or_options_t Struct Reference

If set on a bridge authority, it will answer requests on its dirport for bridge statuses -- but only if the requests use this password. If set on a bridge user, request bridge statuses, and use this password when doing so.

Referenced by directory_handle_command_get().

int or_options_t::UseBridges

Boolean: should we start all circuits with a bridge?

Referenced by circuit_get_open_circ_or_launch(), directory_fetches_dir_info_later(), directory_get_from_dirserver(), entry_guard_set_status(), entry_list_is_constrained(), run_scheduled_events(), and should_delay_dir_fetches().

config_line_t* or_options_t::Bridges

List of bootstrap bridge addresses.

Referenced by options_act().

int or_options_t::BridgeRelay

Boolean: are we acting as a bridge relay? We make this explicit so we can change how we behave in the future.

Referenced by choose_good_entry_server(), compute_publishserverdescriptor(), directory_caches_dir_info(), directory_fetches_from_authorities(), directory_handle_command_get(), directory_permits_begindir_requests(), geoip_note_client_seen(), options_act(), options_need_geoip_info(), router_rebuild_descriptor(), should_record_bridge_info(), and validate_addr_policies().

int or_options_t::UpdateBridgesFromAuthority

Boolean: if we know the bridge's digest, should we get new descriptors from the bridge authorities or from the bridge itself?

Referenced by fetch_bridge_descriptors().

int or_options_t::AvoidDiskWrites

Boolean: should we never cache things to disk? Not used yet.

Referenced by circuit_build_times_add_time(), circuit_build_times_update_state(), entry_guards_changed(), entry_guards_update_state(), init_keys(), and rep_hist_update_state().

int or_options_t::ClientOnly

Boolean: should we never evolve into a server role?

Referenced by decide_if_publishable_server(), options_transition_affects_descriptor(), options_transition_affects_workers(), options_validate(), retry_all_listeners(), and server_mode().

int or_options_t::NoPublish

Boolean: should we never publish a descriptor? Deprecated.

Referenced by options_transition_affects_descriptor(), and options_validate().

smartlist_t* or_options_t::PublishServerDescriptor

To what authority types do we publish our descriptor? Choices are "v1", "v2", "v3", "bridge", or "".

Referenced by compute_publishserverdescriptor(), and options_validate().

authority_type_t or_options_t::_PublishServerDescriptor

An authority type, derived from PublishServerDescriptor.

Referenced by compute_publishserverdescriptor(), decide_if_publishable_server(), directories_have_accepted_server_descriptor(), options_transition_affects_descriptor(), resolve_my_address(), and router_upload_dir_desc_to_dirservers().

int or_options_t::PublishHidServDescriptors

Boolean: do we publish hidden service descriptors to the HS auths?

int or_options_t::FetchServerDescriptors

Do we fetch server descriptors as normal?

Referenced by directory_get_from_dirserver().

int or_options_t::HidServDirectoryV2

and hidden service descriptors? Do we participate in the HS DHT?

Referenced by directory_handle_command_get(), directory_handle_command_post(), and router_dump_router_to_string().

int or_options_t::MinUptimeHidServDirectoryV2

As directory authority, accept hidden service directories after what time?

int or_options_t::FetchUselessDescriptors

Do we fetch non-running descriptors too?

Referenced by client_would_use_router(), and directory_too_idle_to_fetch_descriptors().

int or_options_t::AllDirActionsPrivate

Should every directory action be sent through a Tor circuit?

int or_options_t::ConnLimit

Demanded minimum number of simultaneous connections.

Referenced by options_act_reversible(), and options_validate().

int or_options_t::_ConnLimit

Maximum allowed number of simultaneous connections.

Referenced by options_act_reversible().

int or_options_t::RunAsDaemon

If true, run in the background. (Unix only)

Referenced by options_act(), options_act_reversible(), options_init_logs(), options_transition_allowed(), and options_validate().

int or_options_t::FascistFirewall

Whether to prefer ORs reachable on open ports.

Referenced by options_validate().

smartlist_t* or_options_t::FirewallPorts

Which ports our firewall allows (strings).

Referenced by options_validate().

config_line_t* or_options_t::ReachableAddresses

IP:ports our firewall allows.

Referenced by options_validate(), parse_reachable_addresses(), and validate_addr_policies().

config_line_t* or_options_t::ReachableORAddresses

IP:ports for OR conns.

Referenced by options_validate(), parse_reachable_addresses(), and validate_addr_policies().

config_line_t* or_options_t::ReachableDirAddresses

IP:ports for Dir conns.

Referenced by options_validate(), parse_reachable_addresses(), and validate_addr_policies().

int or_options_t::ConstrainedSockets

Shrink xmit and recv socket buffers.

Referenced by connection_connect(), and connection_handle_listener_read().

uint64_t or_options_t::ConstrainedSockSize

Size of constrained buffers.

Referenced by connection_connect(), and connection_handle_listener_read().

int or_options_t::RefuseUnknownExits

Whether we should drop exit streams from Tors that we don't know are relays. XXX022 In here for 0.2.2.11 as a temporary test before we switch over to putting it in consensusparams. -RD

Referenced by directory_caches_dir_info(), and directory_fetches_from_authorities().

smartlist_t* or_options_t::LongLivedPorts

Application ports that require all nodes in circ to have sufficient uptime.

Referenced by circuit_all_predicted_ports_handled(), circuit_get_open_circ_or_launch(), and options_validate().

smartlist_t* or_options_t::RejectPlaintextPorts

Application ports that are likely to be unencrypted and unauthenticated; we reject requests for them to prevent the user from screwing up and leaking plaintext secrets to an observer somewhere on the Internet.

Referenced by consider_plaintext_ports(), and options_validate().

smartlist_t* or_options_t::WarnPlaintextPorts

Related to RejectPlaintextPorts above, except this config option controls whether we warn (in the log and via a controller status event) every time a risky connection is attempted.

Referenced by consider_plaintext_ports(), and options_validate().

smartlist_t* or_options_t::TrackHostExits

Should we try to reuse the same exit node for a given host

Referenced by consider_recording_trackhost().

int or_options_t::TrackHostExitsExpire

Number of seconds until we expire an addressmap

Referenced by consider_recording_trackhost().

config_line_t* or_options_t::AddressMap

List of address map directives.

Referenced by config_register_addressmaps().

int or_options_t::AutomapHostsOnResolve

If true, when we get a resolve request for a hostname ending with one of the suffixes in AutomapHostsSuffixes, map it to a virtual address.

Referenced by connection_ap_handshake_rewrite_and_attach().

smartlist_t* or_options_t::AutomapHostsSuffixes

List of suffixes for AutomapHostsOnResolve.

Referenced by connection_ap_handshake_rewrite_and_attach().

int or_options_t::RendPostPeriod

How often do we post each rendezvous service descriptor? Remember to publish them independently.

Referenced by rend_consider_services_upload(), and upload_service_descriptor().

int or_options_t::KeepalivePeriod

How often do we send padding cells to keep connections alive?

Referenced by run_connection_housekeeping().

int or_options_t::SocksTimeout

How long do we let a socks connection wait unattached before we fail it?

Referenced by connection_ap_expire_beginning(), and connection_ap_handshake_attach_circuit().

int or_options_t::CircuitBuildTimeout

If non-zero, cull non-open circuits that were born at least this many seconds ago. If zero, use the internal adaptive algorithm.

Referenced by circuit_build_times_get_initial_timeout().

int or_options_t::CircuitIdleTimeout

Cull open clean circuits that were born at least this many seconds ago.

Referenced by circuit_expire_old_circuits_clientside().

int or_options_t::CircuitStreamTimeout

If non-zero, detach streams from circuits and try a new circuit if the stream has been waiting for this many seconds. If zero, use our default internal timeout schedule.

Referenced by compute_retry_timeout().

int or_options_t::MaxOnionsPending

How many circuit CREATE requests do we allow to wait simultaneously before we start dropping them?

int or_options_t::NewCircuitPeriod

How long do we use a circuit before building a new one?

Referenced by circuit_build_needed_circs().

int or_options_t::MaxCircuitDirtiness

Never use circs that were first used more than this interval ago.

Referenced by circuit_expire_all_dirty_circs(), connection_ap_expire_beginning(), and connection_ap_process_end_not_open().

uint64_t or_options_t::BandwidthRate

How much bandwidth, on average, are we willing to use in a second?

Referenced by connection_bucket_refill(), connection_or_init_conn_from_address(), decide_to_advertise_dirport(), get_effective_bwrate(), global_write_bucket_low(), router_perform_bandwidth_test(), and update_expected_bandwidth().

uint64_t or_options_t::BandwidthBurst

How much bandwidth, at maximum, are we willing to use in a second?

Referenced by connection_bucket_init(), connection_bucket_refill(), connection_or_init_conn_from_address(), and get_effective_bwburst().

uint64_t or_options_t::MaxAdvertisedBandwidth

How much bandwidth are we willing to tell people we have?

Referenced by get_effective_bwrate().

uint64_t or_options_t::RelayBandwidthRate

How much bandwidth, on average, are we willing to use for all relayed conns?

Referenced by connection_bucket_init(), connection_bucket_refill(), decide_to_advertise_dirport(), get_effective_bwrate(), global_write_bucket_low(), and rep_hist_fill_bandwidth_history().

uint64_t or_options_t::RelayBandwidthBurst

How much bandwidth, at maximum, will we use in a second for all relayed conns?

Referenced by connection_bucket_init(), connection_bucket_refill(), and get_effective_bwburst().

uint64_t or_options_t::PerConnBWRate

Long-term bw on a single TLS conn, if set.

Referenced by connection_or_init_conn_from_address().

uint64_t or_options_t::PerConnBWBurst

Allowed burst on a single TLS conn, if set.

Referenced by connection_or_init_conn_from_address().

int or_options_t::NumCpus

How many CPUs should we try to use?

Referenced by options_transition_affects_workers(), and spawn_enough_cpuworkers().

int or_options_t::RunTesting

If true, create testing circuits to measure how well the other ORs are running.

config_line_t* or_options_t::RendConfigLines

List of configuration lines for rendezvous services.

Referenced by options_validate(), and rend_config_services().

config_line_t* or_options_t::HidServAuth

List of configuration lines for client-side authorizations for hidden services

Referenced by rend_parse_service_authorization().

char* or_options_t::ContactInfo

Contact info to be published in the directory.

Referenced by dirserv_generate_networkstatus_vote_obj(), generate_v2_networkstatus_opinion(), options_transition_affects_descriptor(), options_validate(), and router_dump_router_to_string().

char* or_options_t::HttpProxy

hostname[:port] to use as http proxy, if any.

Referenced by directory_initiate_command_rend().

tor_addr_t or_options_t::HttpProxyAddr

Parsed IPv4 addr for http proxy, if any.

Referenced by directory_initiate_command_rend().

uint16_t or_options_t::HttpProxyPort

Parsed port for http proxy, if any.

Referenced by directory_initiate_command_rend().

char* or_options_t::HttpProxyAuthenticator

username:password string, if any.

Referenced by directory_send_command().

char* or_options_t::HttpsProxy

hostname[:port] to use as https proxy, if any.

Referenced by connection_about_to_close_connection(), and connection_or_connect().

tor_addr_t or_options_t::HttpsProxyAddr

Parsed addr for https proxy, if any.

Referenced by connection_or_connect().

uint16_t or_options_t::HttpsProxyPort

Parsed port for https proxy, if any.

Referenced by connection_or_connect().

char* or_options_t::HttpsProxyAuthenticator

username:password string, if any.

Referenced by connection_proxy_connect().

char* or_options_t::Socks4Proxy

hostname:port to use as a SOCKS4 proxy, if any.

Referenced by connection_or_connect(), and directory_initiate_command_rend().

tor_addr_t or_options_t::Socks4ProxyAddr

Derived from Socks4Proxy.

Referenced by connection_or_connect().

uint16_t or_options_t::Socks4ProxyPort

Derived from Socks4Proxy.

Referenced by connection_or_connect().

char* or_options_t::Socks5Proxy

hostname:port to use as a SOCKS5 proxy, if any.

Referenced by connection_or_connect(), and directory_initiate_command_rend().

tor_addr_t or_options_t::Socks5ProxyAddr

Derived from Sock5Proxy.

Referenced by connection_or_connect().

uint16_t or_options_t::Socks5ProxyPort

Derived from Socks5Proxy.

Referenced by connection_or_connect().

char* or_options_t::Socks5ProxyUsername

Username for SOCKS5 authentication, if any

Referenced by connection_proxy_connect(), and connection_read_proxy_handshake().

char* or_options_t::Socks5ProxyPassword

Password for SOCKS5 authentication, if any

Referenced by connection_read_proxy_handshake().

config_line_t* or_options_t::DirServers

List of configuration lines for replacement directory authorities. If you just want to replace one class of authority at a time, use the "Alternate*Authority" options below instead.

Referenced by consider_adding_dir_authorities(), resolve_my_address(), and validate_dir_authorities().

config_line_t* or_options_t::AlternateDirAuthority

If set, use these main (currently v3) directory authorities and not the default ones.

Referenced by consider_adding_dir_authorities(), resolve_my_address(), and validate_dir_authorities().

config_line_t* or_options_t::AlternateBridgeAuthority

If set, use these bridge authorities and not the default one.

Referenced by consider_adding_dir_authorities(), and validate_dir_authorities().

config_line_t* or_options_t::AlternateHSAuthority

If set, use these HS authorities and not the default ones.

Referenced by consider_adding_dir_authorities(), and validate_dir_authorities().

char* or_options_t::MyFamily

Declared family for this OR.

Referenced by options_transition_affects_descriptor(), and router_rebuild_descriptor().

config_line_t* or_options_t::NodeFamilies

List of config lines for node families

Referenced by routers_in_same_family().

config_line_t* or_options_t::AuthDirBadDir

Address policy for descriptors to mark as bad dir mirrors.

Referenced by policies_parse_from_options(), and validate_addr_policies().

config_line_t* or_options_t::AuthDirBadExit

Address policy for descriptors to mark as bad exits.

Referenced by policies_parse_from_options(), and validate_addr_policies().

config_line_t* or_options_t::AuthDirReject

Address policy for descriptors to reject.

Referenced by policies_parse_from_options(), and validate_addr_policies().

config_line_t* or_options_t::AuthDirInvalid

Address policy for descriptors to never mark as valid.

Referenced by policies_parse_from_options(), and validate_addr_policies().

int or_options_t::AuthDirListBadDirs

True iff we should list bad dirs, and vote for all other dir mirrors as good.

Referenced by dirserv_generate_networkstatus_vote_obj(), and generate_v2_networkstatus_opinion().

int or_options_t::AuthDirListBadExits

True iff we should list bad exits, and vote for all other exits as good.

Referenced by dirserv_generate_networkstatus_vote_obj(), and generate_v2_networkstatus_opinion().

int or_options_t::AuthDirRejectUnlisted

Boolean: do we reject all routers that aren't named in our fingerprint file?

Referenced by dirserv_get_status_impl().

int or_options_t::AuthDirMaxServersPerAddr

Do not permit more than this number of servers per IP address.

Referenced by get_possible_sybil_list().

int or_options_t::AuthDirMaxServersPerAuthAddr

Do not permit more than this number of servers per IP address shared with an authority.

Referenced by get_possible_sybil_list().

char* or_options_t::AccountingStart

How long is the accounting interval, and when does it start?

Referenced by accounting_parse_options(), and options_transition_affects_descriptor().

uint64_t or_options_t::AccountingMax

How many bytes do we allow per accounting interval before hibernation? 0 for "never hibernate."

Referenced by accounting_is_enabled(), accounting_set_wakeup_time(), consider_hibernation(), getinfo_helper_accounting(), hibernate_hard_limit_reached(), options_transition_affects_descriptor(), and options_validate().

config_line_t* or_options_t::HashedControlPassword

Base64-encoded hash of accepted passwords for the control system.

Referenced by handle_control_authenticate(), and handle_control_protocolinfo().

config_line_t* or_options_t::HashedControlSessionPassword

As HashedControlPassword, but not saved.

Referenced by handle_control_authenticate(), and handle_control_protocolinfo().

int or_options_t::CookieAuthentication

Boolean: do we enable cookie-based auth for the control system?

Referenced by handle_control_authenticate(), handle_control_protocolinfo(), and options_act().

char* or_options_t::CookieAuthFile

Location of a cookie authentication file.

Referenced by get_cookie_file().

int or_options_t::CookieAuthFileGroupReadable

Boolean: Is the CookieAuthFile g+r?

int or_options_t::LeaveStreamsUnattached

Boolean: Does Tor attach new streams to circuits itself (0), or does it expect a controller to cope? (1)

Referenced by connection_ap_handshake_process_socks(), connection_ap_process_natd(), and connection_ap_process_transparent().

int or_options_t::DisablePredictedCircuits

Boolean: does Tor preemptively make circuits in the background (0), or not (1)?

Referenced by circuit_build_needed_circs().

int or_options_t::ShutdownWaitLength

When we get a SIGINT and we're a server, how long do we wait before exiting?

Referenced by hibernate_begin().

char* or_options_t::SafeLogging

Contains "relay", "1", "0" (meaning no scrubbing).

Referenced by options_transition_affects_workers().

int or_options_t::SafeSocks

Boolean: should we outright refuse application connections that use socks4 or socks5-with-local-dns?

Referenced by connection_ap_handshake_process_socks().

int or_options_t::ProtocolWarnings

Boolean: when other parties screw up the Tor protocol, is it a warn or an info in our logs?

int or_options_t::TestSocks

Boolean: when we get a socks connection, do we loudly log whether it was DNS-leaking or not?

Referenced by connection_ap_handshake_process_socks().

int or_options_t::HardwareAccel

Boolean: Should we enable OpenSSL hardware acceleration where available?

Referenced by options_transition_allowed().

char* or_options_t::AccelName

Optional hardware acceleration engine name.

Referenced by options_transition_allowed().

char* or_options_t::AccelDir

Optional hardware acceleration engine search dir.

Referenced by options_transition_allowed().

int or_options_t::UseEntryGuards

Boolean: Do we try to enter from a smallish number of fixed nodes?

Referenced by choose_good_entry_server(), options_act(), and options_validate().

int or_options_t::NumEntryGuards

How many entry guards do we try to establish?

Referenced by choose_random_entry(), control_event_guard_deferred(), and pick_entry_guards().

int or_options_t::RephistTrackTime

How many seconds do we keep rephist info?

Referenced by run_scheduled_events().

int or_options_t::FastFirstHopPK

If Tor believes it is safe, should we save a third of our PK time by sending CREATE_FAST cells?

Referenced by should_use_create_fast_for_circuit().

int or_options_t::FetchDirInfoEarly

Should we always fetch our dir info on the mirror schedule (which means directly from the authorities) no matter our other config?

Referenced by directory_fetches_from_authorities(), and options_validate().

int or_options_t::FetchDirInfoExtraEarly

Should we fetch our dir info at the start of the consensus period?

Referenced by options_validate(), and update_consensus_networkstatus_fetch_time().

char* or_options_t::VirtualAddrNetwork

Address and mask to hand out for virtual MAPADDRESS requests.

Referenced by options_act().

int or_options_t::ServerDNSSearchDomains

Boolean: If set, we don't force exit addresses to be FQDNs, but rather search for them in the local domains.

Referenced by launch_resolve(), and options_transition_affects_workers().

int or_options_t::ServerDNSDetectHijacking

Boolean: If true, check for DNS failure hijacking.

int or_options_t::ServerDNSRandomizeCase

Boolean: Use the 0x20-hack to prevent DNS poisoning attacks.

Referenced by configure_nameservers().

char* or_options_t::ServerDNSResolvConfFile

If provided, we configure our internal resolver from the file here rather than from /etc/resolv.conf (Unix) or the registry (Windows).

Referenced by configure_nameservers().

char* or_options_t::DirPortFrontPage

This is a full path to a file with an html disclaimer. This allows a server administrator to show that they're running Tor and anyone visiting their server will know this without any specialized knowledge.

Referenced by options_act().

int or_options_t::ServerDNSAllowBrokenConfig

Boolean: if set, we start even if our resolv.conf file is missing or broken.

smartlist_t* or_options_t::ServerDNSTestAddresses

A list of addresses that definitely should be resolvable. Used for testing our DNS server.

Referenced by add_wildcarded_test_address(), is_test_address(), and launch_test_addresses().

int or_options_t::EnforceDistinctSubnets

If true, don't allow multiple routers in the same network zone in the same circuit.

Referenced by routerlist_add_family(), and routers_in_same_family().

int or_options_t::TunnelDirConns

If true, use BEGIN_DIR rather than BEGIN when possible.

Referenced by directory_command_should_use_begindir(), and hid_serv_get_responsible_directories().

int or_options_t::PreferTunneledDirConns

If true, avoid dirservers that don't support BEGIN_DIR, when possible.

int or_options_t::AllowNonRFC953Hostnames

If true, we allow connections to hostnames with weird characters.

int or_options_t::ServerDNSAllowNonRFC953Hostnames

If true, we try resolving hostnames with weird characters.

int or_options_t::DownloadExtraInfo

If true, we try to download extra-info documents (and we serve them, if we are a cache). For authorities, this is always true.

Referenced by directory_info_has_arrived(), options_validate(), router_dump_router_to_string(), and update_extrainfo_downloads().

int or_options_t::AllowSingleHopExits

If true, and we are acting as a relay, allow exit circuits even when we are the first hop of a circuit.

Referenced by router_dump_router_to_string().

int or_options_t::ExcludeSingleHopRelays

If true, don't allow relays with AllowSingleHopExits=1 to be used in circuits that we build.

Referenced by choose_good_exit_server_general(), and router_choose_random_node().

int or_options_t::AllowSingleHopCircuits

If true, and the controller tells us to use a one-hop circuit, and the exit allows it, we use it.

int or_options_t::AllowDotExit

If true, we convert "www.google.com.foo.exit" addresses on the socks/trans/natd ports into "www.google.com" addresses that exit from the node "foo". Disabled by default since attacking websites and exit relays can use it to manipulate your path selection.

int or_options_t::DirReqStatistics

If true, the user wants us to collect statistics on clients requesting network statuses from us as directory.

Referenced by extrainfo_dump_to_string(), geoip_note_client_seen(), options_act(), options_transition_allowed(), and run_scheduled_events().

int or_options_t::ExitPortStatistics

If true, the user wants us to collect statistics on port usage.

Referenced by extrainfo_dump_to_string(), options_transition_allowed(), and run_scheduled_events().

int or_options_t::CellStatistics

If true, the user wants us to collect cell statistics.

Referenced by extrainfo_dump_to_string(), options_transition_allowed(), and run_scheduled_events().

int or_options_t::EntryStatistics

If true, the user wants us to collect statistics as entry node.

Referenced by extrainfo_dump_to_string(), geoip_note_client_seen(), options_act(), options_transition_allowed(), and run_scheduled_events().

int or_options_t::ExtraInfoStatistics

If true, include statistics file contents in extra-info documents.

Referenced by extrainfo_dump_to_string(), and router_rebuild_descriptor().

int or_options_t::ClientDNSRejectInternalAddresses

If true, do not believe anybody who tells us that a domain resolves to an internal address, or that an internal address has a PTR mapping. Helps avoid some cross-site attacks.

Referenced by connection_ap_process_end_not_open().

int or_options_t::V3AuthVotingInterval

The length of time that we think a consensus should be fresh.

Referenced by dirvote_get_preferred_voting_intervals().

int or_options_t::V3AuthVoteDelay

The length of time we think it will take to distribute votes.

Referenced by dirvote_get_preferred_voting_intervals().

int or_options_t::V3AuthDistDelay

The length of time we think it will take to distribute signatures.

Referenced by dirvote_get_preferred_voting_intervals().

int or_options_t::V3AuthNIntervalsValid

The number of intervals we think a consensus should be valid.

Referenced by dirvote_get_preferred_voting_intervals().

int or_options_t::V3AuthUseLegacyKey

Should advertise and sign consensuses with a legacy key, for key migration purposes?

char* or_options_t::V3BandwidthsFile

Location of bandwidth measurement file

Referenced by options_validate().

char* or_options_t::ConsensusParams

Authority only: key=value pairs that we add to our networkstatus consensus vote on the 'params' line.

int or_options_t::TestingV3AuthInitialVotingInterval

The length of time that we think an initial consensus should be fresh. Only altered on testing networks.

Referenced by dirvote_recalculate_timing().

int or_options_t::TestingV3AuthInitialVoteDelay

The length of time we think it will take to distribute initial votes. Only altered on testing networks.

Referenced by dirvote_recalculate_timing().

int or_options_t::TestingV3AuthInitialDistDelay

The length of time we think it will take to distribute initial signatures. Only altered on testing networks.

Referenced by dirvote_recalculate_timing().

int or_options_t::TestingAuthDirTimeToLearnReachability

If an authority has been around for less than this amount of time, it does not believe its reachability information is accurate. Only altered on testing networks.

int or_options_t::TestingEstimatedDescriptorPropagationTime

Clients don't download any descriptor this recent, since it will probably not have propagated to enough caches. Only altered on testing networks.

Referenced by client_would_use_router().

int or_options_t::TestingTorNetwork

If true, we take part in a testing network. Change the defaults of a couple of other configuration options and allow to change the values of certain configuration options.

Referenced by options_init_from_string(), options_transition_allowed(), and options_validate().

char* or_options_t::FallbackNetworkstatusFile

File to check for a consensus networkstatus, if we don't have one cached.

int or_options_t::BridgeRecordUsageByCountry

If true, and we have GeoIP data, and we're a bridge, keep a per-country count of how many client addresses have contacted us so that we can help the bridge authority guess which countries have blocked access to us.

Referenced by geoip_note_client_seen(), options_need_geoip_info(), and should_record_bridge_info().

char* or_options_t::GeoIPFile

Optionally, a file with GeoIP data.

Referenced by options_act().

int or_options_t::ReloadTorrcOnSIGHUP

If true, SIGHUP should reload the torrc. Sometimes controllers want to make this false.

Referenced by do_hup().

The documentation for this struct was generated from the following file:

or.h


Public Types
enum	{ CMD_RUN_TOR = 0, CMD_LIST_FINGERPRINT, CMD_HASH_PASSWORD, CMD_VERIFY_CONFIG, CMD_RUN_UNITTESTS }
enum	{ SAFELOG_SCRUB_ALL, SAFELOG_SCRUB_RELAY, SAFELOG_SCRUB_NONE }
Data Fields
uint32_t	_magic
enum or_options_t:: { ... }	command
const char *	command_arg
config_line_t *	Logs
char *	DebugLogFile
char *	DataDirectory
char *	Nickname
char *	Address
char *	PidFile
routerset_t *	ExitNodes
routerset_t *	EntryNodes
int	StrictNodes
routerset_t *	ExcludeNodes
routerset_t *	ExcludeExitNodes
struct routerset_t *	_ExcludeExitNodesUnion
int	DisableAllSwap
smartlist_t *	AllowInvalidNodes
invalid_router_usage_t	_AllowInvalid
config_line_t *	ExitPolicy
int	ExitPolicyRejectPrivate
config_line_t *	SocksPolicy
config_line_t *	DirPolicy
config_line_t *	SocksListenAddress
config_line_t *	TransListenAddress
config_line_t *	NatdListenAddress
config_line_t *	DNSListenAddress
config_line_t *	ORListenAddress
config_line_t *	DirListenAddress
config_line_t *	ControlListenAddress
char *	OutboundBindAddress
config_line_t *	RecommendedVersions
config_line_t *	RecommendedClientVersions
config_line_t *	RecommendedServerVersions
int	DirAllowPrivateAddresses
char *	User
char *	Group
int	ORPort
int	SocksPort
int	TransPort
int	NatdPort
int	ControlPort
config_line_t *	ControlSocket
int	DirPort
int	DNSPort
int	AssumeReachable
int	AuthoritativeDir
int	V1AuthoritativeDir
int	V2AuthoritativeDir
int	V3AuthoritativeDir
int	HSAuthoritativeDir
int	NamingAuthoritativeDir
int	VersioningAuthoritativeDir
int	BridgeAuthoritativeDir
char *	BridgePassword
int	UseBridges
config_line_t *	Bridges
int	BridgeRelay
int	UpdateBridgesFromAuthority
int	AvoidDiskWrites
int	ClientOnly
int	NoPublish
smartlist_t *	PublishServerDescriptor
authority_type_t	_PublishServerDescriptor
int	PublishHidServDescriptors
int	FetchServerDescriptors
int	FetchHidServDescriptors
int	HidServDirectoryV2
int	MinUptimeHidServDirectoryV2
int	FetchUselessDescriptors
int	AllDirActionsPrivate
int	ConnLimit
int	_ConnLimit
int	RunAsDaemon
int	FascistFirewall
smartlist_t *	FirewallPorts
config_line_t *	ReachableAddresses
config_line_t *	ReachableORAddresses
config_line_t *	ReachableDirAddresses
int	ConstrainedSockets
uint64_t	ConstrainedSockSize
int	RefuseUnknownExits
smartlist_t *	LongLivedPorts
smartlist_t *	RejectPlaintextPorts
smartlist_t *	WarnPlaintextPorts
smartlist_t *	TrackHostExits
int	TrackHostExitsExpire
config_line_t *	AddressMap
int	AutomapHostsOnResolve
smartlist_t *	AutomapHostsSuffixes
int	RendPostPeriod
int	KeepalivePeriod
int	SocksTimeout
int	CircuitBuildTimeout
int	CircuitIdleTimeout
int	CircuitStreamTimeout
int	MaxOnionsPending
int	NewCircuitPeriod
int	MaxCircuitDirtiness
uint64_t	BandwidthRate
uint64_t	BandwidthBurst
uint64_t	MaxAdvertisedBandwidth
uint64_t	RelayBandwidthRate
uint64_t	RelayBandwidthBurst
uint64_t	PerConnBWRate
uint64_t	PerConnBWBurst
int	NumCpus
int	RunTesting
config_line_t *	RendConfigLines
config_line_t *	HidServAuth
char *	ContactInfo
char *	HttpProxy
tor_addr_t	HttpProxyAddr
uint16_t	HttpProxyPort
char *	HttpProxyAuthenticator
char *	HttpsProxy
tor_addr_t	HttpsProxyAddr
uint16_t	HttpsProxyPort
char *	HttpsProxyAuthenticator
char *	Socks4Proxy
tor_addr_t	Socks4ProxyAddr
uint16_t	Socks4ProxyPort
char *	Socks5Proxy
tor_addr_t	Socks5ProxyAddr
uint16_t	Socks5ProxyPort
char *	Socks5ProxyUsername
char *	Socks5ProxyPassword
config_line_t *	DirServers
config_line_t *	AlternateDirAuthority
config_line_t *	AlternateBridgeAuthority
config_line_t *	AlternateHSAuthority
char *	MyFamily
config_line_t *	NodeFamilies
config_line_t *	AuthDirBadDir
config_line_t *	AuthDirBadExit
config_line_t *	AuthDirReject
config_line_t *	AuthDirInvalid
int	AuthDirListBadDirs
int	AuthDirListBadExits
int	AuthDirRejectUnlisted
int	AuthDirMaxServersPerAddr
int	AuthDirMaxServersPerAuthAddr
char *	AccountingStart
uint64_t	AccountingMax
config_line_t *	HashedControlPassword
config_line_t *	HashedControlSessionPassword
int	CookieAuthentication
char *	CookieAuthFile
int	CookieAuthFileGroupReadable
int	LeaveStreamsUnattached
int	DisablePredictedCircuits
int	ShutdownWaitLength
char *	SafeLogging
enum or_options_t:: { ... }	_SafeLogging
int	SafeSocks
int	ProtocolWarnings
int	TestSocks
int	HardwareAccel
char *	AccelName
char *	AccelDir
int	UseEntryGuards
int	NumEntryGuards
int	RephistTrackTime
int	FastFirstHopPK
int	FetchDirInfoEarly
int	FetchDirInfoExtraEarly
char *	VirtualAddrNetwork
int	ServerDNSSearchDomains
int	ServerDNSDetectHijacking
int	ServerDNSRandomizeCase
char *	ServerDNSResolvConfFile
char *	DirPortFrontPage
int	ServerDNSAllowBrokenConfig
smartlist_t *	ServerDNSTestAddresses
int	EnforceDistinctSubnets
int	TunnelDirConns
int	PreferTunneledDirConns
int	AllowNonRFC953Hostnames
int	ServerDNSAllowNonRFC953Hostnames
int	DownloadExtraInfo
int	AllowSingleHopExits
int	ExcludeSingleHopRelays
int	AllowSingleHopCircuits
int	AllowDotExit
int	DirReqStatistics
int	ExitPortStatistics
int	CellStatistics
int	EntryStatistics
int	ExtraInfoStatistics
int	ClientDNSRejectInternalAddresses
int	V3AuthVotingInterval
int	V3AuthVoteDelay
int	V3AuthDistDelay
int	V3AuthNIntervalsValid
int	V3AuthUseLegacyKey
char *	V3BandwidthsFile
char *	ConsensusParams
int	TestingV3AuthInitialVotingInterval
int	TestingV3AuthInitialVoteDelay
int	TestingV3AuthInitialDistDelay
int	TestingAuthDirTimeToLearnReachability
int	TestingEstimatedDescriptorPropagationTime
int	TestingTorNetwork
char *	FallbackNetworkstatusFile
int	BridgeRecordUsageByCountry
char *	GeoIPFile
int	ReloadTorrcOnSIGHUP
double	CircuitPriorityHalflife