Tor源码文件分析 -- Connetion_Edge
2013-05-08 10:33
435 查看
所谓的Edge连接主要是形容在链路两端所使用的连接,包括AP连接与EXIT连接两种。Edge连接的存在,主要是为了个应用程序连接提供服务,所以才将两种Edge连接命名为Application Proxy应用代理连接和EXIT出口连接。这两种连接主要出现于链路两端,即链路第一跳与链路最后一跳,分别用于接受应用请求和处理应用请求的发出。因为Edge连接在Tor系统中也具有重要的作用,所以本篇就简单分析关于Edge连接的源码文件connection_edge.c。
因为Edge连接位于链路两端,需要处理的事务比中间结点单纯的传递和记录要繁琐出许多,有很多部分笔者也没有很详细的看过或找出其应用需要,此处必定有很多讲的含糊其辞和不准确的地方,请大家包涵。
断开连接,如果身份正确(AP)则发送end cell通知对应出口结点关闭数据流;
connection_edge_process_inbuf
分情况管理连接事务及连接缓冲区内部的数据;
connection_edge_destroy --> connection_mark_unattached_ap(若身份为AP)
connection_edge_end_errno --> connection_edge_end
连接因链路断开而结束或因某个errno而结束,则关闭连接,发送流终止通知;
connection_edge_flushed_some
connection_edge_finished_flushing
connection_edge_finished_connecting(主要用于身份为EXIT的情况)
连接完成缓冲区输出或完成下层连接之时调用相关函数,以完成扫尾工作;
connection_edge_is_rendezvous_stream
connection_edge_compatible_with_circuit
connection_edge_update_circuit_isolation
circuit_clear_isolation
连接的某些属性判断,关键点在于rendezvous子系统和isolation flag作用;
connection_ap_about_to_close
AP连接关闭前的处理以及关闭处理;
connection_ap_handshake_send_begin
connection_ap_handshake_send_resolve
AP连接向远端发送Relay Begin以及Relay Resolve命令,用于完成开启流与地址解析的功能;
connection_ap_make_link
一般用于内部DIR连接与AP连接相关联之时,该函数创建一个可用的AP连接,并将其与DIR连接互联;可用意味着AP连接找到附着的链路Circuit;
connection_ap_handshake_socks_reply
connection_ap_handshake_socks_resolved
向AP连接送回相关消息:连接结束消息,地址解析成功消息;
connection_ap_can_use_exit
判断出口结点是否允许相应AP连接出口;
connection_ap_expire_beginning
connection_ap_attach_pending
connection_ap_detach_retriable
重连一个请求超时的AP连接;重新为找不到链路的AP连接分配链路;
connection_ap_fail_onehop
通知所有等待某个无法连接的结点的AP连接;
connection_ap_process_transparent --> connection_ap_rewrite_and_attach_if_allowed --> connection_ap_handshake_rewrite_and_attach
透明AP使用的函数,未细究;
connection_exit_begin_conn --> connection_exit_connect
connection_exit_begin_resolve
以上四个函数包括了EXIT连接的几乎所有操作,主要就是连接的建立与对外的连接,以及地址解析和关闭;
parse_virtual_addr_network
parse_extended_hostname
addressmap_init
addressmap_clear_excluded_trackexithosts
addressmap_clear_invalid_automaps
addressmap_clean
addressmap_clear_configured
addressmap_clear_transient
addressmap_free_all
addressmap_rewrite
addressmap_have_mapping
addressmap_register
addressmap_register_virtual_address
addressmap_get_mappings
client_dns_incr_failures
client_dns_clear_failures
client_dns_set_addressmap
get_pf_socket
因为Edge连接位于链路两端,需要处理的事务比中间结点单纯的传递和记录要繁琐出许多,有很多部分笔者也没有很详细的看过或找出其应用需要,此处必定有很多讲的含糊其辞和不准确的地方,请大家包涵。
0. 全局变量
/** A client-side struct to remember requests to rewrite addresses * to new addresses. These structs are stored in the hash table * "addressmap" below. * 由此处可见,addressmap全局变量的使用,只存在于客户端,其他身份的TOR成员并不使用此全局变量; * * There are 5 ways to set an address mapping: * - A MapAddress command from the controller [permanent] * - An AddressMap directive in the torrc [permanent] * - When a TrackHostExits torrc directive is triggered [temporary] * - When a DNS resolve succeeds [temporary] * - When a DNS resolve fails [temporary] * 由此处可见,除去在配置文件中进行地址映射之外,主要还是靠DNS解析来修改address mapping; * * When an addressmap request is made but one is already registered, * the new one is replaced only if the currently registered one has * no "new_address" (that is, it's in the process of DNS resolve), * or if the new one is permanent (expires==0 or 1). * * (We overload the 'expires' field, using "0" for mappings set via * the configuration file, "1" for mappings set from the control * interface, and other values for DNS and TrackHostExit mappings that can * expire.) * * A mapping may be 'wildcarded'. If "src_wildcard" is true, then * any address that ends with a . followed by the key for this entry will * get remapped by it. If "dst_wildcard" is also true, then only the * matching suffix of such addresses will get replaced by new_address. */ typedef struct { char *new_address; time_t expires; addressmap_entry_source_t source:3; unsigned src_wildcard:1; unsigned dst_wildcard:1; short num_resolve_failures; } addressmap_entry_t; /** Entry for mapping addresses to which virtual address we mapped them to. */ typedef struct { char *ipv4_address; char *hostname_address; } virtaddress_entry_t; /** A hash table to store client-side address rewrite instructions. */ static strmap_t *addressmap=NULL; /** * Table mapping addresses to which virtual address, if any, we * assigned them to. * * We maintain the following invariant: if [A,B] is in * virtaddress_reversemap, then B must be a virtual address, and [A,B] * must be in addressmap. We do not require that the converse hold: * if it fails, then we could end up mapping two virtual addresses to * the same address, which is no disaster. **/ static strmap_t *virtaddress_reversemap=NULL;此处两全局变量的作用尚不明确,有待分析。
/* By default, we hand out 127.192.0.1 through 127.254.254.254. * These addresses should map to localhost, so even if the * application accidentally tried to connect to them directly (not * via Tor), it wouldn't get too far astray. * * These options are configured by parse_virtual_addr_network(). */ /** Which network should we use for virtual IPv4 addresses? Only the first * bits of this value are fixed. */ static uint32_t virtual_addr_network = 0x7fc00000u; /** How many bits of <b>virtual_addr_network</b> are fixed? */ static maskbits_t virtual_addr_netmask_bits = 10; /** What's the next virtual address we will hand out? */ static uint32_t next_virtual_addr = 0x7fc00000u;此处三全局变量的作用尚不明确,有待分析。
1. AP与EXIT通用函数
connection_edge_reached_eof --> connection_edge_end断开连接,如果身份正确(AP)则发送end cell通知对应出口结点关闭数据流;
connection_edge_process_inbuf
分情况管理连接事务及连接缓冲区内部的数据;
connection_edge_destroy --> connection_mark_unattached_ap(若身份为AP)
connection_edge_end_errno --> connection_edge_end
连接因链路断开而结束或因某个errno而结束,则关闭连接,发送流终止通知;
connection_edge_flushed_some
connection_edge_finished_flushing
connection_edge_finished_connecting(主要用于身份为EXIT的情况)
连接完成缓冲区输出或完成下层连接之时调用相关函数,以完成扫尾工作;
connection_edge_is_rendezvous_stream
connection_edge_compatible_with_circuit
connection_edge_update_circuit_isolation
circuit_clear_isolation
连接的某些属性判断,关键点在于rendezvous子系统和isolation flag作用;
2. AP处理函数
connection_mark_unattached_apconnection_ap_about_to_close
AP连接关闭前的处理以及关闭处理;
connection_ap_handshake_send_begin
connection_ap_handshake_send_resolve
AP连接向远端发送Relay Begin以及Relay Resolve命令,用于完成开启流与地址解析的功能;
connection_ap_make_link
一般用于内部DIR连接与AP连接相关联之时,该函数创建一个可用的AP连接,并将其与DIR连接互联;可用意味着AP连接找到附着的链路Circuit;
connection_ap_handshake_socks_reply
connection_ap_handshake_socks_resolved
向AP连接送回相关消息:连接结束消息,地址解析成功消息;
connection_ap_can_use_exit
判断出口结点是否允许相应AP连接出口;
connection_ap_expire_beginning
connection_ap_attach_pending
connection_ap_detach_retriable
重连一个请求超时的AP连接;重新为找不到链路的AP连接分配链路;
connection_ap_fail_onehop
通知所有等待某个无法连接的结点的AP连接;
connection_ap_process_transparent --> connection_ap_rewrite_and_attach_if_allowed --> connection_ap_handshake_rewrite_and_attach
透明AP使用的函数,未细究;
3. EXIT处理函数
connection_exit_about_to_closeconnection_exit_begin_conn --> connection_exit_connect
connection_exit_begin_resolve
以上四个函数包括了EXIT连接的几乎所有操作,主要就是连接的建立与对外的连接,以及地址解析和关闭;
4. AddressMap相关处理函数(暂略)
address_is_invalid_destinationparse_virtual_addr_network
parse_extended_hostname
addressmap_init
addressmap_clear_excluded_trackexithosts
addressmap_clear_invalid_automaps
addressmap_clean
addressmap_clear_configured
addressmap_clear_transient
addressmap_free_all
addressmap_rewrite
addressmap_have_mapping
addressmap_register
addressmap_register_virtual_address
addressmap_get_mappings
client_dns_incr_failures
client_dns_clear_failures
client_dns_set_addressmap
5. 额外函数(暂略)
circuit_discard_optional_exit_enclavesget_pf_socket
相关文章推荐
- Tor源码文件分析 -- Circuits全局变量
- Tor源码文件分析 -- Connection
- Tor源码文件分析 -- Cpuworker
- Tor源码文件分析 -- Log
- Tor源码文件分析 -- Control
- Tor源码文件分析 -- Connection_OR
- Tor源码文件分析 -- Hibernation
- Tor源码文件分析 -- Main
- protoc编译proto文件之Java源码结构分析一(addr.proto)
- 【Python】实现网站备份文件扫描+源码分析
- protoc编译proto文件之Java源码结构分析三(示例Demo)
- GoAhead 2.1.8嵌入式webserver源码分析学习(二)---源码文件结构分析
- 蔡军生先生第二人生的源码分析(六十二)类Easy实现多协议文件传送
- cocos2d-x3.2源码分析(一)类FileUtils--实现把资源放在Resources文件目录下达到多平台的引用
- Spring源码分析3 — spring XML配置文件的解析流程
- SpringMVC处理静态文件源码分析
- Flume NG源码分析(一)基于静态properties文件的配置模块
- spring boot实战(第六篇)加载application资源文件源码分析
- Mangos源码分析(14):Mangos预编译头文件及模块划分随想
- Solr4.8.0源码分析(11)之Lucene的索引文件(4)