or.h 222 KB
Newer Older
Roger Dingledine's avatar
Roger Dingledine committed
1
2
/* Copyright (c) 2001 Matej Pfajfar.
 * Copyright (c) 2001-2004, Roger Dingledine.
3
 * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
Nick Mathewson's avatar
Nick Mathewson committed
4
 * Copyright (c) 2007-2016, The Tor Project, Inc. */
5
/* See LICENSE for licensing information */
Roger Dingledine's avatar
Roger Dingledine committed
6

Nick Mathewson's avatar
Nick Mathewson committed
7
8
9
/**
 * \file or.h
 * \brief Master header file for Tor-specific functionality.
10
 **/
Nick Mathewson's avatar
Nick Mathewson committed
11

12
13
#ifndef TOR_OR_H
#define TOR_OR_H
Roger Dingledine's avatar
Roger Dingledine committed
14

Nick Mathewson's avatar
Nick Mathewson committed
15
#include "orconfig.h"
16

17
#ifdef HAVE_UNISTD_H
Roger Dingledine's avatar
Roger Dingledine committed
18
#include <unistd.h>
19
20
#endif
#ifdef HAVE_SIGNAL_H
Roger Dingledine's avatar
Roger Dingledine committed
21
#include <signal.h>
22
23
#endif
#ifdef HAVE_NETDB_H
Roger Dingledine's avatar
Roger Dingledine committed
24
#include <netdb.h>
25
#endif
26
27
28
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h> /* FreeBSD needs this to know what version it is */
#endif
29
#include "torint.h"
30
#ifdef HAVE_SYS_FCNTL_H
Roger Dingledine's avatar
Roger Dingledine committed
31
#include <sys/fcntl.h>
32
33
34
35
36
#endif
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#ifdef HAVE_SYS_IOCTL_H
Roger Dingledine's avatar
Roger Dingledine committed
37
#include <sys/ioctl.h>
38
#endif
39
40
41
#ifdef HAVE_SYS_UN_H
#include <sys/un.h>
#endif
42
#ifdef HAVE_SYS_STAT_H
43
#include <sys/stat.h>
44
#endif
45
46
47
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
48
#ifdef HAVE_ARPA_INET_H
Roger Dingledine's avatar
Roger Dingledine committed
49
#include <arpa/inet.h>
50
51
#endif
#ifdef HAVE_ERRNO_H
Roger Dingledine's avatar
Roger Dingledine committed
52
#include <errno.h>
53
54
#endif
#ifdef HAVE_ASSERT_H
Roger Dingledine's avatar
Roger Dingledine committed
55
#include <assert.h>
56
57
#endif
#ifdef HAVE_TIME_H
58
#include <time.h>
59
#endif
60

61
#ifdef _WIN32
62
#include <winsock2.h>
63
#include <io.h>
Roger Dingledine's avatar
Roger Dingledine committed
64
#include <process.h>
65
#include <direct.h>
66
67
68
#include <windows.h>
#endif

69
#include "crypto.h"
70
#include "crypto_format.h"
71
#include "tortls.h"
72
#include "torlog.h"
73
74
#include "container.h"
#include "torgzip.h"
75
#include "address.h"
76
#include "compat_libevent.h"
77
#include "ht.h"
78
#include "replaycache.h"
79
#include "crypto_curve25519.h"
80
#include "crypto_ed25519.h"
81
#include "tor_queue.h"
82
#include "util_format.h"
83
#include "hs_circuitmap.h"
84

85
/* These signals are defined to help handle_control_signal work.
Nick Mathewson's avatar
Nick Mathewson committed
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 */
#ifndef SIGHUP
#define SIGHUP 1
#endif
#ifndef SIGINT
#define SIGINT 2
#endif
#ifndef SIGUSR1
#define SIGUSR1 10
#endif
#ifndef SIGUSR2
#define SIGUSR2 12
#endif
#ifndef SIGTERM
#define SIGTERM 15
#endif
102
103
104
/* Controller signals start at a high number so we don't
 * conflict with system-defined signals. */
#define SIGNEWNYM 129
105
#define SIGCLEARDNSCACHE 130
106
#define SIGHEARTBEAT 131
Nick Mathewson's avatar
Nick Mathewson committed
107

108
109
110
111
112
113
#if (SIZEOF_CELL_T != 0)
/* On Irix, stdlib.h defines a cell_t type, so we need to make sure
 * that our stuff always calls cell_t something different. */
#define cell_t tor_cell_t
#endif

114
115
116
117
#ifdef ENABLE_TOR2WEB_MODE
#define NON_ANONYMOUS_MODE_ENABLED 1
#endif

118
119
120
/** Helper macro: Given a pointer to to.base_, of type from*, return &to. */
#define DOWNCAST(to, ptr) ((to*)SUBTYPE_P(ptr, to, base_))

121
/** Length of longest allowable configured nickname. */
122
#define MAX_NICKNAME_LEN 19
123
124
/** Length of a router identity encoded as a hexadecimal digest, plus
 * possible dollar sign. */
125
#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
Roger Dingledine's avatar
Roger Dingledine committed
126
127
/** Maximum length of verbose router identifier: dollar sign, hex ID digest,
 * equal sign or tilde, nickname. */
128
129
#define MAX_VERBOSE_NICKNAME_LEN (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)

130
/** Maximum size, in bytes, for resized buffers. */
131
#define MAX_BUF_SIZE ((1<<24)-1) /* 16MB-1 */
Roger Dingledine's avatar
Roger Dingledine committed
132
/** Maximum size, in bytes, for any directory object that we've downloaded. */
133
#define MAX_DIR_DL_SIZE MAX_BUF_SIZE
Roger Dingledine's avatar
Roger Dingledine committed
134

Nick Mathewson's avatar
Nick Mathewson committed
135
/** For HTTP parsing: Maximum number of bytes we'll accept in the headers
Roger Dingledine's avatar
Roger Dingledine committed
136
 * of an HTTP request or response. */
137
#define MAX_HEADERS_SIZE 50000
138
139
/** Maximum size, in bytes, for any directory object that we're accepting
 * as an upload. */
140
#define MAX_DIR_UL_SIZE MAX_BUF_SIZE
141

142
143
144
145
146
147
148
149
/** Maximum size, in bytes, of a single router descriptor uploaded to us
 * as a directory authority. Caches and clients fetch whatever descriptors
 * the authorities tell them to fetch, and don't care about size. */
#define MAX_DESCRIPTOR_UPLOAD_SIZE 20000

/** Maximum size of a single extrainfo document, as above. */
#define MAX_EXTRAINFO_UPLOAD_SIZE 50000

Nick Mathewson's avatar
Nick Mathewson committed
150
/** How often do we rotate onion keys? */
151
#define MIN_ONION_KEY_LIFETIME (7*24*60*60)
Nick Mathewson's avatar
Nick Mathewson committed
152
/** How often do we rotate TLS contexts? */
153
#define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
154

Roger Dingledine's avatar
Roger Dingledine committed
155
156
/** How old do we allow a router to get before removing it
 * from the router list? In seconds. */
157
158
159
#define ROUTER_MAX_AGE (60*60*48)
/** How old can a router get before we (as a server) will no longer
 * consider it live? In seconds. */
160
#define ROUTER_MAX_AGE_TO_PUBLISH (60*60*24)
161
162
/** How old do we let a saved descriptor get before force-removing it? */
#define OLD_ROUTER_DESC_MAX_AGE (60*60*24*5)
163

164
/** Possible rules for generating circuit IDs on an OR connection. */
165
typedef enum {
166
  CIRC_ID_TYPE_LOWER=0, /**< Pick from 0..1<<15-1. */
Roger Dingledine's avatar
Roger Dingledine committed
167
  CIRC_ID_TYPE_HIGHER=1, /**< Pick from 1<<15..1<<16-1. */
168
169
  /** The other side of a connection is an OP: never create circuits to it,
   * and let it use any circuit ID it wants. */
170
  CIRC_ID_TYPE_NEITHER=2
171
} circ_id_type_t;
Nick Mathewson's avatar
Nick Mathewson committed
172
#define circ_id_type_bitfield_t ENUM_BF(circ_id_type_t)
173

174
#define CONN_TYPE_MIN_ 3
Nick Mathewson's avatar
Nick Mathewson committed
175
/** Type for sockets listening for OR connections. */
Roger Dingledine's avatar
Roger Dingledine committed
176
#define CONN_TYPE_OR_LISTENER 3
177
178
/** A bidirectional TLS connection transmitting a sequence of cells.
 * May be from an OR to an OR, or from an OP to an OR. */
Roger Dingledine's avatar
Roger Dingledine committed
179
#define CONN_TYPE_OR 4
180
/** A TCP connection from an onion router to a stream's destination. */
181
#define CONN_TYPE_EXIT 5
182
/** Type for sockets listening for SOCKS connections. */
183
#define CONN_TYPE_AP_LISTENER 6
184
185
/** A SOCKS proxy connection from the user application to the onion
 * proxy. */
186
#define CONN_TYPE_AP 7
187
/** Type for sockets listening for HTTP connections to the directory server. */
188
#define CONN_TYPE_DIR_LISTENER 8
189
/** Type for HTTP connections to the directory server. */
190
#define CONN_TYPE_DIR 9
191
/* Type 10 is unused. */
Roger Dingledine's avatar
Roger Dingledine committed
192
/** Type for listening for connections from user interface process. */
193
#define CONN_TYPE_CONTROL_LISTENER 11
Roger Dingledine's avatar
Roger Dingledine committed
194
/** Type for connections from user interface process. */
195
#define CONN_TYPE_CONTROL 12
196
197
/** Type for sockets listening for transparent connections redirected by pf or
 * netfilter. */
198
#define CONN_TYPE_AP_TRANS_LISTENER 13
199
200
/** Type for sockets listening for transparent connections redirected by
 * natd. */
201
#define CONN_TYPE_AP_NATD_LISTENER 14
202
203
/** Type for sockets listening for DNS requests. */
#define CONN_TYPE_AP_DNS_LISTENER 15
204

205
/** Type for connections from the Extended ORPort. */
206
#define CONN_TYPE_EXT_OR 16
207
/** Type for sockets listening for Extended ORPort connections. */
208
209
210
211
#define CONN_TYPE_EXT_OR_LISTENER 17

#define CONN_TYPE_MAX_ 17
/* !!!! If _CONN_TYPE_MAX is ever over 31, we must grow the type field in
212
 * connection_t. */
Roger Dingledine's avatar
Roger Dingledine committed
213

214
215
216
217
218
/* Proxy client types */
#define PROXY_NONE 0
#define PROXY_CONNECT 1
#define PROXY_SOCKS4 2
#define PROXY_SOCKS5 3
teor's avatar
teor committed
219
/* !!!! If there is ever a PROXY_* type over 3, we must grow the proxy_type
220
 * field in or_connection_t */
221
222
223

/* Pluggable transport proxy type. Don't use this in or_connection_t,
 * instead use the actual underlying proxy type (see above).  */
224
#define PROXY_PLUGGABLE 4
225
226

/* Proxy client handshake states */
227
/* We use a proxy but we haven't even connected to it yet. */
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
#define PROXY_INFANT 1
/* We use an HTTP proxy and we've sent the CONNECT command. */
#define PROXY_HTTPS_WANT_CONNECT_OK 2
/* We use a SOCKS4 proxy and we've sent the CONNECT command. */
#define PROXY_SOCKS4_WANT_CONNECT_OK 3
/* We use a SOCKS5 proxy and we try to negotiate without
   any authentication . */
#define PROXY_SOCKS5_WANT_AUTH_METHOD_NONE 4
/* We use a SOCKS5 proxy and we try to negotiate with
   Username/Password authentication . */
#define PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929 5
/* We use a SOCKS5 proxy and we just sent our credentials. */
#define PROXY_SOCKS5_WANT_AUTH_RFC1929_OK 6
/* We use a SOCKS5 proxy and we just sent our CONNECT command. */
#define PROXY_SOCKS5_WANT_CONNECT_OK 7
/* We use a proxy and we CONNECTed successfully!. */
#define PROXY_CONNECTED 8
245

246
/** True iff <b>x</b> is an edge connection. */
247
248
#define CONN_IS_EDGE(x) \
  ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
249

250
/** State for any listener connection. */
Roger Dingledine's avatar
Roger Dingledine committed
251
252
#define LISTENER_STATE_READY 0

253
#define OR_CONN_STATE_MIN_ 1
254
/** State for a connection to an OR: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
255
#define OR_CONN_STATE_CONNECTING 1
256
257
/** State for a connection to an OR: waiting for proxy handshake to complete */
#define OR_CONN_STATE_PROXY_HANDSHAKING 2
258
/** State for an OR connection client: SSL is handshaking, not done
259
 * yet. */
260
#define OR_CONN_STATE_TLS_HANDSHAKING 3
261
/** State for a connection to an OR: We're doing a second SSL handshake for
262
 * renegotiation purposes. (V2 handshake only.) */
263
#define OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING 4
264
/** State for a connection at an OR: We're waiting for the client to
265
266
 * renegotiate (to indicate a v2 handshake) or send a versions cell (to
 * indicate a v3 handshake) */
267
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING 5
268
269
270
271
272
273
274
275
/** State for an OR connection: We're done with our SSL handshake, we've done
 * renegotiation, but we haven't yet negotiated link protocol versions and
 * sent a netinfo cell. */
#define OR_CONN_STATE_OR_HANDSHAKING_V2 6
/** State for an OR connection: We're done with our SSL handshake, but we
 * haven't yet negotiated link protocol versions, done a V3 handshake, and
 * sent a netinfo cell. */
#define OR_CONN_STATE_OR_HANDSHAKING_V3 7
276
/** State for an OR connection: Ready to send/receive cells. */
277
#define OR_CONN_STATE_OPEN 8
278
#define OR_CONN_STATE_MAX_ 8
279

280
281
/** States of the Extended ORPort protocol. Be careful before changing
 *  the numbers: they matter. */
282
#define EXT_OR_CONN_STATE_MIN_ 1
283
284
285
286
287
288
289
290
291
292
293
/** Extended ORPort authentication is waiting for the authentication
 *  type selected by the client. */
#define EXT_OR_CONN_STATE_AUTH_WAIT_AUTH_TYPE 1
/** Extended ORPort authentication is waiting for the client nonce. */
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_NONCE 2
/** Extended ORPort authentication is waiting for the client hash. */
#define EXT_OR_CONN_STATE_AUTH_WAIT_CLIENT_HASH 3
#define EXT_OR_CONN_STATE_AUTH_MAX 3
/** Authentication finished and the Extended ORPort is now accepting
 *  traffic. */
#define EXT_OR_CONN_STATE_OPEN 4
294
295
/** Extended ORPort is flushing its last messages and preparing to
 *  start accepting OR connections. */
296
297
#define EXT_OR_CONN_STATE_FLUSHING 5
#define EXT_OR_CONN_STATE_MAX_ 5
298

299
#define EXIT_CONN_STATE_MIN_ 1
Nick Mathewson's avatar
Nick Mathewson committed
300
/** State for an exit connection: waiting for response from DNS farm. */
Nick Mathewson's avatar
Nick Mathewson committed
301
#define EXIT_CONN_STATE_RESOLVING 1
302
/** State for an exit connection: waiting for connect() to finish. */
Nick Mathewson's avatar
Nick Mathewson committed
303
#define EXIT_CONN_STATE_CONNECTING 2
304
/** State for an exit connection: open and ready to transmit data. */
305
#define EXIT_CONN_STATE_OPEN 3
306
/** State for an exit connection: waiting to be removed. */
Nick Mathewson's avatar
Nick Mathewson committed
307
#define EXIT_CONN_STATE_RESOLVEFAILED 4
308
#define EXIT_CONN_STATE_MAX_ 4
Roger Dingledine's avatar
Roger Dingledine committed
309

Roger Dingledine's avatar
Roger Dingledine committed
310
/* The AP state values must be disjoint from the EXIT state values. */
311
#define AP_CONN_STATE_MIN_ 5
312
/** State for a SOCKS connection: waiting for SOCKS request. */
313
#define AP_CONN_STATE_SOCKS_WAIT 5
Nick Mathewson's avatar
Nick Mathewson committed
314
/** State for a SOCKS connection: got a y.onion URL; waiting to receive
Roger Dingledine's avatar
Roger Dingledine committed
315
 * rendezvous descriptor. */
316
#define AP_CONN_STATE_RENDDESC_WAIT 6
317
318
319
/** The controller will attach this connection to a circuit; it isn't our
 * job to do so. */
#define AP_CONN_STATE_CONTROLLER_WAIT 7
320
/** State for a SOCKS connection: waiting for a completed circuit. */
321
#define AP_CONN_STATE_CIRCUIT_WAIT 8
322
/** State for a SOCKS connection: sent BEGIN, waiting for CONNECTED. */
323
#define AP_CONN_STATE_CONNECT_WAIT 9
324
/** State for a SOCKS connection: sent RESOLVE, waiting for RESOLVED. */
325
#define AP_CONN_STATE_RESOLVE_WAIT 10
326
/** State for a SOCKS connection: ready to send and receive. */
327
#define AP_CONN_STATE_OPEN 11
328
329
330
/** State for a transparent natd connection: waiting for original
 * destination. */
#define AP_CONN_STATE_NATD_WAIT 12
331
#define AP_CONN_STATE_MAX_ 12
332

333
334
/** True iff the AP_CONN_STATE_* value <b>s</b> means that the corresponding
 * edge connection is not attached to any circuit. */
335
336
337
#define AP_CONN_STATE_IS_UNATTACHED(s) \
  ((s) <= AP_CONN_STATE_CIRCUIT_WAIT || (s) == AP_CONN_STATE_NATD_WAIT)

338
#define DIR_CONN_STATE_MIN_ 1
339
/** State for connection to directory server: waiting for connect(). */
Roger Dingledine's avatar
Roger Dingledine committed
340
#define DIR_CONN_STATE_CONNECTING 1
341
/** State for connection to directory server: sending HTTP request. */
Roger Dingledine's avatar
Roger Dingledine committed
342
#define DIR_CONN_STATE_CLIENT_SENDING 2
343
/** State for connection to directory server: reading HTTP response. */
Roger Dingledine's avatar
Roger Dingledine committed
344
#define DIR_CONN_STATE_CLIENT_READING 3
345
346
/** State for connection to directory server: happy and finished. */
#define DIR_CONN_STATE_CLIENT_FINISHED 4
347
/** State for connection at directory server: waiting for HTTP request. */
348
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT 5
349
/** State for connection at directory server: sending HTTP response. */
350
#define DIR_CONN_STATE_SERVER_WRITING 6
351
#define DIR_CONN_STATE_MAX_ 6
Roger Dingledine's avatar
Roger Dingledine committed
352

353
354
/** True iff the purpose of <b>conn</b> means that it's a server-side
 * directory connection. */
355
356
#define DIR_CONN_IS_SERVER(conn) ((conn)->purpose == DIR_PURPOSE_SERVER)

357
#define CONTROL_CONN_STATE_MIN_ 1
358
/** State for a control connection: Authenticated and accepting v1 commands. */
359
#define CONTROL_CONN_STATE_OPEN 1
360
361
/** State for a control connection: Waiting for authentication; speaking
 * protocol v1. */
362
#define CONTROL_CONN_STATE_NEEDAUTH 2
363
#define CONTROL_CONN_STATE_MAX_ 2
364

365
366
#define DIR_PURPOSE_MIN_ 4
/** A connection to a directory server: set after a v2 rendezvous
Nick Mathewson's avatar
Nick Mathewson committed
367
 * descriptor is downloaded. */
368
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC_V2 4
369
/** A connection to a directory server: download one or more server
370
371
 * descriptors. */
#define DIR_PURPOSE_FETCH_SERVERDESC 6
372
373
374
/** A connection to a directory server: download one or more extra-info
 * documents. */
#define DIR_PURPOSE_FETCH_EXTRAINFO 7
375
/** A connection to a directory server: upload a server descriptor. */
376
#define DIR_PURPOSE_UPLOAD_DIR 8
377
378
/** A connection to a directory server: upload a v3 networkstatus vote. */
#define DIR_PURPOSE_UPLOAD_VOTE 10
379
/** A connection to a directory server: upload a v3 consensus signature */
380
#define DIR_PURPOSE_UPLOAD_SIGNATURES 11
381
382
/** A connection to a directory server: download one or more v3 networkstatus
 * votes. */
383
#define DIR_PURPOSE_FETCH_STATUS_VOTE 12
384
385
/** A connection to a directory server: download a v3 detached signatures
 * object for a consensus. */
386
#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES 13
387
/** A connection to a directory server: download a v3 networkstatus
388
 * consensus. */
389
#define DIR_PURPOSE_FETCH_CONSENSUS 14
390
391
/** A connection to a directory server: download one or more directory
 * authority certificates. */
392
#define DIR_PURPOSE_FETCH_CERTIFICATE 15
393

Nick Mathewson's avatar
Nick Mathewson committed
394
/** Purpose for connection at a directory server. */
395
#define DIR_PURPOSE_SERVER 16
396
397
398
399
400
401
/** A connection to a hidden service directory server: upload a v2 rendezvous
 * descriptor. */
#define DIR_PURPOSE_UPLOAD_RENDDESC_V2 17
/** A connection to a hidden service directory server: download a v2 rendezvous
 * descriptor. */
#define DIR_PURPOSE_FETCH_RENDDESC_V2 18
402
403
/** A connection to a directory server: download a microdescriptor. */
#define DIR_PURPOSE_FETCH_MICRODESC 19
404
#define DIR_PURPOSE_MAX_ 19
405

406
407
/** True iff <b>p</b> is a purpose corresponding to uploading data to a
 * directory server. */
408
409
410
411
412
#define DIR_PURPOSE_IS_UPLOAD(p)                \
  ((p)==DIR_PURPOSE_UPLOAD_DIR ||               \
   (p)==DIR_PURPOSE_UPLOAD_VOTE ||              \
   (p)==DIR_PURPOSE_UPLOAD_SIGNATURES)

413
#define EXIT_PURPOSE_MIN_ 1
414
/** This exit stream wants to do an ordinary connect. */
415
#define EXIT_PURPOSE_CONNECT 1
416
/** This exit stream wants to do a resolve (either normal or reverse). */
417
#define EXIT_PURPOSE_RESOLVE 2
418
#define EXIT_PURPOSE_MAX_ 2
419

420
/* !!!! If any connection purpose is ever over 31, we must grow the type
421
422
 * field in connection_t. */

423
/** Circuit state: I'm the origin, still haven't done all my handshakes. */
Nick Mathewson's avatar
Nick Mathewson committed
424
#define CIRCUIT_STATE_BUILDING 0
425
/** Circuit state: Waiting to process the onionskin. */
Nick Mathewson's avatar
Nick Mathewson committed
426
#define CIRCUIT_STATE_ONIONSKIN_PENDING 1
427
/** Circuit state: I'd like to deliver a create, but my n_chan is still
428
 * connecting. */
429
#define CIRCUIT_STATE_CHAN_WAIT 2
430
431
432
433
/** Circuit state: the circuit is open but we don't want to actually use it
 * until we find out if a better guard will be available.
 */
#define CIRCUIT_STATE_GUARD_WAIT 3
434
/** Circuit state: onionskin(s) processed, ready to send/receive cells. */
435
#define CIRCUIT_STATE_OPEN 4
Roger Dingledine's avatar
Roger Dingledine committed
436

437
#define CIRCUIT_PURPOSE_MIN_ 1
438

439
/* these circuits were initiated elsewhere */
440
#define CIRCUIT_PURPOSE_OR_MIN_ 1
Nick Mathewson's avatar
Nick Mathewson committed
441
442
/** OR-side circuit purpose: normal circuit, at OR. */
#define CIRCUIT_PURPOSE_OR 1
443
444
/** OR-side circuit purpose: At OR, from the service, waiting for intro from
 * clients. */
Nick Mathewson's avatar
Nick Mathewson committed
445
#define CIRCUIT_PURPOSE_INTRO_POINT 2
446
447
/** OR-side circuit purpose: At OR, from the client, waiting for the service.
 */
Nick Mathewson's avatar
Nick Mathewson committed
448
#define CIRCUIT_PURPOSE_REND_POINT_WAITING 3
449
/** OR-side circuit purpose: At OR, both circuits have this purpose. */
Nick Mathewson's avatar
Nick Mathewson committed
450
#define CIRCUIT_PURPOSE_REND_ESTABLISHED 4
451
#define CIRCUIT_PURPOSE_OR_MAX_ 4
452

453
/* these circuits originate at this node */
454
455
456
457

/* here's how circ client-side purposes work:
 *   normal circuits are C_GENERAL.
 *   circuits that are c_introducing are either on their way to
458
459
460
461
 *     becoming open, or they are open and waiting for a
 *     suitable rendcirc before they send the intro.
 *   circuits that are c_introduce_ack_wait have sent the intro,
 *     but haven't gotten a response yet.
462
463
464
 *   circuits that are c_establish_rend are either on their way
 *     to becoming open, or they are open and have sent the
 *     establish_rendezvous cell but haven't received an ack.
465
 *   circuits that are c_rend_ready are open and have received a
466
 *     rend ack, but haven't heard from the service yet. if they have a
467
 *     buildstate->pending_final_cpath then they're expecting a
468
 *     cell from the service, else they're not.
469
470
 *   circuits that are c_rend_ready_intro_acked are open, and
 *     some intro circ has sent its intro and received an ack.
471
 *   circuits that are c_rend_joined are open, have heard from
472
 *     the service, and are talking to it.
473
 */
Nick Mathewson's avatar
Nick Mathewson committed
474
475
/** Client-side circuit purpose: Normal circuit, with cpath. */
#define CIRCUIT_PURPOSE_C_GENERAL 5
476
/** Client-side circuit purpose: at the client, connecting to intro point. */
Nick Mathewson's avatar
Nick Mathewson committed
477
#define CIRCUIT_PURPOSE_C_INTRODUCING 6
478
/** Client-side circuit purpose: at the client, sent INTRODUCE1 to intro point,
479
 * waiting for ACK/NAK. */
Nick Mathewson's avatar
Nick Mathewson committed
480
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7
481
482
/** Client-side circuit purpose: at the client, introduced and acked, closing.
 */
Nick Mathewson's avatar
Nick Mathewson committed
483
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8
484
/** Client-side circuit purpose: at the client, waiting for ack. */
Nick Mathewson's avatar
Nick Mathewson committed
485
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND 9
486
/** Client-side circuit purpose: at the client, waiting for the service. */
Nick Mathewson's avatar
Nick Mathewson committed
487
#define CIRCUIT_PURPOSE_C_REND_READY 10
488
489
/** Client-side circuit purpose: at the client, waiting for the service,
 * INTRODUCE has been acknowledged. */
Nick Mathewson's avatar
Nick Mathewson committed
490
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED 11
491
/** Client-side circuit purpose: at the client, rendezvous established. */
Nick Mathewson's avatar
Nick Mathewson committed
492
#define CIRCUIT_PURPOSE_C_REND_JOINED 12
493
494
/** This circuit is used for build time measurement only */
#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT 13
495
#define CIRCUIT_PURPOSE_C_MAX_ 13
496
497
/** Hidden-service-side circuit purpose: at the service, waiting for
 * introductions. */
498
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 14
499
500
/** Hidden-service-side circuit purpose: at the service, successfully
 * established intro. */
501
#define CIRCUIT_PURPOSE_S_INTRO 15
502
503
/** Hidden-service-side circuit purpose: at the service, connecting to rend
 * point. */
504
#define CIRCUIT_PURPOSE_S_CONNECT_REND 16
505
506
/** Hidden-service-side circuit purpose: at the service, rendezvous
 * established. */
507
#define CIRCUIT_PURPOSE_S_REND_JOINED 17
508
/** A testing circuit; not meant to be used for actual traffic. */
509
#define CIRCUIT_PURPOSE_TESTING 18
510
/** A controller made this circuit and Tor should not use it. */
511
#define CIRCUIT_PURPOSE_CONTROLLER 19
512
513
514
/** This circuit is used for path bias probing only */
#define CIRCUIT_PURPOSE_PATH_BIAS_TESTING 20
#define CIRCUIT_PURPOSE_MAX_ 20
515
516
517
/** A catch-all for unrecognized purposes. Currently we don't expect
 * to make or see any circuits with this purpose. */
#define CIRCUIT_PURPOSE_UNKNOWN 255
518

519
520
/** True iff the circuit purpose <b>p</b> is for a circuit that
 * originated at this node. */
521
#define CIRCUIT_PURPOSE_IS_ORIGIN(p) ((p)>CIRCUIT_PURPOSE_OR_MAX_)
522
523
/** True iff the circuit purpose <b>p</b> is for a circuit that originated
 * here to serve as a client.  (Hidden services don't count here.) */
524
#define CIRCUIT_PURPOSE_IS_CLIENT(p)  \
525
526
  ((p)> CIRCUIT_PURPOSE_OR_MAX_ &&    \
   (p)<=CIRCUIT_PURPOSE_C_MAX_)
527
/** True iff the circuit_t <b>c</b> is actually an origin_circuit_t. */
528
#define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))
529
530
531
532
533
/** True iff the circuit purpose <b>p</b> is for an established rendezvous
 * circuit. */
#define CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(p) \
  ((p) == CIRCUIT_PURPOSE_C_REND_JOINED ||     \
   (p) == CIRCUIT_PURPOSE_S_REND_JOINED)
534
535
/** True iff the circuit_t c is actually an or_circuit_t */
#define CIRCUIT_IS_ORCIRC(c) (((circuit_t *)(c))->magic == OR_CIRCUIT_MAGIC)
536

537
538
539
540
/** How many circuits do we want simultaneously in-progress to handle
 * a given stream? */
#define MIN_CIRCUITS_HANDLING_STREAM 2

541
542
/* These RELAY_COMMAND constants define values for relay cell commands, and
* must match those defined in tor-spec.txt. */
543
544
545
546
547
#define RELAY_COMMAND_BEGIN 1
#define RELAY_COMMAND_DATA 2
#define RELAY_COMMAND_END 3
#define RELAY_COMMAND_CONNECTED 4
#define RELAY_COMMAND_SENDME 5
548
549
#define RELAY_COMMAND_EXTEND 6
#define RELAY_COMMAND_EXTENDED 7
550
551
#define RELAY_COMMAND_TRUNCATE 8
#define RELAY_COMMAND_TRUNCATED 9
552
#define RELAY_COMMAND_DROP 10
553
554
#define RELAY_COMMAND_RESOLVE 11
#define RELAY_COMMAND_RESOLVED 12
555
#define RELAY_COMMAND_BEGIN_DIR 13
556
557
#define RELAY_COMMAND_EXTEND2 14
#define RELAY_COMMAND_EXTENDED2 15
558

559
560
561
562
#define RELAY_COMMAND_ESTABLISH_INTRO 32
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS 33
#define RELAY_COMMAND_INTRODUCE1 34
#define RELAY_COMMAND_INTRODUCE2 35
563
564
565
566
567
#define RELAY_COMMAND_RENDEZVOUS1 36
#define RELAY_COMMAND_RENDEZVOUS2 37
#define RELAY_COMMAND_INTRO_ESTABLISHED 38
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED 39
#define RELAY_COMMAND_INTRODUCE_ACK 40
568

569
/* Reasons why an OR connection is closed. */
570
571
572
573
574
575
576
577
#define END_OR_CONN_REASON_DONE           1
#define END_OR_CONN_REASON_REFUSED        2 /* connection refused */
#define END_OR_CONN_REASON_OR_IDENTITY    3
#define END_OR_CONN_REASON_CONNRESET      4 /* connection reset by peer */
#define END_OR_CONN_REASON_TIMEOUT        5
#define END_OR_CONN_REASON_NO_ROUTE       6 /* no route to host/net */
#define END_OR_CONN_REASON_IO_ERROR       7 /* read/write error */
#define END_OR_CONN_REASON_RESOURCE_LIMIT 8 /* sockets, buffers, etc */
578
579
#define END_OR_CONN_REASON_PT_MISSING     9 /* PT failed or not available */
#define END_OR_CONN_REASON_MISC           10
580

581
/* Reasons why we (or a remote OR) might close a stream. See tor-spec.txt for
582
 * documentation of these.  The values must match. */
583
584
#define END_STREAM_REASON_MISC 1
#define END_STREAM_REASON_RESOLVEFAILED 2
585
#define END_STREAM_REASON_CONNECTREFUSED 3
586
587
588
#define END_STREAM_REASON_EXITPOLICY 4
#define END_STREAM_REASON_DESTROY 5
#define END_STREAM_REASON_DONE 6
589
#define END_STREAM_REASON_TIMEOUT 7
590
#define END_STREAM_REASON_NOROUTE 8
591
592
593
594
#define END_STREAM_REASON_HIBERNATING 9
#define END_STREAM_REASON_INTERNAL 10
#define END_STREAM_REASON_RESOURCELIMIT 11
#define END_STREAM_REASON_CONNRESET 12
595
#define END_STREAM_REASON_TORPROTOCOL 13
596
#define END_STREAM_REASON_NOTDIRECTORY 14
597
#define END_STREAM_REASON_ENTRYPOLICY 15
598

599
600
601
602
/* These high-numbered end reasons are not part of the official spec,
 * and are not intended to be put in relay end cells. They are here
 * to be more informative when sending back socks replies to the
 * application. */
603
/* XXXX 256 is no longer used; feel free to reuse it. */
604
605
/** We were unable to attach the connection to any circuit at all. */
/* XXXX the ways we use this one don't make a lot of sense. */
606
#define END_STREAM_REASON_CANT_ATTACH 257
607
608
/** We can't connect to any directories at all, so we killed our streams
 * before they can time out. */
609
#define END_STREAM_REASON_NET_UNREACHABLE 258
610
611
/** This is a SOCKS connection, and the client used (or misused) the SOCKS
 * protocol in a way we couldn't handle. */
612
#define END_STREAM_REASON_SOCKSPROTOCOL 259
613
614
/** This is a transparent proxy connection, but we can't extract the original
 * target address:port. */
615
#define END_STREAM_REASON_CANT_FETCH_ORIG_DEST 260
616
/** This is a connection on the NATD port, and the destination IP:Port was
Roger Dingledine's avatar
Roger Dingledine committed
617
 * either ill-formed or out-of-range. */
618
#define END_STREAM_REASON_INVALID_NATD_DEST 261
619
620
621
/** The target address is in a private network (like 127.0.0.1 or 10.0.0.1);
 * you don't want to do that over a randomly chosen exit */
#define END_STREAM_REASON_PRIVATE_ADDR 262
622

623
624
625
/** Bitwise-and this value with endreason to mask out all flags. */
#define END_STREAM_REASON_MASK 511

626
627
/** Bitwise-or this with the argument to control_event_stream_status
 * to indicate that the reason came from an END cell. */
628
629
630
631
#define END_STREAM_REASON_FLAG_REMOTE 512
/** Bitwise-or this with the argument to control_event_stream_status
 * to indicate that we already sent a CLOSED stream event. */
#define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED 1024
632
633
634
635
/** Bitwise-or this with endreason to indicate that we already sent
 * a socks reply, and no further reply needs to be sent from
 * connection_mark_unattached_ap(). */
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED 2048
636

637
638
639
640
641
642
643
/** Reason for remapping an AP connection's address: we have a cached
 * answer. */
#define REMAP_STREAM_SOURCE_CACHE 1
/** Reason for remapping an AP connection's address: the exit node told us an
 * answer. */
#define REMAP_STREAM_SOURCE_EXIT 2

Roger Dingledine's avatar
Roger Dingledine committed
644
/* 'type' values to use in RESOLVED cells.  Specified in tor-spec.txt. */
645
#define RESOLVED_TYPE_HOSTNAME 0
646
647
648
649
650
#define RESOLVED_TYPE_IPV4 4
#define RESOLVED_TYPE_IPV6 6
#define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
#define RESOLVED_TYPE_ERROR 0xF1

651
652
/* Negative reasons are internal: we never send them in a DESTROY or TRUNCATE
 * call; they only go to the controller for tracking  */
653
654
655
656

/* Closing introduction point that were opened in parallel. */
#define END_CIRC_REASON_IP_NOW_REDUNDANT -4

657
658
659
660
/** Our post-timeout circuit time measurement period expired.
 * We must give up now */
#define END_CIRC_REASON_MEASUREMENT_EXPIRED -3

661
/** We couldn't build a path for this circuit. */
662
#define END_CIRC_REASON_NOPATH          -2
663
/** Catch-all "other" reason for closing origin circuits. */
664
#define END_CIRC_AT_ORIGIN              -1
665

666
667
/* Reasons why we (or a remote OR) might close a circuit. See tor-spec.txt for
 * documentation of these. */
668
#define END_CIRC_REASON_MIN_            0
669
670
671
672
673
674
675
676
#define END_CIRC_REASON_NONE            0
#define END_CIRC_REASON_TORPROTOCOL     1
#define END_CIRC_REASON_INTERNAL        2
#define END_CIRC_REASON_REQUESTED       3
#define END_CIRC_REASON_HIBERNATING     4
#define END_CIRC_REASON_RESOURCELIMIT   5
#define END_CIRC_REASON_CONNECTFAILED   6
#define END_CIRC_REASON_OR_IDENTITY     7
677
#define END_CIRC_REASON_CHANNEL_CLOSED  8
678
679
680
681
#define END_CIRC_REASON_FINISHED        9
#define END_CIRC_REASON_TIMEOUT         10
#define END_CIRC_REASON_DESTROYED       11
#define END_CIRC_REASON_NOSUCHSERVICE   12
682
#define END_CIRC_REASON_MAX_            12
683

Roger Dingledine's avatar
Roger Dingledine committed
684
685
686
/** Bitwise-OR this with the argument to circuit_mark_for_close() or
 * control_event_circuit_status() to indicate that the reason was
 * passed through from a destroy or truncate cell. */
687
688
#define END_CIRC_REASON_FLAG_REMOTE     512

Nick Mathewson's avatar
Nick Mathewson committed
689
/** Length of 'y' portion of 'y.onion' URL. */
690
691
#define REND_SERVICE_ID_LEN_BASE32 16

692
693
694
/** Length of 'y.onion' including '.onion' URL. */
#define REND_SERVICE_ADDRESS_LEN (16+1+5)

695
696
/** Length of a binary-encoded rendezvous service ID. */
#define REND_SERVICE_ID_LEN 10
697

698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
/** Time period for which a v2 descriptor will be valid. */
#define REND_TIME_PERIOD_V2_DESC_VALIDITY (24*60*60)

/** Time period within which two sets of v2 descriptors will be uploaded in
 * parallel. */
#define REND_TIME_PERIOD_OVERLAPPING_V2_DESCS (60*60)

/** Number of non-consecutive replicas (i.e. distributed somewhere
 * in the ring) for a descriptor. */
#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS 2

/** Number of consecutive replicas for a descriptor. */
#define REND_NUMBER_OF_CONSECUTIVE_REPLICAS 3

/** Length of v2 descriptor ID (32 base32 chars = 160 bits). */
713
#define REND_DESC_ID_V2_LEN_BASE32 32
714

715
716
717
718
719
720
721
722
/** Length of the base32-encoded secret ID part of versioned hidden service
 * descriptors. */
#define REND_SECRET_ID_PART_LEN_BASE32 32

/** Length of the base32-encoded hash of an introduction point's
 * identity key. */
#define REND_INTRO_POINT_ID_LEN_BASE32 32

723
724
725
726
727
728
729
730
/** Length of the descriptor cookie that is used for client authorization
 * to hidden services. */
#define REND_DESC_COOKIE_LEN 16

/** Length of the base64-encoded descriptor cookie that is used for
 * exchanging client authorization between hidden service and client. */
#define REND_DESC_COOKIE_LEN_BASE64 22

731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
/** Length of client identifier in encrypted introduction points for hidden
 * service authorization type 'basic'. */
#define REND_BASIC_AUTH_CLIENT_ID_LEN 4

/** Multiple of the number of clients to which the real number of clients
 * is padded with fake clients for hidden service authorization type
 * 'basic'. */
#define REND_BASIC_AUTH_CLIENT_MULTIPLE 16

/** Length of client entry consisting of client identifier and encrypted
 * session key for hidden service authorization type 'basic'. */
#define REND_BASIC_AUTH_CLIENT_ENTRY_LEN (REND_BASIC_AUTH_CLIENT_ID_LEN \
                                          + CIPHER_KEY_LEN)

/** Maximum size of v2 hidden service descriptors. */
#define REND_DESC_MAX_SIZE (20 * 1024)

748
749
750
751
752
/** Legal characters for use in authorized client names for a hidden
 * service. */
#define REND_LEGAL_CLIENTNAME_CHARACTERS \
  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"

Nick Mathewson's avatar
Nick Mathewson committed
753
754
755
/** Maximum length of authorized client names for a hidden service. */
#define REND_CLIENTNAME_MAX_LEN 16

756
757
758
759
760
761
762
763
764
765
766
767
768
/** Length of the rendezvous cookie that is used to connect circuits at the
 * rendezvous point. */
#define REND_COOKIE_LEN DIGEST_LEN

/** Client authorization type that a hidden service performs. */
typedef enum rend_auth_type_t {
  REND_NO_AUTH      = 0,
  REND_BASIC_AUTH   = 1,
  REND_STEALTH_AUTH = 2,
} rend_auth_type_t;

/** Client-side configuration of authorization for a hidden service. */
typedef struct rend_service_authorization_t {
769
  uint8_t descriptor_cookie[REND_DESC_COOKIE_LEN];
770
771
772
773
774
775
776
777
  char onion_address[REND_SERVICE_ADDRESS_LEN+1];
  rend_auth_type_t auth_type;
} rend_service_authorization_t;

/** Client- and server-side data that is used for hidden service connection
 * establishment. Not all fields contain data depending on where this struct
 * is used. */
typedef struct rend_data_t {
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
  /* Hidden service protocol version of this base object. */
  uint32_t version;

  /** List of HSDir fingerprints on which this request has been sent to. This
   * contains binary identity digest of the directory of size DIGEST_LEN. */
  smartlist_t *hsdirs_fp;

  /** Rendezvous cookie used by both, client and service. */
  char rend_cookie[REND_COOKIE_LEN];

  /** Number of streams associated with this rendezvous circuit. */
  int nr_streams;
} rend_data_t;

typedef struct rend_data_v2_t {
  /* Rendezvous base data. */
  rend_data_t base_;

796
797
798
  /** Onion address (without the .onion part) that a client requests. */
  char onion_address[REND_SERVICE_ID_LEN_BASE32+1];

799
800
801
802
803
  /** Descriptor ID for each replicas computed from the onion address. If
   * the onion address is empty, this array MUST be empty. We keep them so
   * we know when to purge our entry in the last hsdir request table. */
  char descriptor_id[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS][DIGEST_LEN];

804
805
806
807
808
809
  /** (Optional) descriptor cookie that is used by a client. */
  char descriptor_cookie[REND_DESC_COOKIE_LEN];

  /** Authorization type for accessing a service used by a client. */
  rend_auth_type_t auth_type;

810
  /** Descriptor ID for a client request. The control port command HSFETCH
811
812
813
   * uses this. It's set if the descriptor query should only use this
   * descriptor ID. */
  char desc_id_fetch[DIGEST_LEN];
814

815
816
  /** Hash of the hidden service's PK used by a service. */
  char rend_pk_digest[DIGEST_LEN];
817
} rend_data_v2_t;
818

819
820
821
822
823
824
825
826
/* From a base rend_data_t object <b>d</d>, return the v2 object. */
static inline
rend_data_v2_t *TO_REND_DATA_V2(const rend_data_t *d)
{
  tor_assert(d);
  tor_assert(d->version == 2);
  return DOWNCAST(rend_data_v2_t, d);
}
827

828
829
830
/** Time interval for tracking replays of DH public keys received in
 * INTRODUCE2 cells.  Used only to avoid launching multiple
 * simultaneous attempts to connect to the same rendezvous point. */
831
#define REND_REPLAY_TIME_INTERVAL (5 * 60)
832

833
834
835
836
837
/** Used to indicate which way a cell is going on a circuit. */
typedef enum {
  CELL_DIRECTION_IN=1, /**< The cell is moving towards the origin. */
  CELL_DIRECTION_OUT=2, /**< The cell is moving away from the origin. */
} cell_direction_t;
838

839
840
/** Initial value for both sides of a circuit transmission window when the
 * circuit is initialized.  Measured in cells. */
841
#define CIRCWINDOW_START 1000
842
843
#define CIRCWINDOW_START_MIN 100
#define CIRCWINDOW_START_MAX 1000
844
/** Amount to increment a circuit window when we get a circuit SENDME. */
845
#define CIRCWINDOW_INCREMENT 100
846
847
/** Initial value on both sides of a stream transmission window when the
 * stream is initialized.  Measured in cells. */
848
#define STREAMWINDOW_START 500
849
/** Amount to increment a stream window when we get a stream SENDME. */
850
#define STREAMWINDOW_INCREMENT 50
851

852
853
/** Maximum number of queued cells on a circuit for which we are the
 * midpoint before we give up and kill it.  This must be >= circwindow
854
855
 * to avoid killing innocent circuits, and >= circwindow*2 to give
 * leaky-pipe a chance of working someday. The ORCIRC_MAX_MIDDLE_KILL_THRESH
856
857
858
 * ratio controls the margin of error between emitting a warning and
 * killing the circuit.
 */
859
#define ORCIRC_MAX_MIDDLE_CELLS (CIRCWINDOW_START_MAX*2)
860
861
862
863
864
/** Ratio of hard (circuit kill) to soft (warning) thresholds for the
 * ORCIRC_MAX_MIDDLE_CELLS tests.
 */
#define ORCIRC_MAX_MIDDLE_KILL_THRESH (1.1f)

865
/* Cell commands.  These values are defined in tor-spec.txt. */
Roger Dingledine's avatar
Roger Dingledine committed
866
867
#define CELL_PADDING 0
#define CELL_CREATE 1
868
869
870
#define CELL_CREATED 2
#define CELL_RELAY 3
#define CELL_DESTROY 4
871
872
#define CELL_CREATE_FAST 5
#define CELL_CREATED_FAST 6
873
874
#define CELL_VERSIONS 7
#define CELL_NETINFO 8
875
#define CELL_RELAY_EARLY 9
876
877
#define CELL_CREATE2 10
#define CELL_CREATED2 11
878
#define CELL_PADDING_NEGOTIATE 12
Roger Dingledine's avatar
Roger Dingledine committed
879

880
#define CELL_VPADDING 128
881
#define CELL_CERTS 129
882
883
#define CELL_AUTH_CHALLENGE 130
#define CELL_AUTHENTICATE 131
884
#define CELL_AUTHORIZE 132
885
#define CELL_COMMAND_MAX_ 132
886

887
/** How long to test reachability before complaining to the user. */
888
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
889

890
/** Legal characters in a nickname. */
891
892
#define LEGAL_NICKNAME_CHARACTERS \
  "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
893

Roger Dingledine's avatar
Roger Dingledine committed
894
895
/** Name to use in client TLS certificates if no nickname is given. Once
 * Tor 0.1.2.x is obsolete, we can remove this. */
896
897
#define DEFAULT_CLIENT_NICKNAME "client"

898
899
900
/** Name chosen by routers that don't configure nicknames */
#define UNNAMED_ROUTER_NICKNAME "Unnamed"

901
/** Number of bytes in a SOCKS4 header. */
902
903
#define SOCKS4_NETWORK_LEN 8

Roger Dingledine's avatar
Roger Dingledine committed
904
905
906
/*
 * Relay payload:
 *         Relay command           [1 byte]
907
908
 *         Recognized              [2 bytes]
 *         Stream ID               [2 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
909
910
 *         Partial SHA-1           [4 bytes]
 *         Length                  [2 bytes]
911
 *         Relay payload           [498 bytes]
Roger Dingledine's avatar
Roger Dingledine committed
912
 */
913

914
/** Number of bytes in a cell, minus cell header. */
Roger Dingledine's avatar
Roger Dingledine committed
915
#define CELL_PAYLOAD_SIZE 509
916
917
918
/** Number of bytes in a cell transmitted over the network, in the longest
 * form */
#define CELL_MAX_NETWORK_SIZE 514
Roger Dingledine's avatar
Roger Dingledine committed
919