Commit Graph

665 Commits

Author SHA1 Message Date
teor
24e293c3c6
Man page update and changes file for 20667 2016-11-30 11:18:38 +11:00
Nick Mathewson
9a790f7325 Merge branch 'maint-0.2.9' 2016-11-14 10:37:29 -05:00
Fabian Keil
caf7422871 Fix grammar in HiddenServiceSingleHopMode description 2016-11-14 10:28:02 -05:00
Matt Nordhoff
7dee70c3e1 Add "TByte" and "TBytes" units; also add "TBits" to man page 2016-11-10 09:13:27 -05:00
Nick Mathewson
3e3040a5d9 Merge branch 'maint-0.2.9'
Conflicts:
	src/or/rendservice.c
2016-11-07 16:31:40 -05:00
Nick Mathewson
c2fc0941a5 Merge remote-tracking branch 'teor/bug20484_029_v2' into maint-0.2.9 2016-11-07 16:12:13 -05:00
teor
a77187a52c
Add onion_service_non_anonymous file to man page 2016-11-08 07:45:02 +11:00
Nick Mathewson
db67867a81 Merge remote-tracking branch 'pastly/ticket20486' 2016-11-01 12:55:14 -04:00
Nick Mathewson
e6d84ac04f Merge branch 'maint-0.2.9' 2016-11-01 12:49:13 -04:00
Matt Traudt
d8d6d8c206 Update man page that HS directory does not need to exist 2016-11-01 12:32:50 -04:00
Nick Mathewson
b858452f94 Add a sentence to the manpage about nonanonymous=>Socksport 0.
Closes 20487.
2016-10-31 15:13:27 -04:00
David Goulet
59247314d5 man: Fix default value of AuthDirGuardBWGuarantee to 2MB
Closes #20435

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-10-23 10:59:55 -04:00
Nick Mathewson
af70e43131 Merge remote-tracking branch 'public/spaces_in_unix_addrs' 2016-10-14 10:21:41 -04:00
Nick Mathewson
d25fed5174 Merge remote-tracking branch 'yawning-schwanenlied/bug20261' 2016-10-11 11:08:20 -04:00
Nick Mathewson
05aed5b635 Allow a unix: address to contain a C-style quoted string.
Feature 18753 -- all this to allow spaces.
2016-10-04 15:43:20 -04:00
Paolo Inglese
ae4077916c Fix parse_virtual_addr_network minimum network size 2016-10-03 12:18:51 +01:00
Yawning Angel
847e001d28 Bug 20261: Disable IsolateClientAddr on AF_LOCAL SocksPorts.
The client addr is essentially meaningless in this context (yes, it is
possible to explicitly `bind()` AF_LOCAL client side sockets to a path,
but no one does it, and there are better ways to grant that sort of
feature if people want it like using `SO_PASSCRED`).
2016-09-30 18:43:31 +00:00
Nick Mathewson
144bd86570 Merge remote-tracking branch 'teor/bug20117' 2016-09-19 14:21:12 -04:00
Nick Mathewson
9f0cb5af15 Merge branch 'feature-17178-v7-squashed-v2' 2016-09-13 10:20:08 -04:00
teor
f311c9ffa2 Replace OnionService* with HiddenService* in option names
And make consequential line-length adjustments.
2016-09-13 10:13:57 -04:00
teor
41f96078c2 Refactor UseEntryNodes so the original configured value is preserved
Parse the value to UseEntryNodes_option, then set UseEntryNodes before
validating options.

This way, Authorities, Tor2web, and Single Onion Services don't write
spurious "UseEntryNodes 0" lines to their configs. Document the fact that
these tor configurations ignore UseEntryNodes in the manual page.

Also reorder options validation so we modify UseEntryNodes first, then
check its value against EntryNodes.

And silence a warning about disabled UseEntryNodes for hidden services
when we're actually in non-anonymous single onion service mode.
2016-09-13 10:13:56 -04:00
teor (Tim Wilson-Brown)
b560f852f2 Implement Prop #260: Single Onion Services
Add experimental OnionServiceSingleHopMode and
OnionServiceNonAnonymousMode options. When both are set to 1, every
hidden service on a tor instance becomes a non-anonymous Single Onion
Service. Single Onions make one-hop (direct) connections to their
introduction and renzedvous points. One-hop circuits make Single Onion
servers easily locatable, but clients remain location-anonymous.
This is compatible with the existing hidden service implementation, and
works on the current tor network without any changes to older relays or
clients.

Implements proposal #260, completes ticket #17178. Patch by teor & asn.

squash! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! fixup! Implement Prop #260: Single Onion Services

Redesign single onion service poisoning.

When in OnionServiceSingleHopMode, each hidden service key is poisoned
(marked as non-anonymous) on creation by creating a poison file in the
hidden service directory.

Existing keys are considered non-anonymous if this file exists, and
anonymous if it does not.

Tor refuses to launch in OnionServiceSingleHopMode if any existing keys
are anonymous. Similarly, it refuses to launch in anonymous client mode
if any existing keys are non-anonymous.

Rewrite the unit tests to match and be more comprehensive.
Adds a bonus unit test for rend_service_load_all_keys().
2016-09-13 10:10:54 -04:00
teor
42a74f707c
Document the default PathsNeededToBuildCircuits value
... when the directory authorities don't set min_paths_for_circs_pct.

Fixes bug 20117; bugfix on 02c320916e in tor-0.2.4.10-alpha.
Reported by Jesse V.
2016-09-09 11:20:20 +10:00
Nick Mathewson
e9b1d0619f Merge remote-tracking branch 'dgoulet/ticket18693_029_01' 2016-09-07 11:46:00 -04:00
Nick Mathewson
2a3b651790 Merge remote-tracking branch 'sebastian/bug20064' 2016-09-07 11:38:43 -04:00
Sebastian Hahn
f4ed254652 Document Exit flag assignment when private nets are allowed 2016-09-06 18:38:36 +02:00
Nick Mathewson
4e3f9c1f3a Merge remote-tracking branch 'pastly/ticket19122' 2016-09-06 11:56:46 -04:00
Matt Traudt
e90bd48c2f Change UID to Username in man page 2016-09-06 11:37:59 -04:00
teor
b3dfd9defb
Fix a space error in the man page 2016-09-06 17:49:48 +10:00
Georg Koppen
d0cdc8d783 Bug 20038: Fix typo in ControlPort description 2016-09-05 09:55:58 -04:00
Nick Mathewson
bbaa7d09a0 Merge remote-tracking branch 'teor/reject-tap-v6' 2016-08-29 15:02:11 -04:00
Nick Mathewson
90bcfa2274 changes file and docs for 18640. 2016-08-25 14:32:10 -04:00
teor (Tim Wilson-Brown)
41cc1f612b Parse *Port flags NoDNSRequest, NoOnionTraffic & OnionTrafficOnly
OnionTrafficOnly is equivalent to NoDNSRequest, NoIPv4Traffic,
and NoIPv6Traffic.

Add unit tests for parsing and checking option validity.
Add documentation for each flag to the man page.

Add changes file for all of #18693.

Parsing only: the flags do not change client behaviour (yet!)
2016-08-24 14:40:53 -04:00
teor (Tim Wilson-Brown)
10aa913acc
Client & HS ignore UseNTorHandshake, all non-HS handshakes use ntor
Rely on onion_populate_cpath to check that we're only using
TAP for the rare hidden service cases.

Check and log if handshakes only support TAP when they should support
ntor.
2016-08-24 11:02:00 +10:00
Nick Mathewson
507f07de09 Merge remote-tracking branch 'public/deprecation_v2' 2016-08-19 19:58:51 -04:00
Nick Mathewson
5e571900b3 Fix a missing :: in an IPv6 addr in the documentation
Closes 19743.
2016-08-12 19:30:41 -04:00
Nick Mathewson
9b6ff4c882 Teach checkOptionDocs about deprecation.
In particular, teach it that deprecated options must exist.
2016-08-03 12:16:58 -04:00
Nick Mathewson
88a7a02728 Bufferevent removal: remove more bufferevent-only options
(All this IOCP stuff was bufferevent-only.)
2016-08-02 13:33:08 -04:00
Nick Mathewson
78196c8822 Merge remote-tracking branch 'teor/bug18456' 2016-07-05 19:10:08 -04:00
Nick Mathewson
aaa3129043 Merge remote-tracking branch 'dgoulet/ticket16943_029_05-squashed'
Trivial Conflicts:
	src/or/or.h
	src/or/routerparse.c
2016-07-01 15:29:05 -04:00
David Goulet
ca6ceec112 prop250: Put commits and SRVs in votes/consensus
This commit adds the commit(s) line in the vote as well as the SR values. It
also has the mechanism to add the majority SRVs in the consensus.

Signed-off-by: George Kadianakis <desnacked@riseup.net>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-07-01 13:25:03 -04:00
teor (Tim Wilson-Brown)
514f0041d1
Avoid disclosing exit IP addresses in exit policies by default
From 0.2.7.2-alpha onwards, Exits would reject all the IP addresses
they knew about in their exit policy. But this may have disclosed
addresses that were otherwise unlisted.

Now, only advertised addresses are rejected by default by
ExitPolicyRejectPrivate. All known addresses are only rejected when
ExitPolicyRejectLocalInterfaces is explicitly set to 1.
2016-07-01 15:37:13 +10:00
Nick Mathewson
c6846d7bf0 Merge remote-tracking branch 'andrea/bug18322_v3_squashed' 2016-06-30 11:18:00 -04:00
Andrea Shepard
cc6753939c Update description in man page to match new MaxUnparseableDescSizeToLog option name and semantics 2016-06-30 07:03:25 +00:00
Andrea Shepard
1055cd65b8 Document new DetailedLogForUnparseableDescriptors option in man page 2016-06-30 07:03:24 +00:00
Nick Mathewson
11ba7f0037 Merge remote-tracking branch 'weasel/bug19504' 2016-06-29 16:18:00 -04:00
Peter Palfrader
869e5688b7 Actually, the tor --passphrase-fd is different from the tor-gencert one 2016-06-25 16:53:07 +02:00
Peter Palfrader
90f85b012a Document the --passphrase-fd option in the tor manpage 2016-06-25 16:44:41 +02:00
Nick Mathewson
2c96d95c12 Fix spelling of --enable-tor2web-mode in manpage
Fixes bug 19153; patch from "U+039b", who is apparently an uppercase
lambda?
2016-06-19 12:14:28 -04:00
Nick Mathewson
ae4889ac1a remove sentence about tor-ops from manpage: #19185 2016-05-27 11:31:34 -04:00
Roger Dingledine
4a62d7aabc minor touchups on nick's ticket 17621 changes 2016-05-11 16:35:36 -04:00
Nick Mathewson
af4b7d0405 Document the contents of $datadir/keys
Ticket 17621.
2016-05-11 14:03:34 -04:00
Nick Mathewson
92615f608c Do not recommend use of nicknames in MapAddress manpage 2016-04-26 20:30:59 -04:00
David Goulet
40827da3bf Turn TestingClientBootstrap* into non-testing options
This changes simply renames them by removing "Testing" in front of them and
they do not require TestingTorNetwork to be enabled anymore.

Fixes #18481

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-04-07 10:57:59 -04:00
Sebastian Hahn
7d6e7fdd03 Remove redundant only in manpage 2016-03-27 22:22:29 +02:00
Roger Dingledine
94cb8792e8 who was that previous arma, who couldn't spell iso? 2016-03-26 02:07:48 -04:00
Nick Mathewson
424af93ded Merge branch 'bug18517_squashed' 2016-03-24 10:14:05 -04:00
teor (Tim Wilson-Brown)
f2153f9716 Always allow OR connections to bridges on private addresses
Regardless of the setting of ExtendAllowPrivateAddresses.

This fixes a bug with pluggable transports that ignore the
(potentially private) address in their bridge line.

Fixes bug 18517; bugfix on 23b088907f in tor-0.2.8.1-alpha.
2016-03-24 10:13:58 -04:00
Roger Dingledine
ea829784c0 specify in the man page that {cc} is a 2-letter ISA3166 code 2016-03-23 17:49:55 -04:00
Peter Palfrader
1ef7df551d First RelaxDirModeCheck implementation 2016-03-01 17:08:14 +01:00
teor (Tim Wilson-Brown)
af88e8f237 Add missing man page option from #4483 (35bbf2e4)
TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries
2016-02-26 10:58:30 +01:00
Nick Mathewson
ba2be81fc3 Merge remote-tracking branch 'teor/feature17840-v11-merged-v2' 2016-02-11 12:20:20 -05:00
teor (Tim Wilson-Brown)
c213f277cd Make bridge clients prefer the configured bridge address
When ClientPreferIPv6ORPort is auto, bridges prefer the configured
bridge ORPort address. Otherwise, they use the value of the option.
Other clients prefer IPv4 ORPorts if ClientPreferIPv6ORPort is auto.

When ClientPreferIPv6DirPort is auto, all clients prefer IPv4 DirPorts.
2016-02-03 23:56:19 +11:00
teor (Tim Wilson-Brown)
c4cb4706c9 Merge branch 'feature17840-v11-squashed' into feature17840-v11-merged
Conflicts:
	src/or/directory.c
	src/test/test_routerlist.c

Fix minor conflicts.
2016-01-29 07:37:06 +11:00
teor (Tim Wilson-Brown)
3b8216f215 Use fascist firewall and ClientUseIPv4 for bridge clients
Bridge clients ignore ClientUseIPv6, acting as if it is always 1.
This preserves existing behaviour.

Make ClientPreferIPv6OR/DirPort auto by default:
 * Bridge clients prefer IPv6 by default.
 * Other clients prefer IPv4 by default.
This preserves existing behaviour.
2016-01-29 07:16:04 +11:00
teor (Tim Wilson-Brown)
2d33d192fc Add ClientUseIPv4 and ClientPreferIPv6DirPort torrc options
ClientUseIPv4 0 tells tor to avoid IPv4 client connections.
ClientPreferIPv6DirPort 1 tells tor to prefer IPv6 directory connections.

Refactor policy for IPv4/IPv6 preferences.

Fix a bug where node->ipv6_preferred could become stale if
ClientPreferIPv6ORPort was changed after the consensus was loaded.

Update documentation, existing code, add unit tests.
2016-01-29 07:13:57 +11:00
Nick Mathewson
a5bed4dab2 Merge branch 'maint-0.2.7' 2016-01-28 11:53:03 -05:00
Nick Mathewson
601c823255 Try to fix formatting in manpage 2016-01-28 11:52:48 -05:00
Nick Mathewson
6b2087dbe4 Merge branch 'maint-0.2.7' 2016-01-28 10:22:06 -05:00
Nick Mathewson
fb64c55cf8 Add descriptions for --keygen to the manpage
Based on text from s7r
2016-01-28 10:19:29 -05:00
unixninja92
4f0e28977d Added AccountRule in and AccountingRule out options 2016-01-08 15:52:10 -08:00
Nick Mathewson
b9596b8fdf document minimum heartbeatperiod; bug 15638. 2015-12-22 11:10:37 -05:00
Matthew Finkel
997f779a7f Add new DirCache configuration option
This will give relay operators the ability of disabling the caching of
directory data. In general, this should not be necessary, but on some
lower-resource systems it may beneficial.
2015-12-18 13:14:09 -05:00
Nick Mathewson
aa4be914f0 Merge remote-tracking branch 'teor/feature17327-v4' 2015-12-15 13:19:18 -05:00
Nick Mathewson
125e0c7022 remove redundant section in tor.1.txt 2015-12-15 13:18:06 -05:00
Nick Mathewson
aba39ea390 Merge branch 'feature8195_small_squashed' 2015-12-15 13:11:06 -05:00
Nick Mathewson
405a8d3fb4 Update KeepCapabilities based on comments from asn
* The option is now KeepBindCapabilities
* We now warn if the user specifically asked for KeepBindCapabilities
  and we can't deliver.
* The unit tests are willing to start.
* Fewer unused-variable warnings.
* More documentation, fewer misspellings.
2015-12-15 13:10:57 -05:00
Nick Mathewson
e8cc839e41 Add ability to keep the CAP_NET_BIND_SERVICE capability on Linux
This feature allows us to bind low ports when starting as root and
switching UIDs.

Based on code by David Goulet.

Implement feature 8195
2015-12-15 13:10:57 -05:00
Nick Mathewson
a7d44731d9 Merge remote-tracking branch 'teor/feature4483-v10-squashed' 2015-12-15 12:57:57 -05:00
teor (Tim Wilson-Brown)
2212530bf5 Prop210: Close excess connections once a consensus is downloading
Once tor is downloading a usable consensus, any other connection
attempts are not needed.

Choose a connection to keep, favouring:
* fallback directories over authorities,
* connections initiated earlier over later connections

Close all other connections downloading a consensus.
2015-12-16 04:37:59 +11:00
teor (Tim Wilson-Brown)
35bbf2e4a4 Prop210: Add schedules for simultaneous client consensus downloads
Prop210: Add attempt-based connection schedules

Existing tor schedules increment the schedule position on failure,
then retry the connection after the scheduled time.

To make multiple simultaneous connections, we need to increment the
schedule position when making each attempt, then retry a (potentially
simultaneous) connection after the scheduled time.

(Also change find_dl_schedule_and_len to find_dl_schedule, as it no
longer takes or returns len.)

Prop210: Add multiple simultaneous consensus downloads for clients

Make connections on TestingClientBootstrapConsensus*DownloadSchedule,
incrementing the schedule each time the client attempts to connect.

Check if the number of downloads is less than
TestingClientBootstrapConsensusMaxInProgressTries before trying any
more connections.
2015-12-16 04:37:49 +11:00
Nick Mathewson
54433993c7 Merge branch 'feature17576-UseDefaultFallbackDirs-v2-squashed' 2015-12-15 12:19:08 -05:00
teor (Tim Wilson-Brown)
080ae03ee4 Add UseDefaultFallbackDirs for hard-coded directory mirrors
UseDefaultFallbackDirs enables any hard-coded fallback
directory mirrors. Default is 1, set it to 0 to disable fallbacks.

Implements ticket 17576.
Patch by "teor".
2015-12-15 12:19:01 -05:00
Nick Mathewson
85003f4c80 Add a new ipv6=address:orport flag to DirAuthority and FallbackDir
Resolves # 6027
2015-12-14 23:43:50 +11:00
Jamie Nguyen
ec4ef68271 Introduce DataDirectoryGroupReadable boolean 2015-12-10 20:00:06 -05:00
Nick Mathewson
caff665309 Merge remote-tracking branch 'teor/first-hop-no-private' 2015-12-09 10:47:59 -05:00
Andrew Kvalheim
61d3364f26 Fix formatting typo in manpage. 2015-12-09 10:37:22 -05:00
teor (Tim Wilson-Brown)
23b088907f Refuse to make direct connections to private OR addresses
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.

Fixes bugs 17674 and 8976; bugfix on b7c172c9ec (28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.

Patch by "teor".
2015-11-25 03:11:15 +11:00
Damian Johnson
8661b4b5a2 Drop HidServDirectoryV2 and VoteOnHidServDirectoriesV2
These options were removed from tor in July. Time to axe them from our man
page. :P

  https://gitweb.torproject.org/tor.git/commit/?id=2f8cf524ba4e565ab613504a4c41fd724d32facc
2015-11-23 18:27:17 -08:00
Damian Johnson
feeb3e761c Split 'slop' man page options to their own lines
The slop testing options are the only spot where we try to enumerate multiple
options on the same line. Changing them to each be on their own line as we do
elsewhere.
2015-11-23 18:21:38 -08:00
Damian Johnson
91b0ba1d19 TestingLinkCertLifetime was misnamed as 'TestingLinkCertifetime'
Simple typo - we were missing a letter.
2015-11-23 17:51:30 -08:00
Damian Johnson
961db64d3c Rename RecommendedPackageVersions to RecommendedPackages
A 'RecommendedPackageVersions' option doesn't exist in tor. However, it *does*
have RecommendedPackages...

  feature: https://gitweb.torproject.org/tor.git/commit/?id=c83d8381
  man addition: https://gitweb.torproject.org/tor.git/commit/?id=ddfdeb56
2015-11-23 17:47:00 -08:00
Damian Johnson
1193647ac8 Replace 'SOCKSPort' with 'SocksPort'
When applying changes from proposal 171 Nick renamed SocksPort to SOCKSPort,
and SocksListenAddress to SOCKSListenAddress...

  https://gitweb.torproject.org/tor.git/commit/?id=891ccd3cd0690e83f1dc4dde7698c3bd9d7fe98d

However, this didn't change the option itself in tor (it's still SocksPort),
and wasn't even uniform in the man page. Functionally this doesn't matter
(tor's config options are case insensitive) but this is a pretty clear
regression.
2015-11-23 17:32:49 -08:00
Damian Johnson
5812930dc1 Note in man page where users can file bugs
In addition to inviting users to tell us about bugs, lets say where.
2015-11-23 17:26:46 -08:00
Damian Johnson
690b66ce48 ControlPort's section on flags wasn't indented
Minor formatting issue with our ControlPort entry. The part about flags wasn't
indented with the rest of its description.
2015-11-23 17:25:26 -08:00
Damian Johnson
4417effa52 Malformed ExtORPort entry in man page
Minor formatting issue with our ExtORPort that caused its description to be on
the same line as the option (munging the two together).
2015-11-23 17:23:14 -08:00
teor (Tim Wilson-Brown)
2a4057e042 man update: ExitPolicyRejectPrivate outbound and port addresses
ExitPolicyRejectPrivate now rejects addresses configured via
OutboundBindAddress and any port options, such as ORPort and DirPort.
2015-11-20 10:39:37 +11:00
Nick Mathewson
7bdbcdaed8 Merge commit '7b859fd8c558c9cf08add79db87fb1cb76537535' 2015-11-13 08:42:20 -05:00
Joan Queralt
b370052ae4 + and / usage clarification - Fixes #13158 2015-11-12 14:01:00 -05:00
Nick Mathewson
c1c1c4d057 Refer to the actual minima and the preferred minimum 2015-10-30 10:57:47 -04:00
Nima Fatemi
e6888e2144 Bump up minimum BandwidthRate from 30KB to 250KBytes - Fixes #16382 2015-10-30 10:51:29 -04:00
rl1987
3c08b76fc4 Mention torspec URL in the manpage. 2015-10-30 09:25:39 -04:00
Nick Mathewson
7b859fd8c5 Note that you can use a unix domain socket for hsport 2015-10-21 12:22:05 -04:00
Peter Palfrader
1cf0d82280 Add SyslogIdentityTag
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message.  The tag can be
configured by setting SyslogIdentityTag and defaults to none.  Setting
it to "foo" will cause logs to be tagged as "Tor-foo".  Closes: #17194.
2015-09-30 18:34:15 +02:00
Nick Mathewson
51d18aeb42 changes file and manpage entry for AuthDirPinKeys 2015-09-24 11:29:05 -04:00
Nick Mathewson
e94ef30a2f Merge branch 'feature16944_v2' 2015-09-22 09:19:28 -04:00
teor (Tim Wilson-Brown)
b584152874 Update private ExitPolicy in man page and torrcs for 10727, formatting
Update the definition of the private exit policy in the man page
and torrcs. It didn't get merged correctly into the man page, and
it was incomplete in the torrcs. (Unfortunately, we only reject the
primary configured IPv4 and IPv6 addresses, not all configured IPv4
and IPv6 addresses.)

Also fixup msn page formatting errors from changes in tickets 16069
and 17027, mainly unescaped *s.
2015-09-22 12:14:27 +10:00
teor (Tim Wilson-Brown)
7268525142 Add IPv6 syntax to ExitPolicy intro paragraph in man page 2015-09-22 11:44:13 +10:00
teor (Tim Wilson-Brown)
249e82c906 Update docs with advice for separate IPv4 and IPv6 exit policies
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.

Related to fixes in ticket #16069 and #17027. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-22 11:41:16 +10:00
teor (Tim Wilson-Brown)
a659a3fced Merge branch 'bug17027-reject-private-all-interfaces-v2' into bug16069-bug17027
src/test/test_policy.c:
Merged calls to policies_parse_exit_policy by adding additional arguments.
fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED.
Compacting logic test now produces previous list length of 4, corrected this.

src/config/torrc.sample.in:
src/config/torrc.minimal.in-staging:
Merged torrc modification dates in favour of latest.
2015-09-16 09:09:54 +10:00
teor (Tim Wilson-Brown)
098b82c7b2 ExitPolicyRejectPrivate rejects local IPv6 address and interface addresses
ExitPolicyRejectPrivate now rejects more local addresses by default:
 * the relay's published IPv6 address (if any), and
 * any publicly routable IPv4 or IPv6 addresses on any local interfaces.

This resolves a security issue for IPv6 Exits and multihomed Exits that
trust connections originating from localhost.

Resolves ticket 17027. Patch by "teor".
Patch on 42b8fb5a15 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-16 02:56:50 +10:00
teor (Tim Wilson-Brown)
d3358a0a05 ExitPolicy accept6/reject6 produces IPv6 wildcard addresses only
In previous versions of Tor, ExitPolicy accept6/reject6 * produced
policy entries for IPv4 and IPv6 wildcard addresses.

To reduce operator confusion, change accept6/reject6 * to only produce
an IPv6 wildcard address.

Resolves bug #16069.

Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:12 +10:00
Nick Mathewson
fcec1f3381 Merge branch 'feature15482_squashed' 2015-09-08 14:03:04 -04:00
Yawning Angel
54510d4d1a Add KeepAliveIsolateSOCKSAuth as a SOCKSPort option.
This controls the circuit dirtyness reset behavior added for Tor
Browser's user experience fix (#15482). Unlike previous iterations
of this patch, the tunable actually works, and is documented.
2015-09-08 14:02:08 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
teor
359faf5e4b New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags
"option to prevent guard,exit,hsdir flag assignment"

"A node will never receive the corresponding flag unless
that node is specified in the
TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of
its uptime, bandwidth, exit policy, or DirPort".

Patch modified by "teor": VoteOnHidServDirectoriesV2
is now obsolete, so TestingDirAuthVoteHSDir always
votes on HSDirs.

Closes ticket 14882. Patch by "robgjansen".
Commit message and changes file by "teor"
with quotes from "robgjansen".
2015-08-18 14:51:57 +10:00
teor
0cb82013cc Fix TestingDirAuthVoteHSDir docs: HSDir flag needs DirPort
Fix an error in the manual page and comments for
TestingDirAuthVoteHSDir, which suggested that a
HSDir required "ORPort connectivity". While this is true,
it is in no way unique to the HSDir flag. Of all the flags,
only HSDirs need a DirPort configured in order for the
authorities to assign that particular flag.

Fixed as part of 14882. Patch by "teor".
Bugfix on 0.2.6.3 (f9d57473e1 on 10 January 2015).
2015-08-18 14:51:57 +10:00
Linus Nordberg
5be36a46ca Move the note about non-localhost SOCKSPort usage up to where it belongs.
I think this section slipped downwards when flags where added.
2015-07-24 09:24:05 -04:00
Nick Mathewson
2ba6542517 Merge remote-tracking branch 'sysrqb/bug15220_026_sysrqb' 2015-07-16 15:38:08 -04:00
David Goulet
adc04580f8 Add the torrc option HiddenServiceNumIntroductionPoints
This is a way to specify the amount of introduction points an hidden service
can have. Maximum value is 10 and the default is 3.

Fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
5eb584e2e9 Document some ed25519 key options 2015-05-28 10:47:47 -04:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
rl1987
636495257b Improve descriptions of statistics-related torrc options. 2015-04-07 14:04:03 -04:00
Nick Mathewson
840c11b14e Remove dynamicdhgroups from the manpage 2015-04-01 13:41:15 -04:00
Nick Mathewson
809517a863 Allow {World,Group}Writable on AF_UNIX {Socks,Control}Ports.
Closes ticket 15220
2015-03-11 13:31:33 -04:00
Nick Mathewson
cf55070e2c Standardize on calling them "server descriptors".
Part of 14987
2015-02-25 09:22:25 -05:00
Roger Dingledine
0883f92e91 specify a default for UseGuardFraction in the man page
(as added in commit f4a63f8eab)
2015-02-18 16:37:14 -05:00
Nick Mathewson
96211bcf71 Merge branch 'bug9321_rerebase'
Conflicts:
	src/or/dirvote.h
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-18 09:17:02 -05:00
George Kadianakis
f4a63f8eab Parse GuardFraction info from consensuses and votes.
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
5ee48d47a7 Parse Guardfraction file and apply results to routerstatuses.
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
2015-02-18 09:09:32 -05:00
Nick Mathewson
caf28519d9 Merge branch 'bug12844'
Conflicts:
	src/or/circuituse.c
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-11 15:06:04 -05:00
Nick Mathewson
79c7625e38 Merge branch 'feature13864_squashed' 2015-02-02 13:32:53 -05:00
rl1987
1ebed7cc77 Updating manpage for 13865. 2015-02-02 13:31:56 -05:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Nick Mathewson
64bde3ae94 Document unix: addresses 2015-01-29 14:56:45 -05:00
Nick Mathewson
204374f7d9 Remove SocksSocket; it's now spelled differently thanks to 14451
Also, revise bug12585 changes file to mention new syntax
2015-01-29 14:46:20 -05:00
Nick Mathewson
e7e33d4b04 Merge branch 'bug14084' 2015-01-20 14:07:37 -05:00
Nick Mathewson
18a15747ef Expand manpage for HiddenServiceAllowUnknownPorts based on suggestions from qwerty1 and dgoulet 2015-01-20 14:07:22 -05:00
Nick Mathewson
485fdcf826 Unify parse_unix_socket_config and parse_port_config
This incidentally makes unix SocksSocket support all the same options
as SocksPort.

This patch breaks 'SocksSocket 0'; next will restore it.

Resolves 14254.
2015-01-16 11:35:48 -05:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Nick Mathewson
ddfdeb5659 More documentation for proposal 227 work 2015-01-10 15:44:32 -05:00
teor
f9d57473e1 Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.

Partial fix for bug 14067.
2015-01-10 22:34:28 +11:00
Andrea Shepard
78956f5d85 Document disable option for ControlSocket and SocksSocket 2015-01-09 20:54:59 +00:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585.
Signed-off-by: Andrea Shepard <andrea@torproject.org>
2015-01-07 17:42:57 +00:00
Nick Mathewson
90b9e23bec Merge branch 'exitnode_10067_squashed'
Conflicts:
	src/or/or.h
2015-01-06 15:15:18 -05:00
Nick Mathewson
35efce1f3f Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.

If it's set to 1, we obey ExitPolicy.

If it's set to 0, we force ExitPolicy to 'reject *:*'

And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.

Fixes ticket 10067
2015-01-06 14:31:20 -05:00
Nick Mathewson
74cd57517c New option "HiddenServiceAllowUnknownPorts"
This allows hidden services to disable the anti-scanning feature
introduced in 0.2.6.2-alpha. With this option not set, a connection
to an unlisted port closes the circuit.  With this option set, only
a RELAY_DONE cell is sent.

Closes ticket #14084.
2015-01-03 12:34:52 -05:00
Nick Mathewson
4d6a971ba9 Tweak 13913 fix: clarify that the behavior is not promised
Also, it's->its.  The apostrophe is used if and only if it's a
contraction for "it is".
2014-12-29 08:41:30 -05:00
Nick Mathewson
fd5d9d04b3 Merge remote-tracking branch 'rl1987/ticket13913' 2014-12-29 08:39:13 -05:00
rl1987
f785723e0b Document the case of HiddenServiceDir being defined as relative path. 2014-12-21 19:05:10 +02:00
George Kadianakis
13a6fb9a2a HS stats: Add changes file and improve man page. 2014-12-19 10:35:34 -05:00
George Kadianakis
14e83e626b Add two hidden-service related statistics.
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
2014-12-19 10:35:25 -05:00
Nick Mathewson
fb3000e10c whoops; removed the documentation for Support022HiddenServices too 2014-11-17 21:16:33 -05:00
Nick Mathewson
ab08d8c4f7 document that hiddenserviceport can have an ipv6 addr.for 12670 2014-11-14 11:19:34 -05:00
Nick Mathewson
26e7e519dc Document networkstatus-bridges
Closes 13713; patch from 'tom'
2014-11-10 09:03:11 -05:00
rl1987
7f7df97579 Fixing typo in manpage. 2014-11-09 16:34:34 +02:00
Nick Mathewson
68af1e7e9b Throw identify-node-by-nickname down the memory hole
Authorities are no longer voting on Named, so specifying nodes by
nickname isn't a clever thing to do.  (Not that it ever was!)  So
remove the documentation that suggests that you should do it.

Additionally, add proper cross-references to our __node__ lists, and
explain about the optional $ before identity digests.

Also, the oxford comma: endorsed by Steven Pinker, my spouse, and my
11th grade English teacher.

Closes 13381.
2014-11-06 11:10:58 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests'
Conflicts:
	src/or/config.c
2014-11-05 14:11:47 -05:00
Roger Dingledine
f94e5f2e52 update pointer to faq entry 2014-10-10 20:16:32 -04:00
Nick Mathewson
cc5571e1f1 Merge remote-tracking branches 'teor/issue-13161-test-network' and 'teor/issue-13161-TestingDirAuthVoteExit' 2014-10-08 15:46:29 -04:00
Roger Dingledine
22a0708133 fix some typos in the man page 2014-10-04 15:41:05 -04:00
teor
27f30040f6 Add TestingDirAuthVoteExit option (like TestingDirAuthVoteGuard)
Add the TestingDirAuthVoteExit option, a list of nodes to vote Exit for,
regardless of their uptime, bandwidth, or exit policy.

TestingTorNetwork must be set for this option to have any effect.

Works around an issue where authorities would take up to 35 minutes to
give nodes the Exit flag in a test network, despite short consensus
intervals. Partially implements ticket 13161.
2014-10-01 17:44:21 +10:00
Roger Dingledine
e440993f95 continue our habit of specifying the default in the manpage 2014-09-29 13:33:50 -04:00
Nick Mathewson
8527a29966 Add an "AccountingRule" feature to permit limiting bw usage by read+write
Patch from "chobe".  Closes ticket 961.
2014-09-29 09:05:11 -04:00
George Kadianakis
e02138eb65 Introduce the Tor2webRendezvousPoints torrc option. 2014-09-15 16:07:46 +03:00
Sebastian Hahn
8099dee992 Remove dirauth support for the BadDirectory flag
Implements the first half of #13060. The second half will be to remove
client support, too.
2014-09-09 11:54:15 -04:00
Sebastian Hahn
607724c696 Remove support for naming directory authorities
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
2014-09-09 11:50:21 -04:00
Sebastian Hahn
10fe5bad9a Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
2014-09-04 06:25:38 +02:00
Nick Mathewson
d19cbf3ab1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-02 19:00:00 -04:00
rl1987
dcb4ee5b83 Documenting reject6 and accept6 ExitPolicy entries in manpage. 2014-09-02 18:58:00 -04:00
David Stainton
a6f2d2091b Add Window compatibility note to docs
HiddenServiceDirGroupReadable has no effect in Windows
2014-09-02 18:09:58 +00:00
meejah
ae18c0812e fix two typos 2014-08-30 15:23:05 -06:00
David Stainton
227b65924b Clean up patch
Here I clean up anon's patch with a few of nickm's suggestions from comment 12:
https://trac.torproject.org/projects/tor/ticket/11291#comment:12

I did not yet completely implement all his suggestions.
2014-08-30 15:23:05 -06:00
anonymous
c13db1f614 Ticket #11291: patch from "anon":
test-11291-group-redable-hsdirs-wtests-may8.patch
2014-08-30 15:23:05 -06:00
Nick Mathewson
1f35fd0017 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-15 17:41:13 -04:00
George Kadianakis
112c984f92 Some documentation fixes for #12864. 2014-08-15 23:12:06 +03:00
Nick Mathewson
0ee1be0c69 Documentation fix on arguments to CookieAuthFileGroupReadable
We don't actually allow a group name, but the documentation implied
that we did.
2014-08-15 08:32:54 -04:00
Nick Mathewson
0808ed83f9 Restore functionality for CookieAuthFileGroupReadable.
When we merged the cookieauthfile creation logic in 33c3e60a37, we
accidentally took out this feature.  Fixes bug 12864, bugfix on
0.2.5.1-alpha.

Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no
reason not to.
2014-08-15 08:30:44 -04:00
Nick Mathewson
938deecc87 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-13 12:52:57 -04:00
Nick Mathewson
fa7ce6d3be Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-08-13 12:52:40 -04:00
Roger Dingledine
691371b802 fix extra words in man page 2014-08-09 15:40:40 -04:00
Nick Mathewson
e001610c99 Implement proposal 221: Stop sending CREATE_FAST
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
2014-07-25 11:59:00 -04:00
Roger Dingledine
bc9866e13f Merge branch 'maint-0.2.5' 2014-07-24 16:23:26 -04:00
Roger Dingledine
a4c641cce9 Merge branch 'maint-0.2.4' into maint-0.2.5 2014-07-24 16:23:08 -04:00
Roger Dingledine
71c62b15ca update manpage for numentryguards / numdirectoryguards 2014-07-24 16:19:48 -04:00
Nick Mathewson
c793a6edb4 Clarify TruncateLogFile manpage entry 2014-07-16 14:01:38 +02:00
Arlo Breault
15e170e01b Add an option to overwrite logs
* Issue #5583
2014-07-16 12:16:49 +02:00
Nick Mathewson
2f4fcfc8d1 manpage: Move more authority-only options into the authority section
I don't know whether we missed these or misclassified them when we
first made the "DIRECTORY AUTHORITY SERVER OPTIONS" section, but they
really belong there.
2014-06-16 11:15:47 -04:00
Nick Mathewson
c8af95d336 Documentation fix: DataDir/status/* -> DataDir/stats/*
Our documentation had the name of this directory wrong.
2014-05-22 19:45:45 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025'
Conflicts:
	src/or/config.c
2014-05-01 11:51:22 -04:00
Nick Mathewson
03be8c775a Provide missing documentation for two options. For 11634. 2014-04-28 12:37:47 -04:00
Nick Mathewson
e05f732599 Remove documentation for obsolete FetchV2Networkstatus 2014-04-28 12:25:49 -04:00
Nick Mathewson
e0a4133572 Remove a spurious anchor in the manpage. part of 11634. 2014-04-28 12:25:20 -04:00
Nick Mathewson
346120b608 Fix some option names in the manpage.
Found with 'make check-docs'.  Part of 11634.
2014-04-28 12:24:56 -04:00
Nick Mathewson
1340bd527a Remove privoxy from 'see also' section on manpage. 2014-04-28 12:08:42 -04:00
Nick Mathewson
3266f04925 Fix the check-docs script
We broke it when we added anchors to the manpage.

This patch fixes it, and makes it sorta detect missing anchors.
2014-04-28 12:07:57 -04:00
Nick Mathewson
703ad69587 Deal with the aftermath of sorting contrib
This basically amounts to grepping for every file that mentioned
contrib and adjusting its references to refer to the right place.
2014-04-28 11:59:55 -04:00
Nick Mathewson
67aa3685e7 Merge branch 'bug11396_v2_squashed'
Conflicts:
	src/or/main.c
2014-04-24 10:31:38 -04:00