aboutsummaryrefslogtreecommitdiff
path: root/spec/rend-spec/managing-streams.md
blob: 9eb1e8285e47abdc0ffd1c161c423bd266d53493 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# Managing streams

## Sending BEGIN messages { #send-begin }

In order to open a new stream to an onion service,
the client sends a BEGIN message on an established rendezvous circuit.

When sending a BEGIN message to an onion service,
a client should use an empty string as the target address,
and not set any flags on the begin message.

> For example, to open a connection to `<some_addr>.onion`
> on port 443, a client would send a BEGIN message with
> the address:port string of `":443"`, and a `FLAGS` value of 0.
> The 0-values `FLAGS` would not be encoded, according to
> the instructions for [encoding BEGIN messages](../tor-spec/opening-streams.md#opening).

## Receiving BEGIN messages { #receive-begin }

When a service receives a BEGIN message, it should check its port,
_and ignore all other fields in the begin message_, including its
address and flags.

If a service chooses to reject a BEGIN message, it should typically
destroy the circuit entirely to prevent port scanning,
resource exhaustion, and other undesirable behaviors.
But if it rejects the BEGIN without destroy the circuit,
it should send back an `END` message with the `DONE` reason,
to avoid leaking any further information.

If the service chooses to accept the BEGIN message,
it should send back a CONNECTED message with an empty body.