📄 or.h
字号:
/** Length of 'y' portion of 'y.onion' URL. */
#define REND_SERVICE_ID_LEN_BASE32 16
/** Length of a binary-encoded rendezvous service ID. */
#define REND_SERVICE_ID_LEN 10
/** Time period for which a v2 descriptor will be valid. */
#define REND_TIME_PERIOD_V2_DESC_VALIDITY (24*60*60)
/** Time period within which two sets of v2 descriptors will be uploaded in
* parallel. */
#define REND_TIME_PERIOD_OVERLAPPING_V2_DESCS (60*60)
/** Number of non-consecutive replicas (i.e. distributed somewhere
* in the ring) for a descriptor. */
#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS 2
/** Number of consecutive replicas for a descriptor. */
#define REND_NUMBER_OF_CONSECUTIVE_REPLICAS 3
/** Length of v2 descriptor ID (32 base32 chars = 160 bits). */
#define REND_DESC_ID_V2_LEN_BASE32 32
/** Length of the base32-encoded secret ID part of versioned hidden service
* descriptors. */
#define REND_SECRET_ID_PART_LEN_BASE32 32
/** Length of the base32-encoded hash of an introduction point's
* identity key. */
#define REND_INTRO_POINT_ID_LEN_BASE32 32
#define CELL_DIRECTION_IN 1
#define CELL_DIRECTION_OUT 2
/** Initial value for both sides of a circuit transmission window when the
* circuit is initialized. Measured in cells. */
#define CIRCWINDOW_START 1000
/** Amount to increment a circuit window when we get a circuit SENDME. */
#define CIRCWINDOW_INCREMENT 100
/** Initial value on both sides of a stream transmission window when the
* stream is initialized. Measured in cells. */
#define STREAMWINDOW_START 500
/** Amount to increment a stream window when we get a stream SENDME. */
#define STREAMWINDOW_INCREMENT 50
/* cell commands */
#define CELL_PADDING 0
#define CELL_CREATE 1
#define CELL_CREATED 2
#define CELL_RELAY 3
#define CELL_DESTROY 4
#define CELL_CREATE_FAST 5
#define CELL_CREATED_FAST 6
#define CELL_VERSIONS 7
#define CELL_NETINFO 8
#define CELL_RELAY_EARLY 9
#define CELL_COMMAND_IS_VAR_LENGTH(x) ((x) == CELL_VERSIONS)
/** How long to test reachability before complaining to the user. */
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT (20*60)
/** Legal characters in a nickname. */
#define LEGAL_NICKNAME_CHARACTERS \
"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
/** Name to use in client TLS certificates if no nickname is given. */
#define DEFAULT_CLIENT_NICKNAME "client"
/** Number of bytes in a SOCKS4 header. */
#define SOCKS4_NETWORK_LEN 8
/** Specified SOCKS5 status codes. */
typedef enum {
SOCKS5_SUCCEEDED = 0x00,
SOCKS5_GENERAL_ERROR = 0x01,
SOCKS5_NOT_ALLOWED = 0x02,
SOCKS5_NET_UNREACHABLE = 0x03,
SOCKS5_HOST_UNREACHABLE = 0x04,
SOCKS5_CONNECTION_REFUSED = 0x05,
SOCKS5_TTL_EXPIRED = 0x06,
SOCKS5_COMMAND_NOT_SUPPORTED = 0x07,
SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
} socks5_reply_status_t;
/*
* Relay payload:
* Relay command [1 byte]
* Recognized [2 bytes]
* Stream ID [2 bytes]
* Partial SHA-1 [4 bytes]
* Length [2 bytes]
* Relay payload [498 bytes]
*/
/** Number of bytes in a cell, minus cell header. */
#define CELL_PAYLOAD_SIZE 509
/** Number of bytes in a cell transmitted over the network. */
#define CELL_NETWORK_SIZE 512
#define VAR_CELL_HEADER_SIZE 5
/** Number of bytes in a relay cell's header (not including general cell
* header). */
#define RELAY_HEADER_SIZE (1+2+2+4+2)
/** Largest number of bytes that can fit in a relay cell payload. */
#define RELAY_PAYLOAD_SIZE (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
/** Parsed onion routing cell. All communication between nodes
* is via cells. */
typedef struct cell_t {
uint16_t circ_id; /**< Circuit which received the cell. */
uint8_t command; /**< Type of the cell: one of CELL_PADDING, CELL_CREATE,
* CELL_DESTROY, etc */
char payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
} cell_t;
/** Parsed variable-length onion routing cell. */
typedef struct var_cell_t {
uint8_t command;
uint16_t circ_id;
uint16_t payload_len;
char payload[1];
} var_cell_t;
/** A cell as packed for writing to the network. */
typedef struct packed_cell_t {
struct packed_cell_t *next; /**< Next cell queued on this circuit. */
char body[CELL_NETWORK_SIZE]; /**< Cell as packed for network. */
} packed_cell_t;
/** A queue of cells on a circuit, waiting to be added to the
* or_connection_t's outbuf. */
typedef struct cell_queue_t {
packed_cell_t *head; /**< The first cell, or NULL if the queue is empty. */
packed_cell_t *tail; /**< The last cell, or NULL if the queue is empty. */
int n; /**< The number of cells in the queue. */
} cell_queue_t;
/** Beginning of a RELAY cell payload. */
typedef struct {
uint8_t command; /**< The end-to-end relay command. */
uint16_t recognized; /**< Used to tell whether cell is for us. */
uint16_t stream_id; /**< Which stream is this cell associated with? */
char integrity[4]; /**< Used to tell whether cell is corrupted. */
uint16_t length; /**< How long is the payload body? */
} relay_header_t;
typedef struct buf_t buf_t;
typedef struct socks_request_t socks_request_t;
/* Values for connection_t.magic: used to make sure that downcasts (casts from
* connection_t to foo_connection_t) are safe. */
#define BASE_CONNECTION_MAGIC 0x7C3C304Eu
#define OR_CONNECTION_MAGIC 0x7D31FF03u
#define EDGE_CONNECTION_MAGIC 0xF0374013u
#define DIR_CONNECTION_MAGIC 0x9988ffeeu
#define CONTROL_CONNECTION_MAGIC 0x8abc765du
/** Description of a connection to another host or process, and associated
* data.
*
* A connection is named based on what it's connected to -- an "OR
* connection" has a Tor node on the other end, an "exit
* connection" has a website or other server on the other end, and an
* "AP connection" has an application proxy (and thus a user) on the
* other end.
*
* Every connection has a type and a state. Connections never change
* their type, but can go through many state changes in their lifetime.
*
* Every connection has two associated input and output buffers.
* Listeners don't use them. For non-listener connections, incoming
* data is appended to conn->inbuf, and outgoing data is taken from
* conn->outbuf. Connections differ primarily in the functions called
* to fill and drain these buffers.
*/
typedef struct connection_t {
uint32_t magic; /**< For memory debugging: must equal one of
* *_CONNECTION_MAGIC. */
uint8_t state; /**< Current state of this connection. */
unsigned int type:4; /**< What kind of connection is this? */
unsigned int purpose:5; /**< Only used for DIR and EXIT types currently. */
/* The next fields are all one-bit booleans. Some are only applicable to
* connection subtypes, but we hold them here anyway, to save space.
*/
unsigned int read_blocked_on_bw:1; /**< Boolean: should we start reading
* again once the bandwidth throttler allows it? */
unsigned int write_blocked_on_bw:1; /**< Boolean: should we start writing
* again once the bandwidth throttler allows
* reads? */
unsigned int hold_open_until_flushed:1; /**< Despite this connection's being
* marked for close, do we flush it
* before closing it? */
unsigned int inbuf_reached_eof:1; /**< Boolean: did read() return 0 on this
* conn? */
unsigned int edge_has_sent_end:1; /**< For debugging; only used on edge
* connections. Set once we've set the stream end,
* and check in connection_about_to_close_connection().
*/
/** Edge connections only: true if we've blocked reading until the
* circuit has fewer queued cells. */
unsigned int edge_blocked_on_circ:1;
/** Used for OR conns that shouldn't get any new circs attached to them. */
unsigned int or_is_obsolete:1;
/** For AP connections only. If 1, and we fail to reach the chosen exit,
* stop requiring it. */
unsigned int chosen_exit_optional:1;
/** For AP connections only. If non-zero, this exit node was picked as
* a result of the TrackHostExit, and the value decrements every time
* we fail to complete a circuit to our chosen exit -- if it reaches
* zero, abandon the associated mapaddress. */
unsigned int chosen_exit_retries:3;
/** Set to 1 when we're inside connection_flushed_some to keep us from
* calling connection_handle_write() recursively. */
unsigned int in_flushed_some:1;
/* For linked connections:
*/
unsigned int linked:1; /**< True if there is, or has been, a linked_conn. */
/** True iff we'd like to be notified about read events from the
* linked conn. */
unsigned int reading_from_linked_conn:1;
/** True iff we're willing to write to the linked conn. */
unsigned int writing_to_linked_conn:1;
/** True iff we're currently able to read on the linked conn, and our
* read_event should be made active with libevent. */
unsigned int active_on_link:1;
/** True iff we've called connection_close_immediate() on this linked
* connection. */
unsigned int linked_conn_is_closed:1;
int s; /**< Our socket; -1 if this connection is closed, or has no
* socket. */
int conn_array_index; /**< Index into the global connection array. */
struct event *read_event; /**< Libevent event structure. */
struct event *write_event; /**< Libevent event structure. */
buf_t *inbuf; /**< Buffer holding data read over this connection. */
buf_t *outbuf; /**< Buffer holding data to write over this connection. */
size_t outbuf_flushlen; /**< How much data should we try to flush from the
* outbuf? */
time_t timestamp_lastread; /**< When was the last time libevent said we could
* read? */
time_t timestamp_lastwritten; /**< When was the last time libevent said we
* could write? */
time_t timestamp_created; /**< When was this connection_t created? */
/* XXXX_IP6 make this ipv6-capable */
int socket_family; /**< Address family of this connection's socket. Usually
* AF_INET, but it can also be AF_UNIX, or in the future
* AF_INET6 */
uint32_t addr; /**< IP of the other side of the connection; used to identify
* routers, along with port. */
uint16_t port; /**< If non-zero, port on the other end
* of the connection. */
uint16_t marked_for_close; /**< Should we close this conn on the next
* iteration of the main loop? (If true, holds
* the line number where this connection was
* marked.) */
const char *marked_for_close_file; /**< For debugging: in which file were
* we marked for close? */
char *address; /**< FQDN (or IP) of the guy on the other end.
* strdup into this, because free_connection frees it. */
/** Another connection that's connected to this one in lieu of a socket. */
struct connection_t *linked_conn;
/* XXXX021 move this into a subtype. */
struct evdns_server_port *dns_server_port;
} connection_t;
/** Stores flags and information related to the portion of a v2 Tor OR
* connection handshake that happens after the TLS handshake is finished.
*/
typedef struct or_handshake_state_t {
/** When was the VERSIONS cell sent on this connection? Used to get
* an estimate of the skew in the returning NETINFO reply. */
time_t sent_versions_at;
/** True iff we originated this connection */
unsigned int started_here : 1;
/** True iff we have received and processed a VERSIONS cell. */
unsigned int received_versions : 1;
} or_handshake_state_t;
/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
* cells over TLS. */
typedef struct or_connection_t {
connection_t _base;
/** Hash of the public RSA key for the other side's identity key, or zeroes
* if the other side hasn't shown us a valid identity key. */
char identity_digest[DIGEST_LEN];
char *nickname; /**< Nickname of OR on other side (if any). */
tor_tls_t *tls; /**< TLS connection state. */
int tls_error; /**< Last tor_tls error code. */
/** When we last used this conn for any client traffic. If not
* recent, we can rate limit it further. */
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -