Commit Graph

4406 Commits

Author SHA1 Message Date
cypherpunks
816207511b Remove the INLINE coding standard 2015-12-15 11:34:00 -05:00
Nick Mathewson
85003f4c80 Add a new ipv6=address:orport flag to DirAuthority and FallbackDir
Resolves # 6027
2015-12-14 23:43:50 +11:00
Jamie Nguyen
ec4ef68271 Introduce DataDirectoryGroupReadable boolean 2015-12-10 20:00:06 -05:00
Nick Mathewson
9f6b9e28cc forward-port changelog and releasenotes 2015-12-10 14:24:22 -05:00
Nick Mathewson
caff665309 Merge remote-tracking branch 'teor/first-hop-no-private' 2015-12-09 10:47:59 -05:00
Andrew Kvalheim
61d3364f26 Fix formatting typo in manpage. 2015-12-09 10:37:22 -05:00
teor (Tim Wilson-Brown)
23b088907f Refuse to make direct connections to private OR addresses
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.

Fixes bugs 17674 and 8976; bugfix on b7c172c9ec (28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.

Patch by "teor".
2015-11-25 03:11:15 +11:00
Damian Johnson
8661b4b5a2 Drop HidServDirectoryV2 and VoteOnHidServDirectoriesV2
These options were removed from tor in July. Time to axe them from our man
page. :P

  https://gitweb.torproject.org/tor.git/commit/?id=2f8cf524ba4e565ab613504a4c41fd724d32facc
2015-11-23 18:27:17 -08:00
Damian Johnson
feeb3e761c Split 'slop' man page options to their own lines
The slop testing options are the only spot where we try to enumerate multiple
options on the same line. Changing them to each be on their own line as we do
elsewhere.
2015-11-23 18:21:38 -08:00
Damian Johnson
91b0ba1d19 TestingLinkCertLifetime was misnamed as 'TestingLinkCertifetime'
Simple typo - we were missing a letter.
2015-11-23 17:51:30 -08:00
Damian Johnson
961db64d3c Rename RecommendedPackageVersions to RecommendedPackages
A 'RecommendedPackageVersions' option doesn't exist in tor. However, it *does*
have RecommendedPackages...

  feature: https://gitweb.torproject.org/tor.git/commit/?id=c83d8381
  man addition: https://gitweb.torproject.org/tor.git/commit/?id=ddfdeb56
2015-11-23 17:47:00 -08:00
Damian Johnson
1193647ac8 Replace 'SOCKSPort' with 'SocksPort'
When applying changes from proposal 171 Nick renamed SocksPort to SOCKSPort,
and SocksListenAddress to SOCKSListenAddress...

  https://gitweb.torproject.org/tor.git/commit/?id=891ccd3cd0690e83f1dc4dde7698c3bd9d7fe98d

However, this didn't change the option itself in tor (it's still SocksPort),
and wasn't even uniform in the man page. Functionally this doesn't matter
(tor's config options are case insensitive) but this is a pretty clear
regression.
2015-11-23 17:32:49 -08:00
Damian Johnson
5812930dc1 Note in man page where users can file bugs
In addition to inviting users to tell us about bugs, lets say where.
2015-11-23 17:26:46 -08:00
Damian Johnson
690b66ce48 ControlPort's section on flags wasn't indented
Minor formatting issue with our ControlPort entry. The part about flags wasn't
indented with the rest of its description.
2015-11-23 17:25:26 -08:00
Damian Johnson
4417effa52 Malformed ExtORPort entry in man page
Minor formatting issue with our ExtORPort that caused its description to be on
the same line as the option (munging the two together).
2015-11-23 17:23:14 -08:00
teor (Tim Wilson-Brown)
2a4057e042 man update: ExitPolicyRejectPrivate outbound and port addresses
ExitPolicyRejectPrivate now rejects addresses configured via
OutboundBindAddress and any port options, such as ORPort and DirPort.
2015-11-20 10:39:37 +11:00
Nick Mathewson
43609fba77 fix an email address in doc/HACKING/ReleasingTor.md 2015-11-13 09:01:55 -05:00
Nick Mathewson
7bdbcdaed8 Merge commit '7b859fd8c558c9cf08add79db87fb1cb76537535' 2015-11-13 08:42:20 -05:00
Joan Queralt
b370052ae4 + and / usage clarification - Fixes #13158 2015-11-12 14:01:00 -05:00
Nick Mathewson
5a37061885 Delete trailing whitespace in md files 2015-11-05 09:53:05 -05:00
Nick Mathewson
43ce4626f1 add release notes 2015-11-05 09:46:40 -05:00
tom lurge
617e0f8d26 added some markdown formatting 2015-11-05 09:13:53 -05:00
Nick Mathewson
8976e739af Fix filename endings in HACKING. Patch from "ckomlo", ticket #17515. 2015-11-03 08:23:08 -05:00
Nick Mathewson
c1c1c4d057 Refer to the actual minima and the preferred minimum 2015-10-30 10:57:47 -04:00
Nima Fatemi
e6888e2144 Bump up minimum BandwidthRate from 30KB to 250KBytes - Fixes #16382 2015-10-30 10:51:29 -04:00
Nick Mathewson
0696ac5b5e Merge branch 'doc17392' 2015-10-30 09:25:51 -04:00
rl1987
3c08b76fc4 Mention torspec URL in the manpage. 2015-10-30 09:25:39 -04:00
Nick Mathewson
92a6c578d7 hacking is now markdown
Not good markdown, mind you.
2015-10-29 10:31:38 -04:00
Nick Mathewson
e5976482a3 More issues that Karsten spotted 2015-10-29 10:29:21 -04:00
Karsten Loesing
f40dc287bd Clean up the doc/HACKING/* docs a bit. 2015-10-29 14:28:17 +01:00
Nick Mathewson
2929986049 Actually add HowToReview.txt 2015-10-22 10:03:04 -04:00
Nick Mathewson
609c1e8870 Start writing a how to review doc 2015-10-22 10:01:13 -04:00
Nick Mathewson
1a236c78aa Add another entry to ReleasingTor email list, per anonym 2015-10-21 17:06:10 -04:00
Nick Mathewson
7b859fd8c5 Note that you can use a unix domain socket for hsport 2015-10-21 12:22:05 -04:00
Nick Mathewson
34b4da709d Fix a bunch more memory leaks in the tests. 2015-10-21 10:00:05 -04:00
Nick Mathewson
49ccb7e7b8 Mention trunnel in CodingStandards; describe how in trunnel/README 2015-10-14 10:40:27 -04:00
Nick Mathewson
8182715a2b Add a doc/HACKING/README.1st 2015-10-09 10:40:53 -04:00
Nick Mathewson
a11cb74d29 Split the old doc/HACKING into several new files 2015-10-09 10:40:53 -04:00
Nick Mathewson
c751e5af4a Move hacking documentation into a new subdirectory. 2015-10-09 10:40:53 -04:00
Nick Mathewson
9e461588a6 Add my draft (in-progress) guide to getting started on tor development 2015-10-08 11:52:27 -04:00
Nick Mathewson
f3804a4d6f finish up doc/WritingTests.txt 2015-10-08 10:55:31 -04:00
Peter Palfrader
1cf0d82280 Add SyslogIdentityTag
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message.  The tag can be
configured by setting SyslogIdentityTag and defaults to none.  Setting
it to "foo" will cause logs to be tagged as "Tor-foo".  Closes: #17194.
2015-09-30 18:34:15 +02:00
Nick Mathewson
51d18aeb42 changes file and manpage entry for AuthDirPinKeys 2015-09-24 11:29:05 -04:00
Nick Mathewson
e94ef30a2f Merge branch 'feature16944_v2' 2015-09-22 09:19:28 -04:00
teor (Tim Wilson-Brown)
b584152874 Update private ExitPolicy in man page and torrcs for 10727, formatting
Update the definition of the private exit policy in the man page
and torrcs. It didn't get merged correctly into the man page, and
it was incomplete in the torrcs. (Unfortunately, we only reject the
primary configured IPv4 and IPv6 addresses, not all configured IPv4
and IPv6 addresses.)

Also fixup msn page formatting errors from changes in tickets 16069
and 17027, mainly unescaped *s.
2015-09-22 12:14:27 +10:00
teor (Tim Wilson-Brown)
7268525142 Add IPv6 syntax to ExitPolicy intro paragraph in man page 2015-09-22 11:44:13 +10:00
teor (Tim Wilson-Brown)
249e82c906 Update docs with advice for separate IPv4 and IPv6 exit policies
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.

Related to fixes in ticket #16069 and #17027. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-22 11:41:16 +10:00
teor (Tim Wilson-Brown)
a659a3fced Merge branch 'bug17027-reject-private-all-interfaces-v2' into bug16069-bug17027
src/test/test_policy.c:
Merged calls to policies_parse_exit_policy by adding additional arguments.
fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED.
Compacting logic test now produces previous list length of 4, corrected this.

src/config/torrc.sample.in:
src/config/torrc.minimal.in-staging:
Merged torrc modification dates in favour of latest.
2015-09-16 09:09:54 +10:00
teor (Tim Wilson-Brown)
098b82c7b2 ExitPolicyRejectPrivate rejects local IPv6 address and interface addresses
ExitPolicyRejectPrivate now rejects more local addresses by default:
 * the relay's published IPv6 address (if any), and
 * any publicly routable IPv4 or IPv6 addresses on any local interfaces.

This resolves a security issue for IPv6 Exits and multihomed Exits that
trust connections originating from localhost.

Resolves ticket 17027. Patch by "teor".
Patch on 42b8fb5a15 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-16 02:56:50 +10:00
teor (Tim Wilson-Brown)
d3358a0a05 ExitPolicy accept6/reject6 produces IPv6 wildcard addresses only
In previous versions of Tor, ExitPolicy accept6/reject6 * produced
policy entries for IPv4 and IPv6 wildcard addresses.

To reduce operator confusion, change accept6/reject6 * to only produce
an IPv6 wildcard address.

Resolves bug #16069.

Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:12 +10:00
Nick Mathewson
fcec1f3381 Merge branch 'feature15482_squashed' 2015-09-08 14:03:04 -04:00
Yawning Angel
54510d4d1a Add KeepAliveIsolateSOCKSAuth as a SOCKSPort option.
This controls the circuit dirtyness reset behavior added for Tor
Browser's user experience fix (#15482). Unlike previous iterations
of this patch, the tunable actually works, and is documented.
2015-09-08 14:02:08 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
Nick Mathewson
1d514b8a91 Add doc/WritingTests.txt to distribution 2015-09-03 10:30:54 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
Sebastian Hahn
6034e21331 Include doc/TUNING in our release tarballs 2015-09-01 09:15:11 -04:00
Nick Mathewson
1eb2106375 Document callgraph analysis code 2015-08-25 11:53:20 -04:00
Sebastian Hahn
1633d1ad1d Remove tor-fw-helper more thoroughly 2015-08-21 10:36:53 -04:00
teor
359faf5e4b New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags
"option to prevent guard,exit,hsdir flag assignment"

"A node will never receive the corresponding flag unless
that node is specified in the
TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of
its uptime, bandwidth, exit policy, or DirPort".

Patch modified by "teor": VoteOnHidServDirectoriesV2
is now obsolete, so TestingDirAuthVoteHSDir always
votes on HSDirs.

Closes ticket 14882. Patch by "robgjansen".
Commit message and changes file by "teor"
with quotes from "robgjansen".
2015-08-18 14:51:57 +10:00
teor
0cb82013cc Fix TestingDirAuthVoteHSDir docs: HSDir flag needs DirPort
Fix an error in the manual page and comments for
TestingDirAuthVoteHSDir, which suggested that a
HSDir required "ORPort connectivity". While this is true,
it is in no way unique to the HSDir flag. Of all the flags,
only HSDirs need a DirPort configured in order for the
authorities to assign that particular flag.

Fixed as part of 14882. Patch by "teor".
Bugfix on 0.2.6.3 (f9d57473e1 on 10 January 2015).
2015-08-18 14:51:57 +10:00
Nick Mathewson
9338847bf4 Write a bunch more test for doc/WritingTests 2015-08-05 11:47:38 -04:00
Nick Mathewson
5721627517 Update doc/HACKING with more coverage instructions 2015-08-03 13:30:25 -04:00
Linus Nordberg
5be36a46ca Move the note about non-localhost SOCKSPort usage up to where it belongs.
I think this section slipped downwards when flags where added.
2015-07-24 09:24:05 -04:00
Nick Mathewson
a8accd55f2 Bump version (and explain how) 2015-07-23 13:48:13 -04:00
Nick Mathewson
9d237bb00a Actually, write the torrc format in ABNF
This should make it more clear what I meant, if you know how to read ABNF.

(Thanks to rl1987 for correcting numerous issues here)
2015-07-22 12:24:15 -04:00
Nick Mathewson
7521c3ee91 Document the torrc format as thoroughly as possible
Closes ticket 2325
2015-07-20 12:05:44 -04:00
Nick Mathewson
2ba6542517 Merge remote-tracking branch 'sysrqb/bug15220_026_sysrqb' 2015-07-16 15:38:08 -04:00
David Goulet
adc04580f8 Add the torrc option HiddenServiceNumIntroductionPoints
This is a way to specify the amount of introduction points an hidden service
can have. Maximum value is 10 and the default is 3.

Fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
Andrea Shepard
95bcd2dc15 Update and clarify release checklist 2015-06-10 15:05:52 +00:00
teor
bc0a9843e5 Add instructions for clang sanitizers, static analyzer, and coverity
Document use of coverity, clang static analyzer, and clang dynamic
undefined behavior and address sanitizers in doc/HACKING.

Add clang dynamic sanitizer blacklist in
contrib/clang/sanitizer_blacklist.txt to exempt known undefined
behavior. Include detailed usage instructions in this blacklist file.

Patch by "teor".
2015-06-06 04:04:23 +10:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
5eb584e2e9 Document some ed25519 key options 2015-05-28 10:47:47 -04:00
rl1987
0989ba3383 FIx a couple of mistypes. 2015-05-26 21:52:26 +03:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
Nick Mathewson
101fc13b99 Bump version to 0.2.7.1-alpha. (This is not the release yet.) 2015-05-11 10:10:29 -04:00
Nick Mathewson
e086db7952 Merge branch 'writing_tests' 2015-05-07 15:29:56 -04:00
Nick Mathewson
79e85313aa Write the outlines of a WritingTests.txt document
Also, add some sample tests to be examples.
2015-05-07 15:29:16 -04:00
Nick Mathewson
f15e7d4a1b New email for Lukas Fleischer 2015-04-22 09:49:23 -04:00
Roger Dingledine
c759ed2c62 update url in HACKING file 2015-04-08 13:44:56 -04:00
Nick Mathewson
1457364c49 Merge branch 'doc15550_squashed' 2015-04-07 14:05:52 -04:00
rl1987
636495257b Improve descriptions of statistics-related torrc options. 2015-04-07 14:04:03 -04:00
Nick Mathewson
f0fa0d2b7b Add lukas to doc/HACKING pakager list 2015-04-07 07:40:46 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
840c11b14e Remove dynamicdhgroups from the manpage 2015-04-01 13:41:15 -04:00
Nick Mathewson
f31dc84f03 More addrs in HACKING 2015-03-25 09:16:42 -04:00
Nick Mathewson
8adecae09d spelling fix 2015-03-24 11:55:35 -04:00
Nick Mathewson
95530bac83 Start adding people to the packager list in doc/HACKING 2015-03-24 09:29:28 -04:00
cypherpunks
17cbc4350f Use output variables instead of relative paths.
Fixes the following rules in out-of-tree builds;
- check-spaces
- check-docs
- check-logs
- Doxygen
- coverage-html

And cleans up additional directories;
- coverage_html
- doc/doxygen
2015-03-14 13:00:04 -04:00
Nick Mathewson
809517a863 Allow {World,Group}Writable on AF_UNIX {Socks,Control}Ports.
Closes ticket 15220
2015-03-11 13:31:33 -04:00
cypherpunks
9dc90a5b7b Add check-changes rule for checking formatting of changes files.
Additional fixes to make the change work;
- fix Python 2 vs 3 issues
- fix some PEP 8 warnings
- handle paths with numbers correctly
- mention the make rule in doc/HACKING.
2015-03-09 09:00:12 -04:00
Nick Mathewson
cf55070e2c Standardize on calling them "server descriptors".
Part of 14987
2015-02-25 09:22:25 -05:00
Roger Dingledine
0883f92e91 specify a default for UseGuardFraction in the man page
(as added in commit f4a63f8eab)
2015-02-18 16:37:14 -05:00
Nick Mathewson
96211bcf71 Merge branch 'bug9321_rerebase'
Conflicts:
	src/or/dirvote.h
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-18 09:17:02 -05:00
George Kadianakis
f4a63f8eab Parse GuardFraction info from consensuses and votes.
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
5ee48d47a7 Parse Guardfraction file and apply results to routerstatuses.
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
2015-02-18 09:09:32 -05:00
Nick Mathewson
caf28519d9 Merge branch 'bug12844'
Conflicts:
	src/or/circuituse.c
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-11 15:06:04 -05:00
Nick Mathewson
79c7625e38 Merge branch 'feature13864_squashed' 2015-02-02 13:32:53 -05:00
rl1987
1ebed7cc77 Updating manpage for 13865. 2015-02-02 13:31:56 -05:00
rl1987
aa4f773670 Updating OpenBSD section of doc/TUNING. 2015-02-01 19:52:54 +02:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Nick Mathewson
64bde3ae94 Document unix: addresses 2015-01-29 14:56:45 -05:00
Nick Mathewson
204374f7d9 Remove SocksSocket; it's now spelled differently thanks to 14451
Also, revise bug12585 changes file to mention new syntax
2015-01-29 14:46:20 -05:00
Nick Mathewson
f75ca04520 Tweak tor-resolve docs and logs
Resolves 14325
2015-01-28 10:11:08 -05:00
Nick Mathewson
e00503fe57 Merge branch 'doc13702_squashed' 2015-01-27 12:42:12 -05:00
rl1987
d7ac4d9130 Adding section on OpenBSD to doc/TUNING 2015-01-27 12:41:12 -05:00
Nick Mathewson
e7e33d4b04 Merge branch 'bug14084' 2015-01-20 14:07:37 -05:00
Nick Mathewson
18a15747ef Expand manpage for HiddenServiceAllowUnknownPorts based on suggestions from qwerty1 and dgoulet 2015-01-20 14:07:22 -05:00
Nick Mathewson
485fdcf826 Unify parse_unix_socket_config and parse_port_config
This incidentally makes unix SocksSocket support all the same options
as SocksPort.

This patch breaks 'SocksSocket 0'; next will restore it.

Resolves 14254.
2015-01-16 11:35:48 -05:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Nick Mathewson
ddfdeb5659 More documentation for proposal 227 work 2015-01-10 15:44:32 -05:00
teor
f9d57473e1 Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.

Partial fix for bug 14067.
2015-01-10 22:34:28 +11:00
Andrea Shepard
78956f5d85 Document disable option for ControlSocket and SocksSocket 2015-01-09 20:54:59 +00:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585.
Signed-off-by: Andrea Shepard <andrea@torproject.org>
2015-01-07 17:42:57 +00:00
Nick Mathewson
90b9e23bec Merge branch 'exitnode_10067_squashed'
Conflicts:
	src/or/or.h
2015-01-06 15:15:18 -05:00
Nick Mathewson
35efce1f3f Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.

If it's set to 1, we obey ExitPolicy.

If it's set to 0, we force ExitPolicy to 'reject *:*'

And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.

Fixes ticket 10067
2015-01-06 14:31:20 -05:00
Nick Mathewson
74cd57517c New option "HiddenServiceAllowUnknownPorts"
This allows hidden services to disable the anti-scanning feature
introduced in 0.2.6.2-alpha. With this option not set, a connection
to an unlisted port closes the circuit.  With this option set, only
a RELAY_DONE cell is sent.

Closes ticket #14084.
2015-01-03 12:34:52 -05:00
Nick Mathewson
4d6a971ba9 Tweak 13913 fix: clarify that the behavior is not promised
Also, it's->its.  The apostrophe is used if and only if it's a
contraction for "it is".
2014-12-29 08:41:30 -05:00
Nick Mathewson
fd5d9d04b3 Merge remote-tracking branch 'rl1987/ticket13913' 2014-12-29 08:39:13 -05:00
rl1987
f785723e0b Document the case of HiddenServiceDir being defined as relative path. 2014-12-21 19:05:10 +02:00
George Kadianakis
13a6fb9a2a HS stats: Add changes file and improve man page. 2014-12-19 10:35:34 -05:00
George Kadianakis
14e83e626b Add two hidden-service related statistics.
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
2014-12-19 10:35:25 -05:00
Nick Mathewson
fb3000e10c whoops; removed the documentation for Support022HiddenServices too 2014-11-17 21:16:33 -05:00
Nick Mathewson
ab08d8c4f7 document that hiddenserviceport can have an ipv6 addr.for 12670 2014-11-14 11:19:34 -05:00
Nick Mathewson
26e7e519dc Document networkstatus-bridges
Closes 13713; patch from 'tom'
2014-11-10 09:03:11 -05:00
rl1987
7f7df97579 Fixing typo in manpage. 2014-11-09 16:34:34 +02:00
Nick Mathewson
68af1e7e9b Throw identify-node-by-nickname down the memory hole
Authorities are no longer voting on Named, so specifying nodes by
nickname isn't a clever thing to do.  (Not that it ever was!)  So
remove the documentation that suggests that you should do it.

Additionally, add proper cross-references to our __node__ lists, and
explain about the optional $ before identity digests.

Also, the oxford comma: endorsed by Steven Pinker, my spouse, and my
11th grade English teacher.

Closes 13381.
2014-11-06 11:10:58 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests'
Conflicts:
	src/or/config.c
2014-11-05 14:11:47 -05:00
rl1987
6317146b4d Initial version of doc/TUNING. 2014-10-28 14:13:30 -04:00
Roger Dingledine
71613993e0 give dist-master an alias 2014-10-21 16:01:29 -04:00
Roger Dingledine
05791a0b72 explain how to publish tarballs now that webwml has gone to git 2014-10-19 21:27:41 -04:00
Roger Dingledine
f94e5f2e52 update pointer to faq entry 2014-10-10 20:16:32 -04:00
Nick Mathewson
cc5571e1f1 Merge remote-tracking branches 'teor/issue-13161-test-network' and 'teor/issue-13161-TestingDirAuthVoteExit' 2014-10-08 15:46:29 -04:00
Roger Dingledine
22a0708133 fix some typos in the man page 2014-10-04 15:41:05 -04:00
teor
27f30040f6 Add TestingDirAuthVoteExit option (like TestingDirAuthVoteGuard)
Add the TestingDirAuthVoteExit option, a list of nodes to vote Exit for,
regardless of their uptime, bandwidth, or exit policy.

TestingTorNetwork must be set for this option to have any effect.

Works around an issue where authorities would take up to 35 minutes to
give nodes the Exit flag in a test network, despite short consensus
intervals. Partially implements ticket 13161.
2014-10-01 17:44:21 +10:00
Roger Dingledine
e440993f95 continue our habit of specifying the default in the manpage 2014-09-29 13:33:50 -04:00
Nick Mathewson
8527a29966 Add an "AccountingRule" feature to permit limiting bw usage by read+write
Patch from "chobe".  Closes ticket 961.
2014-09-29 09:05:11 -04:00
George Kadianakis
e02138eb65 Introduce the Tor2webRendezvousPoints torrc option. 2014-09-15 16:07:46 +03:00
Nick Mathewson
f8f0cb0443 Mention "make check" in doc/HACKING 2014-09-12 16:14:49 -04:00
Sebastian Hahn
8448901148 Give an example how to run the unit tests 2014-09-12 22:08:27 +02:00
Nick Mathewson
b16254dce9 Update HACKING instructions to mention format_changelog script 2014-09-11 11:34:57 -04:00
Sebastian Hahn
8099dee992 Remove dirauth support for the BadDirectory flag
Implements the first half of #13060. The second half will be to remove
client support, too.
2014-09-09 11:54:15 -04:00
Nick Mathewson
59f3cce0dc Merge branch 'bug12899_squashed' 2014-09-09 11:51:18 -04:00
Sebastian Hahn
607724c696 Remove support for naming directory authorities
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
2014-09-09 11:50:21 -04:00
Nick Mathewson
a9d24f3304 Updated building-tor-msvc.txt 2014-09-09 10:33:45 -04:00
Nick Mathewson
4e98ec8149 Add instructions for building Tor with MSVC.
Written by "NewEraCracker" on ticket 13081; I've added a note that
this is not our preferred or supported build method.
2014-09-09 10:30:57 -04:00
Sebastian Hahn
10fe5bad9a Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
2014-09-04 06:25:38 +02:00
Nick Mathewson
d19cbf3ab1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-02 19:00:00 -04:00
rl1987
dcb4ee5b83 Documenting reject6 and accept6 ExitPolicy entries in manpage. 2014-09-02 18:58:00 -04:00
David Stainton
a6f2d2091b Add Window compatibility note to docs
HiddenServiceDirGroupReadable has no effect in Windows
2014-09-02 18:09:58 +00:00
meejah
ae18c0812e fix two typos 2014-08-30 15:23:05 -06:00
David Stainton
227b65924b Clean up patch
Here I clean up anon's patch with a few of nickm's suggestions from comment 12:
https://trac.torproject.org/projects/tor/ticket/11291#comment:12

I did not yet completely implement all his suggestions.
2014-08-30 15:23:05 -06:00
anonymous
c13db1f614 Ticket #11291: patch from "anon":
test-11291-group-redable-hsdirs-wtests-may8.patch
2014-08-30 15:23:05 -06:00
Nick Mathewson
1f35fd0017 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-15 17:41:13 -04:00
George Kadianakis
112c984f92 Some documentation fixes for #12864. 2014-08-15 23:12:06 +03:00
Nick Mathewson
0ee1be0c69 Documentation fix on arguments to CookieAuthFileGroupReadable
We don't actually allow a group name, but the documentation implied
that we did.
2014-08-15 08:32:54 -04:00
Nick Mathewson
0808ed83f9 Restore functionality for CookieAuthFileGroupReadable.
When we merged the cookieauthfile creation logic in 33c3e60a37, we
accidentally took out this feature.  Fixes bug 12864, bugfix on
0.2.5.1-alpha.

Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no
reason not to.
2014-08-15 08:30:44 -04:00
Nick Mathewson
938deecc87 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-13 12:52:57 -04:00
Nick Mathewson
fa7ce6d3be Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-08-13 12:52:40 -04:00
Roger Dingledine
691371b802 fix extra words in man page 2014-08-09 15:40:40 -04:00
Nick Mathewson
e001610c99 Implement proposal 221: Stop sending CREATE_FAST
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
2014-07-25 11:59:00 -04:00
Roger Dingledine
bc9866e13f Merge branch 'maint-0.2.5' 2014-07-24 16:23:26 -04:00
Roger Dingledine
a4c641cce9 Merge branch 'maint-0.2.4' into maint-0.2.5 2014-07-24 16:23:08 -04:00
Roger Dingledine
71c62b15ca update manpage for numentryguards / numdirectoryguards 2014-07-24 16:19:48 -04:00
Nick Mathewson
c793a6edb4 Clarify TruncateLogFile manpage entry 2014-07-16 14:01:38 +02:00
Arlo Breault
15e170e01b Add an option to overwrite logs
* Issue #5583
2014-07-16 12:16:49 +02:00
Kevin Murray
eed942aed9 Add stanza on lcov coverage target
Adds a note about using `make coverage-html` to generate coverage
reports.

Signed-off-by: Kevin Murray <spam@kdmurray.id.au>
2014-07-16 05:54:34 -04:00
Roger Dingledine
d064773595 logic mixup, noticed by alphawolf 2014-06-21 15:56:03 -04:00
Nick Mathewson
2f4fcfc8d1 manpage: Move more authority-only options into the authority section
I don't know whether we missed these or misclassified them when we
first made the "DIRECTORY AUTHORITY SERVER OPTIONS" section, but they
really belong there.
2014-06-16 11:15:47 -04:00
Nick Mathewson
c8af95d336 Documentation fix: DataDir/status/* -> DataDir/stats/*
Our documentation had the name of this directory wrong.
2014-05-22 19:45:45 -04:00
Nick Mathewson
29f2f7ce9a doc/HACKING: Improve documentation of how to bump version in maint
See discussion on 9553: Some of the build scripts don't like it when
you can't merge maint into release.
2014-05-20 15:02:35 -04:00
Nick Mathewson
34552740b1 Document that we're incrementing version numbers in maint.
(ticket 9553)
2014-05-16 09:14:38 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025'
Conflicts:
	src/or/config.c
2014-05-01 11:51:22 -04:00
Nick Mathewson
03be8c775a Provide missing documentation for two options. For 11634. 2014-04-28 12:37:47 -04:00
Nick Mathewson
e05f732599 Remove documentation for obsolete FetchV2Networkstatus 2014-04-28 12:25:49 -04:00
Nick Mathewson
e0a4133572 Remove a spurious anchor in the manpage. part of 11634. 2014-04-28 12:25:20 -04:00
Nick Mathewson
346120b608 Fix some option names in the manpage.
Found with 'make check-docs'.  Part of 11634.
2014-04-28 12:24:56 -04:00
Nick Mathewson
1340bd527a Remove privoxy from 'see also' section on manpage. 2014-04-28 12:08:42 -04:00
Nick Mathewson
3266f04925 Fix the check-docs script
We broke it when we added anchors to the manpage.

This patch fixes it, and makes it sorta detect missing anchors.
2014-04-28 12:07:57 -04:00
Nick Mathewson
703ad69587 Deal with the aftermath of sorting contrib
This basically amounts to grepping for every file that mentioned
contrib and adjusting its references to refer to the right place.
2014-04-28 11:59:55 -04:00
Nick Mathewson
3888427013 The #tor topic no longer includes a version. 2014-04-26 11:01:52 -04:00
Nick Mathewson
67aa3685e7 Merge branch 'bug11396_v2_squashed'
Conflicts:
	src/or/main.c
2014-04-24 10:31:38 -04:00
Nick Mathewson
17ecd04fde Change the logic for the default for MaxMemInQueues
If we can't detect the physical memory, the new default is 8 GB on
64-bit architectures, and 1 GB on 32-bit architectures.

If we *can* detect the physical memory, the new default is
  CLAMP(256 MB, phys_mem * 0.75, MAX_DFLT)
where MAX_DFLT is 8 GB on 64-bit architectures and 2 GB on 32-bit
architectures.

You can still override the default by hand.  The logic here is simply
trying to choose a lower default value on systems with less than 12 GB
of physical RAM.
2014-04-24 10:26:14 -04:00
dana koch
f680d0fdd2 Educate tor on OpenBSD's use of divert-to rules with the pf firewall.
This means that tor can run without needing to communicate with ioctls
to the firewall, and therefore doesn't need to run with privileges to
open the /dev/pf device node.

A new TransProxyType is added for this purpose, "pf-divert"; if the user
specifies this TransProxyType in their torrc, then the pf device node is
never opened and the connection destination is determined with getsockname
(as per pf(4)). The default behaviour (ie., when TransProxyType is "default"
when using the pf firewall) is still to assume that pf is configured with
rdr-to rules.
2014-04-16 23:03:25 -04:00
Nick Mathewson
3e4680f312 ipfw TransPort support on FreeBSD (10267)
This isn't on by default; to get it, you need to set "TransProxyType
ipfw".  (The original patch had automatic detection for whether
/dev/pf is present and openable, but that seems marginally fragile.)
2014-04-16 23:03:25 -04:00
Nick Mathewson
dfc32177d9 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-01 21:00:30 -04:00
Nick Mathewson
a68e6ea9c0 Fix documentation of torrc search order
We are searching @CONFDIR@ before $HOME, but the documentation
implied otherwise.

I screwed this up in f5e86bcd6c, when I
first documented the $HOME/.torrc possibility.

Fix for bug 9213; bugfix on 0.2.3.18-rc.
2014-04-01 20:56:03 -04:00
Nick Mathewson
91f6a422cc Fix build of torify.1
The build was broken by changes in f8c45339f7, but we didn't
notice, since that commit also made torify.1 only get built when
tor-fw-helper was turned on.

Fixes bug 11321; bugfix on Tor 0.2.5.1-alpha.
2014-03-26 12:12:54 -04:00
Nick Mathewson
1a7794e475 Merge remote-tracking branch 'public/bug11061_024' 2014-03-25 10:02:22 -04:00
Nick Mathewson
5e9672904c Fix SOCKSPort documentation layout
In the end this required a slightly nasty hack using a dummy anchor as
an option heading in order to make the "Other recognized __flags__"
line indent properly.

Fixes bug 11061; Bugfix on 61d740ed.
2014-03-25 10:01:08 -04:00
Nick Mathewson
f4e2c72bee Merge remote-tracking branch 'karsten/task-11070' 2014-03-23 00:18:48 -04:00
Roger Dingledine
e4c7fdd48c bring hacking more up to date 2014-03-22 23:36:10 -04:00
Nick Mathewson
8a647291c8 extract some changelog principles into doc/HACKING 2014-03-19 20:24:15 -04:00
Karsten Loesing
7450403410 Take out remaining V1 directory code. 2014-03-18 10:40:10 +01:00
Nick Mathewson
9991c5f001 Clarify ClientOnly documentation
The option is unneeded, not meaningless, so explain what it does.

Patch from Matt Pagan; fixes 9059.
2014-03-13 10:35:52 -04:00
Nick Mathewson
4a2a1e572e Merge branch 'bug11108' 2014-03-06 10:22:40 -05:00
Nick Mathewson
967d9c9f10 Clarify default behavior of {SOCKS,Dir}Policy harder
Improvement on 11108 fix; suggested by cypherpunks.
2014-03-06 10:21:59 -05:00
Nick Mathewson
d3c5df6cf6 Give the HTTPS url for jenkins in doc/HACKING 2014-03-06 10:03:24 -05:00
Nick Mathewson
22ccfc6b5f Rename PredictedCircsRelevanceTime->PredictedPortsRelevanceTime
All circuits are predictive; it's the ports that are expiring here.
2014-03-05 14:35:07 -05:00
Nick Mathewson
103cebd924 Merge branch 'ticket9176_squashed'
Conflicts:
	doc/tor.1.txt
2014-03-05 14:32:05 -05:00
Nick Mathewson
2c25bb413e Lower the maximum for PrecictedCircsRelevanceTime to one hour 2014-03-05 14:31:13 -05:00
unixninja92
d47d147307 More correctly documented PredictedCircsRelevanceTime in tor.1.txt 2014-03-05 14:31:13 -05:00
unixninja92
52fbb9f623 Added Documentation for PredictedCircsRelevanceTime config file argument. 2014-03-05 14:31:13 -05:00
Nick Mathewson
27d231ca13 Document alternate bandwidth/memory unit spellings 2014-03-04 12:12:36 -05:00
Nick Mathewson
ab225aaf28 Merge branch 'bug10169_025_v2'
Conflicts:
	src/test/test.c
2014-03-04 11:03:30 -05:00
Nick Mathewson
4050dfa320 Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them.  This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}.  It
also adjusts the manpage to say that ports are ignored.

Fixes ticket 11108.
2014-03-03 10:45:39 -05:00
Lunar
3a425ac3a8 Fix max client name length in HiddenServiceAuthorizeClient description
REND_CLIENTNAME_MAX_LEN is set to 16, not 19.
2014-03-03 09:53:38 -05:00
Karsten Loesing
3ca5fe81e3 Write hashed bridge fingerprint to logs and to disk.
Implements #10884.
2014-02-28 08:53:13 -05:00
Nick Mathewson
87fb1e324c Merge remote-tracking branch 'public/bug10169_024' into bug10169_025_v2
Conflicts:
	src/or/circuitlist.c
2014-02-12 12:44:58 -05:00
Roger Dingledine
1ccc282122 add a missing word to the man page 2014-02-12 04:01:59 -05:00
Nick Mathewson
0228b9bd4b Tweak DirAuthority documentation
Per a comment from karsten, there is no longer v2 authority support,
so stop pretending there is. Also, fix a grammar error.x
2014-02-11 11:34:32 -05:00
Nick Mathewson
ce450bddb7 Remove TunnelDirConns and PreferTunnelledDirConns
These options were added back in 0.1.2.5-alpha, but no longer make any
sense now that all directories support tunneled connections and
BEGIN_DIR cells.  These options were on by default; now they are
always-on.

This is a fix for 10849, where TunnelDirConns 0 would break hidden
services -- and that bug arrived, I think, in 0.2.0.10-alpha.
2014-02-11 11:10:55 -05:00
Nick Mathewson
c0483c7f85 Remove options for configuring HS authorities.
(There is no longer meaningfully any such thing as a HS authority,
since we stopped uploading or downloading v0 hs descriptors in
0.2.2.1-alpha.)

Implements #10881, and part of #10841.
2014-02-10 22:41:52 -05:00
Nick Mathewson
5991f9a156 TransProxyType replaces TransTPROXY option
I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.

(See #10582 and #10267)
2014-02-03 13:56:19 -05:00
Nick Mathewson
09ccc4c4a3 Add support for TPROXY via new TransTPRoxy option
Based on patch from "thomo" at #10582.
2014-01-31 12:59:35 -05:00
Nick Mathewson
6a6bc9da53 Document more coverage tricks in doc/HACKING 2014-01-21 16:44:48 -05:00
Nick Mathewson
5c45a333c3 Merge remote-tracking branch 'public/bug10169_023' into bug10169_024
Conflicts:
	doc/tor.1.txt
	src/or/config.c
	src/or/or.h

The conflicts were all pretty trivial.
2014-01-03 10:53:22 -05:00
Nick Mathewson
3121a6d0c8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-12-23 19:01:29 -05:00
Nick Mathewson
3511549651 Clarify DirPort multiplicity
Fix for #10470 as suggested by arma
2013-12-23 19:00:46 -05:00
Nick Mathewson
e572ec856d Rename MaxMemInCellQueues to MaxMemInQueues 2013-11-20 12:12:23 -05:00
Nick Mathewson
fc5a881bd3 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-11-10 12:24:12 -05:00
Nick Mathewson
532f70a807 Change documentation DirServer->DirAuthority
We renamed the option, but we didn't actually fix it in the log
messages or the docs.  This patch does that.

For #10124.  Patch by sqrt2.
2013-11-10 12:21:23 -05:00
Nick Mathewson
e30fb0a160 Tweak file documentation in tor.1.txt 2013-11-07 14:52:29 -05:00
rl1987
75d2ea8a99 Updating manpage to describe some of the data directory files. 2013-11-07 14:47:47 -05:00
Nick Mathewson
940d286a74 Documentation and tests for 10060 2013-11-07 14:42:58 -05:00
rl1987
86cfc64d45 Implementing --allow-missing-torrc CLI option. 2013-11-07 14:26:05 -05:00
Nick Mathewson
12dc55f487 Merge branch 'prop221_squashed_024'
Conflicts:
	src/or/or.h
2013-11-01 10:28:01 -04:00
Nick Mathewson
0de71bf8eb Implement proposal 221: Stop sending CREATE_FAST
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
2013-11-01 10:04:48 -04:00
Nick Mathewson
61029d6926 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-31 14:03:01 -04:00
Nick Mathewson
1b312f7b55 Merge remote-tracking branch 'public/bug9780_024_v2' into maint-0.2.4 2013-10-31 14:02:28 -04:00
Nick Mathewson
d3420e7e73 Mention that tor is client-by-default. From Weasel. Resolves #10057 2013-10-31 11:08:21 -04:00
Nick Mathewson
e02230dd85 Minor manpage tweaks from weasel; closes #10058 2013-10-31 10:55:18 -04:00
Karsten Loesing
2e0fad542c Merge branch 'morestats4' into morestats5
Conflicts:
	doc/tor.1.txt
	src/or/config.c
	src/or/connection.h
	src/or/control.c
	src/or/control.h
	src/or/or.h
	src/or/relay.c
	src/or/relay.h
	src/test/test.c
2013-10-28 12:09:42 +01:00
Roger Dingledine
49278cd68a clarify that DisableNetwork closes connections too 2013-10-25 16:56:20 -04:00
Nick Mathewson
17d368281a Merge remote-tracking branch 'linus/bug9206_option' 2013-10-16 11:20:43 -04:00
Nick Mathewson
882fb8383d Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-09 09:45:21 -04:00
Karsten Loesing
66a04a6ac3 Clarify who learns about ContactInfo.
Explicitly include bridges, and note that we archive and publish all
descriptors.

(We are not yet publishing ContactInfo lines contained in bridge
descriptors, but maybe we'll want to do that soon, so let's err on the
side of caution here.)

Related to #9854.
2013-10-09 09:43:18 -04:00
Nick Mathewson
72c1e5acfe Switch ECDHE group default logic for bridge/relay TLS
According to the manpage, bridges use P256 for conformity and relays
use P224 for speed. But skruffy points out that we've gotten it
backwards in the code.

In this patch, we make the default P256 for everybody.

Fixes bug 9780; bugfix on 0.2.4.8-alpha.
2013-10-08 16:32:07 -04:00
Peter Palfrader
2c270136a4 Anchors for options (re#9866) 2013-10-08 16:06:19 -04:00
Peter Palfrader
4e37eba0ac Anchors for options (re#9866) 2013-10-07 11:31:01 -04:00
Linus Nordberg
fab8fd2c18 Add TestingDirAuthVoteGuard option for specifying relays to vote Guard on.
Addresses ticket 9206.
2013-10-07 13:33:42 +02:00
Roger Dingledine
bce775c159 name it correctly, maybe 2013-10-01 15:47:38 -04:00
Nick Mathewson
5baacf5a9c Mention "make test-network" in doc/HACKING 2013-10-01 12:50:48 -04:00
guilhem
f8c45339f7 Don't preprocess torify
Since torify has been removed from tsocks, it doesn't need to be
preprocessed. Closes #5505.
2013-09-29 13:59:17 -04:00
Nick Mathewson
6178aaea06 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-20 11:01:10 -04:00
Nick Mathewson
f8b44eedf7 Get ready to stop sending timestamps in INTRODUCE cells
For now, round down to the nearest 10 minutes.  Later, eliminate entirely by
setting a consensus parameter.

(This rounding is safe because, in 0.2.2, where the timestamp mattered,
REND_REPLAY_TIME_INTERVAL was a nice generous 60 minutes.)
2013-09-20 11:00:27 -04:00
Nick Mathewson
0c807cf3e4 Document that disabledebuggerattachment prevents cores 2013-09-19 12:14:07 -04:00
Nick Mathewson
e35c972851 Merge branch 'bug4647_squashed' 2013-09-13 12:36:55 -04:00
Nick Mathewson
75d795b1d7 Disallow --hash-password with no commandline arguments.
Fixes bug 9573.

Bugfix on 59453ac6e in 0.0.9pre5, which fixed a crash in a silly way.
2013-09-13 12:36:40 -04:00
George Kadianakis
386e9fb297 Add Extended ORPort information to the man page. 2013-09-04 14:20:42 +03:00
Nick Mathewson
11352b0ce1 Add a clarification to gcov instructions 2013-09-03 15:44:13 -04:00
Nick Mathewson
28485d33ca Merge remote-tracking branch 'origin/maint-0.2.4' 2013-08-16 22:00:14 -04:00
Nick Mathewson
edaea773e5 Document the correct loglevel for the heartbeat message 2013-08-16 21:59:41 -04:00
Roger Dingledine
c7d3ecab57 new location for tarballs; and you should edit Makefile too 2013-08-10 18:33:37 -04:00
Nick Mathewson
ad49ceba1f Update coverage instructions 2013-08-06 12:00:28 -04:00
Nick Mathewson
83a859e24c Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-31 21:49:30 -04:00
Roger Dingledine
ff6bb13c02 NumDirectoryGuards now tracks NumEntryGuards by default
Now a user who changes only NumEntryGuards will get the behavior she
expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
2013-07-30 12:05:39 -04:00
Nick Mathewson
d5a5a6a253 Allow {,k,kilo,m,mega,g,giga,t,tera}bit{,s} in torrc
Patch from CharlieB for ticket #9214
2013-07-26 16:07:11 +02:00
Roger Dingledine
2920d670de fix typo 2013-07-23 05:16:56 -07:00
Roger Dingledine
0eca8737a1 fix typo 2013-07-18 23:35:20 -04:00
George Kadianakis
133f380c87 Add changes file and enrich the manual page. 2013-07-18 08:45:03 -04:00
Nick Mathewson
aac732322a Merge remote-tracking branch 'public/gsoc-ctoader-cap-phase1-squashed' 2013-07-12 17:12:43 -04:00
Cristian Toader
f9c1ba6493 Add a basic seccomp2 syscall filter on Linux
It's controlled by the new Sandbox argument.  Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
2013-07-11 09:13:13 -04:00
Nick Mathewson
b5d1fded3d Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-18 10:25:30 -04:00
Nick Mathewson
d3063da691 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Conflicts:
	src/or/config.c
	src/or/relay.c
2013-06-18 10:23:03 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues.
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
2013-06-18 10:15:16 -04:00
Nick Mathewson
45424b2ca1 Merge remote-tracking branch 'linus/bug8532' 2013-06-13 12:42:49 -04:00
Nick Mathewson
8c69207793 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 21:28:09 -04:00
Nick Mathewson
74a534be15 Fix the biggest errors in doc/HACKING
We can wait for 0.2.5 for a full rewrite.  #8964
2013-06-12 21:27:30 -04:00
Nick Mathewson
ee250be6a6 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 21:14:31 -04:00
Nick Mathewson
a3f6f3316a Remove various outdated documents.
doc/TODO and doc/spec/README were placeholders to tell people where to
look for the real TODO and README stuff -- we replaced them years ago,
though.

authority-policy, v3-authority-howto, and torel-design.txt belong in
torspec.  I'm putting them in attic there since I think they may be in
large part obsolete, but someone can rescue them if they're not.

translations.txt is outdated, and refers to lots of programs other
than Tor.  We have much better translation resources on the website
now.

tor-win32-mingw-creation.txt is pending review of a revised version
for 0.2.5 (see ticket #4520), but there's no reason to ship this one
while we're waiting for an accurate version.

the tor-rpm-creation.txt isn't obsolete AFAIK, but it belongs in
doc/contrib if anywhere.

Resolves bug #8965.
2013-06-12 21:11:49 -04:00
Linus Nordberg
4d54b9774d Add support for offsetting the voting interval in order to bootstrap faster.
A new option TestingV3AuthVotingStartOffset is added which offsets the
starting time of the voting interval. This is possible only when
TestingTorNetwork is set.

This patch makes run_scheduled_events() check for new consensus
downloads every second when TestingTorNetwork, instead of every
minute. This should be fine, see #8532 for reasoning.

This patch also brings MIN_VOTE_SECONDS and MIN_DIST_SECONDS down from
20 to 2 seconds, unconditionally. This makes sanity checking of
misconfiguration slightly less sane.

Addresses #8532.
2013-06-08 15:25:32 +02:00
Nick Mathewson
beec881f92 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-05 11:20:45 -04:00
Linus Nordberg
c03cfc0546 Fix two cut'n'paste docu bugs. 2013-06-05 11:19:43 -04:00
Karsten Loesing
ef67077fba Tweak TB_EMPTY event based on comments by nickm.
- Avoid control_event_refill_global function with 13 arguments and
  increase code reuse factor by moving more code from control.c to
  connection.c.
- Avoid an unsafe uint32_t -> int cast.
- Add TestingEnableTbEmptyEvent option.
- Prepare functions for testing.
- Rename a few functions and improve documentation.
2013-05-25 19:51:38 +02:00
Karsten Loesing
26b49f525d Tweak CELL_STATS event based on comments by nickm.
- Move cell_command_to_string from control.c to command.c.
- Use accessor for global_circuitlist instead of extern.
- Add a struct for cell statistics by command instead of six arrays.
- Split up control_event_circuit_cell_stats by using two helper functions.
- Add TestingEnableCellStatsEvent option.
- Prepare functions for testing.
- Rename a few variables and document a few things better.
2013-05-25 19:51:38 +02:00
Karsten Loesing
2f893624ab Tweak CONN_BW event based on comments by nickm.
- Rename read/write counters in connection_t to make it clear that these
  are only used for CONN_BW events.
- Add TestingEnableConnBwEvent option.
2013-05-25 19:51:38 +02:00
Karsten Loesing
1293835440 Lower dir fetch retry schedules in testing networks.
Also lower maximum interval without directory requests, and raise
maximum download tries.

Implements #6752.
2013-05-16 12:08:48 +02:00
Nick Mathewson
0124b10d28 Turn on ntor by default client-side
Implements #8561.
2013-04-18 22:35:15 -04:00
Nick Mathewson
8aded5b07c Manpage: refer to ExcludeExitNodes, not the nonexistent ExcludeEntryNodes
Spotted on tor-talk by "hamahangi".
2013-04-13 18:28:06 -04:00
Nick Mathewson
7f50af116f Merge remote-tracking branch 'public/bug8117_023' into maint-0.2.4
Conflicts:
	doc/tor.1.txt
	src/or/config.c
	src/or/connection.c
2013-04-11 01:39:55 -04:00
Nick Mathewson
cd5048d61e Tighten prose in 8590 manpage fix 2013-03-27 21:58:07 -04:00
Patrick R McDonald
5a3eacf88c First try on ticket 8590 2013-03-27 21:56:42 -04:00
Nick Mathewson
fa3c237739 Per-SOCKSPort configuration for bug 8117 fix.
This might be necessary if the bug8117 fix confuses any applications.

Also add a changes file.
2013-03-20 16:17:06 -04:00
Nick Mathewson
a660fe6fd5 Let testing networks override ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG
This adds a new option to fix bug 8508 which broke chutney
networks. The bug was introduced by 317d16de.
2013-03-20 13:34:57 -04:00
Nick Mathewson
6f20a74d52 Merge branch 'bug8240_v2_squashed' into maint-0.2.4
Conflicts:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/config.c
	src/or/or.h
2013-03-19 16:15:27 -04:00
Nick Mathewson
18752bca5b Drop the minimum guard lifetime back down to one month
Mike believes that raising the default to 2 months with no way to lower
it may create horrible load-balancing issues.
2013-03-19 16:04:40 -04:00
Nick Mathewson
aa040619d5 Document the GuardLifetime option 2013-03-19 16:03:57 -04:00
Nick Mathewson
343f7aa059 Make the guard lifetime configurable and adjustable via the consensus
Fixes 8240.

(Don't actually increase the default guard lifetime. It seems likely to
break too many things if done precipitiously.)
2013-03-19 16:02:19 -04:00
Nick Mathewson
60d1442136 Merge remote-tracking branch 'public/bug7768' into maint-0.2.4 2013-03-19 15:11:47 -04:00
Nick Mathewson
6fe4e24645 Use --test-commandline name in tor-fw-helper manpage 2013-03-19 15:11:34 -04:00
Nick Mathewson
7e9b6a19d4 Merge remote-tracking branch 'public/bug8290' into maint-0.2.4 2013-03-18 15:07:02 -04:00
Nick Mathewson
18da1e0cf2 Remove incentives.txt from tor git; putting it into torspec. 2013-03-15 11:25:45 -04:00
Nick Mathewson
aa051b7573 Improve asciidoc-helper's suggestion of what to install
Fixes bug #7766.

Patch by David Fifield, revised by Peter Palfrader.
2013-03-15 11:18:25 -04:00
Nick Mathewson
8c211c3cda Fix option names in tor-fw-helper manpage
fix for bug 7768
2013-03-11 17:57:27 -04:00
Roger Dingledine
edd6f02273 randomize SSLKeyLifetime by default
resolves ticket 8443.
2013-03-10 23:38:18 -04:00
Nick Mathewson
4740d2e8bc Remove some lingering tsocks cruft.
Now the manpages no longer refer to tsocks or tsocks.conf, and we no
longer have or ship a tor-tsocks.conf.  The only remaining instances
of "tsocks" in our repository are old ChangeLog and ReleaseNotes
entries, and the torify script saying that it doesn't support tsocks.

Fixes bug 8290.
2013-02-27 19:39:57 -05:00
Roger Dingledine
9bc05c30d7 update the in-progress bandwidth requirements for authorities 2013-02-25 09:19:04 -05:00
Nick Mathewson
2b1119db77 Document (on man page) which DNS record types Tor knows.
Fixes bug 7876
2013-02-19 02:47:44 -05:00
Peter Palfrader
47cfee781d tor.1: Specify what Auto means for RefuseUnknownExits in more detail 2013-02-12 15:22:34 -05:00
Nick Mathewson
e5b07ba179 Merge remote-tracking branch 'arma/bug7054' 2013-02-07 15:22:36 -05:00
Mike Perry
2b68a06618 Update manpage for new pathbias use thresholds. 2013-02-04 17:15:51 -08:00
Nick Mathewson
acb43c0735 Merge remote-tracking branch 'public/feature7706' 2013-02-01 17:24:08 -05:00
Mike Perry
dfcfb5d17d Refactor the scaling parameter fetching into a single function.
Also, deprecate the torrc options for the scaling values. It's unlikely anyone
but developers will ever tweak them, even if we provided a single ratio value.
2013-02-01 17:01:12 -05:00
Nick Mathewson
29136bd7e4 Merge branch 'bug5956_squashed' 2013-01-30 11:59:51 -05:00
Nick Mathewson
02c320916e Parameterize FRAC_USABLE_NEEDED for fraction of circuits
Instead of hardcoding the minimum fraction of possible paths to 0.6, we
take it from the user, and failing that from the consensus, and
failing that we fall back to 0.6.
2013-01-30 11:58:17 -05:00
Nick Mathewson
ec7ffed79d Document the ?? country code. 2013-01-30 10:19:41 -05:00
Andrea Shepard
123daffb60 Merge branch 'bug7802' of ssh://git-rw.torproject.org/mikeperry/tor 2013-01-28 16:16:45 -08:00
Mike Perry
a678ff9ec1 Document path use bias options in the manpage. 2013-01-18 21:23:37 -08:00
Nick Mathewson
ff9bdbd56f When excluding nodes by country, exclude {??} and {A1} too
This is ticket 7706, reported by "bugcatcher."  The rationale here
is that if somebody says 'ExcludeNodes {tv}', then they probably
don't just want to block definitely Tuvaluan nodes: they also want
to block nodes that have unknown country, since for all they know
such nodes are also in Tuvalu.

This behavior is controlled by a new GeoIPExcludeUnknown autobool
option.  With the default (auto) setting, we exclude ?? and A1 if
any country is excluded.  If the option is 1, we add ?? and A1
unconditionally; if the option is 0, we never add them.

(Right now our geoip file doesn't actually seem to include A1: I'm
including it here in case it comes back.)

This feature only takes effect if you have a GeoIP file.  Otherwise
you'd be excluding every node.
2013-01-17 18:07:36 -05:00
Nick Mathewson
b0b3c14c11 Eliminate MaxOnionsPending; replace it with MaxOnionQueueDelay
The right way to set "MaxOnionsPending" was to adjust it until the
processing delay was appropriate.  So instead, let's measure how long
it takes to process onionskins (sampling them once we have a big
number), and then limit the queue based on its expected time to
finish.

This change is extra-necessary for ntor, since there is no longer a
reasonable way to set MaxOnionsPending without knowing what mix of
onionskins you'll get.

This patch also reserves 1/3 of the onionskin spots for ntor
handshakes, on the theory that TAP handshakes shouldn't be allowed to
starve their speedier cousins.  We can change this later if need be.

Resolves 7291.
2013-01-03 13:03:41 -05:00
Nick Mathewson
b1bdecd703 Merge branch 'ntor-resquashed'
Conflicts:
	src/or/cpuworker.c
	src/or/or.h
	src/test/bench.c
2013-01-03 11:52:41 -05:00
Nick Mathewson
ed3c8d9d44 Document UseNTorHandshake 2013-01-03 11:29:48 -05:00
Nick Mathewson
885e8d35c7 Merge remote-tracking branch 'mikeperry/209-path-bias-changes' 2012-12-25 23:30:28 -05:00
Nick Mathewson
c2c6e8e5b2 Add documentation for directory guard options 2012-12-25 23:19:10 -05:00
Nick Mathewson
25afecdbf9 Make ECDHE group configurable: 224 for public, 256 for bridges (default) 2012-12-25 20:22:46 -05:00
Nick Mathewson
a60680c226 Remove the obsolete doc/TODO.* files
Closes bug #7730.
2012-12-17 22:26:05 -05:00
Nick Mathewson
c1226cf4f9 Document PreferIPv6Automap in the manpage 2012-12-17 14:51:31 -05:00
Nick Mathewson
de4cc126cb Build and test most of the machinery needed for IPv6 virtualaddrmaps
With an IPv6 virtual address map, we can basically hand out a new
IPv6 address for _every_ address we connect to.  That'll be cool, and
will let us maybe get around prop205 issues.

This uses some fancy logic to try to make the code paths in the ipv4
and the ipv6 case as close as possible, and moves to randomly
generated addresses so we don't need to maintain those stupid counters
that will collide if Tor restarts but apps don't.

Also has some XXXX items to fix to make this useful. More design
needed.
2012-12-17 14:51:29 -05:00
Nick Mathewson
ac990aa44a Turn off by-default use of client-side DNS cacheing. 2012-12-17 14:50:04 -05:00
Nick Mathewson
bde6f2daba Add documentation for the client-side DNS cache options 2012-12-17 14:49:32 -05:00
Nick Mathewson
01ac961ca1 Merge branch 'fallback_dirsource_v3' 2012-12-13 12:42:29 -05:00
Mike Perry
43a00877cf Update manpage. 2012-12-10 00:13:55 -08:00
Mike Perry
df4aeaa0d6 Update manpage for new PathBias torrc options. 2012-12-07 15:28:37 -08:00
Nick Mathewson
504d4aa8c6 Expand the manpage to say: watch out for nonlocal socks
This clears up the remaining issue stopping me from closing bug 6297.
2012-12-07 12:42:55 -05:00
Nick Mathewson
f742b33d85 Drop FallbackNetworkstatusFile; it never worked. 2012-12-06 11:28:49 -05:00
Nick Mathewson
a8d491a8fd Add an option to weight down authorities when choosing a fallback 2012-12-06 11:28:49 -05:00
Nick Mathewson
06cd62266f Add a way to configure selection weights for dir_server_t 2012-12-06 11:28:49 -05:00
Nick Mathewson
90f6071d8d New FallbackDir option to add extra directories for bootstraping
This replaces the old FallbackConsensus notion, and should provide a
way -- assuming we pick reasonable nodes! -- to give clients
suggestions of placs to go to get their first consensus.
2012-12-06 11:28:49 -05:00
Nick Mathewson
ded70363a7 Rename DirServer to DirAuthority 2012-12-06 11:23:43 -05:00
Nick Mathewson
190c1d4981 Merge branch 'bug7013_take2_squashed' 2012-11-27 22:18:16 -05:00
George Kadianakis
f88c303869 Add a torrc option to specify the bind address of managed proxies. 2012-11-27 22:18:08 -05:00
Nick Mathewson
61d740ed01 Add manual page entries for new IPv6-exits options 2012-11-14 23:35:13 -05:00
Nick Mathewson
626a8b60d7 Merge remote-tracking branch 'linus/bug5053-bug5055'
Conflicts:
	src/or/geoip.c
2012-11-04 21:44:31 -05:00
Nick Mathewson
4a9bc5658f Fix instructions for using Tor with gcov
It seems as if our new build system broke gcov for me.  I've tried to
fix doc/HACKING to describe what I needed to do in order to make it
work again.
2012-10-24 15:03:49 -04:00
Karsten Loesing
c03e3d66a9 Minor tweaks and comments to nils' geoip v6 code. 2012-10-17 10:54:52 +02:00
nils
abb886014e Add GeoIP database for IPv6 addresses 2012-10-17 10:54:52 +02:00
Roger Dingledine
0b598cb2bb Say "KBytes" rather than "KB" in the man page
(for various values of K), to further reduce confusion about whether
Tor counts in units of memory or fractions of units of memory. Fixes
bug 7054.
2012-10-06 01:57:13 -04:00
Linus Nordberg
1cbf45bed1 Make option OutboundBindAddress accept IPv6 addresses too.
Implements ticket 6786.
2012-09-20 17:09:25 +02:00
Nick Mathewson
0e0a167742 Merge branch 'bug6843' 2012-09-19 09:01:15 -04:00
Nick Mathewson
f612a9eb1b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-19 08:26:07 -04:00
Nick Mathewson
b9c86948e4 Clarify that hidden services are TCP only
Also remove some trailing whitespace.

Patch from maker; fixes bug 6024.
2012-09-19 08:19:21 -04:00
Nick Mathewson
a78eeb4cbc Fix dependency checking on manpage builds
Fixes bug 6843; bugfix on 0.2.4.1-alpha.
2012-09-14 10:36:42 -04:00
Roger Dingledine
9ab3b332ae Merge branch 'maint-0.2.3' 2012-09-14 02:41:13 -04:00
Robert Ransom
909691f1ae Fix man page typo 2012-09-13 23:25:03 -07:00
Roger Dingledine
e1e34ee4e4 raise bandwidthrate/bandwidthburst to a new "infinite"
addresses bug 6605.
2012-09-10 03:03:06 -04:00
Nick Mathewson
e9684405ac Merge remote-tracking branch 'asn/bug4567_rebased' 2012-09-06 10:12:28 -04:00
Roger Dingledine
6f82ae44cb Merge branch 'maint-0.2.3' 2012-09-05 16:41:43 -04:00
Roger Dingledine
97dbff51e6 Update the minimum bandwidth for a public relay
The current cutoff is 30KB, but in reality a useful cutoff is probably
more like 50KB or 100KB.
2012-09-05 16:40:57 -04:00
Nick Mathewson
116c8409ba Merge remote-tracking branch 'linus/bug6770_3'
Conflicts:
	doc/tor.1.txt
	src/or/config.c
2012-09-05 11:35:26 -04:00
George Kadianakis
44fe717524 General tweaks and fixes for Nick's comments.
* Add changes/ files.
* Edit the tor-fw-helper manpage.
* Fix check-spaces.
* Add prototype for get_list_of_ports_to_forward().
* Fix tor_parse_long() TCP port range.
* Improve doc. of tor_check_port_forwarding().
* Check for overflows in tor_check_port_forwarding().
* Demote successful port forwarding to LOG_INFO.

Conflicts:
	src/common/address.c
	src/or/circuitbuild.c
2012-09-05 18:23:28 +03:00
Linus Nordberg
f7c97cd40b Remove AuthDirPublishIPv6 and let AuthDirHasIPv6Connectivity fill its function.
See #4771 for rationale.

Note that this patch does not take suggested changes in #4470 into
account and keeps treating AuthDirHasIPv6Connectivity as an
AUTOBOOL. Thus, bug fixes for that are included here as well.

This is a fix on master, unreleased as of now.
2012-09-05 13:35:39 +02:00
Linus Nordberg
0e53742a85 Make AuthDirHasIPv6Connectivity a BOOL.
This is a fix of unreleased tor. It solves ticket #6770.
2012-09-05 12:47:01 +02:00
Roger Dingledine
67065c3c06 minor typos i found while constructing the changelog 2012-09-05 04:46:27 -04:00
Linus Nordberg
e04e1a2e7d Clients connect to public relays over IPv6.
Add ClientUseIPv6 and ClientPreferIPv6ORPort configuration options.

Use "preferred OR port" for all entry nodes, not only for bridges.

Mark bridges with "prefer IPv6 OR port" if an IPv6 address is
configured in Bridge line and ClientPreferIPv6ORPort is set.

Mark relays with "prefer IPv6 OR port" if an IPv6 address is found in
descriptor and ClientPreferIPv6ORPort is set.

Filter "preferred OR port" through the ClientUseIPv6 config option. We
might want to move this test to where actual connection is being set
up once we have a fall back mechanism in place.

Have only non-servers pick an IPv6 address for the first hop: We
don't want relays to connect over IPv6 yet. (IPv6 has never been used
for second or third hops.)

Implements ticket 5535.
2012-09-04 12:57:21 -04:00
Nick Mathewson
485b4b7eee Rename configure.in to configure.ac
This is the preferred filename to use with Autoconf 2.50 and later.
2012-09-04 11:12:00 -04:00
Nick Mathewson
48a6816eb5 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-31 18:39:27 -04:00
Nick Mathewson
b17bb543da Merge branch 'bug6732' into maint-0.2.3 2012-08-31 18:39:11 -04:00
Nick Mathewson
774979ca45 Document consensus and microdesc files
Bugfix for #6732.
2012-08-31 11:35:47 -04:00
Nick Mathewson
0c5a44ed0a Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:16:27 -04:00
Nick Mathewson
b7c172c9ec Disable extending to private/internal addresses by default
This is important, since otherwise an attacker can use timing info
to probe the internal network.

Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.

Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Jim Meyering
7638612f01 Better fix to avoid loudness on mkdir -p
(commit message by nickm)
2012-08-27 10:05:02 -04:00
Nick Mathewson
0867479e3e Add some attributes to make a2x quieter 2012-08-23 13:19:54 -04:00
Nick Mathewson
b67057a542 Make asciidoc generation quieter 2012-08-23 13:19:40 -04:00
Nick Mathewson
3f66664935 Add missing dependency so the html.in files get built 2012-08-23 12:52:33 -04:00
Jim Meyering
8f60f70e21 Replace man_MANS with nodist_man1_MANS
(commit message by nickm)
2012-08-23 12:36:33 -04:00
Stewart Smith
301e24e4a8 fix up calling of config.status to generate docs 2012-08-09 11:03:48 -04:00
Stewart Smith
2606c8b289 Fix up make distcheck and greatly simplify docs dependencies (although it's still a bit odd) 2012-08-09 11:03:48 -04:00
Stewart Smith
2a4a149624 Move to non-recursive make
This gives us a few benefits:
1) make -j clean all
   this will start working, as it should. It currently doesn't.
2) increased parallel build
   recursive make will max out at number of files in a directory,
   non-recursive make doesn't have such a limitation
3) Removal of duplicate information in make files,
   less error prone

I've also slightly updated how we call AM_INIT_AUTOMAKE, as the way
that was used was not only deprecated but will be *removed* in the next
major automake release (1.13).... so probably best that we can continue
to bulid tor without requiring old automake.
(see http://www.gnu.org/software/automake/manual/html_node/Public-Macros.html )

For more reasons  why, see resources such as:
http://miller.emu.id.au/pmiller/books/rmch/
2012-08-09 11:03:47 -04:00
Stewart Smith
c9aafa0962 add $(AM_V_GEN) to documentation generation Makefile targets.
This makes the V=1 or V=0 automake silent build options display (or hide)
the full command line used.

  GEN foo.bar

will be seen rather than the full command.

As with all automake silent rules, "make V=1" will output the full command.
2012-08-02 10:05:36 -04:00
Nick Mathewson
43b81325b5 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-31 11:49:32 -04:00
Ondrej Mikle
eeb81b5bb1 Fixes/beautification of RPM spec. Tiny improvements in RPM build docs. 2012-07-31 11:41:40 -04:00
Ondrej Mikle
0e778ac604 Workaround for building EL5 RPMs by specifying rpmbuild-md5. Updated old note about using static libevent when building RPMs. 2012-07-31 11:41:40 -04:00
Ondrej Mikle
cf20fac37f Dependencies for RPM building with mock should work now 2012-07-31 11:41:40 -04:00
Nick Mathewson
e6d61ee594 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-31 10:18:05 -04:00
Nick Mathewson
d9bd0de062 Fix some manpage typos
This is based on a pair of patches from A. Costa. I couldn't apply
those directly, since they changed the generated *roff files, not
the asciidoc source.

Fixes Tor bug 6500 and Debian bug 683359.
2012-07-31 10:16:03 -04:00
Nick Mathewson
952f562691 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-23 12:31:24 -04:00
Steven Murdoch
5b853612fb Clarify how to build asciidoc files using homebrew on Mac OS X 2012-07-20 09:49:02 -04:00
Linus Nordberg
fff842a47c Add config option AuthDirPublishIPv6.
Test for config option AuthDirPublishIPv6 == 1 rather than for running
as a bridge authority when deciding whether to care or not about IPv6
OR ports in descriptors.

Implements enhancement #6406.
2012-07-19 17:51:15 -04:00
Linus Nordberg
044da1bf0f Add configure option AuthDirHasIPv6Connectivity.
Implements enhancement 5974.
2012-07-19 18:21:22 +02:00
Nick Mathewson
9ad5b25930 Improve Alternate*Authority docs. Bug 6387. 2012-07-16 11:21:20 -04:00
Nick Mathewson
f5e86bcd6c Document 0.2.3.x torrc/default-torrc/command line semantics changes
Bug 4748

squash! Document 0.2.3.x torrc/default-torrc/command line semantics changes

Incorporates fixes suggested by rransom.
2012-06-18 12:01:27 -04:00
Roger Dingledine
427d4dd148 fix typos, logic error, default in man page 2012-06-15 03:25:27 -04:00
Mike Perry
8d59690033 Defend against entry node path bias attacks
The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.

If the failure rate exceeds a certain amount, a notice is emitted.

If it exceeds a greater amount, a warn is emitted and the guard is disabled.

These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
2012-06-14 13:19:56 -07:00
Nick Mathewson
75706527c1 Document --hush; fix documentation for --quiet. 2012-06-14 14:58:51 -04:00
Nick Mathewson
70910479e3 Merge remote-tracking branch 'public/bug5598'
Conflicts:
	doc/tor.1.txt

Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
2d127eacd9 List defaults consistently in manpage
Nearly everywhere, we end options with "(Default: foo)".  But in a
few places, we inserted an extra period after or before the close
parenthesis, and in a few other places we said "(Defaults to foo)".
Let's not do that.
2012-06-11 09:52:43 -04:00
Nick Mathewson
b74f851861 Correct the defaults for the *Statistics options 2012-06-07 13:46:51 -04:00
Nick Mathewson
8a341cc429 Change the default for DynamicDHGroups to 0
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721) and bridge
tracing (#6087) regressions.

We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088).  Before we can do so, we need a fix for bugs #6087 and

Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
f4db3e2631 clarify that LongLivedPorts is for hidden services too 2012-06-03 21:07:34 -04:00
Nick Mathewson
f00a8b4307 Another dirport/orport correction; this one from "cypherpunks" 2012-05-16 15:45:20 -04:00
Nick Mathewson
400c7ce2b6 Document that the ORPort flags apply to DirPort too. (thanks, Roger.) 2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07 5597: document new ORPort options 2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45 Clarify SessionGroup documentation. Bug 5437. 2012-05-16 14:43:11 -04:00
Nick Mathewson
82ce43a706 Merge remote-tracking branch 'public/bug3964' 2012-05-16 11:33:52 -04:00
Nick Mathewson
1150b6b43e Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 11:23:06 -04:00
Nick Mathewson
8e07798284 Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259. 2012-05-15 11:22:06 -04:00
Nick Mathewson
1cf970c3db Merge remote-tracking branch 'asn/bug5540' 2012-05-10 14:24:17 -04:00
Nick Mathewson
dc60b5d6a7 Improve our documentation for the NT Service command line options
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Daniel 'koolfy' Faucon
42143979d8 Add a warning about settign a bridge in MyFamily 2012-04-02 18:16:14 -04:00
Roger Dingledine
c7cbd06d5f Merge branch 'maint-0.2.2'
Conflicts:
	src/or/config.c
2012-04-01 16:03:16 -04:00
Roger Dingledine
40ab832c4e BridgePassword was never for debugging
It is for the not-yet-implemented bridge community design.
2012-04-01 15:59:00 -04:00
George Kadianakis
31ed10f6c2 Explain TransportProxy within doc/state-contents.txt. 2012-03-31 14:33:11 +02:00
Roger Dingledine
c3a7bcf4e6 tab-man strikes back (fixup on a9c0e9fec2) 2012-03-28 04:06:56 -04:00
Nick Mathewson
a9c0e9fec2 Write initial documentation for the contents of the state file
Fixes bug 2987.  There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Roger Dingledine
92862c6d48 Merge branch 'maint-0.2.2' 2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919 Update "ClientOnly" man page entry
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
George Kadianakis
8265a9e5b1 Better documentation of transport-related torrc options.
Document ServerTransportPlugin and the managed proxy version of
ClientTransportPlugin.
2012-01-21 16:28:48 +02:00
Nick Mathewson
b14ac10b7f Add missing documentation for some options introduced in 0.2.3.x 2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c Documentation for GiveGuardFlagTo... option 2012-01-18 14:44:29 -05:00
Roger Dingledine
1e923dd2fb fix crash bug in original feature4207 branch
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
938531773a Allow authorities to baddir/badexit/invalid/reject nodes by cc
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Sebastian Hahn
98959f63ac Disallow disabling DisableDebuggerAttachment on runnning Tor
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Robert Ransom
836161c560 Add an option to close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5 Add an option to close 'almost-connected' HS client circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
c6a8ee36fb Move description of HidServAuth out of the FascistFirewall group 2011-12-27 08:02:41 -08:00
Nick Mathewson
d04f21bf39 Merge branch 'feature2553-v4-rebased' 2011-11-30 14:54:33 -05:00
Arturo Filastò
db648fe886 Add some more documentation 2011-11-30 14:54:15 -05:00
Nick Mathewson
3b88b63826 Merge branch 'bug933_nm_rebased_v2'
Conflicts:
	src/test/test.c
2011-11-30 14:10:22 -05:00
Nick Mathewson
00ecc22126 Revise MapAddress manpage
make the asciidoc work; make the example more generic; tighten the
prose a little; be more specific that *.example.com matches
example.com; simplify an example.
2011-11-30 14:08:11 -05:00
Robert Hogan
53ce6bb52d Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:8
1. Only allow '*.' in MapAddress expressions. Ignore '*ample.com' and '.example.com'.
       This has resulted in a slight refactoring of config_register_addressmaps.
    2. Add some more detail to the man page entry for AddressMap.
    3. Fix initialization of a pointer to NULL rather than 0.
    4. Update the unit tests to cater for the changes in 1 and test more explicitly for
       recursive mapping.
2011-11-30 14:08:10 -05:00
Robert Hogan
909e9769ec Address nickm's comments at https://trac.torproject.org/projects/tor/ticket/933#comment:4
1. Implement the following mapping rules:

   MapAddress a.b.c d.e.f # This is what we have now
   MapAddress .a.b.c d.e.f # Replaces any address ending with .a.b.c with d.e.f
   MapAddress .a.b.c .d.e.f # Replaces the .a.b.c at the end of any addr with .d.e.f

   (Note that 'a.b.c .d.e.f' is invalid, and will be rejected.)

2. Add tests for the new rules.

3. Allow proper wildcard annotation, i.e. '*.d.e' '.d.e' will still work.

4. Update addressmap_entry_t with an is_wildcard member.
2011-11-30 14:08:10 -05:00
Robert Hogan
c6d8c6baaa bug933 - Match against super-domains in MapAddress
Allow MapAddress to handle directives such as:

MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1

Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
e718397880 Correct manpage entry for DynamicDHGroups 2011-11-29 18:42:49 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
f4d8ed4b28 Manpage for DisableNetwork 2011-11-28 16:01:47 -05:00
Nick Mathewson
68114ca52c Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
Conflicts:
	src/or/config.c
2011-11-24 23:38:32 -05:00
George Kadianakis
21babd152e Document DynamicPrimes in the manual page. 2011-11-24 22:13:26 +01:00
Robert Ransom
b2212bf9b4 Add Tor2webMode configuration option 2011-11-24 03:54:32 -08:00
Roger Dingledine
e18fa28248 sebastian is the new karsten, i hear 2011-11-23 04:41:46 -05:00
Roger Dingledine
023d8b6cf8 update the man page for the new AuthDirFastGuarantee value 2011-11-21 18:45:44 -05:00
Roger Dingledine
6a76007b08 Merge branch 'maint-0.2.2'
Conflicts:
	src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
97a209ea28 man page entries for AuthDir{Fast,GuardBW}Guarantee 2011-11-21 18:32:32 -05:00
Nick Mathewson
21dd6eae9e Merge remote-tracking branch 'asn-mytor/bug4012_clienttransportplugin' 2011-11-07 11:37:29 -05:00
George Kadianakis
1c532594e7 Added man entry for ClientTransportPlugin. 2011-11-06 00:50:22 +01:00
Roger Dingledine
350fe95259 fix grammar in man page entries from proposal 171 2011-11-03 19:08:25 -04:00
Roger Dingledine
a518dd6650 Merge branch 'maint-0.2.2' 2011-10-25 19:34:42 -04:00
Roger Dingledine
ac115f1125 unmangle the fingerprint example in the man page
Remove a confusing dollar sign from the example fingerprint in the
man page, and also make example fingerprint a valid one.
2011-10-25 18:24:37 -04:00
Roger Dingledine
0e4f5e7cb1 fix default for TokenBucketRefillInterval in man page 2011-09-28 18:23:17 -04:00
Nick Mathewson
41dfc4c19c Make bufferevents work with TokenBucketRefillInterval 2011-09-22 15:07:34 -04:00
Nick Mathewson
1e61184628 Make documentation for TokenBucketRefillInterval match its behavior 2011-09-22 15:07:34 -04:00
Florian Tschorsch
6b1d8321ae New torrc option to allow bucket refill intervals of less than 1 sec
Implements bug3630.
2011-09-22 15:07:23 -04:00
Nick Mathewson
41eef6680e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/dirserv.c
	src/or/networkstatus.c

Conflicts were related to routerinfo->node shift.
2011-09-07 14:51:55 -04:00
Nick Mathewson
dfa6cde4d4 Merge remote-tracking branch 'public/bug2649_squashed' into maint-0.2.2 2011-09-07 14:43:06 -04:00
Roger Dingledine
fe0fa91164 Merge branch 'maint-0.2.2' 2011-09-02 07:23:37 -04:00
Roger Dingledine
e0dae64449 Correct man page: multiple control auth styles can be set at once 2011-09-02 07:01:55 -04:00
Roger Dingledine
3888117318 add another heuristic for making release notes 2011-08-28 21:43:19 -04:00
Nick Mathewson
372262b458 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-08-25 18:55:28 -04:00
Sebastian Hahn
cc33ac362b Mention that HiddenServiceDir must exist 2011-08-25 22:26:54 +02:00
Nick Mathewson
6e923ed8cd Add an OptimisticData option to control client-side optimistic data 2011-07-20 14:14:21 -04:00
Nick Mathewson
12dfb4f5d8 Use socks username/password information in stream isolation 2011-07-19 02:44:12 -04:00
Nick Mathewson
891ccd3cd0 Manpage updates for proposal 171 (isolated streams) 2011-07-19 02:02:18 -04:00
Nick Mathewson
d67b304b20 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-14 09:51:58 -04:00
Sebastian Hahn
5580fbb0c4 Update HACKING with some more release instructions 2011-07-14 09:51:24 -04:00
Nick Mathewson
eee942c5be Merge remote-tracking branch 'origin/maint-0.2.2' 2011-07-06 10:56:47 -04:00
Sebastian Hahn
1a016c9233 Fix weird formatting of html manpage
Asciidoc was inserting <pre> tags for paragraphs that started with a
'+' at the beginning of the line. Instead, we need a space in front of
the plus.
2011-07-06 10:47:06 +02:00
Nick Mathewson
9919b01275 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-22 18:15:27 -04:00
Roger Dingledine
b181985a8f explain that the ./publish should happen soon after the scp
otherwise you scp a tarball up but only one version of the website has it.
2011-06-21 00:37:18 -04:00
intrigeri
8b265543eb Add port 6523 (Gobby) to LongLivedPorts. 2011-06-20 12:08:46 -04:00
Nick Mathewson
a046966baf Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/or.h
2011-06-19 21:00:15 -04:00
Nick Mathewson
cabb16caa9 Revert "Update man page for new UseBridges tristate behaviour."
This reverts commit 40cfad1b5a.
2011-06-17 16:45:23 -04:00
Sebastian Hahn
910dadd6ea Ensure the release tarball contains all manpages
Thanks to Nick for the idea for the fix.
2011-06-12 13:58:53 +02:00
Nick Mathewson
74239f61d2 Move errant doc/nodefamily_routerset into 0.2.3.1-alpha ChangeLog. Fix bug 3373 2011-06-10 01:04:12 -04:00
Robert Ransom
f45261cb29 Increase default required uptime for HSDirs to 25 hours 2011-06-03 12:17:53 -04:00
Robert Ransom
1546054d81 Add a VoteOnHidServDirectoriesV2 configuration option 2011-06-03 12:16:55 -04:00
Nick Mathewson
13ec1bf5c2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-06-03 10:47:35 -04:00
anonym
40cfad1b5a Update man page for new UseBridges tristate behaviour. 2011-06-02 15:11:21 -04:00
Jacob Appelbaum
f79a75f597 New configuration option: DisableDebuggerAttachment
If set to 1, Tor will attempt to prevent basic debugging
attachment attempts by other processes. (Default: 1)

Supports Mac OS X and Gnu/Linux.

Sebastian provided useful feedback and refactoring suggestions.

Signed-off-by: Jacob Appelbaum <jacob@appelbaum.net>
2011-06-01 17:35:43 -07:00
Nick Mathewson
4ac8ff9c9f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-15 20:22:44 -04:00
Sebastian Hahn
4198261291 Clean up the 2972 implementation a little 2011-05-15 20:20:28 -04:00
Jérémy Bobbio
d41ac64ad6 Add UnixSocketsGroupWritable config flag
When running a system-wide instance of Tor on Unix-like systems, having
a ControlSocket is a quite handy mechanism to access Tor control
channel.  But it would be easier if access to the Unix domain socket can
be granted by making control users members of the group running the Tor
process.

This change introduces a UnixSocketsGroupWritable option, which will
create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows
ControlSocket to offer same access control measures than
ControlPort+CookieAuthFileGroupReadable.

See <http://bugs.debian.org/552556> for more details.
2011-05-15 20:20:28 -04:00
Nick Mathewson
600744b4be Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/dirserv.c
	src/or/or.h
2011-05-13 10:48:07 -04:00
Nick Mathewson
7f654a6a6f Add a ControlPortFileGroupWritable option 2011-05-13 10:41:29 -04:00
Nick Mathewson
dad12188a6 Write automatically-chosen control ports to a file. 2011-05-13 10:41:28 -04:00
Nick Mathewson
5fec8fe559 "(Socks|Control|etc)Port auto" now tells Tor to open an arbitrary port
This is the major part of the implementation for trac issue 3076.
2011-05-13 10:41:18 -04:00
Nick Mathewson
8fa7bcead5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-12 11:36:41 -04:00
Nick Mathewson
2c88dd7f95 Clean up a formatting issue on the manpge; bug3154. 2011-05-12 11:36:20 -04:00
Roger Dingledine
6d5478a8a7 Merge branch 'maint-0.2.2' 2011-05-10 23:06:12 -04:00
Roger Dingledine
ec25c1f6ca another changelog heuristic based on 0.2.3.1-alpha 2011-05-10 21:30:55 -04:00
Nick Mathewson
e6980faec4 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/directory.c
2011-05-09 13:39:51 -04:00
Nick Mathewson
09d7af7789 Merge remote-tracking branch 'public/bug3022_v2' into maint-0.2.2 2011-05-09 13:37:56 -04:00
Nick Mathewson
1065a5ef29 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-05 21:54:04 -04:00
Andrew Lewman
be7e8f5bb9 fix the website directions. 2011-05-05 15:28:29 -04:00
Nick Mathewson
4c9bd06d0d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 17:38:33 -04:00
Nick Mathewson
0ee524b57f Merge branch 'bug2379' into maint-0.2.2 2011-05-04 17:37:56 -04:00
Nick Mathewson
699af20e9a Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-04 17:21:44 -04:00
Nick Mathewson
29f1ffa0fe More notes on how to upload tarballs from erinn 2011-05-04 17:21:33 -04:00
Nick Mathewson
b04dca448d Add some missing torrc entries to tor.1.txt
Fixes bug 2379
2011-05-03 22:14:40 -04:00
Nick Mathewson
27b3b7aa58 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-05-02 20:18:28 -04:00
Nick Mathewson
033c27ac5e Add a couple of notes to doc/HACKING based on 0.2.2.25-alpha process 2011-05-02 16:55:50 -04:00
Nick Mathewson
c48d6da24c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-04-29 11:15:11 -04:00
Roger Dingledine
93b0183d3c add another heuristic for changes stanzas 2011-04-29 01:35:21 -04:00
Nick Mathewson
676190e895 Update hacking file with terse notes on formatting changelog 2011-04-28 23:44:48 -04:00
Nick Mathewson
cd42ae7185 Only authorities should automatically download v2 networkstatus documents
Clients and relays haven't used them since early 0.2.0.x.  The only
remaining use by authorities learning about new relays ahead of scedule;
see proposal 147 for what we intend to do about that.

We're leaving in an option (FetchV2Networkstatus) to manually fetch v2
networkstatuses, because apparently dnsel and maybe bwauth want them.

This fixes bug 3022.
2011-04-28 21:06:07 -04:00
Nick Mathewson
78c610eea9 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-04-27 15:20:01 -04:00
Nick Mathewson
8b686d98c4 Merge maint-0.2.2 for the bug1090-part1-squashed branch
Resolved conflicts in:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/circuituse.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/directory.c
	src/or/rendclient.c
	src/or/routerlist.c
	src/or/routerlist.h

These were mostly releated to the routerinfo_t->node_t conversion.
2011-04-27 14:36:30 -04:00
Roger Dingledine
0f48e8fa9a minor tweaks to manpage 2011-04-27 14:04:50 -04:00
Nick Mathewson
2ac768e89f Revise the manpage to contain the actual intended *Nodes behavior
This is a squashed version of my former desired_nodes_behavior branch
that we used to specify the intended results wrt bug 1090.
2011-04-27 13:39:22 -04:00
Nick Mathewson
1a49fdecf8 Tweaks to Cagara's CountPrivateBandwidth patch:
- Document it in the manpage
  - Add a changes entry
  - No need to log when it is set: we don't log for other options.
  - Use doxygen to document the new flag.
  - Test truth of C variables with "if (x)", not "if (x == 1)".
  - Simplify a complex boolean expression by breaking it up.
2011-04-05 16:24:42 -04:00
Nick Mathewson
4740311d18 Merge remote branch 'origin/maint-0.2.2' 2011-03-10 16:11:39 -05:00
Nick Mathewson
48c4d53281 Add a step to the release process: tell trac about the version. 2011-03-10 16:10:53 -05:00
Roger Dingledine
cb3c3c63cb Merge branch 'maint-0.2.2' 2011-03-08 16:14:53 -05:00
Nick Mathewson
f9bb3ced51 Merge remote branch 'origin/maint-0.2.2'
Resolved trivial one-line conflicts.

Conflicts:
	src/or/dirserv.c
	src/or/rephist.c
2011-03-08 16:10:40 -05:00
Roger Dingledine
dbd4a01756 steps roger takes when making a new release 2011-03-08 16:06:32 -05:00
Roger Dingledine
9c72324ae8 update spec locations 2011-03-08 15:31:04 -05:00
Nick Mathewson
d5907e7d9d Merge remote branch 'origin/maint-0.2.2' 2011-03-08 15:23:30 -05:00
Roger Dingledine
95edd51116 make nickm's proposed convention from 2003 be gospel 2011-03-08 14:59:30 -05:00
Nick Mathewson
c6d8e75dc3 Merge remote branch 'origin/maint-0.2.2' 2011-03-04 00:25:14 -05:00
Robert Ransom
88e0de9ebb Fix typo in man page 2011-03-03 10:41:39 -08:00
Nick Mathewson
f16178c08f Merge remote branch 'origin/maint-0.2.2' 2011-02-22 18:25:16 -05:00
Nick Mathewson
530e87ce31 Add some dollar signs in an attempt to appease older asciidocs
We should really require a modern asiidoc: backporting stuff to 8.2 is
a timesink.
2011-02-22 18:24:33 -05:00
Roger Dingledine
108f48dfc7 Merge branch 'maint-0.2.2' 2011-02-22 14:44:32 -05:00
Roger Dingledine
4f730e4f3f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-02-22 14:44:09 -05:00
Roger Dingledine
0ab62a4dc5 prefer https urls 2011-02-22 14:39:09 -05:00
Nick Mathewson
46b07462ae Merge remote branch 'origin/maint-0.2.2' 2011-02-22 13:02:42 -05:00
Nick Mathewson
9d5873cdae Merge branch 'log_domains' into maint-0.2.2 2011-02-22 13:01:02 -05:00
George Kadianakis
ee95430d39 Implement more heartbeat message stuff.
(This squashes multiple commits:

* Adds uptime monitoring support.
* Adds circuit counting code.
* Trivially tweaks the documentation.
* Trivial run_scheduled_events() code tweaking.
* Adds a status.h to export functions.
* Added bandwidth monitoring code.
* Added consensus presense detection code.
* Restricts the precision of the bandwidth output.
* Various fixes.
* Fixed style and spacing problems.
* Tidied up src/or/Makefile.am
* Couple of minor fixes on status.c functions.
* 'Implemented' client heartbeat support
)
2011-02-22 12:40:38 -05:00
Sebastian Hahn
098b6ba72d Initial heartbeat subsystem commit.
Sets:
* Documentation
* Logging domain
* Configuration option
* Scheduled event
* Makefile
It also creates status.c and the log_heartbeat() function.

All code was written by Sebastian Hahn. Commit message was
written by me (George Kadianakis).
2011-02-22 12:40:36 -05:00
Nick Mathewson
b99a8d5427 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	doc/spec/Makefile.am
	doc/spec/control-spec.txt
	doc/spec/dir-spec.txt
	doc/spec/proposals/000-index.txt
	doc/spec/proposals/001-process.txt
	doc/spec/proposals/ideas/xxx-encrypted-services.txt
2011-02-21 16:10:31 -05:00
Nick Mathewson
d673479eba Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	doc/Makefile.am
	doc/spec/Makefile.am
	doc/spec/address-spec.txt
	doc/spec/bridges-spec.txt
	doc/spec/control-spec-v0.txt
	doc/spec/control-spec.txt
	doc/spec/dir-spec-v1.txt
	doc/spec/dir-spec-v2.txt
	doc/spec/dir-spec.txt
	doc/spec/path-spec.txt
	doc/spec/proposals/000-index.txt
	doc/spec/proposals/001-process.txt
	doc/spec/proposals/098-todo.txt
	doc/spec/proposals/099-misc.txt
	doc/spec/proposals/100-tor-spec-udp.txt
	doc/spec/proposals/101-dir-voting.txt
	doc/spec/proposals/102-drop-opt.txt
	doc/spec/proposals/103-multilevel-keys.txt
	doc/spec/proposals/104-short-descriptors.txt
	doc/spec/proposals/105-handshake-revision.txt
	doc/spec/proposals/106-less-tls-constraint.txt
	doc/spec/proposals/107-uptime-sanity-checking.txt
	doc/spec/proposals/108-mtbf-based-stability.txt
	doc/spec/proposals/109-no-sharing-ips.txt
	doc/spec/proposals/110-avoid-infinite-circuits.txt
	doc/spec/proposals/111-local-traffic-priority.txt
	doc/spec/proposals/112-bring-back-pathlencoinweight.txt
	doc/spec/proposals/113-fast-authority-interface.txt
	doc/spec/proposals/114-distributed-storage.txt
	doc/spec/proposals/115-two-hop-paths.txt
	doc/spec/proposals/116-two-hop-paths-from-guard.txt
	doc/spec/proposals/117-ipv6-exits.txt
	doc/spec/proposals/118-multiple-orports.txt
	doc/spec/proposals/119-controlport-auth.txt
	doc/spec/proposals/120-shutdown-descriptors.txt
	doc/spec/proposals/121-hidden-service-authentication.txt
	doc/spec/proposals/122-unnamed-flag.txt
	doc/spec/proposals/123-autonaming.txt
	doc/spec/proposals/124-tls-certificates.txt
	doc/spec/proposals/125-bridges.txt
	doc/spec/proposals/126-geoip-reporting.txt
	doc/spec/proposals/127-dirport-mirrors-downloads.txt
	doc/spec/proposals/128-bridge-families.txt
	doc/spec/proposals/129-reject-plaintext-ports.txt
	doc/spec/proposals/130-v2-conn-protocol.txt
	doc/spec/proposals/131-verify-tor-usage.txt
	doc/spec/proposals/132-browser-check-tor-service.txt
	doc/spec/proposals/134-robust-voting.txt
	doc/spec/proposals/135-private-tor-networks.txt
	doc/spec/proposals/137-bootstrap-phases.txt
	doc/spec/proposals/138-remove-down-routers-from-consensus.txt
	doc/spec/proposals/140-consensus-diffs.txt
	doc/spec/proposals/141-jit-sd-downloads.txt
	doc/spec/proposals/142-combine-intro-and-rend-points.txt
	doc/spec/proposals/143-distributed-storage-improvements.txt
	doc/spec/proposals/145-newguard-flag.txt
	doc/spec/proposals/146-long-term-stability.txt
	doc/spec/proposals/147-prevoting-opinions.txt
	doc/spec/proposals/148-uniform-client-end-reason.txt
	doc/spec/proposals/149-using-netinfo-data.txt
	doc/spec/proposals/150-exclude-exit-nodes.txt
	doc/spec/proposals/151-path-selection-improvements.txt
	doc/spec/proposals/152-single-hop-circuits.txt
	doc/spec/proposals/153-automatic-software-update-protocol.txt
	doc/spec/proposals/154-automatic-updates.txt
	doc/spec/proposals/155-four-hidden-service-improvements.txt
	doc/spec/proposals/156-tracking-blocked-ports.txt
	doc/spec/proposals/157-specific-cert-download.txt
	doc/spec/proposals/158-microdescriptors.txt
	doc/spec/proposals/159-exit-scanning.txt
	doc/spec/proposals/ideas/xxx-hide-platform.txt
	doc/spec/proposals/ideas/xxx-port-knocking.txt
	doc/spec/proposals/ideas/xxx-separate-streams-by-port.txt
	doc/spec/proposals/ideas/xxx-what-uses-sha1.txt
	doc/spec/proposals/reindex.py
	doc/spec/rend-spec.txt
	doc/spec/socks-extensions.txt
	doc/spec/tor-spec.txt
	doc/spec/version-spec.txt
2011-02-21 16:09:23 -05:00
Nick Mathewson
7bdb7d4811 Remove specs from 0.2.1 branch: they have moved to a new repository. 2011-02-21 16:02:16 -05:00
Jacob Appelbaum
2f36489422 latest revision of cert normalization spec 2011-02-21 13:45:57 -05:00
Nick Mathewson
0a69355794 Add fixed string and nonce to prop 176 at suggestion from agl 2011-02-21 13:45:00 -05:00
Jacob Appelbaum
400a5a7ddd Add TLS/cert normalization spec draft 2011-02-18 16:04:23 -05:00
Jacob Appelbaum
38224f95a6 Quick patch to pluggable transport spec 2011-02-18 16:03:31 -05:00
Nick Mathewson
c1c8f51d77 Add proposal 177: Abstaining from votes on individual flags 2011-02-14 14:22:30 -05:00
Roger Dingledine
6ce217731c get a proposal i started last month into git 2011-02-14 05:59:43 -05:00
Nick Mathewson
c79a24f505 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-02-10 16:01:29 -05:00
Nick Mathewson
d37660d3f3 Merge remote-tracking branch 'rransom/bug2089' into maint-0.2.2 2011-02-10 16:01:19 -05:00
Nick Mathewson
f1a004797e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	doc/tor.1.txt
2011-02-10 15:52:04 -05:00
Robert Ransom
6f07363e72 Document what descriptors HSAuthoritativeDir serves
Fixes bug 2089.
2011-02-10 11:06:05 -08:00
Robert Ransom
20d493308a Update documentation for PublishServerDescriptor (0.2.2.x) 2011-02-09 03:20:43 -08:00
Robert Ransom
5fc6967956 Update documentation for PublishServerDescriptor 2011-02-09 02:33:24 -08:00
Nick Mathewson
3bcba6d716 Merge remote branch 'origin/maint-0.2.2' 2011-02-07 12:51:34 -05:00
Nick Mathewson
fcf3eb03bd typo in manpage fix 2011-02-07 12:51:20 -05:00
Nick Mathewson
ff5810aea9 Merge remote branch 'origin/maint-0.2.2' 2011-02-07 12:47:04 -05:00
Nick Mathewson
98cef0ac1e Merge branch 'bug2279' into maint-0.2.2 2011-02-07 12:43:54 -05:00
Nick Mathewson
e854e01d57 Some cleanups to bug2279 messages/docs from rransom 2011-02-07 12:40:43 -05:00
Nick Mathewson
69f7c0385b Merge remote branch 'origin/maint-0.2.2' for bug2203_rebased
There was a merge conflict in routerlist.c due to the new node_t logic.

Conflicts:
	src/or/routerlist.c
2011-02-04 12:26:59 -05:00
Nick Mathewson
e9803aa710 Merge branch 'bug2203_rebased' into maint-0.2.2 2011-02-04 12:22:18 -05:00
Nick Mathewson
0fcb677e8a tweak xxx-pluggable-transport based on comments from sjmurdoch 2011-02-02 15:34:59 -05:00
Nick Mathewson
5815d73f92 Proposal 176: proposed v3 handshake 2011-01-31 21:49:21 -05:00
Nick Mathewson
8d503d79c1 Add suggestion by Nikita to Proposal 171 2011-01-31 17:26:42 -05:00
Sebastian Hahn
f2bb7b17d7 Remove country codes from EntryNodes manpage entry 2011-01-28 14:19:28 +01:00
Nick Mathewson
32dc51258b Merge remote branch 'karsten/cbtdirspec' 2011-01-26 15:25:51 -05:00
Nick Mathewson
30111a3a01 add documentation for ClientRejectInternalAddresses 2011-01-26 12:08:52 -05:00
Nick Mathewson
0337fc7b06 Merge remote branch 'origin/maint-0.2.2' 2011-01-26 11:49:41 -05:00
Nick Mathewson
1dd98891d7 Explain soft shutdown mode a little better in the accountingmax documentation 2011-01-26 11:45:37 -05:00
Nick Mathewson
5774ada5d2 Fix typo in dir-spec.txt [found by sebastian] 2011-01-26 11:41:33 -05:00
Nick Mathewson
411ec3c0f8 Add client code to detect attempts to connect to 127.0.0.1 etc
We detect and reject said attempts if there is no chosen exit node or
circuit: connecting to a private addr via a randomly chosen exit node
will usually fail (if all exits reject private addresses), is always
ill-defined (you're not asking for any particular host or service),
and usually an error (you've configured all requests to go over Tor
when you really wanted to configure all _remote_ requests to go over
Tor).

This can also help detect forwarding loop requests.

Found as part of bug2279.
2011-01-25 20:39:44 -05:00
Nick Mathewson
ffc3caf8d5 Describe consensus method 11 in dir-spec.txt 2011-01-25 17:49:50 -05:00
Nick Mathewson
89ee779f92 Add a torrc option to report log domains 2011-01-25 15:53:15 -05:00
Nick Mathewson
e261a1a3e6 Simplify syntax for negated log domains
Previously if you wanted to say "All messages except network
messages", you needed to say "[*,~net]" and if you said "[~net]" by
mistake, you would get no messages at all.  Now, if you say "[~net]",
you get everything except networking messages.
2011-01-25 15:03:36 -05:00
Nick Mathewson
23f8bedddb Add manpage entry for logging domains
Fixes issue 2215.
2011-01-25 15:02:36 -05:00
Karsten Loesing
3bd3437538 List circuit build time related consensus params in dir-spec.txt. 2011-01-19 08:43:33 +01:00
Roger Dingledine
4ff97e3775 Merge branch 'maint-0.2.2' 2011-01-15 22:39:15 -05:00
Sebastian Hahn
a1860cc3f1 Update the spec with the new bounds 2011-01-15 19:50:06 +01:00
Sebastian Hahn
932e5c3cf0 Fix a typo spotted by Roger 2011-01-15 19:42:17 +01:00
Sebastian Hahn
026e7987ad Sanity-check consensus param values
We need to make sure that the worst thing that a weird consensus param
can do to us is to break our Tor (and only if the other Tors are
reliably broken in the same way) so that the majority of directory
authorities can't pull any attacks that are worse than the DoS that
they can trigger by simply shutting down.

One of these worse things was the cbtnummodes parameter, which could
lead to heap corruption on some systems if the value was sufficiently
large.

This commit fixes this particular issue and also introduces sanity
checking for all consensus parameters.
2011-01-15 19:42:17 +01:00
Nick Mathewson
9bbb4a1b40 Merge remote branch 'origin/maint-0.2.2' 2011-01-09 15:43:05 -05:00
Nick Mathewson
732275bb81 Describe tor-resolve defaults. Bug 2364. 2011-01-09 15:40:40 -05:00
Damian Johnson
6661e16e7c GETINFO options for querying traffic usage
This was originally a patch provided by pipe
(http://www.mail-archive.com/or-talk@freehaven.net/msg13085.html) to
provide a method for controllers to query the total amount of traffic
tor has handled (this is a frequently requested piece of information
by relay operators).
2011-01-07 12:15:14 -05:00
Damian Johnson
8708ffa655 Implementing getinfo options for the pid, uid, user, and descriptor limit as per proposal 173. 2011-01-03 12:04:56 -05:00
Nick Mathewson
d051751d71 Reformat circuit crypto requirements as a proposal-like document 2010-12-14 23:31:42 -05:00
Nick Mathewson
1361376e14 Add start of rransom's notes on tor crypto requirements 2010-12-14 23:22:21 -05:00
Robert Ransom
9776ba7fa4 List another place router identity keys are used. 2010-12-13 22:42:11 -08:00
Robert Ransom
021e4ac07e Fix typos. 2010-12-13 22:34:10 -08:00
Nick Mathewson
462185d180 Add a proposal-ideas document for crypto migration. 2010-12-13 23:39:54 -05:00
Nick Mathewson
2118028c50 start reformatting and editing the pluggable-transport proposal 2010-12-11 04:18:15 -05:00
Nick Mathewson
1fb3a60f54 convert draft pluggable transport proposal to plaintext 2010-12-10 14:34:26 -05:00
Nick Mathewson
ed0eeed835 Merge branch 'isolated-streams'
Conflicts:
	doc/spec/proposals/000-index.txt
2010-12-07 11:02:10 -05:00
Nick Mathewson
a1e46c5393 Revise proposal 171 from start to finish
The big semantic change is to make the IsolateFoo options exist on a
per-client-port basis.
2010-12-07 11:00:10 -05:00
Karsten Loesing
8db10c6d2f Write bidirectional connection stats in single line.
There's no need to have a separate line conn-stats-end for the end date
and interval length with only a single line conn-bi-direct following.
2010-12-03 16:47:53 +01:00
Karsten Loesing
076a688d76 Add ChangeLog entry and man page entry. 2010-12-03 16:47:52 +01:00
Karsten Loesing
5dfdf075ac Add metric on uni/bidirectional connection usage. 2010-12-03 16:47:51 +01:00
Nick Mathewson
7ce8f5c621 Merge remote branch 'origin/maint-0.2.2' 2010-12-01 12:45:38 -05:00
Poet (Tim Sally)
31b69027d3 Specified grammars for orconn-status and entry-guards for Tor versions 0.1.2.2-alpha through 0.2.2.1-alpha with feature VERBOSE_NAMES turned off. 2010-12-01 12:44:48 -05:00
Poet (Tim Sally)
45c302efe0 Correct information about support for guards being called helper nodes.
The spec stated that support for the helper-nodes command would be removed
in 0.1.3.x, however support for this command is still in Tor. Updated the spec
to reflect this and added a node that the command is deprecated.
2010-12-01 12:44:48 -05:00
Poet (Tim Sally)
87158368dc Correct grammars to reflect that VERBOSE_NAMES is part of the protocol.
Several updates to grammars for events and GETINFO results.  All relate
to the fact that LongName has replaced ServerID since 0.2.2.1-alpha. See
documentation of VERBOSE_NAMES for more information. The following
grammars were changed:
  * orconn-status GETINFO result
  * entry-guards GETINFO result
  * Path general token
  * OR Connection status changed event
  * New descriptors available event
In all cases a note was added about when the old grammar applies.
2010-12-01 12:44:48 -05:00
Poet (Tim Sally)
608bad6e32 Several changes to the way tokens describing servers are documented.
(1) Made the wording of the comments consistant with token names.
Digest/Fingerprint and Name/Nickname were being used interchangeably.
Better to just use Fingerprint and Nickname becuase they are the names
of the tokens.

(2) Places the tokens currently in use before the tokens used in older
versions.  ServerSpec should be documented before ServerID.

(3) Added a note to the comments about ServerID that cross reference
the VERBOSE_FEATURE, allowing users to see when and why ServerID was
replaced with LongName.
2010-12-01 12:44:48 -05:00
Poet (Tim Sally)
cff180f8b0 Clarify description of FEATURES in control-spec.
(1) On by default is a bad way to describe features. Rather, they
are always on and should be viewed as a part of the control
protocol. Updated the wording in USEFEATURE to reflect this.

(2) Made descriptions of Tor versions consistant across all
features. There is the version in which a feature was introduced and
the version in which it became part of the protocol.

(3) Reworded the description of the VERBOSE_NAMES feature. The
previous wording describes the way things used to be first. Better to
lead with the current state of things and then describe how it differs
from old versions.
2010-12-01 12:44:48 -05:00
Nick Mathewson
c4d2a55a88 Rename proposal 171 file 2010-11-27 15:59:08 -05:00
Roger Dingledine
2d6ee53fb9 stop shipping doc/img and doc/website in the tarball 2010-11-23 00:03:50 -05:00
Nick Mathewson
8f74e6ce26 Add some caveats to the signal event 2010-11-19 15:52:10 -05:00
John Brooks
7441999738 Add a SIGNAL event for control connections
Implements ticket #1955
2010-11-19 15:49:54 -05:00
Nick Mathewson
8c2affe637 Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
	src/or/cpuworker.c
2010-11-15 14:14:13 -05:00
Nick Mathewson
ac2c0cb587 Make the coducmentation for SingleHop stuff slightly more dire 2010-11-15 14:09:32 -05:00
Nick Mathewson
433a98131a Merge remote branch 'sebastian/manpagefixups' into maint-0.2.2 2010-11-15 14:07:00 -05:00
Nick Mathewson
3d7772ece3 Merge remote branch 'karsten/enhancement1883' 2010-11-12 14:13:17 -05:00
Nick Mathewson
223fc208f6 Split long lines in configure.in and Makefile.am files
Having very long single lines with lots and lots of things in them
tends to make files hard to diff and hard to merge.  Since our tools
are one-line-at-a-time, we should try to construct lists that way too,
within reason.

This incidentally turned up a few headers in configure.in that we were
for some reason searching for twice.
2010-11-11 14:22:48 -05:00
Nick Mathewson
2b4ed1d07e Merge remote branch 'origin/maint-0.2.2'
Conflicts:
	configure.in
2010-11-11 13:59:18 -05:00
Sebastian Hahn
6bde512edc Document hs dht min uptime change in privnets
In f87c6f100d we made it so that MinUptimeHidServDirectoryV2
defaults to 0 if TestingTorNetwork is set. Add a manpage entry and a
changes file.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
bae80eef4b Document the AllowSingleHopExits option 2010-11-10 15:48:26 +01:00
Sebastian Hahn
0b05f05bbf Improve documentation for RelayBandwdith* options
Jesse Adelman noticed that we don't currently describe what
happens very well.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
6de673076f Add V3BandwidthsFile to the manpage 2010-11-10 15:48:26 +01:00
Sebastian Hahn
556a1b9e45 Change Natd into NATD in our options.
Breaking this out of the last commit because this might be more
controversial.
2010-11-10 15:48:26 +01:00
Sebastian Hahn
87a0e733d1 Fix a typo in the manpage 2010-11-10 15:48:25 +01:00
Sebastian Hahn
fcdf1470c0 Remove everything related to os x expert package
We decided to no longer ship expert packages for OS X because they're a
lot of trouble to keep maintained and confuse users. For those who want
a tor on OS X without Vidalia, macports is a fine option. Alternatively,
building from source is easy, too.

The polipo stuff that is still required for the Vidalia bundle build can
now be found in the torbrowser repository,
git://git.torproject.org/torbrowser.git.
2010-11-10 04:04:29 +01:00
Karsten Loesing
423c2a7a27 Add GeoIP file digest to extra-info descriptor. 2010-11-09 09:42:36 +01:00
Nick Mathewson
1fb342dfab Merge branch 'loggranularity' 2010-11-08 12:40:33 -05:00
Karsten Loesing
ed45bc198f Fix log granularity based on Nick's comments.
Instead of rejecting a value that doesn't divide into 1 second, round to
the nearest divisor of 1 second and warn.

Document that the option only controls the granularity written by Tor to a
file or console log. It does not (for example) "batch up" log messages to
affect times logged by a controller, times attached to syslog messages, or
the mtime fields on log files.
2010-11-08 17:38:59 +01:00
Nick Mathewson
8c837db38f Merge branch 'nodes' 2010-10-13 16:04:25 -04:00
Nick Mathewson
64535a401b Merge remote branch 'origin/maint-0.2.2' 2010-10-04 12:58:35 -04:00
Nick Mathewson
1fa50c778c Clarify PublishServerDescriptor even more 2010-10-04 12:58:20 -04:00
Karsten Loesing
8c5ba9388b Make logging resolution configurable.
Implements enhancement 1668.
2010-10-04 08:15:18 +02:00
Nick Mathewson
f9ea242aca Implement node-based router family code
Also, make the NodeFamily option into a list of routersets.  This
lets us git rid of router_in_nickname_list (or whatever it was
called) without porting it to work with nodes, and also lets people
specify country codes and IP ranges in NodeFamily
2010-10-01 18:14:27 -04:00
Robert Ransom
8d87040e13 Describe BridgeRelay and PublishServerDescriptor more correctly. 2010-09-30 23:43:19 -07:00
Nick Mathewson
1b2120654c Merge remote branch 'sebastian/fw-helper-manpage' 2010-09-30 22:24:18 -04:00
Roger Dingledine
5b7669130b renumber, clean whitespace 2010-09-30 22:04:52 -04:00
Roger Dingledine
6de26d2bc8 give steven's everybody-a-bridge proposal a number 2010-09-30 22:04:52 -04:00
Steven Murdoch
60842424ae Add comments from nickm and arma, from IRC 2010-09-30 22:04:52 -04:00
Steven Murdoch
2ba53aca76 Add algorithm and rationale for performance measurement 2010-09-30 22:04:52 -04:00
Steven Murdoch
df3911ded8 In the migration plan, mention how to prevent overloading the bridge authority 2010-09-30 22:04:52 -04:00
Steven Murdoch
ac55247350 Integrate more feedback from IRC
- For now we are only talking about moving clients to be bridges

- Some questions on how we should inform users
2010-09-30 22:04:52 -04:00
Steven Murdoch
d3d411533c Add some open questions, and mention Roger's idea about asking for consent via email 2010-09-30 22:04:52 -04:00
Steven Murdoch
60d416a564 Note that we only can't handle automatic demotion. Users can always change their state manually. 2010-09-30 22:04:51 -04:00
Steven Murdoch
b112ecbcd9 Change "server" to "relay", so as to match existing terminology 2010-09-30 22:04:51 -04:00
Steven Murdoch
6008fcf863 Start idea xxx-automatic-node-promotion
- Initial draft of overview and motivation
- Start of design
2010-09-30 22:04:51 -04:00
Sebastian Hahn
d67bdddec5 Build the tor-fw-helper manpage
So far we just had the asciidoc manpage, but didn't build it.
2010-09-30 23:13:24 +02:00
Steven Murdoch
a6dc00fa75 Start tor-fw-helper in the background, and log whatever it outputs 2010-09-30 11:40:37 -04:00
Jacob Appelbaum
3eaa9a376c Changes to tor-fw-helper, some based on Nick's review
* MINIUPNPC rather than the generic UPNP
 * Nick suggested a better abstraction model for tor-fw-helper
 * Fix autoconf to build with either natpmp or miniupnpc
 * Add AM_PROG_CC_C_O to fix automake complaint
 * update spec to address nickm's concern
 * refactor nat-pmp to match upnp state
 * we prefer tor_snprintf to snprintf
 * link properlty for tor_snprintf
 * rename test_commandline_options to log_commandline_options
 * cast this uint as an int
 * detect possible FD_SETSIZE errors
 * make note about future enhancements for natpmp
 * add upnp enhancement note
 * ChangeLog entry
 * doxygen and check-spaces cleanup
 * create tor-fw-helper.1.txt
2010-09-30 11:39:34 -04:00
Jacob Appelbaum
9cc76cf005 First implementation of tor-fw-helper.
tor-fw-helper is a command-line tool to wrap and abstract various
firewall port-forwarding tools.

This commit matches the state of Jacob's tor-fw-helper branch as of
23 September 2010.

  (commit msg by Nick)
2010-09-30 11:37:53 -04:00
Roger Dingledine
355fc63790 Merge branch 'maint-0.2.2' 2010-09-29 17:21:43 -04:00
Roger Dingledine
48cd096276 Merge commit 'mikeperry/bug1739' into maint-0.2.2 2010-09-29 17:17:59 -04:00
Mike Perry
c5b5643965 Send control port events for timeouts.
We now differentiate between timeouts and cutoffs by the REASON string and
the PURPOSE string.
2010-09-29 11:46:36 -07:00
Nick Mathewson
f3e8bc391a Remove the has_old_dnsworkers flag. 2010-09-28 23:37:45 -04:00
Nick Mathewson
73d93c033d Autodetect the number of CPUs when possible if NumCPUs==0
This is needed for IOCP, since telling the IOCP backend about all
your CPUs is a good idea.  It'll also come in handy with asn's
multithreaded crypto stuff, and for people who run servers without
reading the manual.
2010-09-28 14:42:21 -04:00
Nick Mathewson
c612ddee17 Add a new option to enable/disable IOCP support 2010-09-28 14:01:45 -04:00
Roger Dingledine
a467bf5fbb a dir-spec entry for refuseunknownexits
plus quiet a log line
2010-09-27 18:32:09 -04:00
Nick Mathewson
7c83b0a2a2 Merge branch 'refuseunknown' into maint-0.2.2 2010-09-27 17:15:57 -04:00
Sebastian Hahn
8ac2de5ab9 Add RefuseUnknownExits to the manpage 2010-09-27 17:15:41 -04:00
Nick Mathewson
1cbdbff961 Merge remote branch 'mikeperry/bug1952-merge' into maint-0.2.2 2010-09-27 12:17:41 -04:00
Mike Perry
7af0aa25d8 Update dir-spec.txt with new weight constraints. 2010-09-27 09:11:55 -07:00
Nick Mathewson
c8e1538a0b Merge remote branch 'sebastian/continuation' 2010-09-24 13:43:55 -04:00
John Brooks
fb34c66e83 Correct default for RendPostPeriod in docs 2010-09-21 01:05:47 -04:00
Roger Dingledine
0ac67bf3c3 perconnbwrate and perconnbwburst consensus params 2010-09-16 00:17:39 -04:00
Roger Dingledine
277295efc1 circwindow consensus param != CircWindow
aka update dir-spec.txt to reflect reality
2010-09-15 17:55:30 -04:00
Nick Mathewson
c18bcc8a55 Merge branch 'bug1184' 2010-09-15 14:20:28 -04:00
Nick Mathewson
69508d04a2 tor-spec.txt tweaks from arma 2010-09-15 13:08:44 -04:00
Nick Mathewson
2be5effe9a Initial oprofile instructions based on original by weasel. 2010-09-12 19:37:04 -04:00
Sebastian Hahn
1dab6cf4cb Document multiline options in the manpage 2010-09-11 01:44:20 +02:00
Jacob Appelbaum
6451519fa3 This change creates proposal 171: 171-separate-streams-by-port-or-host.txt
This numbers the proposal to reflect the current discussion on or-dev and irc
This change updates the proposal index to reflect prop 171
This change also includes an update about Nick blessing me as a proposal editor

Proposal 171 is the product of many comments from many contributors including
but not limited to:

    Damon McCoy
    Linus Nordberg
    Nick Matthewson
    Robert Hogan
    Robert Ransom
    Sebastian Hahn
2010-08-30 18:43:49 -07:00
Nick Mathewson
2804c6b7ff Merge commit 'karsten/rendspec-koryk' 2010-08-25 16:44:37 -04:00
Nick Mathewson
a509dbba50 Merge commit 'karsten/dirbytes2'
Conflicts:
	src/or/rephist.h
2010-08-18 10:06:14 -04:00
Karsten Loesing
db94b7f46e Count bytes we spend on answering directory requests. 2010-08-18 13:54:41 +02:00
Karsten Loesing
8e8a34eb74 Add koryk's modifications to rend-spec. 2010-08-17 10:02:07 +02:00
Nick Mathewson
9bcea4a8ef Merge commit 'sebastian/misc-reason' 2010-08-15 21:27:32 -04:00
Nick Mathewson
a5d8ed7990 Merge commit 'karsten/stats-manpage' 2010-08-15 20:23:50 -04:00
Karsten Loesing
8dadc7a7aa Update man page, now that *Statistics can be changed while Tor is running. 2010-08-15 15:51:31 +02:00
Roger Dingledine
1ac1f048ef minor formatting / comment fixes 2010-08-13 17:18:45 -04:00
Sebastian Hahn
2d8db2aacb Fix url in rend-spec
Fixes bug 1822
2010-08-12 02:40:19 +02:00
Chris Ball
16970d83cc doc/HACKING: Explain how to find when a given change was introduced 2010-08-12 02:38:58 +02:00
Sebastian Hahn
28962ecae8 Fix a typo in control-spec 2010-08-12 02:38:58 +02:00
Linus Nordberg
0b96abe74f Bug #1773: Revert bad fix (4ef609b8) and do it properly.
* doc/Makefile.am: Move $(VAR:MOD) expansions inside "if USE_ASCIIDOC".
* doc/Makefile.am: Use proper variable name for text input files.
* doc/Makefile.am: Initialize vars to empty when !USE_ASCIIDOC.
2010-08-11 09:41:34 -04:00
Sebastian Hahn
161b275028 Retry streams that ended with NOROUTE error
Also add the NOROUTE reason to control-spec.
2010-08-04 00:51:39 +02:00
Nick Mathewson
cafd868a78 Clarify that implementation is for discussion of implementation 2010-08-03 14:25:07 -04:00
Nick Mathewson
d5abd0b43e Add proposal 174 from Ian Goldberg: Optimistic Data for Tor: Server Side 2010-08-03 14:23:51 -04:00
Nick Mathewson
9d317e9bb4 Bless two proposals from Damian Johnson as 172 and 173.
(Leaving a gap for the proposal Jake blessed as 171.)
2010-08-03 13:23:34 -04:00
Sebastian Hahn
4e3373f7fe Make tor-spec wording easier to understand 2010-08-03 17:28:19 +02:00
Sebastian Hahn
150ed553df Introduce END_STREAM_REASON_NOROUTE 2010-08-03 16:46:28 +02:00
Nick Mathewson
b4e2d0607d Merge commit 'sebastian/distcheck' 2010-08-03 10:07:57 -04:00
Nick Mathewson
05fa0a3ef6 Merge commit 'sebastian/rend-spec' 2010-08-03 09:16:24 -04:00
Sebastian Hahn
8557f64220 Clarify that rend cookies shouldn't be reused 2010-08-03 14:48:17 +02:00
Karsten Loesing
b3b3c919c6 Fix copy-and-paste fail in dir-spec.txt. 2010-08-03 13:12:06 +02:00
Sebastian Hahn
ddf5020ea8 Fix 'make distcheck'
We were leaving doc/config.log and src/or/micro-revision.i in
place during a make clean. Fix that.
2010-08-03 00:48:59 +02:00
Nick Mathewson
c4b83b2177 Clarify that TRUNCATE behavior isn't as-intended
In tor-spec.txt, instead of saying "nodes may X" instead say "Current
nodes do X; this is nonconformant. Clients should watch out for that."

Based on observations by wanoskarnet.
2010-08-02 12:28:25 -04:00
Nick Mathewson
883af78a9d Clarify that cmd-line options override torrc options 2010-07-31 13:23:41 -04:00
Nick Mathewson
6f45101327 Clear cell queues when marking or truncating a circuit.
At best, this patch helps us avoid sending queued relayed cells that
would get ignored during the time between when a destroy cell is
sent and when the circuit is finally freed.  At worst, it lets us
release some memory a little earlier than it would otherwise.

Fix for bug #1184.  Bugfix on 0.2.0.1-alpha.
2010-07-30 18:55:24 -04:00
Nick Mathewson
15424bf800 Document 20KB requirement in BandwidthRate documentation
This fixes the last suggestion of bug #1195.
2010-07-30 18:00:43 -04:00
Nick Mathewson
7409929917 Merge commit 'karsten/rendspec-master' 2010-07-30 11:45:22 -04:00
Linus Nordberg
4ef609b886 Fix compilation issue in doc/Makefile.am on NetBSD
* doc/Makefile.am: Change $(VAR:MOD) to ${VAR:MOD} -- make(1) on
NetBSD substitutes '$(:x)' to 'x' rather than the empty string.  This
bites us in doc/ when configured with `--disable-asciidoc'.  Curly
braces should work in all implementations of make(1) but this patch
changes only the places where we use the VAR:MOD expansion.
2010-07-30 11:34:52 -04:00
Karsten Loesing
1cf6da821c Add two authoritzation protocols to rend-spec.txt. 2010-07-30 10:33:28 +02:00
Karsten Loesing
9ecb64c44d Clean up Section 1 of rend-spec.txt. 2010-07-30 10:33:28 +02:00
Karsten Loesing
6e4c06598f Interchange sections 1.2 and 1.3. 2010-07-30 10:29:14 +02:00
Karsten Loesing
f6e0dc2a6e Rename all RELAY_* cell types to RELAY_COMMAND_*. 2010-07-30 10:28:07 +02:00
Jacob Appelbaum
64fc64c943 remove old xxx-separate-streams-by-port.txt idea 2010-07-22 18:14:31 +02:00
Mike Perry
9d5d0f040f Alter how guard flags are chosen.
V3 authorities no longer decide not to vote on Guard+Exit. The bandwidth
weights should take care of this now.

Also, lower the max threshold for WFU to 0.98, to allow more nodes to become
guards.
2010-07-14 20:49:19 -07:00
Roger Dingledine
6048571100 fetching a directory on sighup is years out of date 2010-07-14 13:48:09 -04:00
Nick Mathewson
f72c6f91de Remove TODO items that are either done or moved to the tracker 2010-07-06 18:10:53 -04:00
Nick Mathewson
bea55766af Merge remote branch 'mikeperry/cbt-bugfixes3' 2010-06-29 18:57:50 -04:00
Nick Mathewson
deb9e4aff7 Make spec docs reference RFC2119
Now people will have no excuse for not knowing what "MUST" and "MAY"
mean.  Fixes bug 1310.
2010-06-25 14:58:25 -04:00
Mike Perry
2abe1ceccf Add CLOSE_MS and CLOSE_RATE keywords to buildtimeout event. 2010-06-15 20:04:49 -07:00
Nick Mathewson
faef0fa35d Merge commit 'sjmurdoch/xxx-using-spdy' 2010-06-11 13:25:38 -04:00
Nick Mathewson
945633476a Merge commit 'sebastian/hostnamewarn' 2010-06-11 13:21:31 -04:00
Mike Perry
81736f426f Update spec with new right-censored pareto estimators. 2010-06-09 00:22:39 -07:00
Nick Mathewson
f4f11adf4c In asciidoc-helper.sh, be more verbose when a2x fails.
Previously, we said (more or less), "a2x is broken and here's how you could
try to fix it".  Instead, we now say "We need a2x to build manpages; a2x
didn't work; here is a fix that might work for you; alternatively you
could just skip manpage building."

Addresses bug 1524.

Also, give the message as a here-document rather than a bunch of echos.
2010-06-07 11:40:42 -04:00
Sebastian Hahn
10fdb9ee0a Add option to not warn when getting an IP instead of hostname 2010-06-07 12:44:25 +02:00
Nick Mathewson
2eec9ea4e8 Clean up "Address" documentation even harder. 2010-06-01 10:53:32 -04:00
Mike Perry
29e0d70814 Bug 1296: Add option+logic to disable CBT learning.
There are now four ways that CBT can be disabled:

1. Network-wide, with the cbtdisabled consensus param.
2. Via config, with "LearnCircuitBuildTimeout 0"
3. Via config, with "AuthoritativeDirectory 1"
4. Via a state file write failure.
2010-05-10 13:11:48 -07:00
Mike Perry
e84025bc2b Update path-spec.txt with contents of proposal 151. 2010-05-10 12:59:05 -07:00
Mike Perry
835ab53102 Add a TIMEOUT_RATE keyword to buildtimeout event. 2010-05-10 12:59:05 -07:00
Sebastian Hahn
b3b2a57bbf Clarify the implications of the "Address" option
Fixes bug 1381
2010-05-02 00:38:22 +02:00
Sebastian Hahn
41c0d52810 check-speces is a typo. 2010-04-27 19:01:08 +02:00
Nick Mathewson
8ec5f939a6 Add new sections to the HACKING file
The main changes are to explain how we use git branches, how we use
changes files, and what should go into a patch.  Putting these in
HACKING means that we shouldn't need to constantly refer to the or-dev
emails where we explain this stuff.
2010-04-27 12:24:35 -04:00
Nick Mathewson
b92ef5fa0e Convert HACKING file to asciidoc: I am tired of re-numbering the sections. 2010-04-16 12:58:13 -04:00
Nick Mathewson
96a0edf373 Rename CircPriorityHalflifeMsec to CircuitPriorityHalflifeMsec
Everything that accepted the 'Circ' name handled it wrong, so even now
that we fixed the handling of the parameter, we wouldn't be able to
set it without making all the 0.2.2.7..0.2.2.10 relays act wonky.
This patch makes Tors accept the 'Circuit' name instead, so we can
turn on circuit priorities without confusing the versions that treated
the 'Circ' name as occasion to act weird.
2010-04-13 13:29:30 -04:00
Sebastian Hahn
a8089027e2 Mention libxml2-utils in our asciidoc dependencies
Zax from #tor noticed that while we list docbook-xsl and docbook-xml
in our helpful error text when making the docs fails, we forgot to
also list libxml2-utils. Let's add that.
2010-03-30 14:53:30 +02:00
Nick Mathewson
28cda33299 Add a missing NL to dir-spec.
Found by Oğuz
2010-03-21 12:45:01 -04:00
Nick Mathewson
03b9c2cb90 fix some dangling refs in dirspec 2010-03-15 15:41:59 -04:00
Steven Murdoch
9e473bd1be Update idea xxx-using-spdy, based on or-dev discussion
- Mention potentially negative consequence of server push, combined
  with client caching

- Make the new cell type more generic, allowing other types of
  exit-side transforms (suggested by nickm)

See http://archives.seul.org/or/dev/Feb-2010/msg00000.html
2010-03-14 19:07:52 +00:00
Nick Mathewson
f8d176d1b9 Clarify title of section 3.3 2010-03-13 14:54:05 -05:00
Steven Murdoch
9c315bda0e Add new idea: Using the SPDY protocol to improve Tor performance 2010-03-12 21:17:46 +00:00
Nick Mathewson
2d29c7be2d Document possibility of "unknown" version state.
reported by atagar; fixes bug 1289.
2010-03-09 00:08:38 -05:00
Sebastian Hahn
fca673bcd3 Don't require asciidoc when building Tor from a tarball
If asciidoc is required, the user receives an error message telling
them about the --disable-asciidoc configure switch and the build
breaks.
2010-03-09 03:00:59 +01:00
Nick Mathewson
ac8b8bca11 Clarify that CRLF means "A CR then an LF". Explain what those are.
Apparently this is not as obvious as I thought.
2010-03-05 17:00:42 -05:00
Nick Mathewson
8719748767 Merge commit 'sebastian/manpage' 2010-03-04 23:30:53 -05:00
Sebastian Hahn
f3003d588f Add proposal 170 "Configuration options regarding circuit building" 2010-03-03 23:56:59 -05:00
Peter Palfrader
9d3a985a83 Note an exception to when we use OutboundBindAddress 2010-03-02 12:58:50 -05:00
Sebastian Hahn
4db5e7ae76 Add configure switch to disable use of asciidoc
Also break the build if that switch isn't used and asciidoc isn't
available.
2010-03-01 05:02:27 +01:00
Sebastian Hahn
0cd1b499b4 Simplify asciidoc-helper
We don't need sed for our string manipulation, so let's get rid of
it. Suggested by weasel.
2010-03-01 04:07:55 +01:00
Sebastian Hahn
f9de12b864 Ship the asciidoc-helper file in our tarballs
Otherwise, the build process breaks when one of the .1.txt gets
a new mtime. Suggested by weasel.
2010-03-01 04:07:55 +01:00
Nick Mathewson
2ab3389ed6 Merge remote branch 'mikeperry/consensus-bw-weights5-merge'
Conflicts:
	ChangeLog
2010-02-25 16:22:29 -05:00
Mike Perry
00f9a35678 Update dir-spec.txt with begin_dir weights. 2010-02-25 11:42:24 -08:00
Sebastian Hahn
2917c0596c Restrict PerConnBWRate|Burst to INT32_MAX, update manpage
All other bandwidthrate settings are restricted to INT32_MAX, but
this check was forgotten for PerConnBWRate and PerConnBWBurst. Also
update the manpage to reflect the fact that specifying a bandwidth
in terabytes does not make sense, because that value will be too
large.
2010-02-25 12:33:15 +01:00
Mike Perry
4311318f7d Update consensus methods in spec. 2010-02-22 18:43:44 -08:00
Nick Mathewson
2e159967c9 Mark 160 and 161 as Finished. 2010-02-22 20:52:32 -05:00
Mike Perry
5d4f5ef07d Update specs for weight computation and use. 2010-02-22 16:52:11 -08:00
Roger Dingledine
8ce1cb174d elevate a changelog entry, and get my mailto out of the man page 2010-02-22 16:19:35 -05:00
Sebastian Hahn
eeba8581b2 Update the osx dmg creation instructions
Make sure we follow basic whitespace sanity principles, update a
few links
2010-02-22 09:55:43 +01:00
Roger Dingledine
a8a0542c77 minor fixes in proposal 169
still need to finish reading it, but so far so good
2010-02-21 17:20:37 -05:00
Mike Perry
ac68704f07 Allow "EXTENDCIRCUIT 0" to omit a path. 2010-02-18 09:08:31 -08:00
Mike Perry
8512e33773 Add BUILDTIMEOUT_SET event for CBT stress testing. 2010-02-18 09:08:31 -08:00
Andrew Lewman
0bd6cb31ed add in the apple incantations to get tls renegotiation to work. 2010-02-17 23:08:39 -05:00
Andrew Lewman
7f3b85d1df fix the win32 build instructions for openssl. 2010-02-17 23:07:51 -05:00
Sebastian Hahn
f164a76f72 Remove legacy files from main source distribution
The AUTHORS file was pretty outdated. Its contents moved onto the
people page. Design paper and roadmaps moved to the projects
directory in svn.
2010-02-16 06:41:36 +01:00
Nick Mathewson
3a7e7f1be4 Clean up whitespace 2010-02-11 00:24:23 -05:00
Andrew Lewman
ca2e4d20a5 updated win32 build instructions with new mingw and msys versions. 2010-02-11 00:23:34 -05:00
Andrew Lewman
dfbface39e clean up the documentation, break out sections for osx compiles. 2010-02-11 00:23:34 -05:00
Nick Mathewson
f75f7322b9 Clarify a paragraph in prop 169. 2010-01-29 16:39:27 -05:00
Sebastian Hahn
e015fe8b09 Make sure docdir is defined when making doc/
Apparently some autoconf versions need this, while others don't.
This means documentation will be installed into share/doc/tor/.
2010-01-28 09:03:21 +01:00
Sebastian Hahn
32c1863a67 Fix building the tarball
This removes the Makefile.am from doc/design-paper and replaces it with
a static Makefile. We don't need to call it during the normal Tor build
process, as we don't need its targets normally. Keeping it around in
case we want to rebuild the pdf or ps files later.
2010-01-28 09:03:21 +01:00
Nick Mathewson
c5380d6064 The name for the proposal status of 151 is "finished", not "Implemented" 2010-01-28 00:04:45 -05:00
Nick Mathewson
380d00246b Proposal 169: Eliminate TLS renegotiation
I propose a backward-compatible change to the Tor connection
establishment protocol to avoid the use of TLS
renegotiation.

Rather than doing a TLS renegotiation to exchange
certificates and authenticate the original handshake, this
proposal takes an approach similar to Steven Murdoch's
proposal 124, and uses Tor cells to authenticate the
parties' identities once the initial TLS handshake is
finished.
2010-01-28 00:04:25 -05:00
Sebastian Hahn
ca148f7219 Clean the man and html files with make (dist)clean 2010-01-27 20:23:13 +01:00
Sebastian Hahn
2c0ad636d9 Stop shipping the design paper in the tarballs 2010-01-27 20:09:19 +01:00
Nick Mathewson
e407c1adab Add a comment explaining the doc build system
Updated a little by Sebastian
2010-01-27 12:19:58 +01:00
Nick Mathewson
0c81d4c62b Make the asciidoc build process work from outside top_srcdir
Edited a little by Sebastian
2010-01-27 12:13:10 +01:00
Sebastian Hahn
1a3f42d1d0 Fix a few typos in the manpage, and reword the DisableAllSwap entry 2010-01-27 12:13:10 +01:00
Sebastian Hahn
a330cdc6fb Convert the Tor manpage to asciidoc.
This should be a very faithful conversion, preserving as much of the layout
of the old manpage as possible. This wasn't possible for the nt-service
and the DataDirectory/state parts. See a later commit for some small
cleanups.

Tiago Faria helped with the asciidoc conversion, big thanks!
2010-01-27 12:13:10 +01:00
Sebastian Hahn
ce860d8efd Convert the tor-resolve manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
59a9908f66 Convert the torify manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
2fc0c3031b Convert the tor-gencert manpage to asciidoc 2010-01-27 12:13:10 +01:00
Sebastian Hahn
9fe1c000b0 Allow generating documentation from asciidoc in the Makefile 2010-01-27 12:13:05 +01:00
Sebastian Hahn
3efadcd0d5 Move the torify manpage into the doc dir 2010-01-27 11:36:39 +01:00
Sebastian Hahn
f6a673490f Stop putting parts of the website into tarballs.
The website wasn't used by our packages, and most users will not know how
to open html.en files anyways.
2010-01-27 11:36:39 +01:00
Roger Dingledine
b9f1bd3c4e whitespace fixes 2010-01-15 15:58:35 -05:00
Roger Dingledine
397f7c874f fix some typos in our spec files 2010-01-15 15:56:54 -05:00
Roger Dingledine
184e7aa792 man page entries for PerConnBW{Rate,Burst} 2010-01-15 15:56:53 -05:00
Roger Dingledine
f6e8fcfe7a ship the bridges spec file in the tarball too 2010-01-15 15:56:53 -05:00
Roger Dingledine
937607056b a changelog and doc fixes for the strictnodes work 2009-12-21 04:38:49 -05:00
Roger Dingledine
5fee54a50f fix some typos 2009-12-19 05:12:00 -05:00
Roger Dingledine
d035b65cd7 start to document commonly used "param" arguments 2009-12-19 05:11:50 -05:00
Nick Mathewson
05a2473b7f Merge branch 'ewma' 2009-12-18 22:33:02 -05:00
Nick Mathewson
7edae58984 Merge commit 'karsten/fix-bridge-stats-master-4' 2009-12-18 14:16:41 -05:00
Karsten Loesing
e1e5c1b3ab Fix bridge statistics.
Fix statistics on client numbers by country as seen by bridges that were
broken in 0.2.2.1-alpha. Also switch to reporting full 24-hour intervals
instead of variable 12-to-48-hour intervals.
2009-12-17 09:22:55 +01:00
Karsten Loesing
d38268a8c7 Remove v0 hidden service statistics code.
The HSAuthorityRecordStats option was used to track statistics of overall
hidden service usage on the version 0 hidden service authorities. With the
version 2 hidden service directories being deployed and version 0
descriptors being phased out, these statistics are not as useful anymore.

Goodbye, you fine piece of software; my first major code contribution to
Tor.
2009-12-17 09:15:06 +01:00
Nick Mathewson
350181529e Merge branch 'safelogging2'
Conflicts:
	ChangeLog
2009-12-15 17:26:09 -05:00
Mike Perry
3802af8806 Update translations.txt with new torbutton process. 2009-12-15 17:10:59 -05:00
Nick Mathewson
7ab824c8cf Document CircuitPriorityHalflife on the manpage 2009-12-15 14:04:30 -05:00
Roger Dingledine
f7d99b62a3 New controller command "getinfo config-text"
It returns the contents that Tor would write if you send it a SAVECONF
command, so the controller can write the file to disk itself.
2009-12-13 19:21:06 -05:00
Sebastian Hahn
f258647433 Allow SafeLogging to exclude client related information 2009-12-12 02:26:11 +01:00
Roger Dingledine
403f99eaa4 add a minimum for CircuitStreamTimeout, plus a man page
plus some other unrelated touchups that have been sitting in my
sandbox
2009-11-22 07:15:30 -05:00
Jacob Appelbaum
2aac39a779 Implement DisableAllSwap to avoid putting secret info in page files.
This commit implements a new config option: 'DisableAllSwap'
This option probably only works properly when Tor is started as root.
We added two new functions: tor_mlockall() and tor_set_max_memlock().
tor_mlockall() attempts to mlock() all current and all future memory pages.
For tor_mlockall() to work properly we set the process rlimits for memory to
RLIM_INFINITY (and beyond) inside of tor_set_max_memlock().
We behave differently from mlockall() by only allowing tor_mlockall() to be
called one single time. All other calls will result in a return code of 1.
It is not possible to change DisableAllSwap while running.
A sample configuration item was added to the torrc.complete.in config file.
A new item in the man page for DisableAllSwap was added.
Thanks to Moxie Marlinspike and Chris Palmer for their feedback on this patch.

Please note that we make no guarantees about the quality of your OS and its
mlock/mlockall implementation. It is possible that this will do nothing at all.
It is also possible that you can ulimit the mlock properties of a given user
such that root is not required. This has not been extensively tested and is
unsupported. I have included some comments for possible ways we can handle
this on win32.
2009-10-27 04:28:40 -04:00
Nick Mathewson
a007a7c6ba Revise consensus-flavors proposal to better URLs.
The old flavored consensus URL format made it harder to decode URLs
based on their prefixes, and didn't take into account our "only give
it to me if it's signed by enough authorities" stuff.
2009-10-18 18:46:12 -04:00
Nick Mathewson
0bce0161dd Revise proposal 162: SHA256(x), not SHA256(SHA256(x))
The point of doing SHA256 twice is, generally, is to prevent message
extension attacks where an attacker who knows H(A) can calculate
H(A|B).  But for attaching a signature to a document, the attacker
already _knows_ A, so trying to keep them from calculating H(A|B) is
pointless.
2009-10-15 15:17:13 -04:00
Nick Mathewson
80a7a34755 Revise 162's idea of how detached signatures work with flavors
The original proposal was vague and would have made older Tors reject
detached-signature documents as soon as they saw one with flavors.
2009-10-15 15:17:12 -04:00
Roger Dingledine
e84dc32cb8 correct the spec for the stream_bw event.
"neonomad" pointed out on or-talk that the order is opposite from the
intuitive order. explain why. we chose to fix the spec rather than the
code because there are controllers like torflow that already expect
the current behavior.
2009-10-10 15:07:37 -04:00
Roger Dingledine
1efb643224 fix the wiki link in doc pages. remove obsolete FAQ. 2009-10-01 04:45:59 -04:00
Roger Dingledine
bda2a94cf9 update spec to reflect change in Fast definition
we made anybody who has 20KB/s Fast by definition, in 0.2.1.14-rc,
but it looks like we forgot to fix the spec.
2009-09-30 19:02:05 -04:00
Sebastian Hahn
81895dbd52 Our test script moved from src/or/test to src/test/test.
Update the HACKING document and the cross compilation helper
2009-09-23 00:24:43 -04:00
Roger Dingledine
cf2afcd707 Fix typos and comments, plus two bugs
A) We were considering a circuit had timed out in the special cases
where we close rendezvous circuits because the final rendezvous
circuit couldn't be built in time.
B) We were looking at the wrong timestamp_created when considering
a timeout.
2009-09-20 19:50:44 -04:00
Mike Perry
f39bedf250 Implement and document new network liveness algorithm.
Based on irc discussion with arma.
2009-09-20 14:51:30 -07:00
Roger Dingledine
b02b11c4b4 a mish-mash of stuff in my sandbox 2009-09-17 01:58:39 -04:00
Roger Dingledine
4850a3a75f Merge commit 'mikeperry/circuitbuildtimeout-final' 2009-09-16 21:43:31 -04:00
Roger Dingledine
61eb3711ee Merge commit 'sebastian/manpage' 2009-09-16 20:29:37 -04:00
Mike Perry
81dc435ffa Update proposal to match implementation. 2009-09-16 17:03:54 -07:00
Karsten Loesing
b508e4748f Remove trailing spaces. As if bytes were free...
Also correct some typos.
2009-09-16 15:52:05 -07:00
Mike Perry
fd412549fd Update proposal to bring it more in-line with implementation. 2009-09-16 15:52:03 -07:00
Sebastian Hahn
5f77363242 it is cached-descriptors now, not cached-routers 2009-09-15 13:15:00 +02:00
Roger Dingledine
39dee3d52c revert the month in the man page, so we don't drive weasel mad 2009-09-15 06:52:23 -04:00
Roger Dingledine
40bcab1faf ConsensusParams config option lists key=value params
finishes the authority-operator interface side of proposal 167.
2009-09-15 04:40:08 -04:00
Nick Mathewson
d9872cc676 Mark proposal 167 as implemented. 2009-09-14 23:24:39 -04:00
Nick Mathewson
381766ce4b Implement proposal 167: Authorities vote on network parameters.
This code adds a new field to vote on: "params".  It consists of a list of
sorted key=int pairs.  The output is computed as the median of all the
integers for any key on which anybody voted.

Improved with input from Roger.
2009-09-14 23:21:53 -04:00
Nick Mathewson
1cda6f3e75 Merge commit 'origin/maint-0.2.1' 2009-09-01 15:59:40 -04:00
Roger Dingledine
075c004095 Add getinfo accepted-server-descriptor. Clean spec.
Add a "getinfo status/accepted-server-descriptor" controller
command, which is the recommended way for controllers to learn
whether our server descriptor has been successfully received by at
least on directory authority. Un-recommend good-server-descriptor
getinfo and status events until we have a better design for them.
2009-08-31 18:37:25 -04:00
Roger Dingledine
0bb59f1c38 Merge branch 'maint-0.2.1' 2009-08-28 03:47:18 -04:00
Roger Dingledine
64f393d56f Only send netinfo clock_skew to controller if an authority told us so
We were triggering a CLOCK_SKEW controller status event whenever
we connect via the v2 connection protocol to any relay that has
a wrong clock. Instead, we should only inform the controller when
it's a trusted authority that claims our clock is wrong. Bugfix
on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
2009-08-28 03:42:09 -04:00
Roger Dingledine
659552a3c6 Merge branch 'maint-0.2.1' 2009-08-27 21:42:58 -04:00
Sebastian Hahn
1092fdca53 HiddenServiceVersion must be set to 2 currently.
0d68da2381 removed support for Version 0,
but didn't fix the manpage.
2009-08-27 05:10:48 +02:00
Roger Dingledine
b7e8a4631f changelog and spec changes for the .exit fix 2009-08-26 15:43:18 -04:00
Roger Dingledine
5965a85ce0 typos in dir-spec 2009-08-26 14:48:13 -04:00
Roger Dingledine
76108dce3f mark off a done proposal 2009-08-26 14:47:29 -04:00
Nick Mathewson
1d9b8a1e16 Merge commit 'karsten/proposal-166-impl-master' 2009-08-26 11:36:40 -04:00
Nick Mathewson
707a6bd659 Merge commit 'public/socks-client'
Resolved conflict in:
	src/or/or.h
2009-08-26 11:27:19 -04:00
phobos
25f9e20a1c update osx-dmg creation directions for the new methods 2009-08-25 15:58:25 -04:00
Roger Dingledine
f1b5fd2aaa new proposals: params in consensus, and lower circwindow 2009-08-25 00:34:29 -04:00
Karsten Loesing
75c59d1a92 Some final (?) cleanups of proposal 166 implementation. 2009-08-19 23:36:27 +02:00
Karsten Loesing
4e29f33427 Write all statistics to disk exactly every 24 hours. 2009-08-19 15:41:12 +02:00
Karsten Loesing
10fbc998e1 Update dir-spec.txt and man page. 2009-08-18 16:14:22 +02:00