Make decriptor format more flexible and extensible

svn:r1227

doc/tor-spec.txt

@@ -511,63 +511,91 @@ TODO: (very soon)
 
 7. Directories and routers
 
+7.1. Extensible information format
+
+Router descriptors and directories both obey the following lightweight
+extensible information format.
+
+The highest level object is a Document, which consists of one or more Items.
+Every Item begins with a KeywordLine, followed by one or more Objects. A
+KeywordLine begins with a Keyword, optionally followed by a space and more
+non-newline characters, and ends with a newline.  A Keyword is a sequence of
+one or more characters in the set [A-Za-z0-9-].  An Object is a block of
+PGP-encrypted data in Open-PGP-style armor.
+
+More formally:
+
+    Document ::= (Item | NL)+
+    Item ::= KeywordLine Object*
+    KeywordLine ::= Keyword NL | Keyword SP ArgumentsChar+ NL
+    Keyword = KeywordChar+
+    KeywordChar ::= 'A' ... 'Z' | 'a' ... 'z' | '0' ... '9' | '-'
+    ArgumentChar ::= any printing ASCII character except NL.
+    Object ::= BeginLine Base-64-encoded-data EndLine
+    BeginLine ::= "-----BEGIN " Keyword "-----" NL
+    EndLine ::= "-----END " Keyword "-----" NL
+
+    The BeginLine and EndLine of an Object must use the same keyword.
+
+When interpreting a Document, software MUST reject any document containing a
+KeywordLine that starts with a keyword it doesn't recognize.
+
 7.1. Router descriptor format.
 
-(Unless otherwise noted, tokens on the same line are space-separated.)
+Every router descriptor MUST start with a "router" Item; MUST end with a
+"router-signature" Item and an extra NL; and MUST contain exactly one
+instance of each of the following Items: "published" "onion-key" "link-key"
+"signing-key".  Additionally, a router descriptor MAY contain any number of
+"accept", "reject", and "opt" Items.
 
-Router ::= Router-Line  Date-Line Onion-Key Link-Key Signing-Key  Exit-Policy Router-Signature NL
+The items' formats are as follows:
-Router-Line ::= "router" nickname address ORPort SocksPort DirPort bandwidth NL
+   "router" nickname address (ORPort SocksPort DirPort bandwidth)?
-Date-Line ::= "published" YYYY-MM-DD HH:MM:SS NL
+   "ports" ORPort SocksPort DirPort
-Onion-key ::= "onion-key"  NL  a public key in PEM format   NL
+   "bandwidth" bandwidth
-Link-key ::= "link-key"  NL  a public key in PEM format  NL
+   "platform" string
-Signing-Key ::= "signing-key"  NL  a public key in PEM format   NL
+   "published" YYYY-MM-DD HH:MM:SS
-Exit-Policy ::= Exit-Line*
+   "onion-key" NL a public key in PEM format
-Exit-Line ::= ("accept"|"reject")  string  NL
+   "link-key" NL a public key in PEM format
-Router-Signature ::= "router-signature"  NL  Signature
+   "signing-key" NL a public key in PEM format
-Signature ::= "-----BEGIN SIGNATURE-----" NL
+   "accept" string
-              Base-64-encoded-signature NL "-----END SIGNATURE-----" NL
+   "reject" string
+   "router-signature" NL "-----BEGIN SIGNATURE-----" NL Signature NL
+                      "-----END SIGNATURE-----"
+   "opt" SP keyword string? NL,Object?
 
 ORport ::= port where the router listens for routers/proxies (speaking cells)
 SocksPort ::=  where the router listens for applications (speaking socks)
 DirPort ::= where the router listens for directory download requests
 bandwidth ::= maximum bandwidth, in bytes/s
-
 nickname ::= between 1 and 32 alphanumeric characters.  case-insensitive.
 
-Example:
+Bandwidth and ports are required; if they are not included in the router
-router moria1 moria.mit.edu 9001 9021 9031 100000
+line, they must appear in "bandwidth" and "ports" lines.
-published 2003-09-24 19:36:05
------BEGIN RSA PUBLIC KEY-----
-MIGJAoGBAMBBuk1sYxEg5jLAJy86U3GGJ7EGMSV7yoA6mmcsEVU3pwTUrpbpCmwS
-7BvovoY3z4zk63NZVBErgKQUDkn3pp8n83xZgEf4GI27gdWIIwaBjEimuJlEY+7K
-nZ7kVMRoiXCbjL6VAtNa4Zy1Af/GOm0iCIDpholeujQ95xew7rQnAgMA//8=
------END RSA PUBLIC KEY-----
-signing-key
------BEGIN RSA PUBLIC KEY-----
-7BvovoY3z4zk63NZVBErgKQUDkn3pp8n83xZgEf4GI27gdWIIwaBjEimuJlEY+7K
-MIGJAoGBAMBBuk1sYxEg5jLAJy86U3GGJ7EGMSV7yoA6mmcsEVU3pwTUrpbpCmwS
-f/GOm0iCIDpholeujQ95xew7rnZ7kVMRoiXCbjL6VAtNa4Zy1AQnAgMA//8=
------END RSA PUBLIC KEY-----
-reject 18.0.0.0/24
 
-Note: The extra newline at the end of the router block is intentional.
+"opt" is reserved for non-critical future extensions.
 
 7.2. Directory format
 
-Directory ::= Directory-Header  Directory-Router  Router*  Signature
+A Directory begins with a "signed-directory" item, followed by one each of
-Directory-Header ::= "signed-directory" NL Software-Line NL
+the following, in any order: "recommended-software".  It may include any
-Software-Line: "recommended-software"  comma-separated-version-list
+number of "opt" items.  After these items, a directory includes any number
-Directory-Router ::= Router
+of router descriptors, and a singer "directory-signature" item.
-Directory-Signature ::= "directory-signature"  NL  Signature
-Signature ::= "-----BEGIN SIGNATURE-----" NL
-              Base-64-encoded-signature NL "-----END SIGNATURE-----" NL
 
-Note:  The router block for the directory server must appear first.
+    "signed-directory"
+    "recommended-software"  comma-separated-version-list
+    "directory-signature" NL Signature
+
+Note:  The router descriptor for the directory server must appear first.
 The signature is computed by computing the SHA-1 hash of the
 directory, from the characters "signed-directory", through the newline
 after "directory-signature".  This digest is then padded with PKCS.1,
 and signed with the directory server's signing key.
 
+If software encounters an unrecognized keyword in a single router descriptor,
+it should reject only that router descriptor, and continue using the
+others.  If it encounters an unrecognized keyword in the directory header,
+it should reject the entire directory.
+
 7.3. Behavior of a directory server
 
 lists nodes that are connected currently