commit 44537c472d59df783724f248d0902fdca1e1ec8a Author: Damian Johnson atagar@torproject.org Date: Tue Sep 13 09:36:44 2016 -0700
Update config options and fallback directories
Quite a few updates. Getting our cache back in sync. --- stem/cached_tor_manual.cfg | 111 ++++++++++++++++++++----------- stem/descriptor/fallback_directories.cfg | 9 +-- 2 files changed, 74 insertions(+), 46 deletions(-)
diff --git a/stem/cached_tor_manual.cfg b/stem/cached_tor_manual.cfg index dfdd31c..0b8eea9 100644 --- a/stem/cached_tor_manual.cfg +++ b/stem/cached_tor_manual.cfg @@ -6,11 +6,11 @@ description |Basically, Tor provides a distributed network of servers or relays ("onion routers"). Users bounce their TCP streams -- web traffic, ftp, ssh, etc. -- around the network, and recipients, observers, and even the relays themselves have difficulty tracking the source of the stream. | |By default, tor will act as a client only. To help the network by providing bandwidth as a relay, change the ORPort configuration option -- see below. Please also consult the documentation on the Tor Project's website. -man_commit c6846d7bf0d8a382bea17304ea29a51c3a895f90 -stem_commit 1c9727dc1117f6c94cc7b195760a31e48b57111a +man_commit 9f0cb5af1559d4dab0a49017bdd5f37b0af588f8 +stem_commit 3d0e999f8073bed67d84bb863560078e923a8b57 commandline_options -f FILE => Specify a new configuration file to contain further Tor configuration options OR pass - to make Tor read its configuration from standard input. (Default: @CONFDIR@/torrc, or $HOME/.torrc if that file is not found) commandline_options --ignore-missing-torrc => Specifies that Tor should treat a missing torrc file as though it were empty. Ordinarily, Tor does this for missing default torrc files, but not for those specified on the command line. -commandline_options --passphrase-fd FILEDES => Filedescriptor to read the passphrase from. Note that unlike with the tor-gencert program, the entire file contents are read and used as the passphrase, including any trailing newlines. Default: read from the terminal. +commandline_options --list-deprecated-options => List all valid options that are scheduled to become obsolete in a future version. (This is a warning, not a promise.) commandline_options --list-fingerprint => Generate your keys and output your nickname and fingerprint. commandline_options --defaults-torrc FILE => Specify a file in which to find default values for Tor options. The contents of this file are overridden by those in the regular configuration file, and by those on the command line. (Default: @CONFDIR@/torrc-defaults.) commandline_options --allow-missing-torrc => Do not require that configuration file specified by -f exist if default torrc can be accessed. @@ -18,6 +18,7 @@ commandline_options --nt-service => Used internally to implement a Windows servi commandline_options --verify-config => Verify the configuration file is valid. commandline_options --service remove|start|stop => Remove, start, or stop a configured Tor Windows service. commandline_options --quiet|--hush => Override the default console log. By default, Tor starts out logging messages at level "notice" and higher to the console. It stops doing so after it parses its configuration, if the configuration tells it to log anywhere else. You can override this behavior with the --hush option, which tells Tor to only send warnings and errors to the console, or with the --quiet option, which tells Tor not to log to the console at all. +commandline_options --passphrase-fd FILEDES => Filedescriptor to read the passphrase from. Note that unlike with the tor-gencert program, the entire file contents are read and used as the passphrase, including any trailing newlines. Default: read from the terminal. commandline_options --keygen [--newpass] => Running "tor --keygen" creates a new ed25519 master identity key for a relay, or only a fresh temporary signing key and certificate, if you already have a master key. Optionally you can encrypt the master identity key with a passphrase: Tor will ask you for one. If you don't want to encrypt the master key, just don't enter any passphrase when asked. The --newpass option should be used with --keygen only when you need to add, change, or remove a passphrase on an existing ed25519 master identity key. You will be prompted for the old passphase (if any), and the new passphrase (if any). When generating a master key, you will probably want to use --DataDirectory to control where the keys and certificates will be stored, and --SigningKeyLifetime to control their lifetimes. Their behavior is as documented in the server options section below. (You must have write access to the specified DataDirectory.) To use the generated files, you must copy the m to the DataDirectory/keys directory of your Tor daemon, and make sure that they are owned by the user actually running the Tor daemon on your system. commandline_options --list-torrc-options => List all valid options. commandline_options --service install [--options command-line options] => Install an instance of Tor as a Windows service, with the provided command-line options. Current instructions can be found at https://www.torproject.org/docs/faq#NTService @@ -307,6 +308,15 @@ config_options.SocksPort.description |PreferIPv6 | Tells exits that, if a host has both an IPv4 and an IPv6 address, we would prefer to connect to it via IPv6. (IPv4 is the default.) | +|NoDNSRequest +| Do not ask exits to resolve DNS addresses in SOCKS5 requests. Tor will connect to IPv4 addresses, IPv6 addresses (if IPv6Traffic is set) and .onion addresses. +| +|NoOnionTraffic +| Do not connect to .onion addresses in SOCKS5 requests. +| +|OnionTrafficOnly +| Tell the tor client to only connect to .onion addresses in response to SOCKS5 requests on this connection. This is equivalent to NoDNSRequest, NoIPv4Traffic, NoIPv6Traffic. The corresponding NoOnionTrafficOnly flag is not supported. +| |CacheIPv4DNS | Tells the client to remember IPv4 DNS answers we receive from exit nodes via this connection. (On by default.) | @@ -336,6 +346,10 @@ config_options.SocksPort.description | |PreferSOCKSNoAuth | Ordinarily, when an application offers both "username/password authentication" and "no authentication" to Tor via SOCKS5, Tor selects username/password authentication so that IsolateSOCKSAuth can work. This can confuse some applications, if they offer a username/password combination then get confused when asked for one. You can disable this behavior, so that Tor will select "No authentication" when IsolateSOCKSAuth is disabled, or when this option is set. +| +| Flags are processed left to right. If flags conflict, the last flag on the +| line is used, and all earlier flags are ignored. No error is issued for +| conflicting flags. config_options.SocksListenAddress.category Client config_options.SocksListenAddress.name SocksListenAddress config_options.SocksListenAddress.usage IP[:PORT] @@ -380,7 +394,7 @@ config_options.UseEntryGuards.category Client config_options.UseEntryGuards.name UseEntryGuards config_options.UseEntryGuards.usage 0|1 config_options.UseEntryGuards.summary Use guard relays for first hop -config_options.UseEntryGuards.description If this option is set to 1, we pick a few long-term entry servers, and try to stick with them. This is desirable because constantly changing servers increases the odds that an adversary who owns some servers will observe a fraction of your paths. (Default: 1) +config_options.UseEntryGuards.description If this option is set to 1, we pick a few long-term entry servers, and try to stick with them. This is desirable because constantly changing servers increases the odds that an adversary who owns some servers will observe a fraction of your paths. Entry Guards can not be used by Directory Authorities, Single Onion Services, and Tor2web clients. In these cases, the this option is ignored. (Default: 1) config_options.UseEntryGuardsAsDirGuards.category Client config_options.UseEntryGuardsAsDirGuards.name UseEntryGuardsAsDirGuards config_options.UseEntryGuardsAsDirGuards.usage 0|1 @@ -438,7 +452,7 @@ config_options.VirtualAddrNetworkIPv6.summary IPv6 address range to use when nee config_options.VirtualAddrNetworkIPv6.description |When Tor needs to assign a virtual (unused) address because of a MAPADDRESS command from the controller or the AutomapHostsOnResolve feature, Tor picks an unassigned address from this range. (Defaults: 127.192.0.0/10 and [FE80::]/10 respectively.) | -|When providing proxy server service to a network of computers using a tool like dns-proxy-tor, change the IPv4 network to "10.192.0.0/10" or "172.16.0.0/12" and change the IPv6 network to "[FC00]/7". The default VirtualAddrNetwork address ranges on a properly configured machine will route to the loopback or link-local interface. For local use, no change to the default VirtualAddrNetwork setting is needed. +|When providing proxy server service to a network of computers using a tool like dns-proxy-tor, change the IPv4 network to "10.192.0.0/10" or "172.16.0.0/12" and change the IPv6 network to "[FC00::]/7". The default VirtualAddrNetwork address ranges on a properly configured machine will route to the loopback or link-local interface. For local use, no change to the default VirtualAddrNetwork setting is needed. config_options.AllowNonRFC953Hostnames.category Client config_options.AllowNonRFC953Hostnames.name AllowNonRFC953Hostnames config_options.AllowNonRFC953Hostnames.usage 0|1 @@ -558,7 +572,7 @@ config_options.Tor2webMode.category Client config_options.Tor2webMode.name Tor2webMode config_options.Tor2webMode.usage 0|1 config_options.Tor2webMode.summary Establish non-anonymous hidden service connections -config_options.Tor2webMode.description When this option is set, Tor connects to hidden services non-anonymously. This option also disables client connections to non-hidden-service hostnames through Tor. It must only be used when running a tor2web Hidden Service web proxy. To enable this option the compile time flag --enable-tor2web-mode must be specified. (Default: 0) +config_options.Tor2webMode.description When this option is set, Tor connects to hidden services non-anonymously. This option also disables client connections to non-hidden-service hostnames through Tor. It must only be used when running a tor2web Hidden Service web proxy. To enable this option the compile time flag --enable-tor2web-mode must be specified. Since Tor2webMode is non-anonymous, you can not run an anonymous Hidden Service on a tor version compiled with Tor2webMode. (Default: 0) config_options.Tor2webRendezvousPoints.category Client config_options.Tor2webRendezvousPoints.name Tor2webRendezvousPoints config_options.Tor2webRendezvousPoints.usage node,node,... @@ -576,11 +590,6 @@ config_options.UseMicrodescriptors.name UseMicrodescriptors config_options.UseMicrodescriptors.usage 0|1|auto config_options.UseMicrodescriptors.summary Retrieve microdescriptors rather than server descriptors config_options.UseMicrodescriptors.description Microdescriptors are a smaller version of the information that Tor needs in order to build its circuits. Using microdescriptors makes Tor clients download less directory information, thus saving bandwidth. Directory caches need to fetch regular descriptors and microdescriptors, so this option doesn't save any bandwidth for them. If this option is set to "auto" (recommended) then it is on for all clients that do not set FetchUselessDescriptors. (Default: auto) -config_options.UseNTorHandshake.category Client -config_options.UseNTorHandshake.name UseNTorHandshake -config_options.UseNTorHandshake.usage 0|1|auto -config_options.UseNTorHandshake.summary Use ntor for establishing circuits with relays -config_options.UseNTorHandshake.description The "ntor" circuit-creation handshake is faster and (we think) more secure than the original ("TAP") circuit handshake, but starting to use it too early might make your client stand out. If this option is 0, your Tor client won't use the ntor handshake. If it's 1, your Tor client will use the ntor handshake to extend circuits through servers that support it. If this option is "auto", then your client will use the ntor handshake once enough directory authorities recommend it. (Default: 1) config_options.PathBiasCircThreshold.category Client config_options.PathBiasCircThreshold.name PathBiasCircThreshold config_options.PathBiasCircThreshold.usage NUM @@ -671,32 +680,32 @@ config_options.PathsNeededToBuildCircuits.description Tor clients don't build ci config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.category Client config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.name ClientBootstrapConsensusAuthorityDownloadSchedule config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.usage N,N,... -config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.summary +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.summary Schedule when bootstrapping for when to download resources from authorities config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 10, 11, 3600, 10800, 25200, 54000, 111600, 262800) config_options.ClientBootstrapConsensusFallbackDownloadSchedule.category Client config_options.ClientBootstrapConsensusFallbackDownloadSchedule.name ClientBootstrapConsensusFallbackDownloadSchedule config_options.ClientBootstrapConsensusFallbackDownloadSchedule.usage N,N,... -config_options.ClientBootstrapConsensusFallbackDownloadSchedule.summary +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.summary Schedule when bootstrapping for when to download resources from fallback authorities config_options.ClientBootstrapConsensusFallbackDownloadSchedule.description Schedule for when clients should download consensuses from fallback directory mirrors if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 0, 1, 4, 11, 3600, 10800, 25200, 54000, 111600, 262800) config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.category Client config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.name ClientBootstrapConsensusAuthorityOnlyDownloadSchedule config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.usage N,N,... -config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.summary +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.summary Schedule when bootstrapping for when to download resources from authorities when fallbacks unavailable config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients which don't have or won't fetch from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 0, 3, 7, 3600, 10800, 25200, 54000, 111600, 262800) config_options.ClientBootstrapConsensusMaxDownloadTries.category Client config_options.ClientBootstrapConsensusMaxDownloadTries.name ClientBootstrapConsensusMaxDownloadTries config_options.ClientBootstrapConsensusMaxDownloadTries.usage NUM -config_options.ClientBootstrapConsensusMaxDownloadTries.summary +config_options.ClientBootstrapConsensusMaxDownloadTries.summary Number of times to attempt downloading consensus config_options.ClientBootstrapConsensusMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using fallback directory mirrors before giving up. (Default: 7) config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.category Client config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.name ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.usage NUM -config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.summary +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.summary Number of times to attempt downloading consensus from authorities config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using authorities before giving up. (Default: 4) config_options.ClientBootstrapConsensusMaxInProgressTries.category Client config_options.ClientBootstrapConsensusMaxInProgressTries.name ClientBootstrapConsensusMaxInProgressTries config_options.ClientBootstrapConsensusMaxInProgressTries.usage NUM -config_options.ClientBootstrapConsensusMaxInProgressTries.summary +config_options.ClientBootstrapConsensusMaxInProgressTries.summary Number of consensus download requests to allow in-flight at once config_options.ClientBootstrapConsensusMaxInProgressTries.description Try this many simultaneous connections to download a consensus before waiting for one to complete, timeout, or error out. (Default: 4) config_options.DirPortFrontPage.category Directory config_options.DirPortFrontPage.name DirPortFrontPage @@ -844,7 +853,7 @@ config_options.ControlPort.name ControlPort config_options.ControlPort.usage PORT|unix:path|auto [flags] config_options.ControlPort.summary Port providing access to tor controllers (nyx, vidalia, etc) config_options.ControlPort.description -|If set, Tor will accept connections on this port and allow those connections to control the Tor process using the Tor Control Protocol (described in control-spec.txt in torspec). Note: unless you also specify one or more of HashedControlPassword or CookieAuthentication, setting this option will cause Tor to allow any process on the local host to control it. (Setting both authentication methods means eithermethod is sufficient to authenticate to Tor.) This option is required for many Tor controllers; most use the value of 9051. Set it to "auto" to have Tor pick a port for you. (Default: 0) +|If set, Tor will accept connections on this port and allow those connections to control the Tor process using the Tor Control Protocol (described in control-spec.txt in torspec). Note: unless you also specify one or more of HashedControlPassword or CookieAuthentication, setting this option will cause Tor to allow any process on the local host to control it. (Setting both authentication methods means either method is sufficient to authenticate to Tor.) This option is required for many Tor controllers; most use the value of 9051. Set it to "auto" to have Tor pick a port for you. (Default: 0) | |Recognized flags are... | @@ -1056,7 +1065,7 @@ config_options.LogMessageDomains.description If 1, Tor includes message domains config_options.MaxUnparseableDescSizeToLog.category General config_options.MaxUnparseableDescSizeToLog.name MaxUnparseableDescSizeToLog config_options.MaxUnparseableDescSizeToLog.usage N bytes|KBytes|MBytes|GBytes -config_options.MaxUnparseableDescSizeToLog.summary +config_options.MaxUnparseableDescSizeToLog.summary Size of the dedicated log for unparseable descriptors config_options.MaxUnparseableDescSizeToLog.description Unparseable descriptors (e.g. for votes, consensuses, routers) are logged in separate files by hash, up to the specified size in total. Note that only files logged during the lifetime of this Tor process count toward the total; this is intended to be used to debug problems without opening live servers to resource exhaustion attacks. (Default: 10 MB) config_options.OutboundBindAddress.category General config_options.OutboundBindAddress.name OutboundBindAddress @@ -1108,7 +1117,7 @@ config_options.SafeLogging.description |If this option is set to 0, Tor will not perform any scrubbing, if it is set to 1, all potentially sensitive strings are replaced. If it is set to relay, all log messages generated when acting as a relay are sanitized, but all messages generated when acting as a client are not. (Default: 1) config_options.User.category General config_options.User.name User -config_options.User.usage UID +config_options.User.usage Username config_options.User.summary UID for the process when started config_options.User.description On startup, setuid to this user and setgid to their primary group. config_options.KeepBindCapabilities.category General @@ -1141,21 +1150,6 @@ config_options.CircuitPriorityHalflife.name CircuitPriorityHalflife config_options.CircuitPriorityHalflife.usage NUM1 config_options.CircuitPriorityHalflife.summary Overwrite method for prioritizing traffic among relayed connections config_options.CircuitPriorityHalflife.description If this value is set, we override the default algorithm for choosing which circuit's cell to deliver or relay next. When the value is 0, we round-robin between the active circuits on a connection, delivering one cell from each in turn. When the value is positive, we prefer delivering cells from whichever connection has the lowest weighted cell count, where cells are weighted exponentially according to the supplied CircuitPriorityHalflife value (in seconds). If this option is not set at all, we use the behavior recommended in the current consensus networkstatus. This is an advanced option; you generally shouldn't have to mess with it. (Default: not set) -config_options.DisableIOCP.category General -config_options.DisableIOCP.name DisableIOCP -config_options.DisableIOCP.usage 0|1 -config_options.DisableIOCP.summary Disables use of the Windows IOCP networking API -config_options.DisableIOCP.description If Tor was built to use the Libevent's "bufferevents" networking code and you're running on Windows, setting this option to 1 will tell Libevent not to use the Windows IOCP networking API. (Default: 1) -config_options.UserspaceIOCPBuffers.category General -config_options.UserspaceIOCPBuffers.name UserspaceIOCPBuffers -config_options.UserspaceIOCPBuffers.usage 0|1 -config_options.UserspaceIOCPBuffers.summary Disable kernel-space IOCP TCP buffers -config_options.UserspaceIOCPBuffers.description If IOCP is enabled (see DisableIOCP above), setting this option to 1 will tell Tor to disable kernel-space TCP buffers, in order to avoid needless copy operations and try not to run out of non-paged RAM. This feature is experimental; don't use it yet unless you're eager to help tracking down bugs. (Default: 0) -config_options.UseFilteringSSLBufferevents.category General -config_options.UseFilteringSSLBufferevents.name UseFilteringSSLBufferevents -config_options.UseFilteringSSLBufferevents.usage 0|1 -config_options.UseFilteringSSLBufferevents.summary Use SSL for a chain of bufferevents -config_options.UseFilteringSSLBufferevents.description Tells Tor to do its SSL communication using a chain of bufferevents: one for SSL and one for networking. This option has no effect if bufferevents are disabled (in which case it can't turn on), or if IOCP bufferevents are enabled (in which case it can't turn off). This option is useful for debugging only; most users shouldn't touch it. (Default: 0) config_options.CountPrivateBandwidth.category General config_options.CountPrivateBandwidth.name CountPrivateBandwidth config_options.CountPrivateBandwidth.usage 0|1 @@ -1211,7 +1205,7 @@ config_options.ExitPolicy.description | |To specify all IPv4 and IPv6 internal and link-local networks (including 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8, 192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, [::]/8, [FC00::]/7, [FE80::]/10, [FEC0::]/10, [FF00::]/8, and [::]/127), you can use the "private" alias instead of an address. ("private" always produces rules for IPv4 and IPv6 addresses, even when used with accept6/reject6.) | -|Private addresses are rejected by default (at the beginning of your exit policy), along with any configured primary public IPv4 and IPv6 addresses, and any public IPv4 and IPv6 addresses on any interface on the relay. These private addresses are rejected unless you set the ExitPolicyRejectPrivate config option to 0. For example, once you've done that, you could allow HTTP to 127.0.0.1 and block all other connections to internal networks with "accept 127.0.0.1:80,reject private:*", though that may also allow connections to your own computer that are addressed to its public (external) IP address. See RFC 1918 and RFC 3330 for more details about internal and reserved IP address space. +|Private addresses are rejected by default (at the beginning of your exit policy), along with any configured primary public IPv4 and IPv6 addresses. These private addresses are rejected unless you set the ExitPolicyRejectPrivate config option to 0. For example, once you've done that, you could allow HTTP to 127.0.0.1 and block all other connections to internal networks with "accept 127.0.0.1:80,reject private:*", though that may also allow connections to your own computer that are addressed to its public (external) IP address. See RFC 1918 and RFC 3330 for more details about internal and reserved IP address space. See ExitPolicyRejectLocalInterfaces if you want to block every address on the relay, even those that aren't advertised in the descriptor. | |This directive can be specified multiple times so you don't have to put it all on one line. | @@ -1235,7 +1229,12 @@ config_options.ExitPolicyRejectPrivate.category Relay config_options.ExitPolicyRejectPrivate.name ExitPolicyRejectPrivate config_options.ExitPolicyRejectPrivate.usage 0|1 config_options.ExitPolicyRejectPrivate.summary Prevent exiting connection on the local network -config_options.ExitPolicyRejectPrivate.description Reject all private (local) networks, along with any configured public IPv4 and IPv6 addresses, at the beginning of your exit policy. (This includes the IPv4 and IPv6 addresses advertised by the relay, any OutboundBindAddress, and the bind addresses of any port options, such as ORPort and DirPort.) This also rejects any public IPv4 and IPv6 addresses on any interface on the relay. (If IPv6Exit is not set, all IPv6 addresses will be rejected anyway.) See above entry on ExitPolicy. (Default: 1) +config_options.ExitPolicyRejectPrivate.description Reject all private (local) networks, along with the relay's advertised public IPv4 and IPv6 addresses, at the beginning of your exit policy. See above entry on ExitPolicy. (Default: 1) +config_options.ExitPolicyRejectLocalInterfaces.category Relay +config_options.ExitPolicyRejectLocalInterfaces.name ExitPolicyRejectLocalInterfaces +config_options.ExitPolicyRejectLocalInterfaces.usage 0|1 +config_options.ExitPolicyRejectLocalInterfaces.summary +config_options.ExitPolicyRejectLocalInterfaces.description Reject all IPv4 and IPv6 addresses that the relay knows about, at the beginning of your exit policy. This includes any OutboundBindAddress, the bind addresses of any port options, such as ControlPort or DNSPort, and any public IPv4 and IPv6 addresses on any interface on the relay. (If IPv6Exit is not set, all IPv6 addresses will be rejected anyway.) See above entry on ExitPolicy. This option is off by default, because it lists all public relay IP addresses in the ExitPolicy, even those relay operators might prefer not to disclose. (Default: 0) config_options.IPv6Exit.category Relay config_options.IPv6Exit.name IPv6Exit config_options.IPv6Exit.usage 0|1 @@ -1453,6 +1452,11 @@ config_options.MaxMemInQueues.name MaxMemInQueues config_options.MaxMemInQueues.usage N bytes|KB|MB|GB config_options.MaxMemInQueues.summary Threshold at which tor will terminate circuits to avoid running out of memory config_options.MaxMemInQueues.description This option configures a threshold above which Tor will assume that it needs to stop queueing or buffering data because it's about to run out of memory. If it hits this threshold, it will begin killing circuits until it has recovered at least 10% of this memory. Do not set this option too low, or your relay may be unreliable under load. This option only affects some queues, so the actual process size will be larger than this. If this option is set to 0, Tor will try to pick a reasonable default based on your system's physical memory. (Default: 0) +config_options.DisableOOSCheck.category Relay +config_options.DisableOOSCheck.name DisableOOSCheck +config_options.DisableOOSCheck.usage 0|1 +config_options.DisableOOSCheck.summary +config_options.DisableOOSCheck.description This option disables the code that closes connections when Tor notices that it is running low on sockets. Right now, it is on by default, since the existing out-of-sockets mechanism tends to kill OR connections more than it should. (Default: 1) config_options.SigningKeyLifetime.category Relay config_options.SigningKeyLifetime.name SigningKeyLifetime config_options.SigningKeyLifetime.usage N days|weeks|months @@ -1518,6 +1522,30 @@ config_options.HiddenServiceNumIntroductionPoints.name HiddenServiceNumIntroduct config_options.HiddenServiceNumIntroductionPoints.usage NUM config_options.HiddenServiceNumIntroductionPoints.summary Number of introduction points the hidden service will have config_options.HiddenServiceNumIntroductionPoints.description Number of introduction points the hidden service will have. You can't have more than 10. (Default: 3) +config_options.HiddenServiceSingleHopMode.category Hidden Service +config_options.HiddenServiceSingleHopMode.name HiddenServiceSingleHopMode +config_options.HiddenServiceSingleHopMode.usage 0|1 +config_options.HiddenServiceSingleHopMode.summary +config_options.HiddenServiceSingleHopMode.description +|Experimental - Non Anonymous Hidden Services on a tor instance in HiddenServiceSingleHopMode make one-hop (direct) circuits between the onion service server, and the introduction and rendezvous points. (Onion service descriptors are still posted using 3-hop paths, to avoid onion service directories blocking the service.) This option makes every hidden service instance hosted by a tor instance a Single Onion Service. One-hop circuits make Single Onion servers easily locatable, but clients remain location-anonymous. However, the fact that a client is accessing a Single Onion rather than a Hidden Service may be statistically distinguishable. +| +| **WARNING:** Once a hidden service directory has been used by a tor +| instance in HiddenServiceSingleHopMode, it can **NEVER** be used again for +| a hidden service. It is best practice to create a new hidden service +| directory, key, and address for each new Single Onion Service and Hidden +| Service. It is not possible to run Single Onion Services and Hidden +| Services from the same tor instance: they should be run on different +| servers with different IP addresses. +| +| HiddenServiceSingleHopMode requires HiddenServiceNonAnonymousMode to be set +| to 1. Since a Single Onion is non-anonymous, you can not to run an +| anonymous SOCKSPort on the same tor instance as a Single Onion service. +| (Default: 0) +config_options.HiddenServiceNonAnonymousMode.category Hidden Service +config_options.HiddenServiceNonAnonymousMode.name HiddenServiceNonAnonymousMode +config_options.HiddenServiceNonAnonymousMode.usage 0|1 +config_options.HiddenServiceNonAnonymousMode.summary +config_options.HiddenServiceNonAnonymousMode.description Makes hidden services non-anonymous on this tor instance. Allows the non-anonymous HiddenServiceSingleHopMode. Enables direct connections in the server-side hidden service protocol. (Default: 0) config_options.TestingTorNetwork.category Testing config_options.TestingTorNetwork.name TestingTorNetwork config_options.TestingTorNetwork.usage 0|1 @@ -1759,7 +1787,7 @@ config_options.V3AuthoritativeDirectory.category Authority config_options.V3AuthoritativeDirectory.name V3AuthoritativeDirectory config_options.V3AuthoritativeDirectory.usage 0|1 config_options.V3AuthoritativeDirectory.summary Generates a version 3 consensus -config_options.V3AuthoritativeDirectory.description When this option is set in addition to AuthoritativeDirectory, Tor generates version 3 network statuses and serves descriptors, etc as described in dir-spec.txt file of torspec (for Tor clients and servers running atleast 0.2.0.x). +config_options.V3AuthoritativeDirectory.description When this option is set in addition to AuthoritativeDirectory, Tor generates version 3 network statuses and serves descriptors, etc as described in dir-spec.txt file of torspec (for Tor clients and servers running at least 0.2.0.x). config_options.VersioningAuthoritativeDirectory.category Authority config_options.VersioningAuthoritativeDirectory.name VersioningAuthoritativeDirectory config_options.VersioningAuthoritativeDirectory.usage 0|1 @@ -1804,7 +1832,7 @@ config_options.DirAllowPrivateAddresses.category Authority config_options.DirAllowPrivateAddresses.name DirAllowPrivateAddresses config_options.DirAllowPrivateAddresses.usage 0|1 config_options.DirAllowPrivateAddresses.summary Toggles allowing arbitrary input or non-public IPs in descriptors -config_options.DirAllowPrivateAddresses.description If set to 1, Tor will accept server descriptors with arbitrary "Address" elements. Otherwise, if the address is not an IP address or is a private IP address, it will reject the server descriptor. (Default: 0) +config_options.DirAllowPrivateAddresses.description If set to 1, Tor will accept server descriptors with arbitrary "Address" elements. Otherwise, if the address is not an IP address or is a private IP address, it will reject the server descriptor. Additionally, Tor will allow exit policies for private networks to fulfill Exit flag requirements. (Default: 0) config_options.AuthDirBadExit.category Authority config_options.AuthDirBadExit.name AuthDirBadExit config_options.AuthDirBadExit.usage AddressPattern... @@ -1868,6 +1896,11 @@ config_options.AuthDirPinKeys.name AuthDirPinKeys config_options.AuthDirPinKeys.usage 0|1 config_options.AuthDirPinKeys.summary Don't accept descriptors with conflicting identity keypairs config_options.AuthDirPinKeys.description Authoritative directories only. If non-zero, do not allow any relay to publish a descriptor if any other relay has reserved its <Ed25519,RSA> identity keypair. In all cases, Tor records every keypair it accepts in a journal if it is new, or if it differs from the most recently accepted pinning for one of the keys it contains. (Default: 0) +config_options.AuthDirSharedRandomness.category Authority +config_options.AuthDirSharedRandomness.name AuthDirSharedRandomness +config_options.AuthDirSharedRandomness.usage 0|1 +config_options.AuthDirSharedRandomness.summary +config_options.AuthDirSharedRandomness.description Authoritative directories only. Switch for the shared random protocol. If zero, the authority won't participate in the protocol. If non-zero (default), the flag "shared-rand-participate" is added to the authority vote indicating participation in the protocol. (Default: 1) config_options.BridgePassword.category Authority config_options.BridgePassword.name BridgePassword config_options.BridgePassword.usage Password diff --git a/stem/descriptor/fallback_directories.cfg b/stem/descriptor/fallback_directories.cfg index 3e18d93..94d9fcb 100644 --- a/stem/descriptor/fallback_directories.cfg +++ b/stem/descriptor/fallback_directories.cfg @@ -1,5 +1,5 @@ -tor_commit 26146dbe9eb2404274b7c51121710f3f3529c930 -stem_commit 1c9727dc1117f6c94cc7b195760a31e48b57111a +tor_commit 1c4a2dd208601aca9fdd004929c283b9d44d7442 +stem_commit 3d0e999f8073bed67d84bb863560078e923a8b57 823AA81E277F366505545522CEDC2F529CE4DC3F.address 192.160.102.164 823AA81E277F366505545522CEDC2F529CE4DC3F.or_port 9001 823AA81E277F366505545522CEDC2F529CE4DC3F.dir_port 80 @@ -208,11 +208,6 @@ A0F06C2FADF88D3A39AA3072B406F09D7095AC9E.dir_port 80 30648BC64CEDB3020F4A405E4AB2A6347FB8FA22.address 213.61.66.118 30648BC64CEDB3020F4A405E4AB2A6347FB8FA22.or_port 9001 30648BC64CEDB3020F4A405E4AB2A6347FB8FA22.dir_port 9031 -08DC0F3C6E3D9C527C1FC8745D35DD1B0DE1875D.address 37.187.1.149 -08DC0F3C6E3D9C527C1FC8745D35DD1B0DE1875D.or_port 9001 -08DC0F3C6E3D9C527C1FC8745D35DD1B0DE1875D.dir_port 9030 -08DC0F3C6E3D9C527C1FC8745D35DD1B0DE1875D.orport6_address 2001:41d0:a:195::1 -08DC0F3C6E3D9C527C1FC8745D35DD1B0DE1875D.orport6_port 9001 2BA2C8E96B2590E1072AECE2BDB5C48921BF8510.address 144.76.26.175 2BA2C8E96B2590E1072AECE2BDB5C48921BF8510.or_port 9011 2BA2C8E96B2590E1072AECE2BDB5C48921BF8510.dir_port 9012