Back to index

tor  0.2.3.18-rc
Classes | Defines | Typedefs | Enumerations | Functions
or.h File Reference

Master header file for Tor-specific functionality. More...

#include "orconfig.h"
#include "torint.h"
#include "crypto.h"
#include "tortls.h"
#include "../common/torlog.h"
#include "container.h"
#include "torgzip.h"
#include "address.h"
#include "compat_libevent.h"
#include "ht.h"

Go to the source code of this file.

Classes

struct  rend_service_authorization_t
 Client-side configuration of authorization for a hidden service. More...
struct  rend_data_t
 Client- and server-side data that is used for hidden service connection establishment. More...
struct  cell_t
 Parsed onion routing cell. More...
struct  var_cell_t
 Parsed variable-length onion routing cell. More...
struct  packed_cell_t
 A cell as packed for writing to the network. More...
struct  insertion_time_elem_t
 Number of cells added to a circuit queue including their insertion time on 10 millisecond detail; used for buffer statistics. More...
struct  insertion_time_queue_t
 Queue of insertion times. More...
struct  cell_queue_t
 A queue of cells on a circuit, waiting to be added to the or_connection_t's outbuf. More...
struct  relay_header_t
 Beginning of a RELAY cell payload. More...
struct  connection_t
 Description of a connection to another host or process, and associated data. More...
struct  listener_connection_t
 Subtype of connection_t; used for a listener socket. More...
struct  or_handshake_state_t
 Stores flags and information related to the portion of a v2/v3 Tor OR connection handshake that happens after the TLS handshake is finished. More...
struct  or_connection_t
 Subtype of connection_t for an "OR connection" -- that is, one that speaks cells over TLS. More...
struct  edge_connection_t
 Subtype of connection_t for an "edge connection" -- that is, an entry (ap) connection, or an exit. More...
struct  entry_connection_t
 Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS connection, a DNS request, a TransPort connection or a NATD connection. More...
struct  dir_connection_t
 Subtype of connection_t for an "directory connection" -- that is, an HTTP connection to retrieve or serve directory material. More...
struct  control_connection_t
 Subtype of connection_t for an connection to a controller. More...
struct  addr_policy_t
 A reference-counted address policy rule. More...
struct  cached_dir_t
 A cached_dir_t represents a cacheable directory object, along with its compressed form. More...
struct  download_status_t
 Information about our plans for retrying downloads for a downloadable object. More...
struct  signed_descriptor_t
 Information need to cache an onion router's descriptor. More...
struct  routerinfo_t
 Information about another onion router in the network. More...
struct  extrainfo_t
 Information needed to keep and cache a signed extra-info document. More...
struct  routerstatus_t
 Contents of a single router entry in a network status object. More...
struct  short_policy_entry_t
 A single entry in a parsed policy summary, describing a range of ports. More...
struct  short_policy_t
 A short_poliy_t is the parsed version of a policy summary. More...
struct  microdesc_t
 A microdescriptor is the smallest amount of information needed to build a circuit through a router. More...
struct  node_t
 A node_t represents a Tor router. More...
struct  networkstatus_v2_t
 Contents of a v2 (non-consensus, non-vote) network status object. More...
struct  vote_microdesc_hash_t
 Linked list of microdesc hash lines for a single router in a directory vote. More...
struct  vote_routerstatus_t
 The claim about a single router, made in a vote. More...
struct  document_signature_t
 A signature of some document by an authority. More...
struct  networkstatus_voter_info_t
 Information about a single voter in a vote or a consensus. More...
struct  networkstatus_t
 A common structure to hold a v3 network status vote, or a v3 network status consensus. More...
struct  ns_detached_signatures_t
 A set of signatures for a networkstatus consensus. More...
struct  desc_store_t
 A 'store' is a set of descriptors saved on disk, with accompanying journal, mmaped as needed, rebuilt as needed. More...
struct  routerlist_t
 Contents of a directory of onion routers. More...
struct  extend_info_t
 Information on router used when extending a circuit. More...
struct  authority_cert_t
 Certificate for v3 directory protocol: binds long-term authority identity keys to medium-term authority signing keys. More...
struct  crypt_path_t
 Holds accounting information for a single step in the layered encryption performed by a circuit. More...
struct  crypt_path_reference_t
 A reference-counted pointer to a crypt_path_t, used only to share the final rendezvous cpath to be used on a service-side rendezvous circuit among multiple circuits built in parallel to the same destination rendezvous point. More...
struct  cpath_build_state_t
 Information used to build a circuit. More...
struct  cell_ewma_t
 The cell_ewma_t structure keeps track of how many cells a circuit has transferred recently. More...
struct  circuit_t
 A circuit is a path over the onion routing network. More...
struct  origin_circuit_t
 An origin_circuit_t holds data necessary to build and use a circuit. More...
struct  or_circuit_t
 An or_circuit_t holds information needed to implement a circuit at an OR. More...
struct  port_cfg_t
 Configuration for a single port that we're listening on. More...
struct  config_line_t
 A linked list of lines in a config file. More...
struct  or_options_t
 Configuration options for a Tor process. More...
struct  or_state_t
 Persistent state for an onion router, as saved to disk. More...
struct  socks_request_t
 State of a SOCKS request from a user to an OP. More...
struct  network_liveness_t
 Information about the state of our local network connection. More...
struct  circuit_build_times_t
 Structure for circuit build times history. More...
struct  fp_pair_t
 A pair of digests created by dir_split_resource_info_fingerprint_pairs() More...
struct  vote_timing_t
 Describes the schedule by which votes should be generated. More...
struct  rend_authorized_client_t
 Hidden-service side configuration of client authorization. More...
struct  rend_encoded_v2_service_descriptor_t
 ASCII-encoded v2 hidden service descriptor. More...
struct  rend_intro_point_t
 Introduction point information. More...
struct  rend_service_descriptor_t
 Information used to connect to a hidden service. More...
struct  rend_cache_entry_t
 A cached rendezvous descriptor. More...
struct  trusted_dir_server_t
 Represents information about a single trusted directory server. More...
struct  tor_version_t
 Structure to hold parsed Tor versions. More...

Defines

#define SIGHUP   1
#define SIGINT   2
#define SIGUSR1   10
#define SIGUSR2   12
#define SIGTERM   15
#define SIGNEWNYM   129
#define SIGCLEARDNSCACHE   130
#define MAX_NICKNAME_LEN   19
 Length of longest allowable configured nickname.
#define MAX_HEX_NICKNAME_LEN   (HEX_DIGEST_LEN+1)
 Length of a router identity encoded as a hexadecimal digest, plus possible dollar sign.
#define MAX_VERBOSE_NICKNAME_LEN   (1+HEX_DIGEST_LEN+1+MAX_NICKNAME_LEN)
 Maximum length of verbose router identifier: dollar sign, hex ID digest, equal sign or tilde, nickname.
#define MAX_BUF_SIZE   ((1<<24)-1) /* 16MB-1 */
 Maximum size, in bytes, for resized buffers.
#define MAX_DIR_DL_SIZE   MAX_BUF_SIZE
 Maximum size, in bytes, for any directory object that we've downloaded.
#define MAX_HEADERS_SIZE   50000
 For HTTP parsing: Maximum number of bytes we'll accept in the headers of an HTTP request or response.
#define MAX_DIR_UL_SIZE   MAX_BUF_SIZE
 Maximum size, in bytes, for any directory object that we're accepting as an upload.
#define MAX_DESCRIPTOR_UPLOAD_SIZE   20000
 Maximum size, in bytes, of a single router descriptor uploaded to us as a directory authority.
#define MAX_EXTRAINFO_UPLOAD_SIZE   50000
 Maximum size of a single extrainfo document, as above.
#define MAX_DNS_ENTRY_AGE   (30*60)
 How long do we keep DNS cache entries before purging them (regardless of their TTL)?
#define DEFAULT_DNS_TTL   (30*60)
 How long do we cache/tell clients to cache DNS records when no TTL is known?
#define MAX_DNS_TTL   (3*60*60)
 How long can a TTL be before we stop believing it?
#define MIN_DNS_TTL   60
 How small can a TTL be before we stop believing it? Provides rudimentary pinning.
#define MIN_ONION_KEY_LIFETIME   (7*24*60*60)
 How often do we rotate onion keys?
#define MAX_SSL_KEY_LIFETIME_INTERNAL   (2*60*60)
 How often do we rotate TLS contexts?
#define MAX_SSL_KEY_LIFETIME_ADVERTISED   (365*24*60*60)
 What expiry time shall we place on our SSL certs?
#define ROUTER_MAX_AGE   (60*60*48)
 How old do we allow a router to get before removing it from the router list? In seconds.
#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)
 How old can a router get before we (as a server) will no longer consider it live? In seconds.
#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)
 How old do we let a saved descriptor get before force-removing it?
#define _CONN_TYPE_MIN   3
#define CONN_TYPE_OR_LISTENER   3
 Type for sockets listening for OR connections.
#define CONN_TYPE_OR   4
 A bidirectional TLS connection transmitting a sequence of cells.
#define CONN_TYPE_EXIT   5
 A TCP connection from an onion router to a stream's destination.
#define CONN_TYPE_AP_LISTENER   6
 Type for sockets listening for SOCKS connections.
#define CONN_TYPE_AP   7
 A SOCKS proxy connection from the user application to the onion proxy.
#define CONN_TYPE_DIR_LISTENER   8
 Type for sockets listening for HTTP connections to the directory server.
#define CONN_TYPE_DIR   9
 Type for HTTP connections to the directory server.
#define CONN_TYPE_CPUWORKER   10
 Connection from the main process to a CPU worker process.
#define CONN_TYPE_CONTROL_LISTENER   11
 Type for listening for connections from user interface process.
#define CONN_TYPE_CONTROL   12
 Type for connections from user interface process.
#define CONN_TYPE_AP_TRANS_LISTENER   13
 Type for sockets listening for transparent connections redirected by pf or netfilter.
#define CONN_TYPE_AP_NATD_LISTENER   14
 Type for sockets listening for transparent connections redirected by natd.
#define CONN_TYPE_AP_DNS_LISTENER   15
 Type for sockets listening for DNS requests.
#define _CONN_TYPE_MAX   15
#define PROXY_NONE   0
#define PROXY_CONNECT   1
#define PROXY_SOCKS4   2
#define PROXY_SOCKS5   3
#define PROXY_PLUGGABLE   4
#define PROXY_INFANT   1
#define PROXY_HTTPS_WANT_CONNECT_OK   2
#define PROXY_SOCKS4_WANT_CONNECT_OK   3
#define PROXY_SOCKS5_WANT_AUTH_METHOD_NONE   4
#define PROXY_SOCKS5_WANT_AUTH_METHOD_RFC1929   5
#define PROXY_SOCKS5_WANT_AUTH_RFC1929_OK   6
#define PROXY_SOCKS5_WANT_CONNECT_OK   7
#define PROXY_CONNECTED   8
#define CONN_IS_EDGE(x)   ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)
 True iff x is an edge connection.
#define LISTENER_STATE_READY   0
 State for any listener connection.
#define _CPUWORKER_STATE_MIN   1
#define CPUWORKER_STATE_IDLE   1
 State for a connection to a cpuworker process that's idle.
#define CPUWORKER_STATE_BUSY_ONION   2
 State for a connection to a cpuworker process that's processing a handshake.
#define _CPUWORKER_STATE_MAX   2
#define CPUWORKER_TASK_ONION   CPUWORKER_STATE_BUSY_ONION
#define _OR_CONN_STATE_MIN   1
#define OR_CONN_STATE_CONNECTING   1
 State for a connection to an OR: waiting for connect() to finish.
#define OR_CONN_STATE_PROXY_HANDSHAKING   2
 State for a connection to an OR: waiting for proxy handshake to complete.
#define OR_CONN_STATE_TLS_HANDSHAKING   3
 State for an OR connection client: SSL is handshaking, not done yet.
#define OR_CONN_STATE_TLS_CLIENT_RENEGOTIATING   4
 State for a connection to an OR: We're doing a second SSL handshake for renegotiation purposes.
#define OR_CONN_STATE_TLS_SERVER_RENEGOTIATING   5
 State for a connection at an OR: We're waiting for the client to renegotiate (to indicate a v2 handshake) or send a versions cell (to indicate a v3 handshake)
#define OR_CONN_STATE_OR_HANDSHAKING_V2   6
 State for an OR connection: We're done with our SSL handshake, we've done renegotiation, but we haven't yet negotiated link protocol versions and sent a netinfo cell.
#define OR_CONN_STATE_OR_HANDSHAKING_V3   7
 State for an OR connection: We're done with our SSL handshake, but we haven't yet negotiated link protocol versions, done a V3 handshake, and sent a netinfo cell.
#define OR_CONN_STATE_OPEN   8
 State for an OR connection: Ready to send/receive cells.
#define _OR_CONN_STATE_MAX   8
#define _EXIT_CONN_STATE_MIN   1
#define EXIT_CONN_STATE_RESOLVING   1
 State for an exit connection: waiting for response from DNS farm.
#define EXIT_CONN_STATE_CONNECTING   2
 State for an exit connection: waiting for connect() to finish.
#define EXIT_CONN_STATE_OPEN   3
 State for an exit connection: open and ready to transmit data.
#define EXIT_CONN_STATE_RESOLVEFAILED   4
 State for an exit connection: waiting to be removed.
#define _EXIT_CONN_STATE_MAX   4
#define _AP_CONN_STATE_MIN   5
#define AP_CONN_STATE_SOCKS_WAIT   5
 State for a SOCKS connection: waiting for SOCKS request.
#define AP_CONN_STATE_RENDDESC_WAIT   6
 State for a SOCKS connection: got a y.onion URL; waiting to receive rendezvous descriptor.
#define AP_CONN_STATE_CONTROLLER_WAIT   7
 The controller will attach this connection to a circuit; it isn't our job to do so.
#define AP_CONN_STATE_CIRCUIT_WAIT   8
 State for a SOCKS connection: waiting for a completed circuit.
#define AP_CONN_STATE_CONNECT_WAIT   9
 State for a SOCKS connection: sent BEGIN, waiting for CONNECTED.
#define AP_CONN_STATE_RESOLVE_WAIT   10
 State for a SOCKS connection: sent RESOLVE, waiting for RESOLVED.
#define AP_CONN_STATE_OPEN   11
 State for a SOCKS connection: ready to send and receive.
#define AP_CONN_STATE_NATD_WAIT   12
 State for a transparent natd connection: waiting for original destination.
#define _AP_CONN_STATE_MAX   12
#define AP_CONN_STATE_IS_UNATTACHED(s)   ((s) <= AP_CONN_STATE_CIRCUIT_WAIT || (s) == AP_CONN_STATE_NATD_WAIT)
 True iff the AP_CONN_STATE_* value s means that the corresponding edge connection is not attached to any circuit.
#define _DIR_CONN_STATE_MIN   1
#define DIR_CONN_STATE_CONNECTING   1
 State for connection to directory server: waiting for connect().
#define DIR_CONN_STATE_CLIENT_SENDING   2
 State for connection to directory server: sending HTTP request.
#define DIR_CONN_STATE_CLIENT_READING   3
 State for connection to directory server: reading HTTP response.
#define DIR_CONN_STATE_CLIENT_FINISHED   4
 State for connection to directory server: happy and finished.
#define DIR_CONN_STATE_SERVER_COMMAND_WAIT   5
 State for connection at directory server: waiting for HTTP request.
#define DIR_CONN_STATE_SERVER_WRITING   6
 State for connection at directory server: sending HTTP response.
#define _DIR_CONN_STATE_MAX   6
#define DIR_CONN_IS_SERVER(conn)   ((conn)->purpose == DIR_PURPOSE_SERVER)
 True iff the purpose of conn means that it's a server-side directory connection.
#define _CONTROL_CONN_STATE_MIN   1
#define CONTROL_CONN_STATE_OPEN   1
 State for a control connection: Authenticated and accepting v1 commands.
#define CONTROL_CONN_STATE_NEEDAUTH   2
 State for a control connection: Waiting for authentication; speaking protocol v1.
#define _CONTROL_CONN_STATE_MAX   2
#define _DIR_PURPOSE_MIN   3
#define DIR_PURPOSE_FETCH_RENDDESC   3
 A connection to a directory server: download a rendezvous descriptor.
#define DIR_PURPOSE_HAS_FETCHED_RENDDESC   4
 A connection to a directory server: set after a rendezvous descriptor is downloaded.
#define DIR_PURPOSE_FETCH_V2_NETWORKSTATUS   5
 A connection to a directory server: download one or more v2 network-status objects.
#define DIR_PURPOSE_FETCH_SERVERDESC   6
 A connection to a directory server: download one or more server descriptors.
#define DIR_PURPOSE_FETCH_EXTRAINFO   7
 A connection to a directory server: download one or more extra-info documents.
#define DIR_PURPOSE_UPLOAD_DIR   8
 A connection to a directory server: upload a server descriptor.
#define DIR_PURPOSE_UPLOAD_RENDDESC   9
 A connection to a directory server: upload a rendezvous descriptor.
#define DIR_PURPOSE_UPLOAD_VOTE   10
 A connection to a directory server: upload a v3 networkstatus vote.
#define DIR_PURPOSE_UPLOAD_SIGNATURES   11
 A connection to a directory server: upload a v3 consensus signature.
#define DIR_PURPOSE_FETCH_STATUS_VOTE   12
 A connection to a directory server: download one or more v3 networkstatus votes.
#define DIR_PURPOSE_FETCH_DETACHED_SIGNATURES   13
 A connection to a directory server: download a v3 detached signatures object for a consensus.
#define DIR_PURPOSE_FETCH_CONSENSUS   14
 A connection to a directory server: download a v3 networkstatus consensus.
#define DIR_PURPOSE_FETCH_CERTIFICATE   15
 A connection to a directory server: download one or more directory authority certificates.
#define DIR_PURPOSE_SERVER   16
 Purpose for connection at a directory server.
#define DIR_PURPOSE_UPLOAD_RENDDESC_V2   17
 A connection to a hidden service directory server: upload a v2 rendezvous descriptor.
#define DIR_PURPOSE_FETCH_RENDDESC_V2   18
 A connection to a hidden service directory server: download a v2 rendezvous descriptor.
#define DIR_PURPOSE_FETCH_MICRODESC   19
 A connection to a directory server: download a microdescriptor.
#define _DIR_PURPOSE_MAX   19
#define DIR_PURPOSE_IS_UPLOAD(p)
 True iff p is a purpose corresponding to uploading data to a directory server.
#define _EXIT_PURPOSE_MIN   1
#define EXIT_PURPOSE_CONNECT   1
 This exit stream wants to do an ordinary connect.
#define EXIT_PURPOSE_RESOLVE   2
 This exit stream wants to do a resolve (either normal or reverse).
#define _EXIT_PURPOSE_MAX   2
#define CIRCUIT_STATE_BUILDING   0
 Circuit state: I'm the origin, still haven't done all my handshakes.
#define CIRCUIT_STATE_ONIONSKIN_PENDING   1
 Circuit state: Waiting to process the onionskin.
#define CIRCUIT_STATE_OR_WAIT   2
 Circuit state: I'd like to deliver a create, but my n_conn is still connecting.
#define CIRCUIT_STATE_OPEN   3
 Circuit state: onionskin(s) processed, ready to send/receive cells.
#define _CIRCUIT_PURPOSE_MIN   1
#define _CIRCUIT_PURPOSE_OR_MIN   1
#define CIRCUIT_PURPOSE_OR   1
 OR-side circuit purpose: normal circuit, at OR.
#define CIRCUIT_PURPOSE_INTRO_POINT   2
 OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices.
#define CIRCUIT_PURPOSE_REND_POINT_WAITING   3
 OR-side circuit purpose: At OR, from Alice, waiting for Bob.
#define CIRCUIT_PURPOSE_REND_ESTABLISHED   4
 OR-side circuit purpose: At OR, both circuits have this purpose.
#define _CIRCUIT_PURPOSE_OR_MAX   4
#define CIRCUIT_PURPOSE_C_GENERAL   5
 Client-side circuit purpose: Normal circuit, with cpath.
#define CIRCUIT_PURPOSE_C_INTRODUCING   6
 Client-side circuit purpose: at Alice, connecting to intro point.
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT   7
 Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point, waiting for ACK/NAK.
#define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED   8
 Client-side circuit purpose: at Alice, introduced and acked, closing.
#define CIRCUIT_PURPOSE_C_ESTABLISH_REND   9
 Client-side circuit purpose: at Alice, waiting for ack.
#define CIRCUIT_PURPOSE_C_REND_READY   10
 Client-side circuit purpose: at Alice, waiting for Bob.
#define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED   11
 Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE has been acknowledged.
#define CIRCUIT_PURPOSE_C_REND_JOINED   12
 Client-side circuit purpose: at Alice, rendezvous established.
#define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT   13
 This circuit is used for build time measurement only.
#define _CIRCUIT_PURPOSE_C_MAX   13
#define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO   14
 Hidden-service-side circuit purpose: at Bob, waiting for introductions.
#define CIRCUIT_PURPOSE_S_INTRO   15
 Hidden-service-side circuit purpose: at Bob, successfully established intro.
#define CIRCUIT_PURPOSE_S_CONNECT_REND   16
 Hidden-service-side circuit purpose: at Bob, connecting to rend point.
#define CIRCUIT_PURPOSE_S_REND_JOINED   17
 Hidden-service-side circuit purpose: at Bob, rendezvous established.
#define CIRCUIT_PURPOSE_TESTING   18
 A testing circuit; not meant to be used for actual traffic.
#define CIRCUIT_PURPOSE_CONTROLLER   19
 A controller made this circuit and Tor should not use it.
#define _CIRCUIT_PURPOSE_MAX   19
#define CIRCUIT_PURPOSE_UNKNOWN   255
 A catch-all for unrecognized purposes.
#define CIRCUIT_PURPOSE_IS_ORIGIN(p)   ((p)>_CIRCUIT_PURPOSE_OR_MAX)
 True iff the circuit purpose p is for a circuit that originated at this node.
#define CIRCUIT_PURPOSE_IS_CLIENT(p)
 True iff the circuit purpose p is for a circuit that originated here to serve as a client.
#define CIRCUIT_IS_ORIGIN(c)   (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))
 True iff the circuit_t c is actually an origin_circuit_t.
#define CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(p)
 True iff the circuit purpose p is for an established rendezvous circuit.
#define MIN_CIRCUITS_HANDLING_STREAM   2
 How many circuits do we want simultaneously in-progress to handle a given stream?
#define RELAY_COMMAND_BEGIN   1
#define RELAY_COMMAND_DATA   2
#define RELAY_COMMAND_END   3
#define RELAY_COMMAND_CONNECTED   4
#define RELAY_COMMAND_SENDME   5
#define RELAY_COMMAND_EXTEND   6
#define RELAY_COMMAND_EXTENDED   7
#define RELAY_COMMAND_TRUNCATE   8
#define RELAY_COMMAND_TRUNCATED   9
#define RELAY_COMMAND_DROP   10
#define RELAY_COMMAND_RESOLVE   11
#define RELAY_COMMAND_RESOLVED   12
#define RELAY_COMMAND_BEGIN_DIR   13
#define RELAY_COMMAND_ESTABLISH_INTRO   32
#define RELAY_COMMAND_ESTABLISH_RENDEZVOUS   33
#define RELAY_COMMAND_INTRODUCE1   34
#define RELAY_COMMAND_INTRODUCE2   35
#define RELAY_COMMAND_RENDEZVOUS1   36
#define RELAY_COMMAND_RENDEZVOUS2   37
#define RELAY_COMMAND_INTRO_ESTABLISHED   38
#define RELAY_COMMAND_RENDEZVOUS_ESTABLISHED   39
#define RELAY_COMMAND_INTRODUCE_ACK   40
#define END_OR_CONN_REASON_DONE   1
#define END_OR_CONN_REASON_REFUSED   2 /* connection refused */
#define END_OR_CONN_REASON_OR_IDENTITY   3
#define END_OR_CONN_REASON_CONNRESET   4 /* connection reset by peer */
#define END_OR_CONN_REASON_TIMEOUT   5
#define END_OR_CONN_REASON_NO_ROUTE   6 /* no route to host/net */
#define END_OR_CONN_REASON_IO_ERROR   7 /* read/write error */
#define END_OR_CONN_REASON_RESOURCE_LIMIT   8 /* sockets, buffers, etc */
#define END_OR_CONN_REASON_MISC   9
#define END_STREAM_REASON_MISC   1
#define END_STREAM_REASON_RESOLVEFAILED   2
#define END_STREAM_REASON_CONNECTREFUSED   3
#define END_STREAM_REASON_EXITPOLICY   4
#define END_STREAM_REASON_DESTROY   5
#define END_STREAM_REASON_DONE   6
#define END_STREAM_REASON_TIMEOUT   7
#define END_STREAM_REASON_NOROUTE   8
#define END_STREAM_REASON_HIBERNATING   9
#define END_STREAM_REASON_INTERNAL   10
#define END_STREAM_REASON_RESOURCELIMIT   11
#define END_STREAM_REASON_CONNRESET   12
#define END_STREAM_REASON_TORPROTOCOL   13
#define END_STREAM_REASON_NOTDIRECTORY   14
#define END_STREAM_REASON_ENTRYPOLICY   15
#define END_STREAM_REASON_CANT_ATTACH   257
 We were unable to attach the connection to any circuit at all.
#define END_STREAM_REASON_NET_UNREACHABLE   258
 We can't connect to any directories at all, so we killed our streams before they can time out.
#define END_STREAM_REASON_SOCKSPROTOCOL   259
 This is a SOCKS connection, and the client used (or misused) the SOCKS protocol in a way we couldn't handle.
#define END_STREAM_REASON_CANT_FETCH_ORIG_DEST   260
 This is a transparent proxy connection, but we can't extract the original target address:port.
#define END_STREAM_REASON_INVALID_NATD_DEST   261
 This is a connection on the NATD port, and the destination IP:Port was either ill-formed or out-of-range.
#define END_STREAM_REASON_PRIVATE_ADDR   262
 The target address is in a private network (like 127.0.0.1 or 10.0.0.1); you don't want to do that over a randomly chosen exit.
#define END_STREAM_REASON_MASK   511
 Bitwise-and this value with endreason to mask out all flags.
#define END_STREAM_REASON_FLAG_REMOTE   512
 Bitwise-or this with the argument to control_event_stream_status to indicate that the reason came from an END cell.
#define END_STREAM_REASON_FLAG_ALREADY_SENT_CLOSED   1024
 Bitwise-or this with the argument to control_event_stream_status to indicate that we already sent a CLOSED stream event.
#define END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED   2048
 Bitwise-or this with endreason to indicate that we already sent a socks reply, and no further reply needs to be sent from connection_mark_unattached_ap().
#define REMAP_STREAM_SOURCE_CACHE   1
 Reason for remapping an AP connection's address: we have a cached answer.
#define REMAP_STREAM_SOURCE_EXIT   2
 Reason for remapping an AP connection's address: the exit node told us an answer.
#define RESOLVED_TYPE_HOSTNAME   0
#define RESOLVED_TYPE_IPV4   4
#define RESOLVED_TYPE_IPV6   6
#define RESOLVED_TYPE_ERROR_TRANSIENT   0xF0
#define RESOLVED_TYPE_ERROR   0xF1
#define END_CIRC_REASON_MEASUREMENT_EXPIRED   -3
 Our post-timeout circuit time measurement period expired.
#define END_CIRC_REASON_NOPATH   -2
 We couldn't build a path for this circuit.
#define END_CIRC_AT_ORIGIN   -1
 Catch-all "other" reason for closing origin circuits.
#define _END_CIRC_REASON_MIN   0
#define END_CIRC_REASON_NONE   0
#define END_CIRC_REASON_TORPROTOCOL   1
#define END_CIRC_REASON_INTERNAL   2
#define END_CIRC_REASON_REQUESTED   3
#define END_CIRC_REASON_HIBERNATING   4
#define END_CIRC_REASON_RESOURCELIMIT   5
#define END_CIRC_REASON_CONNECTFAILED   6
#define END_CIRC_REASON_OR_IDENTITY   7
#define END_CIRC_REASON_OR_CONN_CLOSED   8
#define END_CIRC_REASON_FINISHED   9
#define END_CIRC_REASON_TIMEOUT   10
#define END_CIRC_REASON_DESTROYED   11
#define END_CIRC_REASON_NOSUCHSERVICE   12
#define _END_CIRC_REASON_MAX   12
#define END_CIRC_REASON_FLAG_REMOTE   512
 Bitwise-OR this with the argument to circuit_mark_for_close() or control_event_circuit_status() to indicate that the reason was passed through from a destroy or truncate cell.
#define REND_SERVICE_ID_LEN_BASE32   16
 Length of 'y' portion of 'y.onion' URL.
#define REND_SERVICE_ADDRESS_LEN   (16+1+5)
 Length of 'y.onion' including '.onion' URL.
#define REND_SERVICE_ID_LEN   10
 Length of a binary-encoded rendezvous service ID.
#define REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)
 Time period for which a v2 descriptor will be valid.
#define REND_TIME_PERIOD_OVERLAPPING_V2_DESCS   (60*60)
 Time period within which two sets of v2 descriptors will be uploaded in parallel.
#define REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS   2
 Number of non-consecutive replicas (i.e.
#define REND_NUMBER_OF_CONSECUTIVE_REPLICAS   3
 Number of consecutive replicas for a descriptor.
#define REND_DESC_ID_V2_LEN_BASE32   32
 Length of v2 descriptor ID (32 base32 chars = 160 bits).
#define REND_SECRET_ID_PART_LEN_BASE32   32
 Length of the base32-encoded secret ID part of versioned hidden service descriptors.
#define REND_INTRO_POINT_ID_LEN_BASE32   32
 Length of the base32-encoded hash of an introduction point's identity key.
#define REND_DESC_COOKIE_LEN   16
 Length of the descriptor cookie that is used for client authorization to hidden services.
#define REND_DESC_COOKIE_LEN_BASE64   22
 Length of the base64-encoded descriptor cookie that is used for exchanging client authorization between hidden service and client.
#define REND_BASIC_AUTH_CLIENT_ID_LEN   4
 Length of client identifier in encrypted introduction points for hidden service authorization type 'basic'.
#define REND_BASIC_AUTH_CLIENT_MULTIPLE   16
 Multiple of the number of clients to which the real number of clients is padded with fake clients for hidden service authorization type 'basic'.
#define REND_BASIC_AUTH_CLIENT_ENTRY_LEN
 Length of client entry consisting of client identifier and encrypted session key for hidden service authorization type 'basic'.
#define REND_DESC_MAX_SIZE   (20 * 1024)
 Maximum size of v2 hidden service descriptors.
#define REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"
 Legal characters for use in authorized client names for a hidden service.
#define REND_CLIENTNAME_MAX_LEN   16
 Maximum length of authorized client names for a hidden service.
#define REND_COOKIE_LEN   DIGEST_LEN
 Length of the rendezvous cookie that is used to connect circuits at the rendezvous point.
#define REND_REPLAY_TIME_INTERVAL   (5 * 60)
 Time interval for tracking replays of DH public keys received in INTRODUCE2 cells.
#define CIRCWINDOW_START   1000
 Initial value for both sides of a circuit transmission window when the circuit is initialized.
#define CIRCWINDOW_START_MIN   100
#define CIRCWINDOW_START_MAX   1000
#define CIRCWINDOW_INCREMENT   100
 Amount to increment a circuit window when we get a circuit SENDME.
#define STREAMWINDOW_START   500
 Initial value on both sides of a stream transmission window when the stream is initialized.
#define STREAMWINDOW_INCREMENT   50
 Amount to increment a stream window when we get a stream SENDME.
#define CELL_PADDING   0
#define CELL_CREATE   1
#define CELL_CREATED   2
#define CELL_RELAY   3
#define CELL_DESTROY   4
#define CELL_CREATE_FAST   5
#define CELL_CREATED_FAST   6
#define CELL_VERSIONS   7
#define CELL_NETINFO   8
#define CELL_RELAY_EARLY   9
#define CELL_VPADDING   128
#define CELL_CERTS   129
#define CELL_AUTH_CHALLENGE   130
#define CELL_AUTHENTICATE   131
#define CELL_AUTHORIZE   132
#define TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT   (20*60)
 How long to test reachability before complaining to the user.
#define LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
 Legal characters in a nickname.
#define DEFAULT_CLIENT_NICKNAME   "client"
 Name to use in client TLS certificates if no nickname is given.
#define UNNAMED_ROUTER_NICKNAME   "Unnamed"
 Name chosen by routers that don't configure nicknames.
#define SOCKS4_NETWORK_LEN   8
 Number of bytes in a SOCKS4 header.
#define CELL_PAYLOAD_SIZE   509
 Number of bytes in a cell, minus cell header.
#define CELL_NETWORK_SIZE   512
 Number of bytes in a cell transmitted over the network.
#define VAR_CELL_HEADER_SIZE   5
 Length of a header on a variable-length cell.
#define RELAY_HEADER_SIZE   (1+2+2+4+2)
 Number of bytes in a relay cell's header (not including general cell header).
#define RELAY_PAYLOAD_SIZE   (CELL_PAYLOAD_SIZE-RELAY_HEADER_SIZE)
 Largest number of bytes that can fit in a relay cell payload.
#define generic_buffer_t   buf_t
#define BASE_CONNECTION_MAGIC   0x7C3C304Eu
#define OR_CONNECTION_MAGIC   0x7D31FF03u
#define EDGE_CONNECTION_MAGIC   0xF0374013u
#define ENTRY_CONNECTION_MAGIC   0xbb4a5703
#define DIR_CONNECTION_MAGIC   0x9988ffeeu
#define CONTROL_CONNECTION_MAGIC   0x8abc765du
#define LISTENER_CONNECTION_MAGIC   0x1a1ac741u
#define OR_AUTH_CHALLENGE_LEN   32
 Minimum length of the random part of an AUTH_CHALLENGE cell.
#define AUTHTYPE_RSA_SHA256_TLSSECRET   1
 The one currently supported type of AUTHENTICATE cell.
#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))
 The length of the part of the AUTHENTICATE cell body that the client and server can generate independently (when using RSA_SHA256_TLSSECRET).
#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)
 The length of the part of the AUTHENTICATE cell body that the client signs.
#define NUM_CIRCUITS_LAUNCHED_THRESHOLD   10
#define TO_CONN(c)   (&(((c)->_base)))
 Cast a connection_t subtype pointer to a connection_t.
#define DOWNCAST(to, ptr)   ((to*)SUBTYPE_P(ptr, to, _base))
 Helper macro: Given a pointer to to._base, of type from*, return &to.
#define ENTRY_TO_EDGE_CONN(c)   (&(((c))->_edge))
 Cast a entry_connection_t subtype pointer to a edge_connection_t.
#define ENTRY_TO_CONN(c)   (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
 Cast a entry_connection_t subtype pointer to a connection_t.
#define HAS_BUFFEREVENT(c)   (0)
#define IF_HAS_BUFFEREVENT(c, stmt)   (void)0
#define ELSE_IF_NO_BUFFEREVENT   ;
#define IF_HAS_NO_BUFFEREVENT(c)   if (1)
#define IMPOSSIBLE_TO_DOWNLOAD   255
 If n_download_failures is this high, the download can never happen.
#define ROUTER_ANNOTATION_BUF_LEN   256
 The max size we expect router descriptor annotations we create to be.
#define ROUTER_PURPOSE_GENERAL   0
 Tor can use this router for general positions in circuits; we got it from a directory server as usual, or we're an authority and a server uploaded it.
#define ROUTER_PURPOSE_CONTROLLER   1
 Tor should avoid using this router for circuit-building: we got it from a crontroller.
#define ROUTER_PURPOSE_BRIDGE   2
 Tor should use this router only for bridge positions in circuits: we got it via a directory request from the bridge itself, or a bridge authority.
#define ROUTER_PURPOSE_UNKNOWN   255
 Tor should not use this router; it was marked in cached-descriptors with a purpose we didn't recognize.
#define MAX_ROUTERDESC_DOWNLOAD_FAILURES   8
 How many times will we try to download a router's descriptor before giving up?
#define MAX_MICRODESC_DOWNLOAD_FAILURES   8
 How many times will we try to download a microdescriptor before giving up?
#define N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)
 How many different consensus flavors are there?
#define CRYPT_PATH_MAGIC   0x70127012u
#define CPATH_STATE_CLOSED   0
#define CPATH_STATE_AWAITING_KEYS   1
#define CPATH_STATE_OPEN   2
#define CPATH_KEY_MATERIAL_LEN   (20*2+16*2)
#define DH_KEY_LEN   DH_BYTES
#define ONIONSKIN_CHALLENGE_LEN
#define ONIONSKIN_REPLY_LEN   (DH_KEY_LEN+DIGEST_LEN)
#define ORIGIN_CIRCUIT_MAGIC   0x35315243u
#define OR_CIRCUIT_MAGIC   0x98ABC04Fu
#define MAX_RELAY_EARLY_CELLS_PER_CIRCUIT   8
 Largest number of relay_early cells that we can send on a given circuit.
#define REND_TOKEN_LEN   REND_COOKIE_LEN
#define TO_CIRCUIT(x)   (&((x)->_base))
 Convert a circuit subtype to a circuit_t.
#define MIN_CONSTRAINED_TCP_BUFFER   2048
#define MAX_CONSTRAINED_TCP_BUFFER   262144 /* 256k */
#define ISO_DEFAULT   (ISO_CLIENTADDR|ISO_SOCKSAUTH|ISO_SESSIONGRP|ISO_NYM_EPOCH)
 Default isolation level for ports.
#define SESSION_GROUP_UNSET   -1
 Indicates that we haven't yet set a session group on a port_cfg_t.
#define SESSION_GROUP_DIRCONN   -2
 Session group reserved for directory connections.
#define SESSION_GROUP_CONTROL_RESOLVE   -3
 Session group reserved for resolve requests launched by a controller.
#define SESSION_GROUP_FIRST_AUTO   -4
 First automatically allocated session group number.
#define CONFIG_LINE_NORMAL   0
 Ordinary configuration line.
#define CONFIG_LINE_APPEND   1
 Appends to previous configuration for the same option, even if we would ordinary replace it.
#define CONFIG_LINE_CLEAR   2
#define CFG_AUTO_PORT   0xc4005e
 A magic value for the (Socks|OR|...)Port options below, telling Tor to pick its own port.
#define LOG_PROTOCOL_WARN
#define MAX_MAX_CLIENT_CIRCUITS_PENDING   1024
#define MAX_SOCKS_REPLY_LEN   1024
#define MAX_SOCKS_ADDR_LEN   256
#define SOCKS_NO_AUTH   0x00
#define SOCKS_USER_PASS   0x02
#define SOCKS_COMMAND_CONNECT   0x01
 Please open a TCP connection to this addr:port.
#define SOCKS_COMMAND_RESOLVE   0xF0
 Please turn this FQDN into an IP address, privately.
#define SOCKS_COMMAND_RESOLVE_PTR   0xF1
 Please turn this IP address into an FQDN, privately.
#define SOCKS_COMMAND_IS_CONNECT(c)   ((c)==SOCKS_COMMAND_CONNECT)
#define SOCKS_COMMAND_IS_RESOLVE(c)
#define DEFAULT_ROUTE_LEN   3
 How many hops does a general-purpose circuit have by default?
#define BW_WEIGHT_SCALE   10000
 Precision multiplier for the Bw weights.
#define BW_MIN_WEIGHT_SCALE   1
#define BW_MAX_WEIGHT_SCALE   INT32_MAX
#define CBT_NCIRCUITS_TO_OBSERVE   1000
 Total size of the circuit timeout history to accumulate.
#define CBT_BIN_WIDTH   ((build_time_t)50)
 Width of the histogram bins in milliseconds.
#define CBT_DEFAULT_NUM_XM_MODES   3
 Number of modes to use in the weighted-avg computation of Xm.
#define CBT_MIN_NUM_XM_MODES   1
#define CBT_MAX_NUM_XM_MODES   20
#define CBT_BUILD_ABANDONED   ((build_time_t)(INT32_MAX-1))
 CBT_BUILD_ABANDONED is our flag value to represent a force-closed circuit (Aka a 'right-censored' pareto value).
#define CBT_BUILD_TIME_MAX   ((build_time_t)(INT32_MAX))
#define CBT_SAVE_STATE_EVERY   10
 Save state every 10 circuits.
#define CBT_DEFAULT_CLOSE_QUANTILE   95
 How long to wait before actually closing circuits that take too long to build in terms of CDF quantile.
#define CBT_MIN_CLOSE_QUANTILE   CBT_MIN_QUANTILE_CUTOFF
#define CBT_MAX_CLOSE_QUANTILE   CBT_MAX_QUANTILE_CUTOFF
#define CBT_DEFAULT_RECENT_CIRCUITS   20
 How many circuits count as recent when considering if the connection has gone gimpy or changed.
#define CBT_MIN_RECENT_CIRCUITS   3
#define CBT_MAX_RECENT_CIRCUITS   1000
#define CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT   (CBT_DEFAULT_RECENT_CIRCUITS*9/10)
 Maximum count of timeouts that finish the first hop in the past RECENT_CIRCUITS before calculating a new timeout.
#define CBT_MIN_MAX_RECENT_TIMEOUT_COUNT   3
#define CBT_MAX_MAX_RECENT_TIMEOUT_COUNT   10000
#define CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE   100
 Minimum circuits before estimating a timeout.
#define CBT_MIN_MIN_CIRCUITS_TO_OBSERVE   1
#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE   10000
#define CBT_DEFAULT_QUANTILE_CUTOFF   80
 Cutoff percentile on the CDF for our timeout estimation.
#define CBT_MIN_QUANTILE_CUTOFF   10
#define CBT_MAX_QUANTILE_CUTOFF   99
#define CBT_DEFAULT_TEST_FREQUENCY   60
 How often in seconds should we build a test circuit.
#define CBT_MIN_TEST_FREQUENCY   1
#define CBT_MAX_TEST_FREQUENCY   INT32_MAX
#define CBT_DEFAULT_TIMEOUT_MIN_VALUE   (1500)
 Lowest allowable value for CircuitBuildTimeout in milliseconds.
#define CBT_MIN_TIMEOUT_MIN_VALUE   500
#define CBT_MAX_TIMEOUT_MIN_VALUE   INT32_MAX
#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE   (60*1000)
 Initial circuit build timeout in milliseconds.
#define CBT_MIN_TIMEOUT_INITIAL_VALUE   CBT_MIN_TIMEOUT_MIN_VALUE
#define CBT_MAX_TIMEOUT_INITIAL_VALUE   INT32_MAX
#define CONN_LOG_PROTECT(conn, stmt)
 Execute the statement stmt, which may log events concerning the connection conn.
#define DIR_RECORD_USAGE_GRANULARITY   8
 Round all GeoIP results to the next multiple of this value, to avoid leaking information.
#define DIR_ENTRY_RECORD_USAGE_RETAIN_IPS   (24*60*60)
 Time interval: Flush geoip data to disk this often.
#define DIR_RECORD_USAGE_MIN_OBSERVATION_TIME   (12*60*60)
 How long do we have to have observed per-country request history before we are willing to talk about it?
#define GEOIP_NS_RESPONSE_NUM   6
#define WRITE_STATS_INTERVAL   (24*60*60)
#define MAX_INTRO_POINT_REACHABILITY_FAILURES   5
 The maximum number of non-circuit-build-timeout failures a hidden service client will tolerate while trying to build a circuit to an introduction point.
#define INTRO_POINT_LIFETIME_INTRODUCTIONS   16384
 The maximum number of distinct INTRODUCE2 cells which a hidden service's introduction point will receive before it begins to expire.
#define INTRO_POINT_LIFETIME_MIN_SECONDS   18*60*60
 The minimum number of seconds that an introduction point will last before expiring due to old age.
#define INTRO_POINT_LIFETIME_MAX_SECONDS   24*60*60
 The maximum number of seconds that an introduction point will last before expiring due to old age.
#define ROUTER_REQUIRED_MIN_BANDWIDTH   (20*1024)
#define ROUTER_MAX_DECLARED_BANDWIDTH   INT32_MAX
#define PDS_ALLOW_SELF   (1<<0)
 Flag to indicate that we should not automatically be willing to use ourself to answer a directory request.
#define PDS_RETRY_IF_NO_SERVERS   (1<<1)
 Flag to indicate that if no servers seem to be up, we should mark all directory servers as up and try again.
#define PDS_IGNORE_FASCISTFIREWALL   (1<<2)
 Flag to indicate that we should not exclude directory servers that our ReachableAddress settings would exclude.
#define PDS_NO_EXISTING_SERVERDESC_FETCH   (1<<3)
 Flag to indicate that we should not use any directory authority to which we have an existing directory connection for downloading server descriptors or extrainfo documents.
#define PDS_NO_EXISTING_MICRODESC_FETCH   (1<<4)
#define _PDS_PREFER_TUNNELED_DIR_CONNS   (1<<16)
#define MAX_STATUS_TAG_LEN   32
Certificate types for CERTS cells.

These values are defined by the protocol, and affect how an X509 certificate in a CERTS cell is interpreted and used.

#define OR_CERT_TYPE_TLS_LINK   1
 A certificate that authenticates a TLS link key.
#define OR_CERT_TYPE_ID_1024   2
 A self-signed identity certificate.
#define OR_CERT_TYPE_AUTH_1024   3
 A certificate that authenticates a key used in an AUTHENTICATE cell in the v3 handshake.
Isolation flags
Ways to isolate client streams
#define ISO_DESTPORT   (1u<<0)
 Isolate based on destination port.
#define ISO_DESTADDR   (1u<<1)
 Isolate based on destination address.
#define ISO_SOCKSAUTH   (1u<<2)
 Isolate based on SOCKS authentication.
#define ISO_CLIENTPROTO   (1u<<3)
 Isolate based on client protocol choice.
#define ISO_CLIENTADDR   (1u<<4)
 Isolate based on client address.
#define ISO_SESSIONGRP   (1u<<5)
 Isolate based on session group (always on).
#define ISO_NYM_EPOCH   (1u<<6)
 Isolate based on newnym epoch (always on).
#define ISO_STREAM   (1u<<7)
 Isolate all streams (Internal only).

Typedefs

typedef enum rend_auth_type_t rend_auth_type_t
 Client authorization type that a hidden service performs.
typedef struct
rend_service_authorization_t 
rend_service_authorization_t
 Client-side configuration of authorization for a hidden service.
typedef struct rend_data_t rend_data_t
 Client- and server-side data that is used for hidden service connection establishment.
typedef uint16_t circid_t
 Identifies a circuit on an or_connection.
typedef uint16_t streamid_t
 Identifies a stream on a circuit.
typedef struct cell_t cell_t
 Parsed onion routing cell.
typedef struct var_cell_t var_cell_t
 Parsed variable-length onion routing cell.
typedef struct packed_cell_t packed_cell_t
 A cell as packed for writing to the network.
typedef struct
insertion_time_elem_t 
insertion_time_elem_t
 Number of cells added to a circuit queue including their insertion time on 10 millisecond detail; used for buffer statistics.
typedef struct
insertion_time_queue_t 
insertion_time_queue_t
 Queue of insertion times.
typedef struct cell_queue_t cell_queue_t
 A queue of cells on a circuit, waiting to be added to the or_connection_t's outbuf.
typedef struct buf_t
typedef struct socks_request_t
typedef struct connection_t connection_t
 Description of a connection to another host or process, and associated data.
typedef struct
listener_connection_t 
listener_connection_t
 Subtype of connection_t; used for a listener socket.
typedef struct or_handshake_state_t or_handshake_state_t
 Stores flags and information related to the portion of a v2/v3 Tor OR connection handshake that happens after the TLS handshake is finished.
typedef struct or_connection_t or_connection_t
 Subtype of connection_t for an "OR connection" -- that is, one that speaks cells over TLS.
typedef struct edge_connection_t edge_connection_t
 Subtype of connection_t for an "edge connection" -- that is, an entry (ap) connection, or an exit.
typedef struct entry_connection_t entry_connection_t
 Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS connection, a DNS request, a TransPort connection or a NATD connection.
typedef struct dir_connection_t dir_connection_t
 Subtype of connection_t for an "directory connection" -- that is, an HTTP connection to retrieve or serve directory material.
typedef struct control_connection_t control_connection_t
 Subtype of connection_t for an connection to a controller.
typedef struct addr_policy_t addr_policy_t
 A reference-counted address policy rule.
typedef struct cached_dir_t cached_dir_t
 A cached_dir_t represents a cacheable directory object, along with its compressed form.
typedef struct download_status_t download_status_t
 Information about our plans for retrying downloads for a downloadable object.
typedef struct signed_descriptor_t signed_descriptor_t
 Information need to cache an onion router's descriptor.
typedef int16_t country_t
 A signed integer representing a country code.
typedef struct extrainfo_t extrainfo_t
 Information needed to keep and cache a signed extra-info document.
typedef struct routerstatus_t routerstatus_t
 Contents of a single router entry in a network status object.
typedef struct short_policy_entry_t short_policy_entry_t
 A single entry in a parsed policy summary, describing a range of ports.
typedef struct short_policy_t short_policy_t
 A short_poliy_t is the parsed version of a policy summary.
typedef struct microdesc_t microdesc_t
 A microdescriptor is the smallest amount of information needed to build a circuit through a router.
typedef struct node_t node_t
 A node_t represents a Tor router.
typedef struct networkstatus_v2_t networkstatus_v2_t
 Contents of a v2 (non-consensus, non-vote) network status object.
typedef struct
vote_microdesc_hash_t 
vote_microdesc_hash_t
 Linked list of microdesc hash lines for a single router in a directory vote.
typedef struct vote_routerstatus_t vote_routerstatus_t
 The claim about a single router, made in a vote.
typedef struct document_signature_t document_signature_t
 A signature of some document by an authority.
typedef struct
networkstatus_voter_info_t 
networkstatus_voter_info_t
 Information about a single voter in a vote or a consensus.
typedef struct networkstatus_t networkstatus_t
 A common structure to hold a v3 network status vote, or a v3 network status consensus.
typedef struct
ns_detached_signatures_t 
ns_detached_signatures_t
 A set of signatures for a networkstatus consensus.
typedef enum store_type_t store_type_t
 Allowable types of desc_store_t.
typedef struct desc_store_t desc_store_t
 A 'store' is a set of descriptors saved on disk, with accompanying journal, mmaped as needed, rebuilt as needed.
typedef struct extend_info_t extend_info_t
 Information on router used when extending a circuit.
typedef struct authority_cert_t authority_cert_t
 Certificate for v3 directory protocol: binds long-term authority identity keys to medium-term authority signing keys.
typedef struct crypt_path_t crypt_path_t
 Holds accounting information for a single step in the layered encryption performed by a circuit.
typedef struct circuit_t circuit_t
 A circuit is a path over the onion routing network.
typedef struct origin_circuit_t origin_circuit_t
 An origin_circuit_t holds data necessary to build and use a circuit.
typedef struct or_circuit_t or_circuit_t
 An or_circuit_t holds information needed to implement a circuit at an OR.
typedef enum invalid_router_usage_t invalid_router_usage_t
 Bitfield type: things that we're willing to use invalid routers for.
typedef struct port_cfg_t port_cfg_t
 Configuration for a single port that we're listening on.
typedef struct config_line_t config_line_t
 A linked list of lines in a config file.
typedef struct routerset_t
typedef uint32_t build_time_t
 A build_time_t is milliseconds.
typedef enum setopt_err_t setopt_err_t
 An error from options_trial_assign() or options_init_from_string().
typedef enum circuit_status_event_t circuit_status_event_t
 Used to indicate the type of a circuit event passed to the controller.
typedef enum
circuit_status_minor_event_t 
circuit_status_minor_event_t
 Used to indicate the type of a CIRC_MINOR event passed to the controller.
typedef enum stream_status_event_t stream_status_event_t
 Used to indicate the type of a stream event passed to the controller.
typedef enum or_conn_status_event_t or_conn_status_event_t
 Used to indicate the type of an OR connection event passed to the controller.
typedef enum
buildtimeout_set_event_t 
buildtimeout_set_event_t
 Used to indicate the type of a buildtime event.
typedef struct vote_timing_t vote_timing_t
 Describes the schedule by which votes should be generated.
typedef struct microdesc_cache_t
typedef enum version_status_t version_status_t
 Possible statuses of a version of Tor, given opinions from the directory servers.
typedef struct
rend_authorized_client_t 
rend_authorized_client_t
 Hidden-service side configuration of client authorization.
typedef struct
rend_encoded_v2_service_descriptor_t 
rend_encoded_v2_service_descriptor_t
 ASCII-encoded v2 hidden service descriptor.
typedef struct rend_intro_point_t rend_intro_point_t
 Introduction point information.
typedef struct
rend_service_descriptor_t 
rend_service_descriptor_t
 Information used to connect to a hidden service.
typedef struct rend_cache_entry_t rend_cache_entry_t
 A cached rendezvous descriptor.
typedef struct trusted_dir_server_t trusted_dir_server_t
 Represents information about a single trusted directory server.
typedef enum
bandwidth_weight_rule_t 
bandwidth_weight_rule_t
 Possible ways to weight routers when choosing one randomly.
typedef enum was_router_added_t was_router_added_t
 Return value for router_add_to_routerlist() and dirserv_add_descriptor()
typedef struct tor_version_t tor_version_t
 Structure to hold parsed Tor versions.

Enumerations

enum  circ_id_type_t { CIRC_ID_TYPE_LOWER = 0, CIRC_ID_TYPE_HIGHER = 1, CIRC_ID_TYPE_NEITHER = 2 }
 Possible rules for generating circuit IDs on an OR connection. More...
enum  rend_auth_type_t { REND_NO_AUTH = 0, REND_BASIC_AUTH = 1, REND_STEALTH_AUTH = 2 }
 Client authorization type that a hidden service performs. More...
enum  cell_direction_t { CELL_DIRECTION_IN = 1, CELL_DIRECTION_OUT = 2 }
 Used to indicate which way a cell is going on a circuit. More...
enum  addr_policy_action_t { ADDR_POLICY_ACCEPT = 1, ADDR_POLICY_REJECT = 2 }
 What action type does an address policy indicate: accept or reject? More...
enum  saved_location_t { SAVED_NOWHERE = 0, SAVED_IN_CACHE, SAVED_IN_JOURNAL }
 Enum used to remember where a signed_descriptor_t is stored and how to manage the memory for signed_descriptor_body. More...
enum  download_schedule_t { DL_SCHED_GENERIC = 0, DL_SCHED_CONSENSUS = 1, DL_SCHED_BRIDGE = 2 }
 Enumeration: what kind of download schedule are we using for a given object? More...
enum  networkstatus_type_t { NS_TYPE_VOTE, NS_TYPE_CONSENSUS, NS_TYPE_OPINION }
 Enumerates the possible seriousness values of a networkstatus document. More...
enum  consensus_flavor_t { FLAV_NS = 0, FLAV_MICRODESC = 1 }
 Enumerates recognized flavors of a consensus networkstatus document. More...
enum  store_type_t { ROUTER_STORE = 0, EXTRAINFO_STORE = 1 }
 Allowable types of desc_store_t. More...
enum  dirinfo_type_t {
  NO_DIRINFO = 0, V1_DIRINFO = 1 << 0, V2_DIRINFO = 1 << 1, V3_DIRINFO = 1 << 2,
  HIDSERV_DIRINFO = 1 << 3, BRIDGE_DIRINFO = 1 << 4, EXTRAINFO_DIRINFO = 1 << 5, MICRODESC_DIRINFO = 1 << 6
}
 Bitfield enum type listing types of information that directory authorities can be authoritative about, and that directory caches may or may not cache. More...
enum  invalid_router_usage_t {
  ALLOW_INVALID_ENTRY = 1, ALLOW_INVALID_EXIT = 2, ALLOW_INVALID_MIDDLE = 4, ALLOW_INVALID_RENDEZVOUS = 8,
  ALLOW_INVALID_INTRODUCTION = 16
}
 Bitfield type: things that we're willing to use invalid routers for. More...
enum  setopt_err_t {
  SETOPT_OK = 0, SETOPT_ERR_MISC = -1, SETOPT_ERR_PARSE = -2, SETOPT_ERR_TRANSITION = -3,
  SETOPT_ERR_SETTING = -4
}
 An error from options_trial_assign() or options_init_from_string(). More...
enum  addressmap_entry_source_t {
  ADDRMAPSRC_CONTROLLER, ADDRMAPSRC_AUTOMAP, ADDRMAPSRC_TORRC, ADDRMAPSRC_TRACKEXIT,
  ADDRMAPSRC_DNS, ADDRMAPSRC_NONE
}
 Enumerates possible origins of a client-side address mapping. More...
enum  circuit_status_event_t {
  CIRC_EVENT_LAUNCHED = 0, CIRC_EVENT_BUILT = 1, CIRC_EVENT_EXTENDED = 2, CIRC_EVENT_FAILED = 3,
  CIRC_EVENT_CLOSED = 4
}
 Used to indicate the type of a circuit event passed to the controller. More...
enum  circuit_status_minor_event_t { CIRC_MINOR_EVENT_PURPOSE_CHANGED, CIRC_MINOR_EVENT_CANNIBALIZED }
 Used to indicate the type of a CIRC_MINOR event passed to the controller. More...
enum  stream_status_event_t {
  STREAM_EVENT_SENT_CONNECT = 0, STREAM_EVENT_SENT_RESOLVE = 1, STREAM_EVENT_SUCCEEDED = 2, STREAM_EVENT_FAILED = 3,
  STREAM_EVENT_CLOSED = 4, STREAM_EVENT_NEW = 5, STREAM_EVENT_NEW_RESOLVE = 6, STREAM_EVENT_FAILED_RETRIABLE = 7,
  STREAM_EVENT_REMAP = 8
}
 Used to indicate the type of a stream event passed to the controller. More...
enum  or_conn_status_event_t {
  OR_CONN_EVENT_LAUNCHED = 0, OR_CONN_EVENT_CONNECTED = 1, OR_CONN_EVENT_FAILED = 2, OR_CONN_EVENT_CLOSED = 3,
  OR_CONN_EVENT_NEW = 4
}
 Used to indicate the type of an OR connection event passed to the controller. More...
enum  buildtimeout_set_event_t {
  BUILDTIMEOUT_SET_EVENT_COMPUTED = 0, BUILDTIMEOUT_SET_EVENT_RESET = 1, BUILDTIMEOUT_SET_EVENT_SUSPENDED = 2, BUILDTIMEOUT_SET_EVENT_DISCARD = 3,
  BUILDTIMEOUT_SET_EVENT_RESUME = 4
}
 Used to indicate the type of a buildtime event. More...
enum  bootstrap_status_t {
  BOOTSTRAP_STATUS_UNDEF = -1, BOOTSTRAP_STATUS_STARTING = 0, BOOTSTRAP_STATUS_CONN_DIR = 5, BOOTSTRAP_STATUS_HANDSHAKE = -2,
  BOOTSTRAP_STATUS_HANDSHAKE_DIR = 10, BOOTSTRAP_STATUS_ONEHOP_CREATE = 15, BOOTSTRAP_STATUS_REQUESTING_STATUS = 20, BOOTSTRAP_STATUS_LOADING_STATUS = 25,
  BOOTSTRAP_STATUS_LOADING_KEYS = 40, BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS = 45, BOOTSTRAP_STATUS_LOADING_DESCRIPTORS = 50, BOOTSTRAP_STATUS_CONN_OR = 80,
  BOOTSTRAP_STATUS_HANDSHAKE_OR = 85, BOOTSTRAP_STATUS_CIRCUIT_CREATE = 90, BOOTSTRAP_STATUS_DONE = 100
}
 Enum describing various stages of bootstrapping, for use with controller bootstrap status events. More...
enum  routerstatus_format_type_t {
  NS_V2, NS_V3_CONSENSUS, NS_V3_VOTE, NS_CONTROL_PORT,
  NS_V3_CONSENSUS_MICRODESC
}
 An enum to describe what format we're generating a routerstatus line in. More...
enum  geoip_client_action_t { GEOIP_CLIENT_CONNECT = 0, GEOIP_CLIENT_NETWORKSTATUS = 1, GEOIP_CLIENT_NETWORKSTATUS_V2 = 2 }
 Indicates an action that we might be noting geoip statistics on. More...
enum  geoip_ns_response_t {
  GEOIP_SUCCESS = 0, GEOIP_REJECT_NOT_ENOUGH_SIGS = 1, GEOIP_REJECT_UNAVAILABLE = 2, GEOIP_REJECT_NOT_FOUND = 3,
  GEOIP_REJECT_NOT_MODIFIED = 4, GEOIP_REJECT_BUSY = 5
}
 Indicates either a positive reply or a reason for rejectng a network status request that will be included in geoip statistics. More...
enum  dirreq_type_t { DIRREQ_DIRECT = 0, DIRREQ_TUNNELED = 1 }
 Directory requests that we are measuring can be either direct or tunneled. More...
enum  dirreq_state_t {
  DIRREQ_IS_FOR_NETWORK_STATUS = 0, DIRREQ_FLUSHING_DIR_CONN_FINISHED = 1, DIRREQ_END_CELL_SENT = 2, DIRREQ_CIRC_QUEUE_FLUSHED = 3,
  DIRREQ_OR_CONN_BUFFER_FLUSHED = 4
}
 Possible states for either direct or tunneled directory requests that are relevant for determining network status download times. More...
enum  v2_networkstatus_source_t { NS_FROM_CACHE, NS_FROM_DIR_BY_FP, NS_FROM_DIR_ALL, NS_GENERATED }
 Location where we found a v2 networkstatus. More...
enum  version_status_t {
  VS_RECOMMENDED = 0, VS_OLD = 1, VS_NEW = 2, VS_NEW_IN_SERIES = 3,
  VS_UNRECOMMENDED = 4, VS_EMPTY = 5, VS_UNKNOWN
}
 Possible statuses of a version of Tor, given opinions from the directory servers. More...
enum  addr_policy_result_t { ADDR_POLICY_ACCEPTED = 0, ADDR_POLICY_REJECTED = -1, ADDR_POLICY_PROBABLY_ACCEPTED = 1, ADDR_POLICY_PROBABLY_REJECTED = 2 }
 Outcome of applying an address policy to an address. More...
enum  pk_op_t {
  SIGN_DIR, SIGN_RTR, VERIFY_DIR, VERIFY_RTR,
  ENC_ONIONSKIN, DEC_ONIONSKIN, TLS_HANDSHAKE_C, TLS_HANDSHAKE_S,
  REND_CLIENT, REND_MID, REND_SERVER
}
 Possible public/private key operations in Tor: used to keep track of where we're spending our time. More...
enum  bandwidth_weight_rule_t {
  NO_WEIGHTING, WEIGHT_FOR_EXIT, WEIGHT_FOR_MID, WEIGHT_FOR_GUARD,
  WEIGHT_FOR_DIR
}
 Possible ways to weight routers when choosing one randomly. More...
enum  router_crn_flags_t {
  CRN_NEED_UPTIME = 1<<0, CRN_NEED_CAPACITY = 1<<1, CRN_NEED_GUARD = 1<<2, CRN_ALLOW_INVALID = 1<<3,
  CRN_WEIGHT_AS_EXIT = 1<<5, CRN_NEED_DESC = 1<<6
}
 Flags to be passed to control router_choose_random_node() to indicate what kind of nodes to pick according to what algorithm. More...
enum  was_router_added_t {
  ROUTER_ADDED_SUCCESSFULLY = 1, ROUTER_ADDED_NOTIFY_GENERATOR = 0, ROUTER_BAD_EI = -1, ROUTER_WAS_NOT_NEW = -2,
  ROUTER_NOT_IN_CONSENSUS = -3, ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS = -4, ROUTER_AUTHDIR_REJECTS = -5, ROUTER_WAS_NOT_WANTED = -6
}
 Return value for router_add_to_routerlist() and dirserv_add_descriptor() More...

Functions

static or_connection_tTO_OR_CONN (connection_t *)
 Convert a connection_t* to an or_connection_t*; assert if the cast is invalid.
static dir_connection_tTO_DIR_CONN (connection_t *)
 Convert a connection_t* to a dir_connection_t*; assert if the cast is invalid.
static edge_connection_tTO_EDGE_CONN (connection_t *)
 Convert a connection_t* to an edge_connection_t*; assert if the cast is invalid.
static entry_connection_tTO_ENTRY_CONN (connection_t *)
 Convert a connection_t* to an entry_connection_t*; assert if the cast is invalid.
static entry_connection_tEDGE_TO_ENTRY_CONN (edge_connection_t *)
 Convert a edge_connection_t* to an entry_connection_t*; assert if the cast is invalid.
static control_connection_tTO_CONTROL_CONN (connection_t *)
 Convert a connection_t* to an control_connection_t*; assert if the cast is invalid.
static listener_connection_tTO_LISTENER_CONN (connection_t *)
 Convert a connection_t* to an listener_connection_t*; assert if the cast is invalid.
static or_circuit_tTO_OR_CIRCUIT (circuit_t *)
 Convert a circuit_t* to a pointer to the enclosing or_circuit_t.
static origin_circuit_tTO_ORIGIN_CIRCUIT (circuit_t *)
 Convert a circuit_t* to a pointer to the enclosing origin_circuit_t.
static INLINE void or_state_mark_dirty (or_state_t *state, time_t when)
 Change the next_write time of state to when, unless the state is already scheduled to be written to disk earlier than when.
double circuit_build_times_quantile_cutoff (void)
 Retrieve and bounds-check the cbtquantile consensus paramter.
int32_t circuit_build_times_initial_timeout (void)
 Retrieve and bounds-check the cbtinitialtimeout consensus paramter.

Detailed Description

Master header file for Tor-specific functionality.

Definition in file or.h.


Class Documentation

struct rend_service_authorization_t

Client-side configuration of authorization for a hidden service.

Definition at line 767 of file or.h.

Class Members
rend_auth_type_t auth_type
char descriptor_cookie
char onion_address
struct rend_data_t

Client- and server-side data that is used for hidden service connection establishment.

Not all fields contain data depending on where this struct is used.

Definition at line 776 of file or.h.

Class Members
rend_auth_type_t auth_type Authorization type for accessing a service used by a client.
char descriptor_cookie (Optional) descriptor cookie that is used by a client.
char onion_address Onion address (without the .onion part) that a client requests.
char rend_cookie Rendezvous cookie used by both, client and service.
char rend_pk_digest Hash of the hidden service's PK used by a service.
struct cell_t

Parsed onion routing cell.

All communication between nodes is via cells.

Definition at line 883 of file or.h.

Class Members
circid_t circ_id Circuit which received the cell.
uint8_t command Type of the cell: one of CELL_PADDING, CELL_CREATE, CELL_DESTROY, etc.
uint8_t payload Cell body.
struct var_cell_t

Parsed variable-length onion routing cell.

Definition at line 891 of file or.h.

Class Members
circid_t circ_id Circuit thich received the cell.
uint8_t command Type of the cell: CELL_VERSIONS, etc.
uint8_t payload Payload of this cell.
uint16_t payload_len Number of bytes actually stored in payload
struct packed_cell_t

A cell as packed for writing to the network.

Definition at line 903 of file or.h.

Collaboration diagram for packed_cell_t:
Class Members
char body Cell as packed for network.
struct packed_cell_t * next Next cell queued on this circuit.
struct insertion_time_elem_t

Number of cells added to a circuit queue including their insertion time on 10 millisecond detail; used for buffer statistics.

Definition at line 910 of file or.h.

Collaboration diagram for insertion_time_elem_t:
Class Members
unsigned counter How many cells were inserted?
uint32_t insertion_time When were cells inserted (in 10 ms steps starting at 0:00 of the current day)?
struct insertion_time_elem_t * next Next element in queue.
struct insertion_time_queue_t

Queue of insertion times.

Definition at line 918 of file or.h.

Collaboration diagram for insertion_time_queue_t:
Class Members
struct insertion_time_elem_t * first First element in queue.
struct insertion_time_elem_t * last Last element in queue.
struct cell_queue_t

A queue of cells on a circuit, waiting to be added to the or_connection_t's outbuf.

Definition at line 925 of file or.h.

Collaboration diagram for cell_queue_t:
Class Members
packed_cell_t * head The first cell, or NULL if the queue is empty.
insertion_time_queue_t * insertion_times Insertion times of cells.
int n The number of cells in the queue.
packed_cell_t * tail The last cell, or NULL if the queue is empty.
struct relay_header_t

Beginning of a RELAY cell payload.

Definition at line 933 of file or.h.

Class Members
uint8_t command The end-to-end relay command.
char integrity Used to tell whether cell is corrupted.
uint16_t length How long is the payload body?
uint16_t recognized Used to tell whether cell is for us.
streamid_t stream_id Which stream is this cell associated with?
struct connection_t

Description of a connection to another host or process, and associated data.

A connection is named based on what it's connected to -- an "OR connection" has a Tor node on the other end, an "exit connection" has a website or other server on the other end, and an "AP connection" has an application proxy (and thus a user) on the other end.

Every connection has a type and a state. Connections never change their type, but can go through many state changes in their lifetime.

Every connection has two associated input and output buffers. Listeners don't use them. For non-listener connections, incoming data is appended to conn->inbuf, and outgoing data is taken from conn->outbuf. Connections differ primarily in the functions called to fill and drain these buffers.

Definition at line 977 of file or.h.

Collaboration diagram for connection_t:
Class Members
unsigned int active_on_link:1 True iff we're currently able to read on the linked conn, and our read_event should be made active with libevent.
tor_addr_t addr IP of the other side of the connection; used to identify routers, along with port.
char * address FQDN (or IP) of the guy on the other end. strdup into this, because free_connection() frees it.
int conn_array_index Index into the global connection array.
uint64_t dirreq_id Unique ID for measuring tunneled network status requests.
uint64_t global_identifier Unique identifier for this connection on this Tor instance.
unsigned int hold_open_until_flushed:1 Despite this connection's being marked for close, do we flush it before closing it?
unsigned int in_flushed_some:1 Set to 1 when we're inside connection_flushed_some to keep us from calling connection_handle_write() recursively.
buf_t * inbuf Buffer holding data read over this connection.
unsigned int inbuf_reached_eof:1 Boolean: did read() return 0 on this conn?
unsigned int linked:1 True if there is, or has been, a linked_conn.
struct connection_t * linked_conn Another connection that's connected to this one in lieu of a socket.
unsigned int linked_conn_is_closed:1 True iff we've called connection_close_immediate() on this linked connection.
uint32_t magic For memory debugging: must equal one of *_CONNECTION_MAGIC.
uint16_t marked_for_close Should we close this conn on the next iteration of the main loop? (If true, holds the line number where this connection was marked.)
const char * marked_for_close_file For debugging: in which file were we marked for close?
buf_t * outbuf Buffer holding data to write over this connection.
size_t outbuf_flushlen How much data should we try to flush from the outbuf?
uint16_t port If non-zero, port on the other end of the connection.
unsigned int proxy_state:4 CONNECT/SOCKS proxy client handshake state (for outgoing connections).
unsigned int purpose:5 Only used for DIR and EXIT types currently.
unsigned int read_blocked_on_bw:1 Boolean: should we start reading again once the bandwidth throttler allows it?
struct event * read_event Libevent event structure.
unsigned int reading_from_linked_conn:1 True iff we'd like to be notified about read events from the linked conn.
tor_socket_t s Our socket; set to TOR_INVALID_SOCKET if this connection is closed, or has no socket.
int socket_family Address family of this connection's socket. Usually AF_INET, but it can also be AF_UNIX, or in the future AF_INET6
uint8_t state Current state of this connection.
time_t timestamp_created When was this connection_t created?
time_t timestamp_lastread When was the last time libevent said we could read?
time_t timestamp_lastwritten When was the last time libevent said we could write?
unsigned int type:4 What kind of connection is this?
unsigned int write_blocked_on_bw:1 Boolean: should we start writing again once the bandwidth throttler allows writes?
struct event * write_event Libevent event structure.
unsigned int writing_to_linked_conn:1 True iff we're willing to write to the linked conn.
struct listener_connection_t

Subtype of connection_t; used for a listener socket.

Definition at line 1069 of file or.h.

Collaboration diagram for listener_connection_t:
Class Members
connection_t _base
struct evdns_server_port * dns_server_port If the connection is a CONN_TYPE_AP_DNS_LISTENER, this field points to the evdns_server_port it uses to listen to and answer connections.
uint8_t isolation_flags One or more ISO_ flags to describe how to isolate streams.
int session_group The session group for this listener.
struct or_handshake_state_t

Stores flags and information related to the portion of a v2/v3 Tor OR connection handshake that happens after the TLS handshake is finished.

Definition at line 1134 of file or.h.

Collaboration diagram for or_handshake_state_t:
Class Members
tor_cert_t * auth_cert Certificates that a connection initiator sent us in a CERTS cell; we're holding on to them until we get an AUTHENTICATE cell. The cert for the key that's supposed to sign the AUTHENTICATE cell
unsigned int authenticated: 1
uint8_t authenticated_peer_id Identity digest that we have received and authenticated for our peer on this connection.
crypto_digest_t * digest_received
unsigned int digest_received_data: 1
crypto_digest_t * digest_sent Digests of the cells that we have sent or received as part of a V3 handshake. Used for making and checking AUTHENTICATE cells.
unsigned int digest_sent_data: 1 True iff we should feed outgoing cells into digest_sent and digest_received respectively. From the server's side of the v3 handshake, we want to capture everything from the VERSIONS cell through and including the AUTH_CHALLENGE cell. From the client's, we want to capture everything from the VERSIONS cell through but not including the AUTHENTICATE cell.
tor_cert_t * id_cert A self-signed identity certificate.
unsigned int received_auth_challenge: 1 True iff we have received and processed an AUTH_CHALLENGE cell.
unsigned int received_authenticate: 1 True iff we have received and processed an AUTHENTICATE cell.
unsigned int received_certs_cell: 1 True iff we have received and processed a CERTS cell.
unsigned int received_versions: 1 True iff we have received and processed a VERSIONS cell.
time_t sent_versions_at When was the VERSIONS cell sent on this connection? Used to get an estimate of the skew in the returning NETINFO reply.
unsigned int started_here: 1 True iff we originated this connection.
struct or_connection_t

Subtype of connection_t for an "OR connection" -- that is, one that speaks cells over TLS.

Definition at line 1192 of file or.h.

Collaboration diagram for or_connection_t:
Class Members
connection_t _base
smartlist_t * active_circuit_pqueue Priority queue of cell_ewma_t for circuits with queued cells waiting for room to free up on this connection's outbuf. Kept in heap order according to EWMA.This is redundant with active_circuits; if we ever decide only to use the cell_ewma algorithm for choosing circuits, we can remove active_circuits.
unsigned active_circuit_pqueue_last_recalibrated The tick on which the cell_ewma_ts in active_circuit_pqueue last had their ewma values rescaled.
struct circuit_t * active_circuits Double-linked ring of circuits with queued cells waiting for room to free up on this connection's outbuf. Every time we pull cells from a circuit, we advance this pointer to the next circuit in the ring.
int bandwidthburst Max bucket size for this conn. (OPEN ORs only.)
int bandwidthrate When did we last add a non-padding cell to the outbuf? Bytes/s added to the bucket. (OPEN ORs only.)
circ_id_type_t circ_id_type:2 When we send CREATE cells along this connection, which half of the space should we use?
time_t client_used When we last used this conn for any client traffic. If not recent, we can rate limit it further.
or_handshake_state_t * handshake_state If we are setting this connection up, state information to do so.
char identity_digest Hash of the public RSA key for the other side's identity key, or zeroes if the other side hasn't shown us a valid identity key.
unsigned int is_bad_for_new_circs:1 True iff this connection shouldn't get any new circs attached to it, because the connection is too old, or because there's a better one. More generally, this flag is used to note an unhealthy connection; for example, if a bad connection fails we shouldn't assume that the router itself has a problem.
unsigned int is_canonical:1 Should this connection be used for extending circuits to the server matching the identity_digest field? Set to true if we're pretty sure we aren't getting MITMed, either because we're connected to an address listed in a server descriptor, or because an authenticated NETINFO cell listed the address we're connected to as recognized.
unsigned int is_connection_with_client:1 True iff we have decided that the other end of this connection is a client. Connections with this flag set should never be used to satisfy an EXTEND request.
unsigned int is_outgoing:1 True iff this is an outgoing connection.
uint8_t link_proto What protocol version are we using? 0 for "none negotiated yet.".
int n_circuits How many circuits use this connection as p_conn or n_conn ?
circid_t next_circ_id Which circ_id do we try to use next on this connection? This is always in the range 0..1<<15-1.
struct or_connection_t * next_with_same_id Next connection with same identity digest as this one.
char * nickname Nickname of OR on other side (if any).
unsigned int proxy_type:2 One of PROXY_NONE...PROXY_SOCKS5.
int read_bucket When this hits 0, stop receiving. Every second we add 'bandwidthrate' to this, capping it at bandwidthburst. (OPEN ORs only)
tor_addr_t real_addr The actual address that this connection came from or went to. The addr field is prone to getting overridden by the address from the router descriptor matching identity_digest.
time_t timestamp_last_added_nonpadding
time_t timestamp_lastempty When was the outbuf last completely empty?
tor_tls_t * tls TLS connection state.
int tls_error Last tor_tls error code.
int write_bucket When this hits 0, stop writing. Like read_bucket.
struct edge_connection_t

Subtype of connection_t for an "edge connection" -- that is, an entry (ap) connection, or an exit.

Definition at line 1284 of file or.h.

Collaboration diagram for edge_connection_t:
Class Members
connection_t _base
uint32_t address_ttl TTL for address-to-addr mapping on exit connection. Exit connections only.
struct crypt_path_t * cpath_layer A pointer to which node in the circ this conn exits at. Set for AP connections and for hidden service exit connections.
int deliver_window How many more relay cells can end at me?
unsigned int edge_blocked_on_circ:1 True iff we've blocked reading until the circuit has fewer queued cells.
unsigned int edge_has_sent_end:1 For debugging; only used on edge connections. Set once we've set the stream end, and check in connection_about_to_close_connection().
uint16_t end_reason The reason why this connection is closing; passed to the controller.
unsigned int is_dns_request:1 True iff this connection is for a DNS request only.
uint32_t n_read Bytes read since last call to control_event_stream_bandwidth_used()
uint32_t n_written Bytes written since last call to control_event_stream_bandwidth_used()
struct edge_connection_t * next_stream Points to the next stream at this edge, if any.
struct circuit_t * on_circuit The circuit (if any) that this edge connection is using.
int package_window How many more relay cells can I send into the circuit?
rend_data_t * rend_data What rendezvous service are we querying for (if an AP) or providing (if an exit)?
streamid_t stream_id The stream ID used for this edge connection on its circuit.
struct entry_connection_t

Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS connection, a DNS request, a TransPort connection or a NATD connection.

Definition at line 1333 of file or.h.

Collaboration diagram for entry_connection_t:
Class Members
edge_connection_t _edge
char * chosen_exit_name Nickname of planned exit node -- used with .exit support.
unsigned int chosen_exit_optional:1 For AP connections only. If 1, and we fail to reach the chosen exit, stop requiring it.
unsigned int chosen_exit_retries:3 For AP connections only. If non-zero, this exit node was picked as a result of the TrackHostExit, and the value decrements every time we fail to complete a circuit to our chosen exit -- if it reaches zero, abandon the associated mapaddress.
struct evdns_server_request * dns_server_request If this is a DNSPort connection, this field holds the pending DNS request that we're going to try to answer.
unsigned int is_transparent_ap:1 True iff this is an AP connection that came from a transparent or NATd connection.
uint8_t isolation_flags AP only: based on which factors do we isolate this stream?
unsigned int may_use_optimistic_data: 1 For AP connections only: Set if this connection's target exit node allows optimistic data (that is, data sent on this stream before the exit has sent a CONNECTED cell) and we have chosen to use it.
unsigned int num_circuits_launched:4 Number of times we've launched a circuit to handle this stream. If it gets too high, that could indicate an inconsistency between our "launch a circuit to handle this stream" logic and our "attach our stream to one of the available circuits" logic.
uint8_t num_socks_retries Number of times we've reassigned this application connection to a new circuit. We keep track because the timeout is longer if we've already retried several times.
unsigned nym_epoch AP only: The newnym epoch in which we created this connection.
char * original_dest_address AP only: The original requested address before we rewrote it.
generic_buffer_t * pending_optimistic_data For AP connections only: buffer for data that we have sent optimistically, which we might need to re-send if we have to retry this connection.
generic_buffer_t * sending_optimistic_data
int session_group AP only: what session group is this stream in?
socks_request_t * socks_request SOCKS structure describing request (AP only.)
unsigned int use_begindir:1 True iff this stream should use a BEGIN_DIR relay command to establish itself rather than BEGIN (either via onehop or via a whole circuit).
unsigned int want_onehop:1 True iff this stream must attach to a one-hop circuit (e.g. for begin_dir).
struct control_connection_t

Subtype of connection_t for an connection to a controller.

Definition at line 1454 of file or.h.

Collaboration diagram for control_connection_t:
Class Members
connection_t _base
uint32_t event_mask Bitfield: which events does this controller care about?
unsigned int have_sent_protocolinfo:1 True if we have sent a protocolinfo reply on this connection.
char * incoming_cmd A control command that we're reading from the inbuf, but which has not yet arrived completely.
uint32_t incoming_cmd_cur_len Number of bytes currently stored in incoming_cmd.
uint32_t incoming_cmd_len Amount of space allocated in incoming_cmd.
unsigned int is_owning_control_connection:1 True if we have received a takeownership command on this connection.
char * safecookie_client_hash If we have sent an AUTHCHALLENGE reply on this connection and have not received a successful AUTHENTICATE command, points to the value which the client must send to authenticate itself; otherwise, NULL.
struct addr_policy_t

A reference-counted address policy rule.

Definition at line 1602 of file or.h.

Collaboration diagram for addr_policy_t:
Class Members
tor_addr_t addr Base address to accept or reject.
unsigned int is_canonical:1 True iff this policy is the canonical copy (stored in a hash table to avoid duplication of common policies)
unsigned int is_private:1 True iff this is the pseudo-address, "private".
maskbits_t maskbits Accept/reject all addresses a such that the first maskbits bits of a match addr.
addr_policy_action_t policy_type:2 What to do when the policy matches.
uint16_t prt_max Highest port number to accept/reject.
uint16_t prt_min Lowest port number to accept/reject.
int refcnt Reference count.
struct cached_dir_t

A cached_dir_t represents a cacheable directory object, along with its compressed form.

Definition at line 1620 of file or.h.

Collaboration diagram for cached_dir_t:
Class Members
digests_t digests Digests of this object (networkstatus only)
char * dir Contents of this object, NUL-terminated.
size_t dir_len Length of dir (not counting its NUL).
char * dir_z Compressed contents of this object.
size_t dir_z_len Length of dir_z.
time_t published When was this object published.
int refcnt Reference count for this cached_dir_t.
struct download_status_t

Information about our plans for retrying downloads for a downloadable object.

Definition at line 1659 of file or.h.

Class Members
uint8_t n_download_failures Number of failures trying to download the most recent descriptor.
time_t next_attempt_at When should we try downloading this descriptor again?
download_schedule_t schedule: 8
struct signed_descriptor_t

Information need to cache an onion router's descriptor.

Definition at line 1676 of file or.h.

Collaboration diagram for signed_descriptor_t:
Class Members
size_t annotations_len Length of the annotations preceding the server descriptor.
unsigned int do_not_cache: 1
download_status_t ei_dl_status For routerdescs only: Status of downloading the corresponding extrainfo.
char extra_info_digest For routerdescs only: digest of the corresponding extrainfo.
unsigned int extrainfo_is_bogus: 1
char identity_digest Identity digest of the router.
unsigned int is_extrainfo: 1
time_t last_listed_as_valid_until The valid-until time of the most recent consensus that listed this descriptor, or a bit after the publication time of the most recent v2 networkstatus that listed it. 0 for "never listed in a consensus or status, so far as we know."
time_t published_on Declared publication time of the descriptor.
int routerlist_index What position is this descriptor within routerlist->routers or routerlist->old_routers? -1 for none.
saved_location_t saved_location Where is the descriptor saved?
off_t saved_offset If saved_location is SAVED_IN_CACHE or SAVED_IN_JOURNAL, the offset of this descriptor in the corresponding file.
unsigned int send_unencrypted: 1
char * signed_descriptor_body Pointer to the raw server descriptor, preceded by annotations. Not necessarily NUL-terminated. If saved_location is SAVED_IN_CACHE, this pointer is null.
char signed_descriptor_digest Digest of the server descriptor, computed as specified in dir-spec.txt.
size_t signed_descriptor_len Length of the server descriptor.
struct routerinfo_t

Information about another onion router in the network.

Definition at line 1725 of file or.h.

Collaboration diagram for routerinfo_t:
Class Members
uint32_t addr IPv4 address of OR, in host order.
char * address Location of OR: either a hostname or an IP address.
unsigned int allow_single_hop_exits:1 Whether the router says it allows single hop exits.
uint32_t bandwidthburst How large is this OR's token bucket?
uint32_t bandwidthcapacity How many bytes/s is this router known to handle?
uint32_t bandwidthrate How many bytes does this OR add to its token bucket per second?
signed_descriptor_t cache_info
unsigned int caches_extra_info:1 Whether the router says it caches and serves extrainfo documents.
char * contact_info Declared contact info for this router.
smartlist_t * declared_family Nicknames of router which this router claims are its family.
uint16_t dir_port Port for HTTP directory connections.
smartlist_t * exit_policy What streams will this OR permit to exit? NULL for 'reject *:*'.
crypto_pk_t * identity_pkey Public RSA key for signing.
tor_addr_t ipv6_addr A router's IPv6 address, if it has one.
uint16_t ipv6_orport
unsigned int ipv6_preferred:1 True if ipv6_addr:ipv6_orport is preferred.
unsigned int is_hibernating:1 Whether the router claims to be hibernating.
time_t last_reachable When was the last time we could reach this OR?
unsigned int needs_retest_if_added:1 True if, after we have added this router, we should re-launch tests for it.
char * nickname Human-readable OR name.
crypto_pk_t * onion_pkey Public RSA key for onions.
uint16_t or_port Port for TLS connections.
char * platform What software/operating system is this OR using?
unsigned int policy_is_reject_star:1 True iff the exit policy for this router rejects everything.
uint8_t purpose
time_t testing_since When did we start testing reachability for this OR?
long uptime How many seconds the router claims to have been up.
unsigned int wants_to_be_hs_dir:1 True iff this router claims to be a hidden service directory.
struct extrainfo_t

Information needed to keep and cache a signed extra-info document.

Definition at line 1808 of file or.h.

Collaboration diagram for extrainfo_t:
Class Members
unsigned int bad_sig: 1 True iff we found the right key for this extra-info, verified the signature, and found it to be bad.
signed_descriptor_t cache_info
char nickname The router's nickname.
char * pending_sig If present, we didn't have the right key to verify this extra-info, so this is a copy of the signature in the document.
size_t pending_sig_len Length of pending_sig.
struct routerstatus_t

Contents of a single router entry in a network status object.

Definition at line 1824 of file or.h.

Collaboration diagram for routerstatus_t:
Class Members
uint32_t addr IPv4 address for this router.
uint32_t bandwidth Bandwidth (capacity) of the router as reported in the vote/consensus, in kilobytes/sec.
char descriptor_digest Digest of the router's most recent descriptor or microdescriptor. If it's a descriptor, we only use the first DIGEST_LEN bytes.
uint16_t dir_port Directory port for this router.
download_status_t dl_status
char * exitsummary exit policy summary - XXX weasel: this probably should not stay a string.
unsigned int has_bandwidth:1 The vote/consensus had bw info.
unsigned int has_exitsummary:1 The vote/consensus had exit summaries.
unsigned int has_measured_bw:1 The vote/consensus had a measured bw.
char identity_digest Digest of the router's identity key.
unsigned int is_authority:1 True iff this router is an authority.
unsigned int is_bad_directory:1 Do we think this directory is junky, underpowered, or otherwise useless?
unsigned int is_bad_exit:1 True iff this node is a bad choice for an exit node.
unsigned int is_exit:1 True iff this router is a good exit.
unsigned int is_fast:1 True iff this router has good bandwidth.
unsigned int is_flagged_running:1 True iff this router is called 'running' in the consensus. We give it this funny name so that we don't accidentally use this bit as a view of whether we think the router is currently running. If that's what you want to know, look at is_running in node_t.
unsigned int is_hs_dir:1 True iff this router is a v2-or-later hidden service directory.
unsigned int is_named:1 True iff "nickname" belongs to this router.
unsigned int is_possible_guard:1 True iff this router would be a good choice as an entry guard.
unsigned int is_stable:1 True iff this router stays up a long time.
unsigned int is_unnamed:1 True iff "nickname" belongs to another router.
unsigned int is_v2_dir:1 True iff this router can serve directory information with v2 of the directory protocol. (All directory caches cache v1 directories.)
unsigned int is_valid:1 True iff this router isn't invalid.
time_t last_dir_503_at When did this router last tell us that it was too busy to serve directory info?
uint32_t measured_bw Measured bandwidth (capacity) of the router.
unsigned int need_to_mirror:1 True if we, as a directory mirror, want to download the corresponding routerinfo from the authority who gave us this routerstatus. (That is, if we don't have the routerinfo, and if we haven't already tried to get it from this authority.) Applies in v2 networkstatus document only.
char nickname The nickname this router says it has.
uint16_t or_port OR port for this router.
time_t published_on When was this router published?
unsigned int version_known:1 True iff we know version info for this router. (i.e., a "v" entry was included.) We'll replace all these with a big tor_version_t or a char[] if the number of traits we care about ever becomes incredibly big.
unsigned int version_supports_begindir:1 True iff this router is a version that supports BEGIN_DIR cells.
unsigned int version_supports_conditional_consensus:1 True iff this router is a version that supports conditional consensus downloads (signed by list of authorities).
unsigned int version_supports_extrainfo_upload:1 True iff this router is a version that we can post extrainfo docs to.
unsigned int version_supports_microdesc_cache:1 True iff this router is a version that, if it caches directory info, we can get microdescriptors from.
unsigned int version_supports_optimistic_data:1 True iff this router is a version that allows DATA cells to arrive on a stream before it has sent a CONNECTED cell.
unsigned int version_supports_v3_dir:1 True iff this router is a version that, if it caches directory info, we can get v3 downloads from.
struct short_policy_entry_t

A single entry in a parsed policy summary, describing a range of ports.

Definition at line 1909 of file or.h.

Class Members
uint16_t max_port
uint16_t min_port
struct short_policy_t

A short_poliy_t is the parsed version of a policy summary.

Definition at line 1914 of file or.h.

Collaboration diagram for short_policy_t:
Class Members
short_policy_entry_t entries An array of 0 or more short_policy_entry_t values, each describing a range of ports that this policy accepts or rejects (depending on the value of is_accept).
unsigned int is_accept: 1 True if the members of 'entries' are port ranges to accept; false if they are port ranges to reject.
unsigned int n_entries: 31 The actual number of values in 'entries'.
struct networkstatus_v2_t

Contents of a v2 (non-consensus, non-vote) network status object.

Definition at line 2051 of file or.h.

Collaboration diagram for networkstatus_v2_t:
Class Members
unsigned int binds_names:1 True iff this directory server binds names.
char * client_versions comma-separated list of recommended client versions.
char * contact How to contact directory admin? (may be NULL).
smartlist_t * entries List of routerstatus_t*. This list is kept sorted by identity_digest.
char identity_digest Digest of signing key.
unsigned int lists_bad_directories:1 True iff this directory server marks malfunctioning directories as bad.
unsigned int lists_bad_exits:1 True iff this directory server marks malfunctioning exits as bad.
char networkstatus_digest What was the digest of the document?
time_t published_on Declared publication date.
time_t received_on When did we receive the network-status document?
unsigned int recommends_versions:1 True iff this directory server recommends client and server software versions.
char * server_versions comma-separated list of recommended server versions.
crypto_pk_t * signing_key Key used to sign this directory.
uint32_t source_addr Canonical directory server IP.
char * source_address Canonical directory server hostname.
uint16_t source_dirport Canonical directory server dirport.
struct vote_microdesc_hash_t

Linked list of microdesc hash lines for a single router in a directory vote.

Definition at line 2091 of file or.h.

Collaboration diagram for vote_microdesc_hash_t:
Class Members
char * microdesc_hash_line The raw contents of the microdesc hash line, excluding the "m".
struct vote_microdesc_hash_t * next Next element in the list, or NULL.
struct vote_routerstatus_t

The claim about a single router, made in a vote.

Definition at line 2099 of file or.h.

Collaboration diagram for vote_routerstatus_t:
Class Members
uint64_t flags Bit-field for all recognized flags; index into networkstatus_t.known_flags.
vote_microdesc_hash_t * microdesc The hash or hashes that the authority claims this microdesc has.
routerstatus_t status Underlying 'status' object for this router. Flags are redundant.
char * version The version that the authority says this router is running.
struct document_signature_t

A signature of some document by an authority.

Definition at line 2111 of file or.h.

Class Members
digest_algorithm_t alg Algorithm used to compute the digest of the document.
unsigned int bad_signature: 1 Set to true if we've tried to verify the sig, and we know it's bad.
unsigned int good_signature: 1 Set to true if we've verified the sig as good.
char identity_digest Declared SHA-1 digest of this voter's identity key.
char * signature Signature of the signed thing.
int signature_len Length of signature
char signing_key_digest Declared SHA-1 digest of signing key used by this voter.
struct networkstatus_voter_info_t

Information about a single voter in a vote or a consensus.

Definition at line 2129 of file or.h.

Collaboration diagram for networkstatus_voter_info_t:
Class Members
uint32_t addr Address of this voter, in IPv4, in host order.
char * address Address of this voter, in string format.
char * contact Contact information for this voter.
uint16_t dir_port Directory port of this voter.
char identity_digest Declared SHA-1 digest of this voter's identity key.
char legacy_id_digest Digest of this voter's "legacy" identity key, if any. In vote only; for consensuses, we treat legacy keys as additional signers.
char * nickname Nickname of this voter.
uint16_t or_port OR port of this voter.
smartlist_t * sigs The signature of the document and the signature's status.
char vote_digest Digest of this voter's vote, as signed.
struct networkstatus_t

A common structure to hold a v3 network status vote, or a v3 network status consensus.

Definition at line 2168 of file or.h.

Collaboration diagram for networkstatus_t:
Class Members
struct authority_cert_t * cert Vote only: the voter's certificate.
char * client_versions Comma-separated list of recommended client software, or NULL if this voter has no opinion.
int consensus_method Consensus only: what method was used to produce this consensus?
digestmap_t * desc_digest_map If present, a map from descriptor digest to elements of routerstatus_list.
digests_t digests Digests of this document, as signed.
int dist_seconds How long does this vote/consensus claim that authorities take to distribute their consensus signatures to one another?
consensus_flavor_t flavor: 8 If a consensus, what kind?
time_t fresh_until Time before which this is the most recent vote or consensus.
smartlist_t * known_flags List of flags that this vote/consensus applies to routers. If a flag is not listed here, the voter has no opinion on what its value should be.
smartlist_t * net_params List of key=value strings for the parameters in this vote or consensus, sorted by key.
time_t published Vote only: Time when vote was written.
smartlist_t * routerstatus_list List of router statuses, sorted by identity digest. For a vote, the elements are vote_routerstatus_t; for a consensus, the elements are routerstatus_t.
char * server_versions
smartlist_t * supported_methods Vote only: what methods is this voter willing to use?
networkstatus_type_t type: 8 Vote, consensus, or opinion?
time_t valid_after Time after which this vote or consensus applies.
time_t valid_until Time after which this vote or consensus should not be used.
int vote_seconds How long does this vote/consensus claim that authorities take to distribute their votes to one another?
smartlist_t * voters List of networkstatus_voter_info_t. For a vote, only one element is included. For a consensus, one element is included for every voter whose vote contributed to the consensus.
smartlist_t * weight_params List of key=value strings for the bw weight parameters in the consensus.
struct ns_detached_signatures_t

A set of signatures for a networkstatus consensus.

Unless otherwise noted, all fields are as for networkstatus_t.

Definition at line 2228 of file or.h.

Class Members
strmap_t * digests Map from flavor name to digestset_t.
time_t fresh_until
strmap_t * signatures Map from flavor name to list of document_signature_t.
time_t valid_after
time_t valid_until
struct desc_store_t

A 'store' is a set of descriptors saved on disk, with accompanying journal, mmaped as needed, rebuilt as needed.

Definition at line 2245 of file or.h.

Collaboration diagram for desc_store_t:
Class Members
size_t bytes_dropped Total bytes dropped since last rebuild: this is space currently used in the cache and the journal that could be freed by a rebuild.
const char * description Human-readable description of what this store contains.
const char * fname_alt_base Alternative (obsolete) value for fname_base: if the file named by fname_base isn't present, we read from here instead, but we never write here.
const char * fname_base Filename (within DataDir) for the store. We append .tmp to this filename for a temporary file when rebuilding the store, and .new to this filename for the journal.
size_t journal_len The size of the router log, in bytes.
tor_mmap_t * mmap A mmap for the main file in the store.
size_t store_len The size of the router store, in bytes.
store_type_t type What's stored in this store?
struct routerlist_t

Contents of a directory of onion routers.

Definition at line 2271 of file or.h.

Collaboration diagram for routerlist_t:
Class Members
struct digest_sd_map_t * desc_by_eid_map Map from extra-info digests to a signed_descriptor_t for a router descriptor having that extra-info digest. Only exists for routers in routers or old_routers.
struct digest_sd_map_t * desc_digest_map Map from server descriptor digest to a signed_descriptor_t from routers or old_routers.
desc_store_t desc_store Store holding server descriptors. If present, any router whose cache_info.saved_location == SAVED_IN_CACHE is stored in this file starting at cache_info.saved_offset
struct digest_ei_map_t * extra_info_map Map from extra-info digest to an extrainfo_t. Only exists for routers in routers or old_routers.
desc_store_t extrainfo_store Store holding extra-info documents.
struct digest_ri_map_t * identity_map Map from server identity digest to a member of routers.
smartlist_t * old_routers List of signed_descriptor_t for older router descriptors we're caching.
smartlist_t * routers List of routerinfo_t for all currently live routers we know.
struct extend_info_t

Information on router used when extending a circuit.

We don't need a full routerinfo_t to extend: we only need addr:port:keyid to build an OR connection, and onion_key to create the onionskin. Note that for onehop general-purpose tunnels, the onion_key is NULL.

Definition at line 2301 of file or.h.

Collaboration diagram for extend_info_t:
Class Members
tor_addr_t addr IP address.
char identity_digest Hash of this router's identity key.
char nickname This router's nickname for display.
crypto_pk_t * onion_key Current onionskin key.
uint16_t port OR port.
struct authority_cert_t

Certificate for v3 directory protocol: binds long-term authority identity keys to medium-term authority signing keys.

Definition at line 2312 of file or.h.

Collaboration diagram for authority_cert_t:
Class Members
uint32_t addr This authority's IPv4 address, in host order.
signed_descriptor_t cache_info Information relating to caching this cert on disk and looking it up.
uint16_t dir_port This authority's directory port.
time_t expires The listed expiration time of this certificate.
crypto_pk_t * identity_key This authority's long-term authority identity key.
uint8_t is_cross_certified True iff this certificate was cross-certified by signing the identity key with the signing key.
crypto_pk_t * signing_key This authority's medium-term signing key.
char signing_key_digest The digest of signing_key
struct crypt_path_t

Holds accounting information for a single step in the layered encryption performed by a circuit.

Used only at the client edge of a circuit.

Definition at line 2364 of file or.h.

Collaboration diagram for crypt_path_t:
Class Members
crypto_cipher_t * b_crypto Encryption key and counter for cells heading back from the OR at this step.
crypto_digest_t * b_digest Digest state for cells heading away from the OR at this step.
int deliver_window How many cells are we willing to deliver originating at this step?
crypto_dh_t * dh_handshake_state Current state of Diffie-Hellman key negotiation with the OR at this step.
extend_info_t * extend_info Information to extend to the OR at this step.
crypto_cipher_t * f_crypto Encryption key and counter for cells heading towards the OR at this step.
crypto_digest_t * f_digest Digest state for cells heading towards the OR at this step.
uint8_t fast_handshake_state Current state of 'fast' (non-PK) key negotiation with the OR at this step. Used to save CPU when TLS is already providing all the authentication, secrecy, and integrity we need, and we're already distinguishable from an OR.
char handshake_digest Negotiated key material shared with the OR at this step.
uint32_t magic
struct crypt_path_t * next Link to next crypt_path_t in the circuit. (The list is circular, so the last node links to the first.)
int package_window How many cells are we allowed to originate ending at this step?
struct crypt_path_t * prev Link to previous crypt_path_t in the circuit.
uint8_t state Is the circuit built to this step? Must be one of:
  • CPATH_STATE_CLOSED (The circuit has not been extended to this step)
  • CPATH_STATE_AWAITING_KEYS (We have sent an EXTEND/CREATE to this step and not received an EXTENDED/CREATED)
  • CPATH_STATE_OPEN (The circuit has been extended to this step)
struct crypt_path_reference_t

A reference-counted pointer to a crypt_path_t, used only to share the final rendezvous cpath to be used on a service-side rendezvous circuit among multiple circuits built in parallel to the same destination rendezvous point.

Definition at line 2420 of file or.h.

Collaboration diagram for crypt_path_reference_t:
Class Members
crypt_path_t * cpath The pointer. Set to NULL when the crypt_path_t is put into use on an opened rendezvous circuit.
unsigned int refcount The reference count.
struct cpath_build_state_t

Information used to build a circuit.

Definition at line 2437 of file or.h.

Collaboration diagram for cpath_build_state_t:
Class Members
extend_info_t * chosen_exit How to extend to the planned exit node.
int desired_path_len Intended length of the final circuit.
time_t expiry_time At what time should we give up on this task?
int failure_count How many times has building a circuit for this task failed?
unsigned int is_internal: 1 Whether the last hop was picked with exiting in mind.
unsigned int need_capacity: 1 Whether every node in the circ must have adequate capacity.
unsigned int need_uptime: 1 Whether every node in the circ must have adequate uptime.
unsigned int onehop_tunnel: 1 Did we pick this as a one-hop tunnel (not safe for other streams)? These are for encrypted dir conns that exit to this router, not for arbitrary exits from the circuit.
crypt_path_t * pending_final_cpath The crypt_path_t to append after rendezvous: used for rendezvous.
crypt_path_reference_t * service_pending_final_cpath_ref A ref-counted reference to the crypt_path_t to append after rendezvous; used on the service side.
struct cell_ewma_t

The cell_ewma_t structure keeps track of how many cells a circuit has transferred recently.

It keeps an EWMA (exponentially weighted moving average) of the number of cells flushed from the circuit queue onto a connection in connection_or_flush_from_first_active_circuit().

Definition at line 2469 of file or.h.

Class Members
double cell_count The EWMA of the cell count.
int heap_index The position of the circuit within the OR connection's priority queue.
unsigned int is_for_p_conn: 1 True iff this is the cell count for a circuit's previous connection.
unsigned last_adjusted_tick The last 'tick' at which we recalibrated cell_count. A cell sent at exactly the start of this tick has weight 1.0. Cells sent since the start of this tick have weight greater than 1.0; ones sent earlier have less weight.
struct circuit_t

A circuit is a path over the onion routing network.

Applications can connect to one end of the circuit, and can create exit connections at the other end of the circuit. AP and exit connections have only one circuit associated with them (and thus these connection types are closed when the circuit is closed), whereas OR connections multiplex many circuits at once, and stay standing even when there are no circuits running over them.

A circuit_t structure can fill one of two roles. First, a or_circuit_t links two connections together: either an edge connection and an OR connection, or two OR connections. (When joined to an OR connection, a circuit_t affects only cells sent to a particular circID on that connection. When joined to an edge connection, a circuit_t affects all data.)

Second, an origin_circuit_t holds the cipher keys and state for sending data along a given circuit. At the OP, it has a sequence of ciphers, each of which is shared with a single OR along the circuit. Separate ciphers are used for data going "forward" (away from the OP) and "backward" (towards the OP). At the OR, a circuit has only two stream ciphers: one for data going forward, and one for data going backward.

Definition at line 2512 of file or.h.

Collaboration diagram for circuit_t:
Class Members
int deliver_window How many relay data cells will we deliver (write to edge streams) on this circuit? When deliver_window gets low, we send some circuit-level sendme cells to indicate that we're willing to accept more.
uint64_t dirreq_id Unique ID for measuring tunneled network status requests.
uint32_t magic For memory and type debugging: must equal ORIGIN_CIRCUIT_MAGIC or OR_CIRCUIT_MAGIC.
uint16_t marked_for_close Should we close this circuit at the end of the main loop? (If true, holds the line number where this circuit was marked.)
const char * marked_for_close_file For debugging: in which file was this circuit marked for close?
cell_ewma_t n_cell_ewma The EWMA count for the number of cells flushed from the n_conn_cells queue. Used to determine which circuit to flush from next.
circid_t n_circ_id The circuit_id used in the next (forward) hop of this circuit.
or_connection_t * n_conn The OR connection that is next in this circuit.
cell_queue_t n_conn_cells Queue of cells waiting to be transmitted on n_conn.
char * n_conn_onionskin For storage while n_conn is pending (state CIRCUIT_STATE_OR_WAIT). When defined, it is always length ONIONSKIN_CHALLENGE_LEN.
extend_info_t * n_hop The hop to which we want to extend this circuit. Should be NULL if the circuit has attached to a connection.
struct circuit_t * next Next circuit in linked list of all circuits.
struct circuit_t * next_active_on_n_conn Next circuit in the doubly-linked ring of circuits waiting to add cells to n_conn. NULL if we have no cells pending, or if we're not linked to an OR connection.
int package_window How many relay data cells can we package (read from edge streams) on this circuit before we receive a circuit-level sendme cell asking for more?
struct circuit_t * prev_active_on_n_conn Previous circuit in the doubly-linked ring of circuits waiting to add cells to n_conn. NULL if we have no cells pending, or if we're not linked to an OR connection.
uint8_t purpose Why are we creating this circuit?
uint8_t state Current status of this circuit.
unsigned int streams_blocked_on_n_conn: 1 True iff we are waiting for n_conn_cells to become less full before allowing p_streams to add any more cells. (Origin circuit only.)
unsigned int streams_blocked_on_p_conn: 1 True iff we are waiting for p_conn_cells to become less full before allowing n_streams to add any more cells. (OR circuit only.)
time_t timestamp_dirty When the circuit was first used, or 0 if the circuit is clean. XXXX023 Note that some code will artifically adjust this value backward in time in order to indicate that a circuit shouldn't be used for new streams, but that it can stay alive as long as it has streams on it. That's a kludge we should fix.XXX023 The CBT code uses this field to record when HS-related circuits entered certain states. This usage probably won't interfere with this field's primary purpose, but we should document it more thoroughly to make sure of that.
struct origin_circuit_t

An origin_circuit_t holds data necessary to build and use a circuit.

Definition at line 2601 of file or.h.

Collaboration diagram for origin_circuit_t:
Class Members
circuit_t _base
uint64_t associated_isolated_stream_global_id Global identifier for the first stream attached here; used by ISO_STREAM.
cpath_build_state_t * build_state Build state for this circuit. It includes the intended path length, the chosen exit router, rendezvous information, etc.
tor_addr_t client_addr
uint8_t client_proto_socksver
uint8_t client_proto_type
crypt_path_t * cpath The doubly-linked list of crypt_path_t entries, one per hop, for this circuit. This includes ciphers for each hop, integrity-checking digests for each hop, and package/delivery windows for each hop.
char * dest_address
uint16_t dest_port
uint32_t global_identifier Quasi-global identifier for this circuit; used for control.c.
unsigned int has_opened: 1 Set if this circuit has already been opened. Used to detect cannibalized circuits.
unsigned int hs_circ_has_timed_out: 1 Set iff this is a hidden-service circuit which has timed out according to our current circuit-build timeout, but which has been kept around because it might still succeed in connecting to its destination, and which is not a fully-connected rendezvous circuit. (We clear this flag for client-side rendezvous circuits when they are 'joined' to the other side's rendezvous circuit, so that connection_ap_handshake_attach_circuit can put client streams on the circuit. We also clear this flag for service-side rendezvous circuits when they are 'joined' to a client's rend circ, but only for symmetry with the client case. Client-side introduction circuits are closed when we get a joined rend circ, and service-side introduction circuits never have this flag set.)
unsigned int hs_service_side_rend_circ_has_been_relaunched: 1 Set iff this is a service-side rendezvous circuit for which a new connection attempt has been launched. We consider launching a new service-side rend circ to a client when the previous one fails; now that we don't necessarily close a service-side rend circ when we launch a new one to the same client, this flag keeps us from launching two retries for the same failed rend circ.
crypto_pk_t * intro_key
unsigned int is_ancient: 1 Set if this circuit is insanely old and we already informed the user.
unsigned int isolation_any_streams_attached: 1 True iff any stream has ever been attached to this circuit. In a better world we could use timestamp_dirty for this, but timestamp_dirty is far too overloaded at the moment.
uint8_t isolation_flags_mixed A bitfield of ISO_* flags for every isolation field such that this circuit has had streams with more than one value for that field attached to it.
unsigned int isolation_values_set: 1 True if we have associated one stream to this circuit, thereby setting the isolation paramaters for this circuit. Note that this doesn't necessarily mean that we've attached any streams to the circuit: we may only have marked up this circuit during the launch process.
streamid_t next_stream_id The next stream_id that will be tried when we're attempting to construct a new AP stream originating at this circuit.
unsigned nym_epoch
edge_connection_t * p_streams Linked list of AP streams (or EXIT streams if hidden service) associated with this circuit.
int relay_early_cells_sent How many RELAY_EARLY cells have been sent over this circuit? This is for debugging task 878, too.
uint8_t relay_early_commands What commands were sent over this circuit that decremented the RELAY_EARLY counter? This is for debugging task 878.
unsigned int remaining_relay_early_cells: 4 How many more relay_early cells can we send on this circuit, according to the specification?
rend_data_t * rend_data Holds all rendezvous data on either client or service side.
int session_group
char * socks_password
uint8_t socks_password_len
char * socks_username
size_t socks_username_len
struct or_circuit_t

An or_circuit_t holds information needed to implement a circuit at an OR.

Definition at line 2730 of file or.h.

Collaboration diagram for or_circuit_t:
Class Members
circuit_t _base
char handshake_digest Stores KH for the handshake.
unsigned int is_first_hop: 1 True iff this circuit was made with a CREATE_FAST cell.
crypto_cipher_t * n_crypto The cipher used by intermediate hops for cells heading away from the OP.
crypto_digest_t * n_digest The integrity-checking digest used by intermediate hops, for cells packaged at the OP and arriving here.
edge_connection_t * n_streams Linked list of Exit streams associated with this circuit.
struct circuit_t * next_active_on_p_conn Next circuit in the doubly-linked ring of circuits waiting to add cells to p_conn. NULL if we have no cells pending, or if we're not linked to an OR connection.
cell_ewma_t p_cell_ewma The EWMA count for the number of cells flushed from the p_conn_cells queue.
circid_t p_circ_id The circuit_id used in the previous (backward) hop of this circuit.
or_connection_t * p_conn The OR connection that is previous in this circuit.
cell_queue_t p_conn_cells Queue of cells waiting to be transmitted on p_conn.
crypto_cipher_t * p_crypto The cipher used by intermediate hops for cells heading toward the OP.
crypto_digest_t * p_digest The integrity-checking digest used by intermediate hops, for cells packaged here and heading towards the OP.
struct circuit_t * prev_active_on_p_conn Previous circuit in the doubly-linked ring of circuits waiting to add cells to p_conn. NULL if we have no cells pending, or if we're not linked to an OR connection.
uint32_t processed_cells Number of cells that were removed from circuit queue; reset every time when writing buffer stats to disk.
unsigned int remaining_relay_early_cells: 4 How many more relay_early cells can we send on this circuit, according to the specification?
struct or_circuit_t * rend_splice Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit is not marked for close.
char rend_token A hash of location-hidden service's PK if purpose is INTRO_POINT, or a rendezvous cookie if purpose is REND_POINT_WAITING. Filled with zeroes otherwise. ???? move to a subtype or adjunct structure? Wastes 20 bytes. -NM
edge_connection_t * resolving_streams Linked list of Exit streams associated with this circuit that are still being resolved.
uint64_t total_cell_waiting_time Total time in milliseconds that cells spent in both app-ward and exit-ward queues of this circuit; reset every time when writing buffer stats to disk.
struct port_cfg_t

Configuration for a single port that we're listening on.

Definition at line 2881 of file or.h.

Collaboration diagram for port_cfg_t:
Class Members
tor_addr_t addr The actual IP to listen on, if !is_unix_addr.
unsigned int all_addrs: 1
unsigned int ipv4_only: 1
unsigned int ipv6_only: 1
unsigned is_unix_addr: 1 True iff this is an AF_UNIX address.
uint8_t isolation_flags Zero or more isolation flags.
unsigned int no_advertise: 1
unsigned int no_listen: 1
int port The configured port, or CFG_AUTO_PORT to tell Tor to pick its own port.
int session_group A session group, or -1 if this port is not in a session group.
uint8_t type One of CONN_TYPE_*_LISTENER.
char unix_addr Path for an AF_UNIX address.
struct config_line_t

A linked list of lines in a config file.

Definition at line 2914 of file or.h.

Collaboration diagram for config_line_t:
Class Members
unsigned int command:2 What special treatment (if any) does this line require?
unsigned int fragile:1 If true, subsequent assignments to this linelist should replace it, not extend it. Set only on the first item in a linelist in an or_options_t.
char * key
struct config_line_t * next
char * value
struct or_state_t

Persistent state for an onion router, as saved to disk.

Definition at line 3567 of file or.h.

Collaboration diagram for or_state_t:
Class Members
uint32_t _magic
uint64_t AccountingBytesAtSoftLimit
uint64_t AccountingBytesReadInInterval
uint64_t AccountingBytesWrittenInInterval
uint64_t AccountingExpectedUsage
time_t AccountingIntervalStart Fields for accounting bandwidth use.
int AccountingSecondsActive
int AccountingSecondsToReachSoftLimit
time_t AccountingSoftLimitHitAt
config_line_t * BuildtimeHistogram Build time histogram.
time_t BWHistoryDirReadEnds
int BWHistoryDirReadInterval
smartlist_t * BWHistoryDirReadMaxima
smartlist_t * BWHistoryDirReadValues
time_t BWHistoryDirWriteEnds
int BWHistoryDirWriteInterval
smartlist_t * BWHistoryDirWriteMaxima
smartlist_t * BWHistoryDirWriteValues
time_t BWHistoryReadEnds These fields hold information on the history of bandwidth usage for servers. The "Ends" fields hold the time when we last updated the bandwidth usage. The "Interval" fields hold the granularity, in seconds, of the entries of Values. The "Values" lists hold decimal string representations of the number of bytes read or written in each interval. The "Maxima" list holds decimal strings describing the highest rate achieved during the interval.
int BWHistoryReadInterval
smartlist_t * BWHistoryReadMaxima
smartlist_t * BWHistoryReadValues
time_t BWHistoryWriteEnds
int BWHistoryWriteInterval
smartlist_t * BWHistoryWriteMaxima
smartlist_t * BWHistoryWriteValues
unsigned int CircuitBuildAbandonedCount
config_line_t * EntryGuards A list of Entry Guard-related configuration lines.
config_line_t * ExtraLines Holds any unrecognized values we found in the state file, in the order in which we found them.
time_t LastRotatedOnionKey When did we last rotate our onion key? "0" for 'no idea'.
time_t LastWritten When was the state last written to disk?
time_t next_write The time at which we next plan to write the state to the disk. Equal to TIME_MAX if there are no savable changes, 0 if there are changes that should be saved right away.
char * TorVersion What version of Tor wrote this state file?
unsigned int TotalBuildTimes
config_line_t * TransportProxies
struct socks_request_t

State of a SOCKS request from a user to an OP.

Also used to encode other information for non-socks user request (such as those on TransPort and DNSPort)

Definition at line 3661 of file or.h.

Class Members
char address What address did the client ask to connect to/resolve?
uint8_t auth_type If using socks5 authentication, which authentication type did we negotiate? currently we support 0 (no authentication) and 2 (username/password).
uint8_t command What is this stream's goal? One of the SOCKS_COMMAND_* values.
unsigned int got_auth: 1 Have we received any authentication data?
unsigned int has_finished: 1 Has the SOCKS handshake finished? Used to make sure we send back a socks reply for every connection.
uint8_t listener_type Which kind of listener created this stream?
char * password The negotiated password value if any (for socks5). This value is NOT nul-terminated; see passwordlen for its length.
uint8_t passwordlen Number of bytes in password; 0 if password is NULL.
uint16_t port What port did the client ask to connect to?
uint8_t reply Write an entry into this string if we want to specify our own socks reply, rather than using the default socks4 or socks5 socks reply. We use this for the two-stage socks5 handshake.
size_t replylen Length of reply.
uint8_t socks_version Which version of SOCKS did the client use? One of "0, 4, 5" -- where 0 means that no socks handshake ever took place, and this is just a stub connection (e.g. see connection_ap_make_link()).
char * username The negotiated username value if any (for socks5), or the entire authentication string (for socks4). This value is NOT nul-terminated; see usernamelen for its length.
size_t usernamelen Number of bytes in username; 0 if username is NULL.
struct network_liveness_t

Information about the state of our local network connection.

Definition at line 3801 of file or.h.

Class Members
int after_firsthop_idx Index into circular array.
time_t network_last_live The timestamp we last completed a TLS handshake or received a cell.
int nonlive_timeouts If the network is not live, how many timeouts has this caused?
int num_recent_circs Number of elements allocated for the above array.
int8_t * timeouts_after_firsthop Circular array of circuits that have made it to the first hop. Slot is 1 if circuit timed out, 0 if circuit succeeded
struct circuit_build_times_t

Structure for circuit build times history.

Definition at line 3816 of file or.h.

Collaboration diagram for circuit_build_times_t:
Class Members
double alpha alpha exponent for pareto dist.
int build_times_idx Current index in the circuit_build_times circular array.
build_time_t circuit_build_times The circular array of recorded build times in milliseconds.
double close_ms How long we wait before actually closing the circuit.
int have_computed_timeout Have we computed a timeout?
time_t last_circ_at Last time we built a circuit. Used to decide to build new test circs
network_liveness_t liveness Information about the state of our local network connection.
double timeout_ms The exact value for that timeout in milliseconds. Stored as a double to maintain precision from calculations to and from quantile value.
int total_build_times Total number of build times accumulated. Max CBT_NCIRCUITS_TO_OBSERVE
build_time_t Xm "Minimum" value of our pareto distribution (actually mode)
struct fp_pair_t

A pair of digests created by dir_split_resource_info_fingerprint_pairs()

Definition at line 3969 of file or.h.

Class Members
char first
char second
struct vote_timing_t

Describes the schedule by which votes should be generated.

Definition at line 4003 of file or.h.

Class Members
int dist_delay Time in seconds allowed to propagate signatures.
int n_intervals_valid For how many intervals is a consensus valid?
int vote_delay Time in seconds allowed to propagate votes.
int vote_interval Length in seconds between one consensus becoming valid and the next becoming valid.
struct rend_authorized_client_t

Hidden-service side configuration of client authorization.

Definition at line 4144 of file or.h.

Collaboration diagram for rend_authorized_client_t:
Class Members
crypto_pk_t * client_key
char * client_name
char descriptor_cookie
struct rend_encoded_v2_service_descriptor_t

ASCII-encoded v2 hidden service descriptor.

Definition at line 4151 of file or.h.

Class Members
char desc_id Descriptor ID.
char * desc_str Descriptor string.
struct rend_intro_point_t

Introduction point information.

Used both in rend_service_t (on the service side) and in rend_service_descriptor_t (on both the client and service side).

Definition at line 4184 of file or.h.

Collaboration diagram for rend_intro_point_t:
Class Members
digestmap_t * accepted_intro_rsa_parts (Service side only) A digestmap recording the INTRODUCE2 cells this intro point's circuit has received. Each key is the digest of the RSA-encrypted part of a received INTRODUCE2 cell; each value is a pointer to the time_t at which the cell was received. This digestmap is used to prevent replay attacks.
extend_info_t * extend_info Extend info of this introduction point.
crypto_pk_t * intro_key Introduction key that replaces the service key, if this descriptor is V2.
unsigned int listed_in_last_desc: 1 (Service side only) Flag indicating that this intro point was included in the last HS descriptor we generated.
unsigned int rend_service_note_removing_intro_point_called: 1 (Service side only) Flag indicating that rend_service_note_removing_intro_point has been called for this intro point.
time_t time_expiring (Service side only) The time at which we decided that this intro point should start expiring, or -1 if this intro point is not yet expiring. This field also serves as a flag to indicate that we have decided to expire this intro point, in case intro_point_should_expire_now flaps (perhaps due to a clock jump; perhaps due to other weirdness, or even a (present or future) bug).
time_t time_published (Service side only) The time at which this intro point was first published, or -1 if this intro point has not yet been published.
time_t time_to_expire (Service side only) The time at which this intro point should (start to) expire, or -1 if we haven't decided when this intro point should expire.
unsigned int timed_out: 1 (Client side only) Flag indicating that a timeout has occurred after sending an INTRODUCE cell to this intro point. After a timeout, an intro point should not be tried again during the same hidden service connection attempt, but it may be tried again during a future connection attempt.
unsigned int unreachable_count: 3 (Client side only) The number of times we have failed to build a circuit to this intro point for some reason other than our circuit-build timeout. See also MAX_INTRO_POINT_REACHABILITY_FAILURES.
struct rend_service_descriptor_t

Information used to connect to a hidden service.

Used on both the service side and the client side.

Definition at line 4240 of file or.h.

Collaboration diagram for rend_service_descriptor_t:
Class Members
int all_uploads_performed Has descriptor been uploaded to all hidden service directories?
smartlist_t * intro_nodes List of the service's introduction points. Elements are removed if introduction attempts fail.
crypto_pk_t * pk This service's public key.
uint16_t protocols Bitmask: which rendezvous protocols are supported? (We allow bits '0', '1', and '2' to be set.)
smartlist_t * successful_uploads List of hidden service directories to which an upload request for this descriptor could be sent. Smartlist exists only when at least one of the previous upload requests failed (otherwise it's not important to know which uploads succeeded and which not).
time_t timestamp Time when the descriptor was generated.
int version Version of the descriptor format: 0 or 2.
struct rend_cache_entry_t

A cached rendezvous descriptor.

Definition at line 4259 of file or.h.

Collaboration diagram for rend_cache_entry_t:
Class Members
char * desc Service descriptor.
size_t len Length of desc
rend_service_descriptor_t * parsed Parsed value of 'desc'.
time_t received When was the descriptor received?
struct trusted_dir_server_t

Represents information about a single trusted directory server.

Definition at line 4269 of file or.h.

Collaboration diagram for trusted_dir_server_t:
Class Members
uint32_t addr IPv4 address.
time_t addr_current_at When was the document that we derived the address information from published?
char * address Hostname.
char * description
char digest Digest of identity key.
uint16_t dir_port Directory port.
routerstatus_t fake_status Used when we need to pass this trusted dir_server_t to directory_initiate_command_* as a routerstatus_t. Not updated by the router-status management code!
unsigned int has_accepted_serverdesc:1 True iff this server has accepted the most recent server descriptor we tried to upload to it.
unsigned int is_running:1 True iff we think this server is running.
char * nickname
uint16_t or_port OR port: Used for tunneling connections.
dirinfo_type_t type What kind of authority is this? (Bitfield.)
download_status_t v2_ns_dl_status Status of downloading this server's v2 network status.
char v3_identity_digest Digest of v3 (authority only, high-security) identity key.

Define Documentation

#define _AP_CONN_STATE_MAX   12

Definition at line 341 of file or.h.

#define _AP_CONN_STATE_MIN   5

Definition at line 321 of file or.h.

#define _CIRCUIT_PURPOSE_C_MAX   13

Definition at line 508 of file or.h.

#define _CIRCUIT_PURPOSE_MAX   19

Definition at line 522 of file or.h.

#define _CIRCUIT_PURPOSE_MIN   1

Definition at line 453 of file or.h.

#define _CIRCUIT_PURPOSE_OR_MAX   4

Definition at line 465 of file or.h.

#define _CIRCUIT_PURPOSE_OR_MIN   1

Definition at line 456 of file or.h.

#define _CONN_TYPE_MAX   15

Definition at line 231 of file or.h.

#define _CONN_TYPE_MIN   3

Definition at line 200 of file or.h.

#define _CONTROL_CONN_STATE_MAX   2

Definition at line 373 of file or.h.

#define _CONTROL_CONN_STATE_MIN   1

Definition at line 367 of file or.h.

#define _CPUWORKER_STATE_MAX   2

Definition at line 278 of file or.h.

#define _CPUWORKER_STATE_MIN   1

Definition at line 272 of file or.h.

#define _DIR_CONN_STATE_MAX   6

Definition at line 361 of file or.h.

#define _DIR_CONN_STATE_MIN   1

Definition at line 348 of file or.h.

#define _DIR_PURPOSE_MAX   19

Definition at line 423 of file or.h.

#define _DIR_PURPOSE_MIN   3

Definition at line 375 of file or.h.

#define _END_CIRC_REASON_MAX   12

Definition at line 681 of file or.h.

#define _END_CIRC_REASON_MIN   0

Definition at line 667 of file or.h.

#define _EXIT_CONN_STATE_MAX   4

Definition at line 318 of file or.h.

#define _EXIT_CONN_STATE_MIN   1

Definition at line 309 of file or.h.

#define _EXIT_PURPOSE_MAX   2

Definition at line 438 of file or.h.

#define _EXIT_PURPOSE_MIN   1

Definition at line 433 of file or.h.

#define _OR_CONN_STATE_MAX   8

Definition at line 307 of file or.h.

#define _OR_CONN_STATE_MIN   1

Definition at line 282 of file or.h.

#define _PDS_PREFER_TUNNELED_DIR_CONNS   (1<<16)

Definition at line 4335 of file or.h.

State for a SOCKS connection: waiting for a completed circuit.

Definition at line 331 of file or.h.

State for a SOCKS connection: sent BEGIN, waiting for CONNECTED.

Definition at line 333 of file or.h.

The controller will attach this connection to a circuit; it isn't our job to do so.

Definition at line 329 of file or.h.

True iff the AP_CONN_STATE_* value s means that the corresponding edge connection is not attached to any circuit.

Definition at line 345 of file or.h.

#define AP_CONN_STATE_NATD_WAIT   12

State for a transparent natd connection: waiting for original destination.

Definition at line 340 of file or.h.

#define AP_CONN_STATE_OPEN   11

State for a SOCKS connection: ready to send and receive.

Definition at line 337 of file or.h.

State for a SOCKS connection: got a y.onion URL; waiting to receive rendezvous descriptor.

Definition at line 326 of file or.h.

#define AP_CONN_STATE_RESOLVE_WAIT   10

State for a SOCKS connection: sent RESOLVE, waiting for RESOLVED.

Definition at line 335 of file or.h.

#define AP_CONN_STATE_SOCKS_WAIT   5

State for a SOCKS connection: waiting for SOCKS request.

Definition at line 323 of file or.h.

The one currently supported type of AUTHENTICATE cell.

It contains a bunch of structures signed with an RSA1024 key. The signed structures include a HMAC using negotiated TLS secrets, and a digest of all cells sent or received before the AUTHENTICATE cell (including the random server-generated AUTH_CHALLENGE cell).

Definition at line 1120 of file or.h.

#define BASE_CONNECTION_MAGIC   0x7C3C304Eu

Definition at line 951 of file or.h.

#define BW_MAX_WEIGHT_SCALE   INT32_MAX

Definition at line 3712 of file or.h.

#define BW_MIN_WEIGHT_SCALE   1

Definition at line 3711 of file or.h.

#define BW_WEIGHT_SCALE   10000

Precision multiplier for the Bw weights.

Definition at line 3710 of file or.h.

#define CBT_BIN_WIDTH   ((build_time_t)50)

Width of the histogram bins in milliseconds.

Definition at line 3719 of file or.h.

#define CBT_BUILD_ABANDONED   ((build_time_t)(INT32_MAX-1))

CBT_BUILD_ABANDONED is our flag value to represent a force-closed circuit (Aka a 'right-censored' pareto value).

Definition at line 3733 of file or.h.

#define CBT_BUILD_TIME_MAX   ((build_time_t)(INT32_MAX))

Definition at line 3734 of file or.h.

#define CBT_DEFAULT_CLOSE_QUANTILE   95

How long to wait before actually closing circuits that take too long to build in terms of CDF quantile.

Definition at line 3745 of file or.h.

Maximum count of timeouts that finish the first hop in the past RECENT_CIRCUITS before calculating a new timeout.

This tells us whether to abandon timeout history and set the timeout back to whatever circuit_build_times_get_initial_timeout() gives us.

Definition at line 3765 of file or.h.

Minimum circuits before estimating a timeout.

Definition at line 3770 of file or.h.

#define CBT_DEFAULT_NUM_XM_MODES   3

Number of modes to use in the weighted-avg computation of Xm.

Definition at line 3722 of file or.h.

#define CBT_DEFAULT_QUANTILE_CUTOFF   80

Cutoff percentile on the CDF for our timeout estimation.

Definition at line 3775 of file or.h.

#define CBT_DEFAULT_RECENT_CIRCUITS   20

How many circuits count as recent when considering if the connection has gone gimpy or changed.

Definition at line 3753 of file or.h.

#define CBT_DEFAULT_TEST_FREQUENCY   60

How often in seconds should we build a test circuit.

Definition at line 3781 of file or.h.

#define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE   (60*1000)

Initial circuit build timeout in milliseconds.

Definition at line 3791 of file or.h.

#define CBT_DEFAULT_TIMEOUT_MIN_VALUE   (1500)

Lowest allowable value for CircuitBuildTimeout in milliseconds.

Definition at line 3786 of file or.h.

Definition at line 3747 of file or.h.

Definition at line 3767 of file or.h.

#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE   10000

Definition at line 3772 of file or.h.

#define CBT_MAX_NUM_XM_MODES   20

Definition at line 3724 of file or.h.

#define CBT_MAX_QUANTILE_CUTOFF   99

Definition at line 3777 of file or.h.

#define CBT_MAX_RECENT_CIRCUITS   1000

Definition at line 3755 of file or.h.

#define CBT_MAX_TEST_FREQUENCY   INT32_MAX

Definition at line 3783 of file or.h.

#define CBT_MAX_TIMEOUT_INITIAL_VALUE   INT32_MAX

Definition at line 3793 of file or.h.

#define CBT_MAX_TIMEOUT_MIN_VALUE   INT32_MAX

Definition at line 3788 of file or.h.

Definition at line 3746 of file or.h.

Definition at line 3766 of file or.h.

Definition at line 3771 of file or.h.

#define CBT_MIN_NUM_XM_MODES   1

Definition at line 3723 of file or.h.

#define CBT_MIN_QUANTILE_CUTOFF   10

Definition at line 3776 of file or.h.

#define CBT_MIN_RECENT_CIRCUITS   3

Definition at line 3754 of file or.h.

#define CBT_MIN_TEST_FREQUENCY   1

Definition at line 3782 of file or.h.

Definition at line 3792 of file or.h.

#define CBT_MIN_TIMEOUT_MIN_VALUE   500

Definition at line 3787 of file or.h.

#define CBT_NCIRCUITS_TO_OBSERVE   1000

Total size of the circuit timeout history to accumulate.

1000 is approx 2.5 days worth of continual-use circuits.

Definition at line 3716 of file or.h.

#define CBT_SAVE_STATE_EVERY   10

Save state every 10 circuits.

Definition at line 3737 of file or.h.

#define CELL_AUTH_CHALLENGE   130

Definition at line 831 of file or.h.

#define CELL_AUTHENTICATE   131

Definition at line 832 of file or.h.

#define CELL_AUTHORIZE   132

Definition at line 833 of file or.h.

#define CELL_CERTS   129

Definition at line 830 of file or.h.

#define CELL_CREATE   1

Definition at line 819 of file or.h.

#define CELL_CREATE_FAST   5

Definition at line 823 of file or.h.

#define CELL_CREATED   2

Definition at line 820 of file or.h.

#define CELL_CREATED_FAST   6

Definition at line 824 of file or.h.

#define CELL_DESTROY   4

Definition at line 822 of file or.h.

#define CELL_NETINFO   8

Definition at line 826 of file or.h.

#define CELL_NETWORK_SIZE   512

Number of bytes in a cell transmitted over the network.

Definition at line 865 of file or.h.

#define CELL_PADDING   0

Definition at line 818 of file or.h.

#define CELL_PAYLOAD_SIZE   509

Number of bytes in a cell, minus cell header.

Definition at line 863 of file or.h.

#define CELL_RELAY   3

Definition at line 821 of file or.h.

#define CELL_RELAY_EARLY   9

Definition at line 827 of file or.h.

#define CELL_VERSIONS   7

Definition at line 825 of file or.h.

#define CELL_VPADDING   128

Definition at line 829 of file or.h.

#define CFG_AUTO_PORT   0xc4005e

A magic value for the (Socks|OR|...)Port options below, telling Tor to pick its own port.

Definition at line 2930 of file or.h.

#define CIRCUIT_IS_ORIGIN (   c)    (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))

True iff the circuit_t c is actually an origin_circuit_t.

Definition at line 536 of file or.h.

Client-side circuit purpose: at Alice, waiting for ack.

Definition at line 498 of file or.h.

#define CIRCUIT_PURPOSE_C_GENERAL   5

Client-side circuit purpose: Normal circuit, with cpath.

Definition at line 489 of file or.h.

Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point, waiting for ACK/NAK.

Definition at line 494 of file or.h.

Client-side circuit purpose: at Alice, introduced and acked, closing.

Definition at line 496 of file or.h.

Client-side circuit purpose: at Alice, connecting to intro point.

Definition at line 491 of file or.h.

This circuit is used for build time measurement only.

Definition at line 507 of file or.h.

Client-side circuit purpose: at Alice, rendezvous established.

Definition at line 505 of file or.h.

Client-side circuit purpose: at Alice, waiting for Bob.

Definition at line 500 of file or.h.

Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE has been acknowledged.

Definition at line 503 of file or.h.

#define CIRCUIT_PURPOSE_CONTROLLER   19

A controller made this circuit and Tor should not use it.

Definition at line 521 of file or.h.

OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices.

Definition at line 460 of file or.h.

#define CIRCUIT_PURPOSE_IS_CLIENT (   p)
Value:

True iff the circuit purpose p is for a circuit that originated here to serve as a client.

(Hidden services don't count here.)

Definition at line 532 of file or.h.

Value:

True iff the circuit purpose p is for an established rendezvous circuit.

Definition at line 539 of file or.h.

True iff the circuit purpose p is for a circuit that originated at this node.

Definition at line 529 of file or.h.

#define CIRCUIT_PURPOSE_OR   1

OR-side circuit purpose: normal circuit, at OR.

Definition at line 458 of file or.h.

OR-side circuit purpose: At OR, both circuits have this purpose.

Definition at line 464 of file or.h.

OR-side circuit purpose: At OR, from Alice, waiting for Bob.

Definition at line 462 of file or.h.

Hidden-service-side circuit purpose: at Bob, connecting to rend point.

Definition at line 515 of file or.h.

Hidden-service-side circuit purpose: at Bob, waiting for introductions.

Definition at line 510 of file or.h.

#define CIRCUIT_PURPOSE_S_INTRO   15

Hidden-service-side circuit purpose: at Bob, successfully established intro.

Definition at line 513 of file or.h.

Hidden-service-side circuit purpose: at Bob, rendezvous established.

Definition at line 517 of file or.h.

#define CIRCUIT_PURPOSE_TESTING   18

A testing circuit; not meant to be used for actual traffic.

Definition at line 519 of file or.h.

#define CIRCUIT_PURPOSE_UNKNOWN   255

A catch-all for unrecognized purposes.

Currently we don't expect to make or see any circuits with this purpose.

Definition at line 525 of file or.h.

#define CIRCUIT_STATE_BUILDING   0

Circuit state: I'm the origin, still haven't done all my handshakes.

Definition at line 444 of file or.h.

Circuit state: Waiting to process the onionskin.

Definition at line 446 of file or.h.

#define CIRCUIT_STATE_OPEN   3

Circuit state: onionskin(s) processed, ready to send/receive cells.

Definition at line 451 of file or.h.

#define CIRCUIT_STATE_OR_WAIT   2

Circuit state: I'd like to deliver a create, but my n_conn is still connecting.

Definition at line 449 of file or.h.

#define CIRCWINDOW_INCREMENT   100

Amount to increment a circuit window when we get a circuit SENDME.

Definition at line 810 of file or.h.

#define CIRCWINDOW_START   1000

Initial value for both sides of a circuit transmission window when the circuit is initialized.

Measured in cells.

Definition at line 806 of file or.h.

#define CIRCWINDOW_START_MAX   1000

Definition at line 808 of file or.h.

#define CIRCWINDOW_START_MIN   100

Definition at line 807 of file or.h.

#define CONFIG_LINE_APPEND   1

Appends to previous configuration for the same option, even if we would ordinary replace it.

Definition at line 2909 of file or.h.

#define CONFIG_LINE_CLEAR   2

Definition at line 2911 of file or.h.

#define CONFIG_LINE_NORMAL   0

Ordinary configuration line.

Definition at line 2906 of file or.h.

#define CONN_IS_EDGE (   x)    ((x)->type == CONN_TYPE_EXIT || (x)->type == CONN_TYPE_AP)

True iff x is an edge connection.

Definition at line 266 of file or.h.

#define CONN_LOG_PROTECT (   conn,
  stmt 
)
Value:
STMT_BEGIN                                                            \
    int _log_conn_is_control;                                           \
    tor_assert(conn);                                                   \
    _log_conn_is_control = (conn->type == CONN_TYPE_CONTROL);           \
    if (_log_conn_is_control)                                           \
      disable_control_logging();                                        \
  STMT_BEGIN stmt; STMT_END;                                            \
    if (_log_conn_is_control)                                           \
      enable_control_logging();                                         \
  STMT_END

Execute the statement stmt, which may log events concerning the connection conn.

To prevent infinite loops, disable log messages being sent to controllers if conn is a control connection.

Stmt must not contain any return or goto statements.

Definition at line 3934 of file or.h.

#define CONN_TYPE_AP   7

A SOCKS proxy connection from the user application to the onion proxy.

Definition at line 212 of file or.h.

#define CONN_TYPE_AP_DNS_LISTENER   15

Type for sockets listening for DNS requests.

Definition at line 230 of file or.h.

#define CONN_TYPE_AP_LISTENER   6

Type for sockets listening for SOCKS connections.

Definition at line 209 of file or.h.

#define CONN_TYPE_AP_NATD_LISTENER   14

Type for sockets listening for transparent connections redirected by natd.

Definition at line 228 of file or.h.

#define CONN_TYPE_AP_TRANS_LISTENER   13

Type for sockets listening for transparent connections redirected by pf or netfilter.

Definition at line 225 of file or.h.

#define CONN_TYPE_CONTROL   12

Type for connections from user interface process.

Definition at line 222 of file or.h.

#define CONN_TYPE_CONTROL_LISTENER   11

Type for listening for connections from user interface process.

Definition at line 220 of file or.h.

#define CONN_TYPE_CPUWORKER   10

Connection from the main process to a CPU worker process.

Definition at line 218 of file or.h.

#define CONN_TYPE_DIR   9

Type for HTTP connections to the directory server.

Definition at line 216 of file or.h.

#define CONN_TYPE_DIR_LISTENER   8

Type for sockets listening for HTTP connections to the directory server.

Definition at line 214 of file or.h.

#define CONN_TYPE_EXIT   5

A TCP connection from an onion router to a stream's destination.

Definition at line 207 of file or.h.

#define CONN_TYPE_OR   4

A bidirectional TLS connection transmitting a sequence of cells.

May be from an OR to an OR, or from an OP to an OR.

Definition at line 205 of file or.h.

#define CONN_TYPE_OR_LISTENER   3

Type for sockets listening for OR connections.

Definition at line 202 of file or.h.

State for a control connection: Waiting for authentication; speaking protocol v1.

Definition at line 372 of file or.h.

#define CONTROL_CONN_STATE_OPEN   1

State for a control connection: Authenticated and accepting v1 commands.

Definition at line 369 of file or.h.

#define CONTROL_CONNECTION_MAGIC   0x8abc765du

Definition at line 956 of file or.h.

#define CPATH_KEY_MATERIAL_LEN   (20*2+16*2)

Definition at line 2428 of file or.h.

#define CPATH_STATE_AWAITING_KEYS   1

Definition at line 2402 of file or.h.

#define CPATH_STATE_CLOSED   0

Definition at line 2401 of file or.h.

#define CPATH_STATE_OPEN   2

Definition at line 2403 of file or.h.

State for a connection to a cpuworker process that's processing a handshake.

Definition at line 277 of file or.h.

#define CPUWORKER_STATE_IDLE   1

State for a connection to a cpuworker process that's idle.

Definition at line 274 of file or.h.

Definition at line 280 of file or.h.

#define CRYPT_PATH_MAGIC   0x70127012u

Definition at line 2360 of file or.h.

#define DEFAULT_CLIENT_NICKNAME   "client"

Name to use in client TLS certificates if no nickname is given.

Once Tor 0.1.2.x is obsolete, we can remove this.

Definition at line 844 of file or.h.

#define DEFAULT_DNS_TTL   (30*60)

How long do we cache/tell clients to cache DNS records when no TTL is known?

Definition at line 168 of file or.h.

#define DEFAULT_ROUTE_LEN   3

How many hops does a general-purpose circuit have by default?

Definition at line 3705 of file or.h.

#define DH_KEY_LEN   DH_BYTES

Definition at line 2430 of file or.h.

#define DIR_CONN_IS_SERVER (   conn)    ((conn)->purpose == DIR_PURPOSE_SERVER)

True iff the purpose of conn means that it's a server-side directory connection.

Definition at line 365 of file or.h.

State for connection to directory server: happy and finished.

Definition at line 356 of file or.h.

State for connection to directory server: reading HTTP response.

Definition at line 354 of file or.h.

State for connection to directory server: sending HTTP request.

Definition at line 352 of file or.h.

#define DIR_CONN_STATE_CONNECTING   1

State for connection to directory server: waiting for connect().

Definition at line 350 of file or.h.

State for connection at directory server: waiting for HTTP request.

Definition at line 358 of file or.h.

State for connection at directory server: sending HTTP response.

Definition at line 360 of file or.h.

#define DIR_CONNECTION_MAGIC   0x9988ffeeu

Definition at line 955 of file or.h.

#define DIR_ENTRY_RECORD_USAGE_RETAIN_IPS   (24*60*60)

Time interval: Flush geoip data to disk this often.

Definition at line 4021 of file or.h.

A connection to a directory server: download one or more directory authority certificates.

Definition at line 411 of file or.h.

#define DIR_PURPOSE_FETCH_CONSENSUS   14

A connection to a directory server: download a v3 networkstatus consensus.

Definition at line 408 of file or.h.

A connection to a directory server: download a v3 detached signatures object for a consensus.

Definition at line 405 of file or.h.

A connection to a directory server: download one or more extra-info documents.

Definition at line 390 of file or.h.

#define DIR_PURPOSE_FETCH_MICRODESC   19

A connection to a directory server: download a microdescriptor.

Definition at line 422 of file or.h.

A connection to a directory server: download a rendezvous descriptor.

Definition at line 378 of file or.h.

A connection to a hidden service directory server: download a v2 rendezvous descriptor.

Definition at line 420 of file or.h.

A connection to a directory server: download one or more server descriptors.

Definition at line 387 of file or.h.

A connection to a directory server: download one or more v3 networkstatus votes.

Definition at line 402 of file or.h.

A connection to a directory server: download one or more v2 network-status objects.

Definition at line 384 of file or.h.

A connection to a directory server: set after a rendezvous descriptor is downloaded.

Definition at line 381 of file or.h.

#define DIR_PURPOSE_IS_UPLOAD (   p)
Value:

True iff p is a purpose corresponding to uploading data to a directory server.

Definition at line 427 of file or.h.

#define DIR_PURPOSE_SERVER   16

Purpose for connection at a directory server.

Definition at line 414 of file or.h.

#define DIR_PURPOSE_UPLOAD_DIR   8

A connection to a directory server: upload a server descriptor.

Definition at line 392 of file or.h.

A connection to a directory server: upload a rendezvous descriptor.

Definition at line 395 of file or.h.

A connection to a hidden service directory server: upload a v2 rendezvous descriptor.

Definition at line 417 of file or.h.

A connection to a directory server: upload a v3 consensus signature.

Definition at line 399 of file or.h.

#define DIR_PURPOSE_UPLOAD_VOTE   10

A connection to a directory server: upload a v3 networkstatus vote.

Definition at line 397 of file or.h.

Round all GeoIP results to the next multiple of this value, to avoid leaking information.

Definition at line 4019 of file or.h.

#define DIR_RECORD_USAGE_MIN_OBSERVATION_TIME   (12*60*60)

How long do we have to have observed per-country request history before we are willing to talk about it?

Definition at line 4024 of file or.h.

#define DOWNCAST (   to,
  ptr 
)    ((to*)SUBTYPE_P(ptr, to, _base))

Helper macro: Given a pointer to to._base, of type from*, return &to.

Definition at line 1484 of file or.h.

#define EDGE_CONNECTION_MAGIC   0xF0374013u

Definition at line 953 of file or.h.

#define ELSE_IF_NO_BUFFEREVENT   ;

Definition at line 1590 of file or.h.

#define END_CIRC_AT_ORIGIN   -1

Catch-all "other" reason for closing origin circuits.

Definition at line 663 of file or.h.

Definition at line 674 of file or.h.

#define END_CIRC_REASON_DESTROYED   11

Definition at line 679 of file or.h.

#define END_CIRC_REASON_FINISHED   9

Definition at line 677 of file or.h.

#define END_CIRC_REASON_FLAG_REMOTE   512

Bitwise-OR this with the argument to circuit_mark_for_close() or control_event_circuit_status() to indicate that the reason was passed through from a destroy or truncate cell.

Definition at line 686 of file or.h.

Definition at line 672 of file or.h.

#define END_CIRC_REASON_INTERNAL   2

Definition at line 670 of file or.h.

Our post-timeout circuit time measurement period expired.

We must give up now

Definition at line 658 of file or.h.

#define END_CIRC_REASON_NONE   0

Definition at line 668 of file or.h.

#define END_CIRC_REASON_NOPATH   -2

We couldn't build a path for this circuit.

Definition at line 661 of file or.h.

Definition at line 680 of file or.h.

Definition at line 676 of file or.h.

Definition at line 675 of file or.h.

#define END_CIRC_REASON_REQUESTED   3

Definition at line 671 of file or.h.

Definition at line 673 of file or.h.

#define END_CIRC_REASON_TIMEOUT   10

Definition at line 678 of file or.h.

Definition at line 669 of file or.h.

#define END_OR_CONN_REASON_CONNRESET   4 /* connection reset by peer */

Definition at line 577 of file or.h.

#define END_OR_CONN_REASON_DONE   1

Definition at line 574 of file or.h.

#define END_OR_CONN_REASON_IO_ERROR   7 /* read/write error */

Definition at line 580 of file or.h.

#define END_OR_CONN_REASON_MISC   9

Definition at line 582 of file or.h.

#define END_OR_CONN_REASON_NO_ROUTE   6 /* no route to host/net */

Definition at line 579 of file or.h.

Definition at line 576 of file or.h.

#define END_OR_CONN_REASON_REFUSED   2 /* connection refused */

Definition at line 575 of file or.h.

#define END_OR_CONN_REASON_RESOURCE_LIMIT   8 /* sockets, buffers, etc */

Definition at line 581 of file or.h.

Definition at line 578 of file or.h.

We were unable to attach the connection to any circuit at all.

Definition at line 609 of file or.h.

This is a transparent proxy connection, but we can't extract the original target address:port.

Definition at line 618 of file or.h.

Definition at line 588 of file or.h.

#define END_STREAM_REASON_CONNRESET   12

Definition at line 597 of file or.h.

#define END_STREAM_REASON_DESTROY   5

Definition at line 590 of file or.h.

#define END_STREAM_REASON_DONE   6

Definition at line 591 of file or.h.

Definition at line 600 of file or.h.

Definition at line 589 of file or.h.

Bitwise-or this with the argument to control_event_stream_status to indicate that we already sent a CLOSED stream event.

Definition at line 634 of file or.h.

Bitwise-or this with endreason to indicate that we already sent a socks reply, and no further reply needs to be sent from connection_mark_unattached_ap().

Definition at line 638 of file or.h.

Bitwise-or this with the argument to control_event_stream_status to indicate that the reason came from an END cell.

Definition at line 631 of file or.h.

Definition at line 594 of file or.h.

#define END_STREAM_REASON_INTERNAL   10

Definition at line 595 of file or.h.

This is a connection on the NATD port, and the destination IP:Port was either ill-formed or out-of-range.

Definition at line 621 of file or.h.

#define END_STREAM_REASON_MASK   511

Bitwise-and this value with endreason to mask out all flags.

Definition at line 627 of file or.h.

#define END_STREAM_REASON_MISC   1

Definition at line 586 of file or.h.

We can't connect to any directories at all, so we killed our streams before they can time out.

Definition at line 612 of file or.h.

#define END_STREAM_REASON_NOROUTE   8

Definition at line 593 of file or.h.

Definition at line 599 of file or.h.

The target address is in a private network (like 127.0.0.1 or 10.0.0.1); you don't want to do that over a randomly chosen exit.

Definition at line 624 of file or.h.

Definition at line 587 of file or.h.

Definition at line 596 of file or.h.

This is a SOCKS connection, and the client used (or misused) the SOCKS protocol in a way we couldn't handle.

Definition at line 615 of file or.h.

#define END_STREAM_REASON_TIMEOUT   7

Definition at line 592 of file or.h.

Definition at line 598 of file or.h.

#define ENTRY_CONNECTION_MAGIC   0xbb4a5703

Definition at line 954 of file or.h.

#define ENTRY_TO_CONN (   c)    (TO_CONN(ENTRY_TO_EDGE_CONN(c)))

Cast a entry_connection_t subtype pointer to a connection_t.

Definition at line 1489 of file or.h.

#define ENTRY_TO_EDGE_CONN (   c)    (&(((c))->_edge))

Cast a entry_connection_t subtype pointer to a edge_connection_t.

Definition at line 1487 of file or.h.

State for an exit connection: waiting for connect() to finish.

Definition at line 313 of file or.h.

#define EXIT_CONN_STATE_OPEN   3

State for an exit connection: open and ready to transmit data.

Definition at line 315 of file or.h.

State for an exit connection: waiting to be removed.

Definition at line 317 of file or.h.

#define EXIT_CONN_STATE_RESOLVING   1

State for an exit connection: waiting for response from DNS farm.

Definition at line 311 of file or.h.

#define EXIT_PURPOSE_CONNECT   1

This exit stream wants to do an ordinary connect.

Definition at line 435 of file or.h.

#define EXIT_PURPOSE_RESOLVE   2

This exit stream wants to do a resolve (either normal or reverse).

Definition at line 437 of file or.h.

#define generic_buffer_t   buf_t

Definition at line 946 of file or.h.

#define GEOIP_NS_RESPONSE_NUM   6

Definition at line 4055 of file or.h.

#define HAS_BUFFEREVENT (   c)    (0)

Definition at line 1588 of file or.h.

#define IF_HAS_BUFFEREVENT (   c,
  stmt 
)    (void)0

Definition at line 1589 of file or.h.

#define IF_HAS_NO_BUFFEREVENT (   c)    if (1)

Definition at line 1591 of file or.h.

#define IMPOSSIBLE_TO_DOWNLOAD   255

If n_download_failures is this high, the download can never happen.

Definition at line 1668 of file or.h.

The maximum number of distinct INTRODUCE2 cells which a hidden service's introduction point will receive before it begins to expire.

XXX023 Is this number at all sane?

Definition at line 4166 of file or.h.

#define INTRO_POINT_LIFETIME_MAX_SECONDS   24*60*60

The maximum number of seconds that an introduction point will last before expiring due to old age.

XXX023 Should this be configurable?

Definition at line 4179 of file or.h.

#define INTRO_POINT_LIFETIME_MIN_SECONDS   18*60*60

The minimum number of seconds that an introduction point will last before expiring due to old age.

(If it receives INTRO_POINT_LIFETIME_INTRODUCTIONS INTRODUCE2 cells, it may expire sooner.)

XXX023 Should this be configurable?

Definition at line 4174 of file or.h.

#define ISO_CLIENTADDR   (1u<<4)

Isolate based on client address.

Definition at line 2859 of file or.h.

#define ISO_CLIENTPROTO   (1u<<3)

Isolate based on client protocol choice.

Definition at line 2857 of file or.h.

Default isolation level for ports.

Definition at line 2869 of file or.h.

#define ISO_DESTADDR   (1u<<1)

Isolate based on destination address.

Definition at line 2853 of file or.h.

#define ISO_DESTPORT   (1u<<0)

Isolate based on destination port.

Definition at line 2851 of file or.h.

#define ISO_NYM_EPOCH   (1u<<6)

Isolate based on newnym epoch (always on).

Definition at line 2863 of file or.h.

#define ISO_SESSIONGRP   (1u<<5)

Isolate based on session group (always on).

Definition at line 2861 of file or.h.

#define ISO_SOCKSAUTH   (1u<<2)

Isolate based on SOCKS authentication.

Definition at line 2855 of file or.h.

#define ISO_STREAM   (1u<<7)

Isolate all streams (Internal only).

Definition at line 2865 of file or.h.

#define LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Legal characters in a nickname.

Definition at line 839 of file or.h.

#define LISTENER_CONNECTION_MAGIC   0x1a1ac741u

Definition at line 957 of file or.h.

#define LISTENER_STATE_READY   0

State for any listener connection.

Definition at line 270 of file or.h.

Value:

Definition at line 3317 of file or.h.

#define MAX_BUF_SIZE   ((1<<24)-1) /* 16MB-1 */

Maximum size, in bytes, for resized buffers.

Definition at line 144 of file or.h.

#define MAX_CONSTRAINED_TCP_BUFFER   262144 /* 256k */

Definition at line 2842 of file or.h.

#define MAX_DESCRIPTOR_UPLOAD_SIZE   20000

Maximum size, in bytes, of a single router descriptor uploaded to us as a directory authority.

Caches and clients fetch whatever descriptors the authorities tell them to fetch, and don't care about size.

Definition at line 158 of file or.h.

Maximum size, in bytes, for any directory object that we've downloaded.

Definition at line 146 of file or.h.

Maximum size, in bytes, for any directory object that we're accepting as an upload.

Definition at line 153 of file or.h.

#define MAX_DNS_ENTRY_AGE   (30*60)

How long do we keep DNS cache entries before purging them (regardless of their TTL)?

Definition at line 165 of file or.h.

#define MAX_DNS_TTL   (3*60*60)

How long can a TTL be before we stop believing it?

Definition at line 170 of file or.h.

#define MAX_EXTRAINFO_UPLOAD_SIZE   50000

Maximum size of a single extrainfo document, as above.

Definition at line 161 of file or.h.

#define MAX_HEADERS_SIZE   50000

For HTTP parsing: Maximum number of bytes we'll accept in the headers of an HTTP request or response.

Definition at line 150 of file or.h.

Length of a router identity encoded as a hexadecimal digest, plus possible dollar sign.

Definition at line 138 of file or.h.

The maximum number of non-circuit-build-timeout failures a hidden service client will tolerate while trying to build a circuit to an introduction point.

See also rend_intro_point_t.unreachable_count.

Definition at line 4159 of file or.h.

Definition at line 3535 of file or.h.

How many times will we try to download a microdescriptor before giving up?

Definition at line 2048 of file or.h.

#define MAX_NICKNAME_LEN   19

Length of longest allowable configured nickname.

Definition at line 135 of file or.h.

Largest number of relay_early cells that we can send on a given circuit.

Definition at line 2597 of file or.h.

How many times will we try to download a router's descriptor before giving up?

Definition at line 2044 of file or.h.

#define MAX_SOCKS_ADDR_LEN   256

Definition at line 3643 of file or.h.

#define MAX_SOCKS_REPLY_LEN   1024

Definition at line 3642 of file or.h.

#define MAX_SSL_KEY_LIFETIME_ADVERTISED   (365*24*60*60)

What expiry time shall we place on our SSL certs?

Definition at line 180 of file or.h.

#define MAX_SSL_KEY_LIFETIME_INTERNAL   (2*60*60)

How often do we rotate TLS contexts?

Definition at line 178 of file or.h.

#define MAX_STATUS_TAG_LEN   32

Definition at line 4370 of file or.h.

Maximum length of verbose router identifier: dollar sign, hex ID digest, equal sign or tilde, nickname.

Definition at line 141 of file or.h.

How many circuits do we want simultaneously in-progress to handle a given stream?

Definition at line 545 of file or.h.

#define MIN_CONSTRAINED_TCP_BUFFER   2048

Definition at line 2841 of file or.h.

#define MIN_DNS_TTL   60

How small can a TTL be before we stop believing it? Provides rudimentary pinning.

Definition at line 173 of file or.h.

#define MIN_ONION_KEY_LIFETIME   (7*24*60*60)

How often do we rotate onion keys?

Definition at line 176 of file or.h.

#define N_CONSENSUS_FLAVORS   ((int)(FLAV_MICRODESC)+1)

How many different consensus flavors are there?

Definition at line 2164 of file or.h.

Definition at line 1374 of file or.h.

#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)

How old do we let a saved descriptor get before force-removing it?

Definition at line 189 of file or.h.

Value:
(PKCS1_OAEP_PADDING_OVERHEAD+\
                                 CIPHER_KEY_LEN+\
                                 DH_KEY_LEN)

Definition at line 2431 of file or.h.

Definition at line 2434 of file or.h.

#define OR_AUTH_CHALLENGE_LEN   32

Minimum length of the random part of an AUTH_CHALLENGE cell.

Definition at line 1092 of file or.h.

#define OR_CERT_TYPE_AUTH_1024   3

A certificate that authenticates a key used in an AUTHENTICATE cell in the v3 handshake.

The subject key must be a 1024-bit RSA key; it must be signed by the identity key

Definition at line 1111 of file or.h.

#define OR_CERT_TYPE_ID_1024   2

A self-signed identity certificate.

The subject key must be a 1024-bit RSA key.

Definition at line 1107 of file or.h.

#define OR_CERT_TYPE_TLS_LINK   1

A certificate that authenticates a TLS link key.

The subject key must match the key used in the TLS handshake; it must be signed by the identity key.

Definition at line 1104 of file or.h.

#define OR_CIRCUIT_MAGIC   0x98ABC04Fu

Definition at line 2487 of file or.h.

#define OR_CONN_STATE_CONNECTING   1

State for a connection to an OR: waiting for connect() to finish.

Definition at line 284 of file or.h.

#define OR_CONN_STATE_OPEN   8

State for an OR connection: Ready to send/receive cells.

Definition at line 306 of file or.h.

State for an OR connection: We're done with our SSL handshake, we've done renegotiation, but we haven't yet negotiated link protocol versions and sent a netinfo cell.

Definition at line 300 of file or.h.

State for an OR connection: We're done with our SSL handshake, but we haven't yet negotiated link protocol versions, done a V3 handshake, and sent a netinfo cell.

Definition at line 304 of file or.h.

State for a connection to an OR: waiting for proxy handshake to complete.

Definition at line 286 of file or.h.

State for a connection to an OR: We're doing a second SSL handshake for renegotiation purposes.

(V2 handshake only.)

Definition at line 292 of file or.h.

State for an OR connection client: SSL is handshaking, not done yet.

Definition at line 289 of file or.h.

State for a connection at an OR: We're waiting for the client to renegotiate (to indicate a v2 handshake) or send a versions cell (to indicate a v3 handshake)

Definition at line 296 of file or.h.

#define OR_CONNECTION_MAGIC   0x7D31FF03u

Definition at line 952 of file or.h.

#define ORIGIN_CIRCUIT_MAGIC   0x35315243u

Definition at line 2486 of file or.h.

#define PDS_ALLOW_SELF   (1<<0)

Flag to indicate that we should not automatically be willing to use ourself to answer a directory request.

Passed to router_pick_directory_server (et al).

Definition at line 4309 of file or.h.

#define PDS_IGNORE_FASCISTFIREWALL   (1<<2)

Flag to indicate that we should not exclude directory servers that our ReachableAddress settings would exclude.

This usually means that we're going to connect to the server over Tor, and so we don't need to worry about our firewall telling us we can't. Passed to router_pick_directory_server (et al).

Definition at line 4319 of file or.h.

#define PDS_NO_EXISTING_MICRODESC_FETCH   (1<<4)

Definition at line 4333 of file or.h.

#define PDS_NO_EXISTING_SERVERDESC_FETCH   (1<<3)

Flag to indicate that we should not use any directory authority to which we have an existing directory connection for downloading server descriptors or extrainfo documents.

Passed to router_pick_directory_server (et al)

[XXXX NOTE: This option is only implemented for pick_trusteddirserver, not pick_directory_server. If we make it work on pick_directory_server too, we could conservatively make it only prevent multiple fetches to the same authority, or we could aggressively make it prevent multiple fetches to any single directory server.]

Definition at line 4332 of file or.h.

#define PDS_RETRY_IF_NO_SERVERS   (1<<1)

Flag to indicate that if no servers seem to be up, we should mark all directory servers as up and try again.

Passed to router_pick_directory_server (et al).

Definition at line 4313 of file or.h.

#define PROXY_CONNECT   1

Definition at line 237 of file or.h.

#define PROXY_CONNECTED   8

Definition at line 263 of file or.h.

Definition at line 249 of file or.h.

#define PROXY_INFANT   1

Definition at line 247 of file or.h.

#define PROXY_NONE   0

Definition at line 236 of file or.h.

#define PROXY_PLUGGABLE   4

Definition at line 243 of file or.h.

#define PROXY_SOCKS4   2

Definition at line 238 of file or.h.

Definition at line 251 of file or.h.

#define PROXY_SOCKS5   3

Definition at line 239 of file or.h.

Definition at line 254 of file or.h.

Definition at line 257 of file or.h.

Definition at line 259 of file or.h.

Definition at line 261 of file or.h.

#define RELAY_COMMAND_BEGIN   1

Definition at line 549 of file or.h.

#define RELAY_COMMAND_BEGIN_DIR   13

Definition at line 561 of file or.h.

#define RELAY_COMMAND_CONNECTED   4

Definition at line 552 of file or.h.

#define RELAY_COMMAND_DATA   2

Definition at line 550 of file or.h.

#define RELAY_COMMAND_DROP   10

Definition at line 558 of file or.h.

#define RELAY_COMMAND_END   3

Definition at line 551 of file or.h.

Definition at line 563 of file or.h.

Definition at line 564 of file or.h.

#define RELAY_COMMAND_EXTEND   6

Definition at line 554 of file or.h.

#define RELAY_COMMAND_EXTENDED   7

Definition at line 555 of file or.h.

Definition at line 569 of file or.h.

#define RELAY_COMMAND_INTRODUCE1   34

Definition at line 565 of file or.h.

#define RELAY_COMMAND_INTRODUCE2   35

Definition at line 566 of file or.h.

#define RELAY_COMMAND_INTRODUCE_ACK   40

Definition at line 571 of file or.h.

#define RELAY_COMMAND_RENDEZVOUS1   36

Definition at line 567 of file or.h.

#define RELAY_COMMAND_RENDEZVOUS2   37

Definition at line 568 of file or.h.

Definition at line 570 of file or.h.

#define RELAY_COMMAND_RESOLVE   11

Definition at line 559 of file or.h.

#define RELAY_COMMAND_RESOLVED   12

Definition at line 560 of file or.h.

#define RELAY_COMMAND_SENDME   5

Definition at line 553 of file or.h.

#define RELAY_COMMAND_TRUNCATE   8

Definition at line 556 of file or.h.

#define RELAY_COMMAND_TRUNCATED   9

Definition at line 557 of file or.h.

#define RELAY_HEADER_SIZE   (1+2+2+4+2)

Number of bytes in a relay cell's header (not including general cell header).

Definition at line 872 of file or.h.

Largest number of bytes that can fit in a relay cell payload.

Definition at line 874 of file or.h.

#define REMAP_STREAM_SOURCE_CACHE   1

Reason for remapping an AP connection's address: we have a cached answer.

Definition at line 642 of file or.h.

#define REMAP_STREAM_SOURCE_EXIT   2

Reason for remapping an AP connection's address: the exit node told us an answer.

Definition at line 645 of file or.h.

Value:

Length of client entry consisting of client identifier and encrypted session key for hidden service authorization type 'basic'.

Definition at line 741 of file or.h.

Length of client identifier in encrypted introduction points for hidden service authorization type 'basic'.

Definition at line 732 of file or.h.

Multiple of the number of clients to which the real number of clients is padded with fake clients for hidden service authorization type 'basic'.

Definition at line 737 of file or.h.

#define REND_CLIENTNAME_MAX_LEN   16

Maximum length of authorized client names for a hidden service.

Definition at line 753 of file or.h.

Length of the rendezvous cookie that is used to connect circuits at the rendezvous point.

Definition at line 757 of file or.h.

#define REND_DESC_COOKIE_LEN   16

Length of the descriptor cookie that is used for client authorization to hidden services.

Definition at line 724 of file or.h.

#define REND_DESC_COOKIE_LEN_BASE64   22

Length of the base64-encoded descriptor cookie that is used for exchanging client authorization between hidden service and client.

Definition at line 728 of file or.h.

#define REND_DESC_ID_V2_LEN_BASE32   32

Length of v2 descriptor ID (32 base32 chars = 160 bits).

Definition at line 712 of file or.h.

#define REND_DESC_MAX_SIZE   (20 * 1024)

Maximum size of v2 hidden service descriptors.

Definition at line 745 of file or.h.

Length of the base32-encoded hash of an introduction point's identity key.

Definition at line 720 of file or.h.

#define REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"

Legal characters for use in authorized client names for a hidden service.

Definition at line 749 of file or.h.

Number of consecutive replicas for a descriptor.

Definition at line 709 of file or.h.

Number of non-consecutive replicas (i.e.

distributed somewhere in the ring) for a descriptor.

Definition at line 706 of file or.h.

#define REND_REPLAY_TIME_INTERVAL   (5 * 60)

Time interval for tracking replays of DH public keys received in INTRODUCE2 cells.

Used only to avoid launching multiple simultaneous attempts to connect to the same rendezvous point.

Definition at line 796 of file or.h.

Length of the base32-encoded secret ID part of versioned hidden service descriptors.

Definition at line 716 of file or.h.

#define REND_SERVICE_ADDRESS_LEN   (16+1+5)

Length of 'y.onion' including '.onion' URL.

Definition at line 692 of file or.h.

#define REND_SERVICE_ID_LEN   10

Length of a binary-encoded rendezvous service ID.

Definition at line 695 of file or.h.

#define REND_SERVICE_ID_LEN_BASE32   16

Length of 'y' portion of 'y.onion' URL.

Definition at line 689 of file or.h.

Time period within which two sets of v2 descriptors will be uploaded in parallel.

Definition at line 702 of file or.h.

#define REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)

Time period for which a v2 descriptor will be valid.

Definition at line 698 of file or.h.

Definition at line 2774 of file or.h.

#define RESOLVED_TYPE_ERROR   0xF1

Definition at line 652 of file or.h.

#define RESOLVED_TYPE_ERROR_TRANSIENT   0xF0

Definition at line 651 of file or.h.

#define RESOLVED_TYPE_HOSTNAME   0

Definition at line 648 of file or.h.

#define RESOLVED_TYPE_IPV4   4

Definition at line 649 of file or.h.

#define RESOLVED_TYPE_IPV6   6

Definition at line 650 of file or.h.

#define ROUTER_ANNOTATION_BUF_LEN   256

The max size we expect router descriptor annotations we create to be.

We'll accept larger ones if we see them on disk, but we won't create any that are larger than this.

Definition at line 1673 of file or.h.

#define ROUTER_MAX_AGE   (60*60*48)

How old do we allow a router to get before removing it from the router list? In seconds.

Definition at line 184 of file or.h.

#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)

How old can a router get before we (as a server) will no longer consider it live? In seconds.

Definition at line 187 of file or.h.

#define ROUTER_MAX_DECLARED_BANDWIDTH   INT32_MAX

Definition at line 4303 of file or.h.

#define ROUTER_PURPOSE_BRIDGE   2

Tor should use this router only for bridge positions in circuits: we got it via a directory request from the bridge itself, or a bridge authority.

x

Definition at line 1786 of file or.h.

#define ROUTER_PURPOSE_CONTROLLER   1

Tor should avoid using this router for circuit-building: we got it from a crontroller.

If the controller wants to use it, it'll have to ask for it by identity.

Definition at line 1782 of file or.h.

#define ROUTER_PURPOSE_GENERAL   0

Tor can use this router for general positions in circuits; we got it from a directory server as usual, or we're an authority and a server uploaded it.

Definition at line 1778 of file or.h.

#define ROUTER_PURPOSE_UNKNOWN   255

Tor should not use this router; it was marked in cached-descriptors with a purpose we didn't recognize.

Definition at line 1789 of file or.h.

#define ROUTER_REQUIRED_MIN_BANDWIDTH   (20*1024)

Definition at line 4301 of file or.h.

Session group reserved for resolve requests launched by a controller.

Definition at line 2876 of file or.h.

#define SESSION_GROUP_DIRCONN   -2

Session group reserved for directory connections.

Definition at line 2874 of file or.h.

#define SESSION_GROUP_FIRST_AUTO   -4

First automatically allocated session group number.

Definition at line 2878 of file or.h.

#define SESSION_GROUP_UNSET   -1

Indicates that we haven't yet set a session group on a port_cfg_t.

Definition at line 2872 of file or.h.

#define SIGCLEARDNSCACHE   130

Definition at line 122 of file or.h.

#define SIGHUP   1

Definition at line 105 of file or.h.

#define SIGINT   2

Definition at line 108 of file or.h.

#define SIGNEWNYM   129

Definition at line 121 of file or.h.

#define SIGTERM   15

Definition at line 117 of file or.h.

#define SIGUSR1   10

Definition at line 111 of file or.h.

#define SIGUSR2   12

Definition at line 114 of file or.h.

#define SOCKS4_NETWORK_LEN   8

Number of bytes in a SOCKS4 header.

Definition at line 850 of file or.h.

#define SOCKS_COMMAND_CONNECT   0x01

Please open a TCP connection to this addr:port.

Definition at line 3648 of file or.h.

#define SOCKS_COMMAND_IS_CONNECT (   c)    ((c)==SOCKS_COMMAND_CONNECT)

Definition at line 3654 of file or.h.

#define SOCKS_COMMAND_IS_RESOLVE (   c)
Value:

Definition at line 3655 of file or.h.

#define SOCKS_COMMAND_RESOLVE   0xF0

Please turn this FQDN into an IP address, privately.

Definition at line 3650 of file or.h.

#define SOCKS_COMMAND_RESOLVE_PTR   0xF1

Please turn this IP address into an FQDN, privately.

Definition at line 3652 of file or.h.

#define SOCKS_NO_AUTH   0x00

Definition at line 3644 of file or.h.

#define SOCKS_USER_PASS   0x02

Definition at line 3645 of file or.h.

#define STREAMWINDOW_INCREMENT   50

Amount to increment a stream window when we get a stream SENDME.

Definition at line 815 of file or.h.

#define STREAMWINDOW_START   500

Initial value on both sides of a stream transmission window when the stream is initialized.

Measured in cells.

Definition at line 813 of file or.h.

How long to test reachability before complaining to the user.

Definition at line 836 of file or.h.

#define TO_CIRCUIT (   x)    (&((x)->_base))

Convert a circuit subtype to a circuit_t.

Definition at line 2811 of file or.h.

#define TO_CONN (   c)    (&(((c)->_base)))

Cast a connection_t subtype pointer to a connection_t.

Definition at line 1482 of file or.h.

#define UNNAMED_ROUTER_NICKNAME   "Unnamed"

Name chosen by routers that don't configure nicknames.

Definition at line 847 of file or.h.

#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)

The length of the part of the AUTHENTICATE cell body that the client signs.

Definition at line 1129 of file or.h.

#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))

The length of the part of the AUTHENTICATE cell body that the client and server can generate independently (when using RSA_SHA256_TLSSECRET).

It contains everything except the client's timestamp, the client's randomly generated nonce, and the signature.

Definition at line 1126 of file or.h.

#define VAR_CELL_HEADER_SIZE   5

Length of a header on a variable-length cell.

Definition at line 868 of file or.h.

#define WRITE_STATS_INTERVAL   (24*60*60)

Definition at line 4086 of file or.h.


Typedef Documentation

typedef struct addr_policy_t addr_policy_t

A reference-counted address policy rule.

Certificate for v3 directory protocol: binds long-term authority identity keys to medium-term authority signing keys.

Possible ways to weight routers when choosing one randomly.

See routerlist_sl_choose_by_bandwidth() for more information.

typedef struct buf_t

Definition at line 941 of file or.h.

typedef uint32_t build_time_t

A build_time_t is milliseconds.

Definition at line 3727 of file or.h.

Used to indicate the type of a buildtime event.

typedef struct cached_dir_t cached_dir_t

A cached_dir_t represents a cacheable directory object, along with its compressed form.

typedef struct cell_queue_t cell_queue_t

A queue of cells on a circuit, waiting to be added to the or_connection_t's outbuf.

typedef struct cell_t cell_t

Parsed onion routing cell.

All communication between nodes is via cells.

typedef uint16_t circid_t

Identifies a circuit on an or_connection.

Definition at line 877 of file or.h.

Used to indicate the type of a circuit event passed to the controller.

The various types are defined in control-spec.txt

Used to indicate the type of a CIRC_MINOR event passed to the controller.

The various types are defined in control-spec.txt .

typedef struct circuit_t circuit_t

A circuit is a path over the onion routing network.

Applications can connect to one end of the circuit, and can create exit connections at the other end of the circuit. AP and exit connections have only one circuit associated with them (and thus these connection types are closed when the circuit is closed), whereas OR connections multiplex many circuits at once, and stay standing even when there are no circuits running over them.

A circuit_t structure can fill one of two roles. First, a or_circuit_t links two connections together: either an edge connection and an OR connection, or two OR connections. (When joined to an OR connection, a circuit_t affects only cells sent to a particular circID on that connection. When joined to an edge connection, a circuit_t affects all data.)

Second, an origin_circuit_t holds the cipher keys and state for sending data along a given circuit. At the OP, it has a sequence of ciphers, each of which is shared with a single OR along the circuit. Separate ciphers are used for data going "forward" (away from the OP) and "backward" (towards the OP). At the OR, a circuit has only two stream ciphers: one for data going forward, and one for data going backward.

typedef struct config_line_t config_line_t

A linked list of lines in a config file.

typedef struct connection_t connection_t

Description of a connection to another host or process, and associated data.

A connection is named based on what it's connected to -- an "OR connection" has a Tor node on the other end, an "exit connection" has a website or other server on the other end, and an "AP connection" has an application proxy (and thus a user) on the other end.

Every connection has a type and a state. Connections never change their type, but can go through many state changes in their lifetime.

Every connection has two associated input and output buffers. Listeners don't use them. For non-listener connections, incoming data is appended to conn->inbuf, and outgoing data is taken from conn->outbuf. Connections differ primarily in the functions called to fill and drain these buffers.

Subtype of connection_t for an connection to a controller.

typedef int16_t country_t

A signed integer representing a country code.

Definition at line 1722 of file or.h.

typedef struct crypt_path_t crypt_path_t

Holds accounting information for a single step in the layered encryption performed by a circuit.

Used only at the client edge of a circuit.

typedef struct desc_store_t desc_store_t

A 'store' is a set of descriptors saved on disk, with accompanying journal, mmaped as needed, rebuilt as needed.

Subtype of connection_t for an "directory connection" -- that is, an HTTP connection to retrieve or serve directory material.

A signature of some document by an authority.

Information about our plans for retrying downloads for a downloadable object.

Subtype of connection_t for an "edge connection" -- that is, an entry (ap) connection, or an exit.

Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS connection, a DNS request, a TransPort connection or a NATD connection.

typedef struct extend_info_t extend_info_t

Information on router used when extending a circuit.

We don't need a full routerinfo_t to extend: we only need addr:port:keyid to build an OR connection, and onion_key to create the onionskin. Note that for onehop general-purpose tunnels, the onion_key is NULL.

typedef struct extrainfo_t extrainfo_t

Information needed to keep and cache a signed extra-info document.

Number of cells added to a circuit queue including their insertion time on 10 millisecond detail; used for buffer statistics.

Queue of insertion times.

Bitfield type: things that we're willing to use invalid routers for.

Subtype of connection_t; used for a listener socket.

typedef struct microdesc_cache_t

Definition at line 4090 of file or.h.

typedef struct microdesc_t microdesc_t

A microdescriptor is the smallest amount of information needed to build a circuit through a router.

They are generated by the directory authorities, using information from the uploaded routerinfo documents. They are not self-signed, but are rather authenticated by having their hash in a signed networkstatus document.

A common structure to hold a v3 network status vote, or a v3 network status consensus.

Contents of a v2 (non-consensus, non-vote) network status object.

Information about a single voter in a vote or a consensus.

typedef struct node_t node_t

A node_t represents a Tor router.

Specifically, a node_t is a Tor router as we are using it: a router that we are considering for circuits, connections, and so on. A node_t is a thin wrapper around the routerstatus, routerinfo, and microdesc for a single wrapper, and provides a consistent interface for all of them.

Also, a node_t has mutable state. While a routerinfo, a routerstatus, and a microdesc have[*] only the information read from a router descriptor, a consensus entry, and a microdescriptor (respectively)... a node_t has flags based on our own current opinion of the node.

[*] Actually, there is some leftover information in each that is mutable. We should try to excise that.

A set of signatures for a networkstatus consensus.

Unless otherwise noted, all fields are as for networkstatus_t.

typedef struct or_circuit_t or_circuit_t

An or_circuit_t holds information needed to implement a circuit at an OR.

Used to indicate the type of an OR connection event passed to the controller.

The various types are defined in control-spec.txt

Subtype of connection_t for an "OR connection" -- that is, one that speaks cells over TLS.

Stores flags and information related to the portion of a v2/v3 Tor OR connection handshake that happens after the TLS handshake is finished.

An origin_circuit_t holds data necessary to build and use a circuit.

typedef struct packed_cell_t packed_cell_t

A cell as packed for writing to the network.

typedef struct port_cfg_t port_cfg_t

Configuration for a single port that we're listening on.

Client authorization type that a hidden service performs.

Hidden-service side configuration of client authorization.

A cached rendezvous descriptor.

typedef struct rend_data_t rend_data_t

Client- and server-side data that is used for hidden service connection establishment.

Not all fields contain data depending on where this struct is used.

ASCII-encoded v2 hidden service descriptor.

Introduction point information.

Used both in rend_service_t (on the service side) and in rend_service_descriptor_t (on both the client and service side).

Client-side configuration of authorization for a hidden service.

Information used to connect to a hidden service.

Used on both the service side and the client side.

typedef struct routerset_t

Definition at line 2926 of file or.h.

Contents of a single router entry in a network status object.

typedef enum setopt_err_t setopt_err_t

A single entry in a parsed policy summary, describing a range of ports.

A short_poliy_t is the parsed version of a policy summary.

Information need to cache an onion router's descriptor.

typedef struct socks_request_t

Definition at line 942 of file or.h.

typedef enum store_type_t store_type_t

Allowable types of desc_store_t.

Used to indicate the type of a stream event passed to the controller.

The various types are defined in control-spec.txt

typedef uint16_t streamid_t

Identifies a stream on a circuit.

Definition at line 879 of file or.h.

typedef struct tor_version_t tor_version_t

Structure to hold parsed Tor versions.

This is a little messier than we would like it to be, because we changed version schemes with 0.1.0.

See version-spec.txt for the whole business.

Represents information about a single trusted directory server.

typedef struct var_cell_t var_cell_t

Parsed variable-length onion routing cell.

Possible statuses of a version of Tor, given opinions from the directory servers.

Linked list of microdesc hash lines for a single router in a directory vote.

The claim about a single router, made in a vote.

typedef struct vote_timing_t vote_timing_t

Describes the schedule by which votes should be generated.


Enumeration Type Documentation

What action type does an address policy indicate: accept or reject?

Enumerator:
ADDR_POLICY_ACCEPT 
ADDR_POLICY_REJECT 

Definition at line 1596 of file or.h.

Outcome of applying an address policy to an address.

Enumerator:
ADDR_POLICY_ACCEPTED 

The address was accepted.

ADDR_POLICY_REJECTED 

The address was rejected.

ADDR_POLICY_PROBABLY_ACCEPTED 

Part of the address was unknown, but as far as we can tell, it was accepted.

ADDR_POLICY_PROBABLY_REJECTED 

Part of the address was unknown, but as far as we can tell, it was rejected.

Definition at line 4116 of file or.h.

Enumerates possible origins of a client-side address mapping.

Enumerator:
ADDRMAPSRC_CONTROLLER 

We're remapping this address because the controller told us to.

ADDRMAPSRC_AUTOMAP 

We're remapping this address because of an AutomapHostsOnResolve configuration.

ADDRMAPSRC_TORRC 

We're remapping this address because our configuration (via torrc, the command line, or a SETCONF command) told us to.

ADDRMAPSRC_TRACKEXIT 

We're remapping this address because we have TrackHostExit configured, and we want to remember to use the same exit next time.

ADDRMAPSRC_DNS 

We're remapping this address because we got a DNS resolution from a Tor server that told us what its value was.

ADDRMAPSRC_NONE 

No remapping has occurred.

This isn't a possible value for an addrmap_entry_t; it's used as a null value when we need to answer "Why did this remapping happen."

Definition at line 3854 of file or.h.

Possible ways to weight routers when choosing one randomly.

See routerlist_sl_choose_by_bandwidth() for more information.

Enumerator:
NO_WEIGHTING 
WEIGHT_FOR_EXIT 
WEIGHT_FOR_MID 
WEIGHT_FOR_GUARD 
WEIGHT_FOR_DIR 

Definition at line 4339 of file or.h.

Enum describing various stages of bootstrapping, for use with controller bootstrap status events.

The values range from 0 to 100.

Enumerator:
BOOTSTRAP_STATUS_UNDEF 
BOOTSTRAP_STATUS_STARTING 
BOOTSTRAP_STATUS_CONN_DIR 
BOOTSTRAP_STATUS_HANDSHAKE 
BOOTSTRAP_STATUS_HANDSHAKE_DIR 
BOOTSTRAP_STATUS_ONEHOP_CREATE 
BOOTSTRAP_STATUS_REQUESTING_STATUS 
BOOTSTRAP_STATUS_LOADING_STATUS 
BOOTSTRAP_STATUS_LOADING_KEYS 
BOOTSTRAP_STATUS_REQUESTING_DESCRIPTORS 
BOOTSTRAP_STATUS_LOADING_DESCRIPTORS 
BOOTSTRAP_STATUS_CONN_OR 
BOOTSTRAP_STATUS_HANDSHAKE_OR 
BOOTSTRAP_STATUS_CIRCUIT_CREATE 
BOOTSTRAP_STATUS_DONE 

Definition at line 3948 of file or.h.

Used to indicate the type of a buildtime event.

Enumerator:
BUILDTIMEOUT_SET_EVENT_COMPUTED 
BUILDTIMEOUT_SET_EVENT_RESET 
BUILDTIMEOUT_SET_EVENT_SUSPENDED 
BUILDTIMEOUT_SET_EVENT_DISCARD 
BUILDTIMEOUT_SET_EVENT_RESUME 

Definition at line 3920 of file or.h.

Used to indicate which way a cell is going on a circuit.

Enumerator:
CELL_DIRECTION_IN 

The cell is moving towards the origin.

CELL_DIRECTION_OUT 

The cell is moving away from the origin.

Definition at line 799 of file or.h.

Possible rules for generating circuit IDs on an OR connection.

Enumerator:
CIRC_ID_TYPE_LOWER 

Pick from 0..1<<15-1.

CIRC_ID_TYPE_HIGHER 

Pick from 1<<15..1<<16-1.

CIRC_ID_TYPE_NEITHER 

The other side of a connection is an OP: never create circuits to it, and let it use any circuit ID it wants.

Definition at line 192 of file or.h.

Used to indicate the type of a circuit event passed to the controller.

The various types are defined in control-spec.txt

Enumerator:
CIRC_EVENT_LAUNCHED 
CIRC_EVENT_BUILT 
CIRC_EVENT_EXTENDED 
CIRC_EVENT_FAILED 
CIRC_EVENT_CLOSED 

Definition at line 3880 of file or.h.

Used to indicate the type of a CIRC_MINOR event passed to the controller.

The various types are defined in control-spec.txt .

Enumerator:
CIRC_MINOR_EVENT_PURPOSE_CHANGED 
CIRC_MINOR_EVENT_CANNIBALIZED 

Definition at line 3890 of file or.h.

Enumerates recognized flavors of a consensus networkstatus document.

All flavors of a consensus are generated from the same set of votes, but they present different types information to different versions of Tor.

Enumerator:
FLAV_NS 
FLAV_MICRODESC 

Definition at line 2158 of file or.h.

Bitfield enum type listing types of information that directory authorities can be authoritative about, and that directory caches may or may not cache.

Note that the granularity here is based on authority granularity and on cache capabilities. Thus, one particular bit may correspond in practice to a few types of directory info, so long as every authority that pronounces officially about one of the types prounounces officially about all of them, and so long as every cache that caches one of them caches all of them.

Enumerator:
NO_DIRINFO 
V1_DIRINFO 

Serves/signs v1 directory information: Big lists of routers, and short routerstatus documents.

V2_DIRINFO 

Serves/signs v2 directory information: i.e.

v2 networkstatus documents

V3_DIRINFO 

Serves/signs v3 directory information: votes, consensuses, certs.

HIDSERV_DIRINFO 

Serves hidden service descriptors.

BRIDGE_DIRINFO 

Serves bridge descriptors.

EXTRAINFO_DIRINFO 

Serves extrainfo documents.

MICRODESC_DIRINFO 

Serves microdescriptors.

Definition at line 2341 of file or.h.

             {
  NO_DIRINFO      = 0,
  V1_DIRINFO      = 1 << 0,
  V2_DIRINFO      = 1 << 1,
  V3_DIRINFO      = 1 << 2,
  HIDSERV_DIRINFO = 1 << 3,
  BRIDGE_DIRINFO  = 1 << 4,
  EXTRAINFO_DIRINFO=1 << 5,
  MICRODESC_DIRINFO=1 << 6,
} dirinfo_type_t;

Possible states for either direct or tunneled directory requests that are relevant for determining network status download times.

Enumerator:
DIRREQ_IS_FOR_NETWORK_STATUS 

Found that the client requests a network status; applies to both direct and tunneled requests; initial state of a request that we are measuring.

DIRREQ_FLUSHING_DIR_CONN_FINISHED 

Finished writing a network status to the directory connection; applies to both direct and tunneled requests; completes a direct request.

DIRREQ_END_CELL_SENT 

END cell sent to circuit that initiated a tunneled request.

DIRREQ_CIRC_QUEUE_FLUSHED 

Flushed last cell from queue of the circuit that initiated a tunneled request to the outbuf of the OR connection.

DIRREQ_OR_CONN_BUFFER_FLUSHED 

Flushed last byte from buffer of the OR connection belonging to the circuit that initiated a tunneled request; completes a tunneled request.

Definition at line 4066 of file or.h.

Directory requests that we are measuring can be either direct or tunneled.

Enumerator:
DIRREQ_DIRECT 
DIRREQ_TUNNELED 

Definition at line 4059 of file or.h.

Enumeration: what kind of download schedule are we using for a given object?

Enumerator:
DL_SCHED_GENERIC 
DL_SCHED_CONSENSUS 
DL_SCHED_BRIDGE 

Definition at line 1651 of file or.h.

Indicates an action that we might be noting geoip statistics on.

Note that if we're noticing CONNECT, we're a bridge, and if we're noticing the others, we're not.

Enumerator:
GEOIP_CLIENT_CONNECT 

We've noticed a connection as a bridge relay or entry guard.

GEOIP_CLIENT_NETWORKSTATUS 

We've served a networkstatus consensus as a directory server.

GEOIP_CLIENT_NETWORKSTATUS_V2 

We've served a v2 networkstatus consensus as a directory server.

Definition at line 4030 of file or.h.

Indicates either a positive reply or a reason for rejectng a network status request that will be included in geoip statistics.

Enumerator:
GEOIP_SUCCESS 

Request is answered successfully.

GEOIP_REJECT_NOT_ENOUGH_SIGS 

V3 network status is not signed by a sufficient number of requested authorities.

GEOIP_REJECT_UNAVAILABLE 

Requested network status object is unavailable.

GEOIP_REJECT_NOT_FOUND 

Requested network status not found.

GEOIP_REJECT_NOT_MODIFIED 

Network status has not been modified since If-Modified-Since time.

GEOIP_REJECT_BUSY 

Directory is busy.

Definition at line 4040 of file or.h.

Bitfield type: things that we're willing to use invalid routers for.

Enumerator:
ALLOW_INVALID_ENTRY 
ALLOW_INVALID_EXIT 
ALLOW_INVALID_MIDDLE 
ALLOW_INVALID_RENDEZVOUS 
ALLOW_INVALID_INTRODUCTION 

Definition at line 2832 of file or.h.

Enumerates the possible seriousness values of a networkstatus document.

Enumerator:
NS_TYPE_VOTE 
NS_TYPE_CONSENSUS 
NS_TYPE_OPINION 

Definition at line 2149 of file or.h.

Used to indicate the type of an OR connection event passed to the controller.

The various types are defined in control-spec.txt

Enumerator:
OR_CONN_EVENT_LAUNCHED 
OR_CONN_EVENT_CONNECTED 
OR_CONN_EVENT_FAILED 
OR_CONN_EVENT_CLOSED 
OR_CONN_EVENT_NEW 

Definition at line 3911 of file or.h.

enum pk_op_t

Possible public/private key operations in Tor: used to keep track of where we're spending our time.

Enumerator:
SIGN_DIR 
SIGN_RTR 
VERIFY_DIR 
VERIFY_RTR 
ENC_ONIONSKIN 
DEC_ONIONSKIN 
TLS_HANDSHAKE_C 
TLS_HANDSHAKE_S 
REND_CLIENT 
REND_MID 
REND_SERVER 

Definition at line 4133 of file or.h.

Client authorization type that a hidden service performs.

Enumerator:
REND_NO_AUTH 
REND_BASIC_AUTH 
REND_STEALTH_AUTH 

Definition at line 760 of file or.h.

Flags to be passed to control router_choose_random_node() to indicate what kind of nodes to pick according to what algorithm.

Enumerator:
CRN_NEED_UPTIME 
CRN_NEED_CAPACITY 
CRN_NEED_GUARD 
CRN_ALLOW_INVALID 
CRN_WEIGHT_AS_EXIT 
CRN_NEED_DESC 

Definition at line 4346 of file or.h.

             {
  CRN_NEED_UPTIME = 1<<0,
  CRN_NEED_CAPACITY = 1<<1,
  CRN_NEED_GUARD = 1<<2,
  CRN_ALLOW_INVALID = 1<<3,
  /* XXXX not used, apparently. */
  CRN_WEIGHT_AS_EXIT = 1<<5,
  CRN_NEED_DESC = 1<<6
} router_crn_flags_t;

An enum to describe what format we're generating a routerstatus line in.

Enumerator:
NS_V2 

For use in a v2 opinion.

NS_V3_CONSENSUS 

For use in a consensus networkstatus document (ns flavor)

NS_V3_VOTE 

For use in a vote networkstatus document.

NS_CONTROL_PORT 

For passing to the controlport in response to a GETINFO request.

NS_V3_CONSENSUS_MICRODESC 

For use in a consensus networkstatus document (microdesc flavor)

Definition at line 3978 of file or.h.

Enum used to remember where a signed_descriptor_t is stored and how to manage the memory for signed_descriptor_body.

Enumerator:
SAVED_NOWHERE 

The descriptor isn't stored on disk at all: the copy in memory is canonical; the saved_offset field is meaningless.

SAVED_IN_CACHE 

The descriptor is stored in the cached_routers file: the signed_descriptor_body is meaningless; the signed_descriptor_len and saved_offset are used to index into the mmaped cache file.

SAVED_IN_JOURNAL 

The descriptor is stored in the cached_routers.new file: the signed_descriptor_body and saved_offset fields are both set.

Definition at line 1632 of file or.h.

             {
  SAVED_NOWHERE=0,
  SAVED_IN_CACHE,
  /* FFFF (We could also mmap the file and grow the mmap as needed, or
   * lazy-load the descriptor text by using seek and read.  We don't, for
   * now.)
   */
  SAVED_IN_JOURNAL
} saved_location_t;

An error from options_trial_assign() or options_init_from_string().

Enumerator:
SETOPT_OK 
SETOPT_ERR_MISC 
SETOPT_ERR_PARSE 
SETOPT_ERR_TRANSITION 
SETOPT_ERR_SETTING 

Definition at line 3843 of file or.h.

Allowable types of desc_store_t.

Enumerator:
ROUTER_STORE 
EXTRAINFO_STORE 

Definition at line 2238 of file or.h.

Used to indicate the type of a stream event passed to the controller.

The various types are defined in control-spec.txt

Enumerator:
STREAM_EVENT_SENT_CONNECT 
STREAM_EVENT_SENT_RESOLVE 
STREAM_EVENT_SUCCEEDED 
STREAM_EVENT_FAILED 
STREAM_EVENT_CLOSED 
STREAM_EVENT_NEW 
STREAM_EVENT_NEW_RESOLVE 
STREAM_EVENT_FAILED_RETRIABLE 
STREAM_EVENT_REMAP 

Definition at line 3897 of file or.h.

Location where we found a v2 networkstatus.

Enumerator:
NS_FROM_CACHE 
NS_FROM_DIR_BY_FP 
NS_FROM_DIR_ALL 
NS_GENERATED 

Definition at line 4095 of file or.h.

Possible statuses of a version of Tor, given opinions from the directory servers.

Enumerator:
VS_RECOMMENDED 

This version is listed as recommended.

VS_OLD 

This version is older than any recommended version.

VS_NEW 

This version is newer than any recommended version.

VS_NEW_IN_SERIES 

This version is newer than any recommended version in its series, but later recommended versions exist.

VS_UNRECOMMENDED 

This version is not recommended (general case).

VS_EMPTY 

The version list was empty; no agreed-on versions.

VS_UNKNOWN 

We have no idea.

Definition at line 4101 of file or.h.

Return value for router_add_to_routerlist() and dirserv_add_descriptor()

Enumerator:
ROUTER_ADDED_SUCCESSFULLY 
ROUTER_ADDED_NOTIFY_GENERATOR 
ROUTER_BAD_EI 
ROUTER_WAS_NOT_NEW 
ROUTER_NOT_IN_CONSENSUS 
ROUTER_NOT_IN_CONSENSUS_OR_NETWORKSTATUS 
ROUTER_AUTHDIR_REJECTS 
ROUTER_WAS_NOT_WANTED 

Definition at line 4357 of file or.h.


Function Documentation

Retrieve and bounds-check the cbtinitialtimeout consensus paramter.

Effect: This is the timeout value to use before computing a timeout, in milliseconds.

Definition at line 385 of file circuitbuild.c.

{
  int32_t min = circuit_build_times_min_timeout();
  int32_t param = networkstatus_get_param(NULL, "cbtinitialtimeout",
                                          CBT_DEFAULT_TIMEOUT_INITIAL_VALUE,
                                          CBT_MIN_TIMEOUT_INITIAL_VALUE,
                                          CBT_MAX_TIMEOUT_INITIAL_VALUE);

  if (!(get_options()->LearnCircuitBuildTimeout)) {
    log_debug(LD_BUG,
              "circuit_build_times_initial_timeout() called, "
              "cbtinitialtimeout is %d",
              param);
  }

  if (param < min) {
    log_warn(LD_DIR, "Consensus parameter cbtinitialtimeout is too small, "
             "raising to %d", min);
    param = min;
  }
  return param;
}

Here is the call graph for this function:

Here is the caller graph for this function:

Retrieve and bounds-check the cbtquantile consensus paramter.

Effect: This is the position on the quantile curve to use to set the timeout value. It is a percent (10-99).

Definition at line 271 of file circuitbuild.c.

{
  int32_t num = networkstatus_get_param(NULL, "cbtquantile",
                                        CBT_DEFAULT_QUANTILE_CUTOFF,
                                        CBT_MIN_QUANTILE_CUTOFF,
                                        CBT_MAX_QUANTILE_CUTOFF);

  if (!(get_options()->LearnCircuitBuildTimeout)) {
    log_debug(LD_BUG,
              "circuit_build_times_quantile_cutoff() called, cbtquantile"
              " is %d",
              num);
  }

  return num/100.0;
}

Here is the call graph for this function:

Here is the caller graph for this function:

Convert a edge_connection_t* to an entry_connection_t*; assert if the cast is invalid.

Definition at line 1534 of file or.h.

Here is the caller graph for this function:

static INLINE void or_state_mark_dirty ( or_state_t state,
time_t  when 
) [static]

Change the next_write time of state to when, unless the state is already scheduled to be written to disk earlier than when.

Definition at line 3636 of file or.h.

{
  if (state->next_write > when)
    state->next_write = when;
}

Here is the caller graph for this function:

Convert a connection_t* to an control_connection_t*; assert if the cast is invalid.

Definition at line 1539 of file or.h.

Here is the caller graph for this function:

static INLINE dir_connection_t * TO_DIR_CONN ( connection_t c) [static]

Convert a connection_t* to a dir_connection_t*; assert if the cast is invalid.

Definition at line 1518 of file or.h.

Here is the caller graph for this function:

static INLINE edge_connection_t * TO_EDGE_CONN ( connection_t c) [static]

Convert a connection_t* to an edge_connection_t*; assert if the cast is invalid.

Definition at line 1523 of file or.h.

Here is the caller graph for this function:

Convert a connection_t* to an entry_connection_t*; assert if the cast is invalid.

Definition at line 1529 of file or.h.

Here is the caller graph for this function:

Convert a connection_t* to an listener_connection_t*; assert if the cast is invalid.

Definition at line 1544 of file or.h.

Here is the caller graph for this function:

static INLINE or_circuit_t * TO_OR_CIRCUIT ( circuit_t x) [static]

Convert a circuit_t* to a pointer to the enclosing or_circuit_t.

Assert if the cast is impossible.

Definition at line 2820 of file or.h.

Here is the caller graph for this function:

static INLINE or_connection_t * TO_OR_CONN ( connection_t c) [static]

Convert a connection_t* to an or_connection_t*; assert if the cast is invalid.

Definition at line 1513 of file or.h.

Here is the caller graph for this function:

static INLINE origin_circuit_t * TO_ORIGIN_CIRCUIT ( circuit_t x) [static]

Convert a circuit_t* to a pointer to the enclosing origin_circuit_t.

Assert if the cast is impossible.

Definition at line 2825 of file or.h.

Here is the caller graph for this function: