man page entries for TunnelDirConns and PreferTunneledDirConns

and add a todo item for nick in case he gets bored :) svn:r9260
2024-11-27 13:53:31 +01:00 · 2007-01-04 04:35:18 +00:00 · 2007-01-04 04:35:18 +00:00 · 50f0e36094
commit 50f0e36094
parent 88c3c84bda
6 changed files with 26 additions and 21 deletions
--- a/4
+++ b/4
@ -35,8 +35,6 @@ Changes in version 0.1.2.5-alpha - 2007-01-03
      options files.
    - Reject *:563 (NTTPS) in the default exit policy. We already reject
      NNTP by default, so this seems like a sensible addition.
-    - Authorities do not recommend exits as guards if this would shift
-      excess load to the exit nodes.
    - Avoid some inadvertent info leaks by making clients reject hostnames
      with invalid characters. Add an option "AllowNonRFC953Hostnames"
      to disable this behavior, in case somebody is running a private
@ -44,7 +42,7 @@ Changes in version 0.1.2.5-alpha - 2007-01-03
    - Add a new address-spec.txt document to describe our special-case
      addresses: .exit, .onion, and .noconnnect.
    - Add a maintainer script to tell us which options are missing
-      documentation.
+      documentation: "make check-docs".
    - Remove some options that have been deprecated since at least 0.1.0.x:
      AccountingMaxKB, LogFile, DebugLogFile, LogLevel, and SysLog.  Use
      AccountingMax instead of AccountingMaxKB; use Log to set log options.
--- a/doc/TODO
+++ b/doc/TODO
@ -59,18 +59,13 @@ R     - handle connect-dir streams that don't have a chosen_exit_name set.
        o Implement
 R       - Hunt for places that change networkstatus info that I might have
          missed.
-R     . option to dl directory info via tor
-        o Make an option like __AllDirActionsPrivate that falls back to
-          non-Tor DL when not enough info present.  (TunnelDirConns).
-        - Set default to 0 before release candidate.
-        o Think harder about whether TunnelDirConns should be on
-          by default. No, they shouldn't, until we have much more of
-          blocking.pdf implemented.
-        o Handle case where we have no descriptors and so don't know who can
-          handle BEGIN_DIR.
-        - actually cause the directory.c functions to know about or_port
-          and use it when we're supposed to.
-        - man page items for TunnelDirConns and PreferTunneledDirConns
+
+  . option to dl directory info via tor:
+    TunnelDirConns and PreferTunneledDirConns
+R   - actually cause the directory.c functions to know about or_port
+      and use it when we're supposed to.
+N   - for tunneled edge conns, stop reading to the bridge connection
+      when the or_conn we're writing to has a full outbuf.

 N - DNS improvements
    . Asynchronous DNS
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@ -242,9 +242,14 @@ a limited number of writes.  (Default: 0)
 .LP
 .TP
 \fBTunnelDirConns \fR\fB0|\fR\fB1\fP
-If non-zero, try to have all directory info downloaded with encrypted
-connections.  (Default: 1)
-
+If non-zero, when a directory server we contact supports it, we will
+build a one-hop circuit and make an encrypted connection via its
+ORPort. (Default: 0)
+.LP
+.TP
+\fBPreferTunneledDirConns \fR\fB0|\fR\fB1\fP
+If non-zero, we will avoid directory servers that don't support tunneled
+directory connections, when possible. (Default: 0)

 .SH CLIENT OPTIONS
 .PP
--- a/src/or/config.c
+++ b/src/or/config.c
@ -347,6 +347,8 @@ static config_var_description_t options_description[] = {
    "provided IP address (only useful for multiple network interfaces)." },
  { "PIDFile", "On startup, write our PID to this file. On clean shutdown, "
    "remove the file." },
+  { "PreferTunneledDirConns", "If non-zero, avoid directory servers that "
+    "don't support tunneled conncetions." },
  /* PreferTunneledDirConns */
  /* ProtocolWarnings */
  /* RephistTrackTime */
@ -354,8 +356,9 @@ static config_var_description_t options_description[] = {
    "started.  Unix only." },
  { "SafeLogging", "If set to 0, Tor logs potentially sensitive strings "
    "rather than replacing them with the string [scrubbed]." },
-  { "TunnelDirConns", "If non-zero, try to have all directory info downloaded "
-    "via encrypted connections." },
+  { "TunnelDirConns", "If non-zero, when a directory server we contact "
+    "supports it, we will build a one-hop circuit and make an encrypted "
+    "connection via its ORPort." },
  { "User", "On startup, setuid to this user" },

  /* ==== client options */
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@ -322,7 +322,7 @@ connection_edge_finished_connecting(edge_connection_t *edge_conn)
 /** Define a schedule for how long to wait between retrying
 * application connections. Rather than waiting a fixed amount of
 * time between each retry, we wait 10 seconds each for the first
- *  two tries, and 15 seconds for each retry after
+ * two tries, and 15 seconds for each retry after
 * that. Hopefully this will improve the expected user experience. */
 static int
 compute_socks_timeout(edge_connection_t *conn)
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -1364,6 +1364,10 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
       * counting exit bandwidth. */
      /* Also, we might want to document the one-third behavior in
       * dir-spec.txt. */
+/* ChangeLog line when we reenable it:
+    - Authorities do not recommend exits as guards if this would shift
+      excess load to the exit nodes.
+*/
      smartlist_add(bandwidths, bw);
    }
  });