Tor  0.4.7.0-alpha-dev
Data Structures | Macros | Typedefs | Enumerations | Functions
or.h File Reference

Master header file for Tor-specific functionality. More...

#include "orconfig.h"
#include "lib/cc/torint.h"
#include "lib/arch/bytes.h"
#include "lib/cc/compat_compiler.h"
#include "lib/container/map.h"
#include "lib/buf/buffers.h"
#include "lib/container/smartlist.h"
#include "lib/crypt_ops/crypto_cipher.h"
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/ctime/di_ops.h"
#include "lib/defs/dh_sizes.h"
#include "lib/encoding/binascii.h"
#include "lib/encoding/cstring.h"
#include "lib/encoding/time_fmt.h"
#include "lib/err/torerr.h"
#include "lib/fs/dir.h"
#include "lib/fs/files.h"
#include "lib/fs/mmap.h"
#include "lib/fs/path.h"
#include "lib/fs/userdb.h"
#include "lib/geoip/country.h"
#include "lib/intmath/addsub.h"
#include "lib/intmath/bits.h"
#include "lib/intmath/cmp.h"
#include "lib/intmath/logic.h"
#include "lib/intmath/muldiv.h"
#include "lib/log/escape.h"
#include "lib/log/ratelim.h"
#include "lib/log/util_bug.h"
#include "lib/malloc/malloc.h"
#include "lib/net/address.h"
#include "lib/net/inaddr.h"
#include "lib/net/socket.h"
#include "lib/string/compat_ctype.h"
#include "lib/string/compat_string.h"
#include "lib/string/parse_int.h"
#include "lib/string/printf.h"
#include "lib/string/scanf.h"
#include "lib/string/util_string.h"
#include "lib/testsupport/testsupport.h"
#include "lib/thread/threads.h"
#include "lib/time/compat_time.h"
#include "lib/wallclock/approx_time.h"
#include "lib/wallclock/timeval.h"
#include "ht.h"
#include "core/or/entry_port_cfg_st.h"

Go to the source code of this file.

Data Structures

struct  relay_header_t
 
struct  protover_summary_flags_t
 
struct  testing_cell_stats_entry_t
 

Macros

#define SIGHUP   1
 
#define SIGINT   2
 
#define SIGUSR1   10
 
#define SIGUSR2   12
 
#define SIGTERM   15
 
#define SIGNEWNYM   129
 
#define SIGCLEARDNSCACHE   130
 
#define SIGHEARTBEAT   131
 
#define SIGACTIVE   132
 
#define SIGDORMANT   133
 
#define DOWNCAST(to, ptr)   ((to*)SUBTYPE_P(ptr, to, base_))
 
#define MAX_NICKNAME_LEN   19
 
#define MAX_HEX_NICKNAME_LEN   (HEX_DIGEST_LEN+1)
 
#define MAX_VERBOSE_NICKNAME_LEN   (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)
 
#define MAX_HEADERS_SIZE   50000
 
#define MAX_DESCRIPTOR_UPLOAD_SIZE   20000
 
#define MAX_EXTRAINFO_UPLOAD_SIZE   50000
 
#define MIN_ONION_KEY_LIFETIME_DAYS   (1)
 
#define MAX_ONION_KEY_LIFETIME_DAYS   (90)
 
#define DEFAULT_ONION_KEY_LIFETIME_DAYS   (28)
 
#define MIN_ONION_KEY_GRACE_PERIOD_DAYS   (1)
 
#define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS   (7)
 
#define ONION_KEY_CONSENSUS_CHECK_INTERVAL   (60*60)
 
#define MAX_SSL_KEY_LIFETIME_INTERNAL   (2*60*60)
 
#define ROUTER_MAX_AGE   (60*60*48)
 
#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)
 
#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)
 
#define PROXY_NONE   0
 
#define PROXY_CONNECT   1
 
#define PROXY_SOCKS4   2
 
#define PROXY_SOCKS5   3
 
#define PROXY_HAPROXY   4
 
#define PROXY_PLUGGABLE   5
 
#define MIN_CIRCUITS_HANDLING_STREAM   2
 
#define RELAY_COMMAND_BEGIN   1
 
#define RELAY_COMMAND_DATA   2
 
#define RELAY_COMMAND_END   3
 
#define RELAY_COMMAND_CONNECTED   4
 
#define RELAY_COMMAND_SENDME   5
 
#define RELAY_COMMAND_EXTEND   6
 
#define RELAY_COMMAND_EXTENDED   7
 
#define RELAY_COMMAND_TRUNCATE   8
 
#define RELAY_COMMAND_TRUNCATED   9
 
#define RELAY_COMMAND_DROP   10
 
#define RELAY_COMMAND_RESOLVE   11
 
#define RELAY_COMMAND_RESOLVED   12
 
#define RELAY_COMMAND_BEGIN_DIR   13
 
#define RELAY_COMMAND_EXTEND2   14
 
#define RELAY_COMMAND_EXTENDED2   15
 
#define RELAY_COMMAND_ESTABLISH_INTRO   32
 
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS   33
 
#define RELAY_COMMAND_INTRODUCE1   34
 
#define RELAY_COMMAND_INTRODUCE2   35
 
#define RELAY_COMMAND_RENDEZVOUS1   36
 
#define RELAY_COMMAND_RENDEZVOUS2   37
 
#define RELAY_COMMAND_INTRO_ESTABLISHED   38
 
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED   39
 
#define RELAY_COMMAND_INTRODUCE_ACK   40
 
#define RELAY_COMMAND_PADDING_NEGOTIATE   41
 
#define RELAY_COMMAND_PADDING_NEGOTIATED   42
 
#define END_OR_CONN_REASON_DONE   1
 
#define END_OR_CONN_REASON_REFUSED   2 /* connection refused */
 
#define END_OR_CONN_REASON_OR_IDENTITY   3
 
#define END_OR_CONN_REASON_CONNRESET   4 /* connection reset by peer */
 
#define END_OR_CONN_REASON_TIMEOUT   5
 
#define END_OR_CONN_REASON_NO_ROUTE   6 /* no route to host/net */
 
#define END_OR_CONN_REASON_IO_ERROR   7 /* read/write error */
 
#define END_OR_CONN_REASON_RESOURCE_LIMIT   8 /* sockets, buffers, etc */
 
#define END_OR_CONN_REASON_PT_MISSING   9 /* PT failed or not available */
 
#define END_OR_CONN_REASON_TLS_ERROR   10 /* Problem in TLS protocol */
 
#define END_OR_CONN_REASON_MISC   11
 
#define END_STREAM_REASON_MISC   1
 
#define END_STREAM_REASON_RESOLVEFAILED   2
 
#define END_STREAM_REASON_CONNECTREFUSED   3
 
#define END_STREAM_REASON_EXITPOLICY   4
 
#define END_STREAM_REASON_DESTROY   5
 
#define END_STREAM_REASON_DONE   6
 
#define END_STREAM_REASON_TIMEOUT   7
 
#define END_STREAM_REASON_NOROUTE   8
 
#define END_STREAM_REASON_HIBERNATING   9
 
#define END_STREAM_REASON_INTERNAL   10
 
#define END_STREAM_REASON_RESOURCELIMIT   11
 
#define END_STREAM_REASON_CONNRESET   12
 
#define END_STREAM_REASON_TORPROTOCOL   13
 
#define END_STREAM_REASON_NOTDIRECTORY   14
 
#define END_STREAM_REASON_ENTRYPOLICY   15
 
#define END_STREAM_REASON_CANT_ATTACH   257
 
#define END_STREAM_REASON_NET_UNREACHABLE   258
 
#define END_STREAM_REASON_SOCKSPROTOCOL   259
 
#define END_STREAM_REASON_CANT_FETCH_ORIG_DEST   260
 
#define END_STREAM_REASON_INVALID_NATD_DEST   261
 
#define END_STREAM_REASON_PRIVATE_ADDR   262
 
#define END_STREAM_REASON_HTTPPROTOCOL   263
 
#define END_STREAM_REASON_MASK   511
 
#define END_STREAM_REASON_FLAG_REMOTE   512
 
#define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED   1024
 
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED   2048
 
#define RESOLVED_TYPE_HOSTNAME   0
 
#define RESOLVED_TYPE_IPV4   4
 
#define RESOLVED_TYPE_IPV6   6
 
#define RESOLVED_TYPE_ERROR_TRANSIENT   0xF0
 
#define RESOLVED_TYPE_ERROR   0xF1
 
#define END_CIRC_REASON_IP_NOW_REDUNDANT   -4
 
#define END_CIRC_REASON_MEASUREMENT_EXPIRED   -3
 
#define END_CIRC_REASON_NOPATH   -2
 
#define END_CIRC_AT_ORIGIN   -1
 
#define END_CIRC_REASON_MIN_   0
 
#define END_CIRC_REASON_NONE   0
 
#define END_CIRC_REASON_TORPROTOCOL   1
 
#define END_CIRC_REASON_INTERNAL   2
 
#define END_CIRC_REASON_REQUESTED   3
 
#define END_CIRC_REASON_HIBERNATING   4
 
#define END_CIRC_REASON_RESOURCELIMIT   5
 
#define END_CIRC_REASON_CONNECTFAILED   6
 
#define END_CIRC_REASON_OR_IDENTITY   7
 
#define END_CIRC_REASON_CHANNEL_CLOSED   8
 
#define END_CIRC_REASON_FINISHED   9
 
#define END_CIRC_REASON_TIMEOUT   10
 
#define END_CIRC_REASON_DESTROYED   11
 
#define END_CIRC_REASON_NOSUCHSERVICE   12
 
#define END_CIRC_REASON_MAX_   12
 
#define END_CIRC_REASON_FLAG_REMOTE   512
 
#define REND_DESC_ID_V2_LEN_BASE32   BASE32_DIGEST_LEN
 
#define REND_CLIENTNAME_MAX_LEN   16
 
#define REND_COOKIE_LEN   DIGEST_LEN
 
#define REND_REPLAY_TIME_INTERVAL   (5 * 60)
 
#define CIRCWINDOW_START   1000
 
#define CIRCWINDOW_START_MIN   100
 
#define CIRCWINDOW_START_MAX   1000
 
#define CIRCWINDOW_INCREMENT   100
 
#define STREAMWINDOW_START   500
 
#define STREAMWINDOW_START_MAX   500
 
#define STREAMWINDOW_INCREMENT   50
 
#define ORCIRC_MAX_MIDDLE_CELLS   (CIRCWINDOW_START_MAX*2)
 
#define ORCIRC_MAX_MIDDLE_KILL_THRESH   (1.1f)
 
#define CELL_PADDING   0
 
#define CELL_CREATE   1
 
#define CELL_CREATED   2
 
#define CELL_RELAY   3
 
#define CELL_DESTROY   4
 
#define CELL_CREATE_FAST   5
 
#define CELL_CREATED_FAST   6
 
#define CELL_VERSIONS   7
 
#define CELL_NETINFO   8
 
#define CELL_RELAY_EARLY   9
 
#define CELL_CREATE2   10
 
#define CELL_CREATED2   11
 
#define CELL_PADDING_NEGOTIATE   12
 
#define CELL_VPADDING   128
 
#define CELL_CERTS   129
 
#define CELL_AUTH_CHALLENGE   130
 
#define CELL_AUTHENTICATE   131
 
#define CELL_AUTHORIZE   132
 
#define CELL_COMMAND_MAX_   132
 
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT   (20*60)
 
#define LEGAL_NICKNAME_CHARACTERS    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
 
#define DEFAULT_CLIENT_NICKNAME   "client"
 
#define UNNAMED_ROUTER_NICKNAME   "Unnamed"
 
#define SOCKS4_NETWORK_LEN   8
 
#define CELL_PAYLOAD_SIZE   509
 
#define CELL_MAX_NETWORK_SIZE   514
 
#define VAR_CELL_MAX_HEADER_SIZE   7
 
#define RELAY_HEADER_SIZE   (1+2+2+4+2)
 
#define RELAY_PAYLOAD_SIZE   (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
 
#define OR_AUTH_CHALLENGE_LEN   32
 
#define AUTHTYPE_RSA_SHA256_TLSSECRET   1
 
#define AUTHTYPE_RSA_SHA256_RFC5705   2
 
#define AUTHTYPE_ED25519_SHA256_RFC5705   3
 
#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))
 
#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)
 
#define EXT_OR_CONN_ID_LEN   DIGEST_LEN /* 20 */
 
#define OR_CONN_HIGHWATER   (32*1024)
 
#define OR_CONN_LOWWATER   (16*1024)
 
#define TO_CONN(c)   (&(((c)->base_)))
 
#define ENTRY_TO_CONN(c)   (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
 
#define saved_location_bitfield_t   ENUM_BF(saved_location_t)
 
#define download_schedule_bitfield_t   ENUM_BF(download_schedule_t)
 
#define download_want_authority_bitfield_t    ENUM_BF(download_want_authority_t)
 
#define download_schedule_increment_bitfield_t    ENUM_BF(download_schedule_increment_t)
 
#define IMPOSSIBLE_TO_DOWNLOAD   255
 
#define ROUTER_ANNOTATION_BUF_LEN   256
 
#define N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)
 
#define ALL_DIRINFO   ((dirinfo_type_t)((1<<7)-1))
 
#define ONION_HANDSHAKE_TYPE_TAP   0x0000
 
#define ONION_HANDSHAKE_TYPE_FAST   0x0001
 
#define ONION_HANDSHAKE_TYPE_NTOR   0x0002
 
#define MAX_ONION_HANDSHAKE_TYPE   0x0002
 
#define CPATH_KEY_MATERIAL_LEN   (20*2+16*2)
 
#define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT   8
 
#define path_state_bitfield_t   ENUM_BF(path_state_t)
 
#define REND_TOKEN_LEN   DIGEST_LEN
 
#define TO_CIRCUIT(x)   (&((x)->base_))
 
#define ISO_DEFAULT   (ISO_CLIENTADDR|ISO_SOCKSAUTH|ISO_SESSIONGRP|ISO_NYM_EPOCH)
 
#define SESSION_GROUP_UNSET   -1
 
#define SESSION_GROUP_DIRCONN   -2
 
#define SESSION_GROUP_CONTROL_RESOLVE   -3
 
#define SESSION_GROUP_FIRST_AUTO   -4
 
#define CFG_AUTO_PORT   0xc4005e
 
#define MAX_SOCKS_ADDR_LEN   256
 
#define DEFAULT_ROUTE_LEN   3
 
#define BW_WEIGHT_SCALE   10000
 
#define BW_MIN_WEIGHT_SCALE   1
 
#define BW_MAX_WEIGHT_SCALE   INT32_MAX
 
#define addressmap_entry_source_bitfield_t   ENUM_BF(addressmap_entry_source_t)
 
#define WRITE_STATS_INTERVAL   (24*60*60)
 
#define MAX_INTRO_POINT_REACHABILITY_FAILURES   5
 
#define INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS   16384
 
#define INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS    (INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS * 2)
 
#define INTRO_POINT_LIFETIME_MIN_SECONDS   (18*60*60)
 
#define INTRO_POINT_LIFETIME_MAX_SECONDS   (24*60*60)
 
#define MAX_INTRO_POINT_CIRCUIT_RETRIES   3
 
#define RELAY_REQUIRED_MIN_BANDWIDTH   (75*1024)
 
#define BRIDGE_REQUIRED_MIN_BANDWIDTH   (50*1024)
 
#define ROUTER_MAX_DECLARED_BANDWIDTH   INT32_MAX
 
Certificate types for CERTS cells.

These values are defined by the protocol, and affect how an X509 certificate in a CERTS cell is interpreted and used.

#define OR_CERT_TYPE_TLS_LINK   1
 
#define OR_CERT_TYPE_ID_1024   2
 
#define OR_CERT_TYPE_AUTH_1024   3
 
#define OR_CERT_TYPE_RSA_ED_CROSSCERT   7
 
Isolation flags

Ways to isolate client streams

#define ISO_DESTPORT   (1u<<0)
 
#define ISO_DESTADDR   (1u<<1)
 
#define ISO_SOCKSAUTH   (1u<<2)
 
#define ISO_CLIENTPROTO   (1u<<3)
 
#define ISO_CLIENTADDR   (1u<<4)
 
#define ISO_SESSIONGRP   (1u<<5)
 
#define ISO_NYM_EPOCH   (1u<<6)
 
#define ISO_STREAM   (1u<<7)
 

Typedefs

typedef uint32_t circid_t
 
typedef uint16_t streamid_t
 
typedef struct channel_tls_t channel_tls_t
 
typedef struct circuitmux_t circuitmux_t
 
typedef enum path_state_t path_state_t
 
typedef struct routerset_t routerset_t
 

Enumerations

enum  rend_auth_type_t { REND_NO_AUTH = 0 , REND_V3_AUTH = 1 }
 
enum  cell_direction_t { CELL_DIRECTION_IN =1 , CELL_DIRECTION_OUT =2 }
 
enum  circuit_channel_direction_t { CIRCUIT_N_CHAN = 0 , CIRCUIT_P_CHAN = 1 }
 
enum  saved_location_t { SAVED_NOWHERE =0 , SAVED_IN_CACHE , SAVED_IN_JOURNAL }
 
enum  download_schedule_t { DL_SCHED_GENERIC = 0 , DL_SCHED_CONSENSUS = 1 , DL_SCHED_BRIDGE = 2 }
 
enum  download_want_authority_t { DL_WANT_ANY_DIRSERVER = 0 , DL_WANT_AUTHORITY = 1 }
 
enum  download_schedule_increment_t { DL_SCHED_INCREMENT_FAILURE = 0 , DL_SCHED_INCREMENT_ATTEMPT = 1 }
 
enum  consensus_flavor_t { FLAV_NS = 0 , FLAV_MICRODESC = 1 }
 
enum  dirinfo_type_t {
  NO_DIRINFO = 0 , V3_DIRINFO = 1 << 2 , BRIDGE_DIRINFO = 1 << 4 , EXTRAINFO_DIRINFO =1 << 5 ,
  MICRODESC_DIRINFO =1 << 6
}
 
enum  addressmap_entry_source_t {
  ADDRMAPSRC_CONTROLLER , ADDRMAPSRC_AUTOMAP , ADDRMAPSRC_TORRC , ADDRMAPSRC_TRACKEXIT ,
  ADDRMAPSRC_DNS , ADDRMAPSRC_NONE
}
 

Functions

static int get_cell_network_size (int wide_circ_ids)
 
static int get_var_cell_header_size (int wide_circ_ids)
 
static int get_circ_id_size (int wide_circ_ids)
 

Detailed Description

Master header file for Tor-specific functionality.

Definition in file or.h.

Macro Definition Documentation

◆ AUTHTYPE_ED25519_SHA256_RFC5705

#define AUTHTYPE_ED25519_SHA256_RFC5705   3

As AUTHTYPE_RSA_SHA256_RFC5705, but uses an Ed25519 identity key to authenticate.

Definition at line 572 of file or.h.

◆ AUTHTYPE_RSA_SHA256_RFC5705

#define AUTHTYPE_RSA_SHA256_RFC5705   2

As AUTHTYPE_RSA_SHA256_TLSSECRET, but instead of using the negotiated TLS secrets, uses exported keying material from the TLS session as described in RFC 5705.

Not used by today's tors, since everything that supports this also supports ED25519_SHA256_5705, which is better.

Definition at line 569 of file or.h.

◆ AUTHTYPE_RSA_SHA256_TLSSECRET

#define AUTHTYPE_RSA_SHA256_TLSSECRET   1

The first supported type of AUTHENTICATE cell. It contains a bunch of structures signed with an RSA1024 key. The signed structures include a HMAC using negotiated TLS secrets, and a digest of all cells sent or received before the AUTHENTICATE cell (including the random server-generated AUTH_CHALLENGE cell).

Definition at line 561 of file or.h.

◆ BW_WEIGHT_SCALE

#define BW_WEIGHT_SCALE   10000

Precision multiplier for the Bw weights

Definition at line 904 of file or.h.

◆ CELL_MAX_NETWORK_SIZE

#define CELL_MAX_NETWORK_SIZE   514

Number of bytes in a cell transmitted over the network, in the longest form

Definition at line 460 of file or.h.

◆ CELL_PAYLOAD_SIZE

#define CELL_PAYLOAD_SIZE   509

Number of bytes in a cell, minus cell header.

Definition at line 457 of file or.h.

◆ CFG_AUTO_PORT

#define CFG_AUTO_PORT   0xc4005e

A magic value for the (Socks|OR|...)Port options below, telling Tor to pick its own port.

Definition at line 888 of file or.h.

◆ CIRCWINDOW_INCREMENT

#define CIRCWINDOW_INCREMENT   100

Amount to increment a circuit window when we get a circuit SENDME.

Definition at line 386 of file or.h.

◆ CIRCWINDOW_START

#define CIRCWINDOW_START   1000

Initial value for both sides of a circuit transmission window when the circuit is initialized. Measured in cells.

Definition at line 382 of file or.h.

◆ DEFAULT_CLIENT_NICKNAME

#define DEFAULT_CLIENT_NICKNAME   "client"

Name to use in client TLS certificates if no nickname is given. Once Tor 0.1.2.x is obsolete, we can remove this.

Definition at line 438 of file or.h.

◆ DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS

#define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS   (7)

Default grace period for acceptance of an onion key in days.

Definition at line 147 of file or.h.

◆ DEFAULT_ONION_KEY_LIFETIME_DAYS

#define DEFAULT_ONION_KEY_LIFETIME_DAYS   (28)

Default lifetime for an onion key in days.

Definition at line 139 of file or.h.

◆ DEFAULT_ROUTE_LEN

#define DEFAULT_ROUTE_LEN   3

How many hops does a general-purpose circuit have by default?

Definition at line 899 of file or.h.

◆ DOWNCAST

#define DOWNCAST (   to,
  ptr 
)    ((to*)SUBTYPE_P(ptr, to, base_))

Helper macro: Given a pointer to to.base_, of type from*, return &to.

Definition at line 109 of file or.h.

◆ END_CIRC_AT_ORIGIN

#define END_CIRC_AT_ORIGIN   -1

Catch-all "other" reason for closing origin circuits.

Definition at line 306 of file or.h.

◆ END_CIRC_REASON_FLAG_REMOTE

#define END_CIRC_REASON_FLAG_REMOTE   512

Bitwise-OR this with the argument to circuit_mark_for_close() or control_event_circuit_status() to indicate that the reason was passed through from a destroy or truncate cell.

Definition at line 329 of file or.h.

◆ END_CIRC_REASON_MEASUREMENT_EXPIRED

#define END_CIRC_REASON_MEASUREMENT_EXPIRED   -3

Our post-timeout circuit time measurement period expired. We must give up now

Definition at line 301 of file or.h.

◆ END_CIRC_REASON_NOPATH

#define END_CIRC_REASON_NOPATH   -2

We couldn't build a path for this circuit.

Definition at line 304 of file or.h.

◆ END_STREAM_REASON_CANT_ATTACH

#define END_STREAM_REASON_CANT_ATTACH   257

We were unable to attach the connection to any circuit at all.

Definition at line 251 of file or.h.

◆ END_STREAM_REASON_CANT_FETCH_ORIG_DEST

#define END_STREAM_REASON_CANT_FETCH_ORIG_DEST   260

This is a transparent proxy connection, but we can't extract the original target address:port.

Definition at line 260 of file or.h.

◆ END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED

#define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED   1024

Bitwise-or this with the argument to control_event_stream_status to indicate that we already sent a CLOSED stream event.

Definition at line 280 of file or.h.

◆ END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED

#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED   2048

Bitwise-or this with endreason to indicate that we already sent a socks reply, and no further reply needs to be sent from connection_mark_unattached_ap().

Definition at line 284 of file or.h.

◆ END_STREAM_REASON_FLAG_REMOTE

#define END_STREAM_REASON_FLAG_REMOTE   512

Bitwise-or this with the argument to control_event_stream_status to indicate that the reason came from an END cell.

Definition at line 277 of file or.h.

◆ END_STREAM_REASON_HTTPPROTOCOL

#define END_STREAM_REASON_HTTPPROTOCOL   263

This is an HTTP tunnel connection and the client used or misused HTTP in a way we can't handle.

Definition at line 270 of file or.h.

◆ END_STREAM_REASON_INVALID_NATD_DEST

#define END_STREAM_REASON_INVALID_NATD_DEST   261

This is a connection on the NATD port, and the destination IP:Port was either ill-formed or out-of-range.

Definition at line 263 of file or.h.

◆ END_STREAM_REASON_MASK

#define END_STREAM_REASON_MASK   511

Bitwise-and this value with endreason to mask out all flags.

Definition at line 273 of file or.h.

◆ END_STREAM_REASON_NET_UNREACHABLE

#define END_STREAM_REASON_NET_UNREACHABLE   258

We can't connect to any directories at all, so we killed our streams before they can time out.

Definition at line 254 of file or.h.

◆ END_STREAM_REASON_PRIVATE_ADDR

#define END_STREAM_REASON_PRIVATE_ADDR   262

The target address is in a private network (like 127.0.0.1 or 10.0.0.1); you don't want to do that over a randomly chosen exit

Definition at line 266 of file or.h.

◆ END_STREAM_REASON_SOCKSPROTOCOL

#define END_STREAM_REASON_SOCKSPROTOCOL   259

This is a SOCKS connection, and the client used (or misused) the SOCKS protocol in a way we couldn't handle.

Definition at line 257 of file or.h.

◆ ENTRY_TO_CONN

#define ENTRY_TO_CONN (   c)    (TO_CONN(ENTRY_TO_EDGE_CONN(c)))

Cast a entry_connection_t subtype pointer to a connection_t

Definition at line 619 of file or.h.

◆ EXT_OR_CONN_ID_LEN

#define EXT_OR_CONN_ID_LEN   DIGEST_LEN /* 20 */

Length of Extended ORPort connection identifier.

Definition at line 593 of file or.h.

◆ IMPOSSIBLE_TO_DOWNLOAD

#define IMPOSSIBLE_TO_DOWNLOAD   255

If n_download_failures is this high, the download can never happen.

Definition at line 679 of file or.h.

◆ INTRO_POINT_LIFETIME_MAX_SECONDS

#define INTRO_POINT_LIFETIME_MAX_SECONDS   (24*60*60)

The maximum number of seconds that an introduction point will last before expiring due to old age.

XXX Should this be configurable?

Definition at line 972 of file or.h.

◆ INTRO_POINT_LIFETIME_MIN_SECONDS

#define INTRO_POINT_LIFETIME_MIN_SECONDS   (18*60*60)

The minimum number of seconds that an introduction point will last before expiring due to old age. (If it receives INTRO_POINT_LIFETIME_INTRODUCTIONS INTRODUCE2 cells, it may expire sooner.)

XXX Should this be configurable?

Definition at line 967 of file or.h.

◆ INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS

#define INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS   16384

The minimum and maximum number of distinct INTRODUCE2 cells which a hidden service's introduction point will receive before it begins to expire.

Definition at line 956 of file or.h.

◆ ISO_CLIENTADDR

#define ISO_CLIENTADDR   (1u<<4)

Isolate based on client address

Definition at line 862 of file or.h.

◆ ISO_CLIENTPROTO

#define ISO_CLIENTPROTO   (1u<<3)

Isolate based on client protocol choice

Definition at line 860 of file or.h.

◆ ISO_DEFAULT

Default isolation level for ports.

Definition at line 872 of file or.h.

◆ ISO_DESTADDR

#define ISO_DESTADDR   (1u<<1)

Isolate based on destination address

Definition at line 856 of file or.h.

◆ ISO_DESTPORT

#define ISO_DESTPORT   (1u<<0)

Isolate based on destination port

Definition at line 854 of file or.h.

◆ ISO_NYM_EPOCH

#define ISO_NYM_EPOCH   (1u<<6)

Isolate based on newnym epoch (always on).

Definition at line 866 of file or.h.

◆ ISO_SESSIONGRP

#define ISO_SESSIONGRP   (1u<<5)

Isolate based on session group (always on).

Definition at line 864 of file or.h.

◆ ISO_SOCKSAUTH

#define ISO_SOCKSAUTH   (1u<<2)

Isolate based on SOCKS authentication

Definition at line 858 of file or.h.

◆ ISO_STREAM

#define ISO_STREAM   (1u<<7)

Isolate all streams (Internal only).

Definition at line 868 of file or.h.

◆ LEGAL_NICKNAME_CHARACTERS

#define LEGAL_NICKNAME_CHARACTERS    "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Legal characters in a nickname.

Definition at line 433 of file or.h.

◆ MAX_DESCRIPTOR_UPLOAD_SIZE

#define MAX_DESCRIPTOR_UPLOAD_SIZE   20000

Maximum size, in bytes, of a single router descriptor uploaded to us as a directory authority. Caches and clients fetch whatever descriptors the authorities tell them to fetch, and don't care about size.

Definition at line 127 of file or.h.

◆ MAX_EXTRAINFO_UPLOAD_SIZE

#define MAX_EXTRAINFO_UPLOAD_SIZE   50000

Maximum size of a single extrainfo document, as above.

Definition at line 130 of file or.h.

◆ MAX_HEADERS_SIZE

#define MAX_HEADERS_SIZE   50000

For HTTP parsing: Maximum number of bytes we'll accept in the headers of an HTTP request or response.

Definition at line 122 of file or.h.

◆ MAX_HEX_NICKNAME_LEN

#define MAX_HEX_NICKNAME_LEN   (HEX_DIGEST_LEN+1)

Length of a router identity encoded as a hexadecimal digest, plus possible dollar sign.

Definition at line 115 of file or.h.

◆ MAX_INTRO_POINT_CIRCUIT_RETRIES

#define MAX_INTRO_POINT_CIRCUIT_RETRIES   3

The maximum number of circuit creation retry we do to an intro point before giving up. We try to reuse intro point that fails during their lifetime so this is a hard limit on the amount of time we do that.

Definition at line 977 of file or.h.

◆ MAX_INTRO_POINT_REACHABILITY_FAILURES

#define MAX_INTRO_POINT_REACHABILITY_FAILURES   5

The maximum number of non-circuit-build-timeout failures a hidden service client will tolerate while trying to build a circuit to an introduction point.

Definition at line 951 of file or.h.

◆ MAX_NICKNAME_LEN

#define MAX_NICKNAME_LEN   19

Length of longest allowable configured nickname.

Definition at line 112 of file or.h.

◆ MAX_ONION_KEY_LIFETIME_DAYS

#define MAX_ONION_KEY_LIFETIME_DAYS   (90)

Maximum lifetime for an onion key in days.

Definition at line 136 of file or.h.

◆ MAX_RELAY_EARLY_CELLS_PER_CIRCUIT

#define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT   8

Largest number of relay_early cells that we can send on a given circuit.

Definition at line 834 of file or.h.

◆ MAX_SSL_KEY_LIFETIME_INTERNAL

#define MAX_SSL_KEY_LIFETIME_INTERNAL   (2*60*60)

How often do we rotate TLS contexts?

Definition at line 154 of file or.h.

◆ MAX_VERBOSE_NICKNAME_LEN

#define MAX_VERBOSE_NICKNAME_LEN   (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)

Maximum length of verbose router identifier: dollar sign, hex ID digest, equal sign or tilde, nickname.

Definition at line 118 of file or.h.

◆ MIN_CIRCUITS_HANDLING_STREAM

#define MIN_CIRCUITS_HANDLING_STREAM   2

How many circuits do we want simultaneously in-progress to handle a given stream?

Definition at line 180 of file or.h.

◆ MIN_ONION_KEY_GRACE_PERIOD_DAYS

#define MIN_ONION_KEY_GRACE_PERIOD_DAYS   (1)

Minimum grace period for acceptance of an onion key in days. The maximum value is defined in proposal #274 as being the current network consensus parameter for "onion-key-rotation-days".

Definition at line 144 of file or.h.

◆ MIN_ONION_KEY_LIFETIME_DAYS

#define MIN_ONION_KEY_LIFETIME_DAYS   (1)

Minimum lifetime for an onion key in days.

Definition at line 133 of file or.h.

◆ N_CONSENSUS_FLAVORS

#define N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)

How many different consensus flavors are there?

Definition at line 767 of file or.h.

◆ OLD_ROUTER_DESC_MAX_AGE

#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)

How old do we let a saved descriptor get before force-removing it?

Definition at line 163 of file or.h.

◆ ONION_KEY_CONSENSUS_CHECK_INTERVAL

#define ONION_KEY_CONSENSUS_CHECK_INTERVAL   (60*60)

How often we should check the network consensus if it is time to rotate or expire onion keys.

Definition at line 151 of file or.h.

◆ OR_AUTH_CHALLENGE_LEN

#define OR_AUTH_CHALLENGE_LEN   32

Minimum length of the random part of an AUTH_CHALLENGE cell.

Definition at line 531 of file or.h.

◆ OR_CERT_TYPE_AUTH_1024

#define OR_CERT_TYPE_AUTH_1024   3

A certificate that authenticates a key used in an AUTHENTICATE cell in the v3 handshake. The subject key must be a 1024-bit RSA key; it must be signed by the identity key

Definition at line 550 of file or.h.

◆ OR_CERT_TYPE_ID_1024

#define OR_CERT_TYPE_ID_1024   2

A self-signed identity certificate. The subject key must be a 1024-bit RSA key.

Definition at line 546 of file or.h.

◆ OR_CERT_TYPE_TLS_LINK

#define OR_CERT_TYPE_TLS_LINK   1

A certificate that authenticates a TLS link key. The subject key must match the key used in the TLS handshake; it must be signed by the identity key.

Definition at line 543 of file or.h.

◆ OR_CONN_HIGHWATER

#define OR_CONN_HIGHWATER   (32*1024)

When adding cells to an OR connection's outbuf, keep adding until the outbuf is at least this long, or we run out of cells.

Definition at line 601 of file or.h.

◆ OR_CONN_LOWWATER

#define OR_CONN_LOWWATER   (16*1024)

Add cells to an OR connection's outbuf whenever the outbuf's data length drops below this size.

Definition at line 605 of file or.h.

◆ ORCIRC_MAX_MIDDLE_CELLS

#define ORCIRC_MAX_MIDDLE_CELLS   (CIRCWINDOW_START_MAX*2)

Maximum number of queued cells on a circuit for which we are the midpoint before we give up and kill it. This must be >= circwindow to avoid killing innocent circuits, and >= circwindow*2 to give leaky-pipe a chance of working someday. The ORCIRC_MAX_MIDDLE_KILL_THRESH ratio controls the margin of error between emitting a warning and killing the circuit.

Definition at line 401 of file or.h.

◆ ORCIRC_MAX_MIDDLE_KILL_THRESH

#define ORCIRC_MAX_MIDDLE_KILL_THRESH   (1.1f)

Ratio of hard (circuit kill) to soft (warning) thresholds for the ORCIRC_MAX_MIDDLE_CELLS tests.

Definition at line 405 of file or.h.

◆ RELAY_HEADER_SIZE

#define RELAY_HEADER_SIZE   (1+2+2+4+2)

Number of bytes in a relay cell's header (not including general cell header).

Definition at line 484 of file or.h.

◆ RELAY_PAYLOAD_SIZE

#define RELAY_PAYLOAD_SIZE   (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)

Largest number of bytes that can fit in a relay cell payload.

Definition at line 486 of file or.h.

◆ REND_CLIENTNAME_MAX_LEN

#define REND_CLIENTNAME_MAX_LEN   16

Maximum length of authorized client names for a hidden service.

Definition at line 337 of file or.h.

◆ REND_COOKIE_LEN

#define REND_COOKIE_LEN   DIGEST_LEN

Length of the rendezvous cookie that is used to connect circuits at the rendezvous point.

Definition at line 341 of file or.h.

◆ REND_DESC_ID_V2_LEN_BASE32

#define REND_DESC_ID_V2_LEN_BASE32   BASE32_DIGEST_LEN

Length of v2 descriptor ID (32 base32 chars = 160 bits).

XXX: It is still used by v3 code but should be renamed or maybe removed.

Definition at line 334 of file or.h.

◆ REND_REPLAY_TIME_INTERVAL

#define REND_REPLAY_TIME_INTERVAL   (5 * 60)

Time interval for tracking replays of DH public keys received in INTRODUCE2 cells. Used only to avoid launching multiple simultaneous attempts to connect to the same rendezvous point.

Definition at line 360 of file or.h.

◆ ROUTER_ANNOTATION_BUF_LEN

#define ROUTER_ANNOTATION_BUF_LEN   256

The max size we expect router descriptor annotations we create to be. We'll accept larger ones if we see them on disk, but we won't create any that are larger than this.

Definition at line 684 of file or.h.

◆ ROUTER_MAX_AGE

#define ROUTER_MAX_AGE   (60*60*48)

How old do we allow a router to get before removing it from the router list? In seconds.

Definition at line 158 of file or.h.

◆ ROUTER_MAX_AGE_TO_PUBLISH

#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)

How old can a router get before we (as a server) will no longer consider it live? In seconds.

Definition at line 161 of file or.h.

◆ SESSION_GROUP_CONTROL_RESOLVE

#define SESSION_GROUP_CONTROL_RESOLVE   -3

Session group reserved for resolve requests launched by a controller

Definition at line 879 of file or.h.

◆ SESSION_GROUP_DIRCONN

#define SESSION_GROUP_DIRCONN   -2

Session group reserved for directory connections

Definition at line 877 of file or.h.

◆ SESSION_GROUP_FIRST_AUTO

#define SESSION_GROUP_FIRST_AUTO   -4

First automatically allocated session group number

Definition at line 881 of file or.h.

◆ SESSION_GROUP_UNSET

#define SESSION_GROUP_UNSET   -1

Indicates that we haven't yet set a session group on a port_cfg_t.

Definition at line 875 of file or.h.

◆ SOCKS4_NETWORK_LEN

#define SOCKS4_NETWORK_LEN   8

Number of bytes in a SOCKS4 header.

Definition at line 444 of file or.h.

◆ STREAMWINDOW_INCREMENT

#define STREAMWINDOW_INCREMENT   50

Amount to increment a stream window when we get a stream SENDME.

Definition at line 392 of file or.h.

◆ STREAMWINDOW_START

#define STREAMWINDOW_START   500

Initial value on both sides of a stream transmission window when the stream is initialized. Measured in cells.

Definition at line 389 of file or.h.

◆ TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT

#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT   (20*60)

How long to test reachability before complaining to the user.

Definition at line 430 of file or.h.

◆ TO_CIRCUIT

#define TO_CIRCUIT (   x)    (&((x)->base_))

Convert a circuit subtype to a circuit_t.

Definition at line 845 of file or.h.

◆ TO_CONN

#define TO_CONN (   c)    (&(((c)->base_)))

Cast a connection_t subtype pointer to a connection_t

Definition at line 616 of file or.h.

◆ UNNAMED_ROUTER_NICKNAME

#define UNNAMED_ROUTER_NICKNAME   "Unnamed"

Name chosen by routers that don't configure nicknames

Definition at line 441 of file or.h.

◆ V3_AUTH_BODY_LEN

#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)

The length of the part of the AUTHENTICATE cell body that the client signs.

Definition at line 587 of file or.h.

◆ V3_AUTH_FIXED_PART_LEN

#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))

The length of the part of the AUTHENTICATE cell body that the client and server can generate independently (when using RSA_SHA256_TLSSECRET). It contains everything except the client's timestamp, the client's randomly generated nonce, and the signature.

Definition at line 584 of file or.h.

◆ VAR_CELL_MAX_HEADER_SIZE

#define VAR_CELL_MAX_HEADER_SIZE   7

Maximum length of a header on a variable-length cell.

Definition at line 463 of file or.h.

Typedef Documentation

◆ circid_t

typedef uint32_t circid_t

Identifies a circuit on an or_connection

Definition at line 489 of file or.h.

◆ streamid_t

typedef uint16_t streamid_t

Identifies a stream on a circuit

Definition at line 491 of file or.h.

Enumeration Type Documentation

◆ addressmap_entry_source_t

Enumerates possible origins of a client-side address mapping.

Enumerator
ADDRMAPSRC_CONTROLLER 

We're remapping this address because the controller told us to.

ADDRMAPSRC_AUTOMAP 

We're remapping this address because of an AutomapHostsOnResolve configuration.

ADDRMAPSRC_TORRC 

We're remapping this address because our configuration (via torrc, the command line, or a SETCONF command) told us to.

ADDRMAPSRC_TRACKEXIT 

We're remapping this address because we have TrackHostExit configured, and we want to remember to use the same exit next time.

ADDRMAPSRC_DNS 

We're remapping this address because we got a DNS resolution from a Tor server that told us what its value was.

ADDRMAPSRC_NONE 

No remapping has occurred. This isn't a possible value for an addrmap_entry_t; it's used as a null value when we need to answer "Why did this remapping happen."

Definition at line 915 of file or.h.

◆ cell_direction_t

Used to indicate which way a cell is going on a circuit.

Enumerator
CELL_DIRECTION_IN 

The cell is moving towards the origin.

CELL_DIRECTION_OUT 

The cell is moving away from the origin.

Definition at line 363 of file or.h.

◆ circuit_channel_direction_t

An enum to allow us to specify which channel in a circuit we're interested in.

This is needed because our data structures and other fields for channel delivery are disassociated from the channel.

Definition at line 375 of file or.h.

◆ consensus_flavor_t

Enumerates recognized flavors of a consensus networkstatus document. All flavors of a consensus are generated from the same set of votes, but they present different types information to different versions of Tor.

Definition at line 761 of file or.h.

◆ dirinfo_type_t

Bitfield enum type listing types of information that directory authorities can be authoritative about, and that directory caches may or may not cache.

Note that the granularity here is based on authority granularity and on cache capabilities. Thus, one particular bit may correspond in practice to a few types of directory info, so long as every authority that pronounces officially about one of the types prounounces officially about all of them, and so long as every cache that caches one of them caches all of them.

Enumerator
V3_DIRINFO 

Serves/signs v3 directory information: votes, consensuses, certs

BRIDGE_DIRINFO 

Serves bridge descriptors.

EXTRAINFO_DIRINFO 

Serves extrainfo documents.

MICRODESC_DIRINFO 

Serves microdescriptors.

Definition at line 785 of file or.h.

◆ download_schedule_increment_t

Enumeration: do we want to increment the schedule position each time a connection is attempted (these attempts can be concurrent), or do we want to increment the schedule position after a connection fails?

Definition at line 669 of file or.h.

◆ download_schedule_t

Enumeration: what directory object is being downloaded? This determines which schedule is selected to perform the download.

Definition at line 647 of file or.h.

◆ download_want_authority_t

Enumeration: is the download schedule for downloading from an authority, or from any available directory mirror? During bootstrap, "any" means a fallback (or an authority, if there are no fallbacks). When we have a valid consensus, "any" means any directory server.

Definition at line 659 of file or.h.

◆ rend_auth_type_t

Client authorization type that a hidden service performs.

Definition at line 344 of file or.h.

◆ saved_location_t

Enum used to remember where a signed_descriptor_t is stored and how to manage the memory for signed_descriptor_body.

Enumerator
SAVED_NOWHERE 

The descriptor isn't stored on disk at all: the copy in memory is canonical; the saved_offset field is meaningless.

SAVED_IN_CACHE 

The descriptor is stored in the cached_routers file: the signed_descriptor_body is meaningless; the signed_descriptor_len and saved_offset are used to index into the mmaped cache file.

SAVED_IN_JOURNAL 

The descriptor is stored in the cached_routers.new file: the signed_descriptor_body and saved_offset fields are both set.

Definition at line 627 of file or.h.