diff options
author | Nick Mathewson <nickm@torproject.org> | 2018-07-03 11:09:54 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2018-07-03 11:09:54 -0400 |
commit | 77e678c20daf8633ce1904dd1df28398d820f7c0 (patch) | |
tree | 411cb587ea7533b65edf60c8bc2221b072dda807 /src/or/or.h | |
parent | a01b4d7f87f2217f55f5c5113fe19a2d3081a44c (diff) | |
parent | 518ebe14dcc7568da353c4c517039d0c621deb28 (diff) | |
download | tor-77e678c20daf8633ce1904dd1df28398d820f7c0.tar.gz tor-77e678c20daf8633ce1904dd1df28398d820f7c0.zip |
Merge remote-tracking branch 'github/shrink_or_h_more'
Diffstat (limited to 'src/or/or.h')
-rw-r--r-- | src/or/or.h | 2315 |
1 files changed, 18 insertions, 2297 deletions
diff --git a/src/or/or.h b/src/or/or.h index 63349cffbb..b0340ed1a0 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -13,82 +13,33 @@ #define TOR_OR_H #include "orconfig.h" +#include "lib/cc/torint.h" -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif #ifdef HAVE_SIGNAL_H #include <signal.h> #endif -#ifdef HAVE_NETDB_H -#include <netdb.h> -#endif -#ifdef HAVE_SYS_PARAM_H -#include <sys/param.h> /* FreeBSD needs this to know what version it is */ -#endif -#include "lib/cc/torint.h" -#ifdef HAVE_SYS_FCNTL_H -#include <sys/fcntl.h> -#endif -#ifdef HAVE_FCNTL_H -#include <fcntl.h> -#endif -#ifdef HAVE_SYS_IOCTL_H -#include <sys/ioctl.h> -#endif -#ifdef HAVE_SYS_UN_H -#include <sys/un.h> -#endif -#ifdef HAVE_SYS_STAT_H -#include <sys/stat.h> -#endif -#ifdef HAVE_NETINET_IN_H -#include <netinet/in.h> -#endif -#ifdef HAVE_ARPA_INET_H -#include <arpa/inet.h> -#endif -#ifdef HAVE_ERRNO_H -#include <errno.h> -#endif #ifdef HAVE_TIME_H #include <time.h> #endif -#ifdef _WIN32 -#include <winsock2.h> -#include <io.h> -#include <process.h> -#include <direct.h> -#include <windows.h> -#endif /* defined(_WIN32) */ +#include "common/util.h" -#include "lib/crypt_ops/crypto.h" -#include "lib/crypt_ops/crypto_format.h" -#include "lib/crypt_ops/crypto_dh.h" -#include "lib/crypt_ops/crypto_hkdf.h" -#include "lib/tls/tortls.h" -#include "lib/log/torlog.h" -#include "lib/container/smartlist.h" #include "lib/container/map.h" -#include "lib/compress/compress.h" +#include "lib/container/smartlist.h" +#include "lib/crypt_ops/crypto.h" +#include "lib/defs/dh_sizes.h" +#include "lib/encoding/binascii.h" #include "lib/net/address.h" -#include "common/compat_libevent.h" + #include "ht.h" -#include "lib/encoding/confline.h" -#include "or/replaycache.h" -#include "lib/crypt_ops/crypto_curve25519.h" -#include "lib/crypt_ops/crypto_ed25519.h" -#include "tor_queue.h" -#include "common/token_bucket.h" -#include "lib/encoding/binascii.h" -#include "or/hs_circuitmap.h" -#include "common/util.h" // These, more than other includes, are for keeping the other struct // definitions working. We should remove them when we minimize our includes. #include "or/entry_port_cfg_st.h" +struct ed25519_public_key_t; +struct curve25519_public_key_t; + /* These signals are defined to help handle_control_signal work. */ #ifndef SIGHUP @@ -134,17 +85,9 @@ * equal sign or tilde, nickname. */ #define MAX_VERBOSE_NICKNAME_LEN (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN) -/** Maximum size, in bytes, for resized buffers. */ -#define MAX_BUF_SIZE ((1<<24)-1) /* 16MB-1 */ -/** Maximum size, in bytes, for any directory object that we've downloaded. */ -#define MAX_DIR_DL_SIZE MAX_BUF_SIZE - /** For HTTP parsing: Maximum number of bytes we'll accept in the headers * of an HTTP request or response. */ #define MAX_HEADERS_SIZE 50000 -/** Maximum size, in bytes, for any directory object that we're accepting - * as an upload. */ -#define MAX_DIR_UL_SIZE MAX_BUF_SIZE /** Maximum size, in bytes, of a single router descriptor uploaded to us * as a directory authority. Caches and clients fetch whatever descriptors @@ -187,58 +130,6 @@ /** How old do we let a saved descriptor get before force-removing it? */ #define OLD_ROUTER_DESC_MAX_AGE (60*60*24*5) -/** Possible rules for generating circuit IDs on an OR connection. */ -typedef enum { - CIRC_ID_TYPE_LOWER=0, /**< Pick from 0..1<<15-1. */ - CIRC_ID_TYPE_HIGHER=1, /**< Pick from 1<<15..1<<16-1. */ - /** The other side of a connection is an OP: never create circuits to it, - * and let it use any circuit ID it wants. */ - CIRC_ID_TYPE_NEITHER=2 -} circ_id_type_t; -#define circ_id_type_bitfield_t ENUM_BF(circ_id_type_t) - -#define CONN_TYPE_MIN_ 3 -/** Type for sockets listening for OR connections. */ -#define CONN_TYPE_OR_LISTENER 3 -/** A bidirectional TLS connection transmitting a sequence of cells. - * May be from an OR to an OR, or from an OP to an OR. */ -#define CONN_TYPE_OR 4 -/** A TCP connection from an onion router to a stream's destination. */ -#define CONN_TYPE_EXIT 5 -/** Type for sockets listening for SOCKS connections. */ -#define CONN_TYPE_AP_LISTENER 6 -/** A SOCKS proxy connection from the user application to the onion - * proxy. */ -#define CONN_TYPE_AP 7 -/** Type for sockets listening for HTTP connections to the directory server. */ -#define CONN_TYPE_DIR_LISTENER 8 -/** Type for HTTP connections to the directory server. */ -#define CONN_TYPE_DIR 9 -/* Type 10 is unused. */ -/** Type for listening for connections from user interface process. */ -#define CONN_TYPE_CONTROL_LISTENER 11 -/** Type for connections from user interface process. */ -#define CONN_TYPE_CONTROL 12 -/** Type for sockets listening for transparent connections redirected by pf or - * netfilter. */ -#define CONN_TYPE_AP_TRANS_LISTENER 13 -/** Type for sockets listening for transparent connections redirected by - * natd. */ -#define CONN_TYPE_AP_NATD_LISTENER 14 -/** Type for sockets listening for DNS requests. */ -#define CONN_TYPE_AP_DNS_LISTENER 15 - -/** Type for connections from the Extended ORPort. */ -#define CONN_TYPE_EXT_OR 16 -/** Type for sockets listening for Extended ORPort connections. */ -#define CONN_TYPE_EXT_OR_LISTENER 17 -/** Type for sockets listening for HTTP CONNECT tunnel connections. */ -#define CONN_TYPE_AP_HTTP_CONNECT_LISTENER 18 - -#define CONN_TYPE_MAX_ 19 -/* !!!! If _CONN_TYPE_MAX is ever over 31, we must grow the type field in - * connection_t. */ - /* Proxy client types */ #define PROXY_NONE 0 #define PROXY_CONNECT 1 @@ -251,355 +142,6 @@ typedef enum { * instead use the actual underlying proxy type (see above). */ #define PROXY_PLUGGABLE 4 -/* Proxy client handshake states */ -/* We use a proxy but we haven't even connected to it yet. */ -#define PROXY_INFANT 1 -/* We use an HTTP proxy and we've sent the CONNECT command. */ -#define PROXY_HTTPS_WANT_CONNECT_OK 2 -/* We use a SOCKS4 proxy and we've sent the CONNECT command. */ -#define PROXY_SOCKS4_WANT_CONNECT_OK 3 -/* We use a SOCKS5 proxy and we try to negotiate without - any authentication . */ -#define PROXY_SOCKS5_WANT_AUTH_METHOD_NONE 4 -/* We use a SOCKS5 proxy and we try to negotiate with - Username/Password authentication . */ -#define PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929 5 -/* We use a SOCKS5 proxy and we just sent our credentials. */ -#define PROXY_SOCKS5_WANT_AUTH_RFC1929_OK 6 -/* We use a SOCKS5 proxy and we just sent our CONNECT command. */ -#define PROXY_SOCKS5_WANT_CONNECT_OK 7 -/* We use a proxy and we CONNECTed successfully!. */ -#define PROXY_CONNECTED 8 - -/** True iff <b>x</b> is an edge connection. */ -#define CONN_IS_EDGE(x) \ - ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP) - -/** State for any listener connection. */ -#define LISTENER_STATE_READY 0 - -#define OR_CONN_STATE_MIN_ 1 -/** State for a connection to an OR: waiting for connect() to finish. */ -#define OR_CONN_STATE_CONNECTING 1 -/** State for a connection to an OR: waiting for proxy handshake to complete */ -#define OR_CONN_STATE_PROXY_HANDSHAKING 2 -/** State for an OR connection client: SSL is handshaking, not done - * yet. */ -#define OR_CONN_STATE_TLS_HANDSHAKING 3 -/** State for a connection to an OR: We're doing a second SSL handshake for - * renegotiation purposes. (V2 handshake only.) */ -#define OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING 4 -/** State for a connection at an OR: We're waiting for the client to - * renegotiate (to indicate a v2 handshake) or send a versions cell (to - * indicate a v3 handshake) */ -#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING 5 -/** State for an OR connection: We're done with our SSL handshake, we've done - * renegotiation, but we haven't yet negotiated link protocol versions and - * sent a netinfo cell. */ -#define OR_CONN_STATE_OR_HANDSHAKING_V2 6 -/** State for an OR connection: We're done with our SSL handshake, but we - * haven't yet negotiated link protocol versions, done a V3 handshake, and - * sent a netinfo cell. */ -#define OR_CONN_STATE_OR_HANDSHAKING_V3 7 -/** State for an OR connection: Ready to send/receive cells. */ -#define OR_CONN_STATE_OPEN 8 -#define OR_CONN_STATE_MAX_ 8 - -/** States of the Extended ORPort protocol. Be careful before changing - * the numbers: they matter. */ -#define EXT_OR_CONN_STATE_MIN_ 1 -/** Extended ORPort authentication is waiting for the authentication - * type selected by the client. */ -#define EXT_OR_CONN_STATE_AUTH_WAIT_AUTH_TYPE 1 -/** Extended ORPort authentication is waiting for the client nonce. */ -#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE 2 -/** Extended ORPort authentication is waiting for the client hash. */ -#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH 3 -#define EXT_OR_CONN_STATE_AUTH_MAX 3 -/** Authentication finished and the Extended ORPort is now accepting - * traffic. */ -#define EXT_OR_CONN_STATE_OPEN 4 -/** Extended ORPort is flushing its last messages and preparing to - * start accepting OR connections. */ -#define EXT_OR_CONN_STATE_FLUSHING 5 -#define EXT_OR_CONN_STATE_MAX_ 5 - -#define EXIT_CONN_STATE_MIN_ 1 -/** State for an exit connection: waiting for response from DNS farm. */ -#define EXIT_CONN_STATE_RESOLVING 1 -/** State for an exit connection: waiting for connect() to finish. */ -#define EXIT_CONN_STATE_CONNECTING 2 -/** State for an exit connection: open and ready to transmit data. */ -#define EXIT_CONN_STATE_OPEN 3 -/** State for an exit connection: waiting to be removed. */ -#define EXIT_CONN_STATE_RESOLVEFAILED 4 -#define EXIT_CONN_STATE_MAX_ 4 - -/* The AP state values must be disjoint from the EXIT state values. */ -#define AP_CONN_STATE_MIN_ 5 -/** State for a SOCKS connection: waiting for SOCKS request. */ -#define AP_CONN_STATE_SOCKS_WAIT 5 -/** State for a SOCKS connection: got a y.onion URL; waiting to receive - * rendezvous descriptor. */ -#define AP_CONN_STATE_RENDDESC_WAIT 6 -/** The controller will attach this connection to a circuit; it isn't our - * job to do so. */ -#define AP_CONN_STATE_CONTROLLER_WAIT 7 -/** State for a SOCKS connection: waiting for a completed circuit. */ -#define AP_CONN_STATE_CIRCUIT_WAIT 8 -/** State for a SOCKS connection: sent BEGIN, waiting for CONNECTED. */ -#define AP_CONN_STATE_CONNECT_WAIT 9 -/** State for a SOCKS connection: sent RESOLVE, waiting for RESOLVED. */ -#define AP_CONN_STATE_RESOLVE_WAIT 10 -/** State for a SOCKS connection: ready to send and receive. */ -#define AP_CONN_STATE_OPEN 11 -/** State for a transparent natd connection: waiting for original - * destination. */ -#define AP_CONN_STATE_NATD_WAIT 12 -/** State for an HTTP tunnel: waiting for an HTTP CONNECT command. */ -#define AP_CONN_STATE_HTTP_CONNECT_WAIT 13 -#define AP_CONN_STATE_MAX_ 13 - -/** True iff the AP_CONN_STATE_* value <b>s</b> means that the corresponding - * edge connection is not attached to any circuit. */ -#define AP_CONN_STATE_IS_UNATTACHED(s) \ - ((s) <= AP_CONN_STATE_CIRCUIT_WAIT || (s) == AP_CONN_STATE_NATD_WAIT) - -#define DIR_CONN_STATE_MIN_ 1 -/** State for connection to directory server: waiting for connect(). */ -#define DIR_CONN_STATE_CONNECTING 1 -/** State for connection to directory server: sending HTTP request. */ -#define DIR_CONN_STATE_CLIENT_SENDING 2 -/** State for connection to directory server: reading HTTP response. */ -#define DIR_CONN_STATE_CLIENT_READING 3 -/** State for connection to directory server: happy and finished. */ -#define DIR_CONN_STATE_CLIENT_FINISHED 4 -/** State for connection at directory server: waiting for HTTP request. */ -#define DIR_CONN_STATE_SERVER_COMMAND_WAIT 5 -/** State for connection at directory server: sending HTTP response. */ -#define DIR_CONN_STATE_SERVER_WRITING 6 -#define DIR_CONN_STATE_MAX_ 6 - -/** True iff the purpose of <b>conn</b> means that it's a server-side - * directory connection. */ -#define DIR_CONN_IS_SERVER(conn) ((conn)->purpose == DIR_PURPOSE_SERVER) - -#define CONTROL_CONN_STATE_MIN_ 1 -/** State for a control connection: Authenticated and accepting v1 commands. */ -#define CONTROL_CONN_STATE_OPEN 1 -/** State for a control connection: Waiting for authentication; speaking - * protocol v1. */ -#define CONTROL_CONN_STATE_NEEDAUTH 2 -#define CONTROL_CONN_STATE_MAX_ 2 - -#define DIR_PURPOSE_MIN_ 4 -/** A connection to a directory server: set after a v2 rendezvous - * descriptor is downloaded. */ -#define DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 4 -/** A connection to a directory server: download one or more server - * descriptors. */ -#define DIR_PURPOSE_FETCH_SERVERDESC 6 -/** A connection to a directory server: download one or more extra-info - * documents. */ -#define DIR_PURPOSE_FETCH_EXTRAINFO 7 -/** A connection to a directory server: upload a server descriptor. */ -#define DIR_PURPOSE_UPLOAD_DIR 8 -/** A connection to a directory server: upload a v3 networkstatus vote. */ -#define DIR_PURPOSE_UPLOAD_VOTE 10 -/** A connection to a directory server: upload a v3 consensus signature */ -#define DIR_PURPOSE_UPLOAD_SIGNATURES 11 -/** A connection to a directory server: download one or more v3 networkstatus - * votes. */ -#define DIR_PURPOSE_FETCH_STATUS_VOTE 12 -/** A connection to a directory server: download a v3 detached signatures - * object for a consensus. */ -#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES 13 -/** A connection to a directory server: download a v3 networkstatus - * consensus. */ -#define DIR_PURPOSE_FETCH_CONSENSUS 14 -/** A connection to a directory server: download one or more directory - * authority certificates. */ -#define DIR_PURPOSE_FETCH_CERTIFICATE 15 - -/** Purpose for connection at a directory server. */ -#define DIR_PURPOSE_SERVER 16 -/** A connection to a hidden service directory server: upload a v2 rendezvous - * descriptor. */ -#define DIR_PURPOSE_UPLOAD_RENDDESC_V2 17 -/** A connection to a hidden service directory server: download a v2 rendezvous - * descriptor. */ -#define DIR_PURPOSE_FETCH_RENDDESC_V2 18 -/** A connection to a directory server: download a microdescriptor. */ -#define DIR_PURPOSE_FETCH_MICRODESC 19 -/** A connection to a hidden service directory: upload a v3 descriptor. */ -#define DIR_PURPOSE_UPLOAD_HSDESC 20 -/** A connection to a hidden service directory: fetch a v3 descriptor. */ -#define DIR_PURPOSE_FETCH_HSDESC 21 -/** A connection to a directory server: set after a hidden service descriptor - * is downloaded. */ -#define DIR_PURPOSE_HAS_FETCHED_HSDESC 22 -#define DIR_PURPOSE_MAX_ 22 - -/** True iff <b>p</b> is a purpose corresponding to uploading - * data to a directory server. */ -#define DIR_PURPOSE_IS_UPLOAD(p) \ - ((p)==DIR_PURPOSE_UPLOAD_DIR || \ - (p)==DIR_PURPOSE_UPLOAD_VOTE || \ - (p)==DIR_PURPOSE_UPLOAD_SIGNATURES || \ - (p)==DIR_PURPOSE_UPLOAD_RENDDESC_V2 || \ - (p)==DIR_PURPOSE_UPLOAD_HSDESC) - -#define EXIT_PURPOSE_MIN_ 1 -/** This exit stream wants to do an ordinary connect. */ -#define EXIT_PURPOSE_CONNECT 1 -/** This exit stream wants to do a resolve (either normal or reverse). */ -#define EXIT_PURPOSE_RESOLVE 2 -#define EXIT_PURPOSE_MAX_ 2 - -/* !!!! If any connection purpose is ever over 31, we must grow the type - * field in connection_t. */ - -/** Circuit state: I'm the origin, still haven't done all my handshakes. */ -#define CIRCUIT_STATE_BUILDING 0 -/** Circuit state: Waiting to process the onionskin. */ -#define CIRCUIT_STATE_ONIONSKIN_PENDING 1 -/** Circuit state: I'd like to deliver a create, but my n_chan is still - * connecting. */ -#define CIRCUIT_STATE_CHAN_WAIT 2 -/** Circuit state: the circuit is open but we don't want to actually use it - * until we find out if a better guard will be available. - */ -#define CIRCUIT_STATE_GUARD_WAIT 3 -/** Circuit state: onionskin(s) processed, ready to send/receive cells. */ -#define CIRCUIT_STATE_OPEN 4 - -#define CIRCUIT_PURPOSE_MIN_ 1 - -/* these circuits were initiated elsewhere */ -#define CIRCUIT_PURPOSE_OR_MIN_ 1 -/** OR-side circuit purpose: normal circuit, at OR. */ -#define CIRCUIT_PURPOSE_OR 1 -/** OR-side circuit purpose: At OR, from the service, waiting for intro from - * clients. */ -#define CIRCUIT_PURPOSE_INTRO_POINT 2 -/** OR-side circuit purpose: At OR, from the client, waiting for the service. - */ -#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3 -/** OR-side circuit purpose: At OR, both circuits have this purpose. */ -#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4 -#define CIRCUIT_PURPOSE_OR_MAX_ 4 - -/* these circuits originate at this node */ - -/* here's how circ client-side purposes work: - * normal circuits are C_GENERAL. - * circuits that are c_introducing are either on their way to - * becoming open, or they are open and waiting for a - * suitable rendcirc before they send the intro. - * circuits that are c_introduce_ack_wait have sent the intro, - * but haven't gotten a response yet. - * circuits that are c_establish_rend are either on their way - * to becoming open, or they are open and have sent the - * establish_rendezvous cell but haven't received an ack. - * circuits that are c_rend_ready are open and have received a - * rend ack, but haven't heard from the service yet. if they have a - * buildstate->pending_final_cpath then they're expecting a - * cell from the service, else they're not. - * circuits that are c_rend_ready_intro_acked are open, and - * some intro circ has sent its intro and received an ack. - * circuits that are c_rend_joined are open, have heard from - * the service, and are talking to it. - */ -/** Client-side circuit purpose: Normal circuit, with cpath. */ -#define CIRCUIT_PURPOSE_C_GENERAL 5 -#define CIRCUIT_PURPOSE_C_HS_MIN_ 6 -/** Client-side circuit purpose: at the client, connecting to intro point. */ -#define CIRCUIT_PURPOSE_C_INTRODUCING 6 -/** Client-side circuit purpose: at the client, sent INTRODUCE1 to intro point, - * waiting for ACK/NAK. */ -#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7 -/** Client-side circuit purpose: at the client, introduced and acked, closing. - */ -#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8 -/** Client-side circuit purpose: at the client, waiting for ack. */ -#define CIRCUIT_PURPOSE_C_ESTABLISH_REND 9 -/** Client-side circuit purpose: at the client, waiting for the service. */ -#define CIRCUIT_PURPOSE_C_REND_READY 10 -/** Client-side circuit purpose: at the client, waiting for the service, - * INTRODUCE has been acknowledged. */ -#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED 11 -/** Client-side circuit purpose: at the client, rendezvous established. */ -#define CIRCUIT_PURPOSE_C_REND_JOINED 12 -/** This circuit is used for getting hsdirs */ -#define CIRCUIT_PURPOSE_C_HSDIR_GET 13 -#define CIRCUIT_PURPOSE_C_HS_MAX_ 13 -/** This circuit is used for build time measurement only */ -#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT 14 -#define CIRCUIT_PURPOSE_C_MAX_ 14 - -#define CIRCUIT_PURPOSE_S_HS_MIN_ 15 -/** Hidden-service-side circuit purpose: at the service, waiting for - * introductions. */ -#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 15 -/** Hidden-service-side circuit purpose: at the service, successfully - * established intro. */ -#define CIRCUIT_PURPOSE_S_INTRO 16 -/** Hidden-service-side circuit purpose: at the service, connecting to rend - * point. */ -#define CIRCUIT_PURPOSE_S_CONNECT_REND 17 -/** Hidden-service-side circuit purpose: at the service, rendezvous - * established. */ -#define CIRCUIT_PURPOSE_S_REND_JOINED 18 -/** This circuit is used for uploading hsdirs */ -#define CIRCUIT_PURPOSE_S_HSDIR_POST 19 -#define CIRCUIT_PURPOSE_S_HS_MAX_ 19 - -/** A testing circuit; not meant to be used for actual traffic. */ -#define CIRCUIT_PURPOSE_TESTING 20 -/** A controller made this circuit and Tor should not use it. */ -#define CIRCUIT_PURPOSE_CONTROLLER 21 -/** This circuit is used for path bias probing only */ -#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING 22 - -/** This circuit is used for vanguards/restricted paths. - * - * This type of circuit is *only* created preemptively and never - * on-demand. When an HS operation needs to take place (e.g. connect to an - * intro point), these circuits are then cannibalized and repurposed to the - * actual needed HS purpose. */ -#define CIRCUIT_PURPOSE_HS_VANGUARDS 23 - -#define CIRCUIT_PURPOSE_MAX_ 23 -/** A catch-all for unrecognized purposes. Currently we don't expect - * to make or see any circuits with this purpose. */ -#define CIRCUIT_PURPOSE_UNKNOWN 255 - -/** True iff the circuit purpose <b>p</b> is for a circuit that - * originated at this node. */ -#define CIRCUIT_PURPOSE_IS_ORIGIN(p) ((p)>CIRCUIT_PURPOSE_OR_MAX_) -/** True iff the circuit purpose <b>p</b> is for a circuit that originated - * here to serve as a client. (Hidden services don't count here.) */ -#define CIRCUIT_PURPOSE_IS_CLIENT(p) \ - ((p)> CIRCUIT_PURPOSE_OR_MAX_ && \ - (p)<=CIRCUIT_PURPOSE_C_MAX_) -/** True iff the circuit_t <b>c</b> is actually an origin_circuit_t. */ -#define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose)) -/** True iff the circuit purpose <b>p</b> is for an established rendezvous - * circuit. */ -#define CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(p) \ - ((p) == CIRCUIT_PURPOSE_C_REND_JOINED || \ - (p) == CIRCUIT_PURPOSE_S_REND_JOINED) -/** True iff the circuit_t c is actually an or_circuit_t */ -#define CIRCUIT_IS_ORCIRC(c) (((circuit_t *)(c))->magic == OR_CIRCUIT_MAGIC) - -/** True iff this circuit purpose should count towards the global - * pending rate limit (set by MaxClientCircuitsPending). We count all - * general purpose circuits, as well as the first step of client onion - * service connections (HSDir gets). */ -#define CIRCUIT_PURPOSE_COUNTS_TOWARDS_MAXPENDING(p) \ - ((p) == CIRCUIT_PURPOSE_C_GENERAL || \ - (p) == CIRCUIT_PURPOSE_C_HSDIR_GET) - /** How many circuits do we want simultaneously in-progress to handle * a given stream? */ #define MIN_CIRCUITS_HANDLING_STREAM 2 @@ -704,13 +246,6 @@ typedef enum { * connection_mark_unattached_ap(). */ #define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED 2048 -/** Reason for remapping an AP connection's address: we have a cached - * answer. */ -#define REMAP_STREAM_SOURCE_CACHE 1 -/** Reason for remapping an AP connection's address: the exit node told us an - * answer. */ -#define REMAP_STREAM_SOURCE_EXIT 2 - /* 'type' values to use in RESOLVED cells. Specified in tor-spec.txt. */ #define RESOLVED_TYPE_HOSTNAME 0 #define RESOLVED_TYPE_IPV4 4 @@ -1034,131 +569,6 @@ typedef struct channel_s channel_t; typedef struct channel_listener_s channel_listener_t; -/* channel states for channel_t */ - -typedef enum { - /* - * Closed state - channel is inactive - * - * Permitted transitions from: - * - CHANNEL_STATE_CLOSING - * Permitted transitions to: - * - CHANNEL_STATE_OPENING - */ - CHANNEL_STATE_CLOSED = 0, - /* - * Opening state - channel is trying to connect - * - * Permitted transitions from: - * - CHANNEL_STATE_CLOSED - * Permitted transitions to: - * - CHANNEL_STATE_CLOSING - * - CHANNEL_STATE_ERROR - * - CHANNEL_STATE_OPEN - */ - CHANNEL_STATE_OPENING, - /* - * Open state - channel is active and ready for use - * - * Permitted transitions from: - * - CHANNEL_STATE_MAINT - * - CHANNEL_STATE_OPENING - * Permitted transitions to: - * - CHANNEL_STATE_CLOSING - * - CHANNEL_STATE_ERROR - * - CHANNEL_STATE_MAINT - */ - CHANNEL_STATE_OPEN, - /* - * Maintenance state - channel is temporarily offline for subclass specific - * maintenance activities such as TLS renegotiation. - * - * Permitted transitions from: - * - CHANNEL_STATE_OPEN - * Permitted transitions to: - * - CHANNEL_STATE_CLOSING - * - CHANNEL_STATE_ERROR - * - CHANNEL_STATE_OPEN - */ - CHANNEL_STATE_MAINT, - /* - * Closing state - channel is shutting down - * - * Permitted transitions from: - * - CHANNEL_STATE_MAINT - * - CHANNEL_STATE_OPEN - * Permitted transitions to: - * - CHANNEL_STATE_CLOSED, - * - CHANNEL_STATE_ERROR - */ - CHANNEL_STATE_CLOSING, - /* - * Error state - channel has experienced a permanent error - * - * Permitted transitions from: - * - CHANNEL_STATE_CLOSING - * - CHANNEL_STATE_MAINT - * - CHANNEL_STATE_OPENING - * - CHANNEL_STATE_OPEN - * Permitted transitions to: - * - None - */ - CHANNEL_STATE_ERROR, - /* - * Placeholder for maximum state value - */ - CHANNEL_STATE_LAST -} channel_state_t; - -/* channel listener states for channel_listener_t */ - -typedef enum { - /* - * Closed state - channel listener is inactive - * - * Permitted transitions from: - * - CHANNEL_LISTENER_STATE_CLOSING - * Permitted transitions to: - * - CHANNEL_LISTENER_STATE_LISTENING - */ - CHANNEL_LISTENER_STATE_CLOSED = 0, - /* - * Listening state - channel listener is listening for incoming - * connections - * - * Permitted transitions from: - * - CHANNEL_LISTENER_STATE_CLOSED - * Permitted transitions to: - * - CHANNEL_LISTENER_STATE_CLOSING - * - CHANNEL_LISTENER_STATE_ERROR - */ - CHANNEL_LISTENER_STATE_LISTENING, - /* - * Closing state - channel listener is shutting down - * - * Permitted transitions from: - * - CHANNEL_LISTENER_STATE_LISTENING - * Permitted transitions to: - * - CHANNEL_LISTENER_STATE_CLOSED, - * - CHANNEL_LISTENER_STATE_ERROR - */ - CHANNEL_LISTENER_STATE_CLOSING, - /* - * Error state - channel listener has experienced a permanent error - * - * Permitted transitions from: - * - CHANNEL_STATE_CLOSING - * - CHANNEL_STATE_LISTENING - * Permitted transitions to: - * - None - */ - CHANNEL_LISTENER_STATE_ERROR, - /* - * Placeholder for maximum state value - */ - CHANNEL_LISTENER_STATE_LAST -} channel_listener_state_t; - /* TLS channel stuff */ typedef struct channel_tls_s channel_tls_t; @@ -1173,13 +583,7 @@ typedef struct packed_cell_t packed_cell_t; typedef struct cell_queue_t cell_queue_t; typedef struct destroy_cell_t destroy_cell_t; typedef struct destroy_cell_queue_t destroy_cell_queue_t; - -/** A parsed Extended ORPort message. */ -typedef struct ext_or_cmd_t { - uint16_t cmd; /** Command type */ - uint16_t len; /** Body length */ - char body[FLEXIBLE_ARRAY_MEMBER]; /** Message body */ -} ext_or_cmd_t; +typedef struct ext_or_cmd_t ext_or_cmd_t; /** Beginning of a RELAY cell payload. */ typedef struct { @@ -1194,16 +598,6 @@ typedef struct socks_request_t socks_request_t; typedef struct entry_port_cfg_t entry_port_cfg_t; typedef struct server_port_cfg_t server_port_cfg_t; -/* Values for connection_t.magic: used to make sure that downcasts (casts from -* connection_t to foo_connection_t) are safe. */ -#define BASE_CONNECTION_MAGIC 0x7C3C304Eu -#define OR_CONNECTION_MAGIC 0x7D31FF03u -#define EDGE_CONNECTION_MAGIC 0xF0374013u -#define ENTRY_CONNECTION_MAGIC 0xbb4a5703 -#define DIR_CONNECTION_MAGIC 0x9988ffeeu -#define CONTROL_CONNECTION_MAGIC 0x8abc765du -#define LISTENER_CONNECTION_MAGIC 0x1a1ac741u - /** Minimum length of the random part of an AUTH_CHALLENGE cell. */ #define OR_AUTH_CHALLENGE_LEN 32 @@ -1295,38 +689,7 @@ typedef struct or_connection_t or_connection_t; /** Cast a entry_connection_t subtype pointer to a connection_t **/ #define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c))) -/** What action type does an address policy indicate: accept or reject? */ -typedef enum { - ADDR_POLICY_ACCEPT=1, - ADDR_POLICY_REJECT=2, -} addr_policy_action_t; -#define addr_policy_action_bitfield_t ENUM_BF(addr_policy_action_t) - -/** A reference-counted address policy rule. */ -typedef struct addr_policy_t { - int refcnt; /**< Reference count */ - /** What to do when the policy matches.*/ - addr_policy_action_bitfield_t policy_type:2; - unsigned int is_private:1; /**< True iff this is the pseudo-address, - * "private". */ - unsigned int is_canonical:1; /**< True iff this policy is the canonical - * copy (stored in a hash table to avoid - * duplication of common policies) */ - maskbits_t maskbits; /**< Accept/reject all addresses <b>a</b> such that the - * first <b>maskbits</b> bits of <b>a</b> match - * <b>addr</b>. */ - /** Base address to accept or reject. - * - * Note that wildcards are treated - * differntly depending on address family. An AF_UNSPEC address means - * "All addresses, IPv4 or IPv6." An AF_INET address with maskbits==0 means - * "All IPv4 addresses" and an AF_INET6 address with maskbits == 0 means - * "All IPv6 addresses". - **/ - tor_addr_t addr; - uint16_t prt_min; /**< Lowest port number to accept/reject. */ - uint16_t prt_max; /**< Highest port number to accept/reject. */ -} addr_policy_t; +typedef struct addr_policy_t addr_policy_t; typedef struct cached_dir_t cached_dir_t; @@ -1437,25 +800,6 @@ typedef struct routerinfo_t routerinfo_t; typedef struct extrainfo_t extrainfo_t; typedef struct routerstatus_t routerstatus_t; -/** A single entry in a parsed policy summary, describing a range of ports. */ -typedef struct short_policy_entry_t { - uint16_t min_port, max_port; -} short_policy_entry_t; - -/** A short_poliy_t is the parsed version of a policy summary. */ -typedef struct short_policy_t { - /** True if the members of 'entries' are port ranges to accept; false if - * they are port ranges to reject */ - unsigned int is_accept : 1; - /** The actual number of values in 'entries'. */ - unsigned int n_entries : 31; - /** An array of 0 or more short_policy_entry_t values, each describing a - * range of ports that this policy accepts or rejects (depending on the - * value of is_accept). - */ - short_policy_entry_t entries[FLEXIBLE_ARRAY_MEMBER]; -} short_policy_t; - typedef struct microdesc_t microdesc_t; typedef struct node_t node_t; typedef struct vote_microdesc_hash_t vote_microdesc_hash_t; @@ -1464,13 +808,6 @@ typedef struct document_signature_t document_signature_t; typedef struct networkstatus_voter_info_t networkstatus_voter_info_t; typedef struct networkstatus_sr_info_t networkstatus_sr_info_t; -/** Enumerates the possible seriousness values of a networkstatus document. */ -typedef enum { - NS_TYPE_VOTE, - NS_TYPE_CONSENSUS, - NS_TYPE_OPINION, -} networkstatus_type_t; - /** Enumerates recognized flavors of a consensus networkstatus document. All * flavors of a consensus are generated from the same set of votes, but they * present different types information to different versions of Tor. */ @@ -1484,13 +821,6 @@ typedef enum { typedef struct networkstatus_t networkstatus_t; typedef struct ns_detached_signatures_t ns_detached_signatures_t; - -/** Allowable types of desc_store_t. */ -typedef enum store_type_t { - ROUTER_STORE = 0, - EXTRAINFO_STORE = 1 -} store_type_t; - typedef struct desc_store_t desc_store_t; typedef struct routerlist_t routerlist_t; typedef struct extend_info_t extend_info_t; @@ -1519,42 +849,20 @@ typedef enum { #define ALL_DIRINFO ((dirinfo_type_t)((1<<7)-1)) -#define CRYPT_PATH_MAGIC 0x70127012u - -struct fast_handshake_state_t; -struct ntor_handshake_state_t; #define ONION_HANDSHAKE_TYPE_TAP 0x0000 #define ONION_HANDSHAKE_TYPE_FAST 0x0001 #define ONION_HANDSHAKE_TYPE_NTOR 0x0002 #define MAX_ONION_HANDSHAKE_TYPE 0x0002 -typedef struct { - uint16_t tag; - union { - struct fast_handshake_state_t *fast; - crypto_dh_t *tap; - struct ntor_handshake_state_t *ntor; - } u; -} onion_handshake_state_t; +typedef struct onion_handshake_state_t onion_handshake_state_t; typedef struct relay_crypto_t relay_crypto_t; typedef struct crypt_path_t crypt_path_t; typedef struct crypt_path_reference_t crypt_path_reference_t; #define CPATH_KEY_MATERIAL_LEN (20*2+16*2) -#define DH_KEY_LEN DH_BYTES - typedef struct cpath_build_state_t cpath_build_state_t; -/** "magic" value for an origin_circuit_t */ -#define ORIGIN_CIRCUIT_MAGIC 0x35315243u -/** "magic" value for an or_circuit_t */ -#define OR_CIRCUIT_MAGIC 0x98ABC04Fu -/** "magic" value for a circuit that would have been freed by circuit_free, - * but which we're keeping around until a cpuworker reply arrives. See - * circuit_free() for more documentation. */ -#define DEAD_CIRCUIT_MAGIC 0xdeadc14c - struct create_cell_t; /** Entry in the cell stats list of a circuit; used only if CELL_STATS @@ -1578,61 +886,7 @@ typedef struct or_circuit_t or_circuit_t; * circuit. */ #define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT 8 -/** - * Describes the circuit building process in simplified terms based - * on the path bias accounting state for a circuit. - * - * NOTE: These state values are enumerated in the order for which we - * expect circuits to transition through them. If you add states, - * you need to preserve this overall ordering. The various pathbias - * state transition and accounting functions (pathbias_mark_* and - * pathbias_count_*) contain ordinal comparisons to enforce proper - * state transitions for corrections. - * - * This state machine and the associated logic was created to prevent - * miscounting due to unknown cases of circuit reuse. See also tickets - * #6475 and #7802. - */ -typedef enum { - /** This circuit is "new". It has not yet completed a first hop - * or been counted by the path bias code. */ - PATH_STATE_NEW_CIRC = 0, - /** This circuit has completed one/two hops, and has been counted by - * the path bias logic. */ - PATH_STATE_BUILD_ATTEMPTED = 1, - /** This circuit has been completely built */ - PATH_STATE_BUILD_SUCCEEDED = 2, - /** Did we try to attach any SOCKS streams or hidserv introductions to - * this circuit? - * - * Note: If we ever implement end-to-end stream timing through test - * stream probes (#5707), we must *not* set this for those probes - * (or any other automatic streams) because the adversary could - * just tag at a later point. - */ - PATH_STATE_USE_ATTEMPTED = 3, - /** Did any SOCKS streams or hidserv introductions actually succeed on - * this circuit? - * - * If any streams detatch/fail from this circuit, the code transitions - * the circuit back to PATH_STATE_USE_ATTEMPTED to ensure we probe. See - * pathbias_mark_use_rollback() for that. - */ - PATH_STATE_USE_SUCCEEDED = 4, - - /** - * This is a special state to indicate that we got a corrupted - * relay cell on a circuit and we don't intend to probe it. - */ - PATH_STATE_USE_FAILED = 5, - - /** - * This is a special state to indicate that we already counted - * the circuit. Used to guard against potential state machine - * violations. - */ - PATH_STATE_ALREADY_COUNTED = 6, -} path_state_t; +typedef enum path_state_t path_state_t; #define path_state_bitfield_t ENUM_BF(path_state_t) #if REND_COOKIE_LEN != DIGEST_LEN @@ -1643,10 +897,6 @@ typedef enum { /** Convert a circuit subtype to a circuit_t. */ #define TO_CIRCUIT(x) (&((x)->base_)) -/* limits for TCP send and recv buffer size used for constrained sockets */ -#define MIN_CONSTRAINED_TCP_BUFFER 2048 -#define MAX_CONSTRAINED_TCP_BUFFER 262144 /* 256k */ - /** @name Isolation flags Ways to isolate client streams @@ -1690,1152 +940,13 @@ typedef struct routerset_t routerset_t; * to pick its own port. */ #define CFG_AUTO_PORT 0xc4005e -/** Enumeration of outbound address configuration types: - * Exit-only, OR-only, or both */ -typedef enum {OUTBOUND_ADDR_EXIT, OUTBOUND_ADDR_OR, - OUTBOUND_ADDR_EXIT_AND_OR, - OUTBOUND_ADDR_MAX} outbound_addr_t; - -/** Configuration options for a Tor process. */ -typedef struct { - uint32_t magic_; - - /** What should the tor process actually do? */ - enum { - CMD_RUN_TOR=0, CMD_LIST_FINGERPRINT, CMD_HASH_PASSWORD, - CMD_VERIFY_CONFIG, CMD_RUN_UNITTESTS, CMD_DUMP_CONFIG, - CMD_KEYGEN, - CMD_KEY_EXPIRATION, - } command; - char *command_arg; /**< Argument for command-line option. */ - - config_line_t *Logs; /**< New-style list of configuration lines - * for logs */ - int LogTimeGranularity; /**< Log resolution in milliseconds. */ - - int LogMessageDomains; /**< Boolean: Should we log the domain(s) in which - * each log message occurs? */ - int TruncateLogFile; /**< Boolean: Should we truncate the log file - before we start writing? */ - char *SyslogIdentityTag; /**< Identity tag to add for syslog logging. */ - char *AndroidIdentityTag; /**< Identity tag to add for Android logging. */ - - char *DebugLogFile; /**< Where to send verbose log messages. */ - char *DataDirectory_option; /**< Where to store long-term data, as - * configured by the user. */ - char *DataDirectory; /**< Where to store long-term data, as modified. */ - int DataDirectoryGroupReadable; /**< Boolean: Is the DataDirectory g+r? */ - - char *KeyDirectory_option; /**< Where to store keys, as - * configured by the user. */ - char *KeyDirectory; /**< Where to store keys data, as modified. */ - int KeyDirectoryGroupReadable; /**< Boolean: Is the KeyDirectory g+r? */ - - char *CacheDirectory_option; /**< Where to store cached data, as - * configured by the user. */ - char *CacheDirectory; /**< Where to store cached data, as modified. */ - int CacheDirectoryGroupReadable; /**< Boolean: Is the CacheDirectory g+r? */ - - char *Nickname; /**< OR only: nickname of this onion router. */ - char *Address; /**< OR only: configured address for this onion router. */ - char *PidFile; /**< Where to store PID of Tor process. */ - - routerset_t *ExitNodes; /**< Structure containing nicknames, digests, - * country codes and IP address patterns of ORs to - * consider as exits. */ - routerset_t *EntryNodes;/**< Structure containing nicknames, digests, - * country codes and IP address patterns of ORs to - * consider as entry points. */ - int StrictNodes; /**< Boolean: When none of our EntryNodes or ExitNodes - * are up, or we need to access a node in ExcludeNodes, - * do we just fail instead? */ - routerset_t *ExcludeNodes;/**< Structure containing nicknames, digests, - * country codes and IP address patterns of ORs - * not to use in circuits. But see StrictNodes - * above. */ - routerset_t *ExcludeExitNodes;/**< Structure containing nicknames, digests, - * country codes and IP address patterns of - * ORs not to consider as exits. */ - - /** Union of ExcludeNodes and ExcludeExitNodes */ - routerset_t *ExcludeExitNodesUnion_; - - int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our - * process for all current and future memory. */ - - config_line_t *ExitPolicy; /**< Lists of exit policy components. */ - int ExitPolicyRejectPrivate; /**< Should we not exit to reserved private - * addresses, and our own published addresses? - */ - int ExitPolicyRejectLocalInterfaces; /**< Should we not exit to local - * interface addresses? - * Includes OutboundBindAddresses and - * configured ports. */ - int ReducedExitPolicy; /**<Should we use the Reduced Exit Policy? */ - config_line_t *SocksPolicy; /**< Lists of socks policy components */ - config_line_t *DirPolicy; /**< Lists of dir policy components */ - /** Local address to bind outbound sockets */ - config_line_t *OutboundBindAddress; - /** Local address to bind outbound relay sockets */ - config_line_t *OutboundBindAddressOR; - /** Local address to bind outbound exit sockets */ - config_line_t *OutboundBindAddressExit; - /** Addresses derived from the various OutboundBindAddress lines. - * [][0] is IPv4, [][1] is IPv6 - */ - tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2]; - /** Directory server only: which versions of - * Tor should we tell users to run? */ - config_line_t *RecommendedVersions; - config_line_t *RecommendedClientVersions; - config_line_t *RecommendedServerVersions; - config_line_t *RecommendedPackages; - /** Whether dirservers allow router descriptors with private IPs. */ - int DirAllowPrivateAddresses; - /** Whether routers accept EXTEND cells to routers with private IPs. */ - int ExtendAllowPrivateAddresses; - char *User; /**< Name of user to run Tor as. */ - config_line_t *ORPort_lines; /**< Ports to listen on for OR connections. */ - /** Ports to listen on for extended OR connections. */ - config_line_t *ExtORPort_lines; - /** Ports to listen on for SOCKS connections. */ - config_line_t *SocksPort_lines; - /** Ports to listen on for transparent pf/netfilter connections. */ - config_line_t *TransPort_lines; - char *TransProxyType; /**< What kind of transparent proxy - * implementation are we using? */ - /** Parsed value of TransProxyType. */ - enum { - TPT_DEFAULT, - TPT_PF_DIVERT, - TPT_IPFW, - TPT_TPROXY, - } TransProxyType_parsed; - config_line_t *NATDPort_lines; /**< Ports to listen on for transparent natd - * connections. */ - /** Ports to listen on for HTTP Tunnel connections. */ - config_line_t *HTTPTunnelPort_lines; - config_line_t *ControlPort_lines; /**< Ports to listen on for control - * connections. */ - config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on - * for control connections. */ - - int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */ - int UnixSocksGroupWritable; /**< Boolean: Are SOCKS Unix sockets g+rw? */ - /** Ports to listen on for directory connections. */ - config_line_t *DirPort_lines; - config_line_t *DNSPort_lines; /**< Ports to listen on for DNS requests. */ - - /* MaxMemInQueues value as input by the user. We clean this up to be - * MaxMemInQueues. */ - uint64_t MaxMemInQueues_raw; - uint64_t MaxMemInQueues;/**< If we have more memory than this allocated - * for queues and buffers, run the OOM handler */ - /** Above this value, consider ourselves low on RAM. */ - uint64_t MaxMemInQueues_low_threshold; - - /** @name port booleans - * - * Derived booleans: For server ports and ControlPort, true iff there is a - * non-listener port on an AF_INET or AF_INET6 address of the given type - * configured in one of the _lines options above. - * For client ports, also true if there is a unix socket configured. - * If you are checking for client ports, you may want to use: - * SocksPort_set || TransPort_set || NATDPort_set || DNSPort_set || - * HTTPTunnelPort_set - * rather than SocksPort_set. - * - * @{ - */ - unsigned int ORPort_set : 1; - unsigned int SocksPort_set : 1; - unsigned int TransPort_set : 1; - unsigned int NATDPort_set : 1; - unsigned int ControlPort_set : 1; - unsigned int DirPort_set : 1; - unsigned int DNSPort_set : 1; - unsigned int ExtORPort_set : 1; - unsigned int HTTPTunnelPort_set : 1; - /**@}*/ - - int AssumeReachable; /**< Whether to publish our descriptor regardless. */ - int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */ - int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory - * for version 3 directories? */ - int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative - * directory that's willing to recommend - * versions? */ - int BridgeAuthoritativeDir; /**< Boolean: is this an authoritative directory - * that aggregates bridge descriptors? */ - - /** If set on a bridge relay, it will include this value on a new - * "bridge-distribution-request" line in its bridge descriptor. */ - char *BridgeDistribution; - - /** If set on a bridge authority, it will answer requests on its dirport - * for bridge statuses -- but only if the requests use this password. */ - char *BridgePassword; - /** If BridgePassword is set, this is a SHA256 digest of the basic http - * authenticator for it. Used so we can do a time-independent comparison. */ - char *BridgePassword_AuthDigest_; - - int UseBridges; /**< Boolean: should we start all circuits with a bridge? */ - config_line_t *Bridges; /**< List of bootstrap bridge addresses. */ - - config_line_t *ClientTransportPlugin; /**< List of client - transport plugins. */ - - config_line_t *ServerTransportPlugin; /**< List of client - transport plugins. */ - - /** List of TCP/IP addresses that transports should listen at. */ - config_line_t *ServerTransportListenAddr; - - /** List of options that must be passed to pluggable transports. */ - config_line_t *ServerTransportOptions; - - int BridgeRelay; /**< Boolean: are we acting as a bridge relay? We make - * this explicit so we can change how we behave in the - * future. */ - - /** Boolean: if we know the bridge's digest, should we get new - * descriptors from the bridge authorities or from the bridge itself? */ - int UpdateBridgesFromAuthority; - - int AvoidDiskWrites; /**< Boolean: should we never cache things to disk? - * Not used yet. */ - int ClientOnly; /**< Boolean: should we never evolve into a server role? */ - - int ReducedConnectionPadding; /**< Boolean: Should we try to keep connections - open shorter and pad them less against - connection-level traffic analysis? */ - /** Autobool: if auto, then connection padding will be negotiated by client - * and server. If 0, it will be fully disabled. If 1, the client will still - * pad to the server regardless of server support. */ - int ConnectionPadding; - - /** To what authority types do we publish our descriptor? Choices are - * "v1", "v2", "v3", "bridge", or "". */ - smartlist_t *PublishServerDescriptor; - /** A bitfield of authority types, derived from PublishServerDescriptor. */ - dirinfo_type_t PublishServerDescriptor_; - /** Boolean: do we publish hidden service descriptors to the HS auths? */ - int PublishHidServDescriptors; - int FetchServerDescriptors; /**< Do we fetch server descriptors as normal? */ - int FetchHidServDescriptors; /**< and hidden service descriptors? */ - - int MinUptimeHidServDirectoryV2; /**< As directory authority, accept hidden - * service directories after what time? */ - - int FetchUselessDescriptors; /**< Do we fetch non-running descriptors too? */ - int AllDirActionsPrivate; /**< Should every directory action be sent - * through a Tor circuit? */ - - /** Run in 'tor2web mode'? (I.e. only make client connections to hidden - * services, and use a single hop for all hidden-service-related - * circuits.) */ - int Tor2webMode; - - /** A routerset that should be used when picking RPs for HS circuits. */ - routerset_t *Tor2webRendezvousPoints; - - /** A routerset that should be used when picking middle nodes for HS - * circuits. */ - routerset_t *HSLayer2Nodes; - - /** A routerset that should be used when picking third-hop nodes for HS - * circuits. */ - routerset_t *HSLayer3Nodes; - - /** Onion Services in HiddenServiceSingleHopMode make one-hop (direct) - * circuits between the onion service server, and the introduction and - * rendezvous points. (Onion service descriptors are still posted using - * 3-hop paths, to avoid onion service directories blocking the service.) - * This option makes every hidden service instance hosted by - * this tor instance a Single Onion Service. - * HiddenServiceSingleHopMode requires HiddenServiceNonAnonymousMode to be - * set to 1. - * Use rend_service_allow_non_anonymous_connection() or - * rend_service_reveal_startup_time() instead of using this option directly. - */ - int HiddenServiceSingleHopMode; - /* Makes hidden service clients and servers non-anonymous on this tor - * instance. Allows the non-anonymous HiddenServiceSingleHopMode. Enables - * non-anonymous behaviour in the hidden service protocol. - * Use rend_service_non_anonymous_mode_enabled() instead of using this option - * directly. - */ - int HiddenServiceNonAnonymousMode; - - int ConnLimit; /**< Demanded minimum number of simultaneous connections. */ - int ConnLimit_; /**< Maximum allowed number of simultaneous connections. */ - int ConnLimit_high_thresh; /**< start trying to lower socket usage if we - * have this many. */ - int ConnLimit_low_thresh; /**< try to get down to here after socket - * exhaustion. */ - int RunAsDaemon; /**< If true, run in the background. (Unix only) */ - int FascistFirewall; /**< Whether to prefer ORs reachable on open ports. */ - smartlist_t *FirewallPorts; /**< Which ports our firewall allows - * (strings). */ - config_line_t *ReachableAddresses; /**< IP:ports our firewall allows. */ - config_line_t *ReachableORAddresses; /**< IP:ports for OR conns. */ - config_line_t *ReachableDirAddresses; /**< IP:ports for Dir conns. */ - - int ConstrainedSockets; /**< Shrink xmit and recv socket buffers. */ - uint64_t ConstrainedSockSize; /**< Size of constrained buffers. */ - - /** Whether we should drop exit streams from Tors that we don't know are - * relays. One of "0" (never refuse), "1" (always refuse), or "-1" (do - * what the consensus says, defaulting to 'refuse' if the consensus says - * nothing). */ - int RefuseUnknownExits; - - /** Application ports that require all nodes in circ to have sufficient - * uptime. */ - smartlist_t *LongLivedPorts; - /** Application ports that are likely to be unencrypted and - * unauthenticated; we reject requests for them to prevent the - * user from screwing up and leaking plaintext secrets to an - * observer somewhere on the Internet. */ - smartlist_t *RejectPlaintextPorts; - /** Related to RejectPlaintextPorts above, except this config option - * controls whether we warn (in the log and via a controller status - * event) every time a risky connection is attempted. */ - smartlist_t *WarnPlaintextPorts; - /** Should we try to reuse the same exit node for a given host */ - smartlist_t *TrackHostExits; - int TrackHostExitsExpire; /**< Number of seconds until we expire an - * addressmap */ - config_line_t *AddressMap; /**< List of address map directives. */ - int AutomapHostsOnResolve; /**< If true, when we get a resolve request for a - * hostname ending with one of the suffixes in - * <b>AutomapHostsSuffixes</b>, map it to a - * virtual address. */ - /** List of suffixes for <b>AutomapHostsOnResolve</b>. The special value - * "." means "match everything." */ - smartlist_t *AutomapHostsSuffixes; - int RendPostPeriod; /**< How often do we post each rendezvous service - * descriptor? Remember to publish them independently. */ - int KeepalivePeriod; /**< How often do we send padding cells to keep - * connections alive? */ - int SocksTimeout; /**< How long do we let a socks connection wait - * unattached before we fail it? */ - int LearnCircuitBuildTimeout; /**< If non-zero, we attempt to learn a value - * for CircuitBuildTimeout based on timeout - * history. Use circuit_build_times_disabled() - * rather than checking this value directly. */ - int CircuitBuildTimeout; /**< Cull non-open circuits that were born at - * least this many seconds ago. Used until - * adaptive algorithm learns a new value. */ - int CircuitsAvailableTimeout; /**< Try to have an open circuit for at - least this long after last activity */ - int CircuitStreamTimeout; /**< If non-zero, detach streams from circuits - * and try a new circuit if the stream has been - * waiting for this many seconds. If zero, use - * our default internal timeout schedule. */ - int MaxOnionQueueDelay; /*< DOCDOC */ - int NewCircuitPeriod; /**< How long do we use a circuit before building - * a new one? */ - int MaxCircuitDirtiness; /**< Never use circs that were first used more than - this interval ago. */ - uint64_t BandwidthRate; /**< How much bandwidth, on average, are we willing - * to use in a second? */ - uint64_t BandwidthBurst; /**< How much bandwidth, at maximum, are we willing - * to use in a second? */ - uint64_t MaxAdvertisedBandwidth; /**< How much bandwidth are we willing to - * tell other nodes we have? */ - uint64_t RelayBandwidthRate; /**< How much bandwidth, on average, are we - * willing to use for all relayed conns? */ - uint64_t RelayBandwidthBurst; /**< How much bandwidth, at maximum, will we - * use in a second for all relayed conns? */ - uint64_t PerConnBWRate; /**< Long-term bw on a single TLS conn, if set. */ - uint64_t PerConnBWBurst; /**< Allowed burst on a single TLS conn, if set. */ - int NumCPUs; /**< How many CPUs should we try to use? */ - config_line_t *RendConfigLines; /**< List of configuration lines - * for rendezvous services. */ - config_line_t *HidServAuth; /**< List of configuration lines for client-side - * authorizations for hidden services */ - char *ContactInfo; /**< Contact info to be published in the directory. */ - - int HeartbeatPeriod; /**< Log heartbeat messages after this many seconds - * have passed. */ - int MainloopStats; /**< Log main loop statistics as part of the - * heartbeat messages. */ - - char *HTTPProxy; /**< hostname[:port] to use as http proxy, if any. */ - tor_addr_t HTTPProxyAddr; /**< Parsed IPv4 addr for http proxy, if any. */ - uint16_t HTTPProxyPort; /**< Parsed port for http proxy, if any. */ - char *HTTPProxyAuthenticator; /**< username:password string, if any. */ - - char *HTTPSProxy; /**< hostname[:port] to use as https proxy, if any. */ - tor_addr_t HTTPSProxyAddr; /**< Parsed addr for https proxy, if any. */ - uint16_t HTTPSProxyPort; /**< Parsed port for https proxy, if any. */ - char *HTTPSProxyAuthenticator; /**< username:password string, if any. */ - - char *Socks4Proxy; /**< hostname:port to use as a SOCKS4 proxy, if any. */ - tor_addr_t Socks4ProxyAddr; /**< Derived from Socks4Proxy. */ - uint16_t Socks4ProxyPort; /**< Derived from Socks4Proxy. */ - - char *Socks5Proxy; /**< hostname:port to use as a SOCKS5 proxy, if any. */ - tor_addr_t Socks5ProxyAddr; /**< Derived from Sock5Proxy. */ - uint16_t Socks5ProxyPort; /**< Derived from Socks5Proxy. */ - char *Socks5ProxyUsername; /**< Username for SOCKS5 authentication, if any */ - char *Socks5ProxyPassword; /**< Password for SOCKS5 authentication, if any */ - - /** List of configuration lines for replacement directory authorities. - * If you just want to replace one class of authority at a time, - * use the "Alternate*Authority" options below instead. */ - config_line_t *DirAuthorities; - - /** List of fallback directory servers */ - config_line_t *FallbackDir; - /** Whether to use the default hard-coded FallbackDirs */ - int UseDefaultFallbackDirs; - - /** Weight to apply to all directory authority rates if considering them - * along with fallbackdirs */ - double DirAuthorityFallbackRate; - - /** If set, use these main (currently v3) directory authorities and - * not the default ones. */ - config_line_t *AlternateDirAuthority; - - /** If set, use these bridge authorities and not the default one. */ - config_line_t *AlternateBridgeAuthority; - - config_line_t *MyFamily_lines; /**< Declared family for this OR. */ - config_line_t *MyFamily; /**< Declared family for this OR, normalized */ - config_line_t *NodeFamilies; /**< List of config lines for - * node families */ - smartlist_t *NodeFamilySets; /**< List of parsed NodeFamilies values. */ - config_line_t *AuthDirBadExit; /**< Address policy for descriptors to - * mark as bad exits. */ - config_line_t *AuthDirReject; /**< Address policy for descriptors to - * reject. */ - config_line_t *AuthDirInvalid; /**< Address policy for descriptors to - * never mark as valid. */ - /** @name AuthDir...CC - * - * Lists of country codes to mark as BadExit, or Invalid, or to - * reject entirely. - * - * @{ - */ - smartlist_t *AuthDirBadExitCCs; - smartlist_t *AuthDirInvalidCCs; - smartlist_t *AuthDirRejectCCs; - /**@}*/ - - int AuthDirListBadExits; /**< True iff we should list bad exits, - * and vote for all other exits as good. */ - int AuthDirMaxServersPerAddr; /**< Do not permit more than this - * number of servers per IP address. */ - int AuthDirHasIPv6Connectivity; /**< Boolean: are we on IPv6? */ - int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */ - - /** If non-zero, always vote the Fast flag for any relay advertising - * this amount of capacity or more. */ - uint64_t AuthDirFastGuarantee; - - /** If non-zero, this advertised capacity or more is always sufficient - * to satisfy the bandwidth requirement for the Guard flag. */ - uint64_t AuthDirGuardBWGuarantee; - - char *AccountingStart; /**< How long is the accounting interval, and when - * does it start? */ - uint64_t AccountingMax; /**< How many bytes do we allow per accounting - * interval before hibernation? 0 for "never - * hibernate." */ - /** How do we determine when our AccountingMax has been reached? - * "max" for when in or out reaches AccountingMax - * "sum" for when in plus out reaches AccountingMax - * "in" for when in reaches AccountingMax - * "out" for when out reaches AccountingMax */ - char *AccountingRule_option; - enum { ACCT_MAX, ACCT_SUM, ACCT_IN, ACCT_OUT } AccountingRule; - - /** Base64-encoded hash of accepted passwords for the control system. */ - config_line_t *HashedControlPassword; - /** As HashedControlPassword, but not saved. */ - config_line_t *HashedControlSessionPassword; - - int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for - * the control system? */ - char *CookieAuthFile; /**< Filesystem location of a ControlPort - * authentication cookie. */ - char *ExtORPortCookieAuthFile; /**< Filesystem location of Extended - * ORPort authentication cookie. */ - int CookieAuthFileGroupReadable; /**< Boolean: Is the CookieAuthFile g+r? */ - int ExtORPortCookieAuthFileGroupReadable; /**< Boolean: Is the - * ExtORPortCookieAuthFile g+r? */ - int LeaveStreamsUnattached; /**< Boolean: Does Tor attach new streams to - * circuits itself (0), or does it expect a controller - * to cope? (1) */ - int DisablePredictedCircuits; /**< Boolean: does Tor preemptively - * make circuits in the background (0), - * or not (1)? */ - - /** Process specifier for a controller that ‘owns’ this Tor - * instance. Tor will terminate if its owning controller does. */ - char *OwningControllerProcess; - /** FD specifier for a controller that owns this Tor instance. */ - int OwningControllerFD; - - int ShutdownWaitLength; /**< When we get a SIGINT and we're a server, how - * long do we wait before exiting? */ - char *SafeLogging; /**< Contains "relay", "1", "0" (meaning no scrubbing). */ - - /* Derived from SafeLogging */ - enum { - SAFELOG_SCRUB_ALL, SAFELOG_SCRUB_RELAY, SAFELOG_SCRUB_NONE - } SafeLogging_; - - int Sandbox; /**< Boolean: should sandboxing be enabled? */ - int SafeSocks; /**< Boolean: should we outright refuse application - * connections that use socks4 or socks5-with-local-dns? */ - int ProtocolWarnings; /**< Boolean: when other parties screw up the Tor - * protocol, is it a warn or an info in our logs? */ - int TestSocks; /**< Boolean: when we get a socks connection, do we loudly - * log whether it was DNS-leaking or not? */ - int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware - * acceleration where available? */ - /** Token Bucket Refill resolution in milliseconds. */ - int TokenBucketRefillInterval; - char *AccelName; /**< Optional hardware acceleration engine name. */ - char *AccelDir; /**< Optional hardware acceleration engine search dir. */ - - /** Boolean: Do we try to enter from a smallish number - * of fixed nodes? */ - int UseEntryGuards_option; - /** Internal variable to remember whether we're actually acting on - * UseEntryGuards_option -- when we're a non-anonymous Tor2web client or - * Single Onion Service, it is always false, otherwise we use the value of - * UseEntryGuards_option. */ - int UseEntryGuards; - - int NumEntryGuards; /**< How many entry guards do we try to establish? */ - - /** If 1, we use any guardfraction information we see in the - * consensus. If 0, we don't. If -1, let the consensus parameter - * decide. */ - int UseGuardFraction; - - int NumDirectoryGuards; /**< How many dir guards do we try to establish? - * If 0, use value from NumEntryGuards. */ - int NumPrimaryGuards; /**< How many primary guards do we want? */ - - int RephistTrackTime; /**< How many seconds do we keep rephist info? */ - /** Should we always fetch our dir info on the mirror schedule (which - * means directly from the authorities) no matter our other config? */ - int FetchDirInfoEarly; - - /** Should we fetch our dir info at the start of the consensus period? */ - int FetchDirInfoExtraEarly; - - int DirCache; /**< Cache all directory documents and accept requests via - * tunnelled dir conns from clients. If 1, enabled (default); - * If 0, disabled. */ - - char *VirtualAddrNetworkIPv4; /**< Address and mask to hand out for virtual - * MAPADDRESS requests for IPv4 addresses */ - char *VirtualAddrNetworkIPv6; /**< Address and mask to hand out for virtual - * MAPADDRESS requests for IPv6 addresses */ - int ServerDNSSearchDomains; /**< Boolean: If set, we don't force exit - * addresses to be FQDNs, but rather search for them in - * the local domains. */ - int ServerDNSDetectHijacking; /**< Boolean: If true, check for DNS failure - * hijacking. */ - int ServerDNSRandomizeCase; /**< Boolean: Use the 0x20-hack to prevent - * DNS poisoning attacks. */ - char *ServerDNSResolvConfFile; /**< If provided, we configure our internal - * resolver from the file here rather than from - * /etc/resolv.conf (Unix) or the registry (Windows). */ - char *DirPortFrontPage; /**< This is a full path to a file with an html - disclaimer. This allows a server administrator to show - that they're running Tor and anyone visiting their server - will know this without any specialized knowledge. */ - int DisableDebuggerAttachment; /**< Currently Linux only specific attempt to - disable ptrace; needs BSD testing. */ - /** Boolean: if set, we start even if our resolv.conf file is missing - * or broken. */ - int ServerDNSAllowBrokenConfig; - /** Boolean: if set, then even connections to private addresses will get - * rate-limited. */ - int CountPrivateBandwidth; - smartlist_t *ServerDNSTestAddresses; /**< A list of addresses that definitely - * should be resolvable. Used for - * testing our DNS server. */ - int EnforceDistinctSubnets; /**< If true, don't allow multiple routers in the - * same network zone in the same circuit. */ - int AllowNonRFC953Hostnames; /**< If true, we allow connections to hostnames - * with weird characters. */ - /** If true, we try resolving hostnames with weird characters. */ - int ServerDNSAllowNonRFC953Hostnames; - - /** If true, we try to download extra-info documents (and we serve them, - * if we are a cache). For authorities, this is always true. */ - int DownloadExtraInfo; - - /** If true, we're configured to collect statistics on clients - * requesting network statuses from us as directory. */ - int DirReqStatistics_option; - /** Internal variable to remember whether we're actually acting on - * DirReqStatistics_option -- yes if it's set and we're a server, else no. */ - int DirReqStatistics; - - /** If true, the user wants us to collect statistics on port usage. */ - int ExitPortStatistics; - - /** If true, the user wants us to collect connection statistics. */ - int ConnDirectionStatistics; - - /** If true, the user wants us to collect cell statistics. */ - int CellStatistics; - - /** If true, the user wants us to collect padding statistics. */ - int PaddingStatistics; - - /** If true, the user wants us to collect statistics as entry node. */ - int EntryStatistics; - - /** If true, the user wants us to collect statistics as hidden service - * directory, introduction point, or rendezvous point. */ - int HiddenServiceStatistics_option; - /** Internal variable to remember whether we're actually acting on - * HiddenServiceStatistics_option -- yes if it's set and we're a server, - * else no. */ - int HiddenServiceStatistics; - - /** If true, include statistics file contents in extra-info documents. */ - int ExtraInfoStatistics; - - /** If true, do not believe anybody who tells us that a domain resolves - * to an internal address, or that an internal address has a PTR mapping. - * Helps avoid some cross-site attacks. */ - int ClientDNSRejectInternalAddresses; - - /** If true, do not accept any requests to connect to internal addresses - * over randomly chosen exits. */ - int ClientRejectInternalAddresses; - - /** If true, clients may connect over IPv4. If false, they will avoid - * connecting over IPv4. We enforce this for OR and Dir connections. */ - int ClientUseIPv4; - /** If true, clients may connect over IPv6. If false, they will avoid - * connecting over IPv4. We enforce this for OR and Dir connections. - * Use fascist_firewall_use_ipv6() instead of accessing this value - * directly. */ - int ClientUseIPv6; - /** If true, prefer an IPv6 OR port over an IPv4 one for entry node - * connections. If auto, bridge clients prefer IPv6, and other clients - * prefer IPv4. Use node_ipv6_or_preferred() instead of accessing this value - * directly. */ - int ClientPreferIPv6ORPort; - /** If true, prefer an IPv6 directory port over an IPv4 one for direct - * directory connections. If auto, bridge clients prefer IPv6, and other - * clients prefer IPv4. Use fascist_firewall_prefer_ipv6_dirport() instead of - * accessing this value directly. */ - int ClientPreferIPv6DirPort; - - /** The length of time that we think a consensus should be fresh. */ - int V3AuthVotingInterval; - /** The length of time we think it will take to distribute votes. */ - int V3AuthVoteDelay; - /** The length of time we think it will take to distribute signatures. */ - int V3AuthDistDelay; - /** The number of intervals we think a consensus should be valid. */ - int V3AuthNIntervalsValid; - - /** Should advertise and sign consensuses with a legacy key, for key - * migration purposes? */ - int V3AuthUseLegacyKey; - - /** Location of bandwidth measurement file */ - char *V3BandwidthsFile; - - /** Location of guardfraction file */ - char *GuardfractionFile; - - /** Authority only: key=value pairs that we add to our networkstatus - * consensus vote on the 'params' line. */ - char *ConsensusParams; - - /** Authority only: minimum number of measured bandwidths we must see - * before we only believe measured bandwidths to assign flags. */ - int MinMeasuredBWsForAuthToIgnoreAdvertised; - - /** The length of time that we think an initial consensus should be fresh. - * Only altered on testing networks. */ - int TestingV3AuthInitialVotingInterval; - - /** The length of time we think it will take to distribute initial votes. - * Only altered on testing networks. */ - int TestingV3AuthInitialVoteDelay; - - /** The length of time we think it will take to distribute initial - * signatures. Only altered on testing networks.*/ - int TestingV3AuthInitialDistDelay; - - /** Offset in seconds added to the starting time for consensus - voting. Only altered on testing networks. */ - int TestingV3AuthVotingStartOffset; - - /** If an authority has been around for less than this amount of time, it - * does not believe its reachability information is accurate. Only - * altered on testing networks. */ - int TestingAuthDirTimeToLearnReachability; - - /** Clients don't download any descriptor this recent, since it will - * probably not have propagated to enough caches. Only altered on testing - * networks. */ - int TestingEstimatedDescriptorPropagationTime; - - /** Schedule for when servers should download things in general. Only - * altered on testing networks. */ - int TestingServerDownloadInitialDelay; - - /** Schedule for when clients should download things in general. Only - * altered on testing networks. */ - int TestingClientDownloadInitialDelay; - - /** Schedule for when servers should download consensuses. Only altered - * on testing networks. */ - int TestingServerConsensusDownloadInitialDelay; - - /** Schedule for when clients should download consensuses. Only altered - * on testing networks. */ - int TestingClientConsensusDownloadInitialDelay; - - /** Schedule for when clients should download consensuses from authorities - * if they are bootstrapping (that is, they don't have a usable, reasonably - * live consensus). Only used by clients fetching from a list of fallback - * directory mirrors. - * - * This schedule is incremented by (potentially concurrent) connection - * attempts, unlike other schedules, which are incremented by connection - * failures. Only altered on testing networks. */ - int ClientBootstrapConsensusAuthorityDownloadInitialDelay; - - /** Schedule for when clients should download consensuses from fallback - * directory mirrors if they are bootstrapping (that is, they don't have a - * usable, reasonably live consensus). Only used by clients fetching from a - * list of fallback directory mirrors. - * - * This schedule is incremented by (potentially concurrent) connection - * attempts, unlike other schedules, which are incremented by connection - * failures. Only altered on testing networks. */ - int ClientBootstrapConsensusFallbackDownloadInitialDelay; - - /** Schedule for when clients should download consensuses from authorities - * if they are bootstrapping (that is, they don't have a usable, reasonably - * live consensus). Only used by clients which don't have or won't fetch - * from a list of fallback directory mirrors. - * - * This schedule is incremented by (potentially concurrent) connection - * attempts, unlike other schedules, which are incremented by connection - * failures. Only altered on testing networks. */ - int ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay; - - /** Schedule for when clients should download bridge descriptors. Only - * altered on testing networks. */ - int TestingBridgeDownloadInitialDelay; - - /** Schedule for when clients should download bridge descriptors when they - * have no running bridges. Only altered on testing networks. */ - int TestingBridgeBootstrapDownloadInitialDelay; - - /** When directory clients have only a few descriptors to request, they - * batch them until they have more, or until this amount of time has - * passed. Only altered on testing networks. */ - int TestingClientMaxIntervalWithoutRequest; - - /** How long do we let a directory connection stall before expiring - * it? Only altered on testing networks. */ - int TestingDirConnectionMaxStall; - - /** How many simultaneous in-progress connections will we make when trying - * to fetch a consensus before we wait for one to complete, timeout, or - * error out? Only altered on testing networks. */ - int ClientBootstrapConsensusMaxInProgressTries; - - /** If true, we take part in a testing network. Change the defaults of a - * couple of other configuration options and allow to change the values - * of certain configuration options. */ - int TestingTorNetwork; - - /** Minimum value for the Exit flag threshold on testing networks. */ - uint64_t TestingMinExitFlagThreshold; - - /** Minimum value for the Fast flag threshold on testing networks. */ - uint64_t TestingMinFastFlagThreshold; - - /** Relays in a testing network which should be voted Exit - * regardless of exit policy. */ - routerset_t *TestingDirAuthVoteExit; - int TestingDirAuthVoteExitIsStrict; - - /** Relays in a testing network which should be voted Guard - * regardless of uptime and bandwidth. */ - routerset_t *TestingDirAuthVoteGuard; - int TestingDirAuthVoteGuardIsStrict; - - /** Relays in a testing network which should be voted HSDir - * regardless of uptime and DirPort. */ - routerset_t *TestingDirAuthVoteHSDir; - int TestingDirAuthVoteHSDirIsStrict; - - /** Enable CONN_BW events. Only altered on testing networks. */ - int TestingEnableConnBwEvent; - - /** Enable CELL_STATS events. Only altered on testing networks. */ - int TestingEnableCellStatsEvent; - - /** If true, and we have GeoIP data, and we're a bridge, keep a per-country - * count of how many client addresses have contacted us so that we can help - * the bridge authority guess which countries have blocked access to us. */ - int BridgeRecordUsageByCountry; - - /** Optionally, IPv4 and IPv6 GeoIP data. */ - char *GeoIPFile; - char *GeoIPv6File; - - /** Autobool: if auto, then any attempt to Exclude{Exit,}Nodes a particular - * country code will exclude all nodes in ?? and A1. If true, all nodes in - * ?? and A1 are excluded. Has no effect if we don't know any GeoIP data. */ - int GeoIPExcludeUnknown; - - /** If true, SIGHUP should reload the torrc. Sometimes controllers want - * to make this false. */ - int ReloadTorrcOnSIGHUP; - - /* The main parameter for picking circuits within a connection. - * - * If this value is positive, when picking a cell to relay on a connection, - * we always relay from the circuit whose weighted cell count is lowest. - * Cells are weighted exponentially such that if one cell is sent - * 'CircuitPriorityHalflife' seconds before another, it counts for half as - * much. - * - * If this value is zero, we're disabling the cell-EWMA algorithm. - * - * If this value is negative, we're using the default approach - * according to either Tor or a parameter set in the consensus. - */ - double CircuitPriorityHalflife; - - /** Set to true if the TestingTorNetwork configuration option is set. - * This is used so that options_validate() has a chance to realize that - * the defaults have changed. */ - int UsingTestNetworkDefaults_; - - /** If 1, we try to use microdescriptors to build circuits. If 0, we don't. - * If -1, Tor decides. */ - int UseMicrodescriptors; - - /** File where we should write the ControlPort. */ - char *ControlPortWriteToFile; - /** Should that file be group-readable? */ - int ControlPortFileGroupReadable; - -#define MAX_MAX_CLIENT_CIRCUITS_PENDING 1024 - /** Maximum number of non-open general-purpose origin circuits to allow at - * once. */ - int MaxClientCircuitsPending; - - /** If 1, we always send optimistic data when it's supported. If 0, we - * never use it. If -1, we do what the consensus says. */ - int OptimisticData; - - /** If 1, we accept and launch no external network connections, except on - * control ports. */ - int DisableNetwork; - - /** - * Parameters for path-bias detection. - * @{ - * These options override the default behavior of Tor's (**currently - * experimental**) path bias detection algorithm. To try to find broken or - * misbehaving guard nodes, Tor looks for nodes where more than a certain - * fraction of circuits through that guard fail to get built. - * - * The PathBiasCircThreshold option controls how many circuits we need to - * build through a guard before we make these checks. The - * PathBiasNoticeRate, PathBiasWarnRate and PathBiasExtremeRate options - * control what fraction of circuits must succeed through a guard so we - * won't write log messages. If less than PathBiasExtremeRate circuits - * succeed *and* PathBiasDropGuards is set to 1, we disable use of that - * guard. - * - * When we have seen more than PathBiasScaleThreshold circuits through a - * guard, we scale our observations by 0.5 (governed by the consensus) so - * that new observations don't get swamped by old ones. - * - * By default, or if a negative value is provided for one of these options, - * Tor uses reasonable defaults from the networkstatus consensus document. - * If no defaults are available there, these options default to 150, .70, - * .50, .30, 0, and 300 respectively. - */ - int PathBiasCircThreshold; - double PathBiasNoticeRate; - double PathBiasWarnRate; - double PathBiasExtremeRate; - int PathBiasDropGuards; - int PathBiasScaleThreshold; - /** @} */ - - /** - * Parameters for path-bias use detection - * @{ - * Similar to the above options, these options override the default behavior - * of Tor's (**currently experimental**) path use bias detection algorithm. - * - * Where as the path bias parameters govern thresholds for successfully - * building circuits, these four path use bias parameters govern thresholds - * only for circuit usage. Circuits which receive no stream usage are not - * counted by this detection algorithm. A used circuit is considered - * successful if it is capable of carrying streams or otherwise receiving - * well-formed responses to RELAY cells. - * - * By default, or if a negative value is provided for one of these options, - * Tor uses reasonable defaults from the networkstatus consensus document. - * If no defaults are available there, these options default to 20, .80, - * .60, and 100, respectively. - */ - int PathBiasUseThreshold; - double PathBiasNoticeUseRate; - double PathBiasExtremeUseRate; - int PathBiasScaleUseThreshold; - /** @} */ - - int IPv6Exit; /**< Do we support exiting to IPv6 addresses? */ - - /** Fraction: */ - double PathsNeededToBuildCircuits; - - /** What expiry time shall we place on our SSL certs? "0" means we - * should guess a suitable value. */ - int SSLKeyLifetime; - - /** How long (seconds) do we keep a guard before picking a new one? */ - int GuardLifetime; - - /** Is this an exit node? This is a tristate, where "1" means "yes, and use - * the default exit policy if none is given" and "0" means "no; exit policy - * is 'reject *'" and "auto" (-1) means "same as 1, but warn the user." - * - * XXXX Eventually, the default will be 0. */ - int ExitRelay; - - /** For how long (seconds) do we declare our signing keys to be valid? */ - int SigningKeyLifetime; - /** For how long (seconds) do we declare our link keys to be valid? */ - int TestingLinkCertLifetime; - /** For how long (seconds) do we declare our auth keys to be valid? */ - int TestingAuthKeyLifetime; - - /** How long before signing keys expire will we try to make a new one? */ - int TestingSigningKeySlop; - /** How long before link keys expire will we try to make a new one? */ - int TestingLinkKeySlop; - /** How long before auth keys expire will we try to make a new one? */ - int TestingAuthKeySlop; - - /** Force use of offline master key features: never generate a master - * ed25519 identity key except from tor --keygen */ - int OfflineMasterKey; - - enum { - FORCE_PASSPHRASE_AUTO=0, - FORCE_PASSPHRASE_ON, - FORCE_PASSPHRASE_OFF - } keygen_force_passphrase; - int use_keygen_passphrase_fd; - int keygen_passphrase_fd; - int change_key_passphrase; - char *master_key_fname; - - /** Autobool: Do we try to retain capabilities if we can? */ - int KeepBindCapabilities; - - /** Maximum total size of unparseable descriptors to log during the - * lifetime of this Tor process. - */ - uint64_t MaxUnparseableDescSizeToLog; - - /** Bool (default: 1): Switch for the shared random protocol. Only - * relevant to a directory authority. If off, the authority won't - * participate in the protocol. If on (default), a flag is added to the - * vote indicating participation. */ - int AuthDirSharedRandomness; - - /** If 1, we skip all OOS checks. */ - int DisableOOSCheck; - - /** Autobool: Should we include Ed25519 identities in extend2 cells? - * If -1, we should do whatever the consensus parameter says. */ - int ExtendByEd25519ID; - - /** Bool (default: 1): When testing routerinfos as a directory authority, - * do we enforce Ed25519 identity match? */ - /* NOTE: remove this option someday. */ - int AuthDirTestEd25519LinkKeys; - - /** Bool (default: 0): Tells if a %include was used on torrc */ - int IncludeUsed; - - /** The seconds after expiration which we as a relay should keep old - * consensuses around so that we can generate diffs from them. If 0, - * use the default. */ - int MaxConsensusAgeForDiffs; - - /** Bool (default: 0). Tells Tor to never try to exec another program. - */ - int NoExec; - - /** Have the KIST scheduler run every X milliseconds. If less than zero, do - * not use the KIST scheduler but use the old vanilla scheduler instead. If - * zero, do what the consensus says and fall back to using KIST as if this is - * set to "10 msec" if the consensus doesn't say anything. */ - int KISTSchedRunInterval; - - /** A multiplier for the KIST per-socket limit calculation. */ - double KISTSockBufSizeFactor; - - /** The list of scheduler type string ordered by priority that is first one - * has to be tried first. Default: KIST,KISTLite,Vanilla */ - smartlist_t *Schedulers; - /* An ordered list of scheduler_types mapped from Schedulers. */ - smartlist_t *SchedulerTypes_; - - /** List of files that were opened by %include in torrc and torrc-defaults */ - smartlist_t *FilesOpenedByIncludes; - - /** If true, Tor shouldn't install any posix signal handlers, since it is - * running embedded inside another process. - */ - int DisableSignalHandlers; - - /** Autobool: Is the circuit creation DoS mitigation subsystem enabled? */ - int DoSCircuitCreationEnabled; - /** Minimum concurrent connection needed from one single address before any - * defense is used. */ - int DoSCircuitCreationMinConnections; - /** Circuit rate used to refill the token bucket. */ - int DoSCircuitCreationRate; - /** Maximum allowed burst of circuits. Reaching that value, the address is - * detected as malicious and a defense might be used. */ - int DoSCircuitCreationBurst; - /** When an address is marked as malicous, what defense should be used - * against it. See the dos_cc_defense_type_t enum. */ - int DoSCircuitCreationDefenseType; - /** For how much time (in seconds) the defense is applicable for a malicious - * address. A random time delta is added to the defense time of an address - * which will be between 1 second and half of this value. */ - int DoSCircuitCreationDefenseTimePeriod; - - /** Autobool: Is the DoS connection mitigation subsystem enabled? */ - int DoSConnectionEnabled; - /** Maximum concurrent connection allowed per address. */ - int DoSConnectionMaxConcurrentCount; - /** When an address is reaches the maximum count, what defense should be - * used against it. See the dos_conn_defense_type_t enum. */ - int DoSConnectionDefenseType; - - /** Autobool: Do we refuse single hop client rendezvous? */ - int DoSRefuseSingleHopClientRendezvous; -} or_options_t; +typedef struct or_options_t or_options_t; #define LOG_PROTOCOL_WARN (get_protocol_warning_severity_level()) -/** Persistent state for an onion router, as saved to disk. */ -typedef struct { - uint32_t magic_; - /** The time at which we next plan to write the state to the disk. Equal to - * TIME_MAX if there are no savable changes, 0 if there are changes that - * should be saved right away. */ - time_t next_write; - - /** When was the state last written to disk? */ - time_t LastWritten; - - /** Fields for accounting bandwidth use. */ - time_t AccountingIntervalStart; - uint64_t AccountingBytesReadInInterval; - uint64_t AccountingBytesWrittenInInterval; - int AccountingSecondsActive; - int AccountingSecondsToReachSoftLimit; - time_t AccountingSoftLimitHitAt; - uint64_t AccountingBytesAtSoftLimit; - uint64_t AccountingExpectedUsage; - - /** A list of Entry Guard-related configuration lines. (pre-prop271) */ - config_line_t *EntryGuards; - - /** A list of guard-related configuration lines. (post-prop271) */ - config_line_t *Guard; - - config_line_t *TransportProxies; - - /** Cached revision counters for active hidden services on this host */ - config_line_t *HidServRevCounter; - - /** These fields hold information on the history of bandwidth usage for - * servers. The "Ends" fields hold the time when we last updated the - * bandwidth usage. The "Interval" fields hold the granularity, in seconds, - * of the entries of Values. The "Values" lists hold decimal string - * representations of the number of bytes read or written in each - * interval. The "Maxima" list holds decimal strings describing the highest - * rate achieved during the interval. - */ - time_t BWHistoryReadEnds; - int BWHistoryReadInterval; - smartlist_t *BWHistoryReadValues; - smartlist_t *BWHistoryReadMaxima; - time_t BWHistoryWriteEnds; - int BWHistoryWriteInterval; - smartlist_t *BWHistoryWriteValues; - smartlist_t *BWHistoryWriteMaxima; - time_t BWHistoryDirReadEnds; - int BWHistoryDirReadInterval; - smartlist_t *BWHistoryDirReadValues; - smartlist_t *BWHistoryDirReadMaxima; - time_t BWHistoryDirWriteEnds; - int BWHistoryDirWriteInterval; - smartlist_t *BWHistoryDirWriteValues; - smartlist_t *BWHistoryDirWriteMaxima; - - /** Build time histogram */ - config_line_t * BuildtimeHistogram; - int TotalBuildTimes; - int CircuitBuildAbandonedCount; - - /** What version of Tor wrote this state file? */ - char *TorVersion; - - /** Holds any unrecognized values we found in the state file, in the order - * in which we found them. */ - config_line_t *ExtraLines; - - /** When did we last rotate our onion key? "0" for 'no idea'. */ - time_t LastRotatedOnionKey; -} or_state_t; - -#define MAX_SOCKS_REPLY_LEN 1024 -#define MAX_SOCKS_ADDR_LEN 256 -#define SOCKS_NO_AUTH 0x00 -#define SOCKS_USER_PASS 0x02 - -/** Please open a TCP connection to this addr:port. */ -#define SOCKS_COMMAND_CONNECT 0x01 -/** Please turn this FQDN into an IP address, privately. */ -#define SOCKS_COMMAND_RESOLVE 0xF0 -/** Please turn this IP address into an FQDN, privately. */ -#define SOCKS_COMMAND_RESOLVE_PTR 0xF1 +typedef struct or_state_t or_state_t; -/* || 0 is for -Wparentheses-equality (-Wall?) appeasement under clang */ -#define SOCKS_COMMAND_IS_CONNECT(c) (((c)==SOCKS_COMMAND_CONNECT) || 0) -#define SOCKS_COMMAND_IS_RESOLVE(c) ((c)==SOCKS_COMMAND_RESOLVE || \ - (c)==SOCKS_COMMAND_RESOLVE_PTR) +#define MAX_SOCKS_ADDR_LEN 256 /********************************* circuitbuild.c **********************/ @@ -2849,105 +960,10 @@ typedef struct { #define BW_MIN_WEIGHT_SCALE 1 #define BW_MAX_WEIGHT_SCALE INT32_MAX -/** Total size of the circuit timeout history to accumulate. - * 1000 is approx 2.5 days worth of continual-use circuits. */ -#define CBT_NCIRCUITS_TO_OBSERVE 1000 - -/** Width of the histogram bins in milliseconds */ -#define CBT_BIN_WIDTH ((build_time_t)50) - -/** Number of modes to use in the weighted-avg computation of Xm */ -#define CBT_DEFAULT_NUM_XM_MODES 3 -#define CBT_MIN_NUM_XM_MODES 1 -#define CBT_MAX_NUM_XM_MODES 20 - -/** A build_time_t is milliseconds */ -typedef uint32_t build_time_t; - -/** - * CBT_BUILD_ABANDONED is our flag value to represent a force-closed - * circuit (Aka a 'right-censored' pareto value). - */ -#define CBT_BUILD_ABANDONED ((build_time_t)(INT32_MAX-1)) -#define CBT_BUILD_TIME_MAX ((build_time_t)(INT32_MAX)) - -/** Save state every 10 circuits */ -#define CBT_SAVE_STATE_EVERY 10 - -/* Circuit build times consensus parameters */ - -/** - * How long to wait before actually closing circuits that take too long to - * build in terms of CDF quantile. - */ -#define CBT_DEFAULT_CLOSE_QUANTILE 95 -#define CBT_MIN_CLOSE_QUANTILE CBT_MIN_QUANTILE_CUTOFF -#define CBT_MAX_CLOSE_QUANTILE CBT_MAX_QUANTILE_CUTOFF - -/** - * How many circuits count as recent when considering if the - * connection has gone gimpy or changed. - */ -#define CBT_DEFAULT_RECENT_CIRCUITS 20 -#define CBT_MIN_RECENT_CIRCUITS 3 -#define CBT_MAX_RECENT_CIRCUITS 1000 - -/** - * Maximum count of timeouts that finish the first hop in the past - * RECENT_CIRCUITS before calculating a new timeout. - * - * This tells us whether to abandon timeout history and set - * the timeout back to whatever circuit_build_times_get_initial_timeout() - * gives us. - */ -#define CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT (CBT_DEFAULT_RECENT_CIRCUITS*9/10) -#define CBT_MIN_MAX_RECENT_TIMEOUT_COUNT 3 -#define CBT_MAX_MAX_RECENT_TIMEOUT_COUNT 10000 - -/** Minimum circuits before estimating a timeout */ -#define CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE 100 -#define CBT_MIN_MIN_CIRCUITS_TO_OBSERVE 1 -#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE 10000 - -/** Cutoff percentile on the CDF for our timeout estimation. */ -#define CBT_DEFAULT_QUANTILE_CUTOFF 80 -#define CBT_MIN_QUANTILE_CUTOFF 10 -#define CBT_MAX_QUANTILE_CUTOFF 99 -double circuit_build_times_quantile_cutoff(void); - -/** How often in seconds should we build a test circuit */ -#define CBT_DEFAULT_TEST_FREQUENCY 10 -#define CBT_MIN_TEST_FREQUENCY 1 -#define CBT_MAX_TEST_FREQUENCY INT32_MAX - -/** Lowest allowable value for CircuitBuildTimeout in milliseconds */ -#define CBT_DEFAULT_TIMEOUT_MIN_VALUE (1500) -#define CBT_MIN_TIMEOUT_MIN_VALUE 500 -#define CBT_MAX_TIMEOUT_MIN_VALUE INT32_MAX - -/** Initial circuit build timeout in milliseconds */ -#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE (60*1000) -#define CBT_MIN_TIMEOUT_INITIAL_VALUE CBT_MIN_TIMEOUT_MIN_VALUE -#define CBT_MAX_TIMEOUT_INITIAL_VALUE INT32_MAX -int32_t circuit_build_times_initial_timeout(void); - -#if CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT < CBT_MIN_MAX_RECENT_TIMEOUT_COUNT -#error "RECENT_CIRCUITS is set too low." -#endif - typedef struct circuit_build_times_s circuit_build_times_t; /********************************* config.c ***************************/ -/** An error from options_trial_assign() or options_init_from_string(). */ -typedef enum setopt_err_t { - SETOPT_OK = 0, - SETOPT_ERR_MISC = -1, - SETOPT_ERR_PARSE = -2, - SETOPT_ERR_TRANSITION = -3, - SETOPT_ERR_SETTING = -4, -} setopt_err_t; - /********************************* connection_edge.c *************************/ /** Enumerates possible origins of a client-side address mapping. */ @@ -2974,227 +990,16 @@ typedef enum { } addressmap_entry_source_t; #define addressmap_entry_source_bitfield_t ENUM_BF(addressmap_entry_source_t) -/********************************* control.c ***************************/ - -/** Used to indicate the type of a circuit event passed to the controller. - * The various types are defined in control-spec.txt */ -typedef enum circuit_status_event_t { - CIRC_EVENT_LAUNCHED = 0, - CIRC_EVENT_BUILT = 1, - CIRC_EVENT_EXTENDED = 2, - CIRC_EVENT_FAILED = 3, - CIRC_EVENT_CLOSED = 4, -} circuit_status_event_t; - -/** Used to indicate the type of a CIRC_MINOR event passed to the controller. - * The various types are defined in control-spec.txt . */ -typedef enum circuit_status_minor_event_t { - CIRC_MINOR_EVENT_PURPOSE_CHANGED, - CIRC_MINOR_EVENT_CANNIBALIZED, -} circuit_status_minor_event_t; - -/** Used to indicate the type of a stream event passed to the controller. - * The various types are defined in control-spec.txt */ -typedef enum stream_status_event_t { - STREAM_EVENT_SENT_CONNECT = 0, - STREAM_EVENT_SENT_RESOLVE = 1, - STREAM_EVENT_SUCCEEDED = 2, - STREAM_EVENT_FAILED = 3, - STREAM_EVENT_CLOSED = 4, - STREAM_EVENT_NEW = 5, - STREAM_EVENT_NEW_RESOLVE = 6, - STREAM_EVENT_FAILED_RETRIABLE = 7, - STREAM_EVENT_REMAP = 8 -} stream_status_event_t; - -/** Used to indicate the type of an OR connection event passed to the - * controller. The various types are defined in control-spec.txt */ -typedef enum or_conn_status_event_t { - OR_CONN_EVENT_LAUNCHED = 0, - OR_CONN_EVENT_CONNECTED = 1, - OR_CONN_EVENT_FAILED = 2, - OR_CONN_EVENT_CLOSED = 3, - OR_CONN_EVENT_NEW = 4, -} or_conn_status_event_t; - -/** Used to indicate the type of a buildtime event */ -typedef enum buildtimeout_set_event_t { - BUILDTIMEOUT_SET_EVENT_COMPUTED = 0, - BUILDTIMEOUT_SET_EVENT_RESET = 1, - BUILDTIMEOUT_SET_EVENT_SUSPENDED = 2, - BUILDTIMEOUT_SET_EVENT_DISCARD = 3, - BUILDTIMEOUT_SET_EVENT_RESUME = 4 -} buildtimeout_set_event_t; - -/** Execute the statement <b>stmt</b>, which may log events concerning the - * connection <b>conn</b>. To prevent infinite loops, disable log messages - * being sent to controllers if <b>conn</b> is a control connection. - * - * Stmt must not contain any return or goto statements. - */ -#define CONN_LOG_PROTECT(conn, stmt) \ - STMT_BEGIN \ - int _log_conn_is_control; \ - tor_assert(conn); \ - _log_conn_is_control = (conn->type == CONN_TYPE_CONTROL); \ - if (_log_conn_is_control) \ - disable_control_logging(); \ - STMT_BEGIN stmt; STMT_END; \ - if (_log_conn_is_control) \ - enable_control_logging(); \ - STMT_END - -/** Enum describing various stages of bootstrapping, for use with controller - * bootstrap status events. The values range from 0 to 100. */ -typedef enum { - BOOTSTRAP_STATUS_UNDEF=-1, - BOOTSTRAP_STATUS_STARTING=0, - BOOTSTRAP_STATUS_CONN_DIR=5, - BOOTSTRAP_STATUS_HANDSHAKE=-2, - BOOTSTRAP_STATUS_HANDSHAKE_DIR=10, - BOOTSTRAP_STATUS_ONEHOP_CREATE=15, - BOOTSTRAP_STATUS_REQUESTING_STATUS=20, - BOOTSTRAP_STATUS_LOADING_STATUS=25, - BOOTSTRAP_STATUS_LOADING_KEYS=40, - BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS=45, - BOOTSTRAP_STATUS_LOADING_DESCRIPTORS=50, - BOOTSTRAP_STATUS_CONN_OR=80, - BOOTSTRAP_STATUS_HANDSHAKE_OR=85, - BOOTSTRAP_STATUS_CIRCUIT_CREATE=90, - BOOTSTRAP_STATUS_DONE=100 -} bootstrap_status_t; - -/********************************* dirserv.c ***************************/ - -/** An enum to describe what format we're generating a routerstatus line in. - */ -typedef enum { - /** For use in a v2 opinion */ - NS_V2, - /** For use in a consensus networkstatus document (ns flavor) */ - NS_V3_CONSENSUS, - /** For use in a vote networkstatus document */ - NS_V3_VOTE, - /** For passing to the controlport in response to a GETINFO request */ - NS_CONTROL_PORT, - /** For use in a consensus networkstatus document (microdesc flavor) */ - NS_V3_CONSENSUS_MICRODESC -} routerstatus_format_type_t; +#define WRITE_STATS_INTERVAL (24*60*60) /********************************* dirvote.c ************************/ typedef struct vote_timing_t vote_timing_t; -/********************************* geoip.c **************************/ - -/** Indicates an action that we might be noting geoip statistics on. - * Note that if we're noticing CONNECT, we're a bridge, and if we're noticing - * the others, we're not. - */ -typedef enum { - /** We've noticed a connection as a bridge relay or entry guard. */ - GEOIP_CLIENT_CONNECT = 0, - /** We've served a networkstatus consensus as a directory server. */ - GEOIP_CLIENT_NETWORKSTATUS = 1, -} geoip_client_action_t; -/** Indicates either a positive reply or a reason for rejectng a network - * status request that will be included in geoip statistics. */ -typedef enum { - /** Request is answered successfully. */ - GEOIP_SUCCESS = 0, - /** V3 network status is not signed by a sufficient number of requested - * authorities. */ - GEOIP_REJECT_NOT_ENOUGH_SIGS = 1, - /** Requested network status object is unavailable. */ - GEOIP_REJECT_UNAVAILABLE = 2, - /** Requested network status not found. */ - GEOIP_REJECT_NOT_FOUND = 3, - /** Network status has not been modified since If-Modified-Since time. */ - GEOIP_REJECT_NOT_MODIFIED = 4, - /** Directory is busy. */ - GEOIP_REJECT_BUSY = 5, -} geoip_ns_response_t; -#define GEOIP_NS_RESPONSE_NUM 6 - -/** Directory requests that we are measuring can be either direct or - * tunneled. */ -typedef enum { - DIRREQ_DIRECT = 0, - DIRREQ_TUNNELED = 1, -} dirreq_type_t; - -/** Possible states for either direct or tunneled directory requests that - * are relevant for determining network status download times. */ -typedef enum { - /** Found that the client requests a network status; applies to both - * direct and tunneled requests; initial state of a request that we are - * measuring. */ - DIRREQ_IS_FOR_NETWORK_STATUS = 0, - /** Finished writing a network status to the directory connection; - * applies to both direct and tunneled requests; completes a direct - * request. */ - DIRREQ_FLUSHING_DIR_CONN_FINISHED = 1, - /** END cell sent to circuit that initiated a tunneled request. */ - DIRREQ_END_CELL_SENT = 2, - /** Flushed last cell from queue of the circuit that initiated a - * tunneled request to the outbuf of the OR connection. */ - DIRREQ_CIRC_QUEUE_FLUSHED = 3, - /** Flushed last byte from buffer of the channel belonging to the - * circuit that initiated a tunneled request; completes a tunneled - * request. */ - DIRREQ_CHANNEL_BUFFER_FLUSHED = 4 -} dirreq_state_t; - -#define WRITE_STATS_INTERVAL (24*60*60) - /********************************* microdesc.c *************************/ typedef struct microdesc_cache_t microdesc_cache_t; -/********************************* networkstatus.c *********************/ - -/** Possible statuses of a version of Tor, given opinions from the directory - * servers. */ -typedef enum version_status_t { - VS_RECOMMENDED=0, /**< This version is listed as recommended. */ - VS_OLD=1, /**< This version is older than any recommended version. */ - VS_NEW=2, /**< This version is newer than any recommended version. */ - VS_NEW_IN_SERIES=3, /**< This version is newer than any recommended version - * in its series, but later recommended versions exist. - */ - VS_UNRECOMMENDED=4, /**< This version is not recommended (general case). */ - VS_EMPTY=5, /**< The version list was empty; no agreed-on versions. */ - VS_UNKNOWN, /**< We have no idea. */ -} version_status_t; - -/********************************* policies.c ************************/ - -/** Outcome of applying an address policy to an address. */ -typedef enum { - /** The address was accepted */ - ADDR_POLICY_ACCEPTED=0, - /** The address was rejected */ - ADDR_POLICY_REJECTED=-1, - /** Part of the address was unknown, but as far as we can tell, it was - * accepted. */ - ADDR_POLICY_PROBABLY_ACCEPTED=1, - /** Part of the address was unknown, but as far as we can tell, it was - * rejected. */ - ADDR_POLICY_PROBABLY_REJECTED=2, -} addr_policy_result_t; - -/********************************* rephist.c ***************************/ - -/** Possible public/private key operations in Tor: used to keep track of where - * we're spending our time. */ -typedef enum { - SIGN_DIR, SIGN_RTR, - VERIFY_DIR, VERIFY_RTR, - ENC_ONIONSKIN, DEC_ONIONSKIN, - TLS_HANDSHAKE_C, TLS_HANDSHAKE_S, - REND_CLIENT, REND_MID, REND_SERVER, -} pk_op_t; - /********************************* rendcommon.c ***************************/ typedef struct rend_authorized_client_t rend_authorized_client_t; @@ -3244,90 +1049,6 @@ typedef struct dir_server_t dir_server_t; #define ROUTER_MAX_DECLARED_BANDWIDTH INT32_MAX -/* Flags for pick_directory_server() and pick_trusteddirserver(). */ -/** Flag to indicate that we should not automatically be willing to use - * ourself to answer a directory request. - * Passed to router_pick_directory_server (et al).*/ -#define PDS_ALLOW_SELF (1<<0) -/** Flag to indicate that if no servers seem to be up, we should mark all - * directory servers as up and try again. - * Passed to router_pick_directory_server (et al).*/ -#define PDS_RETRY_IF_NO_SERVERS (1<<1) -/** Flag to indicate that we should not exclude directory servers that - * our ReachableAddress settings would exclude. This usually means that - * we're going to connect to the server over Tor, and so we don't need to - * worry about our firewall telling us we can't. - * Passed to router_pick_directory_server (et al).*/ -#define PDS_IGNORE_FASCISTFIREWALL (1<<2) -/** Flag to indicate that we should not use any directory authority to which - * we have an existing directory connection for downloading server descriptors - * or extrainfo documents. - * - * Passed to router_pick_directory_server (et al) - */ -#define PDS_NO_EXISTING_SERVERDESC_FETCH (1<<3) -/** Flag to indicate that we should not use any directory authority to which - * we have an existing directory connection for downloading microdescs. - * - * Passed to router_pick_directory_server (et al) - */ -#define PDS_NO_EXISTING_MICRODESC_FETCH (1<<4) - -/** Possible ways to weight routers when choosing one randomly. See - * routerlist_sl_choose_by_bandwidth() for more information.*/ -typedef enum bandwidth_weight_rule_t { - NO_WEIGHTING, WEIGHT_FOR_EXIT, WEIGHT_FOR_MID, WEIGHT_FOR_GUARD, - WEIGHT_FOR_DIR -} bandwidth_weight_rule_t; - -/** Flags to be passed to control router_choose_random_node() to indicate what - * kind of nodes to pick according to what algorithm. */ -typedef enum { - CRN_NEED_UPTIME = 1<<0, - CRN_NEED_CAPACITY = 1<<1, - CRN_NEED_GUARD = 1<<2, - /* XXXX not used, apparently. */ - CRN_WEIGHT_AS_EXIT = 1<<5, - CRN_NEED_DESC = 1<<6, - /* On clients, only provide nodes that satisfy ClientPreferIPv6OR */ - CRN_PREF_ADDR = 1<<7, - /* On clients, only provide nodes that we can connect to directly, based on - * our firewall rules */ - CRN_DIRECT_CONN = 1<<8, - /* On clients, only provide nodes with HSRend >= 2 protocol version which - * is required for hidden service version >= 3. */ - CRN_RENDEZVOUS_V3 = 1<<9, -} router_crn_flags_t; - -/** Return value for router_add_to_routerlist() and dirserv_add_descriptor() */ -typedef enum was_router_added_t { - /* Router was added successfully. */ - ROUTER_ADDED_SUCCESSFULLY = 1, - /* Extrainfo document was rejected because no corresponding router - * descriptor was found OR router descriptor was rejected because - * it was incompatible with its extrainfo document. */ - ROUTER_BAD_EI = -1, - /* Router descriptor was rejected because it is already known. */ - ROUTER_IS_ALREADY_KNOWN = -2, - /* General purpose router was rejected, because it was not listed - * in consensus. */ - ROUTER_NOT_IN_CONSENSUS = -3, - /* Router was neither in directory consensus nor in any of - * networkstatus documents. Caching it to access later. - * (Applies to fetched descriptors only.) */ - ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS = -4, - /* Router was rejected by directory authority. */ - ROUTER_AUTHDIR_REJECTS = -5, - /* Bridge descriptor was rejected because such bridge was not one - * of the bridges we have listed in our configuration. */ - ROUTER_WAS_NOT_WANTED = -6, - /* Router descriptor was rejected because it was older than - * OLD_ROUTER_DESC_MAX_AGE. */ - ROUTER_WAS_TOO_OLD = -7, /* note contrast with 'NOT_NEW' */ - /* DOCDOC */ - ROUTER_CERTS_EXPIRED = -8 -} was_router_added_t; - typedef struct tor_version_t tor_version_t; #endif /* !defined(TOR_OR_H) */ |