Tor  0.4.3.0-alpha-dev
or.h
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2019, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file or.h
9  * \brief Master header file for Tor-specific functionality.
10  **/
11 
12 #ifndef TOR_OR_H
13 #define TOR_OR_H
14 
15 #include "orconfig.h"
16 #include "lib/cc/torint.h"
17 
18 #ifdef HAVE_SIGNAL_H
19 #include <signal.h>
20 #endif
21 #ifdef HAVE_TIME_H
22 #include <time.h>
23 #endif
24 
25 #include "lib/arch/bytes.h"
26 #include "lib/cc/compat_compiler.h"
27 #include "lib/cc/torint.h"
28 #include "lib/container/map.h"
29 #include "lib/buf/buffers.h"
33 #include "lib/ctime/di_ops.h"
34 #include "lib/defs/dh_sizes.h"
35 #include "lib/encoding/binascii.h"
36 #include "lib/encoding/cstring.h"
37 #include "lib/encoding/time_fmt.h"
38 #include "lib/err/torerr.h"
39 #include "lib/fs/dir.h"
40 #include "lib/fs/files.h"
41 #include "lib/fs/mmap.h"
42 #include "lib/fs/path.h"
43 #include "lib/fs/userdb.h"
44 #include "lib/geoip/country.h"
45 #include "lib/intmath/addsub.h"
46 #include "lib/intmath/bits.h"
47 #include "lib/intmath/cmp.h"
48 #include "lib/intmath/logic.h"
49 #include "lib/intmath/muldiv.h"
50 #include "lib/log/escape.h"
51 #include "lib/log/ratelim.h"
52 #include "lib/log/util_bug.h"
53 #include "lib/malloc/malloc.h"
54 #include "lib/net/address.h"
55 #include "lib/net/inaddr.h"
56 #include "lib/net/socket.h"
59 #include "lib/string/parse_int.h"
60 #include "lib/string/printf.h"
61 #include "lib/string/scanf.h"
62 #include "lib/string/util_string.h"
64 #include "lib/thread/threads.h"
65 #include "lib/time/compat_time.h"
67 #include "lib/wallclock/timeval.h"
68 
69 #include "ht.h"
70 
71 // These, more than other includes, are for keeping the other struct
72 // definitions working. We should remove them when we minimize our includes.
74 
77 
78 /* These signals are defined to help handle_control_signal work.
79  */
80 #ifndef SIGHUP
81 #define SIGHUP 1
82 #endif
83 #ifndef SIGINT
84 #define SIGINT 2
85 #endif
86 #ifndef SIGUSR1
87 #define SIGUSR1 10
88 #endif
89 #ifndef SIGUSR2
90 #define SIGUSR2 12
91 #endif
92 #ifndef SIGTERM
93 #define SIGTERM 15
94 #endif
95 /* Controller signals start at a high number so we don't
96  * conflict with system-defined signals. */
97 #define SIGNEWNYM 129
98 #define SIGCLEARDNSCACHE 130
99 #define SIGHEARTBEAT 131
100 #define SIGACTIVE 132
101 #define SIGDORMANT 133
102 
103 #if (SIZEOF_CELL_T != 0)
104 /* On Irix, stdlib.h defines a cell_t type, so we need to make sure
105  * that our stuff always calls cell_t something different. */
106 #define cell_t tor_cell_t
107 #endif
108 
109 /** Helper macro: Given a pointer to to.base_, of type from*, return &to. */
110 #define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_))
111 
112 /** Length of longest allowable configured nickname. */
113 #define MAX_NICKNAME_LEN 19
114 /** Length of a router identity encoded as a hexadecimal digest, plus
115  * possible dollar sign. */
116 #define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
117 /** Maximum length of verbose router identifier: dollar sign, hex ID digest,
118  * equal sign or tilde, nickname. */
119 #define MAX_VERBOSE_NICKNAME_LEN (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)
120 
121 /** For HTTP parsing: Maximum number of bytes we'll accept in the headers
122  * of an HTTP request or response. */
123 #define MAX_HEADERS_SIZE 50000
124 
125 /** Maximum size, in bytes, of a single router descriptor uploaded to us
126  * as a directory authority. Caches and clients fetch whatever descriptors
127  * the authorities tell them to fetch, and don't care about size. */
128 #define MAX_DESCRIPTOR_UPLOAD_SIZE 20000
129 
130 /** Maximum size of a single extrainfo document, as above. */
131 #define MAX_EXTRAINFO_UPLOAD_SIZE 50000
132 
133 /** Minimum lifetime for an onion key in days. */
134 #define MIN_ONION_KEY_LIFETIME_DAYS (1)
135 
136 /** Maximum lifetime for an onion key in days. */
137 #define MAX_ONION_KEY_LIFETIME_DAYS (90)
138 
139 /** Default lifetime for an onion key in days. */
140 #define DEFAULT_ONION_KEY_LIFETIME_DAYS (28)
141 
142 /** Minimum grace period for acceptance of an onion key in days.
143  * The maximum value is defined in proposal #274 as being the current network
144  * consensus parameter for "onion-key-rotation-days". */
145 #define MIN_ONION_KEY_GRACE_PERIOD_DAYS (1)
146 
147 /** Default grace period for acceptance of an onion key in days. */
148 #define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS (7)
149 
150 /** How often we should check the network consensus if it is time to rotate or
151  * expire onion keys. */
152 #define ONION_KEY_CONSENSUS_CHECK_INTERVAL (60*60)
153 
154 /** How often do we rotate TLS contexts? */
155 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
156 
157 /** How old do we allow a router to get before removing it
158  * from the router list? In seconds. */
159 #define ROUTER_MAX_AGE (60*60*48)
160 /** How old can a router get before we (as a server) will no longer
161  * consider it live? In seconds. */
162 #define ROUTER_MAX_AGE_TO_PUBLISH (60*60*24)
163 /** How old do we let a saved descriptor get before force-removing it? */
164 #define OLD_ROUTER_DESC_MAX_AGE (60*60*24*5)
165 
166 /* Proxy client types */
167 #define PROXY_NONE 0
168 #define PROXY_CONNECT 1
169 #define PROXY_SOCKS4 2
170 #define PROXY_SOCKS5 3
171 /* !!!! If there is ever a PROXY_* type over 3, we must grow the proxy_type
172  * field in or_connection_t */
173 
174 /* Pluggable transport proxy type. Don't use this in or_connection_t,
175  * instead use the actual underlying proxy type (see above). */
176 #define PROXY_PLUGGABLE 4
177 
178 /** How many circuits do we want simultaneously in-progress to handle
179  * a given stream? */
180 #define MIN_CIRCUITS_HANDLING_STREAM 2
181 
182 /* These RELAY_COMMAND constants define values for relay cell commands, and
183 * must match those defined in tor-spec.txt. */
184 #define RELAY_COMMAND_BEGIN 1
185 #define RELAY_COMMAND_DATA 2
186 #define RELAY_COMMAND_END 3
187 #define RELAY_COMMAND_CONNECTED 4
188 #define RELAY_COMMAND_SENDME 5
189 #define RELAY_COMMAND_EXTEND 6
190 #define RELAY_COMMAND_EXTENDED 7
191 #define RELAY_COMMAND_TRUNCATE 8
192 #define RELAY_COMMAND_TRUNCATED 9
193 #define RELAY_COMMAND_DROP 10
194 #define RELAY_COMMAND_RESOLVE 11
195 #define RELAY_COMMAND_RESOLVED 12
196 #define RELAY_COMMAND_BEGIN_DIR 13
197 #define RELAY_COMMAND_EXTEND2 14
198 #define RELAY_COMMAND_EXTENDED2 15
199 
200 #define RELAY_COMMAND_ESTABLISH_INTRO 32
201 #define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
202 #define RELAY_COMMAND_INTRODUCE1 34
203 #define RELAY_COMMAND_INTRODUCE2 35
204 #define RELAY_COMMAND_RENDEZVOUS1 36
205 #define RELAY_COMMAND_RENDEZVOUS2 37
206 #define RELAY_COMMAND_INTRO_ESTABLISHED 38
207 #define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
208 #define RELAY_COMMAND_INTRODUCE_ACK 40
209 
210 #define RELAY_COMMAND_PADDING_NEGOTIATE 41
211 #define RELAY_COMMAND_PADDING_NEGOTIATED 42
212 
213 /* Reasons why an OR connection is closed. */
214 #define END_OR_CONN_REASON_DONE 1
215 #define END_OR_CONN_REASON_REFUSED 2 /* connection refused */
216 #define END_OR_CONN_REASON_OR_IDENTITY 3
217 #define END_OR_CONN_REASON_CONNRESET 4 /* connection reset by peer */
218 #define END_OR_CONN_REASON_TIMEOUT 5
219 #define END_OR_CONN_REASON_NO_ROUTE 6 /* no route to host/net */
220 #define END_OR_CONN_REASON_IO_ERROR 7 /* read/write error */
221 #define END_OR_CONN_REASON_RESOURCE_LIMIT 8 /* sockets, buffers, etc */
222 #define END_OR_CONN_REASON_PT_MISSING 9 /* PT failed or not available */
223 #define END_OR_CONN_REASON_MISC 10
224 
225 /* Reasons why we (or a remote OR) might close a stream. See tor-spec.txt for
226  * documentation of these. The values must match. */
227 #define END_STREAM_REASON_MISC 1
228 #define END_STREAM_REASON_RESOLVEFAILED 2
229 #define END_STREAM_REASON_CONNECTREFUSED 3
230 #define END_STREAM_REASON_EXITPOLICY 4
231 #define END_STREAM_REASON_DESTROY 5
232 #define END_STREAM_REASON_DONE 6
233 #define END_STREAM_REASON_TIMEOUT 7
234 #define END_STREAM_REASON_NOROUTE 8
235 #define END_STREAM_REASON_HIBERNATING 9
236 #define END_STREAM_REASON_INTERNAL 10
237 #define END_STREAM_REASON_RESOURCELIMIT 11
238 #define END_STREAM_REASON_CONNRESET 12
239 #define END_STREAM_REASON_TORPROTOCOL 13
240 #define END_STREAM_REASON_NOTDIRECTORY 14
241 #define END_STREAM_REASON_ENTRYPOLICY 15
242 
243 /* These high-numbered end reasons are not part of the official spec,
244  * and are not intended to be put in relay end cells. They are here
245  * to be more informative when sending back socks replies to the
246  * application. */
247 /* XXXX 256 is no longer used; feel free to reuse it. */
248 /** We were unable to attach the connection to any circuit at all. */
249 /* XXXX the ways we use this one don't make a lot of sense. */
250 #define END_STREAM_REASON_CANT_ATTACH 257
251 /** We can't connect to any directories at all, so we killed our streams
252  * before they can time out. */
253 #define END_STREAM_REASON_NET_UNREACHABLE 258
254 /** This is a SOCKS connection, and the client used (or misused) the SOCKS
255  * protocol in a way we couldn't handle. */
256 #define END_STREAM_REASON_SOCKSPROTOCOL 259
257 /** This is a transparent proxy connection, but we can't extract the original
258  * target address:port. */
259 #define END_STREAM_REASON_CANT_FETCH_ORIG_DEST 260
260 /** This is a connection on the NATD port, and the destination IP:Port was
261  * either ill-formed or out-of-range. */
262 #define END_STREAM_REASON_INVALID_NATD_DEST 261
263 /** The target address is in a private network (like 127.0.0.1 or 10.0.0.1);
264  * you don't want to do that over a randomly chosen exit */
265 #define END_STREAM_REASON_PRIVATE_ADDR 262
266 /** This is an HTTP tunnel connection and the client used or misused HTTP in a
267  * way we can't handle.
268  */
269 #define END_STREAM_REASON_HTTPPROTOCOL 263
270 
271 /** Bitwise-and this value with endreason to mask out all flags. */
272 #define END_STREAM_REASON_MASK 511
273 
274 /** Bitwise-or this with the argument to control_event_stream_status
275  * to indicate that the reason came from an END cell. */
276 #define END_STREAM_REASON_FLAG_REMOTE 512
277 /** Bitwise-or this with the argument to control_event_stream_status
278  * to indicate that we already sent a CLOSED stream event. */
279 #define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED 1024
280 /** Bitwise-or this with endreason to indicate that we already sent
281  * a socks reply, and no further reply needs to be sent from
282  * connection_mark_unattached_ap(). */
283 #define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED 2048
284 
285 /* 'type' values to use in RESOLVED cells. Specified in tor-spec.txt. */
286 #define RESOLVED_TYPE_HOSTNAME 0
287 #define RESOLVED_TYPE_IPV4 4
288 #define RESOLVED_TYPE_IPV6 6
289 #define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
290 #define RESOLVED_TYPE_ERROR 0xF1
291 
292 /* Negative reasons are internal: we never send them in a DESTROY or TRUNCATE
293  * call; they only go to the controller for tracking */
294 
295 /* Closing introduction point that were opened in parallel. */
296 #define END_CIRC_REASON_IP_NOW_REDUNDANT -4
297 
298 /** Our post-timeout circuit time measurement period expired.
299  * We must give up now */
300 #define END_CIRC_REASON_MEASUREMENT_EXPIRED -3
301 
302 /** We couldn't build a path for this circuit. */
303 #define END_CIRC_REASON_NOPATH -2
304 /** Catch-all "other" reason for closing origin circuits. */
305 #define END_CIRC_AT_ORIGIN -1
306 
307 /* Reasons why we (or a remote OR) might close a circuit. See tor-spec.txt
308  * section 5.4 for documentation of these. */
309 #define END_CIRC_REASON_MIN_ 0
310 #define END_CIRC_REASON_NONE 0
311 #define END_CIRC_REASON_TORPROTOCOL 1
312 #define END_CIRC_REASON_INTERNAL 2
313 #define END_CIRC_REASON_REQUESTED 3
314 #define END_CIRC_REASON_HIBERNATING 4
315 #define END_CIRC_REASON_RESOURCELIMIT 5
316 #define END_CIRC_REASON_CONNECTFAILED 6
317 #define END_CIRC_REASON_OR_IDENTITY 7
318 #define END_CIRC_REASON_CHANNEL_CLOSED 8
319 #define END_CIRC_REASON_FINISHED 9
320 #define END_CIRC_REASON_TIMEOUT 10
321 #define END_CIRC_REASON_DESTROYED 11
322 #define END_CIRC_REASON_NOSUCHSERVICE 12
323 #define END_CIRC_REASON_MAX_ 12
324 
325 /** Bitwise-OR this with the argument to circuit_mark_for_close() or
326  * control_event_circuit_status() to indicate that the reason was
327  * passed through from a destroy or truncate cell. */
328 #define END_CIRC_REASON_FLAG_REMOTE 512
329 
330 /** Length of 'y' portion of 'y.onion' URL. */
331 #define REND_SERVICE_ID_LEN_BASE32 16
332 
333 /** Length of 'y.onion' including '.onion' URL. */
334 #define REND_SERVICE_ADDRESS_LEN (16+1+5)
335 
336 /** Length of a binary-encoded rendezvous service ID. */
337 #define REND_SERVICE_ID_LEN 10
338 
339 /** Time period for which a v2 descriptor will be valid. */
340 #define REND_TIME_PERIOD_V2_DESC_VALIDITY (24*60*60)
341 
342 /** Time period within which two sets of v2 descriptors will be uploaded in
343  * parallel. */
344 #define REND_TIME_PERIOD_OVERLAPPING_V2_DESCS (60*60)
345 
346 /** Number of non-consecutive replicas (i.e. distributed somewhere
347  * in the ring) for a descriptor. */
348 #define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS 2
349 
350 /** Number of consecutive replicas for a descriptor. */
351 #define REND_NUMBER_OF_CONSECUTIVE_REPLICAS 3
352 
353 /** Length of v2 descriptor ID (32 base32 chars = 160 bits). */
354 #define REND_DESC_ID_V2_LEN_BASE32 BASE32_DIGEST_LEN
355 
356 /** Length of the base32-encoded secret ID part of versioned hidden service
357  * descriptors. */
358 #define REND_SECRET_ID_PART_LEN_BASE32 BASE32_DIGEST_LEN
359 
360 /** Length of the base32-encoded hash of an introduction point's
361  * identity key. */
362 #define REND_INTRO_POINT_ID_LEN_BASE32 BASE32_DIGEST_LEN
363 
364 /** Length of the descriptor cookie that is used for client authorization
365  * to hidden services. */
366 #define REND_DESC_COOKIE_LEN 16
367 
368 /** Length of the base64-encoded descriptor cookie that is used for
369  * exchanging client authorization between hidden service and client. */
370 #define REND_DESC_COOKIE_LEN_BASE64 22
371 
372 /** Length of client identifier in encrypted introduction points for hidden
373  * service authorization type 'basic'. */
374 #define REND_BASIC_AUTH_CLIENT_ID_LEN 4
375 
376 /** Multiple of the number of clients to which the real number of clients
377  * is padded with fake clients for hidden service authorization type
378  * 'basic'. */
379 #define REND_BASIC_AUTH_CLIENT_MULTIPLE 16
380 
381 /** Length of client entry consisting of client identifier and encrypted
382  * session key for hidden service authorization type 'basic'. */
383 #define REND_BASIC_AUTH_CLIENT_ENTRY_LEN (REND_BASIC_AUTH_CLIENT_ID_LEN \
384  + CIPHER_KEY_LEN)
385 
386 /** Maximum size of v2 hidden service descriptors. */
387 #define REND_DESC_MAX_SIZE (20 * 1024)
388 
389 /** Legal characters for use in authorized client names for a hidden
390  * service. */
391 #define REND_LEGAL_CLIENTNAME_CHARACTERS \
392  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"
393 
394 /** Maximum length of authorized client names for a hidden service. */
395 #define REND_CLIENTNAME_MAX_LEN 16
396 
397 /** Length of the rendezvous cookie that is used to connect circuits at the
398  * rendezvous point. */
399 #define REND_COOKIE_LEN DIGEST_LEN
400 
401 /** Client authorization type that a hidden service performs. */
402 typedef enum rend_auth_type_t {
403  REND_NO_AUTH = 0,
404  REND_BASIC_AUTH = 1,
405  REND_STEALTH_AUTH = 2,
407 
408 /** Client-side configuration of authorization for a hidden service. */
410  uint8_t descriptor_cookie[REND_DESC_COOKIE_LEN];
411  char onion_address[REND_SERVICE_ADDRESS_LEN+1];
412  rend_auth_type_t auth_type;
414 
415 /** Client- and server-side data that is used for hidden service connection
416  * establishment. Not all fields contain data depending on where this struct
417  * is used. */
418 typedef struct rend_data_t {
419  /* Hidden service protocol version of this base object. */
420  uint32_t version;
421 
422  /** List of HSDir fingerprints on which this request has been sent to. This
423  * contains binary identity digest of the directory of size DIGEST_LEN. */
425 
426  /** Rendezvous cookie used by both, client and service. */
428 
429  /** Number of streams associated with this rendezvous circuit. */
431 } rend_data_t;
432 
433 typedef struct rend_data_v2_t {
434  /* Rendezvous base data. */
435  rend_data_t base_;
436 
437  /** Onion address (without the .onion part) that a client requests. */
439 
440  /** Descriptor ID for each replicas computed from the onion address. If
441  * the onion address is empty, this array MUST be empty. We keep them so
442  * we know when to purge our entry in the last hsdir request table. */
444 
445  /** (Optional) descriptor cookie that is used by a client. */
447 
448  /** Authorization type for accessing a service used by a client. */
450 
451  /** Descriptor ID for a client request. The control port command HSFETCH
452  * uses this. It's set if the descriptor query should only use this
453  * descriptor ID. */
455 
456  /** Hash of the hidden service's PK used by a service. */
459 
460 /* From a base rend_data_t object <b>d</d>, return the v2 object. */
461 static inline
462 rend_data_v2_t *TO_REND_DATA_V2(const rend_data_t *d)
463 {
464  tor_assert(d);
465  tor_assert(d->version == 2);
466  return DOWNCAST(rend_data_v2_t, d);
467 }
468 
469 /* Stub because we can't include hs_ident.h. */
470 struct hs_ident_edge_conn_t;
471 struct hs_ident_dir_conn_t;
472 struct hs_ident_circuit_t;
473 
474 typedef struct hsdir_index_t hsdir_index_t;
475 
476 /** Time interval for tracking replays of DH public keys received in
477  * INTRODUCE2 cells. Used only to avoid launching multiple
478  * simultaneous attempts to connect to the same rendezvous point. */
479 #define REND_REPLAY_TIME_INTERVAL (5 * 60)
480 
481 /** Used to indicate which way a cell is going on a circuit. */
482 typedef enum {
483  CELL_DIRECTION_IN=1, /**< The cell is moving towards the origin. */
484  CELL_DIRECTION_OUT=2, /**< The cell is moving away from the origin. */
486 
487 /**
488  * An enum to allow us to specify which channel in a circuit
489  * we're interested in.
490  *
491  * This is needed because our data structures and other fields
492  * for channel delivery are disassociated from the channel.
493  */
494 typedef enum {
495  CIRCUIT_N_CHAN = 0,
496  CIRCUIT_P_CHAN = 1
498 
499 /** Initial value for both sides of a circuit transmission window when the
500  * circuit is initialized. Measured in cells. */
501 #define CIRCWINDOW_START 1000
502 #define CIRCWINDOW_START_MIN 100
503 #define CIRCWINDOW_START_MAX 1000
504 /** Amount to increment a circuit window when we get a circuit SENDME. */
505 #define CIRCWINDOW_INCREMENT 100
506 /** Initial value on both sides of a stream transmission window when the
507  * stream is initialized. Measured in cells. */
508 #define STREAMWINDOW_START 500
509 #define STREAMWINDOW_START_MAX 500
510 /** Amount to increment a stream window when we get a stream SENDME. */
511 #define STREAMWINDOW_INCREMENT 50
512 
513 /** Maximum number of queued cells on a circuit for which we are the
514  * midpoint before we give up and kill it. This must be >= circwindow
515  * to avoid killing innocent circuits, and >= circwindow*2 to give
516  * leaky-pipe a chance of working someday. The ORCIRC_MAX_MIDDLE_KILL_THRESH
517  * ratio controls the margin of error between emitting a warning and
518  * killing the circuit.
519  */
520 #define ORCIRC_MAX_MIDDLE_CELLS (CIRCWINDOW_START_MAX*2)
521 /** Ratio of hard (circuit kill) to soft (warning) thresholds for the
522  * ORCIRC_MAX_MIDDLE_CELLS tests.
523  */
524 #define ORCIRC_MAX_MIDDLE_KILL_THRESH (1.1f)
525 
526 /* Cell commands. These values are defined in tor-spec.txt. */
527 #define CELL_PADDING 0
528 #define CELL_CREATE 1
529 #define CELL_CREATED 2
530 #define CELL_RELAY 3
531 #define CELL_DESTROY 4
532 #define CELL_CREATE_FAST 5
533 #define CELL_CREATED_FAST 6
534 #define CELL_VERSIONS 7
535 #define CELL_NETINFO 8
536 #define CELL_RELAY_EARLY 9
537 #define CELL_CREATE2 10
538 #define CELL_CREATED2 11
539 #define CELL_PADDING_NEGOTIATE 12
540 
541 #define CELL_VPADDING 128
542 #define CELL_CERTS 129
543 #define CELL_AUTH_CHALLENGE 130
544 #define CELL_AUTHENTICATE 131
545 #define CELL_AUTHORIZE 132
546 #define CELL_COMMAND_MAX_ 132
547 
548 /** How long to test reachability before complaining to the user. */
549 #define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
550 
551 /** Legal characters in a nickname. */
552 #define LEGAL_NICKNAME_CHARACTERS \
553  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
554 
555 /** Name to use in client TLS certificates if no nickname is given. Once
556  * Tor 0.1.2.x is obsolete, we can remove this. */
557 #define DEFAULT_CLIENT_NICKNAME "client"
558 
559 /** Name chosen by routers that don't configure nicknames */
560 #define UNNAMED_ROUTER_NICKNAME "Unnamed"
561 
562 /** Number of bytes in a SOCKS4 header. */
563 #define SOCKS4_NETWORK_LEN 8
564 
565 /*
566  * Relay payload:
567  * Relay command [1 byte]
568  * Recognized [2 bytes]
569  * Stream ID [2 bytes]
570  * Partial SHA-1 [4 bytes]
571  * Length [2 bytes]
572  * Relay payload [498 bytes]
573  */
574 
575 /** Number of bytes in a cell, minus cell header. */
576 #define CELL_PAYLOAD_SIZE 509
577 /** Number of bytes in a cell transmitted over the network, in the longest
578  * form */
579 #define CELL_MAX_NETWORK_SIZE 514
580 
581 /** Maximum length of a header on a variable-length cell. */
582 #define VAR_CELL_MAX_HEADER_SIZE 7
583 
584 static int get_cell_network_size(int wide_circ_ids);
585 static inline int get_cell_network_size(int wide_circ_ids)
586 {
587  return wide_circ_ids ? CELL_MAX_NETWORK_SIZE : CELL_MAX_NETWORK_SIZE - 2;
588 }
589 static int get_var_cell_header_size(int wide_circ_ids);
590 static inline int get_var_cell_header_size(int wide_circ_ids)
591 {
592  return wide_circ_ids ? VAR_CELL_MAX_HEADER_SIZE :
594 }
595 static int get_circ_id_size(int wide_circ_ids);
596 static inline int get_circ_id_size(int wide_circ_ids)
597 {
598  return wide_circ_ids ? 4 : 2;
599 }
600 
601 /** Number of bytes in a relay cell's header (not including general cell
602  * header). */
603 #define RELAY_HEADER_SIZE (1+2+2+4+2)
604 /** Largest number of bytes that can fit in a relay cell payload. */
605 #define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
606 
607 /** Identifies a circuit on an or_connection */
608 typedef uint32_t circid_t;
609 /** Identifies a stream on a circuit */
610 typedef uint16_t streamid_t;
611 
612 /* channel_t typedef; struct channel_s is in channel.h */
613 
614 typedef struct channel_s channel_t;
615 
616 /* channel_listener_t typedef; struct channel_listener_s is in channel.h */
617 
618 typedef struct channel_listener_s channel_listener_t;
619 
620 /* TLS channel stuff */
621 
622 typedef struct channel_tls_s channel_tls_t;
623 
624 /* circuitmux_t typedef; struct circuitmux_s is in circuitmux.h */
625 
626 typedef struct circuitmux_s circuitmux_t;
627 
628 typedef struct cell_t cell_t;
629 typedef struct var_cell_t var_cell_t;
630 typedef struct packed_cell_t packed_cell_t;
631 typedef struct cell_queue_t cell_queue_t;
632 typedef struct destroy_cell_t destroy_cell_t;
634 typedef struct ext_or_cmd_t ext_or_cmd_t;
635 
636 /** Beginning of a RELAY cell payload. */
637 typedef struct {
638  uint8_t command; /**< The end-to-end relay command. */
639  uint16_t recognized; /**< Used to tell whether cell is for us. */
640  streamid_t stream_id; /**< Which stream is this cell associated with? */
641  char integrity[4]; /**< Used to tell whether cell is corrupted. */
642  uint16_t length; /**< How long is the payload body? */
644 
645 typedef struct socks_request_t socks_request_t;
646 typedef struct entry_port_cfg_t entry_port_cfg_t;
647 typedef struct server_port_cfg_t server_port_cfg_t;
648 
649 /** Minimum length of the random part of an AUTH_CHALLENGE cell. */
650 #define OR_AUTH_CHALLENGE_LEN 32
651 
652 /**
653  * @name Certificate types for CERTS cells.
654  *
655  * These values are defined by the protocol, and affect how an X509
656  * certificate in a CERTS cell is interpreted and used.
657  *
658  * @{ */
659 /** A certificate that authenticates a TLS link key. The subject key
660  * must match the key used in the TLS handshake; it must be signed by
661  * the identity key. */
662 #define OR_CERT_TYPE_TLS_LINK 1
663 /** A self-signed identity certificate. The subject key must be a
664  * 1024-bit RSA key. */
665 #define OR_CERT_TYPE_ID_1024 2
666 /** A certificate that authenticates a key used in an AUTHENTICATE cell
667  * in the v3 handshake. The subject key must be a 1024-bit RSA key; it
668  * must be signed by the identity key */
669 #define OR_CERT_TYPE_AUTH_1024 3
670 /* DOCDOC */
671 #define OR_CERT_TYPE_RSA_ED_CROSSCERT 7
672 /**@}*/
673 
674 /** The first supported type of AUTHENTICATE cell. It contains
675  * a bunch of structures signed with an RSA1024 key. The signed
676  * structures include a HMAC using negotiated TLS secrets, and a digest
677  * of all cells sent or received before the AUTHENTICATE cell (including
678  * the random server-generated AUTH_CHALLENGE cell).
679  */
680 #define AUTHTYPE_RSA_SHA256_TLSSECRET 1
681 /** As AUTHTYPE_RSA_SHA256_TLSSECRET, but instead of using the
682  * negotiated TLS secrets, uses exported keying material from the TLS
683  * session as described in RFC 5705.
684  *
685  * Not used by today's tors, since everything that supports this
686  * also supports ED25519_SHA256_5705, which is better.
687  **/
688 #define AUTHTYPE_RSA_SHA256_RFC5705 2
689 /** As AUTHTYPE_RSA_SHA256_RFC5705, but uses an Ed25519 identity key to
690  * authenticate. */
691 #define AUTHTYPE_ED25519_SHA256_RFC5705 3
692 /*
693  * NOTE: authchallenge_type_is_better() relies on these AUTHTYPE codes
694  * being sorted in order of preference. If we someday add one with
695  * a higher numerical value that we don't like as much, we should revise
696  * authchallenge_type_is_better().
697  */
698 
699 /** The length of the part of the AUTHENTICATE cell body that the client and
700  * server can generate independently (when using RSA_SHA256_TLSSECRET). It
701  * contains everything except the client's timestamp, the client's randomly
702  * generated nonce, and the signature. */
703 #define V3_AUTH_FIXED_PART_LEN (8+(32*6))
704 /** The length of the part of the AUTHENTICATE cell body that the client
705  * signs. */
706 #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16)
707 
710 
711 /** Length of Extended ORPort connection identifier. */
712 #define EXT_OR_CONN_ID_LEN DIGEST_LEN /* 20 */
713 /*
714  * OR_CONN_HIGHWATER and OR_CONN_LOWWATER moved from connection_or.c so
715  * channeltls.c can see them too.
716  */
717 
718 /** When adding cells to an OR connection's outbuf, keep adding until the
719  * outbuf is at least this long, or we run out of cells. */
720 #define OR_CONN_HIGHWATER (32*1024)
721 
722 /** Add cells to an OR connection's outbuf whenever the outbuf's data length
723  * drops below this size. */
724 #define OR_CONN_LOWWATER (16*1024)
725 
726 typedef struct connection_t connection_t;
728 typedef struct dir_connection_t dir_connection_t;
729 typedef struct edge_connection_t edge_connection_t;
732 typedef struct or_connection_t or_connection_t;
733 
734 /** Cast a connection_t subtype pointer to a connection_t **/
735 #define TO_CONN(c) (&(((c)->base_)))
736 
737 /** Cast a entry_connection_t subtype pointer to a connection_t **/
738 #define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
739 
740 typedef struct addr_policy_t addr_policy_t;
741 
742 typedef struct cached_dir_t cached_dir_t;
743 
744 /** Enum used to remember where a signed_descriptor_t is stored and how to
745  * manage the memory for signed_descriptor_body. */
746 typedef enum {
747  /** The descriptor isn't stored on disk at all: the copy in memory is
748  * canonical; the saved_offset field is meaningless. */
750  /** The descriptor is stored in the cached_routers file: the
751  * signed_descriptor_body is meaningless; the signed_descriptor_len and
752  * saved_offset are used to index into the mmaped cache file. */
754  /** The descriptor is stored in the cached_routers.new file: the
755  * signed_descriptor_body and saved_offset fields are both set. */
756  /* FFFF (We could also mmap the file and grow the mmap as needed, or
757  * lazy-load the descriptor text by using seek and read. We don't, for
758  * now.)
759  */
762 #define saved_location_bitfield_t ENUM_BF(saved_location_t)
763 
764 /** Enumeration: what directory object is being downloaded?
765  * This determines which schedule is selected to perform the download. */
766 typedef enum {
767  DL_SCHED_GENERIC = 0,
768  DL_SCHED_CONSENSUS = 1,
769  DL_SCHED_BRIDGE = 2,
771 #define download_schedule_bitfield_t ENUM_BF(download_schedule_t)
772 
773 /** Enumeration: is the download schedule for downloading from an authority,
774  * or from any available directory mirror?
775  * During bootstrap, "any" means a fallback (or an authority, if there
776  * are no fallbacks).
777  * When we have a valid consensus, "any" means any directory server. */
778 typedef enum {
779  DL_WANT_ANY_DIRSERVER = 0,
780  DL_WANT_AUTHORITY = 1,
782 #define download_want_authority_bitfield_t \
783  ENUM_BF(download_want_authority_t)
784 
785 /** Enumeration: do we want to increment the schedule position each time a
786  * connection is attempted (these attempts can be concurrent), or do we want
787  * to increment the schedule position after a connection fails? */
788 typedef enum {
789  DL_SCHED_INCREMENT_FAILURE = 0,
790  DL_SCHED_INCREMENT_ATTEMPT = 1,
792 #define download_schedule_increment_bitfield_t \
793  ENUM_BF(download_schedule_increment_t)
794 
795 typedef struct download_status_t download_status_t;
796 
797 /** If n_download_failures is this high, the download can never happen. */
798 #define IMPOSSIBLE_TO_DOWNLOAD 255
799 
800 /** The max size we expect router descriptor annotations we create to
801  * be. We'll accept larger ones if we see them on disk, but we won't
802  * create any that are larger than this. */
803 #define ROUTER_ANNOTATION_BUF_LEN 256
804 
806 
807 /** Flags used to summarize the declared protocol versions of a relay,
808  * so we don't need to parse them again and again. */
809 typedef struct protover_summary_flags_t {
810  /** True iff we have a proto line for this router, or a versions line
811  * from which we could infer the protocols. */
812  unsigned int protocols_known:1;
813 
814  /** True iff this router has a version or protocol list that allows it to
815  * accept EXTEND2 cells. This requires Relay=2. */
816  unsigned int supports_extend2_cells:1;
817 
818  /** True iff this router has a protocol list that allows it to negotiate
819  * ed25519 identity keys on a link handshake with us. This
820  * requires LinkAuth=3. */
822 
823  /** True iff this router has a protocol list that allows it to negotiate
824  * ed25519 identity keys on a link handshake, at all. This requires some
825  * LinkAuth=X for X >= 3. */
827 
828  /** True iff this router has a protocol list that allows it to be an
829  * introduction point supporting ed25519 authentication key which is part of
830  * the v3 protocol detailed in proposal 224. This requires HSIntro=4. */
831  unsigned int supports_ed25519_hs_intro : 1;
832 
833  /** True iff this router has a protocol list that allows it to be an hidden
834  * service directory supporting version 3 as seen in proposal 224. This
835  * requires HSDir=2. */
836  unsigned int supports_v3_hsdir : 1;
837 
838  /** True iff this router has a protocol list that allows it to be an hidden
839  * service rendezvous point supporting version 3 as seen in proposal 224.
840  * This requires HSRend=2. */
842 
843  /** True iff this router has a protocol list that allows clients to
844  * negotiate hs circuit setup padding. Requires Padding>=2. */
845  unsigned int supports_hs_setup_padding : 1;
846 
847  /** True iff this router has a protocol list that allows it to support the
848  * ESTABLISH_INTRO DoS cell extension. Requires HSIntro>=5. */
851 
852 typedef struct routerinfo_t routerinfo_t;
853 typedef struct extrainfo_t extrainfo_t;
854 typedef struct routerstatus_t routerstatus_t;
855 
856 typedef struct microdesc_t microdesc_t;
857 typedef struct node_t node_t;
863 
864 /** Enumerates recognized flavors of a consensus networkstatus document. All
865  * flavors of a consensus are generated from the same set of votes, but they
866  * present different types information to different versions of Tor. */
867 typedef enum {
868  FLAV_NS = 0,
869  FLAV_MICRODESC = 1,
871 
872 /** How many different consensus flavors are there? */
873 #define N_CONSENSUS_FLAVORS ((int)(FLAV_MICRODESC)+1)
874 
875 typedef struct networkstatus_t networkstatus_t;
877 typedef struct desc_store_t desc_store_t;
878 typedef struct routerlist_t routerlist_t;
879 typedef struct extend_info_t extend_info_t;
880 typedef struct authority_cert_t authority_cert_t;
881 
882 /** Bitfield enum type listing types of information that directory authorities
883  * can be authoritative about, and that directory caches may or may not cache.
884  *
885  * Note that the granularity here is based on authority granularity and on
886  * cache capabilities. Thus, one particular bit may correspond in practice to
887  * a few types of directory info, so long as every authority that pronounces
888  * officially about one of the types prounounces officially about all of them,
889  * and so long as every cache that caches one of them caches all of them.
890  */
891 typedef enum {
892  NO_DIRINFO = 0,
893  /** Serves/signs v3 directory information: votes, consensuses, certs */
894  V3_DIRINFO = 1 << 2,
895  /** Serves bridge descriptors. */
896  BRIDGE_DIRINFO = 1 << 4,
897  /** Serves extrainfo documents. */
899  /** Serves microdescriptors. */
902 
903 #define ALL_DIRINFO ((dirinfo_type_t)((1<<7)-1))
904 
905 #define ONION_HANDSHAKE_TYPE_TAP 0x0000
906 #define ONION_HANDSHAKE_TYPE_FAST 0x0001
907 #define ONION_HANDSHAKE_TYPE_NTOR 0x0002
908 #define MAX_ONION_HANDSHAKE_TYPE 0x0002
909 
911 typedef struct relay_crypto_t relay_crypto_t;
912 typedef struct crypt_path_t crypt_path_t;
914 
915 #define CPATH_KEY_MATERIAL_LEN (20*2+16*2)
916 
918 
919 struct create_cell_t;
920 
921 /** Entry in the cell stats list of a circuit; used only if CELL_STATS
922  * events are enabled. */
924  uint8_t command; /**< cell command number. */
925  /** Waiting time in centiseconds if this event is for a removed cell,
926  * or 0 if this event is for adding a cell to the queue. 22 bits can
927  * store more than 11 hours, enough to assume that a circuit with this
928  * delay would long have been closed. */
929  unsigned int waiting_time:22;
930  unsigned int removed:1; /**< 0 for added to, 1 for removed from queue. */
931  unsigned int exitward:1; /**< 0 for app-ward, 1 for exit-ward. */
933 
934 typedef struct circuit_t circuit_t;
935 typedef struct origin_circuit_t origin_circuit_t;
936 typedef struct or_circuit_t or_circuit_t;
937 
938 /** Largest number of relay_early cells that we can send on a given
939  * circuit. */
940 #define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT 8
941 
942 typedef enum path_state_t path_state_t;
943 #define path_state_bitfield_t ENUM_BF(path_state_t)
944 
945 #if REND_COOKIE_LEN != DIGEST_LEN
946 #error "The REND_TOKEN_LEN macro assumes REND_COOKIE_LEN == DIGEST_LEN"
947 #endif
948 #define REND_TOKEN_LEN DIGEST_LEN
949 
950 /** Convert a circuit subtype to a circuit_t. */
951 #define TO_CIRCUIT(x) (&((x)->base_))
952 
953 /** @name Isolation flags
954 
955  Ways to isolate client streams
956 
957  @{
958 */
959 /** Isolate based on destination port */
960 #define ISO_DESTPORT (1u<<0)
961 /** Isolate based on destination address */
962 #define ISO_DESTADDR (1u<<1)
963 /** Isolate based on SOCKS authentication */
964 #define ISO_SOCKSAUTH (1u<<2)
965 /** Isolate based on client protocol choice */
966 #define ISO_CLIENTPROTO (1u<<3)
967 /** Isolate based on client address */
968 #define ISO_CLIENTADDR (1u<<4)
969 /** Isolate based on session group (always on). */
970 #define ISO_SESSIONGRP (1u<<5)
971 /** Isolate based on newnym epoch (always on). */
972 #define ISO_NYM_EPOCH (1u<<6)
973 /** Isolate all streams (Internal only). */
974 #define ISO_STREAM (1u<<7)
975 /**@}*/
976 
977 /** Default isolation level for ports. */
978 #define ISO_DEFAULT (ISO_CLIENTADDR|ISO_SOCKSAUTH|ISO_SESSIONGRP|ISO_NYM_EPOCH)
979 
980 /** Indicates that we haven't yet set a session group on a port_cfg_t. */
981 #define SESSION_GROUP_UNSET -1
982 /** Session group reserved for directory connections */
983 #define SESSION_GROUP_DIRCONN -2
984 /** Session group reserved for resolve requests launched by a controller */
985 #define SESSION_GROUP_CONTROL_RESOLVE -3
986 /** First automatically allocated session group number */
987 #define SESSION_GROUP_FIRST_AUTO -4
988 
989 typedef struct port_cfg_t port_cfg_t;
990 typedef struct routerset_t routerset_t;
991 
992 /** A magic value for the (Socks|OR|...)Port options below, telling Tor
993  * to pick its own port. */
994 #define CFG_AUTO_PORT 0xc4005e
995 
996 typedef struct or_options_t or_options_t;
997 
998 #define LOG_PROTOCOL_WARN (get_protocol_warning_severity_level())
999 
1000 typedef struct or_state_t or_state_t;
1001 
1002 #define MAX_SOCKS_ADDR_LEN 256
1003 
1004 /********************************* circuitbuild.c **********************/
1005 
1006 /** How many hops does a general-purpose circuit have by default? */
1007 #define DEFAULT_ROUTE_LEN 3
1008 
1009 /* Circuit Build Timeout "public" structures. */
1010 
1011 /** Precision multiplier for the Bw weights */
1012 #define BW_WEIGHT_SCALE 10000
1013 #define BW_MIN_WEIGHT_SCALE 1
1014 #define BW_MAX_WEIGHT_SCALE INT32_MAX
1015 
1016 typedef struct circuit_build_times_s circuit_build_times_t;
1017 
1018 /********************************* config.c ***************************/
1019 
1020 /********************************* connection_edge.c *************************/
1021 
1022 /** Enumerates possible origins of a client-side address mapping. */
1023 typedef enum {
1024  /** We're remapping this address because the controller told us to. */
1026  /** We're remapping this address because of an AutomapHostsOnResolve
1027  * configuration. */
1029  /** We're remapping this address because our configuration (via torrc, the
1030  * command line, or a SETCONF command) told us to. */
1032  /** We're remapping this address because we have TrackHostExit configured,
1033  * and we want to remember to use the same exit next time. */
1035  /** We're remapping this address because we got a DNS resolution from a
1036  * Tor server that told us what its value was. */
1038 
1039  /** No remapping has occurred. This isn't a possible value for an
1040  * addrmap_entry_t; it's used as a null value when we need to answer "Why
1041  * did this remapping happen." */
1044 #define addressmap_entry_source_bitfield_t ENUM_BF(addressmap_entry_source_t)
1045 
1046 #define WRITE_STATS_INTERVAL (24*60*60)
1047 
1048 /********************************* dirvote.c ************************/
1049 
1050 typedef struct vote_timing_t vote_timing_t;
1051 
1052 /********************************* microdesc.c *************************/
1053 
1054 typedef struct microdesc_cache_t microdesc_cache_t;
1055 
1056 /********************************* rendcommon.c ***************************/
1057 
1061 
1062 /** The maximum number of non-circuit-build-timeout failures a hidden
1063  * service client will tolerate while trying to build a circuit to an
1064  * introduction point. See also rend_intro_point_t.unreachable_count. */
1065 #define MAX_INTRO_POINT_REACHABILITY_FAILURES 5
1066 
1067 /** The minimum and maximum number of distinct INTRODUCE2 cells which a
1068  * hidden service's introduction point will receive before it begins to
1069  * expire. */
1070 #define INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS 16384
1071 /* Double the minimum value so the interval is [min, min * 2]. */
1072 #define INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS \
1073  (INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS * 2)
1074 
1075 /** The minimum number of seconds that an introduction point will last
1076  * before expiring due to old age. (If it receives
1077  * INTRO_POINT_LIFETIME_INTRODUCTIONS INTRODUCE2 cells, it may expire
1078  * sooner.)
1079  *
1080  * XXX Should this be configurable? */
1081 #define INTRO_POINT_LIFETIME_MIN_SECONDS (18*60*60)
1082 /** The maximum number of seconds that an introduction point will last
1083  * before expiring due to old age.
1084  *
1085  * XXX Should this be configurable? */
1086 #define INTRO_POINT_LIFETIME_MAX_SECONDS (24*60*60)
1087 
1088 /** The maximum number of circuit creation retry we do to an intro point
1089  * before giving up. We try to reuse intro point that fails during their
1090  * lifetime so this is a hard limit on the amount of time we do that. */
1091 #define MAX_INTRO_POINT_CIRCUIT_RETRIES 3
1092 
1093 typedef struct rend_intro_point_t rend_intro_point_t;
1095 
1096 /********************************* routerlist.c ***************************/
1097 
1098 typedef struct dir_server_t dir_server_t;
1099 
1100 #define RELAY_REQUIRED_MIN_BANDWIDTH (75*1024)
1101 #define BRIDGE_REQUIRED_MIN_BANDWIDTH (50*1024)
1102 
1103 #define ROUTER_MAX_DECLARED_BANDWIDTH INT32_MAX
1104 
1105 typedef struct tor_version_t tor_version_t;
1106 
1107 #endif /* !defined(TOR_OR_H) */
Configuration structure for client ports.
unsigned int supports_hs_setup_padding
Definition: or.h:845
Definition: node_st.h:33
Header for printf.c.
Header for smartlist.c.
Headers for di_ops.c.
Header for cstring.c.
download_want_authority_t
Definition: or.h:778
Summarize similar messages that would otherwise flood the logs.
char descriptor_cookie[REND_DESC_COOKIE_LEN]
Definition: or.h:446
Definitions for timing-related constants.
Headers for crypto_cipher.c.
unsigned int removed
Definition: or.h:930
Definition: cell_st.h:17
Macro definitions for MIN, MAX, and CLAMP.
#define DOWNCAST(to, ptr)
Definition: or.h:110
Functions and types for monotonic times.
streamid_t stream_id
Definition: or.h:640
unsigned int supports_v3_hsdir
Definition: or.h:836
Headers for crypto_rsa.c.
#define tor_assert(expr)
Definition: util_bug.h:102
path_state_t
char rend_pk_digest[DIGEST_LEN]
Definition: or.h:457
Country type for geoip.
unsigned int supports_extend2_cells
Definition: or.h:816
Header for mmap.c.
addressmap_entry_source_t
Definition: or.h:1023
char desc_id_fetch[DIGEST_LEN]
Definition: or.h:454
Header for time_fmt.c.
Header for util_string.c.
Header for inaddr.c.
dirinfo_type_t
Definition: or.h:891
Integer definitions used throughout Tor.
Headers for util_malloc.c.
Definition: or.h:923
saved_location_t
Definition: or.h:746
rend_auth_type_t
Definition: or.h:402
cell_direction_t
Definition: or.h:482
Header for threads.c.
Declarations for timeval-related macros that some platforms are missing.
uint8_t command
Definition: or.h:924
unsigned int supports_ed25519_hs_intro
Definition: or.h:831
#define DIGEST_LEN
Definition: digest_sizes.h:20
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:826
Utility macros to handle different features and behavior in different compilers.
Headers for address.h.
Definitions for sizes of Diffie-Hellman groups elements in Z_p.
unsigned int protocols_known
Definition: or.h:812
uint16_t streamid_t
Definition: or.h:610
unsigned int supports_establish_intro_dos_extension
Definition: or.h:849
Header for binascii.c.
Header for approx_time.c.
int nr_streams
Definition: or.h:430
Header for scanf.c.
#define CELL_MAX_NETWORK_SIZE
Definition: or.h:579
unsigned int supports_v3_rendezvous_point
Definition: or.h:841
#define VAR_CELL_MAX_HEADER_SIZE
Definition: or.h:582
#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS
Definition: or.h:348
char descriptor_id[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS][DIGEST_LEN]
Definition: or.h:443
smartlist_t * hsdirs_fp
Definition: or.h:424
Header for path.c.
Header for muldiv.c.
#define REND_SERVICE_ID_LEN_BASE32
Definition: or.h:331
Macros for comparing the boolean value of integers.
download_schedule_t
Definition: or.h:766
char rend_cookie[REND_COOKIE_LEN]
Definition: or.h:427
Locale-independent character-type inspection (header)
Inline functions for reading and writing multibyte values from the middle of strings,...
uint16_t length
Definition: or.h:642
consensus_flavor_t
Definition: or.h:867
uint32_t circid_t
Definition: or.h:608
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:821
char onion_address[REND_SERVICE_ID_LEN_BASE32+1]
Definition: or.h:438
Header for bits.c.
Headers for map.c.
Header for addsub.c.
Macros to implement mocking and selective exposure for the test code.
Header for compat_string.c.
Definition: or.h:894
Header for escape.c.
Wrappers for reading and writing data to files on disk.
Headers for torerr.c.
uint16_t recognized
Definition: or.h:639
Header file for buffers.c.
#define REND_COOKIE_LEN
Definition: or.h:399
#define REND_SERVICE_ADDRESS_LEN
Definition: or.h:334
Header for socket.c.
circuit_channel_direction_t
Definition: or.h:494
unsigned int exitward
Definition: or.h:931
Header for userdb.c.
Macros to manage assertions, fatal and non-fatal.
Header for parse_int.c.
#define REND_DESC_COOKIE_LEN
Definition: or.h:366
download_schedule_increment_t
Definition: or.h:788
uint8_t command
Definition: or.h:638
rend_auth_type_t auth_type
Definition: or.h:449
Header for dir.c.
unsigned int waiting_time
Definition: or.h:929