsigned addrlen = is_v6 ? 16 : 4;
01837           log_debug(LD_APP,"socks5: ipv4 address type");
01838           if (datalen < 6+addrlen) {/* ip/port there? */
01839             *want_length_out = 6+addrlen;
01840             return 0; /* not yet */
01841           }
01842 
01843           if (is_v6)
01844             tor_addr_from_ipv6_bytes(&destaddr, data+4);
01845           else
01846             tor_addr_from_ipv4n(&destaddr, get_uint32(data+4));
01847 
01848           tor_addr_to_str(tmpbuf, &destaddr, sizeof(tmpbuf), 1);
01849 
01850           if (strlen(tmpbuf)+1 > MAX_SOCKS_ADDR_LEN) {
01851             log_warn(LD_APP,
01852                      "socks5 IP takes %d bytes, which doesn't fit in %d. "
01853                      "Rejecting.",
01854                      (int)strlen(tmpbuf)+1,(int)MAX_SOCKS_ADDR_LEN);
01855             return -1;
01856           }
01857           strlcpy(req->address,tmpbuf,sizeof(req->address));
01858           req->port = ntohs(get_uint16(data+4+addrlen));
01859           *drain_out = 6+addrlen;
01860           if (req->command != SOCKS_COMMAND_RESOLVE_PTR &&
01861               !addressmap_have_mapping(req->address,0)) {
01862             log_unsafe_socks_warning(5, req->address, req->port, safe_socks);
01863             if (safe_socks)
01864               return -1;
01865           }
01866           return 1;
01867         }
01868         case 3: /* fqdn */
01869           log_debug(LD_APP,"socks5: fqdn address type");
01870           if (req->command == SOCKS_COMMAND_RESOLVE_PTR) {
01871             log_warn(LD_APP, "socks5 received RESOLVE_PTR command with "
01872                      "hostname type. Rejecting.");
01873             return -1;
01874           }
01875           len = (unsigned char)*(data+4);
01876           if (datalen < 7+len) { /* addr/port there? */
01877             *want_length_out = 7+len;
01878             return 0; /* not yet */
01879           }
01880           if (len+1 > MAX_SOCKS_ADDR_LEN) {
01881             log_warn(LD_APP,
01882                      "socks5 hostname is %d bytes, which doesn't fit in "
01883                      "%d. Rejecting.", len+1,MAX_SOCKS_ADDR_LEN);
01884             return -1;
01885           }
01886           memcpy(req->address,data+5,len);
01887           req->address[len] = 0;
01888           req->port = ntohs(get_uint16(data+5+len));
01889           *drain_out = 5+len+2;
01890           if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
01891             log_warn(LD_PROTOCOL,
01892                      "Your application (using socks5 to port %d) gave Tor "
01893                      "a malformed hostname: %s. Rejecting the connection.",
01894                      req->port, escaped(req->address));
01895             return -1;
01896           }
01897           if (log_sockstype)
01898             log_notice(LD_APP,
01899                   "Your application (using socks5 to port %d) instructed "
01900                   "Tor to take care of the DNS resolution itself if "
01901                   "necessary. This is good.", req->port);
01902           return 1;
01903         default: /* unsupported */
01904           log_warn(LD_APP,"socks5: unsupported address type %d. Rejecting.",
01905                    (int) *(data+3));
01906           return -1;
01907       }
01908       tor_assert(0);
01909     case 4: { /* socks4 */
01910       enum {socks4, socks4a} socks4_prot = socks4a;
01911       const char *authstart, *authend;
01912       /* http://ss5.sourceforge.net/socks4.protocol.txt */
01913       /* http://ss5.sourceforge.net/socks4A.protocol.txt */
01914 
01915       req->socks_version = 4;
01916       if (datalen < SOCKS4_NETWORK_LEN) {/* basic info available? */
01917         *want_length_out = SOCKS4_NETWORK_LEN;
01918         return 0; /* not yet */
01919       }
01920       // buf_pullup(buf, 1280, 0);
01921       req->command = (unsigned char) *(data+1);
01922       if (req->command != SOCKS_COMMAND_CONNECT &&
01923           req->command != SOCKS_COMMAND_RESOLVE) {
01924         /* not a connect or resolve? we don't support it. (No resolve_ptr with
01925          * socks4.) */
01926         log_warn(LD_APP,"socks4: command %d not recognized. Rejecting.",
01927                  req->command);
01928         return -1;
01929       }
01930 
01931       req->port = ntohs(get_uint16(data+2));
01932       destip = ntohl(get_uint32(data+4));
01933       if ((!req->port && req->command!=SOCKS_COMMAND_RESOLVE) || !destip) {
01934         log_warn(LD_APP,"socks4: Port or DestIP is zero. Rejecting.");
01935         return -1;
01936       }
01937       if (destip >> 8) {
01938         log_debug(LD_APP,"socks4: destip not in form 0.0.0.x.");
01939         in.s_addr = htonl(destip);
01940         tor_inet_ntoa(&in,tmpbuf,sizeof(tmpbuf));
01941         if (strlen(tmpbuf)+1 > MAX_SOCKS_ADDR_LEN) {
01942           log_debug(LD_APP,"socks4 addr (%d bytes) too long. Rejecting.",
01943                     (int)strlen(tmpbuf));
01944           return -1;
01945         }
01946         log_debug(LD_APP,
01947                   "socks4: successfully read destip (%s)",
01948                   safe_str_client(tmpbuf));
01949         socks4_prot = socks4;
01950       }
01951 
01952       authstart = data + SOCKS4_NETWORK_LEN;
01953       next = memchr(authstart, 0,
01954                     datalen-SOCKS4_NETWORK_LEN);
01955       if (!next) {
01956         if (datalen >= 1024) {
01957           log_debug(LD_APP, "Socks4 user name too long; rejecting.");
01958           return -1;
01959         }
01960         log_debug(LD_APP,"socks4: Username not here yet.");
01961         *want_length_out = datalen+1024; /* More than we need, but safe */
01962         return 0;
01963       }
01964       authend = next;
01965       tor_assert(next < data+datalen);
01966 
01967       startaddr = NULL;
01968       if (socks4_prot != socks4a &&
01969           !addressmap_have_mapping(tmpbuf,0)) {
01970         log_unsafe_socks_warning(4, tmpbuf, req->port, safe_socks);
01971 
01972         if (safe_socks)
01973           return -1;
01974       }
01975       if (socks4_prot == socks4a) {
01976         if (next+1 == data+datalen) {
01977           log_debug(LD_APP,"socks4: No part of destaddr here yet.");
01978           *want_length_out = datalen + 1024; /* More than we need, but safe */
01979           return 0;
01980         }
01981         startaddr = next+1;
01982         next = memchr(startaddr, 0, data + datalen - startaddr);
01983         if (!next) {
01984           if (datalen >= 1024) {
01985             log_debug(LD_APP,"socks4: Destaddr too long.");
01986             return -1;
01987           }
01988           log_debug(LD_APP,"socks4: Destaddr not all here yet.");
01989           *want_length_out = datalen + 1024; /* More than we need, but safe */
01990           return 0;
01991         }
01992         if (MAX_SOCKS_ADDR_LEN <= next-startaddr) {
01993           log_warn(LD_APP,"socks4: Destaddr too long. Rejecting.");
01994           return -1;
01995         }
01996         // tor_assert(next < buf->cur+buf->datalen);
01997 
01998         if (log_sockstype)
01999           log_notice(LD_APP,
02000                      "Your application (using socks4a to port %d) instructed "
02001                      "Tor to take care of the DNS resolution itself if "
02002                      "necessary. This is good.", req->port);
02003       }
02004       log_debug(LD_APP,"socks4: Everything is here. Success.");
02005       strlcpy(req->address, startaddr ? startaddr : tmpbuf,
02006               sizeof(req->address));
02007       if (!tor_strisprint(req->address) || strchr(req->address,'\"')) {
02008         log_warn(LD_PROTOCOL,
02009                  "Your application (using socks4 to port %d) gave Tor "
02010                  "a malformed hostname: %s. Rejecting the connection.",
02011                  req->port, escaped(req->address));
02012         return -1;
02013       }
02014       if (authend != authstart) {
02015         req->got_auth = 1;
02016         req->usernamelen = authend - authstart;
02017         req->username = tor_memdup(authstart, authend - authstart);
02018       }
02019       /* next points to the final \0 on inbuf */
02020       *drain_out = next - data + 1;
02021       return 1;
02022     }
02023     case 'G': /* get */
02024     case 'H': /* head */
02025     case 'P': /* put/post */
02026     case 'C': /* connect */
02027       strlcpy((char*)req->reply,
02028 "HTTP/1.0 501 Tor is not an HTTP Proxy\r\n"
02029 "Content-Type: text/html; charset=iso-8859-1\r\n\r\n"
02030 "<html>\n"
02031 "<head>\n"
02032 "<title>Tor is not an HTTP Proxy</title>\n"
02033 "</head>\n"
02034 "<body>\n"
02035 "<h1>Tor is not an HTTP Proxy</h1>\n"
02036 "<p>\n"
02037 "It appears you have configured your web browser to use Tor as an HTTP proxy."
02038 "\n"
02039 "This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.\n"
02040 "Please configure your client accordingly.\n"
02041 "</p>\n"
02042 "<p>\n"
02043 "See <a href=\"https://www.torproject.org/documentation.html\">"
02044            "https://www.torproject.org/documentation.html</a> for more "
02045            "information.\n"
02046 "<!-- Plus this comment, to make the body response more than 512 bytes, so "
02047 "     IE will be willing to display it. Comment comment comment comment "
02048 "     comment comment comment comment comment comment comment comment.-->\n"
02049 "</p>\n"
02050 "</body>\n"
02051 "</html>\n"
02052              , MAX_SOCKS_REPLY_LEN);
02053       req->replylen = strlen((char*)req->reply)+1;
02054       /* fall through */
02055     default: /* version is not socks4 or socks5 */
02056       log_warn(LD_APP,
02057                "Socks version %d not recognized. (Tor is not an http proxy.)",
02058                *(data));
02059       {
02060         /* Tell the controller the first 8 bytes. */
02061         char *tmp = tor_strndup(data, datalen < 8 ? datalen : 8);
02062         control_event_client_status(LOG_WARN,
02063                                     "SOCKS_UNKNOWN_PROTOCOL DATA=\"%s\"",
02064                                     escaped(tmp));
02065         tor_free(tmp);
02066       }
02067       return -1;
02068   }
02069 }
02070 
02080 int
02081 fetch_from_buf_socks_client(buf_t *buf, int state, char **reason)
02082 {
02083   ssize_t drain = 0;
02084   int r;
02085   if (buf->datalen < 2)
02086     return 0;
02087 
02088   buf_pullup(buf, MAX_SOCKS_MESSAGE_LEN, 0);
02089   tor_assert(buf->head && buf->head->datalen >= 2);
02090 
02091   r = parse_socks_client((uint8_t*)buf->head->data, buf->head->datalen,
02092                          state, reason, &drain);
02093   if (drain > 0)
02094     buf_remove_from_front(buf, drain);
02095   else if (drain < 0)
02096     buf_clear(buf);
02097 
02098   return r;
02099 }
02100 
02101 #ifdef USE_BUFFEREVENTS
02102 
02103 int
02104 fetch_from_evbuffer_socks_client(struct evbuffer *buf, int state,
02105                                  char **reason)
02106 {
02107   ssize_t drain = 0;
02108   uint8_t *data;
02109   size_t datalen;
02110   int r;
02111 
02112   /* Linearize the SOCKS response in the buffer, up to 128 bytes.
02113    * (parse_socks_client shouldn't need to see anything beyond that.) */
02114   datalen = evbuffer_get_length(buf);
02115   if (datalen > MAX_SOCKS_MESSAGE_LEN)
02116     datalen = MAX_SOCKS_MESSAGE_LEN;
02117   data = evbuffer_pullup(buf, datalen);
02118 
02119   r = parse_socks_client(data, datalen, state, reason, &drain);
02120   if (drain > 0)
02121     evbuffer_drain(buf, drain);
02122   else if (drain < 0)
02123     evbuffer_drain(buf, evbuffer_get_length(buf));
02124 
02125   return r;
02126 }
02127 #endif
02128 
02130 static int
02131 parse_socks_client(const uint8_t *data, size_t datalen,
02132                    int state, char **reason,
02133                    ssize_t *drain_out)
02134 {
02135   unsigned int addrlen;
02136   *drain_out = 0;
02137   if (datalen < 2)
02138     return 0;
02139 
02140   switch (state) {
02141     case PROXY_SOCKS4_WANT_CONNECT_OK:
02142       /* Wait for the complete response */
02143       if (datalen < 8)
02144         return 0;
02145 
02146       if (data[1] != 0x5a) {
02147         *reason = tor_strdup(socks4_response_code_to_string(data[1]));
02148         return -1;
02149       }
02150 
02151       /* Success */
02152       *drain_out = 8;
02153       return 1;
02154 
02155     case PROXY_SOCKS5_WANT_AUTH_METHOD_NONE:
02156       /* we don't have any credentials */
02157       if (data[1] != 0x00) {
02158         *reason = tor_strdup("server doesn't support any of our "
02159                              "available authentication methods");
02160         return -1;
02161       }
02162 
02163       log_info(LD_NET, "SOCKS 5 client: continuing without authentication");
02164       *drain_out = -1;
02165       return 1;
02166 
02167     case PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929:
02168       /* we have a username and password. return 1 if we can proceed without
02169        * providing authentication, or 2 otherwise. */
02170       switch (data[1]) {
02171         case 0x00:
02172           log_info(LD_NET, "SOCKS 5 client: we have auth details but server "
02173                             "doesn't require authentication.");
02174           *drain_out = -1;
02175           return 1;
02176         case 0x02:
02177           log_info(LD_NET, "SOCKS 5 client: need authentication.");
02178           *drain_out = -1;
02179           return 2;
02180         /* fall through */
02181       }
02182 
02183       *reason = tor_strdup("server doesn't support any of our available "
02184                            "authentication methods");
02185       return -1;
02186 
02187     case PROXY_SOCKS5_WANT_AUTH_RFC1929_OK:
02188       /* handle server reply to rfc1929 authentication */
02189       if (data[1] != 0x00) {
02190         *reason = tor_strdup("authentication failed");
02191         return -1;
02192       }
02193 
02194       log_info(LD_NET, "SOCKS 5 client: authentication successful.");
02195       *drain_out = -1;
02196       return 1;
02197 
02198     case PROXY_SOCKS5_WANT_CONNECT_OK:
02199       /* response is variable length. BND.ADDR, etc, isn't needed
02200        * (don't bother with buf_pullup()), but make sure to eat all
02201        * the data used */
02202 
02203       /* wait for address type field to arrive */
02204       if (datalen < 4)
02205         return 0;
02206 
02207       switch (data[3]) {
02208         case 0x01: /* ip4 */
02209           addrlen = 4;
02210           break;
02211         case 0x04: /* ip6 */
02212           addrlen = 16;
02213           break;
02214         case 0x03: /* fqdn (can this happen here?) */
02215           if (datalen < 5)
02216             return 0;
02217           addrlen = 1 + data[4];
02218           break;
02219         default:
02220           *reason = tor_strdup("invalid response to connect request");
02221           return -1;
02222       }
02223 
02224       /* wait for address and port */
02225       if (datalen < 6 + addrlen)
02226         return 0;
02227 
02228       if (data[1] != 0x00) {
02229         *reason = tor_strdup(socks5_response_code_to_string(data[1]));
02230         return -1;
02231       }
02232 
02233       *drain_out = 6 + addrlen;
02234       return 1;
02235   }
02236 
02237   /* shouldn't get here... */
02238   tor_assert(0);
02239 
02240   return -1;
02241 }
02242 
02245 int
02246 peek_buf_has_control0_command(buf_t *buf)
02247 {
02248   if (buf->datalen >= 4) {
02249     char header[4];
02250     uint16_t cmd;
02251     peek_from_buf(header, sizeof(header), buf);
02252     cmd = ntohs(get_uint16(header+2));
02253     if (cmd <= 0x14)
02254       return 1; /* This is definitely not a v1 control command. */
02255   }
02256   return 0;
02257 }
02258 
02259 #ifdef USE_BUFFEREVENTS
02260 int
02261 peek_evbuffer_has_control0_command(struct evbuffer *buf)
02262 {
02263   int result = 0;
02264   if (evbuffer_get_length(buf) >= 4) {
02265     int free_out = 0;
02266     char *data = NULL;
02267     size_t n = inspect_evbuffer(buf, &data, 4, &free_out, NULL);
02268     uint16_t cmd;
02269     tor_assert(n >= 4);
02270     cmd = ntohs(get_uint16(data+2));
02271     if (cmd <= 0x14)
02272       result = 1;
02273     if (free_out)
02274       tor_free(data);
02275   }
02276   return result;
02277 }
02278 #endif
02279 
02282 static off_t
02283 buf_find_offset_of_char(buf_t *buf, char ch)
02284 {
02285   chunk_t *chunk;
02286   off_t offset = 0;
02287   for (chunk = buf->head; chunk; chunk = chunk->next) {
02288     char *cp = memchr(chunk->data, ch, chunk->datalen);
02289     if (cp)
02290       return offset + (cp - chunk->data);
02291     else
02292       offset += chunk->datalen;
02293   }
02294   return -1;
02295 }
02296 
02304 int
02305 fetch_from_buf_line(buf_t *buf, char *data_out, size_t *data_len)
02306 {
02307   size_t sz;
02308   off_t offset;
02309 
02310   if (!buf->head)
02311     return 0;
02312 
02313   offset = buf_find_offset_of_char(buf, '\n');
02314   if (offset < 0)
02315     return 0;
02316   sz = (size_t) offset;
02317   if (sz+2 > *data_len) {
02318     *data_len = sz + 2;
02319     return -1;
02320   }
02321   fetch_from_buf(data_out, sz+1, buf);
02322   data_out[sz+1] = '\0';
02323   *data_len = sz+1;
02324   return 1;
02325 }
02326 
02331 int
02332 write_to_buf_zlib(buf_t *buf, tor_zlib_state_t *state,
02333                   const char *data, size_t data_len,
02334                   int done)
02335 {
02336   char *next;
02337   size_t old_avail, avail;
02338   int over = 0;
02339   do {
02340     int need_new_chunk = 0;
02341     if (!buf->tail || ! CHUNK_REMAINING_CAPACITY(buf->tail)) {
02342       size_t cap = data_len / 4;
02343       buf_add_chunk_with_capacity(buf, cap, 1);
02344     }
02345     next = CHUNK_WRITE_PTR(buf->tail);
02346     avail = old_avail = CHUNK_REMAINING_CAPACITY(buf->tail);
02347     switch (tor_zlib_process(state, &next, &avail, &data, &data_len, done)) {
02348       case TOR_ZLIB_DONE:
02349         over = 1;
02350         break;
02351       case TOR_ZLIB_ERR:
02352         return -1;
02353       case TOR_ZLIB_OK:
02354         if (data_len == 0)
02355           over = 1;
02356         break;
02357       case TOR_ZLIB_BUF_FULL:
02358         if (avail) {
02359           /* Zlib says we need more room (ZLIB_BUF_FULL).  Start a new chunk
02360            * automatically, whether were going to or not. */
02361           need_new_chunk = 1;
02362         }
02363         break;
02364     }
02365     buf->datalen += old_avail - avail;
02366     buf->tail->datalen += old_avail - avail;
02367     if (need_new_chunk) {
02368       buf_add_chunk_with_capacity(buf, data_len/4, 1);
02369     }
02370 
02371   } while (!over);
02372   check();
02373   return 0;
02374 }
02375 
02376 #ifdef USE_BUFFEREVENTS
02377 int
02378 write_to_evbuffer_zlib(struct evbuffer *buf, tor_zlib_state_t *state,
02379                        const char *data, size_t data_len,
02380                        int done)
02381 {
02382   char *next;
02383   size_t old_avail, avail;
02384   int over = 0, n;
02385   struct evbuffer_iovec vec[1];
02386   do {
02387     {
02388       size_t cap = data_len / 4;
02389       if (cap < 128)
02390         cap = 128;
02391       /* XXXX NM this strategy is fragmentation-prone. We should really have
02392        * two iovecs, and write first into the one, and then into the
02393        * second if the first gets full. */
02394       n = evbuffer_reserve_space(buf, cap, vec, 1);
02395       tor_assert(n == 1);
02396     }
02397 
02398     next = vec[0].iov_base;
02399     avail = old_avail = vec[0].iov_len;
02400 
02401     switch (tor_zlib_process(state, &next, &avail, &data, &data_len, done)) {
02402       case TOR_ZLIB_DONE:
02403         over = 1;
02404         break;
02405       case TOR_ZLIB_ERR:
02406         return -1;
02407       case TOR_ZLIB_OK:
02408         if (data_len == 0)
02409           over = 1;
02410         break;
02411       case TOR_ZLIB_BUF_FULL:
02412         if (avail) {
02413           /* Zlib says we need more room (ZLIB_BUF_FULL).  Start a new chunk
02414            * automatically, whether were going to or not. */
02415         }
02416         break;
02417     }
02418 
02419     /* XXXX possible infinite loop on BUF_FULL. */
02420     vec[0].iov_len = old_avail - avail;
02421     evbuffer_commit_space(buf, vec, 1);
02422 
02423   } while (!over);
02424   check();
02425   return 0;
02426 }
02427 #endif
02428 
02430 int
02431 generic_buffer_set_to_copy(generic_buffer_t **output,
02432                            const generic_buffer_t *input)
02433 {
02434 #ifdef USE_BUFFEREVENTS
02435   struct evbuffer_ptr ptr;
02436   size_t remaining = evbuffer_get_length(input);
02437   if (*output) {
02438     evbuffer_drain(*output, evbuffer_get_length(*output));
02439   } else {
02440     if (!(*output = evbuffer_new()))
02441       return -1;
02442   }
02443   evbuffer_ptr_set((struct evbuffer*)input, &ptr, 0, EVBUFFER_PTR_SET);
02444   while (remaining) {
02445     struct evbuffer_iovec v[4];
02446     int n_used, i;
02447     n_used = evbuffer_peek((struct evbuffer*)input, -1, &ptr, v, 4);
02448     if (n_used < 0)
02449       return -1;
02450     for (i=0;i<n_used;++i) {
02451       evbuffer_add(*output, v[i].iov_base, v[i].iov_len);
02452       tor_assert(v[i].iov_len <= remaining);
02453       remaining -= v[i].iov_len;
02454       evbuffer_ptr_set((struct evbuffer*)input,
02455                        &ptr, v[i].iov_len, EVBUFFER_PTR_ADD);
02456     }
02457   }
02458 #else
02459   if (*output)
02460     buf_free(*output);
02461   *output = buf_copy(input);
02462 #endif
02463   return 0;
02464 }
02465 
02468 void
02469 assert_buf_ok(buf_t *buf)
02470 {
02471   tor_assert(buf);
02472   tor_assert(buf->magic == BUFFER_MAGIC);
02473 
02474   if (! buf->head) {
02475     tor_assert(!buf->tail);
02476     tor_assert(buf->datalen == 0);
02477   } else {
02478     chunk_t *ch;
02479     size_t total = 0;
02480     tor_assert(buf->tail);
02481     for (ch = buf->head; ch; ch = ch->next) {
02482       total += ch->datalen;
02483       tor_assert(ch->datalen <= ch->memlen);
02484       tor_assert(ch->data >= &ch->mem[0]);
02485       tor_assert(ch->data < &ch->mem[0]+ch->memlen);
02486       tor_assert(ch->data+ch->datalen <= &ch->mem[0] + ch->memlen);
02487       if (!ch->next)
02488         tor_assert(ch == buf->tail);
02489     }
02490     tor_assert(buf->datalen == total);
02491   }
02492 }
02493 
02494 #ifdef ENABLE_BUF_FREELISTS
02495 
02497 static void
02498 assert_freelist_ok(chunk_freelist_t *fl)
02499 {
02500   chunk_t *ch;
02501   int n;
02502   tor_assert(fl->alloc_size > 0);
02503   n = 0;
02504   for (ch = fl->head; ch; ch = ch->next) {
02505     tor_assert(CHUNK_ALLOC_SIZE(ch->memlen) == fl->alloc_size);
02506     ++n;
02507   }
02508   tor_assert(n == fl->cur_length);
02509   tor_assert(n >= fl->lowest_length);
02510   tor_assert(n <= fl->max_length);
02511 }
02512 #endif
02513