mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
synchronize to the version i've been giving people to test
svn:r104
This commit is contained in:
Roger Dingledine
parent
09daf01e4a
commit
5449fc86db
25
HACKING
25
HACKING
@ -6,22 +6,27 @@ the code, add features, fix bugs, etc.
|
||||
|
||||
Read the README file first, so you can get familiar with the basics.
|
||||
|
||||
1. The pieces.
|
||||
1. The programs.
|
||||
|
||||
1.1. Routers. Onion routers, as far as the 'or' program is concerned,
|
||||
1.1. "or". This is the main program here. It functions as both a server
|
||||
and a client, depending on which config file you give it. ...
|
||||
|
||||
2. The pieces.
|
||||
|
||||
2.1. Routers. Onion routers, as far as the 'or' program is concerned,
|
||||
are a bunch of data items that are loaded into the router_array when
|
||||
the program starts. After it's loaded, the router information is never
|
||||
changed. When a new OR connection is started (see below), the relevant
|
||||
information is copied from the router struct to the connection struct.
|
||||
|
||||
1.2. Connections. A connection is a long-standing tcp socket between
|
||||
2.2. Connections. A connection is a long-standing tcp socket between
|
||||
nodes. A connection is named based on what it's connected to -- an "OR
|
||||
connection" has an onion router on the other end, an "OP connection" has
|
||||
an onion proxy on the other end, an "exit connection" has a website or
|
||||
other server on the other end, and an "AP connection" has an application
|
||||
proxy (and thus a user) on the other end.
|
||||
|
||||
1.3. Circuits. A circuit is a single conversation between two
|
||||
2.3. Circuits. A circuit is a single conversation between two
|
||||
participants over the onion routing network. One end of the circuit has
|
||||
an AP connection, and the other end has an exit connection. AP and exit
|
||||
connections have only one circuit associated with them (and thus these
|
||||
@ -29,20 +34,20 @@ connection types are closed when the circuit is closed), whereas OP and
|
||||
OR connections multiplex many circuits at once, and stay standing even
|
||||
when there are no circuits running over them.
|
||||
|
||||
1.4. Cells. Some connections, specifically OR and OP connections, speak
|
||||
2.4. Cells. Some connections, specifically OR and OP connections, speak
|
||||
"cells". This means that data over that connection is bundled into 128
|
||||
byte packets (8 bytes of header and 120 bytes of payload). Each cell has
|
||||
a type, or "command", which indicates what it's for.
|
||||
|
||||
|
||||
2. Important parameters in the code.
|
||||
3. Important parameters in the code.
|
||||
|
||||
2.1. Role.
|
||||
3.1. Role.
|
||||
|
||||
|
||||
3. Robustness features.
|
||||
|
||||
3.1. Bandwidth throttling. Each cell-speaking connection has a maximum
|
||||
4.1. Bandwidth throttling. Each cell-speaking connection has a maximum
|
||||
bandwidth it can use, as specified in the routers.or file. Bandwidth
|
||||
throttling occurs on both the sender side and the receiving side. The
|
||||
sending side sends cells at regularly spaced intervals (e.g., a connection
|
||||
@ -64,7 +69,7 @@ The bandwidth throttling uses TCP to push back when we stop reading.
|
||||
We extend it with token buckets to allow more flexibility for traffic
|
||||
bursts.
|
||||
|
||||
3.2. Data congestion control. Even with the above bandwidth throttling,
|
||||
4.2. Data congestion control. Even with the above bandwidth throttling,
|
||||
we still need to worry about congestion, either accidental or intentional.
|
||||
If a lot of people make circuits into same node, and they all come out
|
||||
through the same connection, then that connection may become saturated
|
||||
@ -101,7 +106,7 @@ already guarantee in-order delivery of each cell. Rather than trying
|
||||
to build some sort of tcp-on-tcp scheme, we implement this minimal data
|
||||
congestion control; so far it's enough.
|
||||
|
||||
3.3. Router twins. In many cases when we ask for a router with a given
|
||||
4.3. Router twins. In many cases when we ask for a router with a given
|
||||
address and port, we really mean a router who knows a given key. Router
|
||||
twins are two or more routers that all share the same private key. We thus
|
||||
give routers extra flexibility in choosing the next hop in the circuit: if
|
||||
|
||||
31
README
31
README
@ -1,9 +1,10 @@
|
||||
|
||||
Dependencies:
|
||||
|
||||
You're going to need openssl (0.9.6 will work fine, possibly 0.9.5 also)
|
||||
and popt installed. If you're on Linux, everything will probably work
|
||||
fine. If you're not, you're on your own (but let us know how it goes).
|
||||
You're going to need openssl (0.9.5 or later) and popt (1.6 or later).
|
||||
If you're on Linux, everything will probably work fine. OS X and BSD
|
||||
(but see below under troubleshooting) now work too. Let us know if
|
||||
you get it working elsewhere.
|
||||
|
||||
If you got the source from cvs:
|
||||
|
||||
@ -21,7 +22,7 @@ If this doesn't work for you / troubleshooting:
|
||||
If you couldn't find popt (eg you're on BSD), try
|
||||
CPPFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib" \
|
||||
./configure
|
||||
rather than simply ./configure.
|
||||
rather than simply ./configure. And install popt if you don't have it.
|
||||
|
||||
Check out the list archives at http://archives.seul.org/or/dev/ and see
|
||||
if somebody else has reported your problem. If not, please subscribe
|
||||
@ -31,16 +32,17 @@ If this doesn't work for you / troubleshooting:
|
||||
Once you've got it compiled:
|
||||
|
||||
It's a bit hard to figure out what to do with the binaries. If you
|
||||
want to just run a local onion proxy, go into src/config and look at
|
||||
the oprc file. You can run an onion proxy by "../or/or -f oprc". In
|
||||
another window, run something like "../httpap/httpap -f httpaprc -p
|
||||
9051". See below for how to use it.
|
||||
want to run a local onion proxy (that is, you're a user, not a node
|
||||
operator), go into src/config and look at the oprc file. You can run an
|
||||
onion proxy by "../or/or -f oprc". In another window, run something like
|
||||
"../httpap/httpap -f httpaprc2 -p 9051". See below for how to use it.
|
||||
|
||||
If you want to set up your own test network, go into src/config/ and
|
||||
look at the routers.or file. Also in that directory are public and
|
||||
private keys for various nodes (*-public, *-private) and configuration
|
||||
files for the nodes (*-orrc). You can generate your own keypairs with
|
||||
the orkeygen program, or use the provided ones for testing.
|
||||
If you want to set up your own test network (that is, act like you're
|
||||
a full set of node operators), go into src/config/ and look at the
|
||||
routers.or file. Also in that directory are public and private keys for
|
||||
various nodes (*-public, *-private) and configuration files for the
|
||||
nodes (*-orrc). You can generate your own keypairs with the orkeygen
|
||||
program, or use the provided ones for testing.
|
||||
|
||||
Once you've got your config files ready, you're ready to start up your
|
||||
network. I recommend using a screen session (man screen), or some
|
||||
@ -61,6 +63,9 @@ How to use it:
|
||||
http_proxy=localhost:9051
|
||||
Then you can do things like "wget seul.org" and watch as it downloads
|
||||
from the onion routing network.
|
||||
(You can set your Mozilla/etc to use localhost:9051 as a proxy, and it
|
||||
will work -- but it will work even better if you tell your Mozilla to
|
||||
speak only HTTP 1.0 (the http proxy we include doesn't do 1.1 yet.))
|
||||
|
||||
For fun, you can wget a very large file (a megabyte or more), and
|
||||
then ^z the wget a little bit in. The onion routers will continue
|
||||
|
||||
@ -8,8 +8,11 @@
|
||||
/*
|
||||
* Changes :
|
||||
* $Log$
|
||||
* Revision 1.1 2002/06/26 22:45:50 arma
|
||||
* Initial revision
|
||||
* Revision 1.2 2002/09/19 20:13:23 arma
|
||||
* synchronize to the version i've been giving people to test
|
||||
*
|
||||
* Revision 1.1.1.1 2002/06/26 22:45:50 arma
|
||||
* initial commit: current code
|
||||
*
|
||||
* Revision 1.3 2002/04/02 14:27:11 badbytes
|
||||
* Final finishes.
|
||||
@ -23,6 +26,6 @@
|
||||
*/
|
||||
|
||||
#ifndef __VERSION_H
|
||||
#define VERSION 2
|
||||
#define OR_VERSION 2
|
||||
#define __VERSION_H
|
||||
#endif
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
# Configuration file for or
|
||||
|
||||
# List of routers
|
||||
RouterFile ../config/routers.or
|
||||
RouterFile ../config/routers.op
|
||||
|
||||
# Private key
|
||||
#PrivateKeyFile moria1-private
|
||||
|
||||
@ -8,6 +8,9 @@
|
||||
/*
|
||||
* Changes :
|
||||
* $Log$
|
||||
* Revision 1.10 2002/09/19 20:13:27 arma
|
||||
* synchronize to the version i've been giving people to test
|
||||
*
|
||||
* Revision 1.9 2002/09/10 13:32:27 nickm
|
||||
* "You got BSD in my MacOS!" "You got MacOS in my BSD!" Anyway, MacOS works again.
|
||||
*
|
||||
@ -57,7 +60,6 @@
|
||||
*/
|
||||
|
||||
#include "orconfig.h"
|
||||
#undef VERSION
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/time.h>
|
||||
@ -259,7 +261,7 @@ int handle_connection(int new_sock, struct hostent *local, struct sockaddr_in re
|
||||
}
|
||||
|
||||
/* create a standard structure */
|
||||
ss.version = VERSION;
|
||||
ss.version = OR_VERSION;
|
||||
ss.protocol = SS_PROTOCOL_HTTP;
|
||||
ss.retry_count = 0;
|
||||
ss.addr_fmt = SS_ADDR_FMT_ASCII_HOST_PORT;
|
||||
|
||||
@ -48,8 +48,11 @@ int ap_handshake_process_ss(connection_t *conn) {
|
||||
conn->ss_received = sizeof(ss_t);
|
||||
log(LOG_DEBUG,"ap_handshake_process_ss(): Successfully read ss.");
|
||||
|
||||
if ((conn->ss.version == 0) || (conn->ss.version != VERSION)) { /* unsupported version */
|
||||
log(LOG_DEBUG,"ap_handshake_process_ss(): ss: Unsupported version.");
|
||||
if ((conn->ss.version == 0) || (conn->ss.version != OR_VERSION)) { /* unsupported version */
|
||||
log(LOG_NOTICE,"ap_handshake_process_ss(): ss: Unsupported version '%c'.",conn->ss.version);
|
||||
if(tolower(conn->ss.version) == 'g') {
|
||||
log(LOG_NOTICE,"ap_handshake_process_ss(): are you using the onion proxy as a web proxy?");
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
if (conn->ss.addr_fmt != SS_ADDR_FMT_ASCII_HOST_PORT) { /* unrecognized address format */
|
||||
|
||||
@ -221,7 +221,7 @@ unsigned char *create_onion(routerinfo_t **rarray, int rarray_len, unsigned int
|
||||
/* 0 bit */
|
||||
layer->zero = 0;
|
||||
/* version */
|
||||
layer->version = VERSION;
|
||||
layer->version = OR_VERSION;
|
||||
/* Back F + Forw F both use DES OFB*/
|
||||
layer->backf = ONION_DEFAULT_CIPHER;
|
||||
layer->forwf = ONION_DEFAULT_CIPHER;
|
||||
|
||||
@ -6,7 +6,6 @@
|
||||
#define __OR_H
|
||||
|
||||
#include "orconfig.h"
|
||||
#undef VERSION
|
||||
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
@ -8,6 +8,9 @@
|
||||
/*
|
||||
* Changes :
|
||||
* $Log$
|
||||
* Revision 1.7 2002/09/19 20:13:27 arma
|
||||
* synchronize to the version i've been giving people to test
|
||||
*
|
||||
* Revision 1.6 2002/09/10 13:32:27 nickm
|
||||
* "You got BSD in my MacOS!" "You got MacOS in my BSD!" Anyway, MacOS works again.
|
||||
*
|
||||
@ -126,7 +129,6 @@
|
||||
*/
|
||||
|
||||
#include "orconfig.h"
|
||||
#undef VERSION
|
||||
#include <sys/types.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/time.h>
|
||||
@ -749,7 +751,7 @@ int handle_connection(int s, struct hostent *local, struct sockaddr_in remote, u
|
||||
else
|
||||
{
|
||||
/* fill in the standard structure */
|
||||
ss.version = VERSION;
|
||||
ss.version = OR_VERSION;
|
||||
ss.protocol= SS_PROTOCOL_SMTP;
|
||||
ss.retry_count = 0;
|
||||
ss.addr_fmt = SS_ADDR_FMT_ASCII_HOST_PORT;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user