Roger Dingledine
375acaab26
un-deprecate FascistFirewall
...
svn:r11873
2007-10-11 19:20:24 +00:00
Nick Mathewson
b5c8a8ae53
r15422@catbus: nickm | 2007-09-27 16:42:35 -0400
...
Use descriptor annotations to record the source, download t time, and purpose of every descriptor we add to the store. The remaining to-do item is to stop setting do_not_cache on bridges.
svn:r11680
2007-09-27 20:46:30 +00:00
Roger Dingledine
e313a8ad08
fix a syntax error in the man page
...
svn:r11589
2007-09-23 05:28:39 +00:00
Peter Palfrader
ce1099bf66
The manpage now tells uses that they can use identity fingerprints in most places where they can use nicknames. Based on patch from karsten
...
svn:r11570
2007-09-21 23:06:54 +00:00
Nick Mathewson
d3224bad42
r14227@Kushana: nickm | 2007-08-27 11:33:28 -0400
...
Add a new ClientDNSRejectInternalAddresses option (default: on) to refuse to believe that any address can map to or from an internal address. This blocks some kinds of potential browser-based attacks, especially on hosts using DNSPort. Also clarify behavior in some comments. Backport candiate?
svn:r11287
2007-08-27 15:33:58 +00:00
Nick Mathewson
7dbe7fd4d8
r14758@catbus: nickm | 2007-08-21 01:36:03 -0400
...
Finish implementing and documenting proposal 108: Authorities now use MTBF data to set their stability flags, once they have at least 4 days of data to use.
svn:r11240
2007-08-21 05:37:24 +00:00
Roger Dingledine
2df9bb937d
clean up the cookieauth stuff
...
svn:r11146
2007-08-16 19:27:31 +00:00
Nick Mathewson
718953dbe9
r14606@catbus: nickm | 2007-08-16 13:45:01 -0400
...
Implement CookieAuthFile and CookieAuthFileGroupReadable. Backport candidate.
svn:r11141
2007-08-16 17:46:01 +00:00
Nick Mathewson
483c1e9017
r13774@catbus: nickm | 2007-07-16 12:23:28 -0400
...
Tweaks on constrained socket buffers patch from coderman: Add a changelog; rename some variables; fix some long lines and whitespace; make ConstrainedSockSize a memunit; pass setsockopt a void.
svn:r10843
2007-07-16 16:23:36 +00:00
Nick Mathewson
f4a6673758
r13773@catbus: nickm | 2007-07-16 11:58:25 -0400
...
Initial "constrained socket buffers" patch from coderman. needs tweaking.
svn:r10842
2007-07-16 16:23:34 +00:00
Nick Mathewson
1b200de0ef
r13304@catbus: nickm | 2007-06-07 13:25:37 -0400
...
Deprecate RedirectExits.
svn:r10526
2007-06-07 17:26:19 +00:00
Nick Mathewson
0a27f02b9c
r13267@catbus: nickm | 2007-06-05 16:54:20 -0400
...
Man page and small tweaks for last patch.
svn:r10505
2007-06-05 20:54:53 +00:00
Nick Mathewson
3600d2f708
r13127@catbus: nickm | 2007-05-31 21:43:05 -0400
...
Mention that SocksPolicy applies to DNSPort.
svn:r10438
2007-06-01 10:20:33 +00:00
Nick Mathewson
b1cd5892cb
r13115@catbus: nickm | 2007-05-31 15:12:43 -0400
...
Document DNSPort, DNSListenAddress, AutomapHostsOnResolve, AutomapHostsSuffixes, and DownloadExtraInfo in the manpage.
svn:r10426
2007-05-31 19:13:12 +00:00
Nick Mathewson
3f9afa0625
r13068@catbus: nickm | 2007-05-29 14:58:13 -0400
...
Add some code to mitigate bug 393: Choose at random from multiple hidden service ports with the same virtport. This allows limited ad-hoc round-robining.
svn:r10398
2007-05-29 18:58:16 +00:00
Roger Dingledine
1c3f864024
cleanups on man page from edmanm
...
svn:r10350
2007-05-26 07:42:06 +00:00
Roger Dingledine
f8a8b27dd2
add a 'bridge' flag for dirserver config entries
...
svn:r10128
2007-05-07 08:26:50 +00:00
Roger Dingledine
1b95bbdba6
New config option V2AuthoritativeDirectory that all directory
...
authorities should set. This will let future authorities choose
not to serve V2 directory information.
Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.
svn:r10092
2007-05-02 09:12:04 +00:00
Roger Dingledine
d9f5f2cfa0
hsusage man page entries from karsten
...
svn:r10084
2007-05-01 10:36:43 +00:00
Andrew Lewman
fdb1e11dae
Fix the tex error I just introduced.
...
svn:r9911
2007-03-28 22:46:59 +00:00
Andrew Lewman
7887af912b
Fix tex and spelling mistakes.
...
svn:r9910
2007-03-28 22:46:05 +00:00
Roger Dingledine
b4f743562f
Add a separate set of token buckets for relayed traffic. Right
...
now that's just defined as answers to directory requests.
svn:r9881
2007-03-20 02:55:31 +00:00
Roger Dingledine
c4cf13a5a0
squeak in a bugfix for the VirtualAddrNetwork man page entry
...
svn:r9706
2007-03-02 05:25:35 +00:00
Nick Mathewson
bbfb6508e7
r11657@catbus: nickm | 2007-02-05 21:01:18 -0500
...
Fix a missing word identified by roger.
svn:r9494
2007-02-06 02:01:21 +00:00
Roger Dingledine
d3cac84bbc
nick, this was a typo too, right?
...
svn:r9493
2007-02-06 00:52:38 +00:00
Roger Dingledine
f6f5b85bd6
nickm: to a larger what?
...
svn:r9492
2007-02-06 00:27:55 +00:00
Roger Dingledine
9aa8e490f8
cleanups based on looking through svn commits
...
svn:r9491
2007-02-06 00:27:03 +00:00
Nick Mathewson
8a9a55251f
r11616@catbus: nickm | 2007-01-31 13:51:31 -0500
...
Tweak Trans/NATDPort documention to be less tool-specific.
svn:r9471
2007-01-31 21:48:53 +00:00
Nick Mathewson
eb3cc1e405
r11615@catbus: nickm | 2007-01-31 01:15:06 -0500
...
Documentation patch from ioerror for TransPort and related issues.
svn:r9470
2007-01-31 21:48:51 +00:00
Nick Mathewson
21f5e06862
r11583@catbus: nickm | 2007-01-29 11:19:48 -0500
...
Make man page stop saying that BandwidthRate is for incoming bandwidth only; Add some XXX012s for config options that should maybe die.
svn:r9455
2007-01-29 18:13:34 +00:00
Nick Mathewson
b0b96c9091
r11492@catbus: nickm | 2007-01-24 18:41:07 -0500
...
Try to be really explicit that ServerDNS options affect what your server does on behalf of clients, and nothing else.
svn:r9398
2007-01-24 23:41:56 +00:00
Roger Dingledine
37b5132ad8
Expire socks connections if they spend too long waiting for the
...
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
Also take this opportunity to refactor a duplicate bit of circuituse.c.
And change the semantics of SocksTimeout slightly, but I think it'll
be ok.
svn:r9350
2007-01-15 09:09:03 +00:00
Andrew Lewman
a28f4ad4ae
Clarify the --nt-service option.
...
svn:r9345
2007-01-13 17:56:17 +00:00
Andrew Lewman
9b2bfe4ea8
Update --nt-service
...
svn:r9342
2007-01-13 05:24:31 +00:00
Andrew Lewman
930e12920d
Update copyright in config.c while I'm there. Update man page to
...
reflect all available options to tor binary.
svn:r9341
2007-01-13 05:09:09 +00:00
Nick Mathewson
c1b5f53679
r11938@Kushana: nickm | 2007-01-11 11:02:28 -0500
...
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
2007-01-11 16:02:39 +00:00
Roger Dingledine
5e89bc9b4b
fix a bug i introduced in r9249; and more cleanups.
...
svn:r9263
2007-01-04 09:12:23 +00:00
Roger Dingledine
50f0e36094
man page entries for TunnelDirConns and PreferTunneledDirConns
...
and add a todo item for nick in case he gets bored :)
svn:r9260
2007-01-04 04:35:18 +00:00
Roger Dingledine
7396b8eecf
interim tweaks
...
svn:r9246
2007-01-03 03:45:53 +00:00
Nick Mathewson
e5f5b96ca6
r11723@Kushana: nickm | 2006-12-28 13:52:48 -0500
...
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
2006-12-28 21:29:11 +00:00
Nick Mathewson
92e2d687fa
r11715@Kushana: nickm | 2006-12-24 22:53:06 -0500
...
Document a couple more options in the man page.
svn:r9192
2006-12-25 03:55:37 +00:00
Nick Mathewson
4d948281c3
r11676@Kushana: nickm | 2006-12-23 20:42:17 -0500
...
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
svn:r9171
2006-12-24 02:45:27 +00:00
Nick Mathewson
2e1e919d65
r11657@Kushana: nickm | 2006-12-20 15:11:19 -0500
...
Fixes to check-docs script; add some docs; mark some options as deprecated in the online docs.
svn:r9163
2006-12-20 21:02:02 +00:00
Roger Dingledine
e66b6f0d50
Reject *:563 (NTTPS) in the default exit policy. We already reject
...
NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)
svn:r9149
2006-12-18 08:25:34 +00:00
Roger Dingledine
67b27a42be
cleanups on the man page edits
...
svn:r9045
2006-12-07 19:32:52 +00:00
Andrew Lewman
65b14eae90
Added hiddenservice files as well to the man page.
...
svn:r9033
2006-12-07 05:13:53 +00:00
Andrew Lewman
25d94d373c
Updated the FILES section with info from
...
http://archives.seul.org/or/talk/Dec-2006/msg00065.html
svn:r9032
2006-12-07 05:09:54 +00:00
Roger Dingledine
80e1ab7ee1
take RunTesting out of the man page until we reenable it
...
svn:r8899
2006-11-04 04:29:04 +00:00
Peter Palfrader
4665e1d18c
Sync manpage with code: 6697 was added to LongLivedPorts
...
svn:r8807
2006-10-23 11:29:15 +00:00
Nick Mathewson
42bab1c6d3
r9318@Kushana: nickm | 2006-10-22 15:22:57 -0400
...
Let directory authorities set the BadExit flag if they like. Also, refactor directory authority code so we can believe multiple things about a single router, and do fewer linear searches.
svn:r8794
2006-10-23 03:48:42 +00:00
Roger Dingledine
a3efc8e3d1
- V1 authorities should set "HSAuthoritativeDir 1" to continue being
...
hidden service authorities too.
- Just because your DirPort is open doesn't mean people should be
able to remotely teach you about hidden service descriptors. Now
only accept rendezvous posts if you've got HSAuthoritativeDir set.
svn:r8573
2006-10-01 22:16:55 +00:00
Nick Mathewson
907fc6c73e
r8977@Kushana: nickm | 2006-09-28 19:56:41 -0400
...
Make "is a v1 authority", "is a v2 authority", and "is a hidden service authority" into separate flags so we can eventually migrate more trust away from moria.
svn:r8523
2006-09-28 23:57:59 +00:00
Roger Dingledine
3994b02c0e
try a different fix
...
svn:r8506
2006-09-25 22:34:27 +00:00
Roger Dingledine
90a307bb2a
tweaks
...
svn:r8505
2006-09-25 22:17:14 +00:00
Nick Mathewson
49ad1eefa1
Add an EnforceDistinctSubnets option so that clients who know what they are doing (mainly people with private testing networks) can disable our same-/16 detection.
...
svn:r8504
2006-09-25 22:12:54 +00:00
Roger Dingledine
c97a8469ad
be clearer that the *ListenAddress directives can be
...
repeated multiple times.
svn:r8501
2006-09-25 17:33:53 +00:00
Roger Dingledine
ad430b9561
checkpoint changelog and general polishing
...
svn:r8497
2006-09-25 05:59:13 +00:00
Roger Dingledine
aa77298819
remove 8888 as a long lived port. i can't remember why it's
...
on the list.
svn:r8461
2006-09-22 19:29:26 +00:00
Nick Mathewson
e4a9b4de4e
r8875@Kushana: nickm | 2006-09-21 16:46:28 -0400
...
Resolve bug 330: detect ISPs that want to hijack failing DNS requests and basically domain-squat the entire internet.
svn:r8440
2006-09-21 21:48:22 +00:00
Nick Mathewson
04bec67574
r8874@Kushana: nickm | 2006-09-21 15:22:27 -0400
...
Rename and document SearchDomains and ResolvConf options; warn if ServerDNSResolvConfFile is given but eventdns isnt enabled.
svn:r8439
2006-09-21 21:48:16 +00:00
Roger Dingledine
d08df9686a
fix typo pointed out by paul
...
svn:r7074
2006-08-18 18:19:35 +00:00
Roger Dingledine
d53e5179bd
clean up AllowInvalidNodes man page entry.
...
svn:r7073
2006-08-18 17:46:14 +00:00
Roger Dingledine
726021bb60
clean up man page. expand on contactinfo a bit.
...
svn:r6631
2006-06-16 00:04:46 +00:00
Roger Dingledine
e9d7904885
add TestVia to the man page
...
svn:r6583
2006-06-10 00:32:14 +00:00
Roger Dingledine
c0630b5274
clean up formatting in the man page
...
svn:r6582
2006-06-10 00:30:49 +00:00
Roger Dingledine
8705db6c2c
whoops, add a man page entry for ProtocolWarnings
...
svn:r6545
2006-06-05 09:51:29 +00:00
Roger Dingledine
be2833e929
fix spelling of VirtualAddrNetwork in man page (thanks tup)
...
svn:r6487
2006-05-23 20:15:51 +00:00
Roger Dingledine
a16bd23ad9
document that runasdaemon has no effect on windows.
...
svn:r6469
2006-05-23 07:03:30 +00:00
Nick Mathewson
7484ca06a5
[Forward-port ]Test and document last patch.
...
svn:r6400
2006-04-18 03:51:18 +00:00
Roger Dingledine
c2565c2ffb
and forward-port the man page change
...
svn:r6372
2006-04-10 20:08:12 +00:00
Roger Dingledine
a52bb835c8
and update the man page to reflect that
...
svn:r6339
2006-04-09 10:28:59 +00:00
Roger Dingledine
5dbdc3fc22
man page entry for FetchUselessDescriptors
...
svn:r6328
2006-04-08 21:48:29 +00:00
Roger Dingledine
8b7f7052c5
man page entries for CircuitBuildTimeout and CircuitIdleTimeout
...
svn:r6221
2006-03-22 00:56:03 +00:00
Roger Dingledine
442c054a71
and add SocksTimeout to the man page
...
and stop shouting when we talk about Socks
svn:r6218
2006-03-21 23:30:24 +00:00
Roger Dingledine
173b16cd1e
clean up man page entries on EntryNodes and ExitNodes
...
svn:r6202
2006-03-20 20:15:50 +00:00
Roger Dingledine
2c33218fc9
man page entry for safesocks. also correct the man page
...
entry for testsocks.
svn:r6191
2006-03-19 01:52:18 +00:00
Roger Dingledine
77b00edd27
and fix the AllowInvalidNodes man page entry too.
...
svn:r6189
2006-03-19 01:39:10 +00:00
Roger Dingledine
fe6f11b6f4
document AuthDirRejectUnlisted in the man page
...
svn:r6109
2006-03-09 01:47:04 +00:00
Nick Mathewson
9479bd0275
Document AuthDir(Invalid|Reject)
...
svn:r6098
2006-03-08 08:17:25 +00:00
Andrew Lewman
96a93a0cb1
It's FI not Fi..fo fum..
...
svn:r6056
2006-02-20 05:32:35 +00:00
Roger Dingledine
5d1b35ce41
and put them in the man page
...
svn:r6048
2006-02-19 22:03:28 +00:00
Roger Dingledine
266254f42b
clean up the Reachable*Addresses changes
...
svn:r6041
2006-02-19 08:31:47 +00:00
Peter Palfrader
cfcb1b1afd
document ReachableDirAddresses and ReachableORAddresses
...
svn:r6011
2006-02-13 22:43:42 +00:00
Roger Dingledine
350313d77a
Let the users set ControlListenAddress in the torrc.
...
This can be dangerous, but there are some cases (like a secured
LAN) where it makes sense.
svn:r5997
2006-02-13 06:25:16 +00:00
Roger Dingledine
1181ae61ae
the *ListenAddress config options were still named
...
*BindAddress in the man page.
svn:r5996
2006-02-13 06:19:18 +00:00
Roger Dingledine
7245f275b9
document the restrictions on 'nickname' config option
...
svn:r5953
2006-02-10 05:25:58 +00:00
Roger Dingledine
8cd6d0e453
and by default it's off
...
svn:r5943
2006-02-09 04:21:39 +00:00
Roger Dingledine
eda7373e15
clean up TestSocks man page entry
...
svn:r5942
2006-02-09 04:21:03 +00:00
Roger Dingledine
88f7aeba94
admit that the HardwareAccel config option is probably buggy.
...
svn:r5937
2006-02-09 03:22:58 +00:00
Roger Dingledine
51dffee36c
MaxConn has been obsolete for a while now.
...
Document ConnLimit, which is the opposite.
svn:r5933
2006-02-09 02:59:10 +00:00
Peter Palfrader
cc349042f6
Document TestSocks
...
svn:r5921
2006-02-05 22:45:02 +00:00
Roger Dingledine
9ff4b2cf97
document ExitPolicyRejectPrivate in man page
...
svn:r5889
2006-02-01 05:22:11 +00:00
Roger Dingledine
dfa23061a7
fix the man page: hardwareaccel is off by default.
...
svn:r5876
2006-01-28 22:09:57 +00:00
Roger Dingledine
f8b9a8d457
bump the default bandwidthrate to 3 MB, and burst to 6 MB
...
svn:r5874
2006-01-28 08:28:15 +00:00
Peter Palfrader
2be4f537f7
ReachableAddresses does not depend on FascistFirewall
...
svn:r5839
2006-01-17 15:49:42 +00:00
Roger Dingledine
a789e1ec38
improve the man page entry for AllowUnverifiedNodes
...
svn:r5833
2006-01-17 01:10:17 +00:00
Peter Palfrader
38d32bc466
Add another comma
...
svn:r5823
2006-01-12 03:01:51 +00:00
Peter Palfrader
fdbd0791e2
Fix bold vs. italics in the FILES sections, update date
...
svn:r5821
2006-01-12 02:10:25 +00:00
Roger Dingledine
3c89480913
clean up the !reject/!invalid discussion
...
svn:r5817
2006-01-12 00:52:41 +00:00
Peter Palfrader
44cec7cecd
Add !reject and !invalid
...
svn:r5816
2006-01-12 00:07:04 +00:00