From 937607056b53bbb3d6c94b57d930e144de8e7c8c Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Mon, 21 Dec 2009 04:38:49 -0500 Subject: [PATCH] a changelog and doc fixes for the strictnodes work --- ChangeLog | 23 ++++++++++++++++++++++- doc/tor.1.in | 23 +++++++++++------------ src/or/config.c | 4 ++-- 3 files changed, 35 insertions(+), 15 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4fd40371ac..c7c8fcc655 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ Changes in version 0.2.2.7-alpha - 2009-??-?? - o Major features: + o Major features (performance): - When choosing which cells to relay first, we can now favor circuits that have been quiet recently, so as to get lower latency for low-volume circuits. By default, relays enable or disable this @@ -9,6 +9,27 @@ Changes in version 0.2.2.7-alpha - 2009-??-?? "CircuitPriorityHalflife" config option. Design and code by Ian Goldberg, Can Tang, and Chris Alexander. + o Major features (relay selection): + - Switch to a StrictNodes config option, rather than the previous + "StrictEntryNodes" / "StrictExitNodes" separation. + - If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes + change during a config reload, mark and discard all our origin + circuits. This fix should address edge cases where we change the + config options and but then choose a circuit that we created before + the change. + - If EntryNodes or ExitNodes are set, be more willing to use an + unsuitable (e.g. slow or unstable) circuit. The user asked for it, + they get it. + - Make EntryNodes config option much more aggressive even when + StrictNodes is not set. Before it would prepend your requested + entrynodes to your list of guard nodes, but feel free to use others + after that. Now it chooses only from your EntryNodes if any of + those are available, and only falls back to others if a) they're + all down and b) StrictNodes is not set. + - Now we refresh your entry guards from EntryNodes at each consensus + fetch -- rather than just at startup and then they slowly rot as + the network changes. + o Minor features: - New config option "CircuitStreamTimeout" to override our internal timeout schedule for how many seconds until we detach a stream from diff --git a/doc/tor.1.in b/doc/tor.1.in index 8a34b63f21..b08e670352 100644 --- a/doc/tor.1.in +++ b/doc/tor.1.in @@ -515,26 +515,25 @@ list. .TP \fBEntryNodes \fR\fInode\fR,\fInode\fR,\fI...\fP A list of identity fingerprints, nicknames, country codes and address patterns -of nodes to use for the first hop in the circuit. -These are treated only as preferences unless StrictEntryNodes (see +of nodes to use for the first hop in normal circuits. +These are treated only as preferences unless StrictNodes (see below) is also set. .LP .TP \fBExitNodes \fR\fInode\fR,\fInode\fR,\fI...\fP A list of identity fingerprints, nicknames, country codes and address patterns -of nodes to use for the last hop in the circuit. -These are treated only as preferences unless StrictExitNodes (see +of nodes to use for the last hop in normal exit circuits. +These are treated only as preferences unless StrictNodes (see below) is also set. .LP .TP -\fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP -If 1, Tor will never use any nodes besides those listed in "EntryNodes" for -the first hop of a circuit. -.LP -.TP -\fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP -If 1, Tor will never use any nodes besides those listed in "ExitNodes" for -the last hop of a circuit. +\fBStrictNodes \fR\fB0\fR|\fB1\fR\fP +If 1 and EntryNodes config option is set, Tor will never use any +nodes besides those listed in EntryNodes for the first hop of a normal +circuit. If 1 and ExitNodes config option is set, Tor will never use any +nodes besides those listed in ExitNodes for the last hop of a normal exit +circuit. Note that Tor might still use these nodes for non-exit circuits +such as one-hop directory fetches or hidden service support circuits. .LP .TP \fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP diff --git a/src/or/config.c b/src/or/config.c index 0f6d99765f..e07a8250ee 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -551,8 +551,8 @@ static config_var_description_t options_description[] = { "to the SOCKSPort." }, /* SocksTimeout */ { "StrictNodes", "If set, Tor will fail to operate when none of the " - "configured EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes " - "can be used." }, + "configured EntryNodes or ExitNodes can be used (or if the usable ones " + "are listed in ExcludeNodes or ExcludeExitNodes)." }, /* TestSocks */ { "TrackHostsExit", "Hosts and domains which should, if possible, be " "accessed from the same exit node each time we connect to them." },