Data Structures | Macros | Typedefs | Enumerations | Functions
or.h File Reference
#include "orconfig.h"
#include "lib/cc/torint.h"
#include "lib/arch/bytes.h"
#include "lib/cc/compat_compiler.h"
#include "lib/container/map.h"
#include "lib/buf/buffers.h"
#include "lib/container/smartlist.h"
#include "lib/crypt_ops/crypto_cipher.h"
#include "lib/crypt_ops/crypto_rsa.h"
#include "lib/ctime/di_ops.h"
#include "lib/defs/dh_sizes.h"
#include "lib/encoding/binascii.h"
#include "lib/encoding/cstring.h"
#include "lib/encoding/time_fmt.h"
#include "lib/err/torerr.h"
#include "lib/fs/dir.h"
#include "lib/fs/files.h"
#include "lib/fs/mmap.h"
#include "lib/fs/path.h"
#include "lib/fs/userdb.h"
#include "lib/geoip/country.h"
#include "lib/intmath/addsub.h"
#include "lib/intmath/bits.h"
#include "lib/intmath/cmp.h"
#include "lib/intmath/logic.h"
#include "lib/intmath/muldiv.h"
#include "lib/log/escape.h"
#include "lib/log/ratelim.h"
#include "lib/log/util_bug.h"
#include "lib/malloc/malloc.h"
#include "lib/net/address.h"
#include "lib/net/inaddr.h"
#include "lib/net/socket.h"
#include "lib/string/compat_ctype.h"
#include "lib/string/compat_string.h"
#include "lib/string/parse_int.h"
#include "lib/string/printf.h"
#include "lib/string/scanf.h"
#include "lib/string/util_string.h"
#include "lib/testsupport/testsupport.h"
#include "lib/thread/threads.h"
#include "lib/time/compat_time.h"
#include "lib/wallclock/approx_time.h"
#include "lib/wallclock/timeval.h"
#include "ht.h"
#include "core/or/entry_port_cfg_st.h"

Go to the source code of this file.

Data Structures

struct  rend_service_authorization_t
struct  rend_data_t
struct  rend_data_v2_t
struct  relay_header_t
struct  protover_summary_flags_t
struct  testing_cell_stats_entry_t


#define SIGHUP   1
#define SIGINT   2
#define SIGUSR1   10
#define SIGUSR2   12
#define SIGTERM   15
#define SIGNEWNYM   129
#define SIGHEARTBEAT   131
#define SIGACTIVE   132
#define SIGDORMANT   133
#define DOWNCAST(to, ptr)   ((to*)SUBTYPE_P(ptr, to, base_))
#define MAX_NICKNAME_LEN   19
#define MAX_HEADERS_SIZE   50000
#define ROUTER_MAX_AGE   (60*60*48)
#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)
#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)
#define PROXY_NONE   0
#define PROXY_CONNECT   1
#define PROXY_SOCKS4   2
#define PROXY_SOCKS5   3
#define END_OR_CONN_REASON_REFUSED   2 /* connection refused */
#define END_OR_CONN_REASON_CONNRESET   4 /* connection reset by peer */
#define END_OR_CONN_REASON_NO_ROUTE   6 /* no route to host/net */
#define END_OR_CONN_REASON_IO_ERROR   7 /* read/write error */
#define END_OR_CONN_REASON_RESOURCE_LIMIT   8 /* sockets, buffers, etc */
#define END_OR_CONN_REASON_PT_MISSING   9 /* PT failed or not available */
#define RESOLVED_TYPE_IPV4   4
#define RESOLVED_TYPE_IPV6   6
#define END_CIRC_AT_ORIGIN   -1
#define END_CIRC_REASON_MIN_   0
#define END_CIRC_REASON_MAX_   12
#define REND_SERVICE_ADDRESS_LEN   (16+1+5)
#define REND_SERVICE_ID_LEN   10
#define REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)
#define REND_DESC_MAX_SIZE   (20 * 1024)
#define REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"
#define REND_REPLAY_TIME_INTERVAL   (5 * 60)
#define CIRCWINDOW_START   1000
#define CELL_PADDING   0
#define CELL_CREATE   1
#define CELL_CREATED   2
#define CELL_RELAY   3
#define CELL_DESTROY   4
#define CELL_CREATE_FAST   5
#define CELL_VERSIONS   7
#define CELL_NETINFO   8
#define CELL_RELAY_EARLY   9
#define CELL_CREATE2   10
#define CELL_CREATED2   11
#define CELL_VPADDING   128
#define CELL_CERTS   129
#define CELL_AUTHORIZE   132
#define CELL_COMMAND_MAX_   132
#define LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
#define DEFAULT_CLIENT_NICKNAME   "client"
#define SOCKS4_NETWORK_LEN   8
#define CELL_PAYLOAD_SIZE   509
#define RELAY_HEADER_SIZE   (1+2+2+4+2)
#define AUTHTYPE_RSA_SHA256_RFC5705   2
#define AUTHTYPE_ED25519_SHA256_RFC5705   3
#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))
#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)
#define EXT_OR_CONN_ID_LEN   DIGEST_LEN /* 20 */
#define OR_CONN_HIGHWATER   (32*1024)
#define OR_CONN_LOWWATER   (16*1024)
#define TO_CONN(c)   (&(((c)->base_)))
#define saved_location_bitfield_t   ENUM_BF(saved_location_t)
#define download_schedule_bitfield_t   ENUM_BF(download_schedule_t)
#define download_want_authority_bitfield_t   ENUM_BF(download_want_authority_t)
#define download_schedule_increment_bitfield_t   ENUM_BF(download_schedule_increment_t)
#define ALL_DIRINFO   ((dirinfo_type_t)((1<<7)-1))
#define CPATH_KEY_MATERIAL_LEN   (20*2+16*2)
#define path_state_bitfield_t   ENUM_BF(path_state_t)
#define TO_CIRCUIT(x)   (&((x)->base_))
#define CFG_AUTO_PORT   0xc4005e
#define LOG_PROTOCOL_WARN   (get_protocol_warning_severity_level())
#define MAX_SOCKS_ADDR_LEN   256
#define BW_WEIGHT_SCALE   10000
#define addressmap_entry_source_bitfield_t   ENUM_BF(addressmap_entry_source_t)
#define WRITE_STATS_INTERVAL   (24*60*60)
Certificate types for CERTS cells.

These values are defined by the protocol, and affect how an X509 certificate in a CERTS cell is interpreted and used.

#define OR_CERT_TYPE_ID_1024   2
#define OR_CERT_TYPE_AUTH_1024   3
Isolation flags

Ways to isolate client streams

#define ISO_DESTPORT   (1u<<0)
#define ISO_DESTADDR   (1u<<1)
#define ISO_SOCKSAUTH   (1u<<2)
#define ISO_CLIENTPROTO   (1u<<3)
#define ISO_CLIENTADDR   (1u<<4)
#define ISO_SESSIONGRP   (1u<<5)
#define ISO_NYM_EPOCH   (1u<<6)
#define ISO_STREAM   (1u<<7)


typedef enum rend_auth_type_t rend_auth_type_t
typedef struct rend_service_authorization_t rend_service_authorization_t
typedef struct rend_data_t rend_data_t
typedef struct rend_data_v2_t rend_data_v2_t
typedef struct hsdir_index_t hsdir_index_t
typedef uint32_t circid_t
typedef uint16_t streamid_t
typedef struct channel_s channel_t
typedef struct channel_listener_s channel_listener_t
typedef struct channel_tls_s channel_tls_t
typedef struct circuitmux_s circuitmux_t
typedef struct cell_t cell_t
typedef struct var_cell_t var_cell_t
typedef struct packed_cell_t packed_cell_t
typedef struct cell_queue_t cell_queue_t
typedef struct destroy_cell_t destroy_cell_t
typedef struct destroy_cell_queue_t destroy_cell_queue_t
typedef struct ext_or_cmd_t ext_or_cmd_t
typedef struct socks_request_t socks_request_t
typedef struct entry_port_cfg_t entry_port_cfg_t
typedef struct server_port_cfg_t server_port_cfg_t
typedef struct or_handshake_certs_t or_handshake_certs_t
typedef struct or_handshake_state_t or_handshake_state_t
typedef struct connection_t connection_t
typedef struct control_connection_t control_connection_t
typedef struct dir_connection_t dir_connection_t
typedef struct edge_connection_t edge_connection_t
typedef struct entry_connection_t entry_connection_t
typedef struct listener_connection_t listener_connection_t
typedef struct or_connection_t or_connection_t
typedef struct addr_policy_t addr_policy_t
typedef struct cached_dir_t cached_dir_t
typedef struct download_status_t download_status_t
typedef struct signed_descriptor_t signed_descriptor_t
typedef struct protover_summary_flags_t protover_summary_flags_t
typedef struct routerinfo_t routerinfo_t
typedef struct extrainfo_t extrainfo_t
typedef struct routerstatus_t routerstatus_t
typedef struct microdesc_t microdesc_t
typedef struct node_t node_t
typedef struct vote_microdesc_hash_t vote_microdesc_hash_t
typedef struct vote_routerstatus_t vote_routerstatus_t
typedef struct document_signature_t document_signature_t
typedef struct networkstatus_voter_info_t networkstatus_voter_info_t
typedef struct networkstatus_sr_info_t networkstatus_sr_info_t
typedef struct networkstatus_t networkstatus_t
typedef struct ns_detached_signatures_t ns_detached_signatures_t
typedef struct desc_store_t desc_store_t
typedef struct routerlist_t routerlist_t
typedef struct extend_info_t extend_info_t
typedef struct authority_cert_t authority_cert_t
typedef struct onion_handshake_state_t onion_handshake_state_t
typedef struct relay_crypto_t relay_crypto_t
typedef struct crypt_path_t crypt_path_t
typedef struct crypt_path_reference_t crypt_path_reference_t
typedef struct cpath_build_state_t cpath_build_state_t
typedef struct testing_cell_stats_entry_t testing_cell_stats_entry_t
typedef struct circuit_t circuit_t
typedef struct origin_circuit_t origin_circuit_t
typedef struct or_circuit_t or_circuit_t
typedef enum path_state_t path_state_t
typedef struct port_cfg_t port_cfg_t
typedef struct routerset_t routerset_t
typedef struct or_options_t or_options_t
typedef struct or_state_t or_state_t
typedef struct circuit_build_times_s circuit_build_times_t
typedef struct vote_timing_t vote_timing_t
typedef struct microdesc_cache_t microdesc_cache_t
typedef struct rend_authorized_client_t rend_authorized_client_t
typedef struct rend_encoded_v2_service_descriptor_t rend_encoded_v2_service_descriptor_t
typedef struct rend_intro_point_t rend_intro_point_t
typedef struct rend_service_descriptor_t rend_service_descriptor_t
typedef struct dir_server_t dir_server_t
typedef struct tor_version_t tor_version_t


enum  rend_auth_type_t { REND_NO_AUTH = 0, REND_BASIC_AUTH = 1, REND_STEALTH_AUTH = 2 }
enum  cell_direction_t { CELL_DIRECTION_IN =1, CELL_DIRECTION_OUT =2 }
enum  circuit_channel_direction_t { CIRCUIT_N_CHAN = 0, CIRCUIT_P_CHAN = 1 }
enum  saved_location_t { SAVED_NOWHERE =0, SAVED_IN_CACHE, SAVED_IN_JOURNAL }
enum  download_schedule_t { DL_SCHED_GENERIC = 0, DL_SCHED_CONSENSUS = 1, DL_SCHED_BRIDGE = 2 }
enum  download_want_authority_t { DL_WANT_ANY_DIRSERVER = 0, DL_WANT_AUTHORITY = 1 }
enum  download_schedule_increment_t { DL_SCHED_INCREMENT_FAILURE = 0, DL_SCHED_INCREMENT_ATTEMPT = 1 }
enum  consensus_flavor_t { FLAV_NS = 0, FLAV_MICRODESC = 1 }
enum  dirinfo_type_t {
enum  addressmap_entry_source_t {


static rend_data_v2_tTO_REND_DATA_V2 (const rend_data_t *d)
static int get_cell_network_size (int wide_circ_ids)
static int get_var_cell_header_size (int wide_circ_ids)
static int get_circ_id_size (int wide_circ_ids)

Detailed Description

Master header file for Tor-specific functionality.

Definition in file or.h.

Macro Definition Documentation

◆ AUTHTYPE_ED25519_SHA256_RFC5705

#define AUTHTYPE_ED25519_SHA256_RFC5705   3

As AUTHTYPE_RSA_SHA256_RFC5705, but uses an Ed25519 identity key to authenticate.

Definition at line 691 of file or.h.


#define AUTHTYPE_RSA_SHA256_RFC5705   2

As AUTHTYPE_RSA_SHA256_TLSSECRET, but instead of using the negotiated TLS secrets, uses exported keying material from the TLS session as described in RFC 5705.

Not used by today's tors, since everything that supports this also supports ED25519_SHA256_5705, which is better.

Definition at line 688 of file or.h.



The first supported type of AUTHENTICATE cell. It contains a bunch of structures signed with an RSA1024 key. The signed structures include a HMAC using negotiated TLS secrets, and a digest of all cells sent or received before the AUTHENTICATE cell (including the random server-generated AUTH_CHALLENGE cell).

Definition at line 680 of file or.h.


#define BW_WEIGHT_SCALE   10000

Precision multiplier for the Bw weights

Definition at line 1008 of file or.h.



Number of bytes in a cell transmitted over the network, in the longest form

Definition at line 579 of file or.h.


#define CELL_PAYLOAD_SIZE   509

Number of bytes in a cell, minus cell header.

Definition at line 576 of file or.h.


#define CFG_AUTO_PORT   0xc4005e

A magic value for the (Socks|OR|...)Port options below, telling Tor to pick its own port.

Definition at line 990 of file or.h.



Amount to increment a circuit window when we get a circuit SENDME.

Definition at line 505 of file or.h.


#define CIRCWINDOW_START   1000

Initial value for both sides of a circuit transmission window when the circuit is initialized. Measured in cells.

Definition at line 501 of file or.h.


#define DEFAULT_CLIENT_NICKNAME   "client"

Name to use in client TLS certificates if no nickname is given. Once Tor 0.1.2.x is obsolete, we can remove this.

Definition at line 557 of file or.h.



Default grace period for acceptance of an onion key in days.

Definition at line 148 of file or.h.



Default lifetime for an onion key in days.

Definition at line 140 of file or.h.



How many hops does a general-purpose circuit have by default?

Definition at line 1003 of file or.h.


#define DOWNCAST (   to,
)    ((to*)SUBTYPE_P(ptr, to, base_))

Helper macro: Given a pointer to to.base_, of type from*, return &to.

Definition at line 110 of file or.h.


#define END_CIRC_AT_ORIGIN   -1

Catch-all "other" reason for closing origin circuits.

Definition at line 305 of file or.h.



Bitwise-OR this with the argument to circuit_mark_for_close() or control_event_circuit_status() to indicate that the reason was passed through from a destroy or truncate cell.

Definition at line 328 of file or.h.



Our post-timeout circuit time measurement period expired. We must give up now

Definition at line 300 of file or.h.



We couldn't build a path for this circuit.

Definition at line 303 of file or.h.



We were unable to attach the connection to any circuit at all.

Definition at line 250 of file or.h.



This is a transparent proxy connection, but we can't extract the original target address:port.

Definition at line 259 of file or.h.



Bitwise-or this with the argument to control_event_stream_status to indicate that we already sent a CLOSED stream event.

Definition at line 279 of file or.h.



Bitwise-or this with endreason to indicate that we already sent a socks reply, and no further reply needs to be sent from connection_mark_unattached_ap().

Definition at line 283 of file or.h.



Bitwise-or this with the argument to control_event_stream_status to indicate that the reason came from an END cell.

Definition at line 276 of file or.h.



This is an HTTP tunnel connection and the client used or misused HTTP in a way we can't handle.

Definition at line 269 of file or.h.



This is a connection on the NATD port, and the destination IP:Port was either ill-formed or out-of-range.

Definition at line 262 of file or.h.



Bitwise-and this value with endreason to mask out all flags.

Definition at line 272 of file or.h.



We can't connect to any directories at all, so we killed our streams before they can time out.

Definition at line 253 of file or.h.



The target address is in a private network (like or; you don't want to do that over a randomly chosen exit

Definition at line 265 of file or.h.



This is a SOCKS connection, and the client used (or misused) the SOCKS protocol in a way we couldn't handle.

Definition at line 256 of file or.h.


#define ENTRY_TO_CONN (   c)    (TO_CONN(ENTRY_TO_EDGE_CONN(c)))

Cast a entry_connection_t subtype pointer to a connection_t

Definition at line 738 of file or.h.


#define EXT_OR_CONN_ID_LEN   DIGEST_LEN /* 20 */

Length of Extended ORPort connection identifier.

Definition at line 712 of file or.h.



If n_download_failures is this high, the download can never happen.

Definition at line 798 of file or.h.



The maximum number of seconds that an introduction point will last before expiring due to old age.

XXX Should this be configurable?

Definition at line 1082 of file or.h.



The minimum number of seconds that an introduction point will last before expiring due to old age. (If it receives INTRO_POINT_LIFETIME_INTRODUCTIONS INTRODUCE2 cells, it may expire sooner.)

XXX Should this be configurable?

Definition at line 1077 of file or.h.



The minimum and maximum number of distinct INTRODUCE2 cells which a hidden service's introduction point will receive before it begins to expire.

Definition at line 1066 of file or.h.


#define ISO_CLIENTADDR   (1u<<4)

Isolate based on client address

Definition at line 964 of file or.h.


#define ISO_CLIENTPROTO   (1u<<3)

Isolate based on client protocol choice

Definition at line 962 of file or.h.


Default isolation level for ports.

Definition at line 974 of file or.h.


#define ISO_DESTADDR   (1u<<1)

Isolate based on destination address

Definition at line 958 of file or.h.


#define ISO_DESTPORT   (1u<<0)

Isolate based on destination port

Definition at line 956 of file or.h.


#define ISO_NYM_EPOCH   (1u<<6)

Isolate based on newnym epoch (always on).

Definition at line 968 of file or.h.


#define ISO_SESSIONGRP   (1u<<5)

Isolate based on session group (always on).

Definition at line 966 of file or.h.


#define ISO_SOCKSAUTH   (1u<<2)

Isolate based on SOCKS authentication

Definition at line 960 of file or.h.


#define ISO_STREAM   (1u<<7)

Isolate all streams (Internal only).

Definition at line 970 of file or.h.


#define LEGAL_NICKNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"

Legal characters in a nickname.

Definition at line 552 of file or.h.



Maximum size, in bytes, of a single router descriptor uploaded to us as a directory authority. Caches and clients fetch whatever descriptors the authorities tell them to fetch, and don't care about size.

Definition at line 128 of file or.h.



Maximum size of a single extrainfo document, as above.

Definition at line 131 of file or.h.


#define MAX_HEADERS_SIZE   50000

For HTTP parsing: Maximum number of bytes we'll accept in the headers of an HTTP request or response.

Definition at line 123 of file or.h.



Length of a router identity encoded as a hexadecimal digest, plus possible dollar sign.

Definition at line 116 of file or.h.



The maximum number of circuit creation retry we do to an intro point before giving up. We try to reuse intro point that fails during their lifetime so this is a hard limit on the amount of time we do that.

Definition at line 1087 of file or.h.



The maximum number of non-circuit-build-timeout failures a hidden service client will tolerate while trying to build a circuit to an introduction point. See also rend_intro_point_t.unreachable_count.

Definition at line 1061 of file or.h.


#define MAX_NICKNAME_LEN   19

Length of longest allowable configured nickname.

Definition at line 113 of file or.h.



Maximum lifetime for an onion key in days.

Definition at line 137 of file or.h.



Largest number of relay_early cells that we can send on a given circuit.

Definition at line 936 of file or.h.



How often do we rotate TLS contexts?

Definition at line 155 of file or.h.



Maximum length of verbose router identifier: dollar sign, hex ID digest, equal sign or tilde, nickname.

Definition at line 119 of file or.h.



How many circuits do we want simultaneously in-progress to handle a given stream?

Definition at line 180 of file or.h.



Minimum grace period for acceptance of an onion key in days. The maximum value is defined in proposal #274 as being the current network consensus parameter for "onion-key-rotation-days".

Definition at line 145 of file or.h.



Minimum lifetime for an onion key in days.

Definition at line 134 of file or.h.



How many different consensus flavors are there?

Definition at line 869 of file or.h.


#define OLD_ROUTER_DESC_MAX_AGE   (60*60*24*5)

How old do we let a saved descriptor get before force-removing it?

Definition at line 164 of file or.h.



How often we should check the network consensus if it is time to rotate or expire onion keys.

Definition at line 152 of file or.h.



Minimum length of the random part of an AUTH_CHALLENGE cell.

Definition at line 650 of file or.h.


#define OR_CERT_TYPE_AUTH_1024   3

A certificate that authenticates a key used in an AUTHENTICATE cell in the v3 handshake. The subject key must be a 1024-bit RSA key; it must be signed by the identity key

Definition at line 669 of file or.h.


#define OR_CERT_TYPE_ID_1024   2

A self-signed identity certificate. The subject key must be a 1024-bit RSA key.

Definition at line 665 of file or.h.



A certificate that authenticates a TLS link key. The subject key must match the key used in the TLS handshake; it must be signed by the identity key.

Definition at line 662 of file or.h.


#define OR_CONN_HIGHWATER   (32*1024)

When adding cells to an OR connection's outbuf, keep adding until the outbuf is at least this long, or we run out of cells.

Definition at line 720 of file or.h.


#define OR_CONN_LOWWATER   (16*1024)

Add cells to an OR connection's outbuf whenever the outbuf's data length drops below this size.

Definition at line 724 of file or.h.



Maximum number of queued cells on a circuit for which we are the midpoint before we give up and kill it. This must be >= circwindow to avoid killing innocent circuits, and >= circwindow*2 to give leaky-pipe a chance of working someday. The ORCIRC_MAX_MIDDLE_KILL_THRESH ratio controls the margin of error between emitting a warning and killing the circuit.

Definition at line 520 of file or.h.



Ratio of hard (circuit kill) to soft (warning) thresholds for the ORCIRC_MAX_MIDDLE_CELLS tests.

Definition at line 524 of file or.h.


#define RELAY_HEADER_SIZE   (1+2+2+4+2)

Number of bytes in a relay cell's header (not including general cell header).

Definition at line 603 of file or.h.



Largest number of bytes that can fit in a relay cell payload.

Definition at line 605 of file or.h.


Definition: or.h:374
Definition: crypto_cipher.h:22

Length of client entry consisting of client identifier and encrypted session key for hidden service authorization type 'basic'.

Definition at line 383 of file or.h.



Length of client identifier in encrypted introduction points for hidden service authorization type 'basic'.

Definition at line 374 of file or.h.



Multiple of the number of clients to which the real number of clients is padded with fake clients for hidden service authorization type 'basic'.

Definition at line 379 of file or.h.



Maximum length of authorized client names for a hidden service.

Definition at line 395 of file or.h.



Length of the rendezvous cookie that is used to connect circuits at the rendezvous point.

Definition at line 399 of file or.h.



Length of the descriptor cookie that is used for client authorization to hidden services.

Definition at line 366 of file or.h.



Length of the base64-encoded descriptor cookie that is used for exchanging client authorization between hidden service and client.

Definition at line 370 of file or.h.



Length of v2 descriptor ID (32 base32 chars = 160 bits).

Definition at line 354 of file or.h.


#define REND_DESC_MAX_SIZE   (20 * 1024)

Maximum size of v2 hidden service descriptors.

Definition at line 387 of file or.h.



Length of the base32-encoded hash of an introduction point's identity key.

Definition at line 362 of file or.h.


#define REND_LEGAL_CLIENTNAME_CHARACTERS   "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+-_"

Legal characters for use in authorized client names for a hidden service.

Definition at line 391 of file or.h.



Number of consecutive replicas for a descriptor.

Definition at line 351 of file or.h.



Number of non-consecutive replicas (i.e. distributed somewhere in the ring) for a descriptor.

Definition at line 348 of file or.h.


#define REND_REPLAY_TIME_INTERVAL   (5 * 60)

Time interval for tracking replays of DH public keys received in INTRODUCE2 cells. Used only to avoid launching multiple simultaneous attempts to connect to the same rendezvous point.

Definition at line 479 of file or.h.



Length of the base32-encoded secret ID part of versioned hidden service descriptors.

Definition at line 358 of file or.h.


#define REND_SERVICE_ADDRESS_LEN   (16+1+5)

Length of 'y.onion' including '.onion' URL.

Definition at line 334 of file or.h.


#define REND_SERVICE_ID_LEN   10

Length of a binary-encoded rendezvous service ID.

Definition at line 337 of file or.h.



Length of 'y' portion of 'y.onion' URL.

Definition at line 331 of file or.h.



Time period within which two sets of v2 descriptors will be uploaded in parallel.

Definition at line 344 of file or.h.


#define REND_TIME_PERIOD_V2_DESC_VALIDITY   (24*60*60)

Time period for which a v2 descriptor will be valid.

Definition at line 340 of file or.h.



The max size we expect router descriptor annotations we create to be. We'll accept larger ones if we see them on disk, but we won't create any that are larger than this.

Definition at line 803 of file or.h.


#define ROUTER_MAX_AGE   (60*60*48)

How old do we allow a router to get before removing it from the router list? In seconds.

Definition at line 159 of file or.h.


#define ROUTER_MAX_AGE_TO_PUBLISH   (60*60*24)

How old can a router get before we (as a server) will no longer consider it live? In seconds.

Definition at line 162 of file or.h.



Session group reserved for resolve requests launched by a controller

Definition at line 981 of file or.h.



Session group reserved for directory connections

Definition at line 979 of file or.h.



First automatically allocated session group number

Definition at line 983 of file or.h.



Indicates that we haven't yet set a session group on a port_cfg_t.

Definition at line 977 of file or.h.


#define SOCKS4_NETWORK_LEN   8

Number of bytes in a SOCKS4 header.

Definition at line 563 of file or.h.



Amount to increment a stream window when we get a stream SENDME.

Definition at line 511 of file or.h.



Initial value on both sides of a stream transmission window when the stream is initialized. Measured in cells.

Definition at line 508 of file or.h.



How long to test reachability before complaining to the user.

Definition at line 549 of file or.h.


#define TO_CIRCUIT (   x)    (&((x)->base_))

Convert a circuit subtype to a circuit_t.

Definition at line 947 of file or.h.


#define TO_CONN (   c)    (&(((c)->base_)))

Cast a connection_t subtype pointer to a connection_t

Definition at line 735 of file or.h.



Name chosen by routers that don't configure nicknames

Definition at line 560 of file or.h.


#define V3_AUTH_BODY_LEN   (V3_AUTH_FIXED_PART_LEN + 8 + 16)

The length of the part of the AUTHENTICATE cell body that the client signs.

Definition at line 706 of file or.h.


#define V3_AUTH_FIXED_PART_LEN   (8+(32*6))

The length of the part of the AUTHENTICATE cell body that the client and server can generate independently (when using RSA_SHA256_TLSSECRET). It contains everything except the client's timestamp, the client's randomly generated nonce, and the signature.

Definition at line 703 of file or.h.



Maximum length of a header on a variable-length cell.

Definition at line 582 of file or.h.

Typedef Documentation

◆ circid_t

typedef uint32_t circid_t

Identifies a circuit on an or_connection

Definition at line 608 of file or.h.

◆ protover_summary_flags_t

Flags used to summarize the declared protocol versions of a relay, so we don't need to parse them again and again.

◆ rend_auth_type_t

Client authorization type that a hidden service performs.

◆ rend_data_t

typedef struct rend_data_t rend_data_t

Client- and server-side data that is used for hidden service connection establishment. Not all fields contain data depending on where this struct is used.

◆ rend_service_authorization_t

Client-side configuration of authorization for a hidden service.

◆ streamid_t

typedef uint16_t streamid_t

Identifies a stream on a circuit

Definition at line 610 of file or.h.

◆ testing_cell_stats_entry_t

Entry in the cell stats list of a circuit; used only if CELL_STATS events are enabled.

Enumeration Type Documentation

◆ addressmap_entry_source_t

Enumerates possible origins of a client-side address mapping.


We're remapping this address because the controller told us to.


We're remapping this address because of an AutomapHostsOnResolve configuration.


We're remapping this address because our configuration (via torrc, the command line, or a SETCONF command) told us to.


We're remapping this address because we have TrackHostExit configured, and we want to remember to use the same exit next time.


We're remapping this address because we got a DNS resolution from a Tor server that told us what its value was.


No remapping has occurred. This isn't a possible value for an addrmap_entry_t; it's used as a null value when we need to answer "Why did this remapping happen."

Definition at line 1019 of file or.h.

◆ cell_direction_t

Used to indicate which way a cell is going on a circuit.


The cell is moving towards the origin.


The cell is moving away from the origin.

Definition at line 482 of file or.h.

◆ circuit_channel_direction_t

An enum to allow us to specify which channel in a circuit we're interested in.

This is needed because our data structures and other fields for channel delivery are disassociated from the channel.

Definition at line 494 of file or.h.

◆ consensus_flavor_t

Enumerates recognized flavors of a consensus networkstatus document. All flavors of a consensus are generated from the same set of votes, but they present different types information to different versions of Tor.

Definition at line 863 of file or.h.

◆ dirinfo_type_t

Bitfield enum type listing types of information that directory authorities can be authoritative about, and that directory caches may or may not cache.

Note that the granularity here is based on authority granularity and on cache capabilities. Thus, one particular bit may correspond in practice to a few types of directory info, so long as every authority that pronounces officially about one of the types prounounces officially about all of them, and so long as every cache that caches one of them caches all of them.


Serves/signs v3 directory information: votes, consensuses, certs


Serves bridge descriptors.


Serves extrainfo documents.


Serves microdescriptors.

Definition at line 887 of file or.h.

◆ download_schedule_increment_t

Enumeration: do we want to increment the schedule position each time a connection is attempted (these attempts can be concurrent), or do we want to increment the schedule position after a connection fails?

Definition at line 788 of file or.h.

◆ download_schedule_t

Enumeration: what directory object is being downloaded? This determines which schedule is selected to perform the download.

Definition at line 766 of file or.h.

◆ download_want_authority_t

Enumeration: is the download schedule for downloading from an authority, or from any available directory mirror? During bootstrap, "any" means a fallback (or an authority, if there are no fallbacks). When we have a valid consensus, "any" means any directory server.

Definition at line 778 of file or.h.

◆ rend_auth_type_t

Client authorization type that a hidden service performs.

Definition at line 402 of file or.h.

◆ saved_location_t

Enum used to remember where a signed_descriptor_t is stored and how to manage the memory for signed_descriptor_body.


The descriptor isn't stored on disk at all: the copy in memory is canonical; the saved_offset field is meaningless.


The descriptor is stored in the cached_routers file: the signed_descriptor_body is meaningless; the signed_descriptor_len and saved_offset are used to index into the mmaped cache file.


The descriptor is stored in the file: the signed_descriptor_body and saved_offset fields are both set.

Definition at line 746 of file or.h.