diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 626aff7bb7..370e2c0b74 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -62,6 +62,7 @@
 #include "entry_connection_st.h"
 #include "or_circuit_st.h"
 #include "origin_circuit_st.h"
+#include "socks_request_st.h"
 
 static void circuit_expire_old_circuits_clientside(void);
 static void circuit_increment_failure_count(void);
diff --git a/src/or/connection.c b/src/or/connection.c
index 867c4d72db..283f096528 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -119,6 +119,7 @@
 #include "listener_connection_st.h"
 #include "or_connection_st.h"
 #include "port_cfg_st.h"
+#include "socks_request_st.h"
 
 static connection_t *connection_listener_new(
                                const struct sockaddr *listensockaddr,
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 27ee0ea279..ce018e8742 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -102,6 +102,7 @@
 #include "entry_connection_st.h"
 #include "or_circuit_st.h"
 #include "origin_circuit_st.h"
+#include "socks_request_st.h"
 
 #ifdef HAVE_LINUX_TYPES_H
 #include <linux/types.h>
diff --git a/src/or/control.c b/src/or/control.c
index 966ddfa8c5..20da122596 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -90,6 +90,7 @@
 #include "rend_authorized_client_st.h"
 #include "rend_encoded_v2_service_descriptor_st.h"
 #include "rend_service_descriptor_st.h"
+#include "socks_request_st.h"
 
 #ifndef _WIN32
 #include <pwd.h>
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index 020cabb162..c286d4f93b 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -33,6 +33,7 @@
 #include "control_connection_st.h"
 #include "entry_connection_st.h"
 #include "listener_connection_st.h"
+#include "socks_request_st.h"
 
 #include <event2/dns.h>
 #include <event2/dns_compat.h>
diff --git a/src/or/include.am b/src/or/include.am
index 87a353828b..4e0e1e9a4e 100644
--- a/src/or/include.am
+++ b/src/or/include.am
@@ -294,6 +294,7 @@ ORHEADERS = \
 	src/or/scheduler.h				\
 	src/or/server_port_cfg_st.h			\
 	src/or/shared_random_client.h			\
+	src/or/socks_request_st.h			\
 	src/or/statefile.h				\
 	src/or/status.h					\
 	src/or/torcert.h				\
diff --git a/src/or/main.c b/src/or/main.c
index 7b60101702..0daebfc4fd 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -125,6 +125,7 @@
 #include "entry_connection_st.h"
 #include "or_connection_st.h"
 #include "port_cfg_st.h"
+#include "socks_request_st.h"
 
 #ifdef HAVE_SYSTEMD
 #   if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
diff --git a/src/or/or.h b/src/or/or.h
index 5707e02027..19d0bb2ab6 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3587,54 +3587,6 @@ typedef struct {
 #define SOCKS_COMMAND_IS_RESOLVE(c) ((c)==SOCKS_COMMAND_RESOLVE || \
                                      (c)==SOCKS_COMMAND_RESOLVE_PTR)
 
-/** State of a SOCKS request from a user to an OP.  Also used to encode other
- * information for non-socks user request (such as those on TransPort and
- * DNSPort) */
-struct socks_request_t {
-  /** Which version of SOCKS did the client use? One of "0, 4, 5" -- where
-   * 0 means that no socks handshake ever took place, and this is just a
-   * stub connection (e.g. see connection_ap_make_link()). */
-  uint8_t socks_version;
-  /** If using socks5 authentication, which authentication type did we
-   * negotiate?  currently we support 0 (no authentication) and 2
-   * (username/password). */
-  uint8_t auth_type;
-  /** What is this stream's goal? One of the SOCKS_COMMAND_* values */
-  uint8_t command;
-  /** Which kind of listener created this stream? */
-  uint8_t listener_type;
-  size_t replylen; /**< Length of <b>reply</b>. */
-  uint8_t reply[MAX_SOCKS_REPLY_LEN]; /**< Write an entry into this string if
-                                    * we want to specify our own socks reply,
-                                    * rather than using the default socks4 or
-                                    * socks5 socks reply. We use this for the
-                                    * two-stage socks5 handshake.
-                                    */
-  char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to
-                                       connect to/resolve? */
-  uint16_t port; /**< What port did the client ask to connect to? */
-  unsigned int has_finished : 1; /**< Has the SOCKS handshake finished? Used to
-                              * make sure we send back a socks reply for
-                              * every connection. */
-  unsigned int got_auth : 1; /**< Have we received any authentication data? */
-  /** If this is set, we will choose "no authentication" instead of
-   * "username/password" authentication if both are offered. Used as input to
-   * parse_socks. */
-  unsigned int socks_prefer_no_auth : 1;
-
-  /** Number of bytes in username; 0 if username is NULL */
-  size_t usernamelen;
-  /** Number of bytes in password; 0 if password is NULL */
-  uint8_t passwordlen;
-  /** The negotiated username value if any (for socks5), or the entire
-   * authentication string (for socks4).  This value is NOT nul-terminated;
-   * see usernamelen for its length. */
-  char *username;
-  /** The negotiated password value if any (for socks5). This value is NOT
-   * nul-terminated; see passwordlen for its length. */
-  char *password;
-};
-
 /********************************* circuitbuild.c **********************/
 
 /** How many hops does a general-purpose circuit have by default? */
diff --git a/src/or/proto_socks.c b/src/or/proto_socks.c
index 57a7d1cd64..1b67c6c28b 100644
--- a/src/or/proto_socks.c
+++ b/src/or/proto_socks.c
@@ -14,6 +14,8 @@
 #include "proto_socks.h"
 #include "reasons.h"
 
+#include "socks_request_st.h"
+
 static void socks_request_set_socks5_error(socks_request_t *req,
                               socks5_reply_status_t reason);
 
diff --git a/src/or/relay.c b/src/or/relay.c
index 127609a2b9..1eaf6f7dba 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -87,6 +87,7 @@
 #include "entry_connection_st.h"
 #include "or_circuit_st.h"
 #include "origin_circuit_st.h"
+#include "socks_request_st.h"
 
 static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell,
                                             cell_direction_t cell_direction,
diff --git a/src/or/socks_request_st.h b/src/or/socks_request_st.h
new file mode 100644
index 0000000000..debf87bf08
--- /dev/null
+++ b/src/or/socks_request_st.h
@@ -0,0 +1,59 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef SOCKS_REQUEST_ST_H
+#define SOCKS_REQUEST_ST_H
+
+/** State of a SOCKS request from a user to an OP.  Also used to encode other
+ * information for non-socks user request (such as those on TransPort and
+ * DNSPort) */
+struct socks_request_t {
+  /** Which version of SOCKS did the client use? One of "0, 4, 5" -- where
+   * 0 means that no socks handshake ever took place, and this is just a
+   * stub connection (e.g. see connection_ap_make_link()). */
+  uint8_t socks_version;
+  /** If using socks5 authentication, which authentication type did we
+   * negotiate?  currently we support 0 (no authentication) and 2
+   * (username/password). */
+  uint8_t auth_type;
+  /** What is this stream's goal? One of the SOCKS_COMMAND_* values */
+  uint8_t command;
+  /** Which kind of listener created this stream? */
+  uint8_t listener_type;
+  size_t replylen; /**< Length of <b>reply</b>. */
+  uint8_t reply[MAX_SOCKS_REPLY_LEN]; /**< Write an entry into this string if
+                                    * we want to specify our own socks reply,
+                                    * rather than using the default socks4 or
+                                    * socks5 socks reply. We use this for the
+                                    * two-stage socks5 handshake.
+                                    */
+  char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to
+                                       connect to/resolve? */
+  uint16_t port; /**< What port did the client ask to connect to? */
+  unsigned int has_finished : 1; /**< Has the SOCKS handshake finished? Used to
+                              * make sure we send back a socks reply for
+                              * every connection. */
+  unsigned int got_auth : 1; /**< Have we received any authentication data? */
+  /** If this is set, we will choose "no authentication" instead of
+   * "username/password" authentication if both are offered. Used as input to
+   * parse_socks. */
+  unsigned int socks_prefer_no_auth : 1;
+
+  /** Number of bytes in username; 0 if username is NULL */
+  size_t usernamelen;
+  /** Number of bytes in password; 0 if password is NULL */
+  uint8_t passwordlen;
+  /** The negotiated username value if any (for socks5), or the entire
+   * authentication string (for socks4).  This value is NOT nul-terminated;
+   * see usernamelen for its length. */
+  char *username;
+  /** The negotiated password value if any (for socks5). This value is NOT
+   * nul-terminated; see passwordlen for its length. */
+  char *password;
+};
+
+#endif
+
diff --git a/src/test/fuzz/fuzz_http_connect.c b/src/test/fuzz/fuzz_http_connect.c
index 4b1ea8c721..255a34169c 100644
--- a/src/test/fuzz/fuzz_http_connect.c
+++ b/src/test/fuzz/fuzz_http_connect.c
@@ -16,6 +16,7 @@
 #include "torlog.h"
 
 #include "entry_connection_st.h"
+#include "socks_request_st.h"
 
 #include "fuzzing.h"
 
diff --git a/src/test/test_connection.c b/src/test/test_connection.c
index 9f50d9f845..93d5dc8469 100644
--- a/src/test/test_connection.c
+++ b/src/test/test_connection.c
@@ -27,6 +27,7 @@
 #include "dir_connection_st.h"
 #include "entry_connection_st.h"
 #include "or_connection_st.h"
+#include "socks_request_st.h"
 
 static void * test_conn_get_basic_setup(const struct testcase_t *tc);
 static int test_conn_get_basic_teardown(const struct testcase_t *tc,
diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c
index ec8d7196ec..1c1eda02f1 100644
--- a/src/test/test_entryconn.c
+++ b/src/test/test_entryconn.c
@@ -20,6 +20,7 @@
 #include "rendcache.h"
 
 #include "entry_connection_st.h"
+#include "socks_request_st.h"
 
 static void *
 entryconn_rewrite_setup(const struct testcase_t *tc)
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index 98e95be09a..b75e743d3c 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -42,6 +42,7 @@
 #include "dir_connection_st.h"
 #include "entry_connection_st.h"
 #include "origin_circuit_st.h"
+#include "socks_request_st.h"
 
 static int
 mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn)
diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c
index 0d78f97d8b..b5aba766d9 100644
--- a/src/test/test_relaycell.c
+++ b/src/test/test_relaycell.c
@@ -19,6 +19,7 @@
 #include "crypt_path_st.h"
 #include "entry_connection_st.h"
 #include "origin_circuit_st.h"
+#include "socks_request_st.h"
 
 static int srm_ncalls;
 static entry_connection_t *srm_conn;
diff --git a/src/test/test_socks.c b/src/test/test_socks.c
index 8da7191e82..6c266438e8 100644
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -9,6 +9,7 @@
 #include "proto_socks.h"
 #include "test.h"
 #include "log_test_helpers.h"
+#include "socks_request_st.h"
 
 typedef struct socks_test_data_t {
   socks_request_t *req;