Nick Mathewson
48a6816eb5
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-08-31 18:39:27 -04:00
Nick Mathewson
b17bb543da
Merge branch 'bug6732' into maint-0.2.3
2012-08-31 18:39:11 -04:00
Nick Mathewson
774979ca45
Document consensus and microdesc files
...
Bugfix for #6732 .
2012-08-31 11:35:47 -04:00
Nick Mathewson
0c5a44ed0a
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-08-27 16:16:27 -04:00
Nick Mathewson
b7c172c9ec
Disable extending to private/internal addresses by default
...
This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Nick Mathewson
0867479e3e
Add some attributes to make a2x quieter
2012-08-23 13:19:54 -04:00
Nick Mathewson
e6d61ee594
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-07-31 10:18:05 -04:00
Nick Mathewson
d9bd0de062
Fix some manpage typos
...
This is based on a pair of patches from A. Costa. I couldn't apply
those directly, since they changed the generated *roff files, not
the asciidoc source.
Fixes Tor bug 6500 and Debian bug 683359.
2012-07-31 10:16:03 -04:00
Linus Nordberg
fff842a47c
Add config option AuthDirPublishIPv6.
...
Test for config option AuthDirPublishIPv6 == 1 rather than for running
as a bridge authority when deciding whether to care or not about IPv6
OR ports in descriptors.
Implements enhancement #6406 .
2012-07-19 17:51:15 -04:00
Linus Nordberg
044da1bf0f
Add configure option AuthDirHasIPv6Connectivity.
...
Implements enhancement 5974.
2012-07-19 18:21:22 +02:00
Nick Mathewson
9ad5b25930
Improve Alternate*Authority docs. Bug 6387.
2012-07-16 11:21:20 -04:00
Nick Mathewson
f5e86bcd6c
Document 0.2.3.x torrc/default-torrc/command line semantics changes
...
Bug 4748
squash! Document 0.2.3.x torrc/default-torrc/command line semantics changes
Incorporates fixes suggested by rransom.
2012-06-18 12:01:27 -04:00
Roger Dingledine
427d4dd148
fix typos, logic error, default in man page
2012-06-15 03:25:27 -04:00
Mike Perry
8d59690033
Defend against entry node path bias attacks
...
The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.
If the failure rate exceeds a certain amount, a notice is emitted.
If it exceeds a greater amount, a warn is emitted and the guard is disabled.
These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
2012-06-14 13:19:56 -07:00
Nick Mathewson
75706527c1
Document --hush; fix documentation for --quiet.
2012-06-14 14:58:51 -04:00
Nick Mathewson
70910479e3
Merge remote-tracking branch 'public/bug5598'
...
Conflicts:
doc/tor.1.txt
Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
2d127eacd9
List defaults consistently in manpage
...
Nearly everywhere, we end options with "(Default: foo)". But in a
few places, we inserted an extra period after or before the close
parenthesis, and in a few other places we said "(Defaults to foo)".
Let's not do that.
2012-06-11 09:52:43 -04:00
Nick Mathewson
b74f851861
Correct the defaults for the *Statistics options
2012-06-07 13:46:51 -04:00
Nick Mathewson
8a341cc429
Change the default for DynamicDHGroups to 0
...
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721 ) and bridge
tracing (#6087 ) regressions.
We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088 ). Before we can do so, we need a fix for bugs #6087 and
Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
f4db3e2631
clarify that LongLivedPorts is for hidden services too
2012-06-03 21:07:34 -04:00
Nick Mathewson
f00a8b4307
Another dirport/orport correction; this one from "cypherpunks"
2012-05-16 15:45:20 -04:00
Nick Mathewson
400c7ce2b6
Document that the ORPort flags apply to DirPort too. (thanks, Roger.)
2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07
5597: document new ORPort options
2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45
Clarify SessionGroup documentation. Bug 5437.
2012-05-16 14:43:11 -04:00
Nick Mathewson
82ce43a706
Merge remote-tracking branch 'public/bug3964'
2012-05-16 11:33:52 -04:00
Nick Mathewson
1150b6b43e
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-05-15 11:23:06 -04:00
Nick Mathewson
8e07798284
Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259.
2012-05-15 11:22:06 -04:00
Nick Mathewson
dc60b5d6a7
Improve our documentation for the NT Service command line options
...
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa
Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
...
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Daniel 'koolfy' Faucon
42143979d8
Add a warning about settign a bridge in MyFamily
2012-04-02 18:16:14 -04:00
Roger Dingledine
c7cbd06d5f
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/config.c
2012-04-01 16:03:16 -04:00
Roger Dingledine
40ab832c4e
BridgePassword was never for debugging
...
It is for the not-yet-implemented bridge community design.
2012-04-01 15:59:00 -04:00
Roger Dingledine
92862c6d48
Merge branch 'maint-0.2.2'
2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919
Update "ClientOnly" man page entry
...
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
George Kadianakis
8265a9e5b1
Better documentation of transport-related torrc options.
...
Document ServerTransportPlugin and the managed proxy version of
ClientTransportPlugin.
2012-01-21 16:28:48 +02:00
Nick Mathewson
b14ac10b7f
Add missing documentation for some options introduced in 0.2.3.x
2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c
Documentation for GiveGuardFlagTo... option
2012-01-18 14:44:29 -05:00
Roger Dingledine
1e923dd2fb
fix crash bug in original feature4207 branch
...
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Sebastian Hahn
98959f63ac
Disallow disabling DisableDebuggerAttachment on runnning Tor
...
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
c6a8ee36fb
Move description of HidServAuth out of the FascistFirewall group
2011-12-27 08:02:41 -08:00
Nick Mathewson
d04f21bf39
Merge branch 'feature2553-v4-rebased'
2011-11-30 14:54:33 -05:00
Arturo Filastò
db648fe886
Add some more documentation
2011-11-30 14:54:15 -05:00
Nick Mathewson
3b88b63826
Merge branch 'bug933_nm_rebased_v2'
...
Conflicts:
src/test/test.c
2011-11-30 14:10:22 -05:00
Nick Mathewson
00ecc22126
Revise MapAddress manpage
...
make the asciidoc work; make the example more generic; tighten the
prose a little; be more specific that *.example.com matches
example.com; simplify an example.
2011-11-30 14:08:11 -05:00
Robert Hogan
53ce6bb52d
Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:8
...
1. Only allow '*.' in MapAddress expressions. Ignore '*ample.com' and '.example.com'.
This has resulted in a slight refactoring of config_register_addressmaps.
2. Add some more detail to the man page entry for AddressMap.
3. Fix initialization of a pointer to NULL rather than 0.
4. Update the unit tests to cater for the changes in 1 and test more explicitly for
recursive mapping.
2011-11-30 14:08:10 -05:00
Robert Hogan
909e9769ec
Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:4
...
1. Implement the following mapping rules:
MapAddress a.b.c d.e.f # This is what we have now
MapAddress .a.b.c d.e.f # Replaces any address ending with .a.b.c with d.e.f
MapAddress .a.b.c .d.e.f # Replaces the .a.b.c at the end of any addr with .d.e.f
(Note that 'a.b.c .d.e.f' is invalid, and will be rejected.)
2. Add tests for the new rules.
3. Allow proper wildcard annotation, i.e. '*.d.e' '.d.e' will still work.
4. Update addressmap_entry_t with an is_wildcard member.
2011-11-30 14:08:10 -05:00
Robert Hogan
c6d8c6baaa
bug933 - Match against super-domains in MapAddress
...
Allow MapAddress to handle directives such as:
MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1
Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
e718397880
Correct manpage entry for DynamicDHGroups
2011-11-29 18:42:49 -05:00
Nick Mathewson
da6c136817
Merge remote-tracking branch 'asn-mytor/bug4548_take2'
2011-11-29 18:30:41 -05:00
Nick Mathewson
f4d8ed4b28
Manpage for DisableNetwork
2011-11-28 16:01:47 -05:00
Nick Mathewson
68114ca52c
Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
...
Conflicts:
src/or/config.c
2011-11-24 23:38:32 -05:00
George Kadianakis
21babd152e
Document DynamicPrimes in the manual page.
2011-11-24 22:13:26 +01:00
Robert Ransom
b2212bf9b4
Add Tor2webMode configuration option
2011-11-24 03:54:32 -08:00
Roger Dingledine
023d8b6cf8
update the man page for the new AuthDirFastGuarantee value
2011-11-21 18:45:44 -05:00
Roger Dingledine
6a76007b08
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
97a209ea28
man page entries for AuthDir{Fast,GuardBW}Guarantee
2011-11-21 18:32:32 -05:00
Nick Mathewson
21dd6eae9e
Merge remote-tracking branch 'asn-mytor/bug4012_clienttransportplugin'
2011-11-07 11:37:29 -05:00
George Kadianakis
1c532594e7
Added man entry for ClientTransportPlugin.
2011-11-06 00:50:22 +01:00
Roger Dingledine
350fe95259
fix grammar in man page entries from proposal 171
2011-11-03 19:08:25 -04:00
Roger Dingledine
a518dd6650
Merge branch 'maint-0.2.2'
2011-10-25 19:34:42 -04:00
Roger Dingledine
ac115f1125
unmangle the fingerprint example in the man page
...
Remove a confusing dollar sign from the example fingerprint in the
man page, and also make example fingerprint a valid one.
2011-10-25 18:24:37 -04:00
Roger Dingledine
0e4f5e7cb1
fix default for TokenBucketRefillInterval in man page
2011-09-28 18:23:17 -04:00
Nick Mathewson
41dfc4c19c
Make bufferevents work with TokenBucketRefillInterval
2011-09-22 15:07:34 -04:00
Nick Mathewson
1e61184628
Make documentation for TokenBucketRefillInterval match its behavior
2011-09-22 15:07:34 -04:00
Florian Tschorsch
6b1d8321ae
New torrc option to allow bucket refill intervals of less than 1 sec
...
Implements bug3630.
2011-09-22 15:07:23 -04:00
Nick Mathewson
41eef6680e
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/dirserv.c
src/or/networkstatus.c
Conflicts were related to routerinfo->node shift.
2011-09-07 14:51:55 -04:00
Nick Mathewson
dfa6cde4d4
Merge remote-tracking branch 'public/bug2649_squashed' into maint-0.2.2
2011-09-07 14:43:06 -04:00
Roger Dingledine
fe0fa91164
Merge branch 'maint-0.2.2'
2011-09-02 07:23:37 -04:00
Roger Dingledine
e0dae64449
Correct man page: multiple control auth styles can be set at once
2011-09-02 07:01:55 -04:00
Nick Mathewson
372262b458
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-08-25 18:55:28 -04:00
Sebastian Hahn
cc33ac362b
Mention that HiddenServiceDir must exist
2011-08-25 22:26:54 +02:00
Nick Mathewson
6e923ed8cd
Add an OptimisticData option to control client-side optimistic data
2011-07-20 14:14:21 -04:00
Nick Mathewson
12dfb4f5d8
Use socks username/password information in stream isolation
2011-07-19 02:44:12 -04:00
Nick Mathewson
891ccd3cd0
Manpage updates for proposal 171 (isolated streams)
2011-07-19 02:02:18 -04:00
Nick Mathewson
eee942c5be
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-07-06 10:56:47 -04:00
Sebastian Hahn
1a016c9233
Fix weird formatting of html manpage
...
Asciidoc was inserting <pre> tags for paragraphs that started with a
'+' at the beginning of the line. Instead, we need a space in front of
the plus.
2011-07-06 10:47:06 +02:00
intrigeri
8b265543eb
Add port 6523 (Gobby) to LongLivedPorts.
2011-06-20 12:08:46 -04:00
Nick Mathewson
a046966baf
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/config.c
src/or/or.h
2011-06-19 21:00:15 -04:00
Nick Mathewson
cabb16caa9
Revert "Update man page for new UseBridges tristate behaviour."
...
This reverts commit 40cfad1b5a
.
2011-06-17 16:45:23 -04:00
Robert Ransom
f45261cb29
Increase default required uptime for HSDirs to 25 hours
2011-06-03 12:17:53 -04:00
Robert Ransom
1546054d81
Add a VoteOnHidServDirectoriesV2 configuration option
2011-06-03 12:16:55 -04:00
Nick Mathewson
13ec1bf5c2
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-06-03 10:47:35 -04:00
anonym
40cfad1b5a
Update man page for new UseBridges tristate behaviour.
2011-06-02 15:11:21 -04:00
Jacob Appelbaum
f79a75f597
New configuration option: DisableDebuggerAttachment
...
If set to 1, Tor will attempt to prevent basic debugging
attachment attempts by other processes. (Default: 1)
Supports Mac OS X and Gnu/Linux.
Sebastian provided useful feedback and refactoring suggestions.
Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
2011-06-01 17:35:43 -07:00
Nick Mathewson
4ac8ff9c9f
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-05-15 20:22:44 -04:00
Sebastian Hahn
4198261291
Clean up the 2972 implementation a little
2011-05-15 20:20:28 -04:00
Jérémy Bobbio
d41ac64ad6
Add UnixSocketsGroupWritable config flag
...
When running a system-wide instance of Tor on Unix-like systems, having
a ControlSocket is a quite handy mechanism to access Tor control
channel. But it would be easier if access to the Unix domain socket can
be granted by making control users members of the group running the Tor
process.
This change introduces a UnixSocketsGroupWritable option, which will
create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
ControlSocket to offer same access control measures than
ControlPort+CookieAuthFileGroupReadable.
See <http://bugs.debian.org/552556 > for more details.
2011-05-15 20:20:28 -04:00
Nick Mathewson
600744b4be
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/config.c
src/or/dirserv.c
src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
7f654a6a6f
Add a ControlPortFileGroupWritable option
2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6
Write automatically-chosen control ports to a file.
2011-05-13 10:41:28 -04:00
Nick Mathewson
5fec8fe559
"(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
...
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
8fa7bcead5
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-05-12 11:36:41 -04:00
Nick Mathewson
2c88dd7f95
Clean up a formatting issue on the manpge; bug3154.
2011-05-12 11:36:20 -04:00
Nick Mathewson
e6980faec4
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/directory.c
2011-05-09 13:39:51 -04:00
Nick Mathewson
09d7af7789
Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2
2011-05-09 13:37:56 -04:00
Nick Mathewson
4c9bd06d0d
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-05-04 17:38:33 -04:00