[tor/master] Doxygen documentation for about 100 things that didn't have any - tor-commits

16 Mar 2011

commit 6617822b841e32d6339bac13c79dd5f2b566c3c6
Author: Nick Mathewson nickm@torproject.org
Date:   Wed Mar 16 17:05:37 2011 -0400
Doxygen documentation for about 100 things that didn't have any
About 860 doxygen-less things remain in 0.2.2
---
 src/common/address.c         |    5 +++-
 src/common/address.h         |   25 +++++++++++++++--
 src/common/aes.c             |    3 ++
 src/common/compat.c          |   29 +++++++++++++++++++-
 src/common/compat.h          |   24 +++++++++++-----
 src/common/compat_libevent.c |   12 ++++++--
 src/common/container.c       |   19 +++++++++++--
 src/common/container.h       |    6 +++-
 src/common/crypto.c          |   61 +++++++++++++++++++++++++++++------------
 src/common/log.c             |   26 +++++++++++++++---
 src/common/memarea.c         |    9 ++++++
 src/common/torgzip.c         |   10 ++++---
 src/common/torint.h          |    2 +-
 src/common/torlog.h          |    1 +
 src/or/main.h                |    6 +++-
 src/or/ntmain.c              |   10 +++++++
 src/or/or.h                  |   28 ++++++++++++++++++-
 17 files changed, 226 insertions(+), 50 deletions(-)

diff --git a/src/common/address.c b/src/common/address.c
index 072661b..0046d2d 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -508,7 +508,8 @@ tor_addr_parse_mask_ports(const char *s, tor_addr_t *addr_out,
   tor_assert(s);
   tor_assert(addr_out);
-  /* IP, [], /mask, ports */
+  /** Longest possible length for an address, mask, and port-range combination.
+   * Includes IP, [], /mask, :, ports */
 #define MAX_ADDRESS_LENGTH (TOR_ADDR_BUF_LEN+2+(1+INET_NTOA_BUF_LEN)+12+1)
if (strlen(s) > MAX_ADDRESS_LENGTH) {
@@ -800,6 +801,8 @@ int
 tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2,
                         maskbits_t mbits, tor_addr_comparison_t how)
 {
+  /** Helper: Evaluates to -1 if a is less than b, 0 if a equals b, or 1 if a
+   * is greater than b.  May evaluate a and b more than once.  */
 #define TRISTATE(a,b) (((a)<(b))?-1: (((a)==(b))?0:1))
   sa_family_t family1, family2, v_family1, v_family2;
diff --git a/src/common/address.h b/src/common/address.h
index 371c6da..d05a3de 100644
--- a/src/common/address.h
+++ b/src/common/address.h
@@ -53,8 +53,20 @@ tor_addr_to_in6(const tor_addr_t *a)
   return a->family == AF_INET6 ? &a->addr.in6_addr : NULL;
 }
+/** Given an IPv6 address <b>x</b>, yield it as an array of uint8_t.
+ *
+ * Requires that <b>x</b> is actually an IPv6 address.
+ */
 #define tor_addr_to_in6_addr8(x) tor_addr_to_in6(x)->s6_addr
+/** Given an IPv6 address <b>x</b>, yield it as an array of uint16_t.
+ *
+ * Requires that <b>x</b> is actually an IPv6 address.
+ */
 #define tor_addr_to_in6_addr16(x) S6_ADDR16(*tor_addr_to_in6(x))
+/** Given an IPv6 address <b>x</b>, yield it as an array of uint32_t.
+ *
+ * Requires that <b>x</b> is actually an IPv6 address.
+ */
 #define tor_addr_to_in6_addr32(x) S6_ADDR32(*tor_addr_to_in6(x))
/** Return an IPv4 address in network order for <b>a</b>, or 0 if
@@ -71,7 +83,7 @@ tor_addr_to_ipv4h(const tor_addr_t *a)
 {
   return ntohl(tor_addr_to_ipv4n(a));
 }
-/* Given an IPv6 address, return its mapped IPv4 address in host order, or
+/** Given an IPv6 address, return its mapped IPv4 address in host order, or
  * 0 if <b>a</b> is not an IPv6 address.
  *
  * (Does not check whether the address is really a mapped address */
@@ -102,8 +114,14 @@ tor_addr_eq_ipv4h(const tor_addr_t *a, uint32_t u)
   return a->family == AF_INET ? (tor_addr_to_ipv4h(a) == u) : 0;
 }
-#define TOR_ADDR_BUF_LEN 48 /* [ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255]
-                             */
+/** Length of a buffer that you need to allocate to be sure you can encode
+ * any tor_addr_t.
+ *
+ * This allows enough space for
+ *   "[ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255]",
+ * plus a terminating NUL.
+ */
+#define TOR_ADDR_BUF_LEN 48
int tor_addr_lookup(const char *name, uint16_t family, tor_addr_t *addr_out);
 char *tor_dup_addr(const tor_addr_t *addr) ATTR_MALLOC;
@@ -154,6 +172,7 @@ void tor_addr_from_ipv4n(tor_addr_t *dest, uint32_t v4addr);
 #define tor_addr_from_ipv4h(dest, v4addr)       \
   tor_addr_from_ipv4n((dest), htonl(v4addr))
 void tor_addr_from_ipv6_bytes(tor_addr_t *dest, const char *bytes);
+/** Set <b>dest</b> to the IPv4 address incoded in <b>in</b>. */
 #define tor_addr_from_in(dest, in) \
   tor_addr_from_ipv4n((dest), (in)->s_addr);
 void tor_addr_from_in6(tor_addr_t *dest, const struct in6_addr *in6);
diff --git a/src/common/aes.c b/src/common/aes.c
index 39ab294..c2fdeb5 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -100,6 +100,9 @@
/* Figure out which AES optimizations to use. */
 #ifdef USE_BUILTIN_AES
+/** If this is defined, we take advantage of the fact that AES treats its
+ * input as a set of 4 32-bit words, so that there is no need to encode and
+ * decode the 128-bit counter before every block encryption  */
 # define USE_RIJNDAEL_COUNTER_OPTIMIZATION
 # if 0 && (defined(__powerpc__) || defined(__powerpc64__))
 /* XXXX do more experimentation before concluding this is actually
diff --git a/src/common/compat.c b/src/common/compat.c
index d29cacf..27489e5 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -15,6 +15,8 @@
 /* This is required on rh7 to make strptime not complain.
  * We also need it to make memmem get defined (where available)
  */
+/* XXXX023 We should just use AC_USE_SYSTEM_EXTENSIONS in our autoconf,
+ * and get this (and other important stuff!) automatically */
 #define _GNU_SOURCE
#include "compat.h"
@@ -660,7 +662,9 @@ touch_file(const char *fname)
/** Represents a lockfile on which we hold the lock. */
 struct tor_lockfile_t {
+  /** Name of the file */
   char *filename;
+  /** File descriptor used to hold the file open */
   int fd;
 };
@@ -766,7 +770,8 @@ tor_lockfile_unlock(tor_lockfile_t *lockfile)
   tor_free(lockfile);
 }
-/* Some old versions of Unix didn't define constants for these values,
+/** @{ */
+/** Some old versions of Unix didn't define constants for these values,
  * and instead expect you to say 0, 1, or 2. */
 #ifndef SEEK_CUR
 #define SEEK_CUR 1
@@ -774,6 +779,7 @@ tor_lockfile_unlock(tor_lockfile_t *lockfile)
 #ifndef SEEK_END
 #define SEEK_END 2
 #endif
+/** @} */
/** Return the position of <b>fd</b> with respect to the start of the file. */
 off_t
@@ -813,6 +819,7 @@ static int n_sockets_open = 0;
 /** Mutex to protect open_sockets, max_socket, and n_sockets_open. */
 static tor_mutex_t *socket_accounting_mutex = NULL;
+/** Helper: acquire the socket accounting lock. */
 static INLINE void
 socket_accounting_lock(void)
 {
@@ -821,6 +828,7 @@ socket_accounting_lock(void)
   tor_mutex_acquire(socket_accounting_mutex);
 }
+/** Helper: release the socket accounting lock. */
 static INLINE void
 socket_accounting_unlock(void)
 {
@@ -879,6 +887,7 @@ tor_close_socket(int s)
   return r;
 }
+/** @{ */
 #ifdef DEBUG_SOCKET_COUNTING
 /** Helper: if DEBUG_SOCKET_COUNTING is enabled, remember that <b>s</b> is
  * now an open socket. */
@@ -903,6 +912,7 @@ mark_socket_open(int s)
 #else
 #define mark_socket_open(s) STMT_NIL
 #endif
+/** @} */
/** As socket(), but counts the number of open sockets. */
 int
@@ -1090,6 +1100,8 @@ tor_socketpair(int family, int type, int protocol, int fd[2])
 #endif
 }
+/** Number of extra file descriptors to keep in reserve beyond those that we
+ * tell Tor it's allowed to use. */
 #define ULIMIT_BUFFER 32 /* keep 32 extra fd's beyond _ConnLimit */
/** Learn the maximum allowed number of file descriptors. (Some systems
@@ -1202,6 +1214,7 @@ set_max_file_descriptors(rlim_t limit, int *max_out)
 static int
 log_credential_status(void)
 {
+/** Log level to use when describing non-error UID/GID status. */
 #define CREDENTIAL_LOG_LEVEL LOG_INFO
   /* Real, effective and saved UIDs */
   uid_t ruid, euid, suid;
@@ -1983,6 +1996,12 @@ tor_gettimeofday(struct timeval *timeval)
 #define TIME_FNS_NEED_LOCKS
 #endif
+/** @{ */
+/** As localtime_r, but defined for platforms that don't have it:
+ *
+ * Convert *<b>timep</b> to a struct tm in local time, and store the value in
+ * *<b>result</b>.  Return the result on success, or NULL on failure.
+ */
 #ifndef HAVE_LOCALTIME_R
 #ifdef TIME_FNS_NEED_LOCKS
 struct tm *
@@ -2010,7 +2029,14 @@ tor_localtime_r(const time_t *timep, struct tm *result)
 }
 #endif
 #endif
+/** @} */
+/** @{ */
+/** As gmtimee_r, but defined for platforms that don't have it:
+ *
+ * Convert *<b>timep</b> to a struct tm in UTC, and store the value in
+ * *<b>result</b>.  Return the result on success, or NULL on failure.
+ */
 #ifndef HAVE_GMTIME_R
 #ifdef TIME_FNS_NEED_LOCKS
 struct tm *
@@ -2038,6 +2064,7 @@ tor_gmtime_r(const time_t *timep, struct tm *result)
 }
 #endif
 #endif
+/** @} */
#if defined(USE_WIN32_THREADS)
 void
diff --git a/src/common/compat.h b/src/common/compat.h
index ee20e71..35829e1 100644
--- a/src/common/compat.h
+++ b/src/common/compat.h
@@ -312,6 +312,7 @@ const char *tor_fix_source_file(const char *fname);
/* ===== Time compatibility */
 #if !defined(HAVE_GETTIMEOFDAY) && !defined(HAVE_STRUCT_TIMEVAL_TV_SEC)
+/** Implementation of timeval for platforms that don't have it. */
 struct timeval {
   time_t tv_sec;
   unsigned int tv_usec;
@@ -364,9 +365,9 @@ int get_n_open_sockets(void);
 #define tor_socket_send(s, buf, len, flags) send(s, buf, len, flags)
 #define tor_socket_recv(s, buf, len, flags) recv(s, buf, len, flags)
-/* Define struct in6_addr on platforms that do not have it.  Generally,
- * these platforms are ones without IPv6 support, but we want to have
- * a working in6_addr there anyway, so we can use it to parse IPv6
+/** Implementatino of struct in6_addr for platforms that do not have it.
+ * Generally, these platforms are ones without IPv6 support, but we want to
+ * have a working in6_addr there anyway, so we can use it to parse IPv6
  * addresses. */
 #if !defined(HAVE_STRUCT_IN6_ADDR)
 struct in6_addr
@@ -382,9 +383,10 @@ struct in6_addr
 };
 #endif
+/** @{ */
+/** Many BSD variants seem not to define these. */
 #if defined(__APPLE__) || defined(__darwin__) || defined(__FreeBSD__) \
     || defined(__NetBSD__) || defined(__OpenBSD__)
-/* Many BSD variants seem not to define these. */
 #ifndef s6_addr16
 #define s6_addr16 __u6_addr.__u6_addr16
 #endif
@@ -392,12 +394,15 @@ struct in6_addr
 #define s6_addr32 __u6_addr.__u6_addr32
 #endif
 #endif
+/** @} */
#ifndef HAVE_SA_FAMILY_T
 typedef uint16_t sa_family_t;
 #endif
-/* Apparently, MS and Solaris don't define s6_addr16 or s6_addr32. */
+/** @{ */
+/** Apparently, MS and Solaris don't define s6_addr16 or s6_addr32; these
+ * macros get you a pointer to s6_addr32 or local equivalent. */
 #ifdef HAVE_STRUCT_IN6_ADDR_S6_ADDR32
 #define S6_ADDR32(x) ((uint32_t*)(x).s6_addr32)
 #else
@@ -408,9 +413,10 @@ typedef uint16_t sa_family_t;
 #else
 #define S6_ADDR16(x) ((uint16_t*)((char*)&(x).s6_addr))
 #endif
+/** @} */
-/* Define struct sockaddr_in6 on platforms that do not have it. See notes
- * on struct in6_addr. */
+/** Implementation of struct sockaddr_in6 on platforms that do not have
+ * it. See notes on struct in6_addr. */
 #if !defined(HAVE_STRUCT_SOCKADDR_IN6)
 struct sockaddr_in6 {
   sa_family_t sin6_family;
@@ -534,10 +540,14 @@ void spawn_exit(void) ATTR_NORETURN;
 /** A generic lock structure for multithreaded builds. */
 typedef struct tor_mutex_t {
 #if defined(USE_WIN32_THREADS)
+  /** Windows-only: on windows, we implement locks with CRITICAL_SECTIONS. */
   CRITICAL_SECTION mutex;
 #elif defined(USE_PTHREADS)
+  /** Pthreads-only: with pthreads, we implement locks with
+   * pthread_mutex_t. */
   pthread_mutex_t mutex;
 #else
+  /** No-threads only: Dummy variable so that tor_mutex_t takes up space. */
   int _unused;
 #endif
 } tor_mutex_t;
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index b9af61b..0e5a906 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -36,13 +36,19 @@
 */
 typedef uint32_t le_version_t;
-/* Macros: returns the number of a libevent version. */
+/** @{ */
+/** Macros: returns the number of a libevent version as a le_version_t */
 #define V(major, minor, patch) \
   (((major) << 24) | ((minor) << 16) | ((patch) << 8))
 #define V_OLD(major, minor, patch) \
   V((major), (minor), (patch)-'a'+1)
+/** @} */
+/** Represetns a version of libevent so old we can't figure out what version
+ * it is. */
 #define LE_OLD V(0,0,0)
+/** Represents a version of libevent so weird we can't figure out what version
+ * it it. */
 #define LE_OTHER V(0,0,99)
static le_version_t tor_get_libevent_version(const char **v_out);
@@ -199,8 +205,8 @@ tor_libevent_get_base(void)
 }
#ifndef HAVE_EVENT_BASE_LOOPEXIT
-/* Replacement for event_base_loopexit on some very old versions of Libevent
-   that we are not yet brave enough to deprecate. */
+/** Replacement for event_base_loopexit on some very old versions of Libevent
+ * that we are not yet brave enough to deprecate. */
 int
 tor_event_base_loopexit(struct event_base *base, struct timeval *tv)
 {
diff --git a/src/common/container.c b/src/common/container.c
index 979e097..7208d36 100644
--- a/src/common/container.c
+++ b/src/common/container.c
@@ -639,15 +639,27 @@ smartlist_uniq_strings(smartlist_t *sl)
  *   }
  */
-/* For a 1-indexed array, we would use LEFT_CHILD[x] = 2*x and RIGHT_CHILD[x]
- * = 2*x + 1.  But this is C, so we have to adjust a little. */
+/** @{ */
+/** Functions to manipulate heap indices to find a node's parent and children.
+ *
+ * For a 1-indexed array, we would use LEFT_CHILD[x] = 2*x and RIGHT_CHILD[x]
+ *   = 2*x + 1.  But this is C, so we have to adjust a little. */
 //#define LEFT_CHILD(i)  ( ((i)+1)*2 - 1)
 //#define RIGHT_CHILD(i) ( ((i)+1)*2 )
 //#define PARENT(i)      ( ((i)+1)/2 - 1)
 #define LEFT_CHILD(i)  ( 2*(i) + 1 )
 #define RIGHT_CHILD(i) ( 2*(i) + 2 )
 #define PARENT(i)      ( ((i)-1) / 2 )
-
+/** }@ */
+
+/** @{ */
+/** Helper macros for heaps: Given a local variable <b>idx_field_offset</b>
+ * set to the offset of an integer index within the heap element structure,
+ * IDX_OF_ITEM(p) gives you the index of p, and IDXP(p) gives you a pointer to
+ * where p's index is stored.  Given additionally a local smartlist <b>sl</b>,
+ * UPDATE_IDX(i) sets the index of the element at <b>i</b> to the correct
+ * value (that is, to <b>i</b>).
+ */
 #define IDXP(p) ((int*)STRUCT_VAR_P(p, idx_field_offset))
#define UPDATE_IDX(i)  do {                            \
@@ -656,6 +668,7 @@ smartlist_uniq_strings(smartlist_t *sl)
   } while (0)
#define IDX_OF_ITEM(p) (*IDXP(p))
+/** @} */
/** Helper. <b>sl</b> may have at most one violation of the heap property:
  * the item at <b>idx</b> may be greater than one or both of its children.
diff --git a/src/common/container.h b/src/common/container.h
index 768ba89..8a3a405 100644
--- a/src/common/container.h
+++ b/src/common/container.h
@@ -15,6 +15,7 @@
  * and macros defined here.
  **/
 typedef struct smartlist_t {
+  /** @{ */
   /** <b>list</b> has enough capacity to store exactly <b>capacity</b> elements
    * before it needs to be resized.  Only the first <b>num_used</b> (<=
    * capacity) elements point to valid data.
@@ -22,6 +23,7 @@ typedef struct smartlist_t {
   void **list;
   int num_used;
   int capacity;
+  /** @} */
 } smartlist_t;
smartlist_t *smartlist_create(void);
@@ -595,9 +597,9 @@ bitarray_is_set(bitarray_t *b, int bit)
/** A set of digests, implemented as a Bloom filter. */
 typedef struct {
-  int mask; /* One less than the number of bits in <b>ba</b>; always one less
+  int mask; /**< One less than the number of bits in <b>ba</b>; always one less
              * than a power of two. */
-  bitarray_t *ba; /* A bit array to implement the Bloom filter. */
+  bitarray_t *ba; /**< A bit array to implement the Bloom filter. */
 } digestset_t;
#define BIT(n) ((n) & set->mask)
diff --git a/src/common/crypto.c b/src/common/crypto.c
index cfbc002..ed434a3 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -68,13 +68,15 @@
 #endif
#if OPENSSL_VERSION_NUMBER < 0x00908000l
-/* On OpenSSL versions before 0.9.8, there is no working SHA256
+/** @{ */
+/** On OpenSSL versions before 0.9.8, there is no working SHA256
  * implementation, so we use Tom St Denis's nice speedy one, slightly adapted
- * to our needs */
+ * to our needs.  These macros make it usable by us. */
 #define SHA256_CTX sha256_state
 #define SHA256_Init sha256_init
 #define SHA256_Update sha256_process
 #define LTC_ARGCHK(x) tor_assert(x)
+/** @} */
 #include "sha256.c"
 #define SHA256_Final(a,b) sha256_done(b,a)
@@ -104,21 +106,22 @@ static int _n_openssl_mutexes = 0;
 /** A public key, or a public/private key-pair. */
 struct crypto_pk_env_t
 {
-  int refs; /* reference counting so we don't have to copy keys */
-  RSA *key;
+  int refs; /**< reference count, so we don't have to copy keys */
+  RSA *key; /**< The key itself */
 };
/** Key and stream information for a stream cipher. */
 struct crypto_cipher_env_t
 {
-  char key[CIPHER_KEY_LEN];
-  aes_cnt_cipher_t *cipher;
+  char key[CIPHER_KEY_LEN]; /**< The raw key. */
+  aes_cnt_cipher_t *cipher; /**< The key in format usable for counter-mode AES
+                             * encryption */
 };
/** A structure to hold the first half (x, g^x) of a Diffie-Hellman handshake
  * while we're waiting for the second.*/
 struct crypto_dh_env_t {
-  DH *dh;
+  DH *dh; /**< The openssl DH object */
 };
static int setup_openssl_threading(void);
@@ -1470,7 +1473,7 @@ crypto_cipher_decrypt_with_iv(crypto_cipher_env_t *cipher,
/* SHA-1 */
-/** Compute the SHA1 digest of <b>len</b> bytes in data stored in
+/** Compute the SHA1 digest of the <b>len</b> bytes on data stored in
  * <b>m</b>.  Write the DIGEST_LEN byte result into <b>digest</b>.
  * Return 0 on success, -1 on failure.
  */
@@ -1482,6 +1485,9 @@ crypto_digest(char *digest, const char *m, size_t len)
   return (SHA1((const unsigned char*)m,len,(unsigned char*)digest) == NULL);
 }
+/** Compute a 256-bit digest of <b>len</b> bytes in data stored in <b>m</b>,
+ * using the algorithm <b>algorithm</b>.  Write the DIGEST_LEN256-byte result
+ * into <b>digest</b>.  Return 0 on success, -1 on failure. */
 int
 crypto_digest256(char *digest, const char *m, size_t len,
                  digest_algorithm_t algorithm)
@@ -1541,13 +1547,14 @@ crypto_digest_algorithm_parse_name(const char *name)
 /** Intermediate information about the digest of a stream of data. */
 struct crypto_digest_env_t {
   union {
-    SHA_CTX sha1;
-    SHA256_CTX sha2;
-  } d;
-  digest_algorithm_t algorithm : 8;
+    SHA_CTX sha1; /**< state for SHA1 */
+    SHA256_CTX sha2; /**< state for SHA256 */
+  } d; /**< State for the digest we're using.  Only one member of the
+        * union is usable, depending on the value of <b>algorithm</b>. */
+  digest_algorithm_t algorithm : 8; /**< Which algorithm is in use? */
 };
-/** Allocate and return a new digest object.
+/** Allocate and return a new digest object to compute SHA1 digests.
  */
 crypto_digest_env_t *
 crypto_new_digest_env(void)
@@ -1559,6 +1566,8 @@ crypto_new_digest_env(void)
   return r;
 }
+/** Allocate and return a new digest object to compute 256-bit digests
+ * using <b>algorithm</b>. */
 crypto_digest_env_t *
 crypto_new_digest256_env(digest_algorithm_t algorithm)
 {
@@ -1732,6 +1741,10 @@ init_dh_param(void)
   dh_param_g = g;
 }
+/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
+ * handshake.  Since we exponentiate by this value, choosing a smaller one
+ * lets our handhake go faster.
+ */
 #define DH_PRIVATE_KEY_BITS 320
/** Allocate and return a new DH object for a key exchange.
@@ -1983,15 +1996,22 @@ crypto_dh_free(crypto_dh_env_t *dh)
/* random numbers */
-/* This is how much entropy OpenSSL likes to add right now, so maybe it will
+/** How many bytes of entropy we add at once.
+ *
+ * This is how much entropy OpenSSL likes to add right now, so maybe it will
  * work for us too. */
 #define ADD_ENTROPY 32
-/* Use RAND_poll if OpenSSL is 0.9.6 release or later.  (The "f" means
-   "release".)  */
+/** True iff we should use OpenSSL's RAND_poll function to add entropy to its
+ * pool.
+ *
+ * Use RAND_poll if OpenSSL is 0.9.6 release or later.  (The "f" means
+ *"release".)  */
 #define HAVE_RAND_POLL (OPENSSL_VERSION_NUMBER >= 0x0090600fl)
-/* Versions of OpenSSL prior to 0.9.7k and 0.9.8c had a bug where RAND_poll
+/** True iff it's safe to use RAND_poll after setup.
+ *
+ * Versions of OpenSSL prior to 0.9.7k and 0.9.8c had a bug where RAND_poll
  * would allocate an fd_set on the stack, open a new file, and try to FD_SET
  * that fd without checking whether it fit in the fd_set.  Thus, if the
  * system has not just been started up, it is unsafe to call */
@@ -2000,6 +2020,7 @@ crypto_dh_free(crypto_dh_env_t *dh)
     OPENSSL_VERSION_NUMBER <= 0x00907fffl) ||   \
    (OPENSSL_VERSION_NUMBER >= 0x0090803fl))
+/** Set the seed of the weak RNG to a random value. */
 static void
 seed_weak_rng(void)
 {
@@ -2253,9 +2274,12 @@ base64_encode(char *dest, size_t destlen, const char *src, size_t srclen)
   return ret;
 }
+/** @{ */
+/** Special values used for the base64_decode_table */
 #define X 255
 #define SP 64
 #define PAD 65
+/** @} */
 /** Internal table mapping byte values to what they represent in base64.
  * Numbers 0..63 are 6-bit integers.  SPs are spaces, and should be
  * skipped.  Xs are invalid and must not appear in base64. PAD indicates
@@ -2659,6 +2683,7 @@ _openssl_dynlock_destroy_cb(struct CRYPTO_dynlock_value *v,
   tor_free(v);
 }
+/** @{ */
 /** Helper: Construct mutexes, and set callbacks to help OpenSSL handle being
  * multithreaded. */
 static int
@@ -2684,4 +2709,4 @@ setup_openssl_threading(void)
   return 0;
 }
 #endif
-
+/** @} */
diff --git a/src/common/log.c b/src/common/log.c
index cfa0721..c1a61d0 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -36,8 +36,12 @@
 #include "torlog.h"
 #include "container.h"
+/** @{ */
+/** The string we stick at the end of a log message when it is too long,
+ * and its length. */
 #define TRUNCATED_STR "[...truncated]"
 #define TRUNCATED_STR_LEN 14
+/** @} */
/** Information for a single logfile; only used in log.c */
 typedef struct logfile_t {
@@ -109,17 +113,19 @@ static int syslog_count = 0;
 /** Represents a log message that we are going to send to callback-driven
  * loggers once we can do so in a non-reentrant way. */
 typedef struct pending_cb_message_t {
-  int severity;
-  log_domain_mask_t domain;
-  char *msg;
+  int severity; /**< The severity of the message */
+  log_domain_mask_t domain; /**< The domain of the message */
+  char *msg; /**< The content of the message */
 } pending_cb_message_t;
/** Log messages waiting to be replayed onto callback-based logs */
 static smartlist_t *pending_cb_messages = NULL;
+/** Lock the log_mutex to prevent others from changing the logfile_t list */
 #define LOCK_LOGS() STMT_BEGIN                                          \
   tor_mutex_acquire(&log_mutex);                                        \
   STMT_END
+/** Unlock the log_mutex */
 #define UNLOCK_LOGS() STMT_BEGIN tor_mutex_release(&log_mutex); STMT_END
/** What's the lowest log level anybody cares about?  Checking this lets us
@@ -382,7 +388,10 @@ logv(int severity, log_domain_mask_t domain, const char *funcname,
   UNLOCK_LOGS();
 }
-/** Output a message to the log. */
+/** Output a message to the log.  It gets logged to all logfiles that
+ * care about messages with <b>severity</b> in <b>domain</b>. The content
+ * if formatted printf style 
+ * */
 void
 tor_log(int severity, log_domain_mask_t domain, const char *format, ...)
 {
@@ -396,6 +405,9 @@ tor_log(int severity, log_domain_mask_t domain, const char *format, ...)
/** Output a message to the log, prefixed with a function name <b>fn</b>. */
 #ifdef __GNUC__
+/** GCC-based implementation of the log_fn backend, used when we have
+ * variadic macros. All arguments are as for log_fn, except for <b>fn</b>, which
+ * is the name of the calling functions. */
 void
 _log_fn(int severity, log_domain_mask_t domain, const char *fn,
         const char *format, ...)
@@ -408,6 +420,11 @@ _log_fn(int severity, log_domain_mask_t domain, const char *fn,
   va_end(ap);
 }
 #else
+/** @{ */
+/** Variant implementation of log_fn, log_debug, log_info,... for C compilers
+ * without variadic macros.  In this case, the calling function sets
+ * _log_fn_function_name to the name of the function, then invokes the
+ * appropriate _log_fn, _log_debug, etc. */
 const char *_log_fn_function_name=NULL;
 void
 _log_fn(int severity, log_domain_mask_t domain, const char *format, ...)
@@ -476,6 +493,7 @@ _log_err(log_domain_mask_t domain, const char *format, ...)
   va_end(ap);
   _log_fn_function_name = NULL;
 }
+/** @} */
 #endif
/** Free all storage held by <b>victim</b>. */
diff --git a/src/common/memarea.c b/src/common/memarea.c
index 194deb8..6893639 100644
--- a/src/common/memarea.c
+++ b/src/common/memarea.c
@@ -30,12 +30,18 @@
 #endif
#ifdef USE_SENTINELS
+/** Magic value that we stick at the end of a memarea so we can make sure
+ * there are no run-off-the-end bugs. */
 #define SENTINEL_VAL 0x90806622u
+/** How many bytes per area do we devote to the sentinel? */
 #define SENTINEL_LEN sizeof(uint32_t)
+/** Given a mem_area_chunk_t with SENTINEL_LEN extra bytes allocated at the
+ * end, set those bytes. */
 #define SET_SENTINEL(chunk)                                     \
   STMT_BEGIN                                                    \
   set_uint32( &(chunk)->u.mem[chunk->mem_size], SENTINEL_VAL ); \
   STMT_END
+/** Assert that the sentinel on a memarea is set correctly. */
 #define CHECK_SENTINEL(chunk)                                           \
   STMT_BEGIN                                                            \
   uint32_t sent_val = get_uint32(&(chunk)->u.mem[chunk->mem_size]);     \
@@ -73,8 +79,11 @@ typedef struct memarea_chunk_t {
   } u;
 } memarea_chunk_t;
+/** How many bytes are needed for overhead before we get to the memory part
+ * of a chunk? */
 #define CHUNK_HEADER_SIZE STRUCT_OFFSET(memarea_chunk_t, u)
+/** What's the smallest that we'll allocate a chunk? */
 #define CHUNK_SIZE 4096
/** A memarea_t is an allocation region for a set of small memory requests
diff --git a/src/common/torgzip.c b/src/common/torgzip.c
index b2a205f..e9079e0 100644
--- a/src/common/torgzip.c
+++ b/src/common/torgzip.c
@@ -79,6 +79,7 @@ method_bits(compress_method_t method)
   return method == GZIP_METHOD ? 15+16 : 15;
 }
+/** @{ */
 /* These macros define the maximum allowable compression factor.  Anything of
  * size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to
  * have an uncompression factor (uncompressed size:compressed size ratio) of
@@ -94,6 +95,7 @@ method_bits(compress_method_t method)
  */
 #define MAX_UNCOMPRESSION_FACTOR 25
 #define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64)
+/** @} */
/** Return true if uncompressing an input of size <b>in_size</b> to an input
  * of size at least <b>size_out</b> looks like a compression bomb. */
@@ -389,12 +391,12 @@ detect_compression_method(const char *in, size_t in_len)
 /** Internal state for an incremental zlib compression/decompression.  The
  * body of this struct is not exposed. */
 struct tor_zlib_state_t {
-  struct z_stream_s stream;
-  int compress;
+  struct z_stream_s stream; /**< The zlib stream */
+  int compress; /**< True if we are compressing; false if we are inflating */
-  /* Number of bytes read so far.  Used to detect zlib bombs. */
+  /** Number of bytes read so far.  Used to detect zlib bombs. */
   size_t input_so_far;
-  /* Number of bytes written so far.  Used to detect zlib bombs. */
+  /** Number of bytes written so far.  Used to detect zlib bombs. */
   size_t output_so_far;
 };
diff --git a/src/common/torint.h b/src/common/torint.h
index 1faf65a..f5bebf8 100644
--- a/src/common/torint.h
+++ b/src/common/torint.h
@@ -329,7 +329,7 @@ typedef uint32_t uintptr_t;
 #endif
 #endif
-/* Any size_t larger than this amount is likely to be an underflow. */
+/** Any size_t larger than this amount is likely to be an underflow. */
 #define SIZE_T_CEILING (SSIZE_T_MAX-16)
#endif /* __TORINT_H */
diff --git a/src/common/torlog.h b/src/common/torlog.h
index 9b98bec..000e32d 100644
--- a/src/common/torlog.h
+++ b/src/common/torlog.h
@@ -99,6 +99,7 @@
  * immediately.  Used as a flag, not a log domain. */
 #define LD_NOCB (1u<<31)
+/** Mask of zero or more log domains, OR'd together. */
 typedef uint32_t log_domain_mask_t;
/** Configures which severities are logged for each logging domain for a given
diff --git a/src/or/main.h b/src/or/main.h
index d399aaa..ed0fb97 100644
--- a/src/or/main.h
+++ b/src/or/main.h
@@ -23,9 +23,11 @@ int connection_is_on_closeable_list(connection_t *conn);
smartlist_t *get_connection_array(void);
+/** Bitmask for events that we can turn on and off with
+ * connection_watch_events. */
 typedef enum watchable_events {
-  READ_EVENT=0x02,
-  WRITE_EVENT=0x04
+  READ_EVENT=0x02, /**< We want to know when a connection is readable */
+  WRITE_EVENT=0x04 /**< We want to know when a connection is writable */
 } watchable_events_t;
 void connection_watch_events(connection_t *conn, watchable_events_t events);
 int connection_is_reading(connection_t *conn);
diff --git a/src/or/ntmain.c b/src/or/ntmain.c
index 06ca2df..b2fee64 100644
--- a/src/or/ntmain.c
+++ b/src/or/ntmain.c
@@ -54,6 +54,11 @@ static int nt_service_cmd_stop(void);
 struct service_fns {
   int loaded;
+  /** @{ */
+  /** Function pointers for Windows API functions related to service
+   * management.  These are NULL, or they point to the .  They're set by
+   * calling the LOAD macro below.  */
+
   BOOL (WINAPI *ChangeServiceConfig2A_fn)(
                              SC_HANDLE hService,
                              DWORD dwInfoLevel,
@@ -122,6 +127,7 @@ struct service_fns {
                              LPTSTR ReferencedDomainName,
                              LPDWORD cchReferencedDomainName,
                              PSID_NAME_USE peUse);
+  /** @} */
 } service_fns = { 0,
                   NULL, NULL, NULL, NULL, NULL, NULL,
                   NULL, NULL, NULL, NULL, NULL, NULL,
@@ -144,6 +150,10 @@ nt_service_loadlibrary(void)
     goto err;
   }
+/* Helper macro: try to load a function named <b>f</b> from "library" into
+ * service_functions.<b>f</b>_fn.  On failure, log an error message, and goto
+ * err.
+ */
 #define LOAD(f) STMT_BEGIN                                              \
     if (!(fn = GetProcAddress(library, #f))) {                          \
       log_err(LD_BUG,                                                   \
diff --git a/src/or/or.h b/src/or/or.h
index 910bf8d..e3e01cf 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -848,9 +848,13 @@ typedef struct cell_t {
/** Parsed variable-length onion routing cell. */
 typedef struct var_cell_t {
+  /** Type of the cell: CELL_VERSIONS, etc. */
   uint8_t command;
+  /** Circuit thich received the cell */
   circid_t circ_id;
+  /** Number of bytes actually stored in <b>payload</b> */
   uint16_t payload_len;
+  /** Payload of this cell */
   uint8_t payload[1];
 } var_cell_t;
@@ -1679,8 +1683,13 @@ typedef struct networkstatus_v2_t {
                          * sorted by identity_digest. */
 } networkstatus_v2_t;
+/** Linked list of microdesc hash lines for a single router in a directory
+ * vote.
+ */
 typedef struct vote_microdesc_hash_t {
+  /** Next element in the list, or NULL. */
   struct vote_microdesc_hash_t *next;
+  /** The raw contents of the microdesc hash line, excluding the "m". */
   char *microdesc_hash_line;
 } vote_microdesc_hash_t;
@@ -1692,6 +1701,7 @@ typedef struct vote_routerstatus_t {
                    * networkstatus_t.known_flags. */
   char *version; /**< The version that the authority says this router is
                   * running. */
+  /** The hash or hashes that the authority claims this microdesc has. */
   vote_microdesc_hash_t *microdesc;
 } vote_routerstatus_t;
@@ -3218,8 +3228,19 @@ typedef struct {
 } fp_pair_t;
/********************************* dirserv.c ***************************/
+
+/** An enum to describe what format we're generating a routerstatus line in.
+ */
 typedef enum {
-  NS_V2, NS_V3_CONSENSUS, NS_V3_VOTE, NS_CONTROL_PORT,
+  /** For use in a v2 opinion */
+  NS_V2,
+  /** For use in a consensus networkstatus document (ns flavor) */
+  NS_V3_CONSENSUS,
+  /** For use in a vote networkstatus document */
+  NS_V3_VOTE,
+  /** For passing to the controlport in response to a GETINFO request */
+  NS_CONTROL_PORT,
+  /** For use in a consensus networkstatus document (microdesc flavor) */
   NS_V3_CONSENSUS_MICRODESC
 } routerstatus_format_type_t;
@@ -3236,9 +3257,14 @@ typedef struct measured_bw_line_t {
/** Describes the schedule by which votes should be generated. */
 typedef struct vote_timing_t {
+  /** Length in seconds between one consensus becoming valid and the next
+   * becoming valid. */
   int vote_interval;
+  /** For how many intervals is a consensus valid? */
   int n_intervals_valid;
+  /** Time in seconds allowed to propagate votes */
   int vote_delay;
+  /** Time in seconds allowed to propagate signatures */
   int dist_delay;
 } vote_timing_t;

    