Tor  0.4.3.0-alpha-dev
Public Types | Data Fields
or_options_t Struct Reference

#include <or_options_st.h>

Public Types

enum  { TPT_DEFAULT, TPT_PF_DIVERT, TPT_IPFW, TPT_TPROXY }
 
enum  { ACCT_MAX, ACCT_SUM, ACCT_IN, ACCT_OUT }
 
enum  { SAFELOG_SCRUB_ALL, SAFELOG_SCRUB_RELAY, SAFELOG_SCRUB_NONE }
 
enum  { FORCE_PASSPHRASE_AUTO =0, FORCE_PASSPHRASE_ON, FORCE_PASSPHRASE_OFF }
 

Data Fields

uint32_t magic_
 
tor_cmdline_mode_t command
 
char * command_arg
 
struct config_line_tLogs
 
int LogTimeGranularity
 
int LogMessageDomains
 
int TruncateLogFile
 
char * SyslogIdentityTag
 
char * AndroidIdentityTag
 
char * DebugLogFile
 
char * DataDirectory_option
 
char * DataDirectory
 
int DataDirectoryGroupReadable
 
char * KeyDirectory_option
 
char * KeyDirectory
 
int KeyDirectoryGroupReadable
 
char * CacheDirectory_option
 
char * CacheDirectory
 
int CacheDirectoryGroupReadable
 
char * Nickname
 
char * Address
 
char * PidFile
 
routerset_t * ExitNodes
 
routerset_t * MiddleNodes
 
routerset_t * EntryNodes
 
int StrictNodes
 
routerset_t * ExcludeNodes
 
routerset_t * ExcludeExitNodes
 
routerset_t * ExcludeExitNodesUnion_
 
int DisableAllSwap
 
struct config_line_tExitPolicy
 
int ExitPolicyRejectPrivate
 
int ExitPolicyRejectLocalInterfaces
 
int ReducedExitPolicy
 
struct config_line_tSocksPolicy
 
struct config_line_tDirPolicy
 
struct config_line_tOutboundBindAddress
 
struct config_line_tOutboundBindAddressOR
 
struct config_line_tOutboundBindAddressExit
 
tor_addr_t OutboundBindAddresses [OUTBOUND_ADDR_MAX][2]
 
struct config_line_tRecommendedVersions
 
struct config_line_tRecommendedClientVersions
 
struct config_line_tRecommendedServerVersions
 
int DirAllowPrivateAddresses
 
int ExtendAllowPrivateAddresses
 
char * User
 
struct config_line_tORPort_lines
 
struct config_line_tExtORPort_lines
 
struct config_line_tSocksPort_lines
 
struct config_line_tTransPort_lines
 
char * TransProxyType
 
enum or_options_t:: { ... }  TransProxyType_parsed
 
struct config_line_tNATDPort_lines
 
struct config_line_tHTTPTunnelPort_lines
 
struct config_line_tControlPort_lines
 
struct config_line_tControlSocket
 
int ControlSocketsGroupWritable
 
int UnixSocksGroupWritable
 
struct config_line_tDirPort_lines
 
struct config_line_tDNSPort_lines
 
uint64_t MaxMemInQueues_raw
 
uint64_t MaxMemInQueues
 
uint64_t MaxMemInQueues_low_threshold
 
int AssumeReachable
 
int AuthoritativeDir
 
int V3AuthoritativeDir
 
int VersioningAuthoritativeDir
 
int BridgeAuthoritativeDir
 
char * BridgeDistribution
 
char * BridgePassword
 
char * BridgePassword_AuthDigest_
 
int UseBridges
 
struct config_line_tBridges
 
struct config_line_tClientTransportPlugin
 
struct config_line_tServerTransportPlugin
 
struct config_line_tServerTransportListenAddr
 
struct config_line_tServerTransportOptions
 
int BridgeRelay
 
int UpdateBridgesFromAuthority
 
int AvoidDiskWrites
 
int ClientOnly
 
int ReducedConnectionPadding
 
int ConnectionPadding
 
int CircuitPadding
 
int ReducedCircuitPadding
 
struct smartlist_tPublishServerDescriptor
 
dirinfo_type_t PublishServerDescriptor_
 
int PublishHidServDescriptors
 
int FetchServerDescriptors
 
int FetchHidServDescriptors
 
int MinUptimeHidServDirectoryV2
 
int FetchUselessDescriptors
 
int AllDirActionsPrivate
 
routerset_t * HSLayer2Nodes
 
routerset_t * HSLayer3Nodes
 
int HiddenServiceSingleHopMode
 
int HiddenServiceNonAnonymousMode
 
int ConnLimit
 
int ConnLimit_
 
int ConnLimit_high_thresh
 
int ConnLimit_low_thresh
 
int RunAsDaemon
 
int FascistFirewall
 
struct smartlist_tFirewallPorts
 
struct config_line_tReachableAddresses
 
struct config_line_tReachableORAddresses
 
struct config_line_tReachableDirAddresses
 
int ConstrainedSockets
 
uint64_t ConstrainedSockSize
 
int RefuseUnknownExits
 
struct smartlist_tLongLivedPorts
 
struct smartlist_tRejectPlaintextPorts
 
struct smartlist_tWarnPlaintextPorts
 
struct smartlist_tTrackHostExits
 
int TrackHostExitsExpire
 
struct config_line_tAddressMap
 
int AutomapHostsOnResolve
 
struct smartlist_tAutomapHostsSuffixes
 
int RendPostPeriod
 
int KeepalivePeriod
 
int SocksTimeout
 
int LearnCircuitBuildTimeout
 
int CircuitBuildTimeout
 
int CircuitsAvailableTimeout
 
int CircuitStreamTimeout
 
int MaxOnionQueueDelay
 
int NewCircuitPeriod
 
int MaxCircuitDirtiness
 
uint64_t BandwidthRate
 
uint64_t BandwidthBurst
 
uint64_t MaxAdvertisedBandwidth
 
uint64_t RelayBandwidthRate
 
uint64_t RelayBandwidthBurst
 
uint64_t PerConnBWRate
 
uint64_t PerConnBWBurst
 
int NumCPUs
 
struct config_line_tRendConfigLines
 
struct config_line_tHidServAuth
 
char * ClientOnionAuthDir
 
char * ContactInfo
 
int HeartbeatPeriod
 
int MainloopStats
 
char * HTTPProxy
 
tor_addr_t HTTPProxyAddr
 
uint16_t HTTPProxyPort
 
char * HTTPProxyAuthenticator
 
char * HTTPSProxy
 
tor_addr_t HTTPSProxyAddr
 
uint16_t HTTPSProxyPort
 
char * HTTPSProxyAuthenticator
 
char * Socks4Proxy
 
tor_addr_t Socks4ProxyAddr
 
uint16_t Socks4ProxyPort
 
char * Socks5Proxy
 
tor_addr_t Socks5ProxyAddr
 
uint16_t Socks5ProxyPort
 
char * Socks5ProxyUsername
 
char * Socks5ProxyPassword
 
struct config_line_tDirAuthorities
 
struct config_line_tFallbackDir
 
int UseDefaultFallbackDirs
 
double DirAuthorityFallbackRate
 
struct config_line_tAlternateDirAuthority
 
struct config_line_tAlternateBridgeAuthority
 
struct config_line_tMyFamily_lines
 
struct config_line_tMyFamily
 
struct config_line_tNodeFamilies
 
struct smartlist_tNodeFamilySets
 
struct config_line_tAuthDirBadExit
 
struct config_line_tAuthDirReject
 
struct config_line_tAuthDirInvalid
 
int AuthDirListBadExits
 
int AuthDirMaxServersPerAddr
 
int AuthDirHasIPv6Connectivity
 
int AuthDirPinKeys
 
uint64_t AuthDirFastGuarantee
 
uint64_t AuthDirGuardBWGuarantee
 
char * AccountingStart
 
uint64_t AccountingMax
 
char * AccountingRule_option
 
enum or_options_t:: { ... }  AccountingRule
 
struct config_line_tHashedControlPassword
 
struct config_line_tHashedControlSessionPassword
 
int CookieAuthentication
 
char * CookieAuthFile
 
char * ExtORPortCookieAuthFile
 
int CookieAuthFileGroupReadable
 
int ExtORPortCookieAuthFileGroupReadable
 
int LeaveStreamsUnattached
 
int DisablePredictedCircuits
 
char * OwningControllerProcess
 
uint64_t OwningControllerFD
 
int ShutdownWaitLength
 
char * SafeLogging
 
enum or_options_t:: { ... }  SafeLogging_
 
int Sandbox
 
int SafeSocks
 
int ProtocolWarnings
 
int TestSocks
 
int TokenBucketRefillInterval
 
int UseEntryGuards_option
 
int UseEntryGuards
 
int NumEntryGuards
 
int UseGuardFraction
 
int NumDirectoryGuards
 
int NumPrimaryGuards
 
int RephistTrackTime
 
int FetchDirInfoEarly
 
int FetchDirInfoExtraEarly
 
int DirCache
 
char * VirtualAddrNetworkIPv4
 
char * VirtualAddrNetworkIPv6
 
int ServerDNSSearchDomains
 
int ServerDNSDetectHijacking
 
int ServerDNSRandomizeCase
 
char * ServerDNSResolvConfFile
 
char * DirPortFrontPage
 
int DisableDebuggerAttachment
 
int ServerDNSAllowBrokenConfig
 
int CountPrivateBandwidth
 
struct smartlist_tServerDNSTestAddresses
 
int EnforceDistinctSubnets
 
int AllowNonRFC953Hostnames
 
int ServerDNSAllowNonRFC953Hostnames
 
int DownloadExtraInfo
 
int DirReqStatistics_option
 
int DirReqStatistics
 
int ExitPortStatistics
 
int ConnDirectionStatistics
 
int CellStatistics
 
int PaddingStatistics
 
int EntryStatistics
 
int HiddenServiceStatistics_option
 
int HiddenServiceStatistics
 
int ExtraInfoStatistics
 
int ClientDNSRejectInternalAddresses
 
int ClientRejectInternalAddresses
 
int ClientUseIPv4
 
int ClientUseIPv6
 
int ClientPreferIPv6ORPort
 
int ClientPreferIPv6DirPort
 
int ClientAutoIPv6ORPort
 
int V3AuthVotingInterval
 
int V3AuthVoteDelay
 
int V3AuthDistDelay
 
int V3AuthNIntervalsValid
 
int V3AuthUseLegacyKey
 
char * V3BandwidthsFile
 
char * GuardfractionFile
 
char * ConsensusParams
 
int MinMeasuredBWsForAuthToIgnoreAdvertised
 
int TestingV3AuthInitialVotingInterval
 
int TestingV3AuthInitialVoteDelay
 
int TestingV3AuthInitialDistDelay
 
int TestingV3AuthVotingStartOffset
 
int TestingAuthDirTimeToLearnReachability
 
int TestingEstimatedDescriptorPropagationTime
 
int TestingServerDownloadInitialDelay
 
int TestingClientDownloadInitialDelay
 
int TestingServerConsensusDownloadInitialDelay
 
int TestingClientConsensusDownloadInitialDelay
 
int ClientBootstrapConsensusAuthorityDownloadInitialDelay
 
int ClientBootstrapConsensusFallbackDownloadInitialDelay
 
int ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay
 
int TestingBridgeDownloadInitialDelay
 
int TestingBridgeBootstrapDownloadInitialDelay
 
int TestingClientMaxIntervalWithoutRequest
 
int TestingDirConnectionMaxStall
 
int ClientBootstrapConsensusMaxInProgressTries
 
int TestingTorNetwork
 
uint64_t TestingMinExitFlagThreshold
 
uint64_t TestingMinFastFlagThreshold
 
routerset_t * TestingDirAuthVoteExit
 
int TestingDirAuthVoteExitIsStrict
 
routerset_t * TestingDirAuthVoteGuard
 
int TestingDirAuthVoteGuardIsStrict
 
routerset_t * TestingDirAuthVoteHSDir
 
int TestingDirAuthVoteHSDirIsStrict
 
int TestingEnableConnBwEvent
 
int TestingEnableCellStatsEvent
 
int BridgeRecordUsageByCountry
 
char * GeoIPFile
 
char * GeoIPv6File
 
int GeoIPExcludeUnknown
 
int ReloadTorrcOnSIGHUP
 
double CircuitPriorityHalflife
 
int UsingTestNetworkDefaults_
 
int UseMicrodescriptors
 
char * ControlPortWriteToFile
 
int ControlPortFileGroupReadable
 
int MaxClientCircuitsPending
 
int OptimisticData
 
int DisableNetwork
 
int IPv6Exit
 
double PathsNeededToBuildCircuits
 
int SSLKeyLifetime
 
int GuardLifetime
 
int ExitRelay
 
int SigningKeyLifetime
 
int TestingLinkCertLifetime
 
int TestingAuthKeyLifetime
 
int TestingSigningKeySlop
 
int TestingLinkKeySlop
 
int TestingAuthKeySlop
 
int OfflineMasterKey
 
enum or_options_t:: { ... }  keygen_force_passphrase
 
int use_keygen_passphrase_fd
 
int keygen_passphrase_fd
 
int change_key_passphrase
 
char * master_key_fname
 
int KeepBindCapabilities
 
uint64_t MaxUnparseableDescSizeToLog
 
int AuthDirSharedRandomness
 
int DisableOOSCheck
 
int ExtendByEd25519ID
 
int AuthDirTestEd25519LinkKeys
 
int IncludeUsed
 
int MaxConsensusAgeForDiffs
 
int NoExec
 
int KISTSchedRunInterval
 
double KISTSockBufSizeFactor
 
struct smartlist_tSchedulers
 
struct smartlist_tSchedulerTypes_
 
struct smartlist_tFilesOpenedByIncludes
 
int DisableSignalHandlers
 
int DoSCircuitCreationEnabled
 
int DoSCircuitCreationMinConnections
 
int DoSCircuitCreationRate
 
int DoSCircuitCreationBurst
 
int DoSCircuitCreationDefenseType
 
int DoSCircuitCreationDefenseTimePeriod
 
int DoSConnectionEnabled
 
int DoSConnectionMaxConcurrentCount
 
int DoSConnectionDefenseType
 
int DoSRefuseSingleHopClientRendezvous
 
int DormantClientTimeout
 
int DormantTimeoutDisabledByIdleStreams
 
int DormantOnFirstStartup
 
int DormantCanceledByStartup
 
struct config_suite_tsubconfigs_
 
port booleans

Derived booleans: For server ports and ControlPort, true iff there is a non-listener port on an AF_INET or AF_INET6 address of the given type configured in one of the _lines options above. For client ports, also true if there is a unix socket configured. If you are checking for client ports, you may want to use: SocksPort_set || TransPort_set || NATDPort_set || DNSPort_set || HTTPTunnelPort_set rather than SocksPort_set.

unsigned int ORPort_set: 1
 
unsigned int SocksPort_set: 1
 
unsigned int TransPort_set: 1
 
unsigned int NATDPort_set: 1
 
unsigned int ControlPort_set: 1
 
unsigned int DirPort_set: 1
 
unsigned int DNSPort_set: 1
 
unsigned int ExtORPort_set: 1
 
unsigned int HTTPTunnelPort_set: 1
 
AuthDir...CC

Lists of country codes to mark as BadExit, or Invalid, or to reject entirely.

struct smartlist_tAuthDirBadExitCCs
 
struct smartlist_tAuthDirInvalidCCs
 
struct smartlist_tAuthDirRejectCCs
 
int PathBiasCircThreshold
 
double PathBiasNoticeRate
 
double PathBiasWarnRate
 
double PathBiasExtremeRate
 
int PathBiasDropGuards
 
int PathBiasScaleThreshold
 
int PathBiasUseThreshold
 
double PathBiasNoticeUseRate
 
double PathBiasExtremeUseRate
 
int PathBiasScaleUseThreshold
 

Detailed Description

Configuration options for a Tor process.

Definition at line 31 of file or_options_st.h.

Member Enumeration Documentation

◆ anonymous enum

anonymous enum

Parsed value of TransProxyType.

Definition at line 137 of file or_options_st.h.

Field Documentation

◆ AccountingMax

uint64_t AccountingMax

How many bytes do we allow per accounting interval before hibernation? 0 for "never hibernate."

Definition at line 485 of file or_options_st.h.

Referenced by accounting_is_enabled(), consider_hibernation(), hibernate_hard_limit_reached(), and hibernate_soft_limit_reached().

◆ AccountingRule_option

char* AccountingRule_option

How do we determine when our AccountingMax has been reached? "max" for when in or out reaches AccountingMax "sum" for when in plus out reaches AccountingMax "in" for when in reaches AccountingMax "out" for when out reaches AccountingMax

Definition at line 493 of file or_options_st.h.

◆ AccountingStart

char* AccountingStart

How long is the accounting interval, and when does it start?

Definition at line 483 of file or_options_st.h.

◆ Address

char* Address

OR only: configured address for this onion router.

Definition at line 66 of file or_options_st.h.

Referenced by launch_dummy_descriptor_download_as_needed(), and resolve_my_address().

◆ AddressMap

struct config_line_t* AddressMap

List of address map directives.

Definition at line 343 of file or_options_st.h.

Referenced by config_register_addressmaps().

◆ AllDirActionsPrivate

int AllDirActionsPrivate

Should every directory action be sent through a Tor circuit?

Definition at line 272 of file or_options_st.h.

◆ AllowNonRFC953Hostnames

int AllowNonRFC953Hostnames

If true, we allow connections to hostnames with weird characters.

Definition at line 607 of file or_options_st.h.

◆ AlternateBridgeAuthority

struct config_line_t* AlternateBridgeAuthority

If set, use these bridge authorities and not the default one.

Definition at line 441 of file or_options_st.h.

Referenced by validate_dir_servers().

◆ AlternateDirAuthority

struct config_line_t* AlternateDirAuthority

If set, use these main (currently v3) directory authorities and not the default ones.

Definition at line 438 of file or_options_st.h.

Referenced by validate_dir_servers().

◆ AndroidIdentityTag

char* AndroidIdentityTag

Identity tag to add for Android logging.

Definition at line 47 of file or_options_st.h.

◆ AssumeReachable

int AssumeReachable

Whether to publish our descriptor regardless.

Definition at line 191 of file or_options_st.h.

Referenced by dirserv_set_router_is_running(), and router_reachability_checks_disabled().

◆ AuthDirBadExit

struct config_line_t* AuthDirBadExit

Address policy for descriptors to mark as bad exits.

Definition at line 450 of file or_options_st.h.

◆ AuthDirFastGuarantee

uint64_t AuthDirFastGuarantee

If non-zero, always vote the Fast flag for any relay advertising this amount of capacity or more.

Definition at line 477 of file or_options_st.h.

◆ AuthDirGuardBWGuarantee

uint64_t AuthDirGuardBWGuarantee

If non-zero, this advertised capacity or more is always sufficient to satisfy the bandwidth requirement for the Guard flag.

Definition at line 481 of file or_options_st.h.

Referenced by dirauth_set_routerstatus_from_routerinfo().

◆ AuthDirHasIPv6Connectivity

int AuthDirHasIPv6Connectivity

Boolean: are we on IPv6?

Definition at line 472 of file or_options_st.h.

Referenced by dirserv_set_router_is_running().

◆ AuthDirInvalid

struct config_line_t* AuthDirInvalid

Address policy for descriptors to never mark as valid.

Definition at line 454 of file or_options_st.h.

◆ AuthDirListBadExits

int AuthDirListBadExits

True iff we should list bad exits, and vote for all other exits as good.

Definition at line 468 of file or_options_st.h.

Referenced by dirserv_generate_networkstatus_vote_obj().

◆ AuthDirMaxServersPerAddr

int AuthDirMaxServersPerAddr

Do not permit more than this number of servers per IP address.

Definition at line 470 of file or_options_st.h.

Referenced by get_possible_sybil_list().

◆ AuthDirPinKeys

int AuthDirPinKeys

Boolean: Do we enforce key-pinning?

Definition at line 473 of file or_options_st.h.

Referenced by dirserv_add_descriptor(), and dirserv_router_get_status().

◆ AuthDirReject

struct config_line_t* AuthDirReject

Address policy for descriptors to reject.

Definition at line 452 of file or_options_st.h.

Referenced by policies_parse_from_options().

◆ AuthDirSharedRandomness

int AuthDirSharedRandomness

Bool (default: 1): Switch for the shared random protocol. Only relevant to a directory authority. If off, the authority won't participate in the protocol. If on (default), a flag is added to the vote indicating participation.

Definition at line 1009 of file or_options_st.h.

Referenced by sr_get_string_for_consensus(), and sr_get_string_for_vote().

◆ AuthDirTestEd25519LinkKeys

int AuthDirTestEd25519LinkKeys

Bool (default: 1): When testing routerinfos as a directory authority, do we enforce Ed25519 identity match?

Definition at line 1021 of file or_options_st.h.

Referenced by dirserv_single_reachability_test().

◆ AuthoritativeDir

int AuthoritativeDir

Boolean: is this an authoritative directory?

Definition at line 192 of file or_options_st.h.

Referenced by authdir_mode(), and options_validate_dirauth_mode().

◆ AutomapHostsOnResolve

int AutomapHostsOnResolve

If true, when we get a resolve request for a hostname ending with one of the suffixes in AutomapHostsSuffixes, map it to a virtual address.

Definition at line 344 of file or_options_st.h.

Referenced by addressmap_clear_invalid_automaps().

◆ AutomapHostsSuffixes

struct smartlist_t* AutomapHostsSuffixes

List of suffixes for AutomapHostsOnResolve. The special value "." means "match everything."

Definition at line 350 of file or_options_st.h.

Referenced by addressmap_address_should_automap(), and addressmap_clear_invalid_automaps().

◆ AvoidDiskWrites

int AvoidDiskWrites

Boolean: should we never cache things to disk? Not used yet.

Definition at line 235 of file or_options_st.h.

◆ BandwidthBurst

uint64_t BandwidthBurst

How much bandwidth, at maximum, are we willing to use in a second?

Definition at line 377 of file or_options_st.h.

Referenced by connection_or_update_token_buckets_helper(), and relay_get_effective_bwburst().

◆ BandwidthRate

uint64_t BandwidthRate

How much bandwidth, on average, are we willing to use in a second?

Definition at line 375 of file or_options_st.h.

Referenced by connection_or_update_token_buckets_helper(), relay_get_effective_bwrate(), router_has_bandwidth_to_be_dirserver(), router_perform_bandwidth_test(), and update_expected_bandwidth().

◆ BridgeAuthoritativeDir

int BridgeAuthoritativeDir

Boolean: is this an authoritative directory that aggregates bridge descriptors?

Definition at line 198 of file or_options_st.h.

Referenced by authdir_mode_bridge(), geoip_note_client_seen(), handle_get_descriptor(), handle_get_networkstatus_bridges(), and write_bridge_ns_callback().

◆ BridgeDistribution

char* BridgeDistribution

If set on a bridge relay, it will include this value on a new "bridge-distribution-request" line in its bridge descriptor.

Definition at line 203 of file or_options_st.h.

◆ BridgePassword

char* BridgePassword

If set on a bridge authority, it will answer requests on its dirport for bridge statuses – but only if the requests use this password.

Definition at line 207 of file or_options_st.h.

◆ BridgePassword_AuthDigest_

char* BridgePassword_AuthDigest_

If BridgePassword is set, this is a SHA256 digest of the basic http authenticator for it. Used so we can do a time-independent comparison.

Definition at line 210 of file or_options_st.h.

Referenced by handle_get_networkstatus_bridges().

◆ BridgeRecordUsageByCountry

int BridgeRecordUsageByCountry

If true, and we have GeoIP data, and we're a bridge, keep a per-country count of how many client addresses have contacted us so that we can help the bridge authority guess which countries have blocked access to us.

Definition at line 836 of file or_options_st.h.

Referenced by should_record_bridge_info().

◆ BridgeRelay

int BridgeRelay

◆ Bridges

struct config_line_t* Bridges

List of bootstrap bridge addresses.

Definition at line 213 of file or_options_st.h.

◆ CacheDirectory

char* CacheDirectory

Where to store cached data, as modified.

Definition at line 62 of file or_options_st.h.

◆ CacheDirectory_option

char* CacheDirectory_option

Where to store cached data, as configured by the user.

Definition at line 60 of file or_options_st.h.

◆ CacheDirectoryGroupReadable

int CacheDirectoryGroupReadable

Boolean: Is the CacheDirectory g+r?

Definition at line 63 of file or_options_st.h.

◆ CellStatistics

int CellStatistics

If true, the user wants us to collect cell statistics.

Definition at line 630 of file or_options_st.h.

◆ CircuitBuildTimeout

int CircuitBuildTimeout

Cull non-open circuits that were born at least this many seconds ago. Used until adaptive algorithm learns a new value.

Definition at line 361 of file or_options_st.h.

◆ CircuitPadding

int CircuitPadding

Boolean: if true, then circuit padding will be negotiated by client and server, subject to consenus limits (default). If 0, it will be fully disabled.

Definition at line 250 of file or_options_st.h.

◆ CircuitPriorityHalflife

double CircuitPriorityHalflife

The main parameter for picking circuits within a connection.

If this value is positive, when picking a cell to relay on a connection, we always relay from the circuit whose weighted cell count is lowest. Cells are weighted exponentially such that if one cell is sent 'CircuitPriorityHalflife' seconds before another, it counts for half as much.

If this value is zero, we're disabling the cell-EWMA algorithm.

If this value is negative, we're using the default approach according to either Tor or a parameter set in the consensus.

Definition at line 864 of file or_options_st.h.

◆ CircuitsAvailableTimeout

int CircuitsAvailableTimeout

Try to have an open circuit for at least this long after last activity

Definition at line 364 of file or_options_st.h.

Referenced by channelpadding_get_circuits_available_timeout().

◆ CircuitStreamTimeout

int CircuitStreamTimeout

If non-zero, detach streams from circuits and try a new circuit if the stream has been waiting for this many seconds. If zero, use our default internal timeout schedule.

Definition at line 366 of file or_options_st.h.

Referenced by compute_retry_timeout().

◆ ClientAutoIPv6ORPort

int ClientAutoIPv6ORPort

If true, prefer an IPv4 or IPv6 OR port at random.

Definition at line 678 of file or_options_st.h.

Referenced by fascist_firewall_prefer_ipv6_orport(), and fascist_firewall_use_ipv6().

◆ ClientBootstrapConsensusAuthorityDownloadInitialDelay

int ClientBootstrapConsensusAuthorityDownloadInitialDelay

Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors.

This schedule is incremented by (potentially concurrent) connection attempts, unlike other schedules, which are incremented by connection failures. Only altered on testing networks.

Definition at line 757 of file or_options_st.h.

◆ ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay

int ClientBootstrapConsensusAuthorityOnlyDownloadInitialDelay

Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients which don't have or won't fetch from a list of fallback directory mirrors.

This schedule is incremented by (potentially concurrent) connection attempts, unlike other schedules, which are incremented by connection failures. Only altered on testing networks.

Definition at line 777 of file or_options_st.h.

◆ ClientBootstrapConsensusFallbackDownloadInitialDelay

int ClientBootstrapConsensusFallbackDownloadInitialDelay

Schedule for when clients should download consensuses from fallback directory mirrors if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors.

This schedule is incremented by (potentially concurrent) connection attempts, unlike other schedules, which are incremented by connection failures. Only altered on testing networks.

Definition at line 767 of file or_options_st.h.

◆ ClientBootstrapConsensusMaxInProgressTries

int ClientBootstrapConsensusMaxInProgressTries

How many simultaneous in-progress connections will we make when trying to fetch a consensus before we wait for one to complete, timeout, or error out? Only altered on testing networks.

Definition at line 799 of file or_options_st.h.

Referenced by update_consensus_networkstatus_downloads().

◆ ClientDNSRejectInternalAddresses

int ClientDNSRejectInternalAddresses

If true, do not believe anybody who tells us that a domain resolves to an internal address, or that an internal address has a PTR mapping. Helps avoid some cross-site attacks.

Definition at line 652 of file or_options_st.h.

◆ ClientOnionAuthDir

char* ClientOnionAuthDir

Directory to keep client onion service authorization secret keys

Definition at line 393 of file or_options_st.h.

Referenced by hs_config_client_authorization().

◆ ClientOnly

int ClientOnly

Boolean: should we never evolve into a server role?

Definition at line 237 of file or_options_st.h.

Referenced by decide_if_publishable_server(), and server_mode().

◆ ClientPreferIPv6DirPort

int ClientPreferIPv6DirPort

If true, prefer an IPv6 directory port over an IPv4 one for direct directory connections. If auto, bridge clients prefer IPv6, and other clients prefer IPv4. Use fascist_firewall_prefer_ipv6_dirport() instead of accessing this value directly.

Definition at line 675 of file or_options_st.h.

Referenced by fascist_firewall_prefer_ipv6_dirport(), and fascist_firewall_use_ipv6().

◆ ClientPreferIPv6ORPort

int ClientPreferIPv6ORPort

If true, prefer an IPv6 OR port over an IPv4 one for entry node connections. If auto, bridge clients prefer IPv6, and other clients prefer IPv4. Use node_ipv6_or_preferred() instead of accessing this value directly.

Definition at line 670 of file or_options_st.h.

Referenced by fascist_firewall_use_ipv6().

◆ ClientRejectInternalAddresses

int ClientRejectInternalAddresses

If true, do not accept any requests to connect to internal addresses over randomly chosen exits.

Definition at line 656 of file or_options_st.h.

◆ ClientTransportPlugin

struct config_line_t* ClientTransportPlugin

List of client transport plugins.

Definition at line 215 of file or_options_st.h.

Referenced by conn_get_proxy_type(), and get_proxy_addrport().

◆ ClientUseIPv4

int ClientUseIPv4

If true, clients may connect over IPv4. If false, they will avoid connecting over IPv4. We enforce this for OR and Dir connections.

Definition at line 660 of file or_options_st.h.

Referenced by fascist_firewall_allows_address(), fascist_firewall_prefer_ipv6_impl(), and fascist_firewall_use_ipv6().

◆ ClientUseIPv6

int ClientUseIPv6

If true, clients may connect over IPv6. If false, they will avoid connecting over IPv4. We enforce this for OR and Dir connections. Use fascist_firewall_use_ipv6() instead of accessing this value directly.

Definition at line 665 of file or_options_st.h.

Referenced by fascist_firewall_use_ipv6().

◆ command

What should the tor process actually do?

Definition at line 35 of file or_options_st.h.

Referenced by options_act(), options_act_dirauth_mtbf(), options_act_reversible(), options_act_server_transport(), options_new(), and tor_cleanup().

◆ command_arg

char* command_arg

Argument for command-line option.

Definition at line 36 of file or_options_st.h.

Referenced by do_dump_config(), and log_cert_expiration().

◆ ConnDirectionStatistics

int ConnDirectionStatistics

If true, the user wants us to collect connection statistics.

Definition at line 627 of file or_options_st.h.

◆ ConnectionPadding

int ConnectionPadding

Autobool: if auto, then connection padding will be negotiated by client and server. If 0, it will be fully disabled. If 1, the client will still pad to the server regardless of server support.

Definition at line 245 of file or_options_st.h.

◆ ConnLimit

int ConnLimit

Demanded minimum number of simultaneous connections.

Definition at line 303 of file or_options_st.h.

◆ ConnLimit_

int ConnLimit_

Maximum allowed number of simultaneous connections.

Definition at line 304 of file or_options_st.h.

◆ ConnLimit_high_thresh

int ConnLimit_high_thresh

start trying to lower socket usage if we have this many.

Definition at line 305 of file or_options_st.h.

◆ ConnLimit_low_thresh

int ConnLimit_low_thresh

try to get down to here after socket exhaustion.

Definition at line 307 of file or_options_st.h.

◆ ConsensusParams

char* ConsensusParams

Authority only: key=value pairs that we add to our networkstatus consensus vote on the 'params' line.

Definition at line 701 of file or_options_st.h.

◆ ConstrainedSockets

int ConstrainedSockets

Shrink xmit and recv socket buffers.

Definition at line 318 of file or_options_st.h.

◆ ConstrainedSockSize

uint64_t ConstrainedSockSize

Size of constrained buffers.

Definition at line 319 of file or_options_st.h.

◆ ContactInfo

char* ContactInfo

Contact info to be published in the directory.

Definition at line 395 of file or_options_st.h.

◆ ControlPort_lines

struct config_line_t* ControlPort_lines

Ports to listen on for control connections.

Definition at line 147 of file or_options_st.h.

◆ ControlPortFileGroupReadable

int ControlPortFileGroupReadable

Should that file be group-readable?

Definition at line 878 of file or_options_st.h.

◆ ControlPortWriteToFile

char* ControlPortWriteToFile

File where we should write the ControlPort.

Definition at line 876 of file or_options_st.h.

Referenced by control_ports_write_to_file(), and tor_cleanup().

◆ ControlSocket

struct config_line_t* ControlSocket

List of Unix Domain Sockets to listen on for control connections.

Definition at line 150 of file or_options_st.h.

Referenced by options_act_reversible().

◆ ControlSocketsGroupWritable

int ControlSocketsGroupWritable

Boolean: Are control sockets g+rw?

Definition at line 152 of file or_options_st.h.

Referenced by options_act_reversible().

◆ CookieAuthentication

int CookieAuthentication

Boolean: do we enable cookie-based auth for the control system?

Definition at line 501 of file or_options_st.h.

◆ CookieAuthFile

char* CookieAuthFile

Filesystem location of a ControlPort authentication cookie.

Definition at line 503 of file or_options_st.h.

Referenced by get_controller_cookie_file_name().

◆ CookieAuthFileGroupReadable

int CookieAuthFileGroupReadable

Boolean: Is the CookieAuthFile g+r?

Definition at line 507 of file or_options_st.h.

◆ CountPrivateBandwidth

int CountPrivateBandwidth

Boolean: if set, then even connections to private addresses will get rate-limited.

Definition at line 601 of file or_options_st.h.

Referenced by connection_is_rate_limited().

◆ DataDirectory

char* DataDirectory

Where to store long-term data, as modified.

Definition at line 52 of file or_options_st.h.

Referenced by validate_data_directories().

◆ DataDirectory_option

char* DataDirectory_option

Where to store long-term data, as configured by the user.

Definition at line 50 of file or_options_st.h.

Referenced by validate_data_directories().

◆ DataDirectoryGroupReadable

int DataDirectoryGroupReadable

Boolean: Is the DataDirectory g+r?

Definition at line 53 of file or_options_st.h.

◆ DebugLogFile

char* DebugLogFile

Where to send verbose log messages.

Definition at line 49 of file or_options_st.h.

◆ DirAllowPrivateAddresses

int DirAllowPrivateAddresses

Whether dirservers allow router descriptors with private IPs.

Definition at line 122 of file or_options_st.h.

◆ DirAuthorities

struct config_line_t* DirAuthorities

List of configuration lines for replacement directory authorities. If you just want to replace one class of authority at a time, use the "Alternate*Authority" options below instead.

Definition at line 425 of file or_options_st.h.

Referenced by validate_dir_servers().

◆ DirAuthorityFallbackRate

double DirAuthorityFallbackRate

Weight to apply to all directory authority rates if considering them along with fallbackdirs

Definition at line 434 of file or_options_st.h.

◆ DirCache

int DirCache

Cache all directory documents and accept requests via tunnelled dir conns from clients. If 1, enabled (default); If 0, disabled. Use dir_server_mode() rather than referencing this option directly. (Except for routermode and relay_config, which do direct checks.)

Definition at line 570 of file or_options_st.h.

Referenced by dir_server_mode(), have_enough_mem_for_dircache(), and options_validate_relay_mode().

◆ DirPolicy

struct config_line_t* DirPolicy

Lists of dir policy components

Definition at line 105 of file or_options_st.h.

Referenced by policies_parse_from_options().

◆ DirPort_lines

struct config_line_t* DirPort_lines

Ports to listen on for directory connections.

Definition at line 155 of file or_options_st.h.

Referenced by options_validate_relay_mode().

◆ DirPortFrontPage

char* DirPortFrontPage

This is a full path to a file with an html disclaimer. This allows a server administrator to show that they're running Tor and anyone visiting their server will know this without any specialized knowledge.

Definition at line 590 of file or_options_st.h.

Referenced by options_act_relay_dir().

◆ DirReqStatistics

int DirReqStatistics

Internal variable to remember whether we're actually acting on DirReqStatistics_option – yes if it's set and we're a server, else no.

Definition at line 621 of file or_options_st.h.

Referenced by geoip_note_client_seen().

◆ DirReqStatistics_option

int DirReqStatistics_option

If true, we're configured to collect statistics on clients requesting network statuses from us as directory.

Definition at line 618 of file or_options_st.h.

◆ DisableAllSwap

int DisableAllSwap

Boolean: Attempt to call mlockall() on our process for all current and future memory.

Definition at line 92 of file or_options_st.h.

◆ DisableDebuggerAttachment

int DisableDebuggerAttachment

Currently Linux only specific attempt to disable ptrace; needs BSD testing.

Definition at line 594 of file or_options_st.h.

Referenced by options_act().

◆ DisableNetwork

int DisableNetwork

If 1, we accept and launch no external network connections, except on control ports.

Definition at line 891 of file or_options_st.h.

Referenced by net_is_completely_disabled(), net_is_disabled(), and should_delay_dir_fetches().

◆ DisableOOSCheck

int DisableOOSCheck

If 1, we skip all OOS checks.

Definition at line 1012 of file or_options_st.h.

◆ DisablePredictedCircuits

int DisablePredictedCircuits

Boolean: does Tor preemptively make circuits in the background (0), or not (1)?

Definition at line 513 of file or_options_st.h.

◆ DisableSignalHandlers

int DisableSignalHandlers

If true, Tor shouldn't install any posix signal handlers, since it is running embedded inside another process.

Definition at line 1056 of file or_options_st.h.

Referenced by handle_signals().

◆ DNSPort_lines

struct config_line_t* DNSPort_lines

Ports to listen on for DNS requests.

Definition at line 157 of file or_options_st.h.

◆ DormantCanceledByStartup

int DormantCanceledByStartup

Boolean: true if Tor should treat every startup event as cancelling a possible previous dormant state.

Definition at line 1104 of file or_options_st.h.

◆ DormantClientTimeout

int DormantClientTimeout

Interval: how long without activity does it take for a client to become dormant?

Definition at line 1090 of file or_options_st.h.

Referenced by check_network_participation_callback().

◆ DormantOnFirstStartup

int DormantOnFirstStartup

Boolean: true if Tor should be dormant the first time it starts with a datadirectory; false otherwise.

Definition at line 1099 of file or_options_st.h.

◆ DormantTimeoutDisabledByIdleStreams

int DormantTimeoutDisabledByIdleStreams

Boolean: true if having an idle stream is sufficient to prevent a client from becoming dormant.

Definition at line 1095 of file or_options_st.h.

Referenced by check_network_participation_callback().

◆ DoSCircuitCreationBurst

int DoSCircuitCreationBurst

Maximum allowed burst of circuits. Reaching that value, the address is detected as malicious and a defense might be used.

Definition at line 1067 of file or_options_st.h.

◆ DoSCircuitCreationDefenseTimePeriod

int DoSCircuitCreationDefenseTimePeriod

For how much time (in seconds) the defense is applicable for a malicious address. A random time delta is added to the defense time of an address which will be between 1 second and half of this value.

Definition at line 1074 of file or_options_st.h.

◆ DoSCircuitCreationDefenseType

int DoSCircuitCreationDefenseType

When an address is marked as malicous, what defense should be used against it. See the dos_cc_defense_type_t enum.

Definition at line 1070 of file or_options_st.h.

◆ DoSCircuitCreationEnabled

int DoSCircuitCreationEnabled

Autobool: Is the circuit creation DoS mitigation subsystem enabled?

Definition at line 1059 of file or_options_st.h.

◆ DoSCircuitCreationMinConnections

int DoSCircuitCreationMinConnections

Minimum concurrent connection needed from one single address before any defense is used.

Definition at line 1062 of file or_options_st.h.

◆ DoSCircuitCreationRate

int DoSCircuitCreationRate

Circuit rate used to refill the token bucket.

Definition at line 1064 of file or_options_st.h.

◆ DoSConnectionDefenseType

int DoSConnectionDefenseType

When an address is reaches the maximum count, what defense should be used against it. See the dos_conn_defense_type_t enum.

Definition at line 1082 of file or_options_st.h.

◆ DoSConnectionEnabled

int DoSConnectionEnabled

Autobool: Is the DoS connection mitigation subsystem enabled?

Definition at line 1077 of file or_options_st.h.

◆ DoSConnectionMaxConcurrentCount

int DoSConnectionMaxConcurrentCount

Maximum concurrent connection allowed per address.

Definition at line 1079 of file or_options_st.h.

◆ DoSRefuseSingleHopClientRendezvous

int DoSRefuseSingleHopClientRendezvous

Autobool: Do we refuse single hop client rendezvous?

Definition at line 1085 of file or_options_st.h.

◆ DownloadExtraInfo

int DownloadExtraInfo

If true, we try to download extra-info documents (and we serve them, if we are a cache). For authorities, this is always true.

Definition at line 614 of file or_options_st.h.

Referenced by directory_info_has_arrived(), should_use_directory_guards(), and update_extrainfo_downloads().

◆ EnforceDistinctSubnets

int EnforceDistinctSubnets

If true, don't allow multiple routers in the same network zone in the same circuit.

Definition at line 605 of file or_options_st.h.

Referenced by nodelist_add_node_and_family(), and nodes_in_same_family().

◆ EntryNodes

routerset_t* EntryNodes

Structure containing nicknames, digests, country codes and IP address patterns of ORs to consider as entry points.

Definition at line 75 of file or_options_st.h.

Referenced by entry_list_is_constrained(), node_passes_guard_filter(), options_need_geoip_info(), and refresh_all_country_info().

◆ EntryStatistics

int EntryStatistics

If true, the user wants us to collect statistics as entry node.

Definition at line 636 of file or_options_st.h.

Referenced by geoip_note_client_seen().

◆ ExcludeExitNodes

routerset_t* ExcludeExitNodes

Structure containing nicknames, digests, country codes and IP address patterns of ORs not to consider as exits.

Definition at line 85 of file or_options_st.h.

Referenced by options_need_geoip_info(), and refresh_all_country_info().

◆ ExcludeExitNodesUnion_

routerset_t* ExcludeExitNodesUnion_

Union of ExcludeNodes and ExcludeExitNodes

Definition at line 90 of file or_options_st.h.

Referenced by addressmap_clear_excluded_trackexithosts(), and refresh_all_country_info().

◆ ExcludeNodes

routerset_t* ExcludeNodes

Structure containing nicknames, digests, country codes and IP address patterns of ORs not to use in circuits. But see StrictNodes above.

Definition at line 81 of file or_options_st.h.

Referenced by bridge_passes_guard_filter(), fetch_bridge_descriptors(), launch_direct_bridge_descriptor_fetch(), node_passes_guard_filter(), options_need_geoip_info(), refresh_all_country_info(), router_should_check_reachability(), and warn_if_last_router_excluded().

◆ ExitNodes

routerset_t* ExitNodes

Structure containing nicknames, digests, country codes and IP address patterns of ORs to consider as exits.

Definition at line 69 of file or_options_st.h.

Referenced by addressmap_clear_excluded_trackexithosts(), options_need_geoip_info(), and refresh_all_country_info().

◆ ExitPolicy

struct config_line_t* ExitPolicy

Lists of exit policy components.

Definition at line 95 of file or_options_st.h.

Referenced by policy_using_default_exit_options().

◆ ExitPolicyRejectLocalInterfaces

int ExitPolicyRejectLocalInterfaces

Should we not exit to local interface addresses? Includes OutboundBindAddresses and configured ports.

Definition at line 99 of file or_options_st.h.

Referenced by ip_address_changed().

◆ ExitPolicyRejectPrivate

int ExitPolicyRejectPrivate

Should we not exit to reserved private addresses, and our own published addresses?

Definition at line 96 of file or_options_st.h.

◆ ExitPortStatistics

int ExitPortStatistics

If true, the user wants us to collect statistics on port usage.

Definition at line 624 of file or_options_st.h.

◆ ExitRelay

int ExitRelay

Is this an exit node? This is a tristate, where "1" means "yes, and use the default exit policy if none is given" and "0" means "no; exit policy is 'reject *'" and "auto" (-1) means "same as 1, but warn the user."

XXXX Eventually, the default will be 0.

Definition at line 967 of file or_options_st.h.

Referenced by ip_address_changed(), policies_parse_exit_policy_from_options(), and policy_using_default_exit_options().

◆ ExtendAllowPrivateAddresses

int ExtendAllowPrivateAddresses

Whether routers accept EXTEND cells to routers with private IPs.

Definition at line 124 of file or_options_st.h.

◆ ExtendByEd25519ID

int ExtendByEd25519ID

Autobool: Should we include Ed25519 identities in extend2 cells? If -1, we should do whatever the consensus parameter says.

Definition at line 1016 of file or_options_st.h.

Referenced by should_include_ed25519_id_extend_cells().

◆ ExtORPort_lines

struct config_line_t* ExtORPort_lines

Ports to listen on for extended OR connections.

Definition at line 129 of file or_options_st.h.

Referenced by options_act_server_transport(), and options_validate_server_transport().

◆ ExtORPortCookieAuthFile

char* ExtORPortCookieAuthFile

Filesystem location of Extended ORPort authentication cookie.

Definition at line 505 of file or_options_st.h.

Referenced by get_ext_or_auth_cookie_file_name().

◆ ExtORPortCookieAuthFileGroupReadable

int ExtORPortCookieAuthFileGroupReadable

Boolean: Is the ExtORPortCookieAuthFile g+r?

Definition at line 508 of file or_options_st.h.

◆ ExtraInfoStatistics

int ExtraInfoStatistics

If true, include statistics file contents in extra-info documents.

Definition at line 647 of file or_options_st.h.

Referenced by extrainfo_dump_to_string_stats_helper().

◆ FallbackDir

struct config_line_t* FallbackDir

List of fallback directory servers

Definition at line 428 of file or_options_st.h.

◆ FascistFirewall

int FascistFirewall

Whether to prefer ORs reachable on open ports.

Definition at line 310 of file or_options_st.h.

◆ FetchDirInfoEarly

int FetchDirInfoEarly

Should we always fetch our dir info on the mirror schedule (which means directly from the authorities) no matter our other config?

Definition at line 565 of file or_options_st.h.

Referenced by directory_fetches_from_authorities(), and should_use_directory_guards().

◆ FetchDirInfoExtraEarly

int FetchDirInfoExtraEarly

Should we fetch our dir info at the start of the consensus period?

Definition at line 568 of file or_options_st.h.

Referenced by should_use_directory_guards(), and update_consensus_networkstatus_fetch_time_impl().

◆ FetchHidServDescriptors

int FetchHidServDescriptors

and hidden service descriptors?

Definition at line 266 of file or_options_st.h.

◆ FetchServerDescriptors

int FetchServerDescriptors

Do we fetch server descriptors as normal?

Definition at line 265 of file or_options_st.h.

◆ FetchUselessDescriptors

int FetchUselessDescriptors

Do we fetch non-running descriptors too?

Definition at line 271 of file or_options_st.h.

Referenced by directory_too_idle_to_fetch_descriptors(), should_use_directory_guards(), we_fetch_microdescriptors(), and we_fetch_router_descriptors().

◆ FilesOpenedByIncludes

struct smartlist_t* FilesOpenedByIncludes

List of files that were opened by include in torrc and torrc-defaults

Definition at line 1051 of file or_options_st.h.

◆ FirewallPorts

struct smartlist_t* FirewallPorts

Which ports our firewall allows (strings).

Definition at line 311 of file or_options_st.h.

◆ GeoIPExcludeUnknown

int GeoIPExcludeUnknown

Autobool: if auto, then any attempt to Exclude{Exit,}Nodes a particular country code will exclude all nodes in ?? and A1. If true, all nodes in ?? and A1 are excluded. Has no effect if we don't know any GeoIP data.

Definition at line 845 of file or_options_st.h.

◆ GeoIPFile

char* GeoIPFile

Optionally, IPv4 and IPv6 GeoIP data.

Definition at line 839 of file or_options_st.h.

Referenced by config_maybe_load_geoip_files_().

◆ GuardfractionFile

char* GuardfractionFile

Location of guardfraction file

Definition at line 697 of file or_options_st.h.

◆ GuardLifetime

int GuardLifetime

How long (seconds) do we keep a guard before picking a new one?

Definition at line 960 of file or_options_st.h.

Referenced by get_guard_confirmed_min_lifetime(), and get_guard_lifetime().

◆ HashedControlPassword

struct config_line_t* HashedControlPassword

Base64-encoded hash of accepted passwords for the control system.

Definition at line 497 of file or_options_st.h.

◆ HashedControlSessionPassword

struct config_line_t* HashedControlSessionPassword

As HashedControlPassword, but not saved.

Definition at line 499 of file or_options_st.h.

◆ HeartbeatPeriod

int HeartbeatPeriod

Log heartbeat messages after this many seconds have passed.

Definition at line 397 of file or_options_st.h.

Referenced by heartbeat_callback().

◆ HiddenServiceSingleHopMode

int HiddenServiceSingleHopMode

Onion Services in HiddenServiceSingleHopMode make one-hop (direct) circuits between the onion service server, and the introduction and rendezvous points. (Onion service descriptors are still posted using 3-hop paths, to avoid onion service directories blocking the service.) This option makes every hidden service instance hosted by this tor instance a Single Onion Service. HiddenServiceSingleHopMode requires HiddenServiceNonAnonymousMode to be set to 1. Use rend_service_allow_non_anonymous_connection() or rend_service_reveal_startup_time() instead of using this option directly.

Definition at line 294 of file or_options_st.h.

◆ HiddenServiceStatistics

int HiddenServiceStatistics

Internal variable to remember whether we're actually acting on HiddenServiceStatistics_option – yes if it's set and we're a server, else no.

Definition at line 644 of file or_options_st.h.

◆ HiddenServiceStatistics_option

int HiddenServiceStatistics_option

If true, the user wants us to collect statistics as hidden service directory, introduction point, or rendezvous point.

Definition at line 640 of file or_options_st.h.

◆ HidServAuth

struct config_line_t* HidServAuth

List of configuration lines for client-side authorizations for hidden services

Definition at line 390 of file or_options_st.h.

Referenced by rend_parse_service_authorization().

◆ HSLayer2Nodes

routerset_t* HSLayer2Nodes

A routerset that should be used when picking middle nodes for HS circuits.

Definition at line 277 of file or_options_st.h.

Referenced by circuit_should_use_vanguards(), middle_node_must_be_vanguard(), options_need_geoip_info(), and pick_vanguard_middle_node().

◆ HSLayer3Nodes

routerset_t* HSLayer3Nodes

A routerset that should be used when picking third-hop nodes for HS circuits.

Definition at line 281 of file or_options_st.h.

Referenced by circuit_should_use_vanguards(), middle_node_must_be_vanguard(), options_need_geoip_info(), and pick_vanguard_middle_node().

◆ HTTPProxy

char* HTTPProxy

hostname[:port] to use as http proxy, if any.

Definition at line 402 of file or_options_st.h.

◆ HTTPProxyAddr

tor_addr_t HTTPProxyAddr

Parsed IPv4 addr for http proxy, if any.

Definition at line 403 of file or_options_st.h.

◆ HTTPProxyAuthenticator

char* HTTPProxyAuthenticator

username:password string, if any.

Definition at line 405 of file or_options_st.h.

◆ HTTPProxyPort

uint16_t HTTPProxyPort

Parsed port for http proxy, if any.

Definition at line 404 of file or_options_st.h.

◆ HTTPSProxy

char* HTTPSProxy

hostname[:port] to use as https proxy, if any.

Definition at line 407 of file or_options_st.h.

Referenced by get_proxy_addrport(), and get_pt_proxy_uri().

◆ HTTPSProxyAddr

tor_addr_t HTTPSProxyAddr

Parsed addr for https proxy, if any.

Definition at line 408 of file or_options_st.h.

Referenced by get_proxy_addrport(), and get_pt_proxy_uri().

◆ HTTPSProxyAuthenticator

char* HTTPSProxyAuthenticator

username:password string, if any.

Definition at line 410 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ HTTPSProxyPort

uint16_t HTTPSProxyPort

Parsed port for https proxy, if any.

Definition at line 409 of file or_options_st.h.

Referenced by get_proxy_addrport(), and get_pt_proxy_uri().

◆ HTTPTunnelPort_lines

struct config_line_t* HTTPTunnelPort_lines

Ports to listen on for HTTP Tunnel connections.

Definition at line 146 of file or_options_st.h.

◆ IncludeUsed

int IncludeUsed

Bool (default: 0): Tells if a include was used on torrc

Definition at line 1024 of file or_options_st.h.

Referenced by handle_control_saveconf().

◆ IPv6Exit

int IPv6Exit

Do we support exiting to IPv6 addresses?

Definition at line 950 of file or_options_st.h.

Referenced by policies_parse_exit_policy_from_options(), policy_using_default_exit_options(), and router_compare_to_my_exit_policy().

◆ KeepalivePeriod

int KeepalivePeriod

How often do we send padding cells to keep connections alive?

Definition at line 353 of file or_options_st.h.

◆ KeepBindCapabilities

int KeepBindCapabilities

Autobool: Do we try to retain capabilities if we can?

Definition at line 998 of file or_options_st.h.

◆ KeyDirectory

char* KeyDirectory

Where to store keys data, as modified.

Definition at line 57 of file or_options_st.h.

◆ KeyDirectory_option

char* KeyDirectory_option

Where to store keys, as configured by the user.

Definition at line 55 of file or_options_st.h.

◆ KeyDirectoryGroupReadable

int KeyDirectoryGroupReadable

Boolean: Is the KeyDirectory g+r?

Definition at line 58 of file or_options_st.h.

◆ KISTSchedRunInterval

int KISTSchedRunInterval

Have the KIST scheduler run every X milliseconds. If less than zero, do not use the KIST scheduler but use the old vanilla scheduler instead. If zero, do what the consensus says and fall back to using KIST as if this is set to "10 msec" if the consensus doesn't say anything.

Definition at line 1039 of file or_options_st.h.

◆ KISTSockBufSizeFactor

double KISTSockBufSizeFactor

A multiplier for the KIST per-socket limit calculation.

Definition at line 1042 of file or_options_st.h.

◆ LearnCircuitBuildTimeout

int LearnCircuitBuildTimeout

If non-zero, we attempt to learn a value for CircuitBuildTimeout based on timeout history. Use circuit_build_times_disabled() rather than checking this value directly.

Definition at line 357 of file or_options_st.h.

◆ LeaveStreamsUnattached

int LeaveStreamsUnattached

Boolean: Does Tor attach new streams to circuits itself (0), or does it expect a controller to cope? (1)

Definition at line 510 of file or_options_st.h.

Referenced by connection_ap_rewrite_and_attach_if_allowed().

◆ LogMessageDomains

int LogMessageDomains

Boolean: Should we log the domain(s) in which each log message occurs?

Definition at line 42 of file or_options_st.h.

◆ Logs

struct config_line_t* Logs

New-style list of configuration lines for logs

Definition at line 38 of file or_options_st.h.

Referenced by options_init_logs().

◆ LogTimeGranularity

int LogTimeGranularity

Log resolution in milliseconds.

Definition at line 40 of file or_options_st.h.

Referenced by options_init_log_granularity().

◆ LongLivedPorts

struct smartlist_t* LongLivedPorts

Application ports that require all nodes in circ to have sufficient uptime.

Definition at line 329 of file or_options_st.h.

Referenced by circuit_all_predicted_ports_handled().

◆ MainloopStats

int MainloopStats

Log main loop statistics as part of the heartbeat messages.

Definition at line 399 of file or_options_st.h.

◆ MaxAdvertisedBandwidth

uint64_t MaxAdvertisedBandwidth

How much bandwidth are we willing to tell other nodes we have?

Definition at line 379 of file or_options_st.h.

Referenced by relay_get_effective_bwrate().

◆ MaxCircuitDirtiness

int MaxCircuitDirtiness

Never use circs that were first used more than this interval ago.

Definition at line 373 of file or_options_st.h.

Referenced by mark_circuit_unusable_for_new_conns().

◆ MaxClientCircuitsPending

int MaxClientCircuitsPending

Maximum number of non-open general-purpose origin circuits to allow at once.

Definition at line 883 of file or_options_st.h.

◆ MaxConsensusAgeForDiffs

int MaxConsensusAgeForDiffs

The seconds after expiration which we as a relay should keep old consensuses around so that we can generate diffs from them. If 0, use the default.

Definition at line 1029 of file or_options_st.h.

Referenced by get_max_age_to_cache().

◆ MaxMemInQueues

uint64_t MaxMemInQueues

If we have more memory than this allocated for queues and buffers, run the OOM handler

Definition at line 162 of file or_options_st.h.

Referenced by have_enough_mem_for_dircache().

◆ MaxMemInQueues_low_threshold

uint64_t MaxMemInQueues_low_threshold

Above this value, consider ourselves low on RAM.

Definition at line 165 of file or_options_st.h.

◆ MaxUnparseableDescSizeToLog

uint64_t MaxUnparseableDescSizeToLog

Maximum total size of unparseable descriptors to log during the lifetime of this Tor process.

Definition at line 1003 of file or_options_st.h.

◆ MiddleNodes

routerset_t* MiddleNodes

Structure containing nicknames, digests, country codes and IP address patterns of ORs to consider as middles.

Definition at line 72 of file or_options_st.h.

Referenced by options_need_geoip_info(), and refresh_all_country_info().

◆ MinMeasuredBWsForAuthToIgnoreAdvertised

int MinMeasuredBWsForAuthToIgnoreAdvertised

Authority only: minimum number of measured bandwidths we must see before we only believe measured bandwidths to assign flags.

Definition at line 705 of file or_options_st.h.

Referenced by dirserv_compute_performance_thresholds(), dirserv_get_credible_bandwidth_kb(), and dirserv_get_flag_thresholds_line().

◆ MinUptimeHidServDirectoryV2

int MinUptimeHidServDirectoryV2

As directory authority, accept hidden service directories after what time?

Definition at line 268 of file or_options_st.h.

◆ MyFamily

struct config_line_t* MyFamily

Declared family for this OR, normalized

Definition at line 444 of file or_options_st.h.

Referenced by get_my_declared_family().

◆ MyFamily_lines

struct config_line_t* MyFamily_lines

Declared family for this OR.

Definition at line 443 of file or_options_st.h.

◆ NATDPort_lines

struct config_line_t* NATDPort_lines

Ports to listen on for transparent natd connections.

Definition at line 144 of file or_options_st.h.

◆ NewCircuitPeriod

int NewCircuitPeriod

How long do we use a circuit before building a new one?

Definition at line 371 of file or_options_st.h.

Referenced by circuit_expire_old_circs_as_needed().

◆ Nickname

char* Nickname

OR only: nickname of this onion router.

Definition at line 65 of file or_options_st.h.

Referenced by get_my_declared_family().

◆ NodeFamilies

struct config_line_t* NodeFamilies

List of config lines for node families

Definition at line 446 of file or_options_st.h.

◆ NodeFamilySets

struct smartlist_t* NodeFamilySets

List of parsed NodeFamilies values.

Definition at line 449 of file or_options_st.h.

Referenced by nodes_in_same_family().

◆ NoExec

int NoExec

Bool (default: 0). Tells Tor to never try to exec another program.

Definition at line 1033 of file or_options_st.h.

Referenced by options_act().

◆ NumCPUs

int NumCPUs

How many CPUs should we try to use?

Definition at line 387 of file or_options_st.h.

Referenced by get_num_cpus().

◆ NumDirectoryGuards

int NumDirectoryGuards

How many dir guards do we try to establish? If 0, use value from NumEntryGuards.

Definition at line 558 of file or_options_st.h.

◆ NumEntryGuards

int NumEntryGuards

How many entry guards do we try to establish?

Definition at line 551 of file or_options_st.h.

◆ NumPrimaryGuards

int NumPrimaryGuards

How many primary guards do we want?

Definition at line 560 of file or_options_st.h.

Referenced by get_n_primary_guards().

◆ OfflineMasterKey

int OfflineMasterKey

Force use of offline master key features: never generate a master ed25519 identity key except from tor –keygen

Definition at line 985 of file or_options_st.h.

◆ OptimisticData

int OptimisticData

If 1, we always send optimistic data when it's supported. If 0, we never use it. If -1, we do what the consensus says.

Definition at line 887 of file or_options_st.h.

Referenced by optimistic_data_enabled().

◆ ORPort_lines

struct config_line_t* ORPort_lines

Ports to listen on for OR connections.

Definition at line 127 of file or_options_st.h.

Referenced by options_act_bridge_stats(), and options_validate_relay_mode().

◆ OutboundBindAddress

struct config_line_t* OutboundBindAddress

Local address to bind outbound sockets

Definition at line 107 of file or_options_st.h.

◆ OutboundBindAddresses

tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2]

Addresses derived from the various OutboundBindAddress lines. [][0] is IPv4, [][1] is IPv6

Definition at line 115 of file or_options_st.h.

Referenced by conn_get_outbound_address(), and parse_outbound_addresses().

◆ OutboundBindAddressExit

struct config_line_t* OutboundBindAddressExit

Local address to bind outbound exit sockets

Definition at line 111 of file or_options_st.h.

◆ OutboundBindAddressOR

struct config_line_t* OutboundBindAddressOR

Local address to bind outbound relay sockets

Definition at line 109 of file or_options_st.h.

◆ OwningControllerFD

uint64_t OwningControllerFD

FD specifier for a controller that owns this Tor instance.

Definition at line 521 of file or_options_st.h.

◆ OwningControllerProcess

char* OwningControllerProcess

Process specifier for a controller that ‘owns’ this Tor instance. Tor will terminate if its owning controller does.

Definition at line 519 of file or_options_st.h.

◆ PaddingStatistics

int PaddingStatistics

If true, the user wants us to collect padding statistics.

Definition at line 633 of file or_options_st.h.

◆ PathBiasCircThreshold

int PathBiasCircThreshold

Parameters for path-bias detection.

These options override the default behavior of Tor's (currently experimental) path bias detection algorithm. To try to find broken or misbehaving guard nodes, Tor looks for nodes where more than a certain fraction of circuits through that guard fail to get built.

The PathBiasCircThreshold option controls how many circuits we need to build through a guard before we make these checks. The PathBiasNoticeRate, PathBiasWarnRate and PathBiasExtremeRate options control what fraction of circuits must succeed through a guard so we won't write log messages. If less than PathBiasExtremeRate circuits succeed and PathBiasDropGuards is set to 1, we disable use of that guard.

When we have seen more than PathBiasScaleThreshold circuits through a guard, we scale our observations by 0.5 (governed by the consensus) so that new observations don't get swamped by old ones.

By default, or if a negative value is provided for one of these options, Tor uses reasonable defaults from the networkstatus consensus document. If no defaults are available there, these options default to 150, .70, .50, .30, 0, and 300 respectively.

Definition at line 918 of file or_options_st.h.

Referenced by pathbias_get_min_circs().

◆ PathBiasUseThreshold

int PathBiasUseThreshold

Parameters for path-bias use detection

Similar to the above options, these options override the default behavior of Tor's (currently experimental) path use bias detection algorithm.

Where as the path bias parameters govern thresholds for successfully building circuits, these four path use bias parameters govern thresholds only for circuit usage. Circuits which receive no stream usage are not counted by this detection algorithm. A used circuit is considered successful if it is capable of carrying streams or otherwise receiving well-formed responses to RELAY cells.

By default, or if a negative value is provided for one of these options, Tor uses reasonable defaults from the networkstatus consensus document. If no defaults are available there, these options default to 20, .80, .60, and 100, respectively.

Definition at line 944 of file or_options_st.h.

Referenced by pathbias_get_min_use().

◆ PathsNeededToBuildCircuits

double PathsNeededToBuildCircuits

Fraction:

Definition at line 953 of file or_options_st.h.

Referenced by get_frac_paths_needed_for_circs().

◆ PerConnBWBurst

uint64_t PerConnBWBurst

Allowed burst on a single TLS conn, if set.

Definition at line 386 of file or_options_st.h.

Referenced by connection_or_update_token_buckets_helper(), and options_act_relay_bandwidth().

◆ PerConnBWRate

uint64_t PerConnBWRate

Long-term bw on a single TLS conn, if set.

Definition at line 385 of file or_options_st.h.

Referenced by connection_or_update_token_buckets_helper(), and options_act_relay_bandwidth().

◆ PidFile

char* PidFile

Where to store PID of Tor process.

Definition at line 67 of file or_options_st.h.

Referenced by tor_cleanup().

◆ ProtocolWarnings

int ProtocolWarnings

Boolean: when other parties screw up the Tor protocol, is it a warn or an info in our logs?

Definition at line 535 of file or_options_st.h.

◆ PublishHidServDescriptors

int PublishHidServDescriptors

Boolean: do we publish hidden service descriptors to the HS auths?

Definition at line 264 of file or_options_st.h.

◆ PublishServerDescriptor

struct smartlist_t* PublishServerDescriptor

To what authority types do we publish our descriptor? Choices are "v1", "v2", "v3", "bridge", or "".

Definition at line 260 of file or_options_st.h.

Referenced by compute_publishserverdescriptor().

◆ PublishServerDescriptor_

dirinfo_type_t PublishServerDescriptor_

A bitfield of authority types, derived from PublishServerDescriptor.

Definition at line 262 of file or_options_st.h.

Referenced by compute_publishserverdescriptor(), decide_if_publishable_server(), and router_upload_dir_desc_to_dirservers().

◆ ReachableAddresses

struct config_line_t* ReachableAddresses

IP:ports our firewall allows.

Definition at line 314 of file or_options_st.h.

Referenced by parse_reachable_addresses().

◆ ReachableDirAddresses

struct config_line_t* ReachableDirAddresses

IP:ports for Dir conns.

Definition at line 316 of file or_options_st.h.

Referenced by parse_reachable_addresses().

◆ ReachableORAddresses

struct config_line_t* ReachableORAddresses

IP:ports for OR conns.

Definition at line 315 of file or_options_st.h.

Referenced by parse_reachable_addresses().

◆ RecommendedVersions

struct config_line_t* RecommendedVersions

Directory server only: which versions of Tor should we tell users to run?

Definition at line 118 of file or_options_st.h.

◆ ReducedCircuitPadding

int ReducedCircuitPadding

Boolean: if true, then this client will only use circuit padding algorithms that are known to use a low amount of overhead. If false, we will use all available circuit padding algorithms.

Definition at line 256 of file or_options_st.h.

◆ ReducedConnectionPadding

int ReducedConnectionPadding

Boolean: Should we try to keep connections open shorter and pad them less against connection-level traffic analysis?

Definition at line 239 of file or_options_st.h.

Referenced by channelpadding_get_circuits_available_timeout().

◆ ReducedExitPolicy

int ReducedExitPolicy

Should we use the Reduced Exit Policy?

Definition at line 103 of file or_options_st.h.

Referenced by policy_using_default_exit_options().

◆ RefuseUnknownExits

int RefuseUnknownExits

Whether we should drop exit streams from Tors that we don't know are relays. One of "0" (never refuse), "1" (always refuse), or "-1" (do what the consensus says, defaulting to 'refuse' if the consensus says nothing).

Definition at line 325 of file or_options_st.h.

Referenced by should_refuse_unknown_exits().

◆ RejectPlaintextPorts

struct smartlist_t* RejectPlaintextPorts

Application ports that are likely to be unencrypted and unauthenticated; we reject requests for them to prevent the user from screwing up and leaking plaintext secrets to an observer somewhere on the Internet.

Definition at line 334 of file or_options_st.h.

Referenced by consider_plaintext_ports().

◆ RelayBandwidthBurst

uint64_t RelayBandwidthBurst

How much bandwidth, at maximum, will we use in a second for all relayed conns?

Definition at line 383 of file or_options_st.h.

Referenced by options_act_relay_bandwidth(), and relay_get_effective_bwburst().

◆ RelayBandwidthRate

uint64_t RelayBandwidthRate

How much bandwidth, on average, are we willing to use for all relayed conns?

Definition at line 381 of file or_options_st.h.

Referenced by options_act_relay_bandwidth(), relay_get_effective_bwrate(), rep_hist_fill_bandwidth_history(), router_has_bandwidth_to_be_dirserver(), and update_expected_bandwidth().

◆ ReloadTorrcOnSIGHUP

int ReloadTorrcOnSIGHUP

If true, SIGHUP should reload the torrc. Sometimes controllers want to make this false.

Definition at line 849 of file or_options_st.h.

◆ RendConfigLines

struct config_line_t* RendConfigLines

List of configuration lines for rendezvous services.

Definition at line 388 of file or_options_st.h.

Referenced by hs_config_service_all().

◆ RendPostPeriod

int RendPostPeriod

How often do we post each rendezvous service descriptor? Remember to publish them independently.

Definition at line 351 of file or_options_st.h.

Referenced by rend_consider_services_upload(), and upload_service_descriptor().

◆ RephistTrackTime

int RephistTrackTime

How many seconds do we keep rephist info?

Definition at line 562 of file or_options_st.h.

Referenced by clean_caches_callback().

◆ RunAsDaemon

int RunAsDaemon

If true, run in the background. (Unix only)

Definition at line 309 of file or_options_st.h.

Referenced by options_act_reversible(), and options_init_logs().

◆ SafeLogging

char* SafeLogging

Contains "relay", "1", "0" (meaning no scrubbing).

Definition at line 525 of file or_options_st.h.

◆ SafeSocks

int SafeSocks

Boolean: should we outright refuse application connections that use socks4 or socks5-with-local-dns?

Definition at line 533 of file or_options_st.h.

◆ Sandbox

int Sandbox

Boolean: should sandboxing be enabled?

Definition at line 532 of file or_options_st.h.

Referenced by options_act().

◆ Schedulers

struct smartlist_t* Schedulers

The list of scheduler type string ordered by priority that is first one has to be tried first. Default: KIST,KISTLite,Vanilla

Definition at line 1046 of file or_options_st.h.

◆ SchedulerTypes_

struct smartlist_t* SchedulerTypes_

An ordered list of scheduler_types mapped from Schedulers.

Definition at line 1048 of file or_options_st.h.

◆ ServerDNSAllowBrokenConfig

int ServerDNSAllowBrokenConfig

Boolean: if set, we start even if our resolv.conf file is missing or broken.

Definition at line 598 of file or_options_st.h.

◆ ServerDNSAllowNonRFC953Hostnames

int ServerDNSAllowNonRFC953Hostnames

If true, we try resolving hostnames with weird characters.

Definition at line 610 of file or_options_st.h.

◆ ServerDNSDetectHijacking

int ServerDNSDetectHijacking

Boolean: If true, check for DNS failure hijacking.

Definition at line 583 of file or_options_st.h.

◆ ServerDNSRandomizeCase

int ServerDNSRandomizeCase

Boolean: Use the 0x20-hack to prevent DNS poisoning attacks.

Definition at line 585 of file or_options_st.h.

◆ ServerDNSResolvConfFile

char* ServerDNSResolvConfFile

If provided, we configure our internal resolver from the file here rather than from /etc/resolv.conf (Unix) or the registry (Windows).

Definition at line 587 of file or_options_st.h.

Referenced by configure_nameservers().

◆ ServerDNSSearchDomains

int ServerDNSSearchDomains

Boolean: If set, we don't force exit addresses to be FQDNs, but rather search for them in the local domains.

Definition at line 580 of file or_options_st.h.

Referenced by launch_one_resolve().

◆ ServerDNSTestAddresses

struct smartlist_t* ServerDNSTestAddresses

A list of addresses that definitely should be resolvable. Used for testing our DNS server.

Definition at line 604 of file or_options_st.h.

Referenced by add_wildcarded_test_address(), and is_test_address().

◆ ServerTransportListenAddr

struct config_line_t* ServerTransportListenAddr

List of TCP/IP addresses that transports should listen at.

Definition at line 222 of file or_options_st.h.

Referenced by options_validate_server_transport(), and pt_get_bindaddr_from_config().

◆ ServerTransportOptions

struct config_line_t* ServerTransportOptions

List of options that must be passed to pluggable transports.

Definition at line 225 of file or_options_st.h.

Referenced by options_validate_server_transport(), and pt_get_options_for_server_transport().

◆ ServerTransportPlugin

struct config_line_t* ServerTransportPlugin

List of client transport plugins.

Definition at line 218 of file or_options_st.h.

Referenced by extrainfo_dump_to_string_stats_helper(), options_act_server_transport(), and options_validate_server_transport().

◆ ShutdownWaitLength

int ShutdownWaitLength

When we get a SIGINT and we're a server, how long do we wait before exiting?

Definition at line 523 of file or_options_st.h.

◆ SigningKeyLifetime

int SigningKeyLifetime

For how long (seconds) do we declare our signing keys to be valid?

Definition at line 970 of file or_options_st.h.

◆ Socks4Proxy

char* Socks4Proxy

hostname:port to use as a SOCKS4 proxy, if any.

Definition at line 412 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks4ProxyAddr

tor_addr_t Socks4ProxyAddr

Derived from Socks4Proxy.

Definition at line 413 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks4ProxyPort

uint16_t Socks4ProxyPort

Derived from Socks4Proxy.

Definition at line 414 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks5Proxy

char* Socks5Proxy

hostname:port to use as a SOCKS5 proxy, if any.

Definition at line 416 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks5ProxyAddr

tor_addr_t Socks5ProxyAddr

Derived from Sock5Proxy.

Definition at line 417 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks5ProxyPassword

char* Socks5ProxyPassword

Password for SOCKS5 authentication, if any

Definition at line 420 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks5ProxyPort

uint16_t Socks5ProxyPort

Derived from Socks5Proxy.

Definition at line 418 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ Socks5ProxyUsername

char* Socks5ProxyUsername

Username for SOCKS5 authentication, if any

Definition at line 419 of file or_options_st.h.

Referenced by get_pt_proxy_uri().

◆ SocksPolicy

struct config_line_t* SocksPolicy

Lists of socks policy components

Definition at line 104 of file or_options_st.h.

Referenced by policies_parse_from_options().

◆ SocksPort_lines

struct config_line_t* SocksPort_lines

Ports to listen on for SOCKS connections.

Definition at line 131 of file or_options_st.h.

◆ SocksTimeout

int SocksTimeout

How long do we let a socks connection wait unattached before we fail it?

Definition at line 355 of file or_options_st.h.

Referenced by connection_ap_handshake_attach_circuit().

◆ SSLKeyLifetime

int SSLKeyLifetime

What expiry time shall we place on our SSL certs? "0" means we should guess a suitable value.

Definition at line 957 of file or_options_st.h.

Referenced by router_initialize_tls_context().

◆ StrictNodes

int StrictNodes

Boolean: When none of our EntryNodes or ExitNodes are up, or we need to access a node in ExcludeNodes, do we just fail instead?

Definition at line 78 of file or_options_st.h.

Referenced by router_should_check_reachability().

◆ subconfigs_

struct config_suite_t* subconfigs_

Configuration objects for individual modules.

Never access this field or its members directly: instead, use the module in question to get its relevant configuration object.

Definition at line 1112 of file or_options_st.h.

◆ SyslogIdentityTag

char* SyslogIdentityTag

Identity tag to add for syslog logging.

Definition at line 46 of file or_options_st.h.

◆ TestingAuthDirTimeToLearnReachability

int TestingAuthDirTimeToLearnReachability

If an authority has been around for less than this amount of time, it does not believe its reachability information is accurate. Only altered on testing networks.

Definition at line 726 of file or_options_st.h.

◆ TestingAuthKeyLifetime

int TestingAuthKeyLifetime

For how long (seconds) do we declare our auth keys to be valid?

Definition at line 974 of file or_options_st.h.

◆ TestingAuthKeySlop

int TestingAuthKeySlop

How long before auth keys expire will we try to make a new one?

Definition at line 981 of file or_options_st.h.

◆ TestingBridgeBootstrapDownloadInitialDelay

int TestingBridgeBootstrapDownloadInitialDelay

Schedule for when clients should download bridge descriptors when they have no running bridges. Only altered on testing networks.

Definition at line 785 of file or_options_st.h.

◆ TestingBridgeDownloadInitialDelay

int TestingBridgeDownloadInitialDelay

Schedule for when clients should download bridge descriptors. Only altered on testing networks.

Definition at line 781 of file or_options_st.h.

◆ TestingClientConsensusDownloadInitialDelay

int TestingClientConsensusDownloadInitialDelay

Schedule for when clients should download consensuses. Only altered on testing networks.

Definition at line 747 of file or_options_st.h.

◆ TestingClientDownloadInitialDelay

int TestingClientDownloadInitialDelay

Schedule for when clients should download things in general. Only altered on testing networks.

Definition at line 739 of file or_options_st.h.

◆ TestingClientMaxIntervalWithoutRequest

int TestingClientMaxIntervalWithoutRequest

When directory clients have only a few descriptors to request, they batch them until they have more, or until this amount of time has passed. Only altered on testing networks.

Definition at line 790 of file or_options_st.h.

◆ TestingDirAuthVoteExit

routerset_t* TestingDirAuthVoteExit

Relays in a testing network which should be voted Exit regardless of exit policy.

Definition at line 814 of file or_options_st.h.

Referenced by dirserv_set_routerstatus_testing().

◆ TestingDirAuthVoteGuard

routerset_t* TestingDirAuthVoteGuard

Relays in a testing network which should be voted Guard regardless of uptime and bandwidth.

Definition at line 819 of file or_options_st.h.

Referenced by dirserv_set_routerstatus_testing().

◆ TestingDirAuthVoteHSDir

routerset_t* TestingDirAuthVoteHSDir

Relays in a testing network which should be voted HSDir regardless of uptime and DirPort.

Definition at line 824 of file or_options_st.h.

Referenced by dirserv_set_routerstatus_testing().

◆ TestingDirConnectionMaxStall

int TestingDirConnectionMaxStall

How long do we let a directory connection stall before expiring it? Only altered on testing networks.

Definition at line 794 of file or_options_st.h.

◆ TestingEnableCellStatsEvent

int TestingEnableCellStatsEvent

Enable CELL_STATS events. Only altered on testing networks.

Definition at line 831 of file or_options_st.h.

◆ TestingEnableConnBwEvent

int TestingEnableConnBwEvent

Enable CONN_BW events. Only altered on testing networks.

Definition at line 828 of file or_options_st.h.

◆ TestingEstimatedDescriptorPropagationTime

int TestingEstimatedDescriptorPropagationTime

Clients don't download any descriptor this recent, since it will probably not have propagated to enough caches. Only altered on testing networks.

Definition at line 731 of file or_options_st.h.

◆ TestingLinkCertLifetime

int TestingLinkCertLifetime

For how long (seconds) do we declare our link keys to be valid?

Definition at line 972 of file or_options_st.h.

◆ TestingLinkKeySlop

int TestingLinkKeySlop

How long before link keys expire will we try to make a new one?

Definition at line 979 of file or_options_st.h.

◆ TestingMinExitFlagThreshold

uint64_t TestingMinExitFlagThreshold

Minimum value for the Exit flag threshold on testing networks.

Definition at line 807 of file or_options_st.h.

Referenced by router_counts_toward_thresholds().

◆ TestingMinFastFlagThreshold

uint64_t TestingMinFastFlagThreshold

Minimum value for the Fast flag threshold on testing networks.

Definition at line 810 of file or_options_st.h.

◆ TestingServerConsensusDownloadInitialDelay

int TestingServerConsensusDownloadInitialDelay

Schedule for when servers should download consensuses. Only altered on testing networks.

Definition at line 743 of file or_options_st.h.

◆ TestingServerDownloadInitialDelay

int TestingServerDownloadInitialDelay

Schedule for when servers should download things in general. Only altered on testing networks.

Definition at line 735 of file or_options_st.h.

◆ TestingSigningKeySlop

int TestingSigningKeySlop

How long before signing keys expire will we try to make a new one?

Definition at line 977 of file or_options_st.h.

◆ TestingTorNetwork

int TestingTorNetwork

If true, we take part in a testing network. Change the defaults of a couple of other configuration options and allow to change the values of certain configuration options.

Definition at line 804 of file or_options_st.h.

Referenced by dirserv_set_routerstatus_testing(), fetch_networkstatus_callback(), hs_hsdir_requery_period(), rend_consider_services_upload(), and router_counts_toward_thresholds().

◆ TestingV3AuthInitialDistDelay

int TestingV3AuthInitialDistDelay

The length of time we think it will take to distribute initial signatures. Only altered on testing networks.

Definition at line 717 of file or_options_st.h.

◆ TestingV3AuthInitialVoteDelay

int TestingV3AuthInitialVoteDelay

The length of time we think it will take to distribute initial votes. Only altered on testing networks.

Definition at line 713 of file or_options_st.h.

◆ TestingV3AuthInitialVotingInterval

int TestingV3AuthInitialVotingInterval

The length of time that we think an initial consensus should be fresh. Only altered on testing networks.

Definition at line 709 of file or_options_st.h.

◆ TestingV3AuthVotingStartOffset

int TestingV3AuthVotingStartOffset

Offset in seconds added to the starting time for consensus voting. Only altered on testing networks.

Definition at line 721 of file or_options_st.h.

◆ TestSocks

int TestSocks

Boolean: when we get a socks connection, do we loudly log whether it was DNS-leaking or not?

Definition at line 537 of file or_options_st.h.

◆ TokenBucketRefillInterval

int TokenBucketRefillInterval

Token Bucket Refill resolution in milliseconds.

Definition at line 540 of file or_options_st.h.

Referenced by init_libevent(), and reenable_blocked_connection_init().

◆ TrackHostExits

struct smartlist_t* TrackHostExits

Should we try to reuse the same exit node for a given host

Definition at line 340 of file or_options_st.h.

Referenced by consider_recording_trackhost(), and hostname_in_track_host_exits().

◆ TrackHostExitsExpire

int TrackHostExitsExpire

Number of seconds until we expire an addressmap

Definition at line 341 of file or_options_st.h.

Referenced by consider_recording_trackhost().

◆ TransPort_lines

struct config_line_t* TransPort_lines

Ports to listen on for transparent pf/netfilter connections.

Definition at line 133 of file or_options_st.h.

◆ TransProxyType

char* TransProxyType

What kind of transparent proxy implementation are we using?

Definition at line 134 of file or_options_st.h.

◆ TransProxyType_parsed

enum { ... } TransProxyType_parsed

Parsed value of TransProxyType.

Referenced by connection_ap_get_original_destination().

◆ TruncateLogFile

int TruncateLogFile

Boolean: Should we truncate the log file before we start writing?

Definition at line 44 of file or_options_st.h.

◆ UnixSocksGroupWritable

int UnixSocksGroupWritable

Boolean: Are SOCKS Unix sockets g+rw?

Definition at line 153 of file or_options_st.h.

Referenced by parse_ports().

◆ UpdateBridgesFromAuthority

int UpdateBridgesFromAuthority

Boolean: if we know the bridge's digest, should we get new descriptors from the bridge authorities or from the bridge itself?

Definition at line 233 of file or_options_st.h.

◆ UseBridges

int UseBridges

Boolean: should we start all circuits with a bridge?

Definition at line 212 of file or_options_st.h.

Referenced by choose_guard_selection(), directory_fetches_dir_info_later(), entry_list_is_constrained(), fascist_firewall_use_ipv6(), and second_elapsed_callback().

◆ UseDefaultFallbackDirs

int UseDefaultFallbackDirs

Whether to use the default hard-coded FallbackDirs

Definition at line 430 of file or_options_st.h.

◆ UseEntryGuards

int UseEntryGuards

Internal variable to remember whether we're actually acting on UseEntryGuards_option – when we're a non-anonymous Single Onion Service, it is always false, otherwise we use the value of UseEntryGuards_option.

Definition at line 549 of file or_options_st.h.

Referenced by should_use_directory_guards().

◆ UseEntryGuards_option

int UseEntryGuards_option

Boolean: Do we try to enter from a smallish number of fixed nodes?

Definition at line 544 of file or_options_st.h.

◆ UseGuardFraction

int UseGuardFraction

If 1, we use any guardfraction information we see in the consensus. If 0, we don't. If -1, let the consensus parameter decide.

Definition at line 556 of file or_options_st.h.

Referenced by should_apply_guardfraction().

◆ UseMicrodescriptors

int UseMicrodescriptors

If 1, we try to use microdescriptors to build circuits. If 0, we don't. If -1, Tor decides.

Definition at line 873 of file or_options_st.h.

Referenced by we_use_microdescriptors_for_circuits().

◆ User

char* User

Name of user to run Tor as.

Definition at line 125 of file or_options_st.h.

Referenced by config_service(), and connection_listener_new_for_port().

◆ UsingTestNetworkDefaults_

int UsingTestNetworkDefaults_

Set to true if the TestingTorNetwork configuration option is set. This is used so that options_validate() has a chance to realize that the defaults have changed.

Definition at line 869 of file or_options_st.h.

◆ V3AuthDistDelay

int V3AuthDistDelay

The length of time we think it will take to distribute signatures.

Definition at line 685 of file or_options_st.h.

Referenced by dirvote_get_preferred_voting_intervals().

◆ V3AuthNIntervalsValid

int V3AuthNIntervalsValid

The number of intervals we think a consensus should be valid.

Definition at line 687 of file or_options_st.h.

Referenced by dirvote_get_preferred_voting_intervals().

◆ V3AuthoritativeDir

int V3AuthoritativeDir

Boolean: is this an authoritative directory for version 3 directories?

Definition at line 193 of file or_options_st.h.

◆ V3AuthUseLegacyKey

int V3AuthUseLegacyKey

Should advertise and sign consensuses with a legacy key, for key migration purposes?

Definition at line 691 of file or_options_st.h.

◆ V3AuthVoteDelay

int V3AuthVoteDelay

The length of time we think it will take to distribute votes.

Definition at line 683 of file or_options_st.h.

Referenced by dirvote_get_preferred_voting_intervals().

◆ V3AuthVotingInterval

int V3AuthVotingInterval

The length of time that we think a consensus should be fresh.

Definition at line 681 of file or_options_st.h.

Referenced by dirvote_get_preferred_voting_intervals(), and get_voting_interval().

◆ V3BandwidthsFile

char* V3BandwidthsFile

Location of bandwidth measurement file

Definition at line 694 of file or_options_st.h.

◆ VersioningAuthoritativeDir

int VersioningAuthoritativeDir

Boolean: is this an authoritative directory that's willing to recommend versions?

Definition at line 195 of file or_options_st.h.

◆ VirtualAddrNetworkIPv4

char* VirtualAddrNetworkIPv4

Address and mask to hand out for virtual MAPADDRESS requests for IPv4 addresses

Definition at line 576 of file or_options_st.h.

◆ VirtualAddrNetworkIPv6

char* VirtualAddrNetworkIPv6

Address and mask to hand out for virtual MAPADDRESS requests for IPv6 addresses

Definition at line 578 of file or_options_st.h.

◆ WarnPlaintextPorts

struct smartlist_t* WarnPlaintextPorts

Related to RejectPlaintextPorts above, except this config option controls whether we warn (in the log and via a controller status event) every time a risky connection is attempted.

Definition at line 338 of file or_options_st.h.

Referenced by consider_plaintext_ports().


The documentation for this struct was generated from the following file: