Nick Mathewson
90f6071d8d
New FallbackDir option to add extra directories for bootstraping
...
This replaces the old FallbackConsensus notion, and should provide a
way -- assuming we pick reasonable nodes! -- to give clients
suggestions of placs to go to get their first consensus.
2012-12-06 11:28:49 -05:00
Nick Mathewson
ded70363a7
Rename DirServer to DirAuthority
2012-12-06 11:23:43 -05:00
Nick Mathewson
190c1d4981
Merge branch 'bug7013_take2_squashed'
2012-11-27 22:18:16 -05:00
George Kadianakis
f88c303869
Add a torrc option to specify the bind address of managed proxies.
2012-11-27 22:18:08 -05:00
Nick Mathewson
61d740ed01
Add manual page entries for new IPv6-exits options
2012-11-14 23:35:13 -05:00
Karsten Loesing
c03e3d66a9
Minor tweaks and comments to nils' geoip v6 code.
2012-10-17 10:54:52 +02:00
nils
abb886014e
Add GeoIP database for IPv6 addresses
2012-10-17 10:54:52 +02:00
Roger Dingledine
0b598cb2bb
Say "KBytes" rather than "KB" in the man page
...
(for various values of K), to further reduce confusion about whether
Tor counts in units of memory or fractions of units of memory. Fixes
bug 7054.
2012-10-06 01:57:13 -04:00
Linus Nordberg
1cbf45bed1
Make option OutboundBindAddress accept IPv6 addresses too.
...
Implements ticket 6786.
2012-09-20 17:09:25 +02:00
Nick Mathewson
f612a9eb1b
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-09-19 08:26:07 -04:00
Nick Mathewson
b9c86948e4
Clarify that hidden services are TCP only
...
Also remove some trailing whitespace.
Patch from maker; fixes bug 6024.
2012-09-19 08:19:21 -04:00
Roger Dingledine
9ab3b332ae
Merge branch 'maint-0.2.3'
2012-09-14 02:41:13 -04:00
Robert Ransom
909691f1ae
Fix man page typo
2012-09-13 23:25:03 -07:00
Roger Dingledine
e1e34ee4e4
raise bandwidthrate/bandwidthburst to a new "infinite"
...
addresses bug 6605.
2012-09-10 03:03:06 -04:00
Roger Dingledine
6f82ae44cb
Merge branch 'maint-0.2.3'
2012-09-05 16:41:43 -04:00
Roger Dingledine
97dbff51e6
Update the minimum bandwidth for a public relay
...
The current cutoff is 30KB, but in reality a useful cutoff is probably
more like 50KB or 100KB.
2012-09-05 16:40:57 -04:00
Nick Mathewson
116c8409ba
Merge remote-tracking branch 'linus/bug6770_3'
...
Conflicts:
doc/tor.1.txt
src/or/config.c
2012-09-05 11:35:26 -04:00
Linus Nordberg
f7c97cd40b
Remove AuthDirPublishIPv6 and let AuthDirHasIPv6Connectivity fill its function.
...
See #4771 for rationale.
Note that this patch does not take suggested changes in #4470 into
account and keeps treating AuthDirHasIPv6Connectivity as an
AUTOBOOL. Thus, bug fixes for that are included here as well.
This is a fix on master, unreleased as of now.
2012-09-05 13:35:39 +02:00
Linus Nordberg
0e53742a85
Make AuthDirHasIPv6Connectivity a BOOL.
...
This is a fix of unreleased tor. It solves ticket #6770 .
2012-09-05 12:47:01 +02:00
Roger Dingledine
67065c3c06
minor typos i found while constructing the changelog
2012-09-05 04:46:27 -04:00
Linus Nordberg
e04e1a2e7d
Clients connect to public relays over IPv6.
...
Add ClientUseIPv6 and ClientPreferIPv6ORPort configuration options.
Use "preferred OR port" for all entry nodes, not only for bridges.
Mark bridges with "prefer IPv6 OR port" if an IPv6 address is
configured in Bridge line and ClientPreferIPv6ORPort is set.
Mark relays with "prefer IPv6 OR port" if an IPv6 address is found in
descriptor and ClientPreferIPv6ORPort is set.
Filter "preferred OR port" through the ClientUseIPv6 config option. We
might want to move this test to where actual connection is being set
up once we have a fall back mechanism in place.
Have only non-servers pick an IPv6 address for the first hop: We
don't want relays to connect over IPv6 yet. (IPv6 has never been used
for second or third hops.)
Implements ticket 5535.
2012-09-04 12:57:21 -04:00
Nick Mathewson
48a6816eb5
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-08-31 18:39:27 -04:00
Nick Mathewson
b17bb543da
Merge branch 'bug6732' into maint-0.2.3
2012-08-31 18:39:11 -04:00
Nick Mathewson
774979ca45
Document consensus and microdesc files
...
Bugfix for #6732 .
2012-08-31 11:35:47 -04:00
Nick Mathewson
0c5a44ed0a
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-08-27 16:16:27 -04:00
Nick Mathewson
b7c172c9ec
Disable extending to private/internal addresses by default
...
This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Nick Mathewson
0867479e3e
Add some attributes to make a2x quieter
2012-08-23 13:19:54 -04:00
Nick Mathewson
e6d61ee594
Merge remote-tracking branch 'origin/maint-0.2.3'
2012-07-31 10:18:05 -04:00
Nick Mathewson
d9bd0de062
Fix some manpage typos
...
This is based on a pair of patches from A. Costa. I couldn't apply
those directly, since they changed the generated *roff files, not
the asciidoc source.
Fixes Tor bug 6500 and Debian bug 683359.
2012-07-31 10:16:03 -04:00
Linus Nordberg
fff842a47c
Add config option AuthDirPublishIPv6.
...
Test for config option AuthDirPublishIPv6 == 1 rather than for running
as a bridge authority when deciding whether to care or not about IPv6
OR ports in descriptors.
Implements enhancement #6406 .
2012-07-19 17:51:15 -04:00
Linus Nordberg
044da1bf0f
Add configure option AuthDirHasIPv6Connectivity.
...
Implements enhancement 5974.
2012-07-19 18:21:22 +02:00
Nick Mathewson
9ad5b25930
Improve Alternate*Authority docs. Bug 6387.
2012-07-16 11:21:20 -04:00
Nick Mathewson
f5e86bcd6c
Document 0.2.3.x torrc/default-torrc/command line semantics changes
...
Bug 4748
squash! Document 0.2.3.x torrc/default-torrc/command line semantics changes
Incorporates fixes suggested by rransom.
2012-06-18 12:01:27 -04:00
Roger Dingledine
427d4dd148
fix typos, logic error, default in man page
2012-06-15 03:25:27 -04:00
Mike Perry
8d59690033
Defend against entry node path bias attacks
...
The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.
If the failure rate exceeds a certain amount, a notice is emitted.
If it exceeds a greater amount, a warn is emitted and the guard is disabled.
These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
2012-06-14 13:19:56 -07:00
Nick Mathewson
75706527c1
Document --hush; fix documentation for --quiet.
2012-06-14 14:58:51 -04:00
Nick Mathewson
70910479e3
Merge remote-tracking branch 'public/bug5598'
...
Conflicts:
doc/tor.1.txt
Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
2d127eacd9
List defaults consistently in manpage
...
Nearly everywhere, we end options with "(Default: foo)". But in a
few places, we inserted an extra period after or before the close
parenthesis, and in a few other places we said "(Defaults to foo)".
Let's not do that.
2012-06-11 09:52:43 -04:00
Nick Mathewson
b74f851861
Correct the defaults for the *Statistics options
2012-06-07 13:46:51 -04:00
Nick Mathewson
8a341cc429
Change the default for DynamicDHGroups to 0
...
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721 ) and bridge
tracing (#6087 ) regressions.
We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088 ). Before we can do so, we need a fix for bugs #6087 and
Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
f4db3e2631
clarify that LongLivedPorts is for hidden services too
2012-06-03 21:07:34 -04:00
Nick Mathewson
f00a8b4307
Another dirport/orport correction; this one from "cypherpunks"
2012-05-16 15:45:20 -04:00
Nick Mathewson
400c7ce2b6
Document that the ORPort flags apply to DirPort too. (thanks, Roger.)
2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07
5597: document new ORPort options
2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45
Clarify SessionGroup documentation. Bug 5437.
2012-05-16 14:43:11 -04:00
Nick Mathewson
82ce43a706
Merge remote-tracking branch 'public/bug3964'
2012-05-16 11:33:52 -04:00
Nick Mathewson
1150b6b43e
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-05-15 11:23:06 -04:00
Nick Mathewson
8e07798284
Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259.
2012-05-15 11:22:06 -04:00
Nick Mathewson
dc60b5d6a7
Improve our documentation for the NT Service command line options
...
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa
Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
...
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Daniel 'koolfy' Faucon
42143979d8
Add a warning about settign a bridge in MyFamily
2012-04-02 18:16:14 -04:00
Roger Dingledine
c7cbd06d5f
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/config.c
2012-04-01 16:03:16 -04:00
Roger Dingledine
40ab832c4e
BridgePassword was never for debugging
...
It is for the not-yet-implemented bridge community design.
2012-04-01 15:59:00 -04:00
Roger Dingledine
92862c6d48
Merge branch 'maint-0.2.2'
2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919
Update "ClientOnly" man page entry
...
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
George Kadianakis
8265a9e5b1
Better documentation of transport-related torrc options.
...
Document ServerTransportPlugin and the managed proxy version of
ClientTransportPlugin.
2012-01-21 16:28:48 +02:00
Nick Mathewson
b14ac10b7f
Add missing documentation for some options introduced in 0.2.3.x
2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c
Documentation for GiveGuardFlagTo... option
2012-01-18 14:44:29 -05:00
Roger Dingledine
1e923dd2fb
fix crash bug in original feature4207 branch
...
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Sebastian Hahn
98959f63ac
Disallow disabling DisableDebuggerAttachment on runnning Tor
...
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
c6a8ee36fb
Move description of HidServAuth out of the FascistFirewall group
2011-12-27 08:02:41 -08:00
Nick Mathewson
d04f21bf39
Merge branch 'feature2553-v4-rebased'
2011-11-30 14:54:33 -05:00
Arturo Filastò
db648fe886
Add some more documentation
2011-11-30 14:54:15 -05:00
Nick Mathewson
3b88b63826
Merge branch 'bug933_nm_rebased_v2'
...
Conflicts:
src/test/test.c
2011-11-30 14:10:22 -05:00
Nick Mathewson
00ecc22126
Revise MapAddress manpage
...
make the asciidoc work; make the example more generic; tighten the
prose a little; be more specific that *.example.com matches
example.com; simplify an example.
2011-11-30 14:08:11 -05:00
Robert Hogan
53ce6bb52d
Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:8
...
1. Only allow '*.' in MapAddress expressions. Ignore '*ample.com' and '.example.com'.
This has resulted in a slight refactoring of config_register_addressmaps.
2. Add some more detail to the man page entry for AddressMap.
3. Fix initialization of a pointer to NULL rather than 0.
4. Update the unit tests to cater for the changes in 1 and test more explicitly for
recursive mapping.
2011-11-30 14:08:10 -05:00
Robert Hogan
909e9769ec
Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:4
...
1. Implement the following mapping rules:
MapAddress a.b.c d.e.f # This is what we have now
MapAddress .a.b.c d.e.f # Replaces any address ending with .a.b.c with d.e.f
MapAddress .a.b.c .d.e.f # Replaces the .a.b.c at the end of any addr with .d.e.f
(Note that 'a.b.c .d.e.f' is invalid, and will be rejected.)
2. Add tests for the new rules.
3. Allow proper wildcard annotation, i.e. '*.d.e' '.d.e' will still work.
4. Update addressmap_entry_t with an is_wildcard member.
2011-11-30 14:08:10 -05:00
Robert Hogan
c6d8c6baaa
bug933 - Match against super-domains in MapAddress
...
Allow MapAddress to handle directives such as:
MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1
Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
e718397880
Correct manpage entry for DynamicDHGroups
2011-11-29 18:42:49 -05:00
Nick Mathewson
da6c136817
Merge remote-tracking branch 'asn-mytor/bug4548_take2'
2011-11-29 18:30:41 -05:00
Nick Mathewson
f4d8ed4b28
Manpage for DisableNetwork
2011-11-28 16:01:47 -05:00
Nick Mathewson
68114ca52c
Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
...
Conflicts:
src/or/config.c
2011-11-24 23:38:32 -05:00
George Kadianakis
21babd152e
Document DynamicPrimes in the manual page.
2011-11-24 22:13:26 +01:00
Robert Ransom
b2212bf9b4
Add Tor2webMode configuration option
2011-11-24 03:54:32 -08:00
Roger Dingledine
023d8b6cf8
update the man page for the new AuthDirFastGuarantee value
2011-11-21 18:45:44 -05:00
Roger Dingledine
6a76007b08
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
97a209ea28
man page entries for AuthDir{Fast,GuardBW}Guarantee
2011-11-21 18:32:32 -05:00
Nick Mathewson
21dd6eae9e
Merge remote-tracking branch 'asn-mytor/bug4012_clienttransportplugin'
2011-11-07 11:37:29 -05:00
George Kadianakis
1c532594e7
Added man entry for ClientTransportPlugin.
2011-11-06 00:50:22 +01:00
Roger Dingledine
350fe95259
fix grammar in man page entries from proposal 171
2011-11-03 19:08:25 -04:00
Roger Dingledine
a518dd6650
Merge branch 'maint-0.2.2'
2011-10-25 19:34:42 -04:00
Roger Dingledine
ac115f1125
unmangle the fingerprint example in the man page
...
Remove a confusing dollar sign from the example fingerprint in the
man page, and also make example fingerprint a valid one.
2011-10-25 18:24:37 -04:00
Roger Dingledine
0e4f5e7cb1
fix default for TokenBucketRefillInterval in man page
2011-09-28 18:23:17 -04:00
Nick Mathewson
41dfc4c19c
Make bufferevents work with TokenBucketRefillInterval
2011-09-22 15:07:34 -04:00
Nick Mathewson
1e61184628
Make documentation for TokenBucketRefillInterval match its behavior
2011-09-22 15:07:34 -04:00
Florian Tschorsch
6b1d8321ae
New torrc option to allow bucket refill intervals of less than 1 sec
...
Implements bug3630.
2011-09-22 15:07:23 -04:00
Nick Mathewson
41eef6680e
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/dirserv.c
src/or/networkstatus.c
Conflicts were related to routerinfo->node shift.
2011-09-07 14:51:55 -04:00
Nick Mathewson
dfa6cde4d4
Merge remote-tracking branch 'public/bug2649_squashed' into maint-0.2.2
2011-09-07 14:43:06 -04:00
Roger Dingledine
fe0fa91164
Merge branch 'maint-0.2.2'
2011-09-02 07:23:37 -04:00
Roger Dingledine
e0dae64449
Correct man page: multiple control auth styles can be set at once
2011-09-02 07:01:55 -04:00
Nick Mathewson
372262b458
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-08-25 18:55:28 -04:00
Sebastian Hahn
cc33ac362b
Mention that HiddenServiceDir must exist
2011-08-25 22:26:54 +02:00
Nick Mathewson
6e923ed8cd
Add an OptimisticData option to control client-side optimistic data
2011-07-20 14:14:21 -04:00
Nick Mathewson
12dfb4f5d8
Use socks username/password information in stream isolation
2011-07-19 02:44:12 -04:00
Nick Mathewson
891ccd3cd0
Manpage updates for proposal 171 (isolated streams)
2011-07-19 02:02:18 -04:00
Nick Mathewson
eee942c5be
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-07-06 10:56:47 -04:00