|
|
|
|
@ -125,7 +125,7 @@ information required to access the internet via that exit address.
|
|
|
|
|
a: "<16 bytes big endian ipv6 gateway address>",
|
|
|
|
|
b: "<16 bytes big endian ipv6 netmask>",
|
|
|
|
|
c: "<16 bytes big endian ipv6 source address>",
|
|
|
|
|
l: lifetime_in_seconds_uint64,
|
|
|
|
|
l: lifetime_in_milliseconds_uint64,
|
|
|
|
|
v: 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -178,14 +178,14 @@ a descriptor annoucing a path to a hidden service
|
|
|
|
|
k is the rc.k value of the router to contact
|
|
|
|
|
p is the path id on the router that is owned by the service
|
|
|
|
|
v is the protocol version
|
|
|
|
|
x is the timestamp seconds since epoch that this introduction expires at
|
|
|
|
|
x is the timestamp milliseconds since epoch that this introduction expires at
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
k: "<32 bytes public identity key of router>",
|
|
|
|
|
l: advertised_path_latency_ms_uint64, (optional)
|
|
|
|
|
p: "<16 bytes path id>",
|
|
|
|
|
v: 0,
|
|
|
|
|
x: time_expires_seconds_since_epoch_uint64
|
|
|
|
|
x: time_expires_milliseconds_since_epoch_uint64
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
introduction set (IS)
|
|
|
|
|
@ -413,36 +413,52 @@ transfer one or more dht messages directly without a previously made path.
|
|
|
|
|
v: 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
link immediate SML message (LISM)
|
|
|
|
|
|
|
|
|
|
link stateless relay message (LSRM)
|
|
|
|
|
transfer an SML message between nodes
|
|
|
|
|
|
|
|
|
|
statelessly relay a link message.
|
|
|
|
|
{
|
|
|
|
|
a: "s",
|
|
|
|
|
s: SMLMessage,
|
|
|
|
|
v: 0
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
stateless mesh discovery protocol (SMDP)
|
|
|
|
|
|
|
|
|
|
TODO: implement me
|
|
|
|
|
|
|
|
|
|
stateless mesh layer (SML)
|
|
|
|
|
|
|
|
|
|
similar to link layer messeages but sent over the connectivity mesh layer that
|
|
|
|
|
uses ethernet.
|
|
|
|
|
|
|
|
|
|
SML messages MUST be contained inside a LISM when not over ethernet.
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
a: "r",
|
|
|
|
|
c: r_counter_uint8,
|
|
|
|
|
d: "<32 bytes rc.K of destination>",
|
|
|
|
|
s: "<32 bytes rc.K of source>",
|
|
|
|
|
a: protocol_id_uint16
|
|
|
|
|
r: "<32 bytes public identity key of recipiant>",
|
|
|
|
|
s: "<32 bytes public identity key of sender>",
|
|
|
|
|
t: "<1024 bytes payload>",
|
|
|
|
|
v: 0,
|
|
|
|
|
x: "<N bytes encrypted link message>",
|
|
|
|
|
y: "<24 bytes nounce>",
|
|
|
|
|
z: "<64 bytes signature>"
|
|
|
|
|
z: "<64 bytes signature generated by sender>"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ONLY exchanged over ethernet, if recieved from an IP link it MUST be discarded.
|
|
|
|
|
protocol values:
|
|
|
|
|
|
|
|
|
|
relay an encrypted link message from source s to destination d.
|
|
|
|
|
check signature z using public key s and discard if invalid signature.
|
|
|
|
|
0 - mesh discovery
|
|
|
|
|
t is a SMDP frame
|
|
|
|
|
|
|
|
|
|
if d is equal to ourRC.k then decrypt x via SD(KE(d, s), y, x) and process it as
|
|
|
|
|
a link message. if the inner decrypted link message is a LRCM forward all
|
|
|
|
|
following LRUM, LRDM and LRSM to s via a LSRM. LIDM and LSRM are discarded.
|
|
|
|
|
1 - direct chat
|
|
|
|
|
t is a NUL padded plaintext chat message for node opers to communicate between
|
|
|
|
|
nodes.
|
|
|
|
|
|
|
|
|
|
if d is not equal to ourRC.k then forward it to an ethernet peer that is cloeser
|
|
|
|
|
to d than you are. if you are closer to d than all of your other ethernet peers
|
|
|
|
|
then increment c and send to the ethernet peer with the lowest detected latency
|
|
|
|
|
that isn't the peer that this message was recieved from but ONLY if c is less
|
|
|
|
|
than 128. if c is equal to or greater than 128 then the message is discarded.
|
|
|
|
|
2 - direct snode to snode ip traffic
|
|
|
|
|
t is an ip packet for "0 hop" communication between service nodes.
|
|
|
|
|
|
|
|
|
|
3 - relayed data packet
|
|
|
|
|
t is a udp packet relayed from a client behind a client.
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
@ -499,10 +515,12 @@ replies are sent down the path that messages originate from.
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
A: "X",
|
|
|
|
|
B: [list, of, permitted, blacklisted, traffic, policies],
|
|
|
|
|
I: "<32 bytes signing public key for future communication>",
|
|
|
|
|
S: uint64_sequence_number,
|
|
|
|
|
T: uint64_transaction_id,
|
|
|
|
|
V: 0,
|
|
|
|
|
W: [list, of, required, whitelisted, traffic, policies],
|
|
|
|
|
X: lifetime_of_address_mapping_in_seconds_uint64,
|
|
|
|
|
Z: "<64 bytes signature using I>"
|
|
|
|
|
}
|
|
|
|
|
@ -540,16 +558,13 @@ was denied.
|
|
|
|
|
A: "J",
|
|
|
|
|
B: backoff_milliseconds_uint64,
|
|
|
|
|
I: "<32 bytes signing public key of requester>",
|
|
|
|
|
R: "<optional reject metadata>",
|
|
|
|
|
R: [list, of, rejected, traffic, policies],
|
|
|
|
|
S: uint64_sequence_number,
|
|
|
|
|
T: transaction_id_uint64,
|
|
|
|
|
V: 0,
|
|
|
|
|
Z: "<64 bytes signature signed by exit info's signing key>"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
B is set to a backoff value.
|
|
|
|
|
R contains additional metadata text describing why the exit was rejected.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
discarded data fragment message (DDFM)
|
|
|
|
|
|
|
|
|
|
|
Jeff Becker
6 years ago