Nick Mathewson
18752bca5b
Drop the minimum guard lifetime back down to one month
...
Mike believes that raising the default to 2 months with no way to lower
it may create horrible load-balancing issues.
2013-03-19 16:04:40 -04:00
Nick Mathewson
aa040619d5
Document the GuardLifetime option
2013-03-19 16:03:57 -04:00
Nick Mathewson
343f7aa059
Make the guard lifetime configurable and adjustable via the consensus
...
Fixes 8240.
(Don't actually increase the default guard lifetime. It seems likely to
break too many things if done precipitiously.)
2013-03-19 16:02:19 -04:00
Nick Mathewson
b9c86948e4
Clarify that hidden services are TCP only
...
Also remove some trailing whitespace.
Patch from maker; fixes bug 6024.
2012-09-19 08:19:21 -04:00
Robert Ransom
909691f1ae
Fix man page typo
2012-09-13 23:25:03 -07:00
Roger Dingledine
97dbff51e6
Update the minimum bandwidth for a public relay
...
The current cutoff is 30KB, but in reality a useful cutoff is probably
more like 50KB or 100KB.
2012-09-05 16:40:57 -04:00
Nick Mathewson
b17bb543da
Merge branch 'bug6732' into maint-0.2.3
2012-08-31 18:39:11 -04:00
Nick Mathewson
774979ca45
Document consensus and microdesc files
...
Bugfix for #6732 .
2012-08-31 11:35:47 -04:00
Nick Mathewson
b7c172c9ec
Disable extending to private/internal addresses by default
...
This is important, since otherwise an attacker can use timing info
to probe the internal network.
Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.
Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Ondrej Mikle
eeb81b5bb1
Fixes/beautification of RPM spec. Tiny improvements in RPM build docs.
2012-07-31 11:41:40 -04:00
Ondrej Mikle
0e778ac604
Workaround for building EL5 RPMs by specifying rpmbuild-md5. Updated old note about using static libevent when building RPMs.
2012-07-31 11:41:40 -04:00
Ondrej Mikle
cf20fac37f
Dependencies for RPM building with mock should work now
2012-07-31 11:41:40 -04:00
Nick Mathewson
d9bd0de062
Fix some manpage typos
...
This is based on a pair of patches from A. Costa. I couldn't apply
those directly, since they changed the generated *roff files, not
the asciidoc source.
Fixes Tor bug 6500 and Debian bug 683359.
2012-07-31 10:16:03 -04:00
Steven Murdoch
5b853612fb
Clarify how to build asciidoc files using homebrew on Mac OS X
2012-07-20 09:49:02 -04:00
Nick Mathewson
9ad5b25930
Improve Alternate*Authority docs. Bug 6387.
2012-07-16 11:21:20 -04:00
Nick Mathewson
f5e86bcd6c
Document 0.2.3.x torrc/default-torrc/command line semantics changes
...
Bug 4748
squash! Document 0.2.3.x torrc/default-torrc/command line semantics changes
Incorporates fixes suggested by rransom.
2012-06-18 12:01:27 -04:00
Roger Dingledine
427d4dd148
fix typos, logic error, default in man page
2012-06-15 03:25:27 -04:00
Mike Perry
8d59690033
Defend against entry node path bias attacks
...
The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.
If the failure rate exceeds a certain amount, a notice is emitted.
If it exceeds a greater amount, a warn is emitted and the guard is disabled.
These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
2012-06-14 13:19:56 -07:00
Nick Mathewson
75706527c1
Document --hush; fix documentation for --quiet.
2012-06-14 14:58:51 -04:00
Nick Mathewson
70910479e3
Merge remote-tracking branch 'public/bug5598'
...
Conflicts:
doc/tor.1.txt
Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
2d127eacd9
List defaults consistently in manpage
...
Nearly everywhere, we end options with "(Default: foo)". But in a
few places, we inserted an extra period after or before the close
parenthesis, and in a few other places we said "(Defaults to foo)".
Let's not do that.
2012-06-11 09:52:43 -04:00
Nick Mathewson
b74f851861
Correct the defaults for the *Statistics options
2012-06-07 13:46:51 -04:00
Nick Mathewson
8a341cc429
Change the default for DynamicDHGroups to 0
...
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721 ) and bridge
tracing (#6087 ) regressions.
We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088 ). Before we can do so, we need a fix for bugs #6087 and
Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
f4db3e2631
clarify that LongLivedPorts is for hidden services too
2012-06-03 21:07:34 -04:00
Nick Mathewson
f00a8b4307
Another dirport/orport correction; this one from "cypherpunks"
2012-05-16 15:45:20 -04:00
Nick Mathewson
400c7ce2b6
Document that the ORPort flags apply to DirPort too. (thanks, Roger.)
2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07
5597: document new ORPort options
2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45
Clarify SessionGroup documentation. Bug 5437.
2012-05-16 14:43:11 -04:00
Nick Mathewson
82ce43a706
Merge remote-tracking branch 'public/bug3964'
2012-05-16 11:33:52 -04:00
Nick Mathewson
1150b6b43e
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-05-15 11:23:06 -04:00
Nick Mathewson
8e07798284
Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259.
2012-05-15 11:22:06 -04:00
Nick Mathewson
1cf970c3db
Merge remote-tracking branch 'asn/bug5540'
2012-05-10 14:24:17 -04:00
Nick Mathewson
dc60b5d6a7
Improve our documentation for the NT Service command line options
...
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa
Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
...
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Daniel 'koolfy' Faucon
42143979d8
Add a warning about settign a bridge in MyFamily
2012-04-02 18:16:14 -04:00
Roger Dingledine
c7cbd06d5f
Merge branch 'maint-0.2.2'
...
Conflicts:
src/or/config.c
2012-04-01 16:03:16 -04:00
Roger Dingledine
40ab832c4e
BridgePassword was never for debugging
...
It is for the not-yet-implemented bridge community design.
2012-04-01 15:59:00 -04:00
George Kadianakis
31ed10f6c2
Explain TransportProxy within doc/state-contents.txt.
2012-03-31 14:33:11 +02:00
Roger Dingledine
c3a7bcf4e6
tab-man strikes back (fixup on a9c0e9fec2
)
2012-03-28 04:06:56 -04:00
Nick Mathewson
a9c0e9fec2
Write initial documentation for the contents of the state file
...
Fixes bug 2987. There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Roger Dingledine
92862c6d48
Merge branch 'maint-0.2.2'
2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919
Update "ClientOnly" man page entry
...
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
George Kadianakis
8265a9e5b1
Better documentation of transport-related torrc options.
...
Document ServerTransportPlugin and the managed proxy version of
ClientTransportPlugin.
2012-01-21 16:28:48 +02:00
Nick Mathewson
b14ac10b7f
Add missing documentation for some options introduced in 0.2.3.x
2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c
Documentation for GiveGuardFlagTo... option
2012-01-18 14:44:29 -05:00
Roger Dingledine
1e923dd2fb
fix crash bug in original feature4207 branch
...
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Sebastian Hahn
98959f63ac
Disallow disabling DisableDebuggerAttachment on runnning Tor
...
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00