dir-spec-v1.txt 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314
  1. Tor Protocol Specification
  2. Roger Dingledine
  3. Nick Mathewson
  4. 0. Preliminaries
  5. THIS SPECIFICATION IS OBSOLETE.
  6. This document specifies the Tor directory protocol as used in version
  7. 0.1.0.x and earlier. See dir-spec.txt for a current version.
  8. 1. Basic operation
  9. There is a small number of directory authorities, and a larger number of
  10. caches. Client and servers know public keys for the directory authorities.
  11. Tor servers periodically upload self-signed "router descriptors" to the
  12. directory authorities. Each authority publishes a self-signed "directory"
  13. (containing all the router descriptors it knows, and a statement on which
  14. are running) and a self-signed "running routers" document containing only
  15. the statement on which routers are running.
  16. All Tors periodically download these documents, downloading the directory
  17. less frequently than they do the "running routers" document. Clients
  18. preferentially download from caches rather than authorities.
  19. 1.1. Document format
  20. Router descriptors, directories, and running-routers documents all obey the
  21. following lightweight extensible information format.
  22. The highest level object is a Document, which consists of one or more
  23. Items. Every Item begins with a KeywordLine, followed by one or more
  24. Objects. A KeywordLine begins with a Keyword, optionally followed by
  25. whitespace and more non-newline characters, and ends with a newline. A
  26. Keyword is a sequence of one or more characters in the set [A-Za-z0-9-].
  27. An Object is a block of encoded data in pseudo-Open-PGP-style
  28. armor. (cf. RFC 2440)
  29. More formally:
  30. Document ::= (Item | NL)+
  31. Item ::= KeywordLine Object*
  32. KeywordLine ::= Keyword NL | Keyword WS ArgumentsChar+ NL
  33. Keyword = KeywordChar+
  34. KeywordChar ::= 'A' ... 'Z' | 'a' ... 'z' | '0' ... '9' | '-'
  35. ArgumentChar ::= any printing ASCII character except NL.
  36. WS = (SP | TAB)+
  37. Object ::= BeginLine Base-64-encoded-data EndLine
  38. BeginLine ::= "-----BEGIN " Keyword "-----" NL
  39. EndLine ::= "-----END " Keyword "-----" NL
  40. The BeginLine and EndLine of an Object must use the same keyword.
  41. When interpreting a Document, software MUST reject any document containing a
  42. KeywordLine that starts with a keyword it doesn't recognize.
  43. The "opt" keyword is reserved for non-critical future extensions. All
  44. implementations MUST ignore any item of the form "opt keyword ....." when
  45. they would not recognize "keyword ....."; and MUST treat "opt keyword ....."
  46. as synonymous with "keyword ......" when keyword is recognized.
  47. 2. Router descriptor format.
  48. Every router descriptor MUST start with a "router" Item; MUST end with a
  49. "router-signature" Item and an extra NL; and MUST contain exactly one
  50. instance of each of the following Items: "published" "onion-key" "link-key"
  51. "signing-key" "bandwidth". Additionally, a router descriptor MAY contain
  52. any number of "accept", "reject", "fingerprint", "uptime", and "opt" Items.
  53. Other than "router" and "router-signature", the items may appear in any
  54. order.
  55. The items' formats are as follows:
  56. "router" nickname address ORPort SocksPort DirPort
  57. Indicates the beginning of a router descriptor. "address"
  58. must be an IPv4 address in dotted-quad format. The last
  59. three numbers indicate the TCP ports at which this OR exposes
  60. functionality. ORPort is a port at which this OR accepts TLS
  61. connections for the main OR protocol; SocksPort is deprecated and
  62. should always be 0; and DirPort is the port at which this OR accepts
  63. directory-related HTTP connections. If any port is not supported,
  64. the value 0 is given instead of a port number.
  65. "bandwidth" bandwidth-avg bandwidth-burst bandwidth-observed
  66. Estimated bandwidth for this router, in bytes per second. The
  67. "average" bandwidth is the volume per second that the OR is willing
  68. to sustain over long periods; the "burst" bandwidth is the volume
  69. that the OR is willing to sustain in very short intervals. The
  70. "observed" value is an estimate of the capacity this server can
  71. handle. The server remembers the max bandwidth sustained output
  72. over any ten second period in the past day, and another sustained
  73. input. The "observed" value is the lesser of these two numbers.
  74. "platform" string
  75. A human-readable string describing the system on which this OR is
  76. running. This MAY include the operating system, and SHOULD include
  77. the name and version of the software implementing the Tor protocol.
  78. "published" YYYY-MM-DD HH:MM:SS
  79. The time, in GMT, when this descriptor was generated.
  80. "fingerprint"
  81. A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded
  82. in hex, with a single space after every 4 characters) for this router's
  83. identity key. A descriptor is considered invalid (and MUST be
  84. rejected) if the fingerprint line does not match the public key.
  85. [We didn't start parsing this line until Tor 0.1.0.6-rc; it should
  86. be marked with "opt" until earlier versions of Tor are obsolete.]
  87. "hibernating" 0|1
  88. If the value is 1, then the Tor server was hibernating when the
  89. descriptor was published, and shouldn't be used to build circuits.
  90. [We didn't start parsing this line until Tor 0.1.0.6-rc; it should
  91. be marked with "opt" until earlier versions of Tor are obsolete.]
  92. "uptime"
  93. The number of seconds that this OR process has been running.
  94. "onion-key" NL a public key in PEM format
  95. This key is used to encrypt EXTEND cells for this OR. The key MUST
  96. be accepted for at least XXXX hours after any new key is published in
  97. a subsequent descriptor.
  98. "signing-key" NL a public key in PEM format
  99. The OR's long-term identity key.
  100. "accept" exitpattern
  101. "reject" exitpattern
  102. These lines, in order, describe the rules that an OR follows when
  103. deciding whether to allow a new stream to a given address. The
  104. 'exitpattern' syntax is described below.
  105. "router-signature" NL Signature NL
  106. The "SIGNATURE" object contains a signature of the PKCS1-padded
  107. hash of the entire router descriptor, taken from the beginning of the
  108. "router" line, through the newline after the "router-signature" line.
  109. The router descriptor is invalid unless the signature is performed
  110. with the router's identity key.
  111. "contact" info NL
  112. Describes a way to contact the server's administrator, preferably
  113. including an email address and a PGP key fingerprint.
  114. "family" names NL
  115. 'Names' is a whitespace-separated list of server nicknames. If two ORs
  116. list one another in their "family" entries, then OPs should treat them
  117. as a single OR for the purpose of path selection.
  118. For example, if node A's descriptor contains "family B", and node B's
  119. descriptor contains "family A", then node A and node B should never
  120. be used on the same circuit.
  121. "read-history" YYYY-MM-DD HH:MM:SS (NSEC s) NUM,NUM,NUM,NUM,NUM... NL
  122. "write-history" YYYY-MM-DD HH:MM:SS (NSEC s) NUM,NUM,NUM,NUM,NUM... NL
  123. Declare how much bandwidth the OR has used recently. Usage is divided
  124. into intervals of NSEC seconds. The YYYY-MM-DD HH:MM:SS field defines
  125. the end of the most recent interval. The numbers are the number of
  126. bytes used in the most recent intervals, ordered from oldest to newest.
  127. [We didn't start parsing these lines until Tor 0.1.0.6-rc; they should
  128. be marked with "opt" until earlier versions of Tor are obsolete.]
  129. 2.1. Nonterminals in routerdescriptors
  130. nickname ::= between 1 and 19 alphanumeric characters, case-insensitive.
  131. exitpattern ::= addrspec ":" portspec
  132. portspec ::= "*" | port | port "-" port
  133. port ::= an integer between 1 and 65535, inclusive.
  134. addrspec ::= "*" | ip4spec | ip6spec
  135. ipv4spec ::= ip4 | ip4 "/" num_ip4_bits | ip4 "/" ip4mask
  136. ip4 ::= an IPv4 address in dotted-quad format
  137. ip4mask ::= an IPv4 mask in dotted-quad format
  138. num_ip4_bits ::= an integer between 0 and 32
  139. ip6spec ::= ip6 | ip6 "/" num_ip6_bits
  140. ip6 ::= an IPv6 address, surrounded by square brackets.
  141. num_ip6_bits ::= an integer between 0 and 128
  142. Ports are required; if they are not included in the router
  143. line, they must appear in the "ports" lines.
  144. 3. Directory format
  145. A Directory begins with a "signed-directory" item, followed by one each of
  146. the following, in any order: "recommended-software", "published",
  147. "router-status", "dir-signing-key". It may include any number of "opt"
  148. items. After these items, a directory includes any number of router
  149. descriptors, and a single "directory-signature" item.
  150. "signed-directory"
  151. Indicates the start of a directory.
  152. "published" YYYY-MM-DD HH:MM:SS
  153. The time at which this directory was generated and signed, in GMT.
  154. "dir-signing-key"
  155. The key used to sign this directory; see "signing-key" for format.
  156. "recommended-software" comma-separated-version-list
  157. A list of which versions of which implementations are currently
  158. believed to be secure and compatible with the network.
  159. "running-routers" whitespace-separated-list
  160. A description of which routers are currently believed to be up or
  161. down. Every entry consists of an optional "!", followed by either an
  162. OR's nickname, or "$" followed by a hexadecimal encoding of the hash
  163. of an OR's identity key. If the "!" is included, the router is
  164. believed not to be running; otherwise, it is believed to be running.
  165. If a router's nickname is given, exactly one router of that nickname
  166. will appear in the directory, and that router is "approved" by the
  167. directory server. If a hashed identity key is given, that OR is not
  168. "approved". [XXXX The 'running-routers' line is only provided for
  169. backward compatibility. New code should parse 'router-status'
  170. instead.]
  171. "router-status" whitespace-separated-list
  172. A description of which routers are currently believed to be up or
  173. down, and which are verified or unverified. Contains one entry for
  174. every router that the directory server knows. Each entry is of the
  175. format:
  176. !name=$digest [Verified router, currently not live.]
  177. name=$digest [Verified router, currently live.]
  178. !$digest [Unverified router, currently not live.]
  179. or $digest [Unverified router, currently live.]
  180. (where 'name' is the router's nickname and 'digest' is a hexadecimal
  181. encoding of the hash of the routers' identity key).
  182. When parsing this line, clients should only mark a router as
  183. 'verified' if its nickname AND digest match the one provided.
  184. "directory-signature" nickname-of-dirserver NL Signature
  185. The signature is computed by computing the digest of the
  186. directory, from the characters "signed-directory", through the newline
  187. after "directory-signature". This digest is then padded with PKCS.1,
  188. and signed with the directory server's signing key.
  189. If software encounters an unrecognized keyword in a single router descriptor,
  190. it MUST reject only that router descriptor, and continue using the
  191. others. Because this mechanism is used to add 'critical' extensions to
  192. future versions of the router descriptor format, implementation should treat
  193. it as a normal occurrence and not, for example, report it to the user as an
  194. error. [Versions of Tor prior to 0.1.1 did this.]
  195. If software encounters an unrecognized keyword in the directory header,
  196. it SHOULD reject the entire directory.
  197. 4. Network-status descriptor
  198. A "network-status" (a.k.a "running-routers") document is a truncated
  199. directory that contains only the current status of a list of nodes, not
  200. their actual descriptors. It contains exactly one of each of the following
  201. entries.
  202. "network-status"
  203. Must appear first.
  204. "published" YYYY-MM-DD HH:MM:SS
  205. (see section 3 above)
  206. "router-status" list
  207. (see section 3 above)
  208. "directory-signature" NL signature
  209. (see section 3 above)
  210. 5. Behavior of a directory server
  211. lists nodes that are connected currently
  212. speaks HTTP on a socket, spits out directory on request
  213. Directory servers listen on a certain port (the DirPort), and speak a
  214. limited version of HTTP 1.0. Clients send either GET or POST commands.
  215. The basic interactions are:
  216. "%s %s HTTP/1.0\r\nContent-Length: %lu\r\nHost: %s\r\n\r\n",
  217. command, url, content-length, host.
  218. Get "/tor/" to fetch a full directory.
  219. Get "/tor/dir.z" to fetch a compressed full directory.
  220. Get "/tor/running-routers" to fetch a network-status descriptor.
  221. Post "/tor/" to post a server descriptor, with the body of the
  222. request containing the descriptor.
  223. "host" is used to specify the address:port of the dirserver, so
  224. the request can survive going through HTTP proxies.