Tor  0.4.7.0-alpha-dev
or.h
Go to the documentation of this file.
1 /* Copyright (c) 2001 Matej Pfajfar.
2  * Copyright (c) 2001-2004, Roger Dingledine.
3  * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
4  * Copyright (c) 2007-2021, The Tor Project, Inc. */
5 /* See LICENSE for licensing information */
6 
7 /**
8  * \file or.h
9  * \brief Master header file for Tor-specific functionality.
10  **/
11 
12 #ifndef TOR_OR_H
13 #define TOR_OR_H
14 
15 #include "orconfig.h"
16 #include "lib/cc/torint.h"
17 
18 #ifdef HAVE_SIGNAL_H
19 #include <signal.h>
20 #endif
21 #ifdef HAVE_TIME_H
22 #include <time.h>
23 #endif
24 
25 #include "lib/arch/bytes.h"
26 #include "lib/cc/compat_compiler.h"
27 #include "lib/container/map.h"
28 #include "lib/buf/buffers.h"
32 #include "lib/ctime/di_ops.h"
33 #include "lib/defs/dh_sizes.h"
34 #include "lib/encoding/binascii.h"
35 #include "lib/encoding/cstring.h"
36 #include "lib/encoding/time_fmt.h"
37 #include "lib/err/torerr.h"
38 #include "lib/fs/dir.h"
39 #include "lib/fs/files.h"
40 #include "lib/fs/mmap.h"
41 #include "lib/fs/path.h"
42 #include "lib/fs/userdb.h"
43 #include "lib/geoip/country.h"
44 #include "lib/intmath/addsub.h"
45 #include "lib/intmath/bits.h"
46 #include "lib/intmath/cmp.h"
47 #include "lib/intmath/logic.h"
48 #include "lib/intmath/muldiv.h"
49 #include "lib/log/escape.h"
50 #include "lib/log/ratelim.h"
51 #include "lib/log/util_bug.h"
52 #include "lib/malloc/malloc.h"
53 #include "lib/net/address.h"
54 #include "lib/net/inaddr.h"
55 #include "lib/net/socket.h"
58 #include "lib/string/parse_int.h"
59 #include "lib/string/printf.h"
60 #include "lib/string/scanf.h"
61 #include "lib/string/util_string.h"
63 #include "lib/thread/threads.h"
64 #include "lib/time/compat_time.h"
66 #include "lib/wallclock/timeval.h"
67 
68 #include "ht.h"
69 
70 // These, more than other includes, are for keeping the other struct
71 // definitions working. We should remove them when we minimize our includes.
73 
76 
77 /* These signals are defined to help handle_control_signal work.
78  */
79 #ifndef SIGHUP
80 #define SIGHUP 1
81 #endif
82 #ifndef SIGINT
83 #define SIGINT 2
84 #endif
85 #ifndef SIGUSR1
86 #define SIGUSR1 10
87 #endif
88 #ifndef SIGUSR2
89 #define SIGUSR2 12
90 #endif
91 #ifndef SIGTERM
92 #define SIGTERM 15
93 #endif
94 /* Controller signals start at a high number so we don't
95  * conflict with system-defined signals. */
96 #define SIGNEWNYM 129
97 #define SIGCLEARDNSCACHE 130
98 #define SIGHEARTBEAT 131
99 #define SIGACTIVE 132
100 #define SIGDORMANT 133
101 
102 #if (SIZEOF_CELL_T != 0)
103 /* On Irix, stdlib.h defines a cell_t type, so we need to make sure
104  * that our stuff always calls cell_t something different. */
105 #define cell_t tor_cell_t
106 #endif
107 
108 /** Helper macro: Given a pointer to to.base_, of type from*, return &to. */
109 #define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_))
110 
111 /** Length of longest allowable configured nickname. */
112 #define MAX_NICKNAME_LEN 19
113 /** Length of a router identity encoded as a hexadecimal digest, plus
114  * possible dollar sign. */
115 #define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
116 /** Maximum length of verbose router identifier: dollar sign, hex ID digest,
117  * equal sign or tilde, nickname. */
118 #define MAX_VERBOSE_NICKNAME_LEN (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)
119 
120 /** For HTTP parsing: Maximum number of bytes we'll accept in the headers
121  * of an HTTP request or response. */
122 #define MAX_HEADERS_SIZE 50000
123 
124 /** Maximum size, in bytes, of a single router descriptor uploaded to us
125  * as a directory authority. Caches and clients fetch whatever descriptors
126  * the authorities tell them to fetch, and don't care about size. */
127 #define MAX_DESCRIPTOR_UPLOAD_SIZE 20000
128 
129 /** Maximum size of a single extrainfo document, as above. */
130 #define MAX_EXTRAINFO_UPLOAD_SIZE 50000
131 
132 /** Minimum lifetime for an onion key in days. */
133 #define MIN_ONION_KEY_LIFETIME_DAYS (1)
134 
135 /** Maximum lifetime for an onion key in days. */
136 #define MAX_ONION_KEY_LIFETIME_DAYS (90)
137 
138 /** Default lifetime for an onion key in days. */
139 #define DEFAULT_ONION_KEY_LIFETIME_DAYS (28)
140 
141 /** Minimum grace period for acceptance of an onion key in days.
142  * The maximum value is defined in proposal #274 as being the current network
143  * consensus parameter for "onion-key-rotation-days". */
144 #define MIN_ONION_KEY_GRACE_PERIOD_DAYS (1)
145 
146 /** Default grace period for acceptance of an onion key in days. */
147 #define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS (7)
148 
149 /** How often we should check the network consensus if it is time to rotate or
150  * expire onion keys. */
151 #define ONION_KEY_CONSENSUS_CHECK_INTERVAL (60*60)
152 
153 /** How often do we rotate TLS contexts? */
154 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
155 
156 /** How old do we allow a router to get before removing it
157  * from the router list? In seconds. */
158 #define ROUTER_MAX_AGE (60*60*48)
159 /** How old can a router get before we (as a server) will no longer
160  * consider it live? In seconds. */
161 #define ROUTER_MAX_AGE_TO_PUBLISH (60*60*24)
162 /** How old do we let a saved descriptor get before force-removing it? */
163 #define OLD_ROUTER_DESC_MAX_AGE (60*60*24*5)
164 
165 /* Proxy client types */
166 #define PROXY_NONE 0
167 #define PROXY_CONNECT 1
168 #define PROXY_SOCKS4 2
169 #define PROXY_SOCKS5 3
170 #define PROXY_HAPROXY 4
171 /* !!!! If there is ever a PROXY_* type over 7, we must grow the proxy_type
172  * field in or_connection_t */
173 
174 /* Pluggable transport proxy type. Don't use this in or_connection_t,
175  * instead use the actual underlying proxy type (see above). */
176 #define PROXY_PLUGGABLE 5
177 
178 /** How many circuits do we want simultaneously in-progress to handle
179  * a given stream? */
180 #define MIN_CIRCUITS_HANDLING_STREAM 2
181 
182 /* These RELAY_COMMAND constants define values for relay cell commands, and
183 * must match those defined in tor-spec.txt. */
184 #define RELAY_COMMAND_BEGIN 1
185 #define RELAY_COMMAND_DATA 2
186 #define RELAY_COMMAND_END 3
187 #define RELAY_COMMAND_CONNECTED 4
188 #define RELAY_COMMAND_SENDME 5
189 #define RELAY_COMMAND_EXTEND 6
190 #define RELAY_COMMAND_EXTENDED 7
191 #define RELAY_COMMAND_TRUNCATE 8
192 #define RELAY_COMMAND_TRUNCATED 9
193 #define RELAY_COMMAND_DROP 10
194 #define RELAY_COMMAND_RESOLVE 11
195 #define RELAY_COMMAND_RESOLVED 12
196 #define RELAY_COMMAND_BEGIN_DIR 13
197 #define RELAY_COMMAND_EXTEND2 14
198 #define RELAY_COMMAND_EXTENDED2 15
199 
200 #define RELAY_COMMAND_ESTABLISH_INTRO 32
201 #define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
202 #define RELAY_COMMAND_INTRODUCE1 34
203 #define RELAY_COMMAND_INTRODUCE2 35
204 #define RELAY_COMMAND_RENDEZVOUS1 36
205 #define RELAY_COMMAND_RENDEZVOUS2 37
206 #define RELAY_COMMAND_INTRO_ESTABLISHED 38
207 #define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
208 #define RELAY_COMMAND_INTRODUCE_ACK 40
209 
210 #define RELAY_COMMAND_PADDING_NEGOTIATE 41
211 #define RELAY_COMMAND_PADDING_NEGOTIATED 42
212 
213 /* Reasons why an OR connection is closed. */
214 #define END_OR_CONN_REASON_DONE 1
215 #define END_OR_CONN_REASON_REFUSED 2 /* connection refused */
216 #define END_OR_CONN_REASON_OR_IDENTITY 3
217 #define END_OR_CONN_REASON_CONNRESET 4 /* connection reset by peer */
218 #define END_OR_CONN_REASON_TIMEOUT 5
219 #define END_OR_CONN_REASON_NO_ROUTE 6 /* no route to host/net */
220 #define END_OR_CONN_REASON_IO_ERROR 7 /* read/write error */
221 #define END_OR_CONN_REASON_RESOURCE_LIMIT 8 /* sockets, buffers, etc */
222 #define END_OR_CONN_REASON_PT_MISSING 9 /* PT failed or not available */
223 #define END_OR_CONN_REASON_TLS_ERROR 10 /* Problem in TLS protocol */
224 #define END_OR_CONN_REASON_MISC 11
225 
226 /* Reasons why we (or a remote OR) might close a stream. See tor-spec.txt for
227  * documentation of these. The values must match. */
228 #define END_STREAM_REASON_MISC 1
229 #define END_STREAM_REASON_RESOLVEFAILED 2
230 #define END_STREAM_REASON_CONNECTREFUSED 3
231 #define END_STREAM_REASON_EXITPOLICY 4
232 #define END_STREAM_REASON_DESTROY 5
233 #define END_STREAM_REASON_DONE 6
234 #define END_STREAM_REASON_TIMEOUT 7
235 #define END_STREAM_REASON_NOROUTE 8
236 #define END_STREAM_REASON_HIBERNATING 9
237 #define END_STREAM_REASON_INTERNAL 10
238 #define END_STREAM_REASON_RESOURCELIMIT 11
239 #define END_STREAM_REASON_CONNRESET 12
240 #define END_STREAM_REASON_TORPROTOCOL 13
241 #define END_STREAM_REASON_NOTDIRECTORY 14
242 #define END_STREAM_REASON_ENTRYPOLICY 15
243 
244 /* These high-numbered end reasons are not part of the official spec,
245  * and are not intended to be put in relay end cells. They are here
246  * to be more informative when sending back socks replies to the
247  * application. */
248 /* XXXX 256 is no longer used; feel free to reuse it. */
249 /** We were unable to attach the connection to any circuit at all. */
250 /* XXXX the ways we use this one don't make a lot of sense. */
251 #define END_STREAM_REASON_CANT_ATTACH 257
252 /** We can't connect to any directories at all, so we killed our streams
253  * before they can time out. */
254 #define END_STREAM_REASON_NET_UNREACHABLE 258
255 /** This is a SOCKS connection, and the client used (or misused) the SOCKS
256  * protocol in a way we couldn't handle. */
257 #define END_STREAM_REASON_SOCKSPROTOCOL 259
258 /** This is a transparent proxy connection, but we can't extract the original
259  * target address:port. */
260 #define END_STREAM_REASON_CANT_FETCH_ORIG_DEST 260
261 /** This is a connection on the NATD port, and the destination IP:Port was
262  * either ill-formed or out-of-range. */
263 #define END_STREAM_REASON_INVALID_NATD_DEST 261
264 /** The target address is in a private network (like 127.0.0.1 or 10.0.0.1);
265  * you don't want to do that over a randomly chosen exit */
266 #define END_STREAM_REASON_PRIVATE_ADDR 262
267 /** This is an HTTP tunnel connection and the client used or misused HTTP in a
268  * way we can't handle.
269  */
270 #define END_STREAM_REASON_HTTPPROTOCOL 263
271 
272 /** Bitwise-and this value with endreason to mask out all flags. */
273 #define END_STREAM_REASON_MASK 511
274 
275 /** Bitwise-or this with the argument to control_event_stream_status
276  * to indicate that the reason came from an END cell. */
277 #define END_STREAM_REASON_FLAG_REMOTE 512
278 /** Bitwise-or this with the argument to control_event_stream_status
279  * to indicate that we already sent a CLOSED stream event. */
280 #define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED 1024
281 /** Bitwise-or this with endreason to indicate that we already sent
282  * a socks reply, and no further reply needs to be sent from
283  * connection_mark_unattached_ap(). */
284 #define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED 2048
285 
286 /* 'type' values to use in RESOLVED cells. Specified in tor-spec.txt. */
287 #define RESOLVED_TYPE_HOSTNAME 0
288 #define RESOLVED_TYPE_IPV4 4
289 #define RESOLVED_TYPE_IPV6 6
290 #define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
291 #define RESOLVED_TYPE_ERROR 0xF1
292 
293 /* Negative reasons are internal: we never send them in a DESTROY or TRUNCATE
294  * call; they only go to the controller for tracking */
295 
296 /* Closing introduction point that were opened in parallel. */
297 #define END_CIRC_REASON_IP_NOW_REDUNDANT -4
298 
299 /** Our post-timeout circuit time measurement period expired.
300  * We must give up now */
301 #define END_CIRC_REASON_MEASUREMENT_EXPIRED -3
302 
303 /** We couldn't build a path for this circuit. */
304 #define END_CIRC_REASON_NOPATH -2
305 /** Catch-all "other" reason for closing origin circuits. */
306 #define END_CIRC_AT_ORIGIN -1
307 
308 /* Reasons why we (or a remote OR) might close a circuit. See tor-spec.txt
309  * section 5.4 for documentation of these. */
310 #define END_CIRC_REASON_MIN_ 0
311 #define END_CIRC_REASON_NONE 0
312 #define END_CIRC_REASON_TORPROTOCOL 1
313 #define END_CIRC_REASON_INTERNAL 2
314 #define END_CIRC_REASON_REQUESTED 3
315 #define END_CIRC_REASON_HIBERNATING 4
316 #define END_CIRC_REASON_RESOURCELIMIT 5
317 #define END_CIRC_REASON_CONNECTFAILED 6
318 #define END_CIRC_REASON_OR_IDENTITY 7
319 #define END_CIRC_REASON_CHANNEL_CLOSED 8
320 #define END_CIRC_REASON_FINISHED 9
321 #define END_CIRC_REASON_TIMEOUT 10
322 #define END_CIRC_REASON_DESTROYED 11
323 #define END_CIRC_REASON_NOSUCHSERVICE 12
324 #define END_CIRC_REASON_MAX_ 12
325 
326 /** Bitwise-OR this with the argument to circuit_mark_for_close() or
327  * control_event_circuit_status() to indicate that the reason was
328  * passed through from a destroy or truncate cell. */
329 #define END_CIRC_REASON_FLAG_REMOTE 512
330 
331 /** Length of v2 descriptor ID (32 base32 chars = 160 bits).
332  *
333  * XXX: It is still used by v3 code but should be renamed or maybe removed. */
334 #define REND_DESC_ID_V2_LEN_BASE32 BASE32_DIGEST_LEN
335 
336 /** Maximum length of authorized client names for a hidden service. */
337 #define REND_CLIENTNAME_MAX_LEN 16
338 
339 /** Length of the rendezvous cookie that is used to connect circuits at the
340  * rendezvous point. */
341 #define REND_COOKIE_LEN DIGEST_LEN
342 
343 /** Client authorization type that a hidden service performs. */
344 typedef enum rend_auth_type_t {
345  REND_NO_AUTH = 0,
346  REND_V3_AUTH = 1, /* Dummy flag to allow adding v3 services on the
347  * control port */
349 
350 /* Stub because we can't include hs_ident.h. */
351 struct hs_ident_edge_conn_t;
352 struct hs_ident_dir_conn_t;
353 struct hs_ident_circuit_t;
354 
355 typedef struct hsdir_index_t hsdir_index_t;
356 
357 /** Time interval for tracking replays of DH public keys received in
358  * INTRODUCE2 cells. Used only to avoid launching multiple
359  * simultaneous attempts to connect to the same rendezvous point. */
360 #define REND_REPLAY_TIME_INTERVAL (5 * 60)
361 
362 /** Used to indicate which way a cell is going on a circuit. */
363 typedef enum {
364  CELL_DIRECTION_IN=1, /**< The cell is moving towards the origin. */
365  CELL_DIRECTION_OUT=2, /**< The cell is moving away from the origin. */
367 
368 /**
369  * An enum to allow us to specify which channel in a circuit
370  * we're interested in.
371  *
372  * This is needed because our data structures and other fields
373  * for channel delivery are disassociated from the channel.
374  */
375 typedef enum {
376  CIRCUIT_N_CHAN = 0,
377  CIRCUIT_P_CHAN = 1
379 
380 /** Initial value for both sides of a circuit transmission window when the
381  * circuit is initialized. Measured in cells. */
382 #define CIRCWINDOW_START 1000
383 #define CIRCWINDOW_START_MIN 100
384 #define CIRCWINDOW_START_MAX 1000
385 /** Amount to increment a circuit window when we get a circuit SENDME. */
386 #define CIRCWINDOW_INCREMENT 100
387 /** Initial value on both sides of a stream transmission window when the
388  * stream is initialized. Measured in cells. */
389 #define STREAMWINDOW_START 500
390 #define STREAMWINDOW_START_MAX 500
391 /** Amount to increment a stream window when we get a stream SENDME. */
392 #define STREAMWINDOW_INCREMENT 50
393 
394 /** Maximum number of queued cells on a circuit for which we are the
395  * midpoint before we give up and kill it. This must be >= circwindow
396  * to avoid killing innocent circuits, and >= circwindow*2 to give
397  * leaky-pipe a chance of working someday. The ORCIRC_MAX_MIDDLE_KILL_THRESH
398  * ratio controls the margin of error between emitting a warning and
399  * killing the circuit.
400  */
401 #define ORCIRC_MAX_MIDDLE_CELLS (CIRCWINDOW_START_MAX*2)
402 /** Ratio of hard (circuit kill) to soft (warning) thresholds for the
403  * ORCIRC_MAX_MIDDLE_CELLS tests.
404  */
405 #define ORCIRC_MAX_MIDDLE_KILL_THRESH (1.1f)
406 
407 /* Cell commands. These values are defined in tor-spec.txt. */
408 #define CELL_PADDING 0
409 #define CELL_CREATE 1
410 #define CELL_CREATED 2
411 #define CELL_RELAY 3
412 #define CELL_DESTROY 4
413 #define CELL_CREATE_FAST 5
414 #define CELL_CREATED_FAST 6
415 #define CELL_VERSIONS 7
416 #define CELL_NETINFO 8
417 #define CELL_RELAY_EARLY 9
418 #define CELL_CREATE2 10
419 #define CELL_CREATED2 11
420 #define CELL_PADDING_NEGOTIATE 12
421 
422 #define CELL_VPADDING 128
423 #define CELL_CERTS 129
424 #define CELL_AUTH_CHALLENGE 130
425 #define CELL_AUTHENTICATE 131
426 #define CELL_AUTHORIZE 132
427 #define CELL_COMMAND_MAX_ 132
428 
429 /** How long to test reachability before complaining to the user. */
430 #define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
431 
432 /** Legal characters in a nickname. */
433 #define LEGAL_NICKNAME_CHARACTERS \
434  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
435 
436 /** Name to use in client TLS certificates if no nickname is given. Once
437  * Tor 0.1.2.x is obsolete, we can remove this. */
438 #define DEFAULT_CLIENT_NICKNAME "client"
439 
440 /** Name chosen by routers that don't configure nicknames */
441 #define UNNAMED_ROUTER_NICKNAME "Unnamed"
442 
443 /** Number of bytes in a SOCKS4 header. */
444 #define SOCKS4_NETWORK_LEN 8
445 
446 /*
447  * Relay payload:
448  * Relay command [1 byte]
449  * Recognized [2 bytes]
450  * Stream ID [2 bytes]
451  * Partial SHA-1 [4 bytes]
452  * Length [2 bytes]
453  * Relay payload [498 bytes]
454  */
455 
456 /** Number of bytes in a cell, minus cell header. */
457 #define CELL_PAYLOAD_SIZE 509
458 /** Number of bytes in a cell transmitted over the network, in the longest
459  * form */
460 #define CELL_MAX_NETWORK_SIZE 514
461 
462 /** Maximum length of a header on a variable-length cell. */
463 #define VAR_CELL_MAX_HEADER_SIZE 7
464 
465 static int get_cell_network_size(int wide_circ_ids);
466 static inline int get_cell_network_size(int wide_circ_ids)
467 {
468  return wide_circ_ids ? CELL_MAX_NETWORK_SIZE : CELL_MAX_NETWORK_SIZE - 2;
469 }
470 static int get_var_cell_header_size(int wide_circ_ids);
471 static inline int get_var_cell_header_size(int wide_circ_ids)
472 {
473  return wide_circ_ids ? VAR_CELL_MAX_HEADER_SIZE :
475 }
476 static int get_circ_id_size(int wide_circ_ids);
477 static inline int get_circ_id_size(int wide_circ_ids)
478 {
479  return wide_circ_ids ? 4 : 2;
480 }
481 
482 /** Number of bytes in a relay cell's header (not including general cell
483  * header). */
484 #define RELAY_HEADER_SIZE (1+2+2+4+2)
485 /** Largest number of bytes that can fit in a relay cell payload. */
486 #define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
487 
488 /** Identifies a circuit on an or_connection */
489 typedef uint32_t circid_t;
490 /** Identifies a stream on a circuit */
491 typedef uint16_t streamid_t;
492 
493 /* channel_t typedef; struct channel_t is in channel.h */
494 
495 typedef struct channel_t channel_t;
496 
497 /* channel_listener_t typedef; struct channel_listener_t is in channel.h */
498 
500 
501 /* TLS channel stuff */
502 
503 typedef struct channel_tls_t channel_tls_t;
504 
505 /* circuitmux_t typedef; struct circuitmux_t is in circuitmux.h */
506 
507 typedef struct circuitmux_t circuitmux_t;
508 
509 typedef struct cell_t cell_t;
510 typedef struct var_cell_t var_cell_t;
511 typedef struct packed_cell_t packed_cell_t;
512 typedef struct cell_queue_t cell_queue_t;
513 typedef struct destroy_cell_t destroy_cell_t;
515 typedef struct ext_or_cmd_t ext_or_cmd_t;
516 
517 /** Beginning of a RELAY cell payload. */
518 typedef struct {
519  uint8_t command; /**< The end-to-end relay command. */
520  uint16_t recognized; /**< Used to tell whether cell is for us. */
521  streamid_t stream_id; /**< Which stream is this cell associated with? */
522  char integrity[4]; /**< Used to tell whether cell is corrupted. */
523  uint16_t length; /**< How long is the payload body? */
525 
526 typedef struct socks_request_t socks_request_t;
527 typedef struct entry_port_cfg_t entry_port_cfg_t;
528 typedef struct server_port_cfg_t server_port_cfg_t;
529 
530 /** Minimum length of the random part of an AUTH_CHALLENGE cell. */
531 #define OR_AUTH_CHALLENGE_LEN 32
532 
533 /**
534  * @name Certificate types for CERTS cells.
535  *
536  * These values are defined by the protocol, and affect how an X509
537  * certificate in a CERTS cell is interpreted and used.
538  *
539  * @{ */
540 /** A certificate that authenticates a TLS link key. The subject key
541  * must match the key used in the TLS handshake; it must be signed by
542  * the identity key. */
543 #define OR_CERT_TYPE_TLS_LINK 1
544 /** A self-signed identity certificate. The subject key must be a
545  * 1024-bit RSA key. */
546 #define OR_CERT_TYPE_ID_1024 2
547 /** A certificate that authenticates a key used in an AUTHENTICATE cell
548  * in the v3 handshake. The subject key must be a 1024-bit RSA key; it
549  * must be signed by the identity key */
550 #define OR_CERT_TYPE_AUTH_1024 3
551 /* DOCDOC */
552 #define OR_CERT_TYPE_RSA_ED_CROSSCERT 7
553 /**@}*/
554 
555 /** The first supported type of AUTHENTICATE cell. It contains
556  * a bunch of structures signed with an RSA1024 key. The signed
557  * structures include a HMAC using negotiated TLS secrets, and a digest
558  * of all cells sent or received before the AUTHENTICATE cell (including
559  * the random server-generated AUTH_CHALLENGE cell).
560  */
561 #define AUTHTYPE_RSA_SHA256_TLSSECRET 1
562 /** As AUTHTYPE_RSA_SHA256_TLSSECRET, but instead of using the
563  * negotiated TLS secrets, uses exported keying material from the TLS
564  * session as described in RFC 5705.
565  *
566  * Not used by today's tors, since everything that supports this
567  * also supports ED25519_SHA256_5705, which is better.
568  **/
569 #define AUTHTYPE_RSA_SHA256_RFC5705 2
570 /** As AUTHTYPE_RSA_SHA256_RFC5705, but uses an Ed25519 identity key to
571  * authenticate. */
572 #define AUTHTYPE_ED25519_SHA256_RFC5705 3
573 /*
574  * NOTE: authchallenge_type_is_better() relies on these AUTHTYPE codes
575  * being sorted in order of preference. If we someday add one with
576  * a higher numerical value that we don't like as much, we should revise
577  * authchallenge_type_is_better().
578  */
579 
580 /** The length of the part of the AUTHENTICATE cell body that the client and
581  * server can generate independently (when using RSA_SHA256_TLSSECRET). It
582  * contains everything except the client's timestamp, the client's randomly
583  * generated nonce, and the signature. */
584 #define V3_AUTH_FIXED_PART_LEN (8+(32*6))
585 /** The length of the part of the AUTHENTICATE cell body that the client
586  * signs. */
587 #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16)
588 
591 
592 /** Length of Extended ORPort connection identifier. */
593 #define EXT_OR_CONN_ID_LEN DIGEST_LEN /* 20 */
594 /*
595  * OR_CONN_HIGHWATER and OR_CONN_LOWWATER moved from connection_or.c so
596  * channeltls.c can see them too.
597  */
598 
599 /** When adding cells to an OR connection's outbuf, keep adding until the
600  * outbuf is at least this long, or we run out of cells. */
601 #define OR_CONN_HIGHWATER (32*1024)
602 
603 /** Add cells to an OR connection's outbuf whenever the outbuf's data length
604  * drops below this size. */
605 #define OR_CONN_LOWWATER (16*1024)
606 
607 typedef struct connection_t connection_t;
609 typedef struct dir_connection_t dir_connection_t;
610 typedef struct edge_connection_t edge_connection_t;
613 typedef struct or_connection_t or_connection_t;
614 
615 /** Cast a connection_t subtype pointer to a connection_t **/
616 #define TO_CONN(c) (&(((c)->base_)))
617 
618 /** Cast a entry_connection_t subtype pointer to a connection_t **/
619 #define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
620 
621 typedef struct addr_policy_t addr_policy_t;
622 
623 typedef struct cached_dir_t cached_dir_t;
624 
625 /** Enum used to remember where a signed_descriptor_t is stored and how to
626  * manage the memory for signed_descriptor_body. */
627 typedef enum {
628  /** The descriptor isn't stored on disk at all: the copy in memory is
629  * canonical; the saved_offset field is meaningless. */
631  /** The descriptor is stored in the cached_routers file: the
632  * signed_descriptor_body is meaningless; the signed_descriptor_len and
633  * saved_offset are used to index into the mmaped cache file. */
635  /** The descriptor is stored in the cached_routers.new file: the
636  * signed_descriptor_body and saved_offset fields are both set. */
637  /* FFFF (We could also mmap the file and grow the mmap as needed, or
638  * lazy-load the descriptor text by using seek and read. We don't, for
639  * now.)
640  */
643 #define saved_location_bitfield_t ENUM_BF(saved_location_t)
644 
645 /** Enumeration: what directory object is being downloaded?
646  * This determines which schedule is selected to perform the download. */
647 typedef enum {
648  DL_SCHED_GENERIC = 0,
649  DL_SCHED_CONSENSUS = 1,
650  DL_SCHED_BRIDGE = 2,
652 #define download_schedule_bitfield_t ENUM_BF(download_schedule_t)
653 
654 /** Enumeration: is the download schedule for downloading from an authority,
655  * or from any available directory mirror?
656  * During bootstrap, "any" means a fallback (or an authority, if there
657  * are no fallbacks).
658  * When we have a valid consensus, "any" means any directory server. */
659 typedef enum {
660  DL_WANT_ANY_DIRSERVER = 0,
661  DL_WANT_AUTHORITY = 1,
663 #define download_want_authority_bitfield_t \
664  ENUM_BF(download_want_authority_t)
665 
666 /** Enumeration: do we want to increment the schedule position each time a
667  * connection is attempted (these attempts can be concurrent), or do we want
668  * to increment the schedule position after a connection fails? */
669 typedef enum {
670  DL_SCHED_INCREMENT_FAILURE = 0,
671  DL_SCHED_INCREMENT_ATTEMPT = 1,
673 #define download_schedule_increment_bitfield_t \
674  ENUM_BF(download_schedule_increment_t)
675 
676 typedef struct download_status_t download_status_t;
677 
678 /** If n_download_failures is this high, the download can never happen. */
679 #define IMPOSSIBLE_TO_DOWNLOAD 255
680 
681 /** The max size we expect router descriptor annotations we create to
682  * be. We'll accept larger ones if we see them on disk, but we won't
683  * create any that are larger than this. */
684 #define ROUTER_ANNOTATION_BUF_LEN 256
685 
687 
688 /** Flags used to summarize the declared protocol versions of a relay,
689  * so we don't need to parse them again and again. */
690 typedef struct protover_summary_flags_t {
691  /** True iff we have a proto line for this router, or a versions line
692  * from which we could infer the protocols. */
693  unsigned int protocols_known:1;
694 
695  /** True iff this router has a version or protocol list that allows it to
696  * accept EXTEND2 cells. This requires Relay=2. */
697  unsigned int supports_extend2_cells:1;
698 
699  /** True iff this router has a version or protocol list that allows it to
700  * accept IPv6 connections. This requires Relay=2 or Relay=3. */
702 
703  /** True iff this router has a version or protocol list that allows it to
704  * initiate IPv6 connections. This requires Relay=3. */
706 
707  /** True iff this router has a version or protocol list that allows it to
708  * consider IPv6 connections canonical. This requires Relay=3. */
710 
711  /** True iff this router has a protocol list that allows it to negotiate
712  * ed25519 identity keys on a link handshake with us. This
713  * requires LinkAuth=3. */
715 
716  /** True iff this router has a protocol list that allows it to negotiate
717  * ed25519 identity keys on a link handshake, at all. This requires some
718  * LinkAuth=X for X >= 3. */
720 
721  /** True iff this router has a protocol list that allows it to be an
722  * introduction point supporting ed25519 authentication key which is part of
723  * the v3 protocol detailed in proposal 224. This requires HSIntro=4. */
724  unsigned int supports_ed25519_hs_intro : 1;
725 
726  /** True iff this router has a protocol list that allows it to support the
727  * ESTABLISH_INTRO DoS cell extension. Requires HSIntro=5. */
729 
730  /** True iff this router has a protocol list that allows it to be an hidden
731  * service directory supporting version 3 as seen in proposal 224. This
732  * requires HSDir=2. */
733  unsigned int supports_v3_hsdir : 1;
734 
735  /** True iff this router has a protocol list that allows it to be an hidden
736  * service rendezvous point supporting version 3 as seen in proposal 224.
737  * This requires HSRend=2. */
739 
740  /** True iff this router has a protocol list that allows clients to
741  * negotiate hs circuit setup padding. Requires Padding=2. */
742  unsigned int supports_hs_setup_padding : 1;
743 
745 
746 typedef struct routerinfo_t routerinfo_t;
747 typedef struct extrainfo_t extrainfo_t;
748 typedef struct routerstatus_t routerstatus_t;
749 
750 typedef struct microdesc_t microdesc_t;
751 typedef struct node_t node_t;
757 
758 /** Enumerates recognized flavors of a consensus networkstatus document. All
759  * flavors of a consensus are generated from the same set of votes, but they
760  * present different types information to different versions of Tor. */
761 typedef enum {
762  FLAV_NS = 0,
763  FLAV_MICRODESC = 1,
765 
766 /** How many different consensus flavors are there? */
767 #define N_CONSENSUS_FLAVORS ((int)(FLAV_MICRODESC)+1)
768 
769 typedef struct networkstatus_t networkstatus_t;
771 typedef struct desc_store_t desc_store_t;
772 typedef struct routerlist_t routerlist_t;
773 typedef struct extend_info_t extend_info_t;
774 typedef struct authority_cert_t authority_cert_t;
775 
776 /** Bitfield enum type listing types of information that directory authorities
777  * can be authoritative about, and that directory caches may or may not cache.
778  *
779  * Note that the granularity here is based on authority granularity and on
780  * cache capabilities. Thus, one particular bit may correspond in practice to
781  * a few types of directory info, so long as every authority that pronounces
782  * officially about one of the types prounounces officially about all of them,
783  * and so long as every cache that caches one of them caches all of them.
784  */
785 typedef enum {
786  NO_DIRINFO = 0,
787  /** Serves/signs v3 directory information: votes, consensuses, certs */
788  V3_DIRINFO = 1 << 2,
789  /** Serves bridge descriptors. */
790  BRIDGE_DIRINFO = 1 << 4,
791  /** Serves extrainfo documents. */
793  /** Serves microdescriptors. */
796 
797 #define ALL_DIRINFO ((dirinfo_type_t)((1<<7)-1))
798 
799 #define ONION_HANDSHAKE_TYPE_TAP 0x0000
800 #define ONION_HANDSHAKE_TYPE_FAST 0x0001
801 #define ONION_HANDSHAKE_TYPE_NTOR 0x0002
802 #define MAX_ONION_HANDSHAKE_TYPE 0x0002
803 
805 typedef struct relay_crypto_t relay_crypto_t;
806 typedef struct crypt_path_t crypt_path_t;
808 
809 #define CPATH_KEY_MATERIAL_LEN (20*2+16*2)
810 
812 
813 struct create_cell_t;
814 
815 /** Entry in the cell stats list of a circuit; used only if CELL_STATS
816  * events are enabled. */
818  uint8_t command; /**< cell command number. */
819  /** Waiting time in centiseconds if this event is for a removed cell,
820  * or 0 if this event is for adding a cell to the queue. 22 bits can
821  * store more than 11 hours, enough to assume that a circuit with this
822  * delay would long have been closed. */
823  unsigned int waiting_time:22;
824  unsigned int removed:1; /**< 0 for added to, 1 for removed from queue. */
825  unsigned int exitward:1; /**< 0 for app-ward, 1 for exit-ward. */
827 
828 typedef struct circuit_t circuit_t;
829 typedef struct origin_circuit_t origin_circuit_t;
830 typedef struct or_circuit_t or_circuit_t;
831 
832 /** Largest number of relay_early cells that we can send on a given
833  * circuit. */
834 #define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT 8
835 
836 typedef enum path_state_t path_state_t;
837 #define path_state_bitfield_t ENUM_BF(path_state_t)
838 
839 #if REND_COOKIE_LEN != DIGEST_LEN
840 #error "The REND_TOKEN_LEN macro assumes REND_COOKIE_LEN == DIGEST_LEN"
841 #endif
842 #define REND_TOKEN_LEN DIGEST_LEN
843 
844 /** Convert a circuit subtype to a circuit_t. */
845 #define TO_CIRCUIT(x) (&((x)->base_))
846 
847 /** @name Isolation flags
848 
849  Ways to isolate client streams
850 
851  @{
852 */
853 /** Isolate based on destination port */
854 #define ISO_DESTPORT (1u<<0)
855 /** Isolate based on destination address */
856 #define ISO_DESTADDR (1u<<1)
857 /** Isolate based on SOCKS authentication */
858 #define ISO_SOCKSAUTH (1u<<2)
859 /** Isolate based on client protocol choice */
860 #define ISO_CLIENTPROTO (1u<<3)
861 /** Isolate based on client address */
862 #define ISO_CLIENTADDR (1u<<4)
863 /** Isolate based on session group (always on). */
864 #define ISO_SESSIONGRP (1u<<5)
865 /** Isolate based on newnym epoch (always on). */
866 #define ISO_NYM_EPOCH (1u<<6)
867 /** Isolate all streams (Internal only). */
868 #define ISO_STREAM (1u<<7)
869 /**@}*/
870 
871 /** Default isolation level for ports. */
872 #define ISO_DEFAULT (ISO_CLIENTADDR|ISO_SOCKSAUTH|ISO_SESSIONGRP|ISO_NYM_EPOCH)
873 
874 /** Indicates that we haven't yet set a session group on a port_cfg_t. */
875 #define SESSION_GROUP_UNSET -1
876 /** Session group reserved for directory connections */
877 #define SESSION_GROUP_DIRCONN -2
878 /** Session group reserved for resolve requests launched by a controller */
879 #define SESSION_GROUP_CONTROL_RESOLVE -3
880 /** First automatically allocated session group number */
881 #define SESSION_GROUP_FIRST_AUTO -4
882 
883 typedef struct port_cfg_t port_cfg_t;
884 typedef struct routerset_t routerset_t;
885 
886 /** A magic value for the (Socks|OR|...)Port options below, telling Tor
887  * to pick its own port. */
888 #define CFG_AUTO_PORT 0xc4005e
889 
890 typedef struct or_options_t or_options_t;
891 
892 typedef struct or_state_t or_state_t;
893 
894 #define MAX_SOCKS_ADDR_LEN 256
895 
896 /********************************* circuitbuild.c **********************/
897 
898 /** How many hops does a general-purpose circuit have by default? */
899 #define DEFAULT_ROUTE_LEN 3
900 
901 /* Circuit Build Timeout "public" structures. */
902 
903 /** Precision multiplier for the Bw weights */
904 #define BW_WEIGHT_SCALE 10000
905 #define BW_MIN_WEIGHT_SCALE 1
906 #define BW_MAX_WEIGHT_SCALE INT32_MAX
907 
909 
910 /********************************* config.c ***************************/
911 
912 /********************************* connection_edge.c *************************/
913 
914 /** Enumerates possible origins of a client-side address mapping. */
915 typedef enum {
916  /** We're remapping this address because the controller told us to. */
918  /** We're remapping this address because of an AutomapHostsOnResolve
919  * configuration. */
921  /** We're remapping this address because our configuration (via torrc, the
922  * command line, or a SETCONF command) told us to. */
924  /** We're remapping this address because we have TrackHostExit configured,
925  * and we want to remember to use the same exit next time. */
927  /** We're remapping this address because we got a DNS resolution from a
928  * Tor server that told us what its value was. */
930 
931  /** No remapping has occurred. This isn't a possible value for an
932  * addrmap_entry_t; it's used as a null value when we need to answer "Why
933  * did this remapping happen." */
936 #define addressmap_entry_source_bitfield_t ENUM_BF(addressmap_entry_source_t)
937 
938 #define WRITE_STATS_INTERVAL (24*60*60)
939 
940 /********************************* dirvote.c ************************/
941 
942 typedef struct vote_timing_t vote_timing_t;
943 
944 /********************************* microdesc.c *************************/
945 
946 typedef struct microdesc_cache_t microdesc_cache_t;
947 
948 /** The maximum number of non-circuit-build-timeout failures a hidden
949  * service client will tolerate while trying to build a circuit to an
950  * introduction point. */
951 #define MAX_INTRO_POINT_REACHABILITY_FAILURES 5
952 
953 /** The minimum and maximum number of distinct INTRODUCE2 cells which a
954  * hidden service's introduction point will receive before it begins to
955  * expire. */
956 #define INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS 16384
957 /* Double the minimum value so the interval is [min, min * 2]. */
958 #define INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS \
959  (INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS * 2)
960 
961 /** The minimum number of seconds that an introduction point will last
962  * before expiring due to old age. (If it receives
963  * INTRO_POINT_LIFETIME_INTRODUCTIONS INTRODUCE2 cells, it may expire
964  * sooner.)
965  *
966  * XXX Should this be configurable? */
967 #define INTRO_POINT_LIFETIME_MIN_SECONDS (18*60*60)
968 /** The maximum number of seconds that an introduction point will last
969  * before expiring due to old age.
970  *
971  * XXX Should this be configurable? */
972 #define INTRO_POINT_LIFETIME_MAX_SECONDS (24*60*60)
973 
974 /** The maximum number of circuit creation retry we do to an intro point
975  * before giving up. We try to reuse intro point that fails during their
976  * lifetime so this is a hard limit on the amount of time we do that. */
977 #define MAX_INTRO_POINT_CIRCUIT_RETRIES 3
978 
979 /********************************* routerlist.c ***************************/
980 
981 typedef struct dir_server_t dir_server_t;
982 
983 #define RELAY_REQUIRED_MIN_BANDWIDTH (75*1024)
984 #define BRIDGE_REQUIRED_MIN_BANDWIDTH (50*1024)
985 
986 #define ROUTER_MAX_DECLARED_BANDWIDTH INT32_MAX
987 
988 typedef struct tor_version_t tor_version_t;
989 
990 #endif /* !defined(TOR_OR_H) */
crypt_path_reference_t
Definition: crypt_path_reference_st.h:19
CELL_MAX_NETWORK_SIZE
#define CELL_MAX_NETWORK_SIZE
Definition: or.h:460
microdesc_t
Definition: microdesc_st.h:27
path.h
Header for path.c.
routerinfo_t
Definition: routerinfo_st.h:20
testing_cell_stats_entry_t
Definition: or.h:817
protover_summary_flags_t::supports_accepting_ipv6_extends
unsigned int supports_accepting_ipv6_extends
Definition: or.h:701
ADDRMAPSRC_DNS
@ ADDRMAPSRC_DNS
Definition: or.h:929
or_state_t
Definition: or_state_st.h:21
inaddr.h
Header for inaddr.c.
protover_summary_flags_t
Definition: or.h:690
addsub.h
Header for addsub.c.
smartlist.h
Header for smartlist.c.
dh_sizes.h
Definitions for sizes of Diffie-Hellman groups elements in Z_p.
extrainfo_t
Definition: extrainfo_st.h:18
addressmap_entry_source_t
addressmap_entry_source_t
Definition: or.h:915
vote_microdesc_hash_t
Definition: vote_microdesc_hash_st.h:18
cmp.h
Macro definitions for MIN, MAX, and CLAMP.
ADDRMAPSRC_AUTOMAP
@ ADDRMAPSRC_AUTOMAP
Definition: or.h:920
download_schedule_increment_t
download_schedule_increment_t
Definition: or.h:669
parse_int.h
Header for parse_int.c.
protover_summary_flags_t::supports_initiating_ipv6_extends
unsigned int supports_initiating_ipv6_extends
Definition: or.h:705
relay_header_t::command
uint8_t command
Definition: or.h:519
desc_store_t
Definition: desc_store_st.h:23
download_want_authority_t
download_want_authority_t
Definition: or.h:659
compat_string.h
Header for compat_string.c.
protover_summary_flags_t::supports_v3_hsdir
unsigned int supports_v3_hsdir
Definition: or.h:733
create_cell_t
Definition: onion.h:24
rend_auth_type_t
rend_auth_type_t
Definition: or.h:344
threads.h
Header for threads.c.
cell_direction_t
cell_direction_t
Definition: or.h:363
ADDRMAPSRC_TORRC
@ ADDRMAPSRC_TORRC
Definition: or.h:923
testing_cell_stats_entry_t::command
uint8_t command
Definition: or.h:818
escape.h
Header for escape.c.
destroy_cell_queue_t
Definition: destroy_cell_queue_st.h:27
torint.h
Integer definitions used throughout Tor.
routerstatus_t
Definition: routerstatus_st.h:19
server_port_cfg_t
Definition: server_port_cfg_st.h:15
compat_time.h
Functions and types for monotonic times.
protover_summary_flags_t::supports_ed25519_link_handshake_any
unsigned int supports_ed25519_link_handshake_any
Definition: or.h:719
tor_version_t
Definition: tor_version_st.h:21
ratelim.h
Summarize similar messages that would otherwise flood the logs.
relay_crypto_t
Definition: relay_crypto_st.h:19
util_bug.h
Macros to manage assertions, fatal and non-fatal.
or_connection_t
Definition: or_connection_st.h:22
approx_time.h
Header for approx_time.c.
crypt_path_t
Definition: crypt_path_st.h:47
circuit_channel_direction_t
circuit_channel_direction_t
Definition: or.h:375
listener_connection_t
Definition: listener_connection_st.h:18
crypto_rsa.h
Headers for crypto_rsa.c.
protover_summary_flags_t::supports_canonical_ipv6_conns
unsigned int supports_canonical_ipv6_conns
Definition: or.h:709
addr_policy_t
Definition: addr_policy_st.h:26
cell_t
Definition: cell_st.h:17
protover_summary_flags_t::supports_ed25519_hs_intro
unsigned int supports_ed25519_hs_intro
Definition: or.h:724
relay_header_t::stream_id
streamid_t stream_id
Definition: or.h:521
consensus_flavor_t
consensus_flavor_t
Definition: or.h:761
CELL_DIRECTION_OUT
@ CELL_DIRECTION_OUT
Definition: or.h:365
bits.h
Header for bits.c.
document_signature_t
Definition: document_signature_st.h:16
country.h
Country type for geoip.
packed_cell_t
Definition: cell_queue_st.h:18
address.h
Headers for address.h.
circuit_build_times_t
Definition: circuitstats.h:178
routerlist_t
Definition: routerlist_st.h:18
muldiv.h
Header for muldiv.c.
socks_request_t
Definition: socks_request_st.h:37
MICRODESC_DIRINFO
@ MICRODESC_DIRINFO
Definition: or.h:794
ext_or_cmd_t
Definition: proto_ext_or.h:18
node_t
Definition: node_st.h:34
origin_circuit_t
Definition: origin_circuit_st.h:79
printf.h
Header for printf.c.
protover_summary_flags_t::supports_extend2_cells
unsigned int supports_extend2_cells
Definition: or.h:697
vote_routerstatus_t
Definition: vote_routerstatus_st.h:18
VAR_CELL_MAX_HEADER_SIZE
#define VAR_CELL_MAX_HEADER_SIZE
Definition: or.h:463
ed25519_public_key_t
Definition: crypto_ed25519.h:23
path_state_t
path_state_t
Definition: origin_circuit_st.h:36
vote_timing_t
Definition: vote_timing_st.h:16
SAVED_IN_JOURNAL
@ SAVED_IN_JOURNAL
Definition: or.h:641
download_status_t
Definition: download_status_st.h:41
time.h
Definitions for timing-related constants.
port_cfg_t
Definition: port_cfg_st.h:19
networkstatus_sr_info_t
Definition: networkstatus_sr_info_st.h:15
circuit_t
Definition: circuit_st.h:61
hs_ident_dir_conn_t
Definition: hs_ident.h:87
binascii.h
Header for binascii.c.
networkstatus_voter_info_t
Definition: networkstatus_voter_info_st.h:16
cell_queue_t
Definition: cell_queue_st.h:28
scanf.h
Header for scanf.c.
dir_server_t
Definition: dir_server_st.h:21
buffers.h
Header file for buffers.c.
cached_dir_t
Definition: cached_dir_st.h:17
saved_location_t
saved_location_t
Definition: or.h:627
malloc.h
Headers for util_malloc.c.
authority_cert_t
Definition: authority_cert_st.h:19
channel_t
Definition: channel.h:181
timeval.h
Declarations for timeval-related macros that some platforms are missing.
EXTRAINFO_DIRINFO
@ EXTRAINFO_DIRINFO
Definition: or.h:792
protover_summary_flags_t::supports_establish_intro_dos_extension
unsigned int supports_establish_intro_dos_extension
Definition: or.h:728
map.h
Headers for map.c.
protover_summary_flags_t::protocols_known
unsigned int protocols_known
Definition: or.h:693
connection_t
Definition: connection_st.h:45
download_schedule_t
download_schedule_t
Definition: or.h:647
protover_summary_flags_t::supports_ed25519_link_handshake_compat
unsigned int supports_ed25519_link_handshake_compat
Definition: or.h:714
di_ops.h
Headers for di_ops.c.
relay_header_t::length
uint16_t length
Definition: or.h:523
time_fmt.h
Header for time_fmt.c.
hsdir_index_t
Definition: hsdir_index_st.h:17
SAVED_IN_CACHE
@ SAVED_IN_CACHE
Definition: or.h:634
mmap.h
Header for mmap.c.
protover_summary_flags_t::supports_v3_rendezvous_point
unsigned int supports_v3_rendezvous_point
Definition: or.h:738
entry_port_cfg_st.h
Configuration structure for client ports.
curve25519_public_key_t
Definition: crypto_curve25519.h:24
userdb.h
Header for userdb.c.
ADDRMAPSRC_NONE
@ ADDRMAPSRC_NONE
Definition: or.h:934
crypto_cipher.h
Headers for crypto_cipher.c.
relay_header_t
Definition: or.h:518
ADDRMAPSRC_CONTROLLER
@ ADDRMAPSRC_CONTROLLER
Definition: or.h:917
V3_DIRINFO
@ V3_DIRINFO
Definition: or.h:788
destroy_cell_t
Definition: destroy_cell_queue_st.h:18
or_handshake_state_t
Definition: or_handshake_state_st.h:18
hs_ident_circuit_t
Definition: hs_ident.h:42
dirinfo_type_t
dirinfo_type_t
Definition: or.h:785
channel_listener_t
Definition: channel.h:461
testsupport.h
Macros to implement mocking and selective exposure for the test code.
ADDRMAPSRC_TRACKEXIT
@ ADDRMAPSRC_TRACKEXIT
Definition: or.h:926
logic.h
Macros for comparing the boolean value of integers.
microdesc_cache_t
Definition: microdesc.c:48
relay_header_t::recognized
uint16_t recognized
Definition: or.h:520
control_connection_t
Definition: control_connection_st.h:19
edge_connection_t
Definition: edge_connection_st.h:21
streamid_t
uint16_t streamid_t
Definition: or.h:491
socket.h
Header for socket.c.
bytes.h
Inline functions for reading and writing multibyte values from the middle of strings,...
or_handshake_certs_t
Definition: or_handshake_certs_st.h:19
or_circuit_t
Definition: or_circuit_st.h:21
cpath_build_state_t
Definition: cpath_build_state_st.h:16
protover_summary_flags_t::supports_hs_setup_padding
unsigned int supports_hs_setup_padding
Definition: or.h:742
hs_ident_edge_conn_t
Definition: hs_ident.h:103
BRIDGE_DIRINFO
@ BRIDGE_DIRINFO
Definition: or.h:790
testing_cell_stats_entry_t::exitward
unsigned int exitward
Definition: or.h:825
files.h
Wrappers for reading and writing data to files on disk.
signed_descriptor_t
Definition: signed_descriptor_st.h:18
entry_port_cfg_t
Definition: entry_port_cfg_st.h:18
or_options_t
Definition: or_options_st.h:64
onion_handshake_state_t
Definition: crypt_path_st.h:23
dir_connection_t
Definition: dir_connection_st.h:21
ns_detached_signatures_t
Definition: ns_detached_signatures_st.h:17
var_cell_t
Definition: var_cell_st.h:16
entry_connection_t
Definition: entry_connection_st.h:19
dir.h
Header for dir.c.
torerr.h
Headers for torerr.c.
networkstatus_t
Definition: networkstatus_st.h:26
SAVED_NOWHERE
@ SAVED_NOWHERE
Definition: or.h:630
compat_compiler.h
Utility macros to handle different features and behavior in different compilers.
CELL_DIRECTION_IN
@ CELL_DIRECTION_IN
Definition: or.h:364
util_string.h
Header for util_string.c.
testing_cell_stats_entry_t::waiting_time
unsigned int waiting_time
Definition: or.h:823
compat_ctype.h
Locale-independent character-type inspection (header)
cstring.h
Header for cstring.c.
extend_info_t
Definition: extend_info_st.h:27
circid_t
uint32_t circid_t
Definition: or.h:489
testing_cell_stats_entry_t::removed
unsigned int removed
Definition: or.h:824