or.h 113 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
3
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. */
4
/* See LICENSE for licensing information */
Roger Dingledine's avatar
Roger Dingledine committed
5
6
/* $Id$ */

Nick Mathewson's avatar
Nick Mathewson committed
7
8
9
/**
 * \file or.h
 * \brief Master header file for Tor-specific functionality.
10
 **/
Nick Mathewson's avatar
Nick Mathewson committed
11

Roger Dingledine's avatar
Roger Dingledine committed
12
13
#ifndef __OR_H
#define __OR_H
14
#define OR_H_ID "$Id$"
Roger Dingledine's avatar
Roger Dingledine committed
15

Nick Mathewson's avatar
Nick Mathewson committed
16
#include "orconfig.h"
17
18
19
20
21
#ifdef MS_WINDOWS
#define WIN32_WINNT 0x400
#define _WIN32_WINNT 0x400
#define WIN32_LEAN_AND_MEAN
#endif
Nick Mathewson's avatar
Nick Mathewson committed
22

Roger Dingledine's avatar
Roger Dingledine committed
23
24
#include <stdio.h>
#include <stdlib.h>
25
#ifdef HAVE_UNISTD_H
Roger Dingledine's avatar
Roger Dingledine committed
26
#include <unistd.h>
27
28
#endif
#ifdef HAVE_STRING_H
Roger Dingledine's avatar
Roger Dingledine committed
29
#include <string.h>
30
31
#endif
#ifdef HAVE_SIGNAL_H
Roger Dingledine's avatar
Roger Dingledine committed
32
#include <signal.h>
33
34
#endif
#ifdef HAVE_NETDB_H
Roger Dingledine's avatar
Roger Dingledine committed
35
#include <netdb.h>
36
37
#endif
#ifdef HAVE_CTYPE_H
Roger Dingledine's avatar
Roger Dingledine committed
38
#include <ctype.h>
39
#endif
40
41
42
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h> /* FreeBSD needs this to know what version it is */
#endif
43
#include "../common/torint.h"
Roger Dingledine's avatar
Roger Dingledine committed
44
45
46
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
47
#ifdef HAVE_SYS_FCNTL_H
Roger Dingledine's avatar
Roger Dingledine committed
48
#include <sys/fcntl.h>
49
50
51
52
53
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_SYS_IOCTL_H
Roger Dingledine's avatar
Roger Dingledine committed
54
#include <sys/ioctl.h>
55
56
#endif
#ifdef HAVE_SYS_SOCKET_H
Roger Dingledine's avatar
Roger Dingledine committed
57
#include <sys/socket.h>
58
59
#endif
#ifdef HAVE_SYS_TIME_H
Roger Dingledine's avatar
Roger Dingledine committed
60
#include <sys/time.h>
61
62
#endif
#ifdef HAVE_SYS_STAT_H
63
#include <sys/stat.h>
64
65
#endif
#ifdef HAVE_NETINET_IN_H
Roger Dingledine's avatar
Roger Dingledine committed
66
#include <netinet/in.h>
67
68
#endif
#ifdef HAVE_ARPA_INET_H
Roger Dingledine's avatar
Roger Dingledine committed
69
#include <arpa/inet.h>
70
71
#endif
#ifdef HAVE_ERRNO_H
Roger Dingledine's avatar
Roger Dingledine committed
72
#include <errno.h>
73
74
#endif
#ifdef HAVE_ASSERT_H
Roger Dingledine's avatar
Roger Dingledine committed
75
#include <assert.h>
76
77
#endif
#ifdef HAVE_TIME_H
78
#include <time.h>
79
#endif
80

81
82
83
84
/** Upper bound on maximum simultaneous connections; can be lowered by
 * config file. */
#define MAXCONNECTIONS 15000

85
#ifdef MS_WINDOWS
86
87
88
89
90
91
92
93
/* No, we don't need to redefine FD_SETSIZE before including winsock:
 * we use libevent now, and libevent handles the select() stuff.  Yes,
 * some documents imply that we need to redefine anyway if we're using
 * select() anywhere in our application or in anything it links to: these
 * documents are either the holy texts of a cargo cult of network
 * programmers, or more likely a simplification of what's going on for
 * people who haven't read winsock[2].c for themselves.
 */
94
#if (_MSC_VER <= 1300)
95
#include <winsock.h>
96
#else
97
98
#include <winsock2.h>
#include <ws2tcpip.h>
99
#endif
100
101
#endif

102
#ifdef MS_WINDOWS
103
#include <io.h>
Roger Dingledine's avatar
Roger Dingledine committed
104
#include <process.h>
105
#include <direct.h>
106
#include <windows.h>
107
#define snprintf _snprintf
108
109
#endif

Nick Mathewson's avatar
Nick Mathewson committed
110
111
112
113
114
115
#ifdef HAVE_EVENT_H
#include <event.h>
#else
#error "Tor requires libevent to build."
#endif

116
#include "../common/crypto.h"
117
#include "../common/tortls.h"
Roger Dingledine's avatar
Roger Dingledine committed
118
#include "../common/log.h"
119
120
#include "../common/compat.h"
#include "../common/container.h"
121
#include "../common/util.h"
122
#include "../common/torgzip.h"
Roger Dingledine's avatar
Roger Dingledine committed
123

Nick Mathewson's avatar
Nick Mathewson committed
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
/* These signals are defined to help control_signal_act work.
 * XXXX Move into compat.h ?
 */
#ifndef SIGHUP
#define SIGHUP 1
#endif
#ifndef SIGINT
#define SIGINT 2
#endif
#ifndef SIGUSR1
#define SIGUSR1 10
#endif
#ifndef SIGUSR2
#define SIGUSR2 12
#endif
#ifndef SIGTERM
#define SIGTERM 15
#endif
142
143
144
/* Controller signals start at a high number so we don't
 * conflict with system-defined signals. */
#define SIGNEWNYM 129
Nick Mathewson's avatar
Nick Mathewson committed
145

146
147
148
149
150
151
#if (SIZEOF_CELL_T != 0)
/* On Irix, stdlib.h defines a cell_t type, so we need to make sure
 * that our stuff always calls cell_t something different. */
#define cell_t tor_cell_t
#endif

152
#define MAX_NICKNAME_LEN 19
153
/* Hex digest plus dollar sign. */
154
#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
155
156
157
/** Maximum size, in bytes, for resized buffers. */
#define MAX_BUF_SIZE ((1<<24)-1)
#define MAX_DIR_SIZE MAX_BUF_SIZE
Roger Dingledine's avatar
Roger Dingledine committed
158

159
160
161
162
/* For http parsing */
#define MAX_HEADERS_SIZE 50000
#define MAX_BODY_SIZE 500000

163
164
/** How long do we keep DNS cache entries before purging them (regardless of
 * their TTL)? */
165
#define MAX_DNS_ENTRY_AGE (30*60)
166
167
168
169
170
#define DEFAULT_DNS_TTL (30*60)
/** How long can a TTL be before we stop believing it? */
#define MAX_DNS_TTL (3*60*60)
/** How small can a TTL be before we stop believing it? */
#define MIN_DNS_TTL (60)
171

Nick Mathewson's avatar
Nick Mathewson committed
172
/** How often do we rotate onion keys? */
173
#define MIN_ONION_KEY_LIFETIME (7*24*60*60)
Nick Mathewson's avatar
Nick Mathewson committed
174
/** How often do we rotate TLS contexts? */
175
#define MAX_SSL_KEY_LIFETIME (2*60*60)
176

Roger Dingledine's avatar
Roger Dingledine committed
177
178
/** How old do we allow a router to get before removing it
 * from the router list? In seconds. */
179
180
181
182
#define ROUTER_MAX_AGE (60*60*48)
/** How old can a router get before we (as a server) will no longer
 * consider it live? In seconds. */
#define ROUTER_MAX_AGE_TO_PUBLISH (60*60*20)
183
/** How old do we let a saved descriptor get before removing it? */
184
185
186
#define OLD_ROUTER_DESC_MAX_AGE (60*60*60)
/** How old do we let a networkstatus get before ignoring it? */
#define NETWORKSTATUS_MAX_AGE (60*60*24)
187

188
189
190
191
typedef enum {
  CIRC_ID_TYPE_LOWER=0,
  CIRC_ID_TYPE_HIGHER=1
} circ_id_type_t;
192

193
#define _CONN_TYPE_MIN 3
Nick Mathewson's avatar
Nick Mathewson committed
194
/** Type for sockets listening for OR connections. */
Roger Dingledine's avatar
Roger Dingledine committed
195
#define CONN_TYPE_OR_LISTENER 3
196
197
/** A bidirectional TLS connection transmitting a sequence of cells.
 * May be from an OR to an OR, or from an OP to an OR. */
Roger Dingledine's avatar
Roger Dingledine committed
198
#define CONN_TYPE_OR 4
199
/** A TCP connection from an onion router to a stream's destination. */
200
#define CONN_TYPE_EXIT 5
201
/** Type for sockets listening for SOCKS connections. */
202
#define CONN_TYPE_AP_LISTENER 6
203
204
/** A SOCKS proxy connection from the user application to the onion
 * proxy. */
205
#define CONN_TYPE_AP 7
206
/** Type for sockets listening for HTTP connections to the directory server. */
207
#define CONN_TYPE_DIR_LISTENER 8
208
/** Type for HTTP connections to the directory server. */
209
#define CONN_TYPE_DIR 9
210
/** Connection from the main process to a DNS worker process. */
211
#define CONN_TYPE_DNSWORKER 10
212
/** Connection from the main process to a CPU worker process. */
Roger Dingledine's avatar
Roger Dingledine committed
213
#define CONN_TYPE_CPUWORKER 11
Roger Dingledine's avatar
Roger Dingledine committed
214
/** Type for listening for connections from user interface process. */
215
#define CONN_TYPE_CONTROL_LISTENER 12
Roger Dingledine's avatar
Roger Dingledine committed
216
/** Type for connections from user interface process. */
217
#define CONN_TYPE_CONTROL 13
218
219
220
/** Type for sockets listening for transparent proxy connections. */
#define CONN_TYPE_AP_TRANS_LISTENER 14
#define _CONN_TYPE_MAX 14
Roger Dingledine's avatar
Roger Dingledine committed
221

222
223
#define CONN_IS_EDGE(x) \
  ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
224

225
/** State for any listener connection. */
Roger Dingledine's avatar
Roger Dingledine committed
226
227
#define LISTENER_STATE_READY 0

228
#define _DNSWORKER_STATE_MIN 1
229
/** State for a connection to a dnsworker process that's idle. */
230
#define DNSWORKER_STATE_IDLE 1
231
232
/** State for a connection to a dnsworker process that's resolving a
 * hostname. */
233
234
#define DNSWORKER_STATE_BUSY 2
#define _DNSWORKER_STATE_MAX 2
235

236
#define _CPUWORKER_STATE_MIN 1
237
/** State for a connection to a cpuworker process that's idle. */
238
#define CPUWORKER_STATE_IDLE 1
Nick Mathewson's avatar
Nick Mathewson committed
239
/** State for a connection to a cpuworker process that's processing a
240
 * handshake. */
241
#define CPUWORKER_STATE_BUSY_ONION 2
Nick Mathewson's avatar
Nick Mathewson committed
242
#define _CPUWORKER_STATE_MAX 2
Roger Dingledine's avatar
Roger Dingledine committed
243
244
245

#define CPUWORKER_TASK_ONION CPUWORKER_STATE_BUSY_ONION

246
#define _OR_CONN_STATE_MIN 1
247
/** State for a connection to an OR: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
248
#define OR_CONN_STATE_CONNECTING 1
249
250
251
252
/** State for a connection to an OR: waiting for proxy command to flush. */
#define OR_CONN_STATE_PROXY_FLUSHING 2
/** State for a connection to an OR: waiting for proxy response. */
#define OR_CONN_STATE_PROXY_READING 3
253
/** State for a connection to an OR: SSL is handshaking, not done yet. */
254
#define OR_CONN_STATE_HANDSHAKING 4
Nick Mathewson's avatar
Nick Mathewson committed
255
/** State for a connection to an OR: Ready to send/receive cells. */
256
257
#define OR_CONN_STATE_OPEN 5
#define _OR_CONN_STATE_MAX 5
258
259

#define _EXIT_CONN_STATE_MIN 1
260
/** State for an exit connection: waiting for response from dns farm. */
Nick Mathewson's avatar
Nick Mathewson committed
261
#define EXIT_CONN_STATE_RESOLVING 1
262
/** State for an exit connection: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
263
#define EXIT_CONN_STATE_CONNECTING 2
264
/** State for an exit connection: open and ready to transmit data. */
265
#define EXIT_CONN_STATE_OPEN 3
266
/** State for an exit connection: waiting to be removed. */
Nick Mathewson's avatar
Nick Mathewson committed
267
#define EXIT_CONN_STATE_RESOLVEFAILED 4
268
#define _EXIT_CONN_STATE_MAX 4
Roger Dingledine's avatar
Roger Dingledine committed
269

270
/* the AP state values must be disjoint from the EXIT state values */
271
#define _AP_CONN_STATE_MIN 5
272
/** State for a SOCKS connection: waiting for SOCKS request. */
273
#define AP_CONN_STATE_SOCKS_WAIT 5
Nick Mathewson's avatar
Nick Mathewson committed
274
/** State for a SOCKS connection: got a y.onion URL; waiting to receive
Roger Dingledine's avatar
Roger Dingledine committed
275
 * rendezvous descriptor. */
276
#define AP_CONN_STATE_RENDDESC_WAIT 6
277
278
279
/** The controller will attach this connection to a circuit; it isn't our
 * job to do so. */
#define AP_CONN_STATE_CONTROLLER_WAIT 7
280
/** State for a SOCKS connection: waiting for a completed circuit. */
281
#define AP_CONN_STATE_CIRCUIT_WAIT 8
282
/** State for a SOCKS connection: sent BEGIN, waiting for CONNECTED. */
283
#define AP_CONN_STATE_CONNECT_WAIT 9
284
/** State for a SOCKS connection: send RESOLVE, waiting for RESOLVED. */
285
#define AP_CONN_STATE_RESOLVE_WAIT 10
286
/** State for a SOCKS connection: ready to send and receive. */
287
#define AP_CONN_STATE_OPEN 11
288
289
290
291
/** State for a transparent proxy connection: waiting for original
 * destination. */
#define AP_CONN_STATE_ORIGDST_WAIT 12
#define _AP_CONN_STATE_MAX 12
292

293
#define _DIR_CONN_STATE_MIN 1
294
/** State for connection to directory server: waiting for connect(). */
Roger Dingledine's avatar
Roger Dingledine committed
295
#define DIR_CONN_STATE_CONNECTING 1
296
/** State for connection to directory server: sending HTTP request. */
Roger Dingledine's avatar
Roger Dingledine committed
297
#define DIR_CONN_STATE_CLIENT_SENDING 2
298
/** State for connection to directory server: reading HTTP response. */
Roger Dingledine's avatar
Roger Dingledine committed
299
#define DIR_CONN_STATE_CLIENT_READING 3
300
301
/** State for connection to directory server: happy and finished. */
#define DIR_CONN_STATE_CLIENT_FINISHED 4
302
/** State for connection at directory server: waiting for HTTP request. */
303
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT 5
304
/** State for connection at directory server: sending HTTP response. */
305
306
#define DIR_CONN_STATE_SERVER_WRITING 6
#define _DIR_CONN_STATE_MAX 6
Roger Dingledine's avatar
Roger Dingledine committed
307

308
#define _CONTROL_CONN_STATE_MIN 1
309
310
311
312
313
#define CONTROL_CONN_STATE_OPEN_V0 1
#define CONTROL_CONN_STATE_OPEN_V1 2
#define CONTROL_CONN_STATE_NEEDAUTH_V0 3
#define CONTROL_CONN_STATE_NEEDAUTH_V1 4
#define _CONTROL_CONN_STATE_MAX 4
314

Roger Dingledine's avatar
Roger Dingledine committed
315
#define _DIR_PURPOSE_MIN 1
316
/** A connection to a directory server: download a directory. */
Roger Dingledine's avatar
Roger Dingledine committed
317
#define DIR_PURPOSE_FETCH_DIR 1
318
/** A connection to a directory server: download just the list
319
320
 * of running routers. */
#define DIR_PURPOSE_FETCH_RUNNING_LIST 2
321
/** A connection to a directory server: download a rendezvous
Nick Mathewson's avatar
Nick Mathewson committed
322
 * descriptor. */
323
#define DIR_PURPOSE_FETCH_RENDDESC 3
324
/** A connection to a directory server: set after a rendezvous
Nick Mathewson's avatar
Nick Mathewson committed
325
 * descriptor is downloaded. */
326
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC 4
Roger Dingledine's avatar
Roger Dingledine committed
327
/** A connection to a directory server: download one or more network-status
328
329
 * objects */
#define DIR_PURPOSE_FETCH_NETWORKSTATUS 5
330
/** A connection to a directory server: download one or more server
331
332
 * descriptors. */
#define DIR_PURPOSE_FETCH_SERVERDESC 6
333
/** A connection to a directory server: upload a server descriptor. */
334
#define DIR_PURPOSE_UPLOAD_DIR 7
335
/** A connection to a directory server: upload a rendezvous
336
 * descriptor. */
337
#define DIR_PURPOSE_UPLOAD_RENDDESC 8
Nick Mathewson's avatar
Nick Mathewson committed
338
/** Purpose for connection at a directory server. */
339
340
#define DIR_PURPOSE_SERVER 9
#define _DIR_PURPOSE_MAX 9
341

342
343
344
345
346
#define _EXIT_PURPOSE_MIN 1
#define EXIT_PURPOSE_CONNECT 1
#define EXIT_PURPOSE_RESOLVE 2
#define _EXIT_PURPOSE_MAX 2

347
/** Circuit state: I'm the origin, still haven't done all my handshakes. */
Nick Mathewson's avatar
Nick Mathewson committed
348
#define CIRCUIT_STATE_BUILDING 0
349
/** Circuit state: Waiting to process the onionskin. */
Nick Mathewson's avatar
Nick Mathewson committed
350
#define CIRCUIT_STATE_ONIONSKIN_PENDING 1
351
352
/** Circuit state: I'd like to deliver a create, but my n_conn is still
 * connecting. */
Nick Mathewson's avatar
Nick Mathewson committed
353
#define CIRCUIT_STATE_OR_WAIT 2
354
/** Circuit state: onionskin(s) processed, ready to send/receive cells. */
Nick Mathewson's avatar
Nick Mathewson committed
355
#define CIRCUIT_STATE_OPEN 3
Roger Dingledine's avatar
Roger Dingledine committed
356

357
#define _CIRCUIT_PURPOSE_MIN 1
358

359
/* these circuits were initiated elsewhere */
360
#define _CIRCUIT_PURPOSE_OR_MIN 1
Nick Mathewson's avatar
Nick Mathewson committed
361
362
/** OR-side circuit purpose: normal circuit, at OR. */
#define CIRCUIT_PURPOSE_OR 1
363
/** OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices. */
Nick Mathewson's avatar
Nick Mathewson committed
364
#define CIRCUIT_PURPOSE_INTRO_POINT 2
365
/** OR-side circuit purpose: At OR, from Alice, waiting for Bob. */
Nick Mathewson's avatar
Nick Mathewson committed
366
#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3
367
/** OR-side circuit purpose: At OR, both circuits have this purpose. */
Nick Mathewson's avatar
Nick Mathewson committed
368
#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4
369
#define _CIRCUIT_PURPOSE_OR_MAX 4
370

371
/* these circuits originate at this node */
372
373
374
375

/* here's how circ client-side purposes work:
 *   normal circuits are C_GENERAL.
 *   circuits that are c_introducing are either on their way to
376
377
378
379
 *     becoming open, or they are open and waiting for a
 *     suitable rendcirc before they send the intro.
 *   circuits that are c_introduce_ack_wait have sent the intro,
 *     but haven't gotten a response yet.
380
381
382
 *   circuits that are c_establish_rend are either on their way
 *     to becoming open, or they are open and have sent the
 *     establish_rendezvous cell but haven't received an ack.
383
384
 *   circuits that are c_rend_ready are open and have received a
 *     rend ack, but haven't heard from bob yet. if they have a
385
386
 *     buildstate->pending_final_cpath then they're expecting a
 *     cell from bob, else they're not.
387
388
 *   circuits that are c_rend_ready_intro_acked are open, and
 *     some intro circ has sent its intro and received an ack.
389
390
391
 *   circuits that are c_rend_joined are open, have heard from
 *     bob, and are talking to him.
 */
Nick Mathewson's avatar
Nick Mathewson committed
392
393
/** Client-side circuit purpose: Normal circuit, with cpath. */
#define CIRCUIT_PURPOSE_C_GENERAL 5
394
/** Client-side circuit purpose: at Alice, connecting to intro point. */
Nick Mathewson's avatar
Nick Mathewson committed
395
#define CIRCUIT_PURPOSE_C_INTRODUCING 6
396
397
/** Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point,
 * waiting for ACK/NAK. */
Nick Mathewson's avatar
Nick Mathewson committed
398
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7
399
/** Client-side circuit purpose: at Alice, introduced and acked, closing. */
Nick Mathewson's avatar
Nick Mathewson committed
400
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8
401
/** Client-side circuit purpose: at Alice, waiting for ack. */
Nick Mathewson's avatar
Nick Mathewson committed
402
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND 9
403
/** Client-side circuit purpose: at Alice, waiting for Bob. */
Nick Mathewson's avatar
Nick Mathewson committed
404
405
406
407
#define CIRCUIT_PURPOSE_C_REND_READY 10
/** Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE
 * has been acknowledged. */
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED 11
408
/** Client-side circuit purpose: at Alice, rendezvous established. */
Nick Mathewson's avatar
Nick Mathewson committed
409
410
#define CIRCUIT_PURPOSE_C_REND_JOINED 12

411
/** Hidden-service-side circuit purpose: at Bob, waiting for introductions. */
Nick Mathewson's avatar
Nick Mathewson committed
412
413
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 13
/** Hidden-service-side circuit purpose: at Bob, successfully established
414
 * intro. */
Nick Mathewson's avatar
Nick Mathewson committed
415
#define CIRCUIT_PURPOSE_S_INTRO 14
416
/** Hidden-service-side circuit purpose: at Bob, connecting to rend point. */
Nick Mathewson's avatar
Nick Mathewson committed
417
#define CIRCUIT_PURPOSE_S_CONNECT_REND 15
418
/** Hidden-service-side circuit purpose: at Bob, rendezvous established. */
Nick Mathewson's avatar
Nick Mathewson committed
419
#define CIRCUIT_PURPOSE_S_REND_JOINED 16
420
421
/** A testing circuit; not meant to be used for actual traffic. */
#define CIRCUIT_PURPOSE_TESTING 17
422
423
424
/** A controller made this circuit and Tor should not use it. */
#define CIRCUIT_PURPOSE_CONTROLLER 18
#define _CIRCUIT_PURPOSE_MAX 18
425

426
427
/** True iff the circuit purpose <b>p</b> is for a circuit that
 * originated at this node. */
428
429
430
#define CIRCUIT_PURPOSE_IS_ORIGIN(p) ((p)>_CIRCUIT_PURPOSE_OR_MAX)
#define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))

431
432
433
434
435
#define RELAY_COMMAND_BEGIN 1
#define RELAY_COMMAND_DATA 2
#define RELAY_COMMAND_END 3
#define RELAY_COMMAND_CONNECTED 4
#define RELAY_COMMAND_SENDME 5
436
437
#define RELAY_COMMAND_EXTEND 6
#define RELAY_COMMAND_EXTENDED 7
438
439
#define RELAY_COMMAND_TRUNCATE 8
#define RELAY_COMMAND_TRUNCATED 9
440
#define RELAY_COMMAND_DROP 10
441
442
#define RELAY_COMMAND_RESOLVE 11
#define RELAY_COMMAND_RESOLVED 12
443

444
445
446
447
#define RELAY_COMMAND_ESTABLISH_INTRO 32
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
#define RELAY_COMMAND_INTRODUCE1 34
#define RELAY_COMMAND_INTRODUCE2 35
448
449
450
451
452
#define RELAY_COMMAND_RENDEZVOUS1 36
#define RELAY_COMMAND_RENDEZVOUS2 37
#define RELAY_COMMAND_INTRO_ESTABLISHED 38
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
#define RELAY_COMMAND_INTRODUCE_ACK 40
453

454
455
#define END_STREAM_REASON_MISC 1
#define END_STREAM_REASON_RESOLVEFAILED 2
456
#define END_STREAM_REASON_CONNECTREFUSED 3
457
458
459
#define END_STREAM_REASON_EXITPOLICY 4
#define END_STREAM_REASON_DESTROY 5
#define END_STREAM_REASON_DONE 6
460
#define END_STREAM_REASON_TIMEOUT 7
461
462
463
464
465
/* 8 is unallocated. */
#define END_STREAM_REASON_HIBERNATING 9
#define END_STREAM_REASON_INTERNAL 10
#define END_STREAM_REASON_RESOURCELIMIT 11
#define END_STREAM_REASON_CONNRESET 12
466
#define END_STREAM_REASON_TORPROTOCOL 13
467

468
469
470
471
472
473
474
475
/* These high-numbered end reasons are not part of the official spec,
 * and are not intended to be put in relay end cells. They are here
 * to be more informative when sending back socks replies to the
 * application. */
#define END_STREAM_REASON_ALREADY_SOCKS_REPLIED 256
#define END_STREAM_REASON_CANT_ATTACH 257
#define END_STREAM_REASON_NET_UNREACHABLE 258

476
#define RESOLVED_TYPE_HOSTNAME 0
477
478
479
480
481
#define RESOLVED_TYPE_IPV4 4
#define RESOLVED_TYPE_IPV6 6
#define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
#define RESOLVED_TYPE_ERROR 0xF1

482
/* XXX We should document the meaning of these. */
483
484
485
486
487
488
489
490
491
492
493
494
495
#define END_CIRC_AT_ORIGIN           -1
#define _END_CIRC_REASON_MIN            0
#define END_CIRC_REASON_NONE            0
#define END_CIRC_REASON_TORPROTOCOL     1
#define END_CIRC_REASON_INTERNAL        2
#define END_CIRC_REASON_REQUESTED       3
#define END_CIRC_REASON_HIBERNATING     4
#define END_CIRC_REASON_RESOURCELIMIT   5
#define END_CIRC_REASON_CONNECTFAILED   6
#define END_CIRC_REASON_OR_IDENTITY     7
#define END_CIRC_REASON_OR_CONN_CLOSED  8
#define _END_CIRC_REASON_MAX            8

Nick Mathewson's avatar
Nick Mathewson committed
496
/** Length of 'y' portion of 'y.onion' URL. */
497
498
#define REND_SERVICE_ID_LEN 16

499
500
501
#define CELL_DIRECTION_IN 1
#define CELL_DIRECTION_OUT 2

Roger Dingledine's avatar
Roger Dingledine committed
502
503
504
505
506
507
#ifdef TOR_PERF
#define CIRCWINDOW_START 10000
#define CIRCWINDOW_INCREMENT 1000
#define STREAMWINDOW_START 5000
#define STREAMWINDOW_INCREMENT 500
#else
508
509
#define CIRCWINDOW_START 1000
#define CIRCWINDOW_INCREMENT 100
510
511
#define STREAMWINDOW_START 500
#define STREAMWINDOW_INCREMENT 50
Roger Dingledine's avatar
Roger Dingledine committed
512
#endif
513

Roger Dingledine's avatar
Roger Dingledine committed
514
515
516
/* cell commands */
#define CELL_PADDING 0
#define CELL_CREATE 1
517
518
519
#define CELL_CREATED 2
#define CELL_RELAY 3
#define CELL_DESTROY 4
520
521
#define CELL_CREATE_FAST 5
#define CELL_CREATED_FAST 6
Roger Dingledine's avatar
Roger Dingledine committed
522

523
/** How long to test reachability before complaining to the user. */
524
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
525

526
/* legal characters in a nickname */
527
528
#define LEGAL_NICKNAME_CHARACTERS \
  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
529

530
531
532
/** Name to use in client TLS certificates if no nickname is given.*/
#define DEFAULT_CLIENT_NICKNAME "client"

533
534
#define SOCKS4_NETWORK_LEN 8

535
536
537
538
539
540
541
542
543
544
545
546
typedef enum {
  SOCKS5_SUCCEEDED                  = 0x00,
  SOCKS5_GENERAL_ERROR              = 0x01,
  SOCKS5_NOT_ALLOWED                = 0x02,
  SOCKS5_NET_UNREACHABLE            = 0x03,
  SOCKS5_HOST_UNREACHABLE           = 0x04,
  SOCKS5_CONNECTION_REFUSED         = 0x05,
  SOCKS5_TTL_EXPIRED                = 0x06,
  SOCKS5_COMMAND_NOT_SUPPORTED      = 0x07,
  SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
} socks5_reply_status_t;

Roger Dingledine's avatar
Roger Dingledine committed
547
548
549
/*
 * Relay payload:
 *         Relay command           [1 byte]
550
551
 *         Recognized              [2 bytes]
 *         Stream ID               [2 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
552
553
 *         Partial SHA-1           [4 bytes]
 *         Length                  [2 bytes]
554
 *         Relay payload           [498 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
555
 */
556

Roger Dingledine's avatar
Roger Dingledine committed
557
558
559
#define CELL_PAYLOAD_SIZE 509
#define CELL_NETWORK_SIZE 512

560
561
562
#define RELAY_HEADER_SIZE (1+2+2+4+2)
#define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)

563
564
/** Parsed onion routing cell.  All communication between nodes
 * is via cells. */
Roger Dingledine's avatar
Roger Dingledine committed
565
typedef struct {
Nick Mathewson's avatar
Nick Mathewson committed
566
  uint16_t circ_id; /**< Circuit which received the cell. */
567
568
569
  uint8_t command; /**< Type of the cell: one of PADDING, CREATE, RELAY,
                    * or DESTROY. */
  char payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
Roger Dingledine's avatar
Roger Dingledine committed
570
571
} cell_t;

Nick Mathewson's avatar
Nick Mathewson committed
572
/** Beginning of a RELAY cell payload. */
573
typedef struct {
Nick Mathewson's avatar
Nick Mathewson committed
574
575
576
577
578
  uint8_t command; /**< The end-to-end relay command. */
  uint16_t recognized; /**< Used to tell whether cell is for us. */
  uint16_t stream_id; /**< Which stream is this cell associated with? */
  char integrity[4]; /**< Used to tell whether cell is corrupted. */
  uint16_t length; /**< How long is the payload body? */
579
} relay_header_t;
Roger Dingledine's avatar
Roger Dingledine committed
580

581
typedef struct buf_t buf_t;
582
typedef struct socks_request_t socks_request_t;
583

584
585
586
587
588
#define BASE_CONNECTION_MAGIC 0x7C3C304Eu
#define OR_CONNECTION_MAGIC 0x7D31FF03u
#define EDGE_CONNECTION_MAGIC 0xF0374013u
#define DIR_CONNECTION_MAGIC 0x9988ffeeu
#define CONTROL_CONNECTION_MAGIC 0x8abc765du
589

Nick Mathewson's avatar
Nick Mathewson committed
590
/** Description of a connection to another host or process, and associated
591
592
593
 * data.
 *
 * A connection is named based on what it's connected to -- an "OR
594
 * connection" has a Tor node on the other end, an "exit
595
596
597
598
599
600
601
602
603
604
605
606
607
 * connection" has a website or other server on the other end, and an
 * "AP connection" has an application proxy (and thus a user) on the
 * other end.
 *
 * Every connection has a type and a state.  Connections never change
 * their type, but can go through many state changes in their lifetime.
 *
 * Every connection has two associated input and output buffers.
 * Listeners don't use them.  For non-listener connections, incoming
 * data is appended to conn->inbuf, and outgoing data is taken from
 * conn->outbuf.  Connections differ primarily in the functions called
 * to fill and drain these buffers.
 */
608
609
610
typedef struct connection_t {
  uint32_t magic; /**< For memory debugging: must equal one of
                   * *_CONNECTION_MAGIC. */
Roger Dingledine's avatar
Roger Dingledine committed
611

Nick Mathewson's avatar
Nick Mathewson committed
612
613
  uint8_t type; /**< What kind of connection is this? */
  uint8_t state; /**< Current state of this connection. */
614
  uint8_t purpose; /**< Only used for DIR and EXIT types currently. */
615
616
617
618

  /* The next fields are all one-bit booleans. Some are only applicable
   * to connection subtypes, but we hold them here anyway, to save space.
   * (Currently, they all fit into a single byte.) */
619
  unsigned wants_to_read:1; /**< Boolean: should we start reading again once
Roger Dingledine's avatar
Roger Dingledine committed
620
                            * the bandwidth throttler allows it? */
621
  unsigned wants_to_write:1; /**< Boolean: should we start writing again once
Roger Dingledine's avatar
Roger Dingledine committed
622
                             * the bandwidth throttler allows reads? */
623
624
  unsigned hold_open_until_flushed:1; /**< Despite this connection's being
                                      * marked for close, do we flush it
Roger Dingledine's avatar
Roger Dingledine committed
625
                                      * before closing it? */
626
627
  unsigned int inbuf_reached_eof:1; /**< Boolean: did read() return 0 on this
                                     * conn? */
628
629
  unsigned edge_has_sent_end:1; /**< For debugging; only used on edge
                         * connections.  Set once we've set the stream end,
630
                         * and check in circuit_about_to_close_connection(). */
631
  /** For control connections only. If set, we send extended info with control
632
   * events as appropriate. */
633
  unsigned int control_events_are_extended:1;
634
  /** Used for OR conns that shouldn't get any new circs attached to them. */
635
  unsigned int or_is_obsolete:1;
636
  /** For AP connections only. If 1, and we fail to reach the chosen exit,
637
   * stop requiring it. */
638
  unsigned int chosen_exit_optional:1;
639

Roger Dingledine's avatar
Roger Dingledine committed
640
  int s; /**< Our socket; -1 if this connection is closed. */
641
  int conn_array_index; /**< Index into the global connection array. */
Roger Dingledine's avatar
Roger Dingledine committed
642
643
  struct event *read_event; /**< Libevent event structure. */
  struct event *write_event; /**< Libevent event structure. */
644
645
  buf_t *inbuf; /**< Buffer holding data read over this connection. */
  buf_t *outbuf; /**< Buffer holding data to write over this connection. */
Roger Dingledine's avatar
Roger Dingledine committed
646
647
  size_t outbuf_flushlen; /**< How much data should we try to flush from the
                           * outbuf? */
648
649
  time_t timestamp_lastread; /**< When was the last time libevent said we could
                              * read? */
650
  time_t timestamp_lastwritten; /**< When was the last time libevent said we
651
                                 * could write? */
Roger Dingledine's avatar
Roger Dingledine committed
652
  time_t timestamp_created; /**< When was this connection_t created? */
Roger Dingledine's avatar
Roger Dingledine committed
653

Nick Mathewson's avatar
Nick Mathewson committed
654
655
  uint32_t addr; /**< IP of the other side of the connection; used to identify
                  * routers, along with port. */
656
  uint16_t port; /**< If non-zero, port  on the other end
657
                  * of the connection. */
658
659
660
  uint16_t marked_for_close; /**< Should we close this conn on the next
                              * iteration of the main loop? (If true, holds
                              * the line number where this connection was
Roger Dingledine's avatar
Roger Dingledine committed
661
                              * marked.) */
662
663
  const char *marked_for_close_file; /**< For debugging: in which file were
                                      * we marked for close? */
Nick Mathewson's avatar
Nick Mathewson committed
664
  char *address; /**< FQDN (or IP) of the guy on the other end.
Roger Dingledine's avatar
Roger Dingledine committed
665
                  * strdup into this, because free_connection frees it. */
666

667
} connection_t;
668

669
670
/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
 * cells over TLS. */
671
672
673
typedef struct or_connection_t {
  connection_t _base;

674
675
  char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
                                     * the other side's signing key. */
Nick Mathewson's avatar
Nick Mathewson committed
676
  char *nickname; /**< Nickname of OR on other side (if any). */
677

678
  tor_tls_t *tls; /**< TLS connection state */
Roger Dingledine's avatar
Roger Dingledine committed
679

680
681
  time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/

682
683
684
  /* bandwidth* and receiver_bucket only used by ORs in OPEN state: */
  int bandwidthrate; /**< Bytes/s added to the bucket. (OPEN ORs only.) */
  int bandwidthburst; /**< Max bucket size for this conn. (OPEN ORs only.) */
Roger Dingledine's avatar
Roger Dingledine committed
685
  int receiver_bucket; /**< When this hits 0, stop receiving. Every second we
686
                        * add 'bandwidthrate' to this, capping it at
Roger Dingledine's avatar
Roger Dingledine committed
687
                        * bandwidthburst. (OPEN ORs only) */
688
689
690
  circ_id_type_t circ_id_type; /**< When we send CREATE cells along this
                                * connection, which half of the space should
                                * we use? */
691
692
  int n_circuits; /**< How many circuits use this connection as p_conn or
                   * n_conn ? */
693
  struct or_connection_t *next_with_same_id; /**< Next connection with same
694
                                           * identity digest as this one. */
695
696
  uint16_t next_circ_id; /**< Which circ_id do we try to use next on
                          * this connection?  This is always in the
697
                          * range 0..1<<15-1. */
698
699
} or_connection_t;

700
701
/** Subtype of connection_t for an "edge connection" -- that is, a socks (ap)
 * connection, or an exit. */
702
703
typedef struct edge_connection_t {
  connection_t _base;
704

705
  struct edge_connection_t *next_stream; /**< Points to the next stream at this
706
                                          * edge, if any */
Roger Dingledine's avatar
Roger Dingledine committed
707
  struct crypt_path_t *cpath_layer; /**< A pointer to which node in the circ
708
709
710
711
                                     * this conn exits at. */
  int package_window; /**< How many more relay cells can I send into the
                       * circuit? */
  int deliver_window; /**< How many more relay cells can end at me? */
Nick Mathewson's avatar
Nick Mathewson committed
712

713
714
715
716
717
718
719
720
721
722
723
724

  /** Nickname of planned exit node -- used with .exit support. */
  char *chosen_exit_name;

  socks_request_t *socks_request; /**< SOCKS structure describing request (AP
                                   * only.) */
  struct circuit_t *on_circuit; /**< The circuit (if any) that this edge
                                 * connection is using. */

  uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit
                         * connection.  Exit connections only. */

725
726
727
  uint16_t stream_id; /**< The stream ID used for this edge connection on its
                       * circuit */

728
729
730
731
  /** Quasi-global identifier for this connection; used for control.c */
  /* XXXX NM This can get re-used after 2**32 streams */
  uint32_t global_identifier;

732
  char rend_query[REND_SERVICE_ID_LEN+1]; /**< What rendezvous service are we
733
                                           * querying for? (AP only) */
734
735
736
737
738
739

  /** Number of times we've reassigned this application connection to
   * a new circuit. We keep track because the timeout is longer if we've
   * already retried several times. */
  uint8_t num_socks_retries;

740
741
} edge_connection_t;

742
743
/** Subtype of connection_t for an "directory connection" -- that is, an HTTP
 * connection to retrieve or serve directory material. */
744
745
746
typedef struct dir_connection_t {
  connection_t _base;

747
  char *requested_resource; /**< Which 'resource' did we ask the directory
Roger Dingledine's avatar
Roger Dingledine committed
748
                             * for? */
749
  unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */
750
751
752
753

  /* Used only for server sides of some dir connections, to implement
   * "spooling" of directory material to the outbuf.  Otherwise, we'd have
   * to append everything to the outbuf in one enormous chunk. */
754
  enum {
755
756
757
    DIR_SPOOL_NONE=0, DIR_SPOOL_SERVER_BY_DIGEST, DIR_SPOOL_SERVER_BY_FP,
    DIR_SPOOL_CACHED_DIR, DIR_SPOOL_NETWORKSTATUS
  } dir_spool_src;
758
759
760
761
  smartlist_t *fingerprint_stack;
  struct cached_dir_t *cached_dir;
  off_t cached_dir_offset;
  tor_zlib_state_t *zlib_state;
762

763
  char rend_query[REND_SERVICE_ID_LEN+1]; /**< What rendezvous service are we
764
                                           * querying for? */
765

766
767
768
769
  char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
                                     * the directory server's signing key. */
} dir_connection_t;

770
/** Subtype of connection_t for an connection to a controller. */
771
772
typedef struct control_connection_t {
  connection_t _base;
773

774
775
  uint32_t event_mask; /**< Bitfield: which events does this controller
                        * care about? */
776
777
778
  uint32_t incoming_cmd_len;
  uint32_t incoming_cmd_cur_len;
  char *incoming_cmd;
779
780
  /* Used only by control v0 connections */
  uint16_t incoming_cmd_type;
781
} control_connection_t;
782

783
/** Cast a connection_t subtype pointer to a connection_t **/
784
#define TO_CONN(c) &(((c)->_base))
785
/** Helper macro: Given a pointer to to._base, of type from*, return &to. */
786
787
#define DOWNCAST(to, ptr) \
  (to*) (((char*)(ptr)) - STRUCT_OFFSET(to, _base))
788

789
790
/** Convert a connection_t* to an or_connection_t*; assert if the cast is
 * invalid. */
791
or_connection_t *TO_OR_CONN(connection_t *);
792
793
/** Convert a connection_t* to a dir_connection_t*; assert if the cast is
 * invalid. */
794
dir_connection_t *TO_DIR_CONN(connection_t *);
795
796
/** Convert a connection_t* to an edge_connection_t*; assert if the cast is
 * invalid. */
797
edge_connection_t *TO_EDGE_CONN(connection_t *);
798
799
/** Convert a connection_t* to an control_connection_t*; assert if the cast is
 * invalid. */
800
801
802
803
804
control_connection_t *TO_CONTROL_CONN(connection_t *);

extern INLINE or_connection_t *TO_OR_CONN(connection_t *c)
{
  tor_assert(c->magic == OR_CONNECTION_MAGIC);
805
  return DOWNCAST(or_connection_t, c);
806
807
808
809
}
extern INLINE dir_connection_t *TO_DIR_CONN(connection_t *c)
{
  tor_assert(c->magic == DIR_CONNECTION_MAGIC);
810
  return DOWNCAST(dir_connection_t, c);
811
812
813
814
}
extern INLINE edge_connection_t *TO_EDGE_CONN(connection_t *c)
{
  tor_assert(c->magic == EDGE_CONNECTION_MAGIC);
815
  return DOWNCAST(edge_connection_t, c);
816
817
818
819
}
extern INLINE control_connection_t *TO_CONTROL_CONN(connection_t *c)
{
  tor_assert(c->magic == CONTROL_CONNECTION_MAGIC);
820
  return DOWNCAST(control_connection_t, c);
821
}
Roger Dingledine's avatar
Roger Dingledine committed
822

823
824
825
826
typedef enum {
  ADDR_POLICY_ACCEPT=1,
  ADDR_POLICY_REJECT=2,
} addr_policy_action_t;
Roger Dingledine's avatar
Roger Dingledine committed
827

828
/** A linked list of policy rules */
829
typedef struct addr_policy_t {
830
  addr_policy_action_t policy_type; /**< What to do when the policy matches.*/
831
832
  char *string; /**< String representation of this rule. */
  uint32_t addr; /**< Base address to accept or reject. */
833
834
  uint32_t msk; /**< Accept/reject all addresses <b>a</b> such that
                 * a &amp; msk == <b>addr</b> &amp; msk . */
835
836
  uint16_t prt_min; /**< Lowest port number to accept/reject. */
  uint16_t prt_max; /**< Highest port number to accept/reject. */
Nick Mathewson's avatar
Nick Mathewson committed
837

838
  struct addr_policy_t *next; /**< Next rule in list. */
839
} addr_policy_t;
Roger Dingledine's avatar
Roger Dingledine committed
840

841
842
843
844
845
846
847
848
/** A cached_dir_t represents a cacheable directory object, along with its
 * compressed form. */
typedef struct cached_dir_t {
  char *dir; /**< Contents of this object */
  char *dir_z; /**< Compressed contents of this object. */
  size_t dir_len; /**< Length of <b>dir</b> */
  size_t dir_z_len; /**< Length of <b>dir_z</b> */
  time_t published; /**< When was this object published */
849
  int refcnt; /**< Reference count for this cached_dir_t. */
850
851
} cached_dir_t;

852
853
854
855
typedef enum {
   SAVED_NOWHERE=0, SAVED_IN_CACHE, SAVED_IN_JOURNAL
} saved_location_t;

856
857
/** Information need to cache an onion router's descriptor. */
typedef struct signed_descriptor_t {
858
  char *signed_descriptor_body;
859
860
861
862
  size_t signed_descriptor_len;
  char signed_descriptor_digest[DIGEST_LEN];
  char identity_digest[DIGEST_LEN];
  time_t published_on;
863
  saved_location_t saved_location;
864
  off_t saved_offset;
865
866
} signed_descriptor_t;

Nick Mathewson's avatar
Nick Mathewson committed
867
/** Information about another onion router in the network. */
868
typedef struct {
869
  signed_descriptor_t cache_info;
Nick Mathewson's avatar
Nick Mathewson committed
870
871
  char *address; /**< Location of OR: either a hostname or an IP address. */
  char *nickname; /**< Human-readable OR name. */
Roger Dingledine's avatar
Roger Dingledine committed
872

Nick Mathewson's avatar
Nick Mathewson committed
873
  uint32_t addr; /**< IPv4 address of OR, in host order. */
874
  uint16_t or_port; /**< Port for TLS connections. */
875
  uint16_t dir_port; /**< Port for HTTP directory connections. */
876

877
878
  crypto_pk_env_t *onion_pkey; /**< Public RSA key for onions. */
  crypto_pk_env_t *identity_pkey;  /**< Public RSA key for signing. */
879

Nick Mathewson's avatar
Nick Mathewson committed
880
  char *platform; /**< What software/operating system is this OR using? */
881

Roger Dingledine's avatar
Roger Dingledine committed
882
  /* link info */
Nick Mathewson's avatar
Nick Mathewson committed
883
884
885
  uint32_t bandwidthrate; /**< How many bytes does this OR add to its token
                           * bucket per second? */
  uint32_t bandwidthburst; /**< How large is this OR's token bucket? */
886
  /** How many bytes/s is this router known to handle? */
887
  uint32_t bandwidthcapacity;
888
  addr_policy_t *exit_policy; /**< What streams will this OR permit
Nick Mathewson's avatar
Nick Mathewson committed
889
                                      * to exit? */
890
  long uptime; /**< How many seconds the router claims to have been up */
891
892
  smartlist_t *declared_family; /**< Nicknames of router which this router
                                 * claims are its family. */
893
  char *contact_info; /**< Declared contact info for this router. */
894
895
  unsigned int is_hibernating:1; /**< Whether the router claims to be
                                  * hibernating */