Commit Graph

4492 Commits

Author SHA1 Message Date
Isis Lovecruft
f9ccb2543d doc: Document our current rough-draft policy on Rust dependencies.
* FIXES #25310: https://bugs.torproject.org/25310
2018-03-21 17:04:04 -04:00
Nick Mathewson
cae7387ef2 Merge branch 'maint-0.3.3' 2018-03-20 07:59:13 -04:00
Nick Mathewson
74c767af29 Note that we require latest stable rust. 2018-03-20 07:58:29 -04:00
Nick Mathewson
a324cd9020 Merge branch 'ticket25268_034_01' 2018-03-19 06:01:02 -04:00
ArunaMaurya221B
42008ee721 DisableNetwork documentation improvised 2018-03-13 21:31:10 +01:00
ArunaMaurya221B
a9203c65f1 Revised patch with 78 characters per line 2018-03-13 21:28:37 +01:00
ArunaMaurya221B
c29e66a883 PaddingStatistics documented properly 2018-03-13 21:28:36 +01:00
Nick Mathewson
bebd5809f3 Merge remote-tracking branch 'teor/rust-std' 2018-03-13 16:15:00 -04:00
Nick Mathewson
03f748d0ca Merge branch 'maint-0.3.3' 2018-03-13 11:03:08 -04:00
Nick Mathewson
f0f2fab5e1 Merge remote-tracking branch 'ffmancera-1/bug23635' into maint-0.3.3 2018-03-13 11:02:34 -04:00
Fernando Fernandez Mancera
c1cfa0fbc4 Tweaks into AccountingStart documentation.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-03-08 12:28:34 +01:00
Nick Mathewson
338dbdab93 Merge branch 'maint-0.3.3' 2018-03-03 11:59:27 -05:00
Alexander Færøy
59a7b00384 Update tor.1.txt with the currently available log domains.
See: https://bugs.torproject.org/25378
2018-03-03 11:58:14 -05:00
Nick Mathewson
62482ea279 Merge branch 'maint-0.3.3' 2018-03-03 11:53:05 -05:00
Nick Mathewson
cc7de9ce1d Merge branch 'ticket23814' into maint-0.3.3 2018-03-03 11:53:01 -05:00
Roger Dingledine
2bd23cebf3 resolve a weird binary character that crept into the man page 2018-03-02 19:21:45 -05:00
Roger Dingledine
b46bda9d18 get rid of extraneous punctuation in man page 2018-03-02 19:07:04 -05:00
Roger Dingledine
6db6a00671 fix a confusing "0 0" in the man page
feel free to backport this commit back to 0.3.2.x if you like it
2018-03-02 18:58:29 -05:00
teor
01a977b492
Update the primitive types explanation in the Rust coding standards
Part of #25368.
Includes c_double in anticipation of #23061.
2018-02-27 15:55:13 +11:00
Nick Mathewson
d489e4847b Fix a variable name in tor-rust-dependencies 2018-02-21 11:55:25 -05:00
Nick Mathewson
d2bdb54d37 Wrap GettingStartedRust.md to 72 columns. 2018-02-21 11:55:07 -05:00
Nick Mathewson
bd71e0a0c8 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-02-16 09:54:13 -05:00
Nick Mathewson
2bcd264a28 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-02-16 09:48:11 -05:00
Nick Mathewson
d662d4470a Merge remote-tracking branch 'dgoulet/ticket24343_033_01' into maint-0.3.3 2018-02-15 21:05:08 -05:00
David Goulet
779eded6bb man: Update the CircuitPriorityHalflife entry
The behavior has changed slightly in the previous commits.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-15 14:54:48 -05:00
Nick Mathewson
86f461e362 Merge remote-tracking branch 'dgoulet/ticket24902_029_05' 2018-02-13 15:00:43 -05:00
David Goulet
9cf8d669fa man: Document default values if not in the consensus for DoS mitigation
Fixes #25236

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13 14:21:47 -05:00
Fernando Fernandez Mancera
eb089ecaa0 Improve the documentation of AccountingStart parameter.
Fixes #23635.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-02-12 17:10:04 +01:00
David Goulet
652d3a5b66 Remove anything related to the old SocksSockets option
At this commit, the SocksSocketsGroupWritable option is renamed to
UnixSocksGroupWritable. A deprecated warning is triggered if the old option is
used and tor will use it properly.

Fixes #24343

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-07 14:05:33 -05:00
Deepesh Pathak
ca6682f3f8 Fix spelling mistakes corresponding to ticket #23650 2018-02-07 10:41:57 -05:00
Nick Mathewson
30225fd89a Remove MaxDownloadTries options from the manpage 2018-01-31 15:14:48 -05:00
David Goulet
cd81403cc0 Merge branch 'ticket24902_029_05' into ticket24902_033_02 2018-01-30 09:33:12 -05:00
David Goulet
e58a4fc6cf dos: Make circuit rate limit per second, not tenths anymore
Because this touches too many commits at once, it is made into one single
commit.

Remove the use of "tenths" for the circuit rate to simplify things. We can
only refill the buckets at best once every second because of the use of
approx_time() and our token system is set to be 1 token = 1 circuit so make
the rate a flat integer of circuit per second.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-30 09:18:16 -05:00
David Goulet
a3714268f6 dos: Man page entry for DoS mitigation
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-01-30 09:18:16 -05:00
Nick Mathewson
03ab24b44c Make more notes about important stuff in ReleasingTor.md 2018-01-26 14:39:08 -05:00
Nick Mathewson
73e5be5619 ReleasingTor.md: check for recommendation, listing on dl page
Closes ticket 23118.
2018-01-26 14:34:25 -05:00
Alexander Færøy
162d75d587
Update HiddenServiceVersion man-page entry to only accept either 2 or 3.
This patch updates the HiddenServiceVersion man-page entry to only
accept either 2 or 3 as argument and not a list of multiple versions.

See: https://bugs.torproject.org/25026
2018-01-25 16:59:09 +01:00
Mike Perry
20a3f61105 Implement layer 2 and layer 3 guard pinning via torrc.
Block circuit canibalization when HSRendezvousMiddleNodes is active.
Also make it apply to all HS circuits, not just rends.
2018-01-19 22:21:48 +00:00
Sebastian Hahn
db5aa54a42 Reword requirement to set Myfamily correctly 2018-01-11 20:00:23 -05:00
Nick Mathewson
4c651b8c04 Note contactinfo and myfamily as required in more places
Includes a sentence from cypherpunks; for ticket 24526.
2018-01-11 20:00:18 -05:00
Sebastian Hahn
96a24568ca Reword requirement to set Myfamily correctly 2018-01-11 22:03:14 +01:00
Nick Mathewson
c349bfec36 Merge branch 'bug24526_squashed' 2018-01-11 12:33:52 -05:00
Nick Mathewson
ac0f819ce5 Note contactinfo and myfamily as required in more places
Includes a sentence from cypherpunks; for ticket 24526.
2018-01-11 12:33:30 -05:00
Nick Mathewson
2fa97dfb73 Merge remote-tracking branch 'teor/bug22145_032' 2018-01-10 09:33:55 -05:00
Nick Mathewson
0b6fe3c123 Merge branch 'maint-0.3.2' 2018-01-05 16:41:35 -05:00
Nick Mathewson
48d94e290d Merge branch 'maint-0.3.0' into maint-0.3.1 2018-01-05 16:41:34 -05:00
Nick Mathewson
3618bd6166 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-01-05 16:41:34 -05:00
Nick Mathewson
16fd975a82 Merge branch 'maint-0.2.9' into maint-0.3.0 2018-01-05 16:41:34 -05:00
Nick Mathewson
c52d4d9e34 Merge branch 'teor_ticket24681_028' into maint-0.2.9 2018-01-05 16:41:31 -05:00
teor
30e1371675
Make the default DirAuthorityFallbackRate 0.1
This makes clients on the public tor network prefer to bootstrap off fallback
directory mirrors.

This is a follow-up to 24679, which removed weights from the default fallbacks.

Implements ticket 24681.
2017-12-23 00:01:31 +11:00
ArunaMaurya221B
3877958155
Update the man page to say that OutboundBindAddress* is ignored for DNS
Documentation-only change.

Closes ticket 22145. Patch by "aruna1234".
2017-12-22 11:30:18 +11:00
Alexander Færøy
d4f4108601
Add MainloopStats option.
This patch adds support for MainloopStats that allow developers to get
main event loop statistics via Tor's heartbeat status messages. The new
status log message will show how many succesful, erroneous, and idle
event loop iterations we have had.

See: https://bugs.torproject.org/24605
2017-12-16 02:41:21 +01:00
Nick Mathewson
6c5a73f87a Merge remote-tracking branch 'ahf-oniongit/bugs/24362' 2017-12-12 09:18:52 -05:00
teor
7b59199663
Fix a typo in CodingStandards.md
Closes #24596.
2017-12-12 12:32:50 +11:00
Alexander Færøy
b0b8f7c30c Add support for Android's logging subsystem.
This patch adds support for Android's logging subsystem in Tor. When
debugging Android applications it is useful to be able to collect
information about the application running on the platform via the
various system services that is available on the platform.

This patch allows you to add "Log notice android" to your torrc and have
Tor send everything above and including the notice severity to Android's
ring buffer which can be inspected using the 'adb logcat' program.

See: https://bugs.torproject.org/24362
2017-12-11 13:22:39 +00:00
Nick Mathewson
5ee0cccd49 Merge branch 'macro_free_v2_squashed' 2017-12-08 14:58:43 -05:00
Nick Mathewson
7ca5f4bf03 document our allocator conventions 2017-12-08 14:47:19 -05:00
Nick Mathewson
a7a0cebb59 Merge branch 'more_directories_squashed' 2017-12-05 19:49:45 -05:00
Nick Mathewson
02cbf2ffc1 Update the manpage to describe {Cache,Key}Directory
Also, explain which files should be put in which.
2017-12-05 19:49:29 -05:00
Nick Mathewson
ff0db77f91 Merge remote-tracking branch 'isis/bug22907' 2017-12-04 14:12:03 -05:00
Nick Mathewson
f50d64b62e Merge branch 'bug23826-23828_squashed' 2017-12-04 11:43:11 -05:00
teor
4b2995dc1d Document the effects of AuthDirHasIPv6Connectivity
Fixes #23870 on 0.2.4.1-alpha.
2017-12-04 11:42:56 -05:00
Isis Lovecruft
bb4993395c
doc: Document how to build with Rust dependencies in offline-mode.
* CLOSES #22907: https://bugs.torproject.org/22907
2017-11-28 22:39:55 +00:00
Nick Mathewson
ce793ec0a9 Merge remote-tracking branch 'ahf-gitlab/ahf/24062-simpleperf' 2017-11-21 14:09:56 -05:00
Fernando Fernandez Mancera
5f4e9d5079 Clarify the RelayBandwidth* options in man file
Added clarifying information in man file about RelayBandwidthRate and
RelayBandwidthBurst options that exclude directory fetches by relays.

Fixes #24318

Signed-off-by: Fernando Fernandez Mancera <ffernandezmancera@gmail.com>
2017-11-21 13:54:16 -05:00
Alexander Færøy
251983eb8e
Add initial instructions on using Simpleperf for Android CPU profiling.
See: https://bugs.torproject.org/24062
2017-11-20 17:42:51 +01:00
Nick Mathewson
94dce246ee Merge branch 'maint-0.3.2' 2017-11-17 09:26:11 -05:00
Matt Traudt
8b2c01a46f Use less jargon in Scheduler sec. of man page 2017-11-17 09:25:07 -05:00
Matt Traudt
3537f7801d Add notes about OS support for our scheduler types 2017-11-17 09:25:01 -05:00
Nick Mathewson
ebcd1a57c0 Note in the rust doc that these comments are bidirectional 2017-11-13 10:04:40 -05:00
Nick Mathewson
edf3d6b7ee Merge remote-tracking branch 'chelseakomlo/24032-cargo-rust-sync' 2017-11-13 09:59:10 -05:00
Chelsea Holland Komlo
05662f35ea update rust getting started for new build 2017-11-13 09:55:29 -05:00
Chelsea Holland Komlo
1c50331b9a annotate where C and Rust need to stay in sync 2017-11-11 23:19:34 -05:00
Nick Mathewson
2ed4a3e61e new email address for yuri; close 24241 2017-11-11 12:47:13 -05:00
Damian Johnson
3563a2c819 Fix manual formatting
Few issues...

  * Malformed ReducedExitPolicy, causing brackets to appear.

  * ExitPolicyDefault wasn't actually listed, instead it munged the description
    into the ExitPolicy description.

  * Extra plus signs in the ExitPolicy and ReducedExitPolicy entries. After an
    hour of struggling with asciidoc couldn't figure out how to format it as
    'paragraph => example => paragraph with same indentation' so just
    rearranging the ExitPolicy entry.

    Patches welcome if someone strongly prefers having the paragraph after the
    example.

https://trac.torproject.org/projects/tor/ticket/24147
2017-11-05 12:21:28 -08:00
Nick Mathewson
9f650b24e9 Merge branch 'maint-0.3.2' 2017-11-05 14:09:21 -05:00
Sebastian Hahn
d3fee8b823 ClientDNSRejectInternalAddresses in non-default networks
Once again allow the flag to be set, unless the default network is used.
Thanks to nickm for a suggestion for the workaround to a test failure.
2017-11-04 18:31:02 +01:00
Sebastian Hahn
5a46074e55 Revert "Make ClientDNSRejectInternalAddresses testing-only."
This reverts commit 27fa4a98d2.
2017-11-04 18:30:59 +01:00
Nick Mathewson
affaaa1968 Merge branch 'maint-0.3.2' 2017-11-01 13:50:06 -04:00
David Goulet
8687d9cf44 man: Specify HiddenServiceNumIntroductionPoints for v3
A v3 service can have between 0 and 20 intro points where v2 has 0 to 10.

Fixes #24115

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-11-01 13:50:04 -04:00
Neel Chauhan
e8c6d431fa Modify man page to describe ReducedExitPolicy option 2017-10-31 13:25:41 -04:00
Roger Dingledine
d56b4e598b fix confusion in man page
(I was going to fix "along" to "along with" which was pretty clearly the
original intent, but then I realized that it would be confusing whether
it's only bad when you use several of them in conjunction, or what. So
hopefully this fix is clearer.)
2017-10-30 00:18:40 -04:00
David Goulet
dfe03a55fc doc: Add fedora packager point of contact
This is a link to the user page on the Fedora project website:

https://koji.fedoraproject.org/koji/userinfo?userID=2234

Fixes #24015

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-10-26 10:07:56 -04:00
Nick Mathewson
594cf92498 Merge branch 'feature18329_029_squashed' into maint-0.3.2 2017-10-24 19:35:28 -04:00
Nick Mathewson
3581f93d27 Tweak the documentation for BridgeDistribution
Note that it will have no effect yet; note that the default is
"any".
2017-10-24 19:26:24 -04:00
Roger Dingledine
ebab521525 Add new BridgeDistribution config option
Bridge relays can use it to add a "bridge-distribution-request" line
to their bridge descriptor, which tells BridgeDB how they'd like their
bridge address to be given out.

Implements tickets 18329.
2017-10-24 19:26:24 -04:00
Nick Mathewson
bc6769e0d4 Merge remote-tracking branch 'catalyst-oniongit/bug23739' 2017-10-03 09:04:21 -04:00
Taylor Yu
6a2a49e661 Improve docs on using gcov
Add more explanation in doc/HACKING about how to read gcov output,
including a reference to the gcov documentation in the GCC manual.
Also add details about how our postprocessing scripts modify gcov
output.
2017-10-03 07:45:36 -05:00
Nick Mathewson
7bc85d8204 Merge remote-tracking branch 'isis/bug23695' 2017-10-03 08:03:22 -04:00
Isis Lovecruft
40f1287978
doc: Add a good resource for learning to write Rust FFI. 2017-09-29 01:04:18 +00:00
Nick Mathewson
cbea334d6b Mention even more about changes files in doc/HACKING 2017-09-22 15:14:36 -04:00
Nick Mathewson
2032d7ca6f Update CodingStandards.md for changes-file stuff
'check-changes' is now part of "make check", and must pass.
2017-09-21 16:39:49 -04:00
Taylor Yu
87faed921e Remove wrong config parameter mention from manpage
Don't refer to the obsolete (and misspelled)
UseEntryGuardsAsDirectoryGuards config parameter in the manpage.
2017-09-21 13:31:54 -05:00
Nick Mathewson
a2caa466ee Merge branch 'ticket21405' 2017-09-19 13:36:43 -04:00
Nick Mathewson
29e98d16d2 note the format we expect for IPv6 2017-09-19 13:19:45 -04:00
Nick Mathewson
3bb6028a8e Merge branch 'ticket18891' 2017-09-19 13:07:01 -04:00
Nick Mathewson
6d8f98646b Clarify that Address is an IPv4 option only. 2017-09-19 13:06:54 -04:00
Nick Mathewson
6010f9420a Clarify the term "address" in the manpage
Closes 21405.
2017-09-19 10:22:35 -04:00
Nick Mathewson
b74a1c77a4 Document that .onion subdomains are ignored by clients
addr-spec.txt also explains this, but we should get it into the
manpage too.

Closes ticket #18736.
2017-09-19 09:26:54 -04:00
Nick Mathewson
1f602e8643 plural in manpage 2017-09-19 08:48:39 -04:00
David Goulet
6f313edc8a doc: Add version 3 to HiddenServiceVersion man page entry
Fixes #23580

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-19 08:39:43 -04:00
Nick Mathewson
94a88eaa45 Merge remote-tracking branch 'public/ticket19704' 2017-09-18 15:02:16 -04:00
Nick Mathewson
3c9ff0af96 small tweaks to releasingtor.md 2017-09-18 14:49:06 -04:00
Nick Mathewson
faf1242bed add frebsd ports maintainer to releasingtor list 2017-09-17 20:32:27 -04:00
Nick Mathewson
a1c495b4b9 Try to improve formatting on the Schedulers option 2017-09-15 13:57:57 -04:00
Nick Mathewson
37302e64a4 Merge branch 'remove_allow_dotexit_v2' 2017-09-15 12:10:47 -04:00
Nick Mathewson
f02fd6c3af Remove AllowDotExit.
It's been deprecated since 0.2.9.2-alpha.  Closes ticket 23426.
2017-09-15 12:09:33 -04:00
Nick Mathewson
0f4f40b70f Merge remote-tracking branch 'dgoulet/ticket12541_032_02' 2017-09-15 12:00:50 -04:00
David Goulet
0650017143 doc: Man page entries for KIST
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-15 11:58:04 -04:00
Martin Kepplinger
8d913cc352 doc: make introduction paragraph point to correct data
doc/HACKING/GettingStarted.md says "you might like reading doc/HACKING",
which the reader obviously is already doing. Instead point to the "torguts"
documents that are mentioned a few lines below too.
2017-09-15 08:18:37 -04:00
Nick Mathewson
9c27f56cd9 Fix torrc-format documentation corner cases
We don't require that the final line be terminated, and we open
windows torrc files in text mode.

Closes ticket 22795.
2017-09-12 16:32:56 -04:00
Nick Mathewson
de6f121b59 Deprecate ReachableDirAddresses and ClientPreferIPv6DirPort
Closes ticket 19704.
2017-09-12 16:12:15 -04:00
Nick Mathewson
26d462c1f0 Merge branch 'ticket21031' 2017-09-12 10:43:34 -04:00
Nick Mathewson
4027bd2e96 Merge branch 'bug23347_squashed' 2017-09-12 10:38:35 -04:00
teor
93a8ed3b83 Make clients wait to refresh bridges when they have a recent descriptor
But when clients are just starting, make them try each bridge a few times
before giving up on it.

These changes make the bridge download schedules more explicit: before
17750, they relied on undocumented behaviour and specific schedule
entries. (And between 17750 and this fix, they were broken.)

Fixes 23347, not in any released version of tor.
2017-09-12 10:38:25 -04:00
teor
97249c4f5e Make bridge clients download bridge descriptors immediately
The download schedule tells Tor to wait 15 minutes before downloading
bridge descriptors. But 17750 made Tor ignore that and start immediately.
Since we fixed 17750, Tor waits 15 minutes for bridge client bootstrap,
like the schedule says.

This fixes the download schedule to start immediately, and to try each
bridge 3 times in the first 30 seconds. This should make bridge bootstraps
more reliable.

Fixes 23347.
2017-09-12 10:38:25 -04:00
Taylor Yu
55fef0534d Add guidelines for floating point use 2017-09-08 12:15:41 -05:00
David Goulet
2080a986ed
doc: Add our Ubuntu packager to ReleasingTor.md
His full name is: Simon Deziel.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-09-07 12:35:31 -04:00
Nick Mathewson
27fa4a98d2 Make ClientDNSRejectInternalAddresses testing-only.
Undeprecate it;
rename it to TestingClientDNSRejectInternalAddresses;
add the old name as an alias;
reject configurations where it is set but TestingTorNetwork is not;
change the documentation accordingly.

Closes tickets 21031 and 21522.
2017-09-07 10:03:31 -04:00
Nick Mathewson
8421756da3 Talk about assertions in CodingStandards.md 2017-09-07 09:37:39 -04:00
Nick Mathewson
73b0e2e6fd Merge branch 'http_tunnel_squashed' 2017-09-05 14:34:29 -04:00
Nick Mathewson
fead644956 Add a manpage entry and changes file for for HTTPTunnelPort 2017-09-05 14:34:09 -04:00
Nick Mathewson
babe31fc7c Not all invizbox people have the same TLD... :/ 2017-09-05 10:43:31 -04:00
Nick Mathewson
a229d6c2f8 Merge branch 'bug22818_squashed' 2017-09-04 11:44:56 -04:00
Isis Lovecruft
1645c5503d docs: Add notes on behaviours which Rust considers undefined. 2017-09-04 11:44:48 -04:00
Isis Lovecruft
12cf04646c docs: More Rust coding standards, based on without boats' comments. 2017-09-04 11:44:48 -04:00
Isis Lovecruft
aeef8a093f
docs: More Rust coding standards w.r.t. fuzzing and safety. 2017-08-30 21:54:41 +00:00
Isis Lovecruft
f9dc514e8f
docs: Clarify some portions of the Rust coding standards.
* THANKS TO Henry de Valence for review.
2017-08-30 21:38:13 +00:00
Isis Lovecruft
fe66d06a45
docs: Document coding standards, build instructions, etc. for Rust code.
* FIXES #22818
2017-08-29 23:25:02 +00:00
teor
435952538d
Make the download defaults in the tor manual match the code
Documentation fix on commit 667ba77, which was part of #20534.
2017-08-29 13:48:30 +10:00
Nick Mathewson
f2f1cab2b3 Restore documentation for approved-routers
We removed this documentation in 607724c696, when we removed
Naming Authoritative Directories, but actually this file is still
used by authorities to indicate rejected and invalid fingerprints.

Closes ticket 21148.
2017-08-25 12:35:38 -04:00
Nick Mathewson
cbfc50d485 add another invizbox maintainer to ReleasingTor.md 2017-08-24 16:20:26 -04:00
Nick Mathewson
d37e8b407a Merge branch 'feature22976_squashed' 2017-08-24 09:23:43 -04:00
Nick Mathewson
53c82c0821 Merge branch 'bug22677' 2017-08-24 09:18:03 -04:00
Roger Dingledine
77bb85ba87 fix description of PublishServerDescriptor
the values of "v3" and "bridge" have to do with *where* you publish to,
not whether you publish.
2017-08-09 15:07:49 -04:00
Nick Mathewson
d655388a4a Document all the arguments of PublishServerDescriptor.
Implements 15645.
2017-08-09 11:17:27 -04:00
Nick Mathewson
eb43401bfb Add a 'NoExec' option that causes tor_spawn_background() to fail
Core of an implementation for 22976.
2017-08-09 10:45:48 -04:00
Nick Mathewson
69222fe87d Clarify that "sandbox 1" requires linux and seccomp2
Closes 22677.
2017-08-09 09:29:34 -04:00
Isis Lovecruft
b2a7e8df90
routerkeys: Add cmdline option for learning signing key expiration.
* CLOSES #17639.
 * ADDS new --key-expiration commandline option which prints when the
   signing key expires.
2017-08-03 22:20:02 +00:00
Nick Mathewson
fabc3deb75 Merge branch 'bug20152' 2017-08-03 10:11:44 -04:00
Nick Mathewson
a437080d37 Changes suggested by teor. 2017-08-03 10:11:17 -04:00
Nick Mathewson
18115b5aa9 Document some operators usage conventions. 2017-08-01 10:50:52 -04:00
Nick Mathewson
66a564fad8 Merge branch 'maint-0.3.1' 2017-07-13 16:55:06 -04:00
Nick Mathewson
abb9a5bdda New configuration option MaxConsensusAgeForDiffs
Relay operators (especially bridge operators) can use this to lower
or raise the number of consensuses that they're willing to hold for
diff generation purposes.

This enables a workaround for bug 22883.
2017-07-12 13:15:16 -04:00
Matt Traudt
d730449ba2 Add more details about git branch use in tor 2017-07-10 14:02:11 -04:00
Nick Mathewson
9e317641f9 impact -> affect 2017-07-10 10:03:45 -04:00
Chelsea H. Komlo
934f85f87a
specify when to run make distcheck 2017-07-09 16:17:21 -04:00
Nick Mathewson
42e787817c Try to improve documentation for DirAuthority's port field.
Closes ticket 20152
2017-07-05 12:58:51 -04:00
Chelsea H. Komlo
24d29c7ae0
make check is required for all code submissions
integration tests should be run for feature changes/major patches
2017-06-28 20:40:15 -04:00
Nick Mathewson
3830599a63 Merge branch 'maint-0.3.1' 2017-06-20 14:18:35 -04:00
Nick Mathewson
c4152a25e3 Note that bw_accounting is obsoleted by values in the state file
Closes ticket 16082.
2017-06-20 14:18:10 -04:00
Nick Mathewson
e01e4e0146 Merge branch 'ticket20575_031_01_squashed' 2017-06-19 14:16:21 -04:00
David Goulet
3f807ec058 config: Deprecate HTTPProxy option
Move the HTTPProxy option to the deprecated list so for now it will only warn
users but feature is still in the code which will be removed in a future
stable version.

Fixes #20575

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-19 14:14:17 -04:00
Nick Mathewson
5641e27ffb Document more files in the datadirectory.
This improved list comes from the ls -R results that weasel and ln5
sent me.  Thanks!
2017-06-19 09:57:57 -04:00
Nick Mathewson
b4c9eb0aab Document sr-random and diff-cache. 2017-06-16 14:44:04 -04:00
Nick Mathewson
a73d0fe9a8 Document key-pinning-journal
Closes 22347
2017-06-16 14:26:50 -04:00
Nick Mathewson
80ad374b84 Remove old callgraph scripts; recommend calltool instead. 2017-06-14 17:44:15 -04:00
Roger Dingledine
c361458998 take some of the suggestions from cypherpunks on #6892 2017-05-30 14:17:49 -04:00
Nick Mathewson
5860f0a7c8 Update the torify.1 manpage
I went into this to fix 6892 and say "we don't do anything for
circuit isolation."  But instead I did a fair amount of text-removal
to stop implying that torify does anything more than call torsocks.
2017-05-30 14:15:42 -04:00
Nick Mathewson
1405bdebb0 Update releasing-tor to reflect current versions and tooling
(Note that a lot of the removed guidance is stuff that the tools
will do automatically.)
2017-05-26 10:01:04 -04:00
Daniel Pinto
ba3a5f82f1 Add support for %include funcionality on torrc #1922
config_get_lines is now split into two functions:
 - config_get_lines which is the same as before we had %include
 - config_get_lines_include which actually processes %include
2017-05-18 23:44:16 +01:00
Nick Mathewson
c83657c687 Remove two obsoleted options.
Spotted by atagar

Closes #22257
2017-05-14 19:06:15 -04:00
Roger Dingledine
1474aaa456 fmt two man page entries
whoever made the patch for #17975 wasn't using a proper green-screen
vt100. :)
2017-05-14 19:04:00 -04:00
Roger Dingledine
2cf8f6772b remove stray equals sign
resolves ticket 22256. this typo crept in during bug 21715's commit
fd8284c8.
2017-05-14 19:00:36 -04:00
Nick Mathewson
18e59fdc1c Improve MyFamily docs, based on patch from nusenu
Closes ticket 22223
2017-05-11 07:46:55 -04:00
Nick Mathewson
d76cffda60 Merge remote-tracking branch 'public/my-family-list-fix-4498' 2017-05-10 11:12:24 -04:00
Nick Mathewson
2a1013948d Merge branch 'dgoulet_ticket22060_031_01_squashed' 2017-05-09 10:32:21 -04:00
David Goulet
7f95ef6e66 config: Remove {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
039e2a24da config: Remove TLSECGroup option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
8aedc589ed config: Remove WarnUnsafeSocks option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
60cf5ac297 config: Remove CloseHSServiceRendCircuitsImmediatelyOnTimeout option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
87e9dc48d1 config: Remove CloseHSClientCircuitsImmediatelyOnTimeout option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
bc34654ba2 config: Remove FastFirstHopPK option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
09bc858dd5 config: Remove ExcludeSingleHopRelays option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
d52a1e2faa config: Remove AllowSingleHopExits option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
fea72571df config: Remove AllowSingleHopCircuits option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
2b9823b310 config: Remove AllowInvalidNodes option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:51 -04:00
Nick Mathewson
4d30dde156 Merge branch 'netflow_padding-v6-rebased2-squashed' 2017-05-08 13:54:59 -04:00
Mike Perry
d5a151a067 Bug 17592: Clean up connection timeout logic.
This unifies CircuitIdleTimeout and PredictedCircsRelevanceTime into a single
option, and randomizes it.

It also gives us control over the default value as well as relay-to-relay
connection lifespan through the consensus.

Conflicts:
	src/or/circuituse.c
	src/or/config.c
	src/or/main.c
	src/test/testing_common.c
2017-05-08 13:49:22 -04:00
Mike Perry
b0e92634d8 Netflow record collapsing defense.
This defense will cause Cisco, Juniper, Fortinet, and other routers operating
in the default configuration to collapse netflow records that would normally
be split due to the 15 second flow idle timeout.

Collapsing these records should greatly reduce the utility of default netflow
data for correlation attacks, since all client-side records should become 30
minute chunks of total bytes sent/received, rather than creating multiple
separate records for every webpage load/ssh command interaction/XMPP chat/whatever
else happens to be inactive for more than 15 seconds.

The defense adds consensus parameters to govern the range of timeout values
for sending padding packets, as well as for keeping connections open.

The defense only sends padding when connections are otherwise inactive, and it
does not pad connections used solely for directory traffic at all. By default
it also doesn't pad inter-relay connections.

Statistics on the total padding in the last 24 hours are exported to the
extra-info descriptors.
2017-05-08 13:49:21 -04:00
Georg Koppen
d6dd05f6d8 Bug 22114: Fix wrong values in torrc_format.txt comments 2017-05-01 13:53:07 -04:00
Taylor Yu
224259a929 Document Bridge line transport arguments
Bridge lines in torrc can contain key=value settings as per-connection
arguments to a pluggable transport.  tor.1.txt hadn't been updated to
reflect this.
2017-04-26 16:39:36 -04:00
Nick Mathewson
d4a2decc56 Merge branch 'bug21715_031_01_squashed' 2017-04-25 12:43:41 -04:00
David Goulet
fd8284c8b9 man: Update Num{Directory,Entry}Guards default value
Fixes #21715

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-25 12:43:33 -04:00
Nick Mathewson
6bf82a4910 More clarification on 13802 2017-04-25 10:40:30 -04:00
David Goulet
cb8ac1f331 trace: Add a basic event-tracing infrastructure.
This commit adds the src/trace directory containing the basics for our tracing
subsystem. It is not used in the code base. The "src/trace/debug.h" file
contains an example on how we can map our tor trace events to log_debug().

The tracing subsystem can only be enabled by tracing framework at compile
time. This commit introduces the "--enable-tracing-debug" option that will
make all "tor_trace()" function be maped to "log_debug()".

Closes #13802

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-25 10:37:31 -04:00
Daniel Pinto
fa04fe1674 MyFamily config string is now a list. #4998 2017-04-14 13:04:37 +01:00
Arthur Edelstein
6f0edff399 Bug 21873: Clarify KeepAliveIsolateSOCKSAuth behavior 2017-04-05 17:19:25 -07:00
Sebastian Hahn
2c001b483b Add a release checklist step to highlight changes
In an effort to better communicate with our users that they might need
to take certain actions when upgrading, we should extract from the
changelog the items that require some action (example: the new version
automatically generates keys, if you want them to be offline - make sure
to create them before upgrading).
2017-04-03 16:11:52 +02:00
Nick Mathewson
411736a132 21151: document datadir default decently. 2017-03-17 12:10:43 -04:00
Nick Mathewson
8083e7c80b Note that bandwidth-limit options only affect TCP data. 2017-03-14 19:46:57 -04:00
Nick Mathewson
99ec44de45 Merge remote-tracking branch 'chelseakomlo/documentation_integ_tests' 2017-03-14 11:32:53 -04:00
Nick Mathewson
92813941b5 #21720: Update "directory server options" preamble in manpage 2017-03-14 11:25:54 -04:00
Nick Mathewson
4d3310932a Small fixes to fuzzing documentation. 2017-02-24 10:57:58 -05:00
Nick Mathewson
491348cb8c Rename make fuzz to make test-fuzz-corpora 2017-02-14 18:04:10 -05:00
Nick Mathewson
195acd90c9 Fix an error in Fuzzing.md. (asn spotted this) 2017-01-30 08:46:47 -05:00
Nick Mathewson
558c04f5b1 Merge branch 'combined-fuzzing-v4' 2017-01-30 08:40:46 -05:00
Nick Mathewson
d71fc47438 Update documentation and testing integration for fuzzing 2017-01-30 08:37:27 -05:00
Nick Mathewson
44fa14c0e2 Try to tweak fuzzing.md to correspond to my changes 2017-01-30 08:37:24 -05:00
teor
0fb1156e9f Add a script for running multiple fuzzing sessions on multiple cores 2017-01-30 08:37:23 -05:00
Nick Mathewson
f009b13029 Copy fuzzing instructions by teor 2017-01-30 08:37:23 -05:00
Nick Mathewson
81c78ec755 Outbindbindaddress variants for Exit and OR.
Allow separation of exit and relay traffic to different source IP
addresses (Ticket #17975). Written by Michael Sonntag.
2017-01-27 08:05:29 -05:00
Nick Mathewson
d95d988946 Merge branch 'feature_20956_029' 2017-01-23 16:07:15 -05:00
Nick Mathewson
83307fc267 Add __SocksPort etc variants for non-persistent use
Implements feature 20956.
2017-01-23 16:06:51 -05:00
Nick Mathewson
e52f49aa80 Merge remote-tracking branch 'public/ticket18319' 2017-01-21 14:44:00 -05:00
David Goulet
5a83bb0e90 man: Clarify options in the tor.1 man page
In addition to the comments in the ticket, couple hidden service options have
been improved to clarify the maximum and minimum values they can be set to.

Closes #21058

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-01-17 15:19:42 -05:00
Nick Mathewson
c93428f457 Remove trailing whitespace 2017-01-13 12:31:57 -05:00
Pierre-Antoine Rault
f634499044 improved doc/HelpfulTools.md on profiling Tor
(Based on join work at https://pad.riseup.net/p/profiling-tor)
2017-01-13 12:31:34 -05:00
teor
ceeaf04d16
Document options that can't be changed while tor is running
Closes #21122, bug on multiple tor versions.
2017-01-03 14:54:00 +11:00
Nick Mathewson
ded98be45c Merge remote-tracking branch 'jryans/doc-formatting' 2017-01-02 08:53:17 -05:00
cypherpunks
d3c0b137af Remove dead code related to the old tor-fw-helper
This commit removes more code related to the old tor-fw-helper which was
removed in ticket 13338.

Closes ticket 21024.
2016-12-23 10:50:41 -05:00
Chelsea H. Komlo
dfde58db6b
check-spaces is run as part of make check 2016-12-21 17:08:06 -05:00
Chelsea H. Komlo
d95678ca8f
make distcheck should be a part of the local development process 2016-12-21 17:05:18 -05:00
Chelsea H. Komlo
064b1b6d1c
Adds standard to run code changes against test suite 2016-12-21 09:44:44 -05:00
Nick Mathewson
990a863d7c Merge branch 'ticket20831_v2' 2016-12-16 11:40:19 -05:00
Nick Mathewson
3902a18a69 Remove UseDirectoryGuards
It is obsoleted in an always-on direction by prop271.
2016-12-16 11:32:51 -05:00
Nick Mathewson
b310929ee3 Merge remote-tracking branch 'jryans/no-changes-unreleased' 2016-12-16 10:57:37 -05:00
Nick Mathewson
55d02c004c Remove AuthDirMaxServersPerAuthAddr
Back when Roger had do do most of our testing on the moria host, we
needed a higher limit for the number of relays running on a single
IP address when that limit was shared with an authority. Nowadays,
the idea is pretty obsolete.

Also remove the router_addr_is_trusted_dir() function, which served
no other purpose.

Closes ticket 20960.
2016-12-13 13:09:27 -05:00
Nick Mathewson
0dd48bfe5a Change the default of AuthDirPinKeys to 1.
Closes ticket 18319.
2016-12-13 08:54:38 -05:00
Nick Mathewson
bd2a1d0231 Update description of release practices 2016-12-12 15:38:51 -05:00
J. Ryan Stinnett
231564ee5b Document no changes file needed for bugfixes on unreleased code
Fixes #20932.
2016-12-08 16:48:00 -10:00
Nick Mathewson
e93234af70 Merge branch 'feature15056_v1_squashed' 2016-12-08 16:49:24 -05:00
Nick Mathewson
3d7e485402 Add an option to disable dirauth ed25519 link key checks.
If there is some horrible bug in our ed25519 link authentication
code that causes us to label every single ed25519-having node as
non-running, we'll be glad we had this.  Otherwise we can remove it
later.
2016-12-08 16:47:59 -05:00
Nick Mathewson
9e840e6c7d Add ExtendByEd25519ID consensus parameter/torrc option
I need to be able to turn on Ed25519 support in client generation
of  extend cells so I can test it, but leave it off-by-default until
enough clients support it for us to turn it on for a bunch at once.

This is part of #15056 / prop#220.
2016-12-08 16:47:58 -05:00
J. Ryan Stinnett
810f7c545b Clean up formatting of tor.1 man page and HTML doc
Fixes #20885.
2016-12-04 10:00:07 -06:00
J. Ryan Stinnett
7ffa95abd9 Clarify that ClientRejectInternalAddresses also rejects mDNS *.local hosts
Fixes #17070.
2016-12-03 21:10:40 -06:00
teor
24e293c3c6
Man page update and changes file for 20667 2016-11-30 11:18:38 +11:00
overcaffeinated
6dc25e79b9 Fix typo
Remove stray 'To run'
2016-11-21 12:15:44 -05:00
Nick Mathewson
9a790f7325 Merge branch 'maint-0.2.9' 2016-11-14 10:37:29 -05:00
Fabian Keil
caf7422871 Fix grammar in HiddenServiceSingleHopMode description 2016-11-14 10:28:02 -05:00
Matt Nordhoff
7dee70c3e1 Add "TByte" and "TBytes" units; also add "TBits" to man page 2016-11-10 09:13:27 -05:00
Nick Mathewson
a9fb2b4047 typo fix in doc/HACKING/ReleasingTor.md 2016-11-07 18:54:51 -05:00
Nick Mathewson
3e3040a5d9 Merge branch 'maint-0.2.9'
Conflicts:
	src/or/rendservice.c
2016-11-07 16:31:40 -05:00
Nick Mathewson
c2fc0941a5 Merge remote-tracking branch 'teor/bug20484_029_v2' into maint-0.2.9 2016-11-07 16:12:13 -05:00
teor
a77187a52c
Add onion_service_non_anonymous file to man page 2016-11-08 07:45:02 +11:00
Nick Mathewson
db67867a81 Merge remote-tracking branch 'pastly/ticket20486' 2016-11-01 12:55:14 -04:00
Nick Mathewson
e6d84ac04f Merge branch 'maint-0.2.9' 2016-11-01 12:49:13 -04:00
Matt Traudt
d8d6d8c206 Update man page that HS directory does not need to exist 2016-11-01 12:32:50 -04:00
Nick Mathewson
b858452f94 Add a sentence to the manpage about nonanonymous=>Socksport 0.
Closes 20487.
2016-10-31 15:13:27 -04:00
David Goulet
59247314d5 man: Fix default value of AuthDirGuardBWGuarantee to 2MB
Closes #20435

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-23 10:59:55 -04:00
Chelsea H. Komlo
1a2aa4e3f8 adding instructions how to include new test files 2016-10-14 10:27:21 -04:00
Nick Mathewson
af70e43131 Merge remote-tracking branch 'public/spaces_in_unix_addrs' 2016-10-14 10:21:41 -04:00
Nick Mathewson
d25fed5174 Merge remote-tracking branch 'yawning-schwanenlied/bug20261' 2016-10-11 11:08:20 -04:00
Nick Mathewson
05aed5b635 Allow a unix: address to contain a C-style quoted string.
Feature 18753 -- all this to allow spaces.
2016-10-04 15:43:20 -04:00
Paolo Inglese
ae4077916c Fix parse_virtual_addr_network minimum network size 2016-10-03 12:18:51 +01:00
Yawning Angel
847e001d28 Bug 20261: Disable IsolateClientAddr on AF_LOCAL SocksPorts.
The client addr is essentially meaningless in this context (yes, it is
possible to explicitly `bind()` AF_LOCAL client side sockets to a path,
but no one does it, and there are better ways to grant that sort of
feature if people want it like using `SO_PASSCRED`).
2016-09-30 18:43:31 +00:00
Nick Mathewson
144bd86570 Merge remote-tracking branch 'teor/bug20117' 2016-09-19 14:21:12 -04:00
Nick Mathewson
9f0cb5af15 Merge branch 'feature-17178-v7-squashed-v2' 2016-09-13 10:20:08 -04:00
teor
f311c9ffa2 Replace OnionService* with HiddenService* in option names
And make consequential line-length adjustments.
2016-09-13 10:13:57 -04:00
teor
41f96078c2 Refactor UseEntryNodes so the original configured value is preserved
Parse the value to UseEntryNodes_option, then set UseEntryNodes before
validating options.

This way, Authorities, Tor2web, and Single Onion Services don't write
spurious "UseEntryNodes 0" lines to their configs. Document the fact that
these tor configurations ignore UseEntryNodes in the manual page.

Also reorder options validation so we modify UseEntryNodes first, then
check its value against EntryNodes.

And silence a warning about disabled UseEntryNodes for hidden services
when we're actually in non-anonymous single onion service mode.
2016-09-13 10:13:56 -04:00
teor (Tim Wilson-Brown)
b560f852f2 Implement Prop #260: Single Onion Services
Add experimental OnionServiceSingleHopMode and
OnionServiceNonAnonymousMode options. When both are set to 1, every
hidden service on a tor instance becomes a non-anonymous Single Onion
Service. Single Onions make one-hop (direct) connections to their
introduction and renzedvous points. One-hop circuits make Single Onion
servers easily locatable, but clients remain location-anonymous.
This is compatible with the existing hidden service implementation, and
works on the current tor network without any changes to older relays or
clients.

Implements proposal #260, completes ticket #17178. Patch by teor & asn.

squash! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement Prop #260: Single Onion Services

Redesign single onion service poisoning.

When in OnionServiceSingleHopMode, each hidden service key is poisoned
(marked as non-anonymous) on creation by creating a poison file in the
hidden service directory.

Existing keys are considered non-anonymous if this file exists, and
anonymous if it does not.

Tor refuses to launch in OnionServiceSingleHopMode if any existing keys
are anonymous. Similarly, it refuses to launch in anonymous client mode
if any existing keys are non-anonymous.

Rewrite the unit tests to match and be more comprehensive.
Adds a bonus unit test for rend_service_load_all_keys().
2016-09-13 10:10:54 -04:00
teor
42a74f707c
Document the default PathsNeededToBuildCircuits value
... when the directory authorities don't set min_paths_for_circs_pct.

Fixes bug 20117; bugfix on 02c320916e in tor-0.2.4.10-alpha.
Reported by Jesse V.
2016-09-09 11:20:20 +10:00
Nick Mathewson
e9b1d0619f Merge remote-tracking branch 'dgoulet/ticket18693_029_01' 2016-09-07 11:46:00 -04:00
Nick Mathewson
2a3b651790 Merge remote-tracking branch 'sebastian/bug20064' 2016-09-07 11:38:43 -04:00
Sebastian Hahn
f4ed254652 Document Exit flag assignment when private nets are allowed 2016-09-06 18:38:36 +02:00
Nick Mathewson
4e3f9c1f3a Merge remote-tracking branch 'pastly/ticket19122' 2016-09-06 11:56:46 -04:00
Matt Traudt
e90bd48c2f Change UID to Username in man page 2016-09-06 11:37:59 -04:00
teor
b3dfd9defb
Fix a space error in the man page 2016-09-06 17:49:48 +10:00
Georg Koppen
d0cdc8d783 Bug 20038: Fix typo in ControlPort description 2016-09-05 09:55:58 -04:00
Nick Mathewson
bbaa7d09a0 Merge remote-tracking branch 'teor/reject-tap-v6' 2016-08-29 15:02:11 -04:00
Nick Mathewson
a601ed5c15 update packager emails list again 2016-08-26 09:44:25 -04:00
Nick Mathewson
90bcfa2274 changes file and docs for 18640. 2016-08-25 14:32:10 -04:00
teor (Tim Wilson-Brown)
41cc1f612b Parse *Port flags NoDNSRequest, NoOnionTraffic & OnionTrafficOnly
OnionTrafficOnly is equivalent to NoDNSRequest, NoIPv4Traffic,
and NoIPv6Traffic.

Add unit tests for parsing and checking option validity.
Add documentation for each flag to the man page.

Add changes file for all of #18693.

Parsing only: the flags do not change client behaviour (yet!)
2016-08-24 14:40:53 -04:00
teor (Tim Wilson-Brown)
10aa913acc
Client & HS ignore UseNTorHandshake, all non-HS handshakes use ntor
Rely on onion_populate_cpath to check that we're only using
TAP for the rare hidden service cases.

Check and log if handshakes only support TAP when they should support
ntor.
2016-08-24 11:02:00 +10:00
Nick Mathewson
b3f43a22ab Add two new packagers.
Also, stop implying that Roger still does all the source releases.
2016-08-22 16:51:33 -04:00
Nick Mathewson
507f07de09 Merge remote-tracking branch 'public/deprecation_v2' 2016-08-19 19:58:51 -04:00
Nick Mathewson
5e571900b3 Fix a missing :: in an IPv6 addr in the documentation
Closes 19743.
2016-08-12 19:30:41 -04:00
Nick Mathewson
9b6ff4c882 Teach checkOptionDocs about deprecation.
In particular, teach it that deprecated options must exist.
2016-08-03 12:16:58 -04:00
Nick Mathewson
88a7a02728 Bufferevent removal: remove more bufferevent-only options
(All this IOCP stuff was bufferevent-only.)
2016-08-02 13:33:08 -04:00
Nick Mathewson
78196c8822 Merge remote-tracking branch 'teor/bug18456' 2016-07-05 19:10:08 -04:00
Nick Mathewson
8cae4abbac Merge branch 'maint-0.2.8' 2016-07-05 12:43:17 -04:00
intrigeri
3f33a5b1e7 Run asciidoc in UTC timezone for build reproducibility.
asciidoc adds a timestamp at the end of a generated HTML file.
This timestamp is based on the date of the file but it can change
depending on the TZ environment variable.
2016-07-05 12:38:24 -04:00
Nick Mathewson
aaa3129043 Merge remote-tracking branch 'dgoulet/ticket16943_029_05-squashed'
Trivial Conflicts:
	src/or/or.h
	src/or/routerparse.c
2016-07-01 15:29:05 -04:00
David Goulet
ca6ceec112 prop250: Put commits and SRVs in votes/consensus
This commit adds the commit(s) line in the vote as well as the SR values. It
also has the mechanism to add the majority SRVs in the consensus.

Signed-off-by: George Kadianakis <desnacked@riseup.net>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 13:25:03 -04:00
teor (Tim Wilson-Brown)
514f0041d1
Avoid disclosing exit IP addresses in exit policies by default
From 0.2.7.2-alpha onwards, Exits would reject all the IP addresses
they knew about in their exit policy. But this may have disclosed
addresses that were otherwise unlisted.

Now, only advertised addresses are rejected by default by
ExitPolicyRejectPrivate. All known addresses are only rejected when
ExitPolicyRejectLocalInterfaces is explicitly set to 1.
2016-07-01 15:37:13 +10:00
Nick Mathewson
c6846d7bf0 Merge remote-tracking branch 'andrea/bug18322_v3_squashed' 2016-06-30 11:18:00 -04:00
Andrea Shepard
cc6753939c Update description in man page to match new MaxUnparseableDescSizeToLog option name and semantics 2016-06-30 07:03:25 +00:00
Andrea Shepard
1055cd65b8 Document new DetailedLogForUnparseableDescriptors option in man page 2016-06-30 07:03:24 +00:00
Nick Mathewson
11ba7f0037 Merge remote-tracking branch 'weasel/bug19504' 2016-06-29 16:18:00 -04:00
Nick Mathewson
560e976e4b Merge remote-tracking branch 'weasel/bug19505' 2016-06-29 16:12:15 -04:00
Peter Palfrader
869e5688b7 Actually, the tor --passphrase-fd is different from the tor-gencert one 2016-06-25 16:53:07 +02:00
Peter Palfrader
135800f75c tor-gencert.1: fix --passphrase-fd description 2016-06-25 16:48:42 +02:00
Peter Palfrader
90f85b012a Document the --passphrase-fd option in the tor manpage 2016-06-25 16:44:41 +02:00
Nick Mathewson
2c96d95c12 Fix spelling of --enable-tor2web-mode in manpage
Fixes bug 19153; patch from "U+039b", who is apparently an uppercase
lambda?
2016-06-19 12:14:28 -04:00
Nick Mathewson
2042080b21 ondrej is no longer making rpms 2016-06-15 12:55:40 -04:00
Nick Mathewson
ae4889ac1a remove sentence about tor-ops from manpage: #19185 2016-05-27 11:31:34 -04:00
Nick Mathewson
771ca7c544 Stop recommending --enable-gcc-warnings in doc/HACKING 2016-05-23 14:40:27 -04:00
Nick Mathewson
6294eb2846 Merge branch 'maint-0.2.8' 2016-05-12 10:03:26 -04:00
Roger Dingledine
4a62d7aabc minor touchups on nick's ticket 17621 changes 2016-05-11 16:35:36 -04:00
Nick Mathewson
af4b7d0405 Document the contents of $datadir/keys
Ticket 17621.
2016-05-11 14:03:34 -04:00
Nick Mathewson
27c1b0ea43 Merge branch 'maint-0.2.8' 2016-05-04 15:13:15 -04:00
Nick Mathewson
92615f608c Do not recommend use of nicknames in MapAddress manpage 2016-04-26 20:30:59 -04:00
Nick Mathewson
4043f2c95f Adopt the LCOV convention for marking lines as unreachable by tests.
Document this convention.

Add a script to post-process .gcov files in order to stop nagging us
about excluded lines.

Teach cov-diff to handle these post-processed files.

Closes ticket 16792
2016-04-12 21:12:10 -04:00
Nick Mathewson
bd34edc18d Merge remote-tracking branch 'sebastian/stemtest' 2016-04-12 13:13:15 -04:00
Nick Mathewson
eafcd7b0fc Merge branch 'maint-0.2.8' 2016-04-12 13:02:37 -04:00
David Goulet
40827da3bf Turn TestingClientBootstrap* into non-testing options
This changes simply renames them by removing "Testing" in front of them and
they do not require TestingTorNetwork to be enabled anymore.

Fixes #18481

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-04-07 10:57:59 -04:00
Roger Dingledine
93c311daa8 majority of four is, alas, three 2016-03-29 10:57:01 -04:00
Nick Mathewson
e1f4d9552e Faravahar also versions. 2016-03-29 07:55:02 -04:00
Nick Mathewson
3220bd816b Merge branch 'maint-0.2.8' 2016-03-28 16:14:21 -04:00
Nick Mathewson
05b52eea6a Add more structure (and tests) to ReleasingTor.md 2016-03-28 16:07:19 -04:00
Sebastian Hahn
0c0bdbef28 Write a document on how to add a test to Stem 2016-03-28 17:21:28 +02:00
Sebastian Hahn
7d6e7fdd03 Remove redundant only in manpage 2016-03-27 22:22:29 +02:00
Roger Dingledine
94cb8792e8 who was that previous arma, who couldn't spell iso? 2016-03-26 02:07:48 -04:00
Nick Mathewson
424af93ded Merge branch 'bug18517_squashed' 2016-03-24 10:14:05 -04:00
teor (Tim Wilson-Brown)
f2153f9716 Always allow OR connections to bridges on private addresses
Regardless of the setting of ExtendAllowPrivateAddresses.

This fixes a bug with pluggable transports that ignore the
(potentially private) address in their bridge line.

Fixes bug 18517; bugfix on 23b088907f in tor-0.2.8.1-alpha.
2016-03-24 10:13:58 -04:00
Roger Dingledine
ea829784c0 specify in the man page that {cc} is a 2-letter ISA3166 code 2016-03-23 17:49:55 -04:00
Nick Mathewson
c9899ee640 Merge remote-tracking branch 'weasel/bug18458' 2016-03-15 09:18:24 -04:00
Nick Mathewson
ffc25bc908 Fedora Core->Fedora; yum->dnf.
Closes 18426 and 18459.
2016-03-11 09:13:33 -05:00
Peter Palfrader
1ef7df551d First RelaxDirModeCheck implementation 2016-03-01 17:08:14 +01:00
teor (Tim Wilson-Brown)
af88e8f237 Add missing man page option from #4483 (35bbf2e4)
TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries
2016-02-26 10:58:30 +01:00
Nick Mathewson
5a164d50bb Add another admonishment to WritingTests.md 2016-02-11 13:17:21 -05:00
Nick Mathewson
ba2be81fc3 Merge remote-tracking branch 'teor/feature17840-v11-merged-v2' 2016-02-11 12:20:20 -05:00
teor (Tim Wilson-Brown)
c213f277cd Make bridge clients prefer the configured bridge address
When ClientPreferIPv6ORPort is auto, bridges prefer the configured
bridge ORPort address. Otherwise, they use the value of the option.
Other clients prefer IPv4 ORPorts if ClientPreferIPv6ORPort is auto.

When ClientPreferIPv6DirPort is auto, all clients prefer IPv4 DirPorts.
2016-02-03 23:56:19 +11:00
Nick Mathewson
311a13220c mention lintChanges.py in the coding standards 2016-02-01 16:47:47 -05:00
teor (Tim Wilson-Brown)
c4cb4706c9 Merge branch 'feature17840-v11-squashed' into feature17840-v11-merged
Conflicts:
	src/or/directory.c
	src/test/test_routerlist.c

Fix minor conflicts.
2016-01-29 07:37:06 +11:00
teor (Tim Wilson-Brown)
3b8216f215 Use fascist firewall and ClientUseIPv4 for bridge clients
Bridge clients ignore ClientUseIPv6, acting as if it is always 1.
This preserves existing behaviour.

Make ClientPreferIPv6OR/DirPort auto by default:
 * Bridge clients prefer IPv6 by default.
 * Other clients prefer IPv4 by default.
This preserves existing behaviour.
2016-01-29 07:16:04 +11:00
teor (Tim Wilson-Brown)
2d33d192fc Add ClientUseIPv4 and ClientPreferIPv6DirPort torrc options
ClientUseIPv4 0 tells tor to avoid IPv4 client connections.
ClientPreferIPv6DirPort 1 tells tor to prefer IPv6 directory connections.

Refactor policy for IPv4/IPv6 preferences.

Fix a bug where node->ipv6_preferred could become stale if
ClientPreferIPv6ORPort was changed after the consensus was loaded.

Update documentation, existing code, add unit tests.
2016-01-29 07:13:57 +11:00
Nick Mathewson
a5bed4dab2 Merge branch 'maint-0.2.7' 2016-01-28 11:53:03 -05:00
Nick Mathewson
601c823255 Try to fix formatting in manpage 2016-01-28 11:52:48 -05:00
Nick Mathewson
6b2087dbe4 Merge branch 'maint-0.2.7' 2016-01-28 10:22:06 -05:00
Nick Mathewson
fb64c55cf8 Add descriptions for --keygen to the manpage
Based on text from s7r
2016-01-28 10:19:29 -05:00
Nick Mathewson
4770db8e99 Clarify ReleasingTor.md on versions.wmi
Closes #17839.
2016-01-27 12:37:01 -05:00
unixninja92
4f0e28977d Added AccountRule in and AccountingRule out options 2016-01-08 15:52:10 -08:00
Nick Mathewson
2b9b694410 Remove config.log from CLEANFILES
Fixes bug 17924; bugfix on 0.2.4.1-alpha.

In ddf5020ea8, we added config.log to CLEANFILES in doc/Makefile.am
so that distcheck would be happy about the presence of doc/config.log.
But when we moved to nonrecursie makefiles in 2a4a149624, we
accidentally left that filename unchanged, so that it referred to
config.log instead.

Patch from cypherpunks.
2015-12-22 20:46:15 -05:00
Nick Mathewson
b9596b8fdf document minimum heartbeatperiod; bug 15638. 2015-12-22 11:10:37 -05:00
Matthew Finkel
997f779a7f Add new DirCache configuration option
This will give relay operators the ability of disabling the caching of
directory data. In general, this should not be necessary, but on some
lower-resource systems it may beneficial.
2015-12-18 13:14:09 -05:00
Nick Mathewson
aa4be914f0 Merge remote-tracking branch 'teor/feature17327-v4' 2015-12-15 13:19:18 -05:00
Nick Mathewson
125e0c7022 remove redundant section in tor.1.txt 2015-12-15 13:18:06 -05:00
Nick Mathewson
aba39ea390 Merge branch 'feature8195_small_squashed' 2015-12-15 13:11:06 -05:00
Nick Mathewson
405a8d3fb4 Update KeepCapabilities based on comments from asn
* The option is now KeepBindCapabilities
* We now warn if the user specifically asked for KeepBindCapabilities
  and we can't deliver.
* The unit tests are willing to start.
* Fewer unused-variable warnings.
* More documentation, fewer misspellings.
2015-12-15 13:10:57 -05:00
Nick Mathewson
e8cc839e41 Add ability to keep the CAP_NET_BIND_SERVICE capability on Linux
This feature allows us to bind low ports when starting as root and
switching UIDs.

Based on code by David Goulet.

Implement feature 8195
2015-12-15 13:10:57 -05:00
Nick Mathewson
a7d44731d9 Merge remote-tracking branch 'teor/feature4483-v10-squashed' 2015-12-15 12:57:57 -05:00
teor (Tim Wilson-Brown)
2212530bf5 Prop210: Close excess connections once a consensus is downloading
Once tor is downloading a usable consensus, any other connection
attempts are not needed.

Choose a connection to keep, favouring:
* fallback directories over authorities,
* connections initiated earlier over later connections

Close all other connections downloading a consensus.
2015-12-16 04:37:59 +11:00
teor (Tim Wilson-Brown)
35bbf2e4a4 Prop210: Add schedules for simultaneous client consensus downloads
Prop210: Add attempt-based connection schedules

Existing tor schedules increment the schedule position on failure,
then retry the connection after the scheduled time.

To make multiple simultaneous connections, we need to increment the
schedule position when making each attempt, then retry a (potentially
simultaneous) connection after the scheduled time.

(Also change find_dl_schedule_and_len to find_dl_schedule, as it no
longer takes or returns len.)

Prop210: Add multiple simultaneous consensus downloads for clients

Make connections on TestingClientBootstrapConsensus*DownloadSchedule,
incrementing the schedule each time the client attempts to connect.

Check if the number of downloads is less than
TestingClientBootstrapConsensusMaxInProgressTries before trying any
more connections.
2015-12-16 04:37:49 +11:00
Nick Mathewson
54433993c7 Merge branch 'feature17576-UseDefaultFallbackDirs-v2-squashed' 2015-12-15 12:19:08 -05:00
teor (Tim Wilson-Brown)
080ae03ee4 Add UseDefaultFallbackDirs for hard-coded directory mirrors
UseDefaultFallbackDirs enables any hard-coded fallback
directory mirrors. Default is 1, set it to 0 to disable fallbacks.

Implements ticket 17576.
Patch by "teor".
2015-12-15 12:19:01 -05:00
cypherpunks
816207511b Remove the INLINE coding standard 2015-12-15 11:34:00 -05:00
Nick Mathewson
85003f4c80 Add a new ipv6=address:orport flag to DirAuthority and FallbackDir
Resolves # 6027
2015-12-14 23:43:50 +11:00
Jamie Nguyen
ec4ef68271 Introduce DataDirectoryGroupReadable boolean 2015-12-10 20:00:06 -05:00
Nick Mathewson
9f6b9e28cc forward-port changelog and releasenotes 2015-12-10 14:24:22 -05:00
Nick Mathewson
caff665309 Merge remote-tracking branch 'teor/first-hop-no-private' 2015-12-09 10:47:59 -05:00
Andrew Kvalheim
61d3364f26 Fix formatting typo in manpage. 2015-12-09 10:37:22 -05:00
teor (Tim Wilson-Brown)
23b088907f Refuse to make direct connections to private OR addresses
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.

Fixes bugs 17674 and 8976; bugfix on b7c172c9ec (28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.

Patch by "teor".
2015-11-25 03:11:15 +11:00
Damian Johnson
8661b4b5a2 Drop HidServDirectoryV2 and VoteOnHidServDirectoriesV2
These options were removed from tor in July. Time to axe them from our man
page. :P

  https://gitweb.torproject.org/tor.git/commit/?id=2f8cf524ba4e565ab613504a4c41fd724d32facc
2015-11-23 18:27:17 -08:00
Damian Johnson
feeb3e761c Split 'slop' man page options to their own lines
The slop testing options are the only spot where we try to enumerate multiple
options on the same line. Changing them to each be on their own line as we do
elsewhere.
2015-11-23 18:21:38 -08:00
Damian Johnson
91b0ba1d19 TestingLinkCertLifetime was misnamed as 'TestingLinkCertifetime'
Simple typo - we were missing a letter.
2015-11-23 17:51:30 -08:00
Damian Johnson
961db64d3c Rename RecommendedPackageVersions to RecommendedPackages
A 'RecommendedPackageVersions' option doesn't exist in tor. However, it *does*
have RecommendedPackages...

  feature: https://gitweb.torproject.org/tor.git/commit/?id=c83d8381
  man addition: https://gitweb.torproject.org/tor.git/commit/?id=ddfdeb56
2015-11-23 17:47:00 -08:00
Damian Johnson
1193647ac8 Replace 'SOCKSPort' with 'SocksPort'
When applying changes from proposal 171 Nick renamed SocksPort to SOCKSPort,
and SocksListenAddress to SOCKSListenAddress...

  https://gitweb.torproject.org/tor.git/commit/?id=891ccd3cd0690e83f1dc4dde7698c3bd9d7fe98d

However, this didn't change the option itself in tor (it's still SocksPort),
and wasn't even uniform in the man page. Functionally this doesn't matter
(tor's config options are case insensitive) but this is a pretty clear
regression.
2015-11-23 17:32:49 -08:00
Damian Johnson
5812930dc1 Note in man page where users can file bugs
In addition to inviting users to tell us about bugs, lets say where.
2015-11-23 17:26:46 -08:00
Damian Johnson
690b66ce48 ControlPort's section on flags wasn't indented
Minor formatting issue with our ControlPort entry. The part about flags wasn't
indented with the rest of its description.
2015-11-23 17:25:26 -08:00
Damian Johnson
4417effa52 Malformed ExtORPort entry in man page
Minor formatting issue with our ExtORPort that caused its description to be on
the same line as the option (munging the two together).
2015-11-23 17:23:14 -08:00
teor (Tim Wilson-Brown)
2a4057e042 man update: ExitPolicyRejectPrivate outbound and port addresses
ExitPolicyRejectPrivate now rejects addresses configured via
OutboundBindAddress and any port options, such as ORPort and DirPort.
2015-11-20 10:39:37 +11:00
Nick Mathewson
43609fba77 fix an email address in doc/HACKING/ReleasingTor.md 2015-11-13 09:01:55 -05:00
Nick Mathewson
7bdbcdaed8 Merge commit '7b859fd8c558c9cf08add79db87fb1cb76537535' 2015-11-13 08:42:20 -05:00
Joan Queralt
b370052ae4 + and / usage clarification - Fixes #13158 2015-11-12 14:01:00 -05:00
Nick Mathewson
5a37061885 Delete trailing whitespace in md files 2015-11-05 09:53:05 -05:00
Nick Mathewson
43ce4626f1 add release notes 2015-11-05 09:46:40 -05:00
tom lurge
617e0f8d26 added some markdown formatting 2015-11-05 09:13:53 -05:00
Nick Mathewson
8976e739af Fix filename endings in HACKING. Patch from "ckomlo", ticket #17515. 2015-11-03 08:23:08 -05:00
Nick Mathewson
c1c1c4d057 Refer to the actual minima and the preferred minimum 2015-10-30 10:57:47 -04:00
Nima Fatemi
e6888e2144 Bump up minimum BandwidthRate from 30KB to 250KBytes - Fixes #16382 2015-10-30 10:51:29 -04:00
Nick Mathewson
0696ac5b5e Merge branch 'doc17392' 2015-10-30 09:25:51 -04:00
rl1987
3c08b76fc4 Mention torspec URL in the manpage. 2015-10-30 09:25:39 -04:00
Nick Mathewson
92a6c578d7 hacking is now markdown
Not good markdown, mind you.
2015-10-29 10:31:38 -04:00
Nick Mathewson
e5976482a3 More issues that Karsten spotted 2015-10-29 10:29:21 -04:00
Karsten Loesing
f40dc287bd Clean up the doc/HACKING/* docs a bit. 2015-10-29 14:28:17 +01:00
Nick Mathewson
2929986049 Actually add HowToReview.txt 2015-10-22 10:03:04 -04:00
Nick Mathewson
609c1e8870 Start writing a how to review doc 2015-10-22 10:01:13 -04:00
Nick Mathewson
1a236c78aa Add another entry to ReleasingTor email list, per anonym 2015-10-21 17:06:10 -04:00
Nick Mathewson
7b859fd8c5 Note that you can use a unix domain socket for hsport 2015-10-21 12:22:05 -04:00
Nick Mathewson
34b4da709d Fix a bunch more memory leaks in the tests. 2015-10-21 10:00:05 -04:00
Nick Mathewson
49ccb7e7b8 Mention trunnel in CodingStandards; describe how in trunnel/README 2015-10-14 10:40:27 -04:00
Nick Mathewson
8182715a2b Add a doc/HACKING/README.1st 2015-10-09 10:40:53 -04:00
Nick Mathewson
a11cb74d29 Split the old doc/HACKING into several new files 2015-10-09 10:40:53 -04:00
Nick Mathewson
c751e5af4a Move hacking documentation into a new subdirectory. 2015-10-09 10:40:53 -04:00
Nick Mathewson
9e461588a6 Add my draft (in-progress) guide to getting started on tor development 2015-10-08 11:52:27 -04:00
Nick Mathewson
f3804a4d6f finish up doc/WritingTests.txt 2015-10-08 10:55:31 -04:00
Peter Palfrader
1cf0d82280 Add SyslogIdentityTag
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message.  The tag can be
configured by setting SyslogIdentityTag and defaults to none.  Setting
it to "foo" will cause logs to be tagged as "Tor-foo".  Closes: #17194.
2015-09-30 18:34:15 +02:00
Nick Mathewson
51d18aeb42 changes file and manpage entry for AuthDirPinKeys 2015-09-24 11:29:05 -04:00
Nick Mathewson
e94ef30a2f Merge branch 'feature16944_v2' 2015-09-22 09:19:28 -04:00
teor (Tim Wilson-Brown)
b584152874 Update private ExitPolicy in man page and torrcs for 10727, formatting
Update the definition of the private exit policy in the man page
and torrcs. It didn't get merged correctly into the man page, and
it was incomplete in the torrcs. (Unfortunately, we only reject the
primary configured IPv4 and IPv6 addresses, not all configured IPv4
and IPv6 addresses.)

Also fixup msn page formatting errors from changes in tickets 16069
and 17027, mainly unescaped *s.
2015-09-22 12:14:27 +10:00
teor (Tim Wilson-Brown)
7268525142 Add IPv6 syntax to ExitPolicy intro paragraph in man page 2015-09-22 11:44:13 +10:00
teor (Tim Wilson-Brown)
249e82c906 Update docs with advice for separate IPv4 and IPv6 exit policies
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.

Related to fixes in ticket #16069 and #17027. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-22 11:41:16 +10:00
teor (Tim Wilson-Brown)
a659a3fced Merge branch 'bug17027-reject-private-all-interfaces-v2' into bug16069-bug17027
src/test/test_policy.c:
Merged calls to policies_parse_exit_policy by adding additional arguments.
fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED.
Compacting logic test now produces previous list length of 4, corrected this.

src/config/torrc.sample.in:
src/config/torrc.minimal.in-staging:
Merged torrc modification dates in favour of latest.
2015-09-16 09:09:54 +10:00
teor (Tim Wilson-Brown)
098b82c7b2 ExitPolicyRejectPrivate rejects local IPv6 address and interface addresses
ExitPolicyRejectPrivate now rejects more local addresses by default:
 * the relay's published IPv6 address (if any), and
 * any publicly routable IPv4 or IPv6 addresses on any local interfaces.

This resolves a security issue for IPv6 Exits and multihomed Exits that
trust connections originating from localhost.

Resolves ticket 17027. Patch by "teor".
Patch on 42b8fb5a15 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-16 02:56:50 +10:00
teor (Tim Wilson-Brown)
d3358a0a05 ExitPolicy accept6/reject6 produces IPv6 wildcard addresses only
In previous versions of Tor, ExitPolicy accept6/reject6 * produced
policy entries for IPv4 and IPv6 wildcard addresses.

To reduce operator confusion, change accept6/reject6 * to only produce
an IPv6 wildcard address.

Resolves bug #16069.

Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:12 +10:00
Nick Mathewson
fcec1f3381 Merge branch 'feature15482_squashed' 2015-09-08 14:03:04 -04:00
Yawning Angel
54510d4d1a Add KeepAliveIsolateSOCKSAuth as a SOCKSPort option.
This controls the circuit dirtyness reset behavior added for Tor
Browser's user experience fix (#15482). Unlike previous iterations
of this patch, the tunable actually works, and is documented.
2015-09-08 14:02:08 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
Nick Mathewson
1d514b8a91 Add doc/WritingTests.txt to distribution 2015-09-03 10:30:54 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
Sebastian Hahn
6034e21331 Include doc/TUNING in our release tarballs 2015-09-01 09:15:11 -04:00
Nick Mathewson
1eb2106375 Document callgraph analysis code 2015-08-25 11:53:20 -04:00
Sebastian Hahn
1633d1ad1d Remove tor-fw-helper more thoroughly 2015-08-21 10:36:53 -04:00
teor
359faf5e4b New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags
"option to prevent guard,exit,hsdir flag assignment"

"A node will never receive the corresponding flag unless
that node is specified in the
TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of
its uptime, bandwidth, exit policy, or DirPort".

Patch modified by "teor": VoteOnHidServDirectoriesV2
is now obsolete, so TestingDirAuthVoteHSDir always
votes on HSDirs.

Closes ticket 14882. Patch by "robgjansen".
Commit message and changes file by "teor"
with quotes from "robgjansen".
2015-08-18 14:51:57 +10:00
teor
0cb82013cc Fix TestingDirAuthVoteHSDir docs: HSDir flag needs DirPort
Fix an error in the manual page and comments for
TestingDirAuthVoteHSDir, which suggested that a
HSDir required "ORPort connectivity". While this is true,
it is in no way unique to the HSDir flag. Of all the flags,
only HSDirs need a DirPort configured in order for the
authorities to assign that particular flag.

Fixed as part of 14882. Patch by "teor".
Bugfix on 0.2.6.3 (f9d57473e1 on 10 January 2015).
2015-08-18 14:51:57 +10:00
Nick Mathewson
9338847bf4 Write a bunch more test for doc/WritingTests 2015-08-05 11:47:38 -04:00
Nick Mathewson
5721627517 Update doc/HACKING with more coverage instructions 2015-08-03 13:30:25 -04:00
Linus Nordberg
5be36a46ca Move the note about non-localhost SOCKSPort usage up to where it belongs.
I think this section slipped downwards when flags where added.
2015-07-24 09:24:05 -04:00
Nick Mathewson
a8accd55f2 Bump version (and explain how) 2015-07-23 13:48:13 -04:00
Nick Mathewson
9d237bb00a Actually, write the torrc format in ABNF
This should make it more clear what I meant, if you know how to read ABNF.

(Thanks to rl1987 for correcting numerous issues here)
2015-07-22 12:24:15 -04:00
Nick Mathewson
7521c3ee91 Document the torrc format as thoroughly as possible
Closes ticket 2325
2015-07-20 12:05:44 -04:00
Nick Mathewson
2ba6542517 Merge remote-tracking branch 'sysrqb/bug15220_026_sysrqb' 2015-07-16 15:38:08 -04:00
David Goulet
adc04580f8 Add the torrc option HiddenServiceNumIntroductionPoints
This is a way to specify the amount of introduction points an hidden service
can have. Maximum value is 10 and the default is 3.

Fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
Andrea Shepard
95bcd2dc15 Update and clarify release checklist 2015-06-10 15:05:52 +00:00
teor
bc0a9843e5 Add instructions for clang sanitizers, static analyzer, and coverity
Document use of coverity, clang static analyzer, and clang dynamic
undefined behavior and address sanitizers in doc/HACKING.

Add clang dynamic sanitizer blacklist in
contrib/clang/sanitizer_blacklist.txt to exempt known undefined
behavior. Include detailed usage instructions in this blacklist file.

Patch by "teor".
2015-06-06 04:04:23 +10:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
5eb584e2e9 Document some ed25519 key options 2015-05-28 10:47:47 -04:00
rl1987
0989ba3383 FIx a couple of mistypes. 2015-05-26 21:52:26 +03:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
Nick Mathewson
101fc13b99 Bump version to 0.2.7.1-alpha. (This is not the release yet.) 2015-05-11 10:10:29 -04:00
Nick Mathewson
e086db7952 Merge branch 'writing_tests' 2015-05-07 15:29:56 -04:00
Nick Mathewson
79e85313aa Write the outlines of a WritingTests.txt document
Also, add some sample tests to be examples.
2015-05-07 15:29:16 -04:00
Nick Mathewson
f15e7d4a1b New email for Lukas Fleischer 2015-04-22 09:49:23 -04:00
Roger Dingledine
c759ed2c62 update url in HACKING file 2015-04-08 13:44:56 -04:00
Nick Mathewson
1457364c49 Merge branch 'doc15550_squashed' 2015-04-07 14:05:52 -04:00
rl1987
636495257b Improve descriptions of statistics-related torrc options. 2015-04-07 14:04:03 -04:00
Nick Mathewson
f0fa0d2b7b Add lukas to doc/HACKING pakager list 2015-04-07 07:40:46 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
840c11b14e Remove dynamicdhgroups from the manpage 2015-04-01 13:41:15 -04:00
Nick Mathewson
f31dc84f03 More addrs in HACKING 2015-03-25 09:16:42 -04:00
Nick Mathewson
8adecae09d spelling fix 2015-03-24 11:55:35 -04:00
Nick Mathewson
95530bac83 Start adding people to the packager list in doc/HACKING 2015-03-24 09:29:28 -04:00
cypherpunks
17cbc4350f Use output variables instead of relative paths.
Fixes the following rules in out-of-tree builds;
- check-spaces
- check-docs
- check-logs
- Doxygen
- coverage-html

And cleans up additional directories;
- coverage_html
- doc/doxygen
2015-03-14 13:00:04 -04:00
Nick Mathewson
809517a863 Allow {World,Group}Writable on AF_UNIX {Socks,Control}Ports.
Closes ticket 15220
2015-03-11 13:31:33 -04:00
cypherpunks
9dc90a5b7b Add check-changes rule for checking formatting of changes files.
Additional fixes to make the change work;
- fix Python 2 vs 3 issues
- fix some PEP 8 warnings
- handle paths with numbers correctly
- mention the make rule in doc/HACKING.
2015-03-09 09:00:12 -04:00
Nick Mathewson
cf55070e2c Standardize on calling them "server descriptors".
Part of 14987
2015-02-25 09:22:25 -05:00
Roger Dingledine
0883f92e91 specify a default for UseGuardFraction in the man page
(as added in commit f4a63f8eab)
2015-02-18 16:37:14 -05:00
Nick Mathewson
96211bcf71 Merge branch 'bug9321_rerebase'
Conflicts:
	src/or/dirvote.h
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-18 09:17:02 -05:00
George Kadianakis
f4a63f8eab Parse GuardFraction info from consensuses and votes.
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
5ee48d47a7 Parse Guardfraction file and apply results to routerstatuses.
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
2015-02-18 09:09:32 -05:00
Nick Mathewson
caf28519d9 Merge branch 'bug12844'
Conflicts:
	src/or/circuituse.c
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-11 15:06:04 -05:00
Nick Mathewson
79c7625e38 Merge branch 'feature13864_squashed' 2015-02-02 13:32:53 -05:00
rl1987
1ebed7cc77 Updating manpage for 13865. 2015-02-02 13:31:56 -05:00
rl1987
aa4f773670 Updating OpenBSD section of doc/TUNING. 2015-02-01 19:52:54 +02:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Nick Mathewson
64bde3ae94 Document unix: addresses 2015-01-29 14:56:45 -05:00
Nick Mathewson
204374f7d9 Remove SocksSocket; it's now spelled differently thanks to 14451
Also, revise bug12585 changes file to mention new syntax
2015-01-29 14:46:20 -05:00
Nick Mathewson
f75ca04520 Tweak tor-resolve docs and logs
Resolves 14325
2015-01-28 10:11:08 -05:00
Nick Mathewson
e00503fe57 Merge branch 'doc13702_squashed' 2015-01-27 12:42:12 -05:00
rl1987
d7ac4d9130 Adding section on OpenBSD to doc/TUNING 2015-01-27 12:41:12 -05:00
Nick Mathewson
e7e33d4b04 Merge branch 'bug14084' 2015-01-20 14:07:37 -05:00
Nick Mathewson
18a15747ef Expand manpage for HiddenServiceAllowUnknownPorts based on suggestions from qwerty1 and dgoulet 2015-01-20 14:07:22 -05:00
Nick Mathewson
485fdcf826 Unify parse_unix_socket_config and parse_port_config
This incidentally makes unix SocksSocket support all the same options
as SocksPort.

This patch breaks 'SocksSocket 0'; next will restore it.

Resolves 14254.
2015-01-16 11:35:48 -05:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Nick Mathewson
ddfdeb5659 More documentation for proposal 227 work 2015-01-10 15:44:32 -05:00
teor
f9d57473e1 Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.

Partial fix for bug 14067.
2015-01-10 22:34:28 +11:00
Andrea Shepard
78956f5d85 Document disable option for ControlSocket and SocksSocket 2015-01-09 20:54:59 +00:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585.
Signed-off-by: Andrea Shepard <andrea@torproject.org>
2015-01-07 17:42:57 +00:00
Nick Mathewson
90b9e23bec Merge branch 'exitnode_10067_squashed'
Conflicts:
	src/or/or.h
2015-01-06 15:15:18 -05:00
Nick Mathewson
35efce1f3f Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.

If it's set to 1, we obey ExitPolicy.

If it's set to 0, we force ExitPolicy to 'reject *:*'

And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.

Fixes ticket 10067
2015-01-06 14:31:20 -05:00
Nick Mathewson
74cd57517c New option "HiddenServiceAllowUnknownPorts"
This allows hidden services to disable the anti-scanning feature
introduced in 0.2.6.2-alpha. With this option not set, a connection
to an unlisted port closes the circuit.  With this option set, only
a RELAY_DONE cell is sent.

Closes ticket #14084.
2015-01-03 12:34:52 -05:00
Nick Mathewson
4d6a971ba9 Tweak 13913 fix: clarify that the behavior is not promised
Also, it's->its.  The apostrophe is used if and only if it's a
contraction for "it is".
2014-12-29 08:41:30 -05:00
Nick Mathewson
fd5d9d04b3 Merge remote-tracking branch 'rl1987/ticket13913' 2014-12-29 08:39:13 -05:00
rl1987
f785723e0b Document the case of HiddenServiceDir being defined as relative path. 2014-12-21 19:05:10 +02:00
George Kadianakis
13a6fb9a2a HS stats: Add changes file and improve man page. 2014-12-19 10:35:34 -05:00
George Kadianakis
14e83e626b Add two hidden-service related statistics.
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
2014-12-19 10:35:25 -05:00
Nick Mathewson
fb3000e10c whoops; removed the documentation for Support022HiddenServices too 2014-11-17 21:16:33 -05:00
Nick Mathewson
ab08d8c4f7 document that hiddenserviceport can have an ipv6 addr.for 12670 2014-11-14 11:19:34 -05:00
Nick Mathewson
26e7e519dc Document networkstatus-bridges
Closes 13713; patch from 'tom'
2014-11-10 09:03:11 -05:00
rl1987
7f7df97579 Fixing typo in manpage. 2014-11-09 16:34:34 +02:00
Nick Mathewson
68af1e7e9b Throw identify-node-by-nickname down the memory hole
Authorities are no longer voting on Named, so specifying nodes by
nickname isn't a clever thing to do.  (Not that it ever was!)  So
remove the documentation that suggests that you should do it.

Additionally, add proper cross-references to our __node__ lists, and
explain about the optional $ before identity digests.

Also, the oxford comma: endorsed by Steven Pinker, my spouse, and my
11th grade English teacher.

Closes 13381.
2014-11-06 11:10:58 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests'
Conflicts:
	src/or/config.c
2014-11-05 14:11:47 -05:00
rl1987
6317146b4d Initial version of doc/TUNING. 2014-10-28 14:13:30 -04:00
Roger Dingledine
71613993e0 give dist-master an alias 2014-10-21 16:01:29 -04:00
Roger Dingledine
05791a0b72 explain how to publish tarballs now that webwml has gone to git 2014-10-19 21:27:41 -04:00
Roger Dingledine
f94e5f2e52 update pointer to faq entry 2014-10-10 20:16:32 -04:00
Nick Mathewson
cc5571e1f1 Merge remote-tracking branches 'teor/issue-13161-test-network' and 'teor/issue-13161-TestingDirAuthVoteExit' 2014-10-08 15:46:29 -04:00
Roger Dingledine
22a0708133 fix some typos in the man page 2014-10-04 15:41:05 -04:00
teor
27f30040f6 Add TestingDirAuthVoteExit option (like TestingDirAuthVoteGuard)
Add the TestingDirAuthVoteExit option, a list of nodes to vote Exit for,
regardless of their uptime, bandwidth, or exit policy.

TestingTorNetwork must be set for this option to have any effect.

Works around an issue where authorities would take up to 35 minutes to
give nodes the Exit flag in a test network, despite short consensus
intervals. Partially implements ticket 13161.
2014-10-01 17:44:21 +10:00
Roger Dingledine
e440993f95 continue our habit of specifying the default in the manpage 2014-09-29 13:33:50 -04:00
Nick Mathewson
8527a29966 Add an "AccountingRule" feature to permit limiting bw usage by read+write
Patch from "chobe".  Closes ticket 961.
2014-09-29 09:05:11 -04:00
George Kadianakis
e02138eb65 Introduce the Tor2webRendezvousPoints torrc option. 2014-09-15 16:07:46 +03:00
Nick Mathewson
f8f0cb0443 Mention "make check" in doc/HACKING 2014-09-12 16:14:49 -04:00
Sebastian Hahn
8448901148 Give an example how to run the unit tests 2014-09-12 22:08:27 +02:00
Nick Mathewson
b16254dce9 Update HACKING instructions to mention format_changelog script 2014-09-11 11:34:57 -04:00
Sebastian Hahn
8099dee992 Remove dirauth support for the BadDirectory flag
Implements the first half of #13060. The second half will be to remove
client support, too.
2014-09-09 11:54:15 -04:00
Nick Mathewson
59f3cce0dc Merge branch 'bug12899_squashed' 2014-09-09 11:51:18 -04:00
Sebastian Hahn
607724c696 Remove support for naming directory authorities
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
2014-09-09 11:50:21 -04:00
Nick Mathewson
a9d24f3304 Updated building-tor-msvc.txt 2014-09-09 10:33:45 -04:00
Nick Mathewson
4e98ec8149 Add instructions for building Tor with MSVC.
Written by "NewEraCracker" on ticket 13081; I've added a note that
this is not our preferred or supported build method.
2014-09-09 10:30:57 -04:00
Sebastian Hahn
10fe5bad9a Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
2014-09-04 06:25:38 +02:00
Nick Mathewson
d19cbf3ab1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-02 19:00:00 -04:00
rl1987
dcb4ee5b83 Documenting reject6 and accept6 ExitPolicy entries in manpage. 2014-09-02 18:58:00 -04:00
David Stainton
a6f2d2091b Add Window compatibility note to docs
HiddenServiceDirGroupReadable has no effect in Windows
2014-09-02 18:09:58 +00:00
meejah
ae18c0812e fix two typos 2014-08-30 15:23:05 -06:00
David Stainton
227b65924b Clean up patch
Here I clean up anon's patch with a few of nickm's suggestions from comment 12:
https://trac.torproject.org/projects/tor/ticket/11291#comment:12

I did not yet completely implement all his suggestions.
2014-08-30 15:23:05 -06:00
anonymous
c13db1f614 Ticket #11291: patch from "anon":
test-11291-group-redable-hsdirs-wtests-may8.patch
2014-08-30 15:23:05 -06:00
Nick Mathewson
1f35fd0017 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-15 17:41:13 -04:00
George Kadianakis
112c984f92 Some documentation fixes for #12864. 2014-08-15 23:12:06 +03:00
Nick Mathewson
0ee1be0c69 Documentation fix on arguments to CookieAuthFileGroupReadable
We don't actually allow a group name, but the documentation implied
that we did.
2014-08-15 08:32:54 -04:00
Nick Mathewson
0808ed83f9 Restore functionality for CookieAuthFileGroupReadable.
When we merged the cookieauthfile creation logic in 33c3e60a37, we
accidentally took out this feature.  Fixes bug 12864, bugfix on
0.2.5.1-alpha.

Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no
reason not to.
2014-08-15 08:30:44 -04:00
Nick Mathewson
938deecc87 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-13 12:52:57 -04:00
Nick Mathewson
fa7ce6d3be Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-08-13 12:52:40 -04:00
Roger Dingledine
691371b802 fix extra words in man page 2014-08-09 15:40:40 -04:00
Nick Mathewson
e001610c99 Implement proposal 221: Stop sending CREATE_FAST
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
2014-07-25 11:59:00 -04:00
Roger Dingledine
bc9866e13f Merge branch 'maint-0.2.5' 2014-07-24 16:23:26 -04:00
Roger Dingledine
a4c641cce9 Merge branch 'maint-0.2.4' into maint-0.2.5 2014-07-24 16:23:08 -04:00
Roger Dingledine
71c62b15ca update manpage for numentryguards / numdirectoryguards 2014-07-24 16:19:48 -04:00
Nick Mathewson
c793a6edb4 Clarify TruncateLogFile manpage entry 2014-07-16 14:01:38 +02:00
Arlo Breault
15e170e01b Add an option to overwrite logs
* Issue #5583
2014-07-16 12:16:49 +02:00
Kevin Murray
eed942aed9 Add stanza on lcov coverage target
Adds a note about using `make coverage-html` to generate coverage
reports.

Signed-off-by: Kevin Murray <spam@kdmurray.id.au>
2014-07-16 05:54:34 -04:00
Roger Dingledine
d064773595 logic mixup, noticed by alphawolf 2014-06-21 15:56:03 -04:00
Nick Mathewson
2f4fcfc8d1 manpage: Move more authority-only options into the authority section
I don't know whether we missed these or misclassified them when we
first made the "DIRECTORY AUTHORITY SERVER OPTIONS" section, but they
really belong there.
2014-06-16 11:15:47 -04:00
Nick Mathewson
c8af95d336 Documentation fix: DataDir/status/* -> DataDir/stats/*
Our documentation had the name of this directory wrong.
2014-05-22 19:45:45 -04:00
Nick Mathewson
29f2f7ce9a doc/HACKING: Improve documentation of how to bump version in maint
See discussion on 9553: Some of the build scripts don't like it when
you can't merge maint into release.
2014-05-20 15:02:35 -04:00
Nick Mathewson
34552740b1 Document that we're incrementing version numbers in maint.
(ticket 9553)
2014-05-16 09:14:38 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025'
Conflicts:
	src/or/config.c
2014-05-01 11:51:22 -04:00
Nick Mathewson
03be8c775a Provide missing documentation for two options. For 11634. 2014-04-28 12:37:47 -04:00
Nick Mathewson
e05f732599 Remove documentation for obsolete FetchV2Networkstatus 2014-04-28 12:25:49 -04:00
Nick Mathewson
e0a4133572 Remove a spurious anchor in the manpage. part of 11634. 2014-04-28 12:25:20 -04:00
Nick Mathewson
346120b608 Fix some option names in the manpage.
Found with 'make check-docs'.  Part of 11634.
2014-04-28 12:24:56 -04:00
Nick Mathewson
1340bd527a Remove privoxy from 'see also' section on manpage. 2014-04-28 12:08:42 -04:00
Nick Mathewson
3266f04925 Fix the check-docs script
We broke it when we added anchors to the manpage.

This patch fixes it, and makes it sorta detect missing anchors.
2014-04-28 12:07:57 -04:00
Nick Mathewson
703ad69587 Deal with the aftermath of sorting contrib
This basically amounts to grepping for every file that mentioned
contrib and adjusting its references to refer to the right place.
2014-04-28 11:59:55 -04:00
Nick Mathewson
3888427013 The #tor topic no longer includes a version. 2014-04-26 11:01:52 -04:00
Nick Mathewson
67aa3685e7 Merge branch 'bug11396_v2_squashed'
Conflicts:
	src/or/main.c
2014-04-24 10:31:38 -04:00
Nick Mathewson
17ecd04fde Change the logic for the default for MaxMemInQueues
If we can't detect the physical memory, the new default is 8 GB on
64-bit architectures, and 1 GB on 32-bit architectures.

If we *can* detect the physical memory, the new default is
  CLAMP(256 MB, phys_mem * 0.75, MAX_DFLT)
where MAX_DFLT is 8 GB on 64-bit architectures and 2 GB on 32-bit
architectures.

You can still override the default by hand.  The logic here is simply
trying to choose a lower default value on systems with less than 12 GB
of physical RAM.
2014-04-24 10:26:14 -04:00
dana koch
f680d0fdd2 Educate tor on OpenBSD's use of divert-to rules with the pf firewall.
This means that tor can run without needing to communicate with ioctls
to the firewall, and therefore doesn't need to run with privileges to
open the /dev/pf device node.

A new TransProxyType is added for this purpose, "pf-divert"; if the user
specifies this TransProxyType in their torrc, then the pf device node is
never opened and the connection destination is determined with getsockname
(as per pf(4)). The default behaviour (ie., when TransProxyType is "default"
when using the pf firewall) is still to assume that pf is configured with
rdr-to rules.
2014-04-16 23:03:25 -04:00
Nick Mathewson
3e4680f312 ipfw TransPort support on FreeBSD (10267)
This isn't on by default; to get it, you need to set "TransProxyType
ipfw".  (The original patch had automatic detection for whether
/dev/pf is present and openable, but that seems marginally fragile.)
2014-04-16 23:03:25 -04:00
Nick Mathewson
dfc32177d9 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-01 21:00:30 -04:00
Nick Mathewson
a68e6ea9c0 Fix documentation of torrc search order
We are searching @CONFDIR@ before $HOME, but the documentation
implied otherwise.

I screwed this up in f5e86bcd6c, when I
first documented the $HOME/.torrc possibility.

Fix for bug 9213; bugfix on 0.2.3.18-rc.
2014-04-01 20:56:03 -04:00
Nick Mathewson
91f6a422cc Fix build of torify.1
The build was broken by changes in f8c45339f7, but we didn't
notice, since that commit also made torify.1 only get built when
tor-fw-helper was turned on.

Fixes bug 11321; bugfix on Tor 0.2.5.1-alpha.
2014-03-26 12:12:54 -04:00
Nick Mathewson
1a7794e475 Merge remote-tracking branch 'public/bug11061_024' 2014-03-25 10:02:22 -04:00
Nick Mathewson
5e9672904c Fix SOCKSPort documentation layout
In the end this required a slightly nasty hack using a dummy anchor as
an option heading in order to make the "Other recognized __flags__"
line indent properly.

Fixes bug 11061; Bugfix on 61d740ed.
2014-03-25 10:01:08 -04:00
Nick Mathewson
f4e2c72bee Merge remote-tracking branch 'karsten/task-11070' 2014-03-23 00:18:48 -04:00
Roger Dingledine
e4c7fdd48c bring hacking more up to date 2014-03-22 23:36:10 -04:00
Nick Mathewson
8a647291c8 extract some changelog principles into doc/HACKING 2014-03-19 20:24:15 -04:00
Karsten Loesing
7450403410 Take out remaining V1 directory code. 2014-03-18 10:40:10 +01:00
Nick Mathewson
9991c5f001 Clarify ClientOnly documentation
The option is unneeded, not meaningless, so explain what it does.

Patch from Matt Pagan; fixes 9059.
2014-03-13 10:35:52 -04:00
Nick Mathewson
4a2a1e572e Merge branch 'bug11108' 2014-03-06 10:22:40 -05:00
Nick Mathewson
967d9c9f10 Clarify default behavior of {SOCKS,Dir}Policy harder
Improvement on 11108 fix; suggested by cypherpunks.
2014-03-06 10:21:59 -05:00
Nick Mathewson
d3c5df6cf6 Give the HTTPS url for jenkins in doc/HACKING 2014-03-06 10:03:24 -05:00
Nick Mathewson
22ccfc6b5f Rename PredictedCircsRelevanceTime->PredictedPortsRelevanceTime
All circuits are predictive; it's the ports that are expiring here.
2014-03-05 14:35:07 -05:00
Nick Mathewson
103cebd924 Merge branch 'ticket9176_squashed'
Conflicts:
	doc/tor.1.txt
2014-03-05 14:32:05 -05:00
Nick Mathewson
2c25bb413e Lower the maximum for PrecictedCircsRelevanceTime to one hour 2014-03-05 14:31:13 -05:00
unixninja92
d47d147307 More correctly documented PredictedCircsRelevanceTime in tor.1.txt 2014-03-05 14:31:13 -05:00
unixninja92
52fbb9f623 Added Documentation for PredictedCircsRelevanceTime config file argument. 2014-03-05 14:31:13 -05:00
Nick Mathewson
27d231ca13 Document alternate bandwidth/memory unit spellings 2014-03-04 12:12:36 -05:00
Nick Mathewson
ab225aaf28 Merge branch 'bug10169_025_v2'
Conflicts:
	src/test/test.c
2014-03-04 11:03:30 -05:00
Nick Mathewson
4050dfa320 Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them.  This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}.  It
also adjusts the manpage to say that ports are ignored.

Fixes ticket 11108.
2014-03-03 10:45:39 -05:00
Lunar
3a425ac3a8 Fix max client name length in HiddenServiceAuthorizeClient description
REND_CLIENTNAME_MAX_LEN is set to 16, not 19.
2014-03-03 09:53:38 -05:00
Karsten Loesing
3ca5fe81e3 Write hashed bridge fingerprint to logs and to disk.
Implements #10884.
2014-02-28 08:53:13 -05:00
Nick Mathewson
87fb1e324c Merge remote-tracking branch 'public/bug10169_024' into bug10169_025_v2
Conflicts:
	src/or/circuitlist.c
2014-02-12 12:44:58 -05:00
Roger Dingledine
1ccc282122 add a missing word to the man page 2014-02-12 04:01:59 -05:00
Nick Mathewson
0228b9bd4b Tweak DirAuthority documentation
Per a comment from karsten, there is no longer v2 authority support,
so stop pretending there is. Also, fix a grammar error.x
2014-02-11 11:34:32 -05:00
Nick Mathewson
ce450bddb7 Remove TunnelDirConns and PreferTunnelledDirConns
These options were added back in 0.1.2.5-alpha, but no longer make any
sense now that all directories support tunneled connections and
BEGIN_DIR cells.  These options were on by default; now they are
always-on.

This is a fix for 10849, where TunnelDirConns 0 would break hidden
services -- and that bug arrived, I think, in 0.2.0.10-alpha.
2014-02-11 11:10:55 -05:00
Nick Mathewson
c0483c7f85 Remove options for configuring HS authorities.
(There is no longer meaningfully any such thing as a HS authority,
since we stopped uploading or downloading v0 hs descriptors in
0.2.2.1-alpha.)

Implements #10881, and part of #10841.
2014-02-10 22:41:52 -05:00
Nick Mathewson
5991f9a156 TransProxyType replaces TransTPROXY option
I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.

(See #10582 and #10267)
2014-02-03 13:56:19 -05:00
Nick Mathewson
09ccc4c4a3 Add support for TPROXY via new TransTPRoxy option
Based on patch from "thomo" at #10582.
2014-01-31 12:59:35 -05:00