or.h 115 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
3
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. */
4
/* See LICENSE for licensing information */
Roger Dingledine's avatar
Roger Dingledine committed
5
6
/* $Id$ */

Nick Mathewson's avatar
Nick Mathewson committed
7
8
9
/**
 * \file or.h
 * \brief Master header file for Tor-specific functionality.
10
 **/
Nick Mathewson's avatar
Nick Mathewson committed
11

Roger Dingledine's avatar
Roger Dingledine committed
12
13
#ifndef __OR_H
#define __OR_H
14
#define OR_H_ID "$Id$"
Roger Dingledine's avatar
Roger Dingledine committed
15

Nick Mathewson's avatar
Nick Mathewson committed
16
#include "orconfig.h"
17
18
19
20
21
#ifdef MS_WINDOWS
#define WIN32_WINNT 0x400
#define _WIN32_WINNT 0x400
#define WIN32_LEAN_AND_MEAN
#endif
Nick Mathewson's avatar
Nick Mathewson committed
22

Roger Dingledine's avatar
Roger Dingledine committed
23
24
#include <stdio.h>
#include <stdlib.h>
25
#ifdef HAVE_UNISTD_H
Roger Dingledine's avatar
Roger Dingledine committed
26
#include <unistd.h>
27
28
#endif
#ifdef HAVE_STRING_H
Roger Dingledine's avatar
Roger Dingledine committed
29
#include <string.h>
30
31
#endif
#ifdef HAVE_SIGNAL_H
Roger Dingledine's avatar
Roger Dingledine committed
32
#include <signal.h>
33
34
#endif
#ifdef HAVE_NETDB_H
Roger Dingledine's avatar
Roger Dingledine committed
35
#include <netdb.h>
36
37
#endif
#ifdef HAVE_CTYPE_H
Roger Dingledine's avatar
Roger Dingledine committed
38
#include <ctype.h>
39
#endif
40
41
42
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h> /* FreeBSD needs this to know what version it is */
#endif
43
#include "../common/torint.h"
Roger Dingledine's avatar
Roger Dingledine committed
44
45
46
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
47
#ifdef HAVE_SYS_FCNTL_H
Roger Dingledine's avatar
Roger Dingledine committed
48
#include <sys/fcntl.h>
49
50
51
52
53
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_SYS_IOCTL_H
Roger Dingledine's avatar
Roger Dingledine committed
54
#include <sys/ioctl.h>
55
56
#endif
#ifdef HAVE_SYS_SOCKET_H
Roger Dingledine's avatar
Roger Dingledine committed
57
#include <sys/socket.h>
58
59
#endif
#ifdef HAVE_SYS_TIME_H
Roger Dingledine's avatar
Roger Dingledine committed
60
#include <sys/time.h>
61
62
#endif
#ifdef HAVE_SYS_STAT_H
63
#include <sys/stat.h>
64
65
#endif
#ifdef HAVE_NETINET_IN_H
Roger Dingledine's avatar
Roger Dingledine committed
66
#include <netinet/in.h>
67
68
#endif
#ifdef HAVE_ARPA_INET_H
Roger Dingledine's avatar
Roger Dingledine committed
69
#include <arpa/inet.h>
70
71
#endif
#ifdef HAVE_ERRNO_H
Roger Dingledine's avatar
Roger Dingledine committed
72
#include <errno.h>
73
74
#endif
#ifdef HAVE_ASSERT_H
Roger Dingledine's avatar
Roger Dingledine committed
75
#include <assert.h>
76
77
#endif
#ifdef HAVE_TIME_H
78
#include <time.h>
79
#endif
80

81
82
/** Upper bound on maximum simultaneous connections; can be lowered by
 * config file. */
83
84
85
86
87
#ifdef CYGWIN
/* http://archives.seul.org/or/talk/Aug-2006/msg00210.html */
#define MAXCONNECTIONS 3200
#else
/* very high by default. "nobody should need more than this..." */
88
#define MAXCONNECTIONS 15000
89
#endif
90

91
#ifdef MS_WINDOWS
92
93
94
95
96
97
98
99
/* No, we don't need to redefine FD_SETSIZE before including winsock:
 * we use libevent now, and libevent handles the select() stuff.  Yes,
 * some documents imply that we need to redefine anyway if we're using
 * select() anywhere in our application or in anything it links to: these
 * documents are either the holy texts of a cargo cult of network
 * programmers, or more likely a simplification of what's going on for
 * people who haven't read winsock[2].c for themselves.
 */
100
#if (_MSC_VER <= 1300)
101
#include <winsock.h>
102
#else
103
104
#include <winsock2.h>
#include <ws2tcpip.h>
105
#endif
106
107
#endif

108
#ifdef MS_WINDOWS
109
#include <io.h>
Roger Dingledine's avatar
Roger Dingledine committed
110
#include <process.h>
111
#include <direct.h>
112
#include <windows.h>
113
#define snprintf _snprintf
114
115
#endif

Nick Mathewson's avatar
Nick Mathewson committed
116
117
118
119
120
121
#ifdef HAVE_EVENT_H
#include <event.h>
#else
#error "Tor requires libevent to build."
#endif

122
#include "../common/crypto.h"
123
#include "../common/tortls.h"
Roger Dingledine's avatar
Roger Dingledine committed
124
#include "../common/log.h"
125
126
#include "../common/compat.h"
#include "../common/container.h"
127
#include "../common/util.h"
128
#include "../common/torgzip.h"
Roger Dingledine's avatar
Roger Dingledine committed
129

Nick Mathewson's avatar
Nick Mathewson committed
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
/* These signals are defined to help control_signal_act work.
 * XXXX Move into compat.h ?
 */
#ifndef SIGHUP
#define SIGHUP 1
#endif
#ifndef SIGINT
#define SIGINT 2
#endif
#ifndef SIGUSR1
#define SIGUSR1 10
#endif
#ifndef SIGUSR2
#define SIGUSR2 12
#endif
#ifndef SIGTERM
#define SIGTERM 15
#endif
148
149
150
/* Controller signals start at a high number so we don't
 * conflict with system-defined signals. */
#define SIGNEWNYM 129
Nick Mathewson's avatar
Nick Mathewson committed
151

152
153
154
155
156
157
#if (SIZEOF_CELL_T != 0)
/* On Irix, stdlib.h defines a cell_t type, so we need to make sure
 * that our stuff always calls cell_t something different. */
#define cell_t tor_cell_t
#endif

158
#define MAX_NICKNAME_LEN 19
159
/* Hex digest plus dollar sign. */
160
#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
161
162
163
/** Maximum size, in bytes, for resized buffers. */
#define MAX_BUF_SIZE ((1<<24)-1)
#define MAX_DIR_SIZE MAX_BUF_SIZE
Roger Dingledine's avatar
Roger Dingledine committed
164

165
166
167
168
/* For http parsing */
#define MAX_HEADERS_SIZE 50000
#define MAX_BODY_SIZE 500000

169
170
/** How long do we keep DNS cache entries before purging them (regardless of
 * their TTL)? */
171
#define MAX_DNS_ENTRY_AGE (30*60)
172
173
174
175
176
#define DEFAULT_DNS_TTL (30*60)
/** How long can a TTL be before we stop believing it? */
#define MAX_DNS_TTL (3*60*60)
/** How small can a TTL be before we stop believing it? */
#define MIN_DNS_TTL (60)
177

Nick Mathewson's avatar
Nick Mathewson committed
178
/** How often do we rotate onion keys? */
179
#define MIN_ONION_KEY_LIFETIME (7*24*60*60)
Nick Mathewson's avatar
Nick Mathewson committed
180
/** How often do we rotate TLS contexts? */
181
#define MAX_SSL_KEY_LIFETIME (2*60*60)
182

Roger Dingledine's avatar
Roger Dingledine committed
183
184
/** How old do we allow a router to get before removing it
 * from the router list? In seconds. */
185
186
187
188
#define ROUTER_MAX_AGE (60*60*48)
/** How old can a router get before we (as a server) will no longer
 * consider it live? In seconds. */
#define ROUTER_MAX_AGE_TO_PUBLISH (60*60*20)
189
/** How old do we let a saved descriptor get before removing it? */
190
191
192
#define OLD_ROUTER_DESC_MAX_AGE (60*60*60)
/** How old do we let a networkstatus get before ignoring it? */
#define NETWORKSTATUS_MAX_AGE (60*60*24)
193

194
195
196
197
typedef enum {
  CIRC_ID_TYPE_LOWER=0,
  CIRC_ID_TYPE_HIGHER=1
} circ_id_type_t;
198

199
#define _CONN_TYPE_MIN 3
Nick Mathewson's avatar
Nick Mathewson committed
200
/** Type for sockets listening for OR connections. */
Roger Dingledine's avatar
Roger Dingledine committed
201
#define CONN_TYPE_OR_LISTENER 3
202
203
/** A bidirectional TLS connection transmitting a sequence of cells.
 * May be from an OR to an OR, or from an OP to an OR. */
Roger Dingledine's avatar
Roger Dingledine committed
204
#define CONN_TYPE_OR 4
205
/** A TCP connection from an onion router to a stream's destination. */
206
#define CONN_TYPE_EXIT 5
207
/** Type for sockets listening for SOCKS connections. */
208
#define CONN_TYPE_AP_LISTENER 6
209
210
/** A SOCKS proxy connection from the user application to the onion
 * proxy. */
211
#define CONN_TYPE_AP 7
212
/** Type for sockets listening for HTTP connections to the directory server. */
213
#define CONN_TYPE_DIR_LISTENER 8
214
/** Type for HTTP connections to the directory server. */
215
#define CONN_TYPE_DIR 9
216
/** Connection from the main process to a DNS worker process. */
217
#define CONN_TYPE_DNSWORKER 10
218
/** Connection from the main process to a CPU worker process. */
Roger Dingledine's avatar
Roger Dingledine committed
219
#define CONN_TYPE_CPUWORKER 11
Roger Dingledine's avatar
Roger Dingledine committed
220
/** Type for listening for connections from user interface process. */
221
#define CONN_TYPE_CONTROL_LISTENER 12
Roger Dingledine's avatar
Roger Dingledine committed
222
/** Type for connections from user interface process. */
223
#define CONN_TYPE_CONTROL 13
224
225
226
/** Type for sockets listening for transparent proxy connections. */
#define CONN_TYPE_AP_TRANS_LISTENER 14
#define _CONN_TYPE_MAX 14
Roger Dingledine's avatar
Roger Dingledine committed
227

228
229
#define CONN_IS_EDGE(x) \
  ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
230

231
/** State for any listener connection. */
Roger Dingledine's avatar
Roger Dingledine committed
232
233
#define LISTENER_STATE_READY 0

234
#define _DNSWORKER_STATE_MIN 1
235
/** State for a connection to a dnsworker process that's idle. */
236
#define DNSWORKER_STATE_IDLE 1
237
238
/** State for a connection to a dnsworker process that's resolving a
 * hostname. */
239
240
#define DNSWORKER_STATE_BUSY 2
#define _DNSWORKER_STATE_MAX 2
241

242
#define _CPUWORKER_STATE_MIN 1
243
/** State for a connection to a cpuworker process that's idle. */
244
#define CPUWORKER_STATE_IDLE 1
Nick Mathewson's avatar
Nick Mathewson committed
245
/** State for a connection to a cpuworker process that's processing a
246
 * handshake. */
247
#define CPUWORKER_STATE_BUSY_ONION 2
Nick Mathewson's avatar
Nick Mathewson committed
248
#define _CPUWORKER_STATE_MAX 2
Roger Dingledine's avatar
Roger Dingledine committed
249
250
251

#define CPUWORKER_TASK_ONION CPUWORKER_STATE_BUSY_ONION

252
#define _OR_CONN_STATE_MIN 1
253
/** State for a connection to an OR: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
254
#define OR_CONN_STATE_CONNECTING 1
255
256
257
258
/** State for a connection to an OR: waiting for proxy command to flush. */
#define OR_CONN_STATE_PROXY_FLUSHING 2
/** State for a connection to an OR: waiting for proxy response. */
#define OR_CONN_STATE_PROXY_READING 3
259
/** State for a connection to an OR: SSL is handshaking, not done yet. */
260
#define OR_CONN_STATE_HANDSHAKING 4
Nick Mathewson's avatar
Nick Mathewson committed
261
/** State for a connection to an OR: Ready to send/receive cells. */
262
263
#define OR_CONN_STATE_OPEN 5
#define _OR_CONN_STATE_MAX 5
264
265

#define _EXIT_CONN_STATE_MIN 1
266
/** State for an exit connection: waiting for response from dns farm. */
Nick Mathewson's avatar
Nick Mathewson committed
267
#define EXIT_CONN_STATE_RESOLVING 1
268
/** State for an exit connection: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
269
#define EXIT_CONN_STATE_CONNECTING 2
270
/** State for an exit connection: open and ready to transmit data. */
271
#define EXIT_CONN_STATE_OPEN 3
272
/** State for an exit connection: waiting to be removed. */
Nick Mathewson's avatar
Nick Mathewson committed
273
#define EXIT_CONN_STATE_RESOLVEFAILED 4
274
#define _EXIT_CONN_STATE_MAX 4
Roger Dingledine's avatar
Roger Dingledine committed
275

276
/* the AP state values must be disjoint from the EXIT state values */
277
#define _AP_CONN_STATE_MIN 5
278
/** State for a SOCKS connection: waiting for SOCKS request. */
279
#define AP_CONN_STATE_SOCKS_WAIT 5
Nick Mathewson's avatar
Nick Mathewson committed
280
/** State for a SOCKS connection: got a y.onion URL; waiting to receive
Roger Dingledine's avatar
Roger Dingledine committed
281
 * rendezvous descriptor. */
282
#define AP_CONN_STATE_RENDDESC_WAIT 6
283
284
285
/** The controller will attach this connection to a circuit; it isn't our
 * job to do so. */
#define AP_CONN_STATE_CONTROLLER_WAIT 7
286
/** State for a SOCKS connection: waiting for a completed circuit. */
287
#define AP_CONN_STATE_CIRCUIT_WAIT 8
288
/** State for a SOCKS connection: sent BEGIN, waiting for CONNECTED. */
289
#define AP_CONN_STATE_CONNECT_WAIT 9
290
/** State for a SOCKS connection: send RESOLVE, waiting for RESOLVED. */
291
#define AP_CONN_STATE_RESOLVE_WAIT 10
292
/** State for a SOCKS connection: ready to send and receive. */
293
#define AP_CONN_STATE_OPEN 11
294
295
296
297
/** State for a transparent proxy connection: waiting for original
 * destination. */
#define AP_CONN_STATE_ORIGDST_WAIT 12
#define _AP_CONN_STATE_MAX 12
298

299
#define _DIR_CONN_STATE_MIN 1
300
/** State for connection to directory server: waiting for connect(). */
Roger Dingledine's avatar
Roger Dingledine committed
301
#define DIR_CONN_STATE_CONNECTING 1
302
/** State for connection to directory server: sending HTTP request. */
Roger Dingledine's avatar
Roger Dingledine committed
303
#define DIR_CONN_STATE_CLIENT_SENDING 2
304
/** State for connection to directory server: reading HTTP response. */
Roger Dingledine's avatar
Roger Dingledine committed
305
#define DIR_CONN_STATE_CLIENT_READING 3
306
307
/** State for connection to directory server: happy and finished. */
#define DIR_CONN_STATE_CLIENT_FINISHED 4
308
/** State for connection at directory server: waiting for HTTP request. */
309
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT 5
310
/** State for connection at directory server: sending HTTP response. */
311
312
#define DIR_CONN_STATE_SERVER_WRITING 6
#define _DIR_CONN_STATE_MAX 6
Roger Dingledine's avatar
Roger Dingledine committed
313

314
315
#define DIR_CONN_IS_SERVER(conn) ((conn)->purpose == DIR_PURPOSE_SERVER)

316
#define _CONTROL_CONN_STATE_MIN 1
317
318
319
320
321
#define CONTROL_CONN_STATE_OPEN_V0 1
#define CONTROL_CONN_STATE_OPEN_V1 2
#define CONTROL_CONN_STATE_NEEDAUTH_V0 3
#define CONTROL_CONN_STATE_NEEDAUTH_V1 4
#define _CONTROL_CONN_STATE_MAX 4
322

Roger Dingledine's avatar
Roger Dingledine committed
323
#define _DIR_PURPOSE_MIN 1
324
/** A connection to a directory server: download a directory. */
Roger Dingledine's avatar
Roger Dingledine committed
325
#define DIR_PURPOSE_FETCH_DIR 1
326
/** A connection to a directory server: download just the list
327
328
 * of running routers. */
#define DIR_PURPOSE_FETCH_RUNNING_LIST 2
329
/** A connection to a directory server: download a rendezvous
Nick Mathewson's avatar
Nick Mathewson committed
330
 * descriptor. */
331
#define DIR_PURPOSE_FETCH_RENDDESC 3
332
/** A connection to a directory server: set after a rendezvous
Nick Mathewson's avatar
Nick Mathewson committed
333
 * descriptor is downloaded. */
334
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC 4
Roger Dingledine's avatar
Roger Dingledine committed
335
/** A connection to a directory server: download one or more network-status
336
337
 * objects */
#define DIR_PURPOSE_FETCH_NETWORKSTATUS 5
338
/** A connection to a directory server: download one or more server
339
340
 * descriptors. */
#define DIR_PURPOSE_FETCH_SERVERDESC 6
341
/** A connection to a directory server: upload a server descriptor. */
342
#define DIR_PURPOSE_UPLOAD_DIR 7
343
/** A connection to a directory server: upload a rendezvous
344
 * descriptor. */
345
#define DIR_PURPOSE_UPLOAD_RENDDESC 8
Nick Mathewson's avatar
Nick Mathewson committed
346
/** Purpose for connection at a directory server. */
347
348
#define DIR_PURPOSE_SERVER 9
#define _DIR_PURPOSE_MAX 9
349

350
351
352
353
354
#define _EXIT_PURPOSE_MIN 1
#define EXIT_PURPOSE_CONNECT 1
#define EXIT_PURPOSE_RESOLVE 2
#define _EXIT_PURPOSE_MAX 2

355
/** Circuit state: I'm the origin, still haven't done all my handshakes. */
Nick Mathewson's avatar
Nick Mathewson committed
356
#define CIRCUIT_STATE_BUILDING 0
357
/** Circuit state: Waiting to process the onionskin. */
Nick Mathewson's avatar
Nick Mathewson committed
358
#define CIRCUIT_STATE_ONIONSKIN_PENDING 1
359
360
/** Circuit state: I'd like to deliver a create, but my n_conn is still
 * connecting. */
Nick Mathewson's avatar
Nick Mathewson committed
361
#define CIRCUIT_STATE_OR_WAIT 2
362
/** Circuit state: onionskin(s) processed, ready to send/receive cells. */
Nick Mathewson's avatar
Nick Mathewson committed
363
#define CIRCUIT_STATE_OPEN 3
Roger Dingledine's avatar
Roger Dingledine committed
364

365
#define _CIRCUIT_PURPOSE_MIN 1
366

367
/* these circuits were initiated elsewhere */
368
#define _CIRCUIT_PURPOSE_OR_MIN 1
Nick Mathewson's avatar
Nick Mathewson committed
369
370
/** OR-side circuit purpose: normal circuit, at OR. */
#define CIRCUIT_PURPOSE_OR 1
371
/** OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices. */
Nick Mathewson's avatar
Nick Mathewson committed
372
#define CIRCUIT_PURPOSE_INTRO_POINT 2
373
/** OR-side circuit purpose: At OR, from Alice, waiting for Bob. */
Nick Mathewson's avatar
Nick Mathewson committed
374
#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3
375
/** OR-side circuit purpose: At OR, both circuits have this purpose. */
Nick Mathewson's avatar
Nick Mathewson committed
376
#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4
377
#define _CIRCUIT_PURPOSE_OR_MAX 4
378

379
/* these circuits originate at this node */
380
381
382
383

/* here's how circ client-side purposes work:
 *   normal circuits are C_GENERAL.
 *   circuits that are c_introducing are either on their way to
384
385
386
387
 *     becoming open, or they are open and waiting for a
 *     suitable rendcirc before they send the intro.
 *   circuits that are c_introduce_ack_wait have sent the intro,
 *     but haven't gotten a response yet.
388
389
390
 *   circuits that are c_establish_rend are either on their way
 *     to becoming open, or they are open and have sent the
 *     establish_rendezvous cell but haven't received an ack.
391
392
 *   circuits that are c_rend_ready are open and have received a
 *     rend ack, but haven't heard from bob yet. if they have a
393
394
 *     buildstate->pending_final_cpath then they're expecting a
 *     cell from bob, else they're not.
395
396
 *   circuits that are c_rend_ready_intro_acked are open, and
 *     some intro circ has sent its intro and received an ack.
397
398
399
 *   circuits that are c_rend_joined are open, have heard from
 *     bob, and are talking to him.
 */
Nick Mathewson's avatar
Nick Mathewson committed
400
401
/** Client-side circuit purpose: Normal circuit, with cpath. */
#define CIRCUIT_PURPOSE_C_GENERAL 5
402
/** Client-side circuit purpose: at Alice, connecting to intro point. */
Nick Mathewson's avatar
Nick Mathewson committed
403
#define CIRCUIT_PURPOSE_C_INTRODUCING 6
404
405
/** Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point,
 * waiting for ACK/NAK. */
Nick Mathewson's avatar
Nick Mathewson committed
406
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7
407
/** Client-side circuit purpose: at Alice, introduced and acked, closing. */
Nick Mathewson's avatar
Nick Mathewson committed
408
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8
409
/** Client-side circuit purpose: at Alice, waiting for ack. */
Nick Mathewson's avatar
Nick Mathewson committed
410
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND 9
411
/** Client-side circuit purpose: at Alice, waiting for Bob. */
Nick Mathewson's avatar
Nick Mathewson committed
412
413
414
415
#define CIRCUIT_PURPOSE_C_REND_READY 10
/** Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE
 * has been acknowledged. */
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED 11
416
/** Client-side circuit purpose: at Alice, rendezvous established. */
Nick Mathewson's avatar
Nick Mathewson committed
417
418
#define CIRCUIT_PURPOSE_C_REND_JOINED 12

419
/** Hidden-service-side circuit purpose: at Bob, waiting for introductions. */
Nick Mathewson's avatar
Nick Mathewson committed
420
421
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 13
/** Hidden-service-side circuit purpose: at Bob, successfully established
422
 * intro. */
Nick Mathewson's avatar
Nick Mathewson committed
423
#define CIRCUIT_PURPOSE_S_INTRO 14
424
/** Hidden-service-side circuit purpose: at Bob, connecting to rend point. */
Nick Mathewson's avatar
Nick Mathewson committed
425
#define CIRCUIT_PURPOSE_S_CONNECT_REND 15
426
/** Hidden-service-side circuit purpose: at Bob, rendezvous established. */
Nick Mathewson's avatar
Nick Mathewson committed
427
#define CIRCUIT_PURPOSE_S_REND_JOINED 16
428
429
/** A testing circuit; not meant to be used for actual traffic. */
#define CIRCUIT_PURPOSE_TESTING 17
430
431
432
/** A controller made this circuit and Tor should not use it. */
#define CIRCUIT_PURPOSE_CONTROLLER 18
#define _CIRCUIT_PURPOSE_MAX 18
433

434
435
/** True iff the circuit purpose <b>p</b> is for a circuit that
 * originated at this node. */
436
437
438
#define CIRCUIT_PURPOSE_IS_ORIGIN(p) ((p)>_CIRCUIT_PURPOSE_OR_MAX)
#define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))

439
440
441
442
443
#define RELAY_COMMAND_BEGIN 1
#define RELAY_COMMAND_DATA 2
#define RELAY_COMMAND_END 3
#define RELAY_COMMAND_CONNECTED 4
#define RELAY_COMMAND_SENDME 5
444
445
#define RELAY_COMMAND_EXTEND 6
#define RELAY_COMMAND_EXTENDED 7
446
447
#define RELAY_COMMAND_TRUNCATE 8
#define RELAY_COMMAND_TRUNCATED 9
448
#define RELAY_COMMAND_DROP 10
449
450
#define RELAY_COMMAND_RESOLVE 11
#define RELAY_COMMAND_RESOLVED 12
451

452
453
454
455
#define RELAY_COMMAND_ESTABLISH_INTRO 32
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
#define RELAY_COMMAND_INTRODUCE1 34
#define RELAY_COMMAND_INTRODUCE2 35
456
457
458
459
460
#define RELAY_COMMAND_RENDEZVOUS1 36
#define RELAY_COMMAND_RENDEZVOUS2 37
#define RELAY_COMMAND_INTRO_ESTABLISHED 38
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
#define RELAY_COMMAND_INTRODUCE_ACK 40
461

462
463
#define END_STREAM_REASON_MISC 1
#define END_STREAM_REASON_RESOLVEFAILED 2
464
#define END_STREAM_REASON_CONNECTREFUSED 3
465
466
467
#define END_STREAM_REASON_EXITPOLICY 4
#define END_STREAM_REASON_DESTROY 5
#define END_STREAM_REASON_DONE 6
468
#define END_STREAM_REASON_TIMEOUT 7
469
470
471
472
473
/* 8 is unallocated. */
#define END_STREAM_REASON_HIBERNATING 9
#define END_STREAM_REASON_INTERNAL 10
#define END_STREAM_REASON_RESOURCELIMIT 11
#define END_STREAM_REASON_CONNRESET 12
474
#define END_STREAM_REASON_TORPROTOCOL 13
475

476
477
478
479
480
481
482
483
/* These high-numbered end reasons are not part of the official spec,
 * and are not intended to be put in relay end cells. They are here
 * to be more informative when sending back socks replies to the
 * application. */
#define END_STREAM_REASON_ALREADY_SOCKS_REPLIED 256
#define END_STREAM_REASON_CANT_ATTACH 257
#define END_STREAM_REASON_NET_UNREACHABLE 258

484
#define RESOLVED_TYPE_HOSTNAME 0
485
486
487
488
489
#define RESOLVED_TYPE_IPV4 4
#define RESOLVED_TYPE_IPV6 6
#define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
#define RESOLVED_TYPE_ERROR 0xF1

490
/* XXX We should document the meaning of these. */
491
492
493
494
495
496
497
498
499
500
501
502
503
#define END_CIRC_AT_ORIGIN           -1
#define _END_CIRC_REASON_MIN            0
#define END_CIRC_REASON_NONE            0
#define END_CIRC_REASON_TORPROTOCOL     1
#define END_CIRC_REASON_INTERNAL        2
#define END_CIRC_REASON_REQUESTED       3
#define END_CIRC_REASON_HIBERNATING     4
#define END_CIRC_REASON_RESOURCELIMIT   5
#define END_CIRC_REASON_CONNECTFAILED   6
#define END_CIRC_REASON_OR_IDENTITY     7
#define END_CIRC_REASON_OR_CONN_CLOSED  8
#define _END_CIRC_REASON_MAX            8

Nick Mathewson's avatar
Nick Mathewson committed
504
/** Length of 'y' portion of 'y.onion' URL. */
505
506
#define REND_SERVICE_ID_LEN 16

507
508
509
#define CELL_DIRECTION_IN 1
#define CELL_DIRECTION_OUT 2

Roger Dingledine's avatar
Roger Dingledine committed
510
511
512
513
514
515
#ifdef TOR_PERF
#define CIRCWINDOW_START 10000
#define CIRCWINDOW_INCREMENT 1000
#define STREAMWINDOW_START 5000
#define STREAMWINDOW_INCREMENT 500
#else
516
517
#define CIRCWINDOW_START 1000
#define CIRCWINDOW_INCREMENT 100
518
519
#define STREAMWINDOW_START 500
#define STREAMWINDOW_INCREMENT 50
Roger Dingledine's avatar
Roger Dingledine committed
520
#endif
521

Roger Dingledine's avatar
Roger Dingledine committed
522
523
524
/* cell commands */
#define CELL_PADDING 0
#define CELL_CREATE 1
525
526
527
#define CELL_CREATED 2
#define CELL_RELAY 3
#define CELL_DESTROY 4
528
529
#define CELL_CREATE_FAST 5
#define CELL_CREATED_FAST 6
Roger Dingledine's avatar
Roger Dingledine committed
530

531
/** How long to test reachability before complaining to the user. */
532
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
533

534
/* legal characters in a nickname */
535
536
#define LEGAL_NICKNAME_CHARACTERS \
  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
537

538
539
540
/** Name to use in client TLS certificates if no nickname is given.*/
#define DEFAULT_CLIENT_NICKNAME "client"

541
542
#define SOCKS4_NETWORK_LEN 8

543
544
545
546
547
548
549
550
551
552
553
554
typedef enum {
  SOCKS5_SUCCEEDED                  = 0x00,
  SOCKS5_GENERAL_ERROR              = 0x01,
  SOCKS5_NOT_ALLOWED                = 0x02,
  SOCKS5_NET_UNREACHABLE            = 0x03,
  SOCKS5_HOST_UNREACHABLE           = 0x04,
  SOCKS5_CONNECTION_REFUSED         = 0x05,
  SOCKS5_TTL_EXPIRED                = 0x06,
  SOCKS5_COMMAND_NOT_SUPPORTED      = 0x07,
  SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
} socks5_reply_status_t;

Roger Dingledine's avatar
Roger Dingledine committed
555
556
557
/*
 * Relay payload:
 *         Relay command           [1 byte]
558
559
 *         Recognized              [2 bytes]
 *         Stream ID               [2 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
560
561
 *         Partial SHA-1           [4 bytes]
 *         Length                  [2 bytes]
562
 *         Relay payload           [498 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
563
 */
564

Roger Dingledine's avatar
Roger Dingledine committed
565
566
567
#define CELL_PAYLOAD_SIZE 509
#define CELL_NETWORK_SIZE 512

568
569
570
#define RELAY_HEADER_SIZE (1+2+2+4+2)
#define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)

571
572
/** Parsed onion routing cell.  All communication between nodes
 * is via cells. */
Roger Dingledine's avatar
Roger Dingledine committed
573
typedef struct {
Nick Mathewson's avatar
Nick Mathewson committed
574
  uint16_t circ_id; /**< Circuit which received the cell. */
575
576
577
  uint8_t command; /**< Type of the cell: one of PADDING, CREATE, RELAY,
                    * or DESTROY. */
  char payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
Roger Dingledine's avatar
Roger Dingledine committed
578
579
} cell_t;

Nick Mathewson's avatar
Nick Mathewson committed
580
/** Beginning of a RELAY cell payload. */
581
typedef struct {
Nick Mathewson's avatar
Nick Mathewson committed
582
583
584
585
586
  uint8_t command; /**< The end-to-end relay command. */
  uint16_t recognized; /**< Used to tell whether cell is for us. */
  uint16_t stream_id; /**< Which stream is this cell associated with? */
  char integrity[4]; /**< Used to tell whether cell is corrupted. */
  uint16_t length; /**< How long is the payload body? */
587
} relay_header_t;
Roger Dingledine's avatar
Roger Dingledine committed
588

589
typedef struct buf_t buf_t;
590
typedef struct socks_request_t socks_request_t;
591

592
593
594
595
596
#define BASE_CONNECTION_MAGIC 0x7C3C304Eu
#define OR_CONNECTION_MAGIC 0x7D31FF03u
#define EDGE_CONNECTION_MAGIC 0xF0374013u
#define DIR_CONNECTION_MAGIC 0x9988ffeeu
#define CONTROL_CONNECTION_MAGIC 0x8abc765du
597

Nick Mathewson's avatar
Nick Mathewson committed
598
/** Description of a connection to another host or process, and associated
599
600
601
 * data.
 *
 * A connection is named based on what it's connected to -- an "OR
602
 * connection" has a Tor node on the other end, an "exit
603
604
605
606
607
608
609
610
611
612
613
614
615
 * connection" has a website or other server on the other end, and an
 * "AP connection" has an application proxy (and thus a user) on the
 * other end.
 *
 * Every connection has a type and a state.  Connections never change
 * their type, but can go through many state changes in their lifetime.
 *
 * Every connection has two associated input and output buffers.
 * Listeners don't use them.  For non-listener connections, incoming
 * data is appended to conn->inbuf, and outgoing data is taken from
 * conn->outbuf.  Connections differ primarily in the functions called
 * to fill and drain these buffers.
 */
616
617
618
typedef struct connection_t {
  uint32_t magic; /**< For memory debugging: must equal one of
                   * *_CONNECTION_MAGIC. */
Roger Dingledine's avatar
Roger Dingledine committed
619

Nick Mathewson's avatar
Nick Mathewson committed
620
621
  uint8_t type; /**< What kind of connection is this? */
  uint8_t state; /**< Current state of this connection. */
622
  uint8_t purpose; /**< Only used for DIR and EXIT types currently. */
623
624
625
626

  /* The next fields are all one-bit booleans. Some are only applicable
   * to connection subtypes, but we hold them here anyway, to save space.
   * (Currently, they all fit into a single byte.) */
627
  unsigned wants_to_read:1; /**< Boolean: should we start reading again once
Roger Dingledine's avatar
Roger Dingledine committed
628
                            * the bandwidth throttler allows it? */
629
  unsigned wants_to_write:1; /**< Boolean: should we start writing again once
Roger Dingledine's avatar
Roger Dingledine committed
630
                             * the bandwidth throttler allows reads? */
631
632
  unsigned hold_open_until_flushed:1; /**< Despite this connection's being
                                      * marked for close, do we flush it
Roger Dingledine's avatar
Roger Dingledine committed
633
                                      * before closing it? */
634
635
  unsigned int inbuf_reached_eof:1; /**< Boolean: did read() return 0 on this
                                     * conn? */
636
637
  unsigned edge_has_sent_end:1; /**< For debugging; only used on edge
                         * connections.  Set once we've set the stream end,
638
                         * and check in circuit_about_to_close_connection(). */
639
  /** For control connections only. If set, we send extended info with control
640
   * events as appropriate. */
641
  unsigned int control_events_are_extended:1;
642
  /** Used for OR conns that shouldn't get any new circs attached to them. */
643
  unsigned int or_is_obsolete:1;
644
  /** For AP connections only. If 1, and we fail to reach the chosen exit,
645
   * stop requiring it. */
646
  unsigned int chosen_exit_optional:1;
647

Roger Dingledine's avatar
Roger Dingledine committed
648
  int s; /**< Our socket; -1 if this connection is closed. */
649
  int conn_array_index; /**< Index into the global connection array. */
Roger Dingledine's avatar
Roger Dingledine committed
650
651
  struct event *read_event; /**< Libevent event structure. */
  struct event *write_event; /**< Libevent event structure. */
652
653
  buf_t *inbuf; /**< Buffer holding data read over this connection. */
  buf_t *outbuf; /**< Buffer holding data to write over this connection. */
Roger Dingledine's avatar
Roger Dingledine committed
654
655
  size_t outbuf_flushlen; /**< How much data should we try to flush from the
                           * outbuf? */
656
657
  time_t timestamp_lastread; /**< When was the last time libevent said we could
                              * read? */
658
  time_t timestamp_lastwritten; /**< When was the last time libevent said we
659
                                 * could write? */
Roger Dingledine's avatar
Roger Dingledine committed
660
  time_t timestamp_created; /**< When was this connection_t created? */
Roger Dingledine's avatar
Roger Dingledine committed
661

Nick Mathewson's avatar
Nick Mathewson committed
662
663
  uint32_t addr; /**< IP of the other side of the connection; used to identify
                  * routers, along with port. */
664
  uint16_t port; /**< If non-zero, port  on the other end
665
                  * of the connection. */
666
667
668
  uint16_t marked_for_close; /**< Should we close this conn on the next
                              * iteration of the main loop? (If true, holds
                              * the line number where this connection was
Roger Dingledine's avatar
Roger Dingledine committed
669
                              * marked.) */
670
671
  const char *marked_for_close_file; /**< For debugging: in which file were
                                      * we marked for close? */
Nick Mathewson's avatar
Nick Mathewson committed
672
  char *address; /**< FQDN (or IP) of the guy on the other end.
Roger Dingledine's avatar
Roger Dingledine committed
673
                  * strdup into this, because free_connection frees it. */
674

675
} connection_t;
676

677
678
/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
 * cells over TLS. */
679
680
681
typedef struct or_connection_t {
  connection_t _base;

682
683
  char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
                                     * the other side's signing key. */
Nick Mathewson's avatar
Nick Mathewson committed
684
  char *nickname; /**< Nickname of OR on other side (if any). */
685

686
  tor_tls_t *tls; /**< TLS connection state */
Roger Dingledine's avatar
Roger Dingledine committed
687

688
689
  time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/

690
691
692
  /* bandwidth* and receiver_bucket only used by ORs in OPEN state: */
  int bandwidthrate; /**< Bytes/s added to the bucket. (OPEN ORs only.) */
  int bandwidthburst; /**< Max bucket size for this conn. (OPEN ORs only.) */
Roger Dingledine's avatar
Roger Dingledine committed
693
  int receiver_bucket; /**< When this hits 0, stop receiving. Every second we
694
                        * add 'bandwidthrate' to this, capping it at
Roger Dingledine's avatar
Roger Dingledine committed
695
                        * bandwidthburst. (OPEN ORs only) */
696
697
698
  circ_id_type_t circ_id_type; /**< When we send CREATE cells along this
                                * connection, which half of the space should
                                * we use? */
699
700
  int n_circuits; /**< How many circuits use this connection as p_conn or
                   * n_conn ? */
701
  struct or_connection_t *next_with_same_id; /**< Next connection with same
702
                                           * identity digest as this one. */
703
704
  uint16_t next_circ_id; /**< Which circ_id do we try to use next on
                          * this connection?  This is always in the
705
                          * range 0..1<<15-1. */
706
707
} or_connection_t;

708
709
/** Subtype of connection_t for an "edge connection" -- that is, a socks (ap)
 * connection, or an exit. */
710
711
typedef struct edge_connection_t {
  connection_t _base;
712

713
  struct edge_connection_t *next_stream; /**< Points to the next stream at this
714
                                          * edge, if any */
Roger Dingledine's avatar
Roger Dingledine committed
715
  struct crypt_path_t *cpath_layer; /**< A pointer to which node in the circ
716
717
718
719
                                     * this conn exits at. */
  int package_window; /**< How many more relay cells can I send into the
                       * circuit? */
  int deliver_window; /**< How many more relay cells can end at me? */
Nick Mathewson's avatar
Nick Mathewson committed
720

721
722
723
724
725
726
727
728
729
730
731
  /** Nickname of planned exit node -- used with .exit support. */
  char *chosen_exit_name;

  socks_request_t *socks_request; /**< SOCKS structure describing request (AP
                                   * only.) */
  struct circuit_t *on_circuit; /**< The circuit (if any) that this edge
                                 * connection is using. */

  uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit
                         * connection.  Exit connections only. */

732
733
734
  uint16_t stream_id; /**< The stream ID used for this edge connection on its
                       * circuit */

735
736
737
738
  /** Quasi-global identifier for this connection; used for control.c */
  /* XXXX NM This can get re-used after 2**32 streams */
  uint32_t global_identifier;

739
  char rend_query[REND_SERVICE_ID_LEN+1]; /**< What rendezvous service are we
740
                                           * querying for? (AP only) */
741
742
743
744
745
746

  /** Number of times we've reassigned this application connection to
   * a new circuit. We keep track because the timeout is longer if we've
   * already retried several times. */
  uint8_t num_socks_retries;

747
748
} edge_connection_t;

749
750
/** Subtype of connection_t for an "directory connection" -- that is, an HTTP
 * connection to retrieve or serve directory material. */
751
752
753
typedef struct dir_connection_t {
  connection_t _base;

754
  char *requested_resource; /**< Which 'resource' did we ask the directory
Roger Dingledine's avatar
Roger Dingledine committed
755
                             * for? */
756
  unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */
757
758
759
760

  /* Used only for server sides of some dir connections, to implement
   * "spooling" of directory material to the outbuf.  Otherwise, we'd have
   * to append everything to the outbuf in one enormous chunk. */
761
  enum {
762
763
764
    DIR_SPOOL_NONE=0, DIR_SPOOL_SERVER_BY_DIGEST, DIR_SPOOL_SERVER_BY_FP,
    DIR_SPOOL_CACHED_DIR, DIR_SPOOL_NETWORKSTATUS
  } dir_spool_src;
765
766
767
768
  smartlist_t *fingerprint_stack;
  struct cached_dir_t *cached_dir;
  off_t cached_dir_offset;
  tor_zlib_state_t *zlib_state;
769

770
  char rend_query[REND_SERVICE_ID_LEN+1]; /**< What rendezvous service are we
771
                                           * querying for? */
772

773
774
775
776
  char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
                                     * the directory server's signing key. */
} dir_connection_t;

777
/** Subtype of connection_t for an connection to a controller. */
778
779
typedef struct control_connection_t {
  connection_t _base;
780

781
782
  uint32_t event_mask; /**< Bitfield: which events does this controller
                        * care about? */
783
784
785
  uint32_t incoming_cmd_len;
  uint32_t incoming_cmd_cur_len;
  char *incoming_cmd;
786
787
  /* Used only by control v0 connections */
  uint16_t incoming_cmd_type;
788
} control_connection_t;
789

790
/** Cast a connection_t subtype pointer to a connection_t **/
791
#define TO_CONN(c) &(((c)->_base))
792
/** Helper macro: Given a pointer to to._base, of type from*, return &to. */
793
794
#define DOWNCAST(to, ptr) \
  (to*) (((char*)(ptr)) - STRUCT_OFFSET(to, _base))
795

796
797
/** Convert a connection_t* to an or_connection_t*; assert if the cast is
 * invalid. */
798
static or_connection_t *TO_OR_CONN(connection_t *);
799
800
/** Convert a connection_t* to a dir_connection_t*; assert if the cast is
 * invalid. */
801
static dir_connection_t *TO_DIR_CONN(connection_t *);
802
803
/** Convert a connection_t* to an edge_connection_t*; assert if the cast is
 * invalid. */
804
static edge_connection_t *TO_EDGE_CONN(connection_t *);
805
806
/** Convert a connection_t* to an control_connection_t*; assert if the cast is
 * invalid. */
807
static control_connection_t *TO_CONTROL_CONN(connection_t *);
808

809
static INLINE or_connection_t *TO_OR_CONN(connection_t *c)
810
811
{
  tor_assert(c->magic == OR_CONNECTION_MAGIC);
812
  return DOWNCAST(or_connection_t, c);
813
}
814
static INLINE dir_connection_t *TO_DIR_CONN(connection_t *c)
815
816
{
  tor_assert(c->magic == DIR_CONNECTION_MAGIC);
817
  return DOWNCAST(dir_connection_t, c);
818
}
819
static INLINE edge_connection_t *TO_EDGE_CONN(connection_t *c)
820
821
{
  tor_assert(c->magic == EDGE_CONNECTION_MAGIC);
822
  return DOWNCAST(edge_connection_t, c);
823
}
824
static INLINE control_connection_t *TO_CONTROL_CONN(connection_t *c)
825
826
{
  tor_assert(c->magic == CONTROL_CONNECTION_MAGIC);
827
  return DOWNCAST(control_connection_t, c);
828
}
Roger Dingledine's avatar
Roger Dingledine committed
829

830
831
832
833
typedef enum {
  ADDR_POLICY_ACCEPT=1,
  ADDR_POLICY_REJECT=2,
} addr_policy_action_t;
Roger Dingledine's avatar
Roger Dingledine committed
834

835
/** A linked list of policy rules */
836
typedef struct addr_policy_t {
837
  addr_policy_action_t policy_type; /**< What to do when the policy matches.*/
838
839
  char *string; /**< String representation of this rule. */
  uint32_t addr; /**< Base address to accept or reject. */
840
841
  uint32_t msk; /**< Accept/reject all addresses <b>a</b> such that
                 * a &amp; msk == <b>addr</b> &amp; msk . */
842
843
  uint16_t prt_min; /**< Lowest port number to accept/reject. */
  uint16_t prt_max; /**< Highest port number to accept/reject. */
Nick Mathewson's avatar
Nick Mathewson committed
844

845
  struct addr_policy_t *next; /**< Next rule in list. */
846
} addr_policy_t;
Roger Dingledine's avatar
Roger Dingledine committed
847

848
849
850
851
852
853
854
855
/** A cached_dir_t represents a cacheable directory object, along with its
 * compressed form. */
typedef struct cached_dir_t {
  char *dir; /**< Contents of this object */
  char *dir_z; /**< Compressed contents of this object. */
  size_t dir_len; /**< Length of <b>dir</b> */
  size_t dir_z_len; /**< Length of <b>dir_z</b> */
  time_t published; /**< When was this object published */
856
  int refcnt; /**< Reference count for this cached_dir_t. */
857
858
} cached_dir_t;

859
860
861
862
typedef enum {
   SAVED_NOWHERE=0, SAVED_IN_CACHE, SAVED_IN_JOURNAL
} saved_location_t;

863
864
/** Information need to cache an onion router's descriptor. */
typedef struct signed_descriptor_t {
865
  char *signed_descriptor_body;
866
867
868
869
  size_t signed_descriptor_len;
  char signed_descriptor_digest[DIGEST_LEN];
  char identity_digest[DIGEST_LEN];
  time_t published_on;
870
  saved_location_t saved_location;
871
  off_t saved_offset;
872
873
} signed_descriptor_t;

Nick Mathewson's avatar
Nick Mathewson committed
874
/** Information about another onion router in the network. */
875
typedef struct {
876
  signed_descriptor_t cache_info;
Nick Mathewson's avatar
Nick Mathewson committed
877
878
  char *address; /**< Location of OR: either a hostname or an IP address. */
  char *nickname; /**< Human-readable OR name. */
Roger Dingledine's avatar
Roger Dingledine committed
879

Nick Mathewson's avatar
Nick Mathewson committed
880
  uint32_t addr; /**< IPv4 address of OR, in host order. */
881
  uint16_t or_port; /**< Port for TLS connections. */
882
  uint16_t dir_port; /**< Port for HTTP directory connections. */
883

884
885
  crypto_pk_env_t *onion_pkey; /**< Public RSA key for onions. */
  crypto_pk_env_t *identity_pkey;  /**< Public RSA key for signing. */
886