commit b53561e29cf212f3bde34a4c4d186918f311878f Author: Damian Johnson atagar@torproject.org Date: Thu Jun 30 09:47:31 2016 -0700
Sync with manual and fallback dir information
Tor's had a few commits updating its manual and fallback directories. Getting back in sync with that information. --- stem/cached_tor_manual.cfg | 110 ++++++++++++++++++------------- stem/descriptor/fallback_directories.cfg | 52 +++------------ stem/settings.cfg | 13 ++-- 3 files changed, 79 insertions(+), 96 deletions(-)
diff --git a/stem/cached_tor_manual.cfg b/stem/cached_tor_manual.cfg index 8753a92..dfdd31c 100644 --- a/stem/cached_tor_manual.cfg +++ b/stem/cached_tor_manual.cfg @@ -6,10 +6,11 @@ description |Basically, Tor provides a distributed network of servers or relays ("onion routers"). Users bounce their TCP streams -- web traffic, ftp, ssh, etc. -- around the network, and recipients, observers, and even the relays themselves have difficulty tracking the source of the stream. | |By default, tor will act as a client only. To help the network by providing bandwidth as a relay, change the ORPort configuration option -- see below. Please also consult the documentation on the Tor Project's website. -man_commit 7d6e7fdd0343c32a09c926e7094d43f6653baa4f -stem_commit 7bfc752b69972f7043b260651602b8cb7bc270c4 +man_commit c6846d7bf0d8a382bea17304ea29a51c3a895f90 +stem_commit 1c9727dc1117f6c94cc7b195760a31e48b57111a commandline_options -f FILE => Specify a new configuration file to contain further Tor configuration options OR pass - to make Tor read its configuration from standard input. (Default: @CONFDIR@/torrc, or $HOME/.torrc if that file is not found) commandline_options --ignore-missing-torrc => Specifies that Tor should treat a missing torrc file as though it were empty. Ordinarily, Tor does this for missing default torrc files, but not for those specified on the command line. +commandline_options --passphrase-fd FILEDES => Filedescriptor to read the passphrase from. Note that unlike with the tor-gencert program, the entire file contents are read and used as the passphrase, including any trailing newlines. Default: read from the terminal. commandline_options --list-fingerprint => Generate your keys and output your nickname and fingerprint. commandline_options --defaults-torrc FILE => Specify a file in which to find default values for Tor options. The contents of this file are overridden by those in the regular configuration file, and by those on the command line. (Default: @CONFDIR@/torrc-defaults.) commandline_options --allow-missing-torrc => Do not require that configuration file specified by -f exist if default torrc can be accessed. @@ -35,7 +36,12 @@ files DataDirectory/lock => This file is used to prevent two Tor instances from files DataDirectory/stats/dirreq-stats => Only used by directory caches and authorities. This file is used to collect directory request statistics. files DataDirectory/hashed-fingerprint => Only used by bridges. Holds the hashed fingerprint of the bridge's identity key. (That is, the hash of the hash of the identity key.) files @CONFDIR@/torrc => The configuration file, which contains "option value" pairs. +files DataDirectory/keys/secret_onion_key => A relay's RSA1024 short-term onion key. Used to decrypt old-style ("TAP") circuit extension requests. +files DataDirectory/keys/ed25519_master_id_secret_key => The private part of a relay's Ed25519 permanent identity key. This key is used to sign the medium-term ed25519 signing key. This file can be kept offline, or kept encrypted. If so, Tor will not be able to generate new signing keys itself; you'll need to use tor --keygen yourself to do so. files DataDirectory/cached-descriptors and cached-descriptors.new => These files hold downloaded router statuses. Some routers may appear more than once; if so, the most recently published descriptor is used. Lines beginning with @-signs are annotations that contain more information about a given router. The ".new" file is an append-only journal; when it gets too large, all entries are merged into a new cached-descriptors file. +files DataDirectory/keys/ed25519_master_id_public_key => The public part of a relay's Ed25519 permanent identity key. +files HiddenServiceDirectory/hostname => The <base32-encoded-fingerprint>.onion domain name for this hidden service. If the hidden service is restricted to authorized clients only, this file also contains authorization data for all clients. +files DataDirectory/keys/ed25519_signing_secret_key => The private and public components of a relay's medium-term Ed25519 signing key. This key is authenticated by the Ed25519 master key, in turn authenticates other keys (and router descriptors). files DataDirectory/cached-microdescs and cached-microdescs.new => These files hold downloaded microdescriptors. Lines beginning with @-signs are annotations that contain more information about a given router. The ".new" file is an append-only journal; when it gets too large, all entries are merged into a new cached-microdescs file. files DataDirectory/cached-certs => This file holds downloaded directory key certificates that are used to verify authenticity of documents generated by Tor directory authorities. files DataDirectory/unverified-microdesc-consensus => This file contains a microdescriptor-flavored network consensus document that has been downloaded, but which we didn't have the right certificates to check yet. @@ -45,7 +51,9 @@ files DataDirectory/fingerprint => Only used by servers. Holds the fingerprint o files DataDirectory/unverified-consensus => This file contains a network consensus document that has been downloaded, but which we didn't have the right certificates to check yet. files HiddenServiceDirectory/client_keys => Authorization data for a hidden service that is only accessible by authorized clients. files DataDirectory/unparseable-desc => Onion server descriptors that Tor was unable to parse are dumped to this file. Only used for debugging. -files DataDirectory/stats/conn-stats => Only used by servers. This file is used to collect approximate connection history (number of active connections over time). +files DataDirectory/keys/secret_id_key => A relay's RSA1024 permanent identity key, including private and public components. Used to sign router descriptors, and to sign other keys. +files DataDirectory/keys/authority_identity_key => A v3 directory authority's master identity key, used to authenticate its signing key. Tor doesn't use this while it's running. The tor-gencert program uses this. If you're running an authority, you should keep this key offline, and not actually put it here. +files DataDirectory/keys/legacy_signing_key => As authority_signing_key: used only when V3AuthUseLegacyKey is set. See documentation for V3AuthUseLegacyKey. files @LOCALSTATEDIR@/lib/tor/ => The tor process stores keys and other data here. files DataDirectory/cached-routers and cached-routers.new => Obsolete versions of cached-descriptors and cached-descriptors.new. When Tor can't find the newer files, it looks here instead. files DataDirectory/stats/entry-stats => Only used by servers. This file is used to collect incoming connection statistics by Tor entry nodes. @@ -57,10 +65,15 @@ files $HOME/.torrc => Fallback location for torrc, if @CONFDIR@/torrc is not fou files DataDirectory/networkstatus-bridges => Only used by authoritative bridge directories. Contains information about bridges that have self-reported themselves to the bridge authority. files HiddenServiceDirectory/private_key => The private key for this hidden service. files DataDirectory/cached-status/ => The most recently downloaded network status document for each authority. Each file holds one such document; the filenames are the hexadecimal identity key fingerprints of the directory authorities. Mostly obsolete. +files DataDirectory/keys/ed25519_signing_cert => The certificate which authenticates "ed25519_signing_secret_key" as having been signed by the Ed25519 master key. files DataDirectory/state => A set of persistent key-value mappings. These are documented in the file. These include: o The current entry guards and their status. o The current bandwidth accounting values (unused so far; see below). o When the file was last written o What version of Tor generated the state file o A short history of bandwidth usage, as produced in the server descriptors. +files DataDirectory/keys/secret_onion_key_ntor => A relay's Curve25519 short-term onion key. Used to handle modern ("ntor") circuit extension requests. files DataDirectory/bw_accounting => Used to track bandwidth accounting values (when the current period starts and ends; how much has been read and written so far this period). This file is obsolete, and the data is now stored in the 'state' file as well. Only used when bandwidth accounting is enabled. -files DataDirectory/v3-status-votes => Only for authoritative directory servers. This file contains status votes from all the authoritative directory servers and is used to generate the network consensus document. -files HiddenServiceDirectory/hostname => The <base32-encoded-fingerprint>.onion domain name for this hidden service. If the hidden service is restricted to authorized clients only, this file also contains authorization data for all clients. +files DataDirectory/v3-status-votes => Only for v3 authoritative directory servers. This file contains status votes from all the authoritative directory servers. +files DataDirectory/keys/legacy_certificate => As authority_certificate: used only when V3AuthUseLegacyKey is set. See documentation for V3AuthUseLegacyKey. +files DataDirectory/stats/conn-stats => Only used by servers. This file is used to collect approximate connection history (number of active connections over time). +files DataDirectory/keys/authority_certificate => A v3 directory authority's certificate, which authenticates the authority's current vote- and consensus-signing key using its master identity key. Only directory authorities use this file. +files DataDirectory/keys/authority_signing_key => A v3 directory authority's signing key, used to sign votes and consensuses. Only directory authorities use this file. Corresponds to the authority_certificate cert. files DataDirectory/control_auth_cookie => Used for cookie authentication with the controller. Location can be overridden by the CookieAuthFile config option. Regenerated on startup. See control-spec.txt in torspec for details. Only used when cookie authentication is enabled. config_options.AllowInvalidNodes.category Client config_options.AllowInvalidNodes.name AllowInvalidNodes @@ -207,7 +220,7 @@ config_options.MapAddress.name MapAddress config_options.MapAddress.usage address newaddress config_options.MapAddress.summary Alias mappings for address requests config_options.MapAddress.description -|When a request for address arrives to Tor, it will transform to newaddress before processing it. For example, if you always want connections to www.example.com to exit via torserver (where torserver is the nickname of the server), use "MapAddress www.example.com www.example.com.torserver.exit". If the value is prefixed with a "*.", matches an entire domain. For example, if you always want connections to example.com and any if its subdomains to exit via torserver (where torserver is the nickname of the server), use "MapAddress *.example.com *.example.com.torserver.exit". (Note the leading "*." in each part of the directive.) You can also redirect all subdomains of a domain to a single address. For example, "MapAddress *.example.com www.example.com". +|When a request for address arrives to Tor, it will transform to newaddress before processing it. For example, if you always want connections to www.example.com to exit via torserver (where torserver is the fingerprint of the server), use "MapAddress www.example.com www.example.com.torserver.exit". If the value is prefixed with a "*.", matches an entire domain. For example, if you always want connections to example.com and any if its subdomains to exit via torserver (where torserver is the fingerprint of the server), use "MapAddress *.example.com *.example.com.torserver.exit". (Note the leading "*." in each part of the directive.) You can also redirect all subdomains of a domain to a single address. For example, "MapAddress *.example.com www.example.com". | |NOTES: | @@ -545,7 +558,7 @@ config_options.Tor2webMode.category Client config_options.Tor2webMode.name Tor2webMode config_options.Tor2webMode.usage 0|1 config_options.Tor2webMode.summary Establish non-anonymous hidden service connections -config_options.Tor2webMode.description When this option is set, Tor connects to hidden services non-anonymously. This option also disables client connections to non-hidden-service hostnames through Tor. It must only be used when running a tor2web Hidden Service web proxy. To enable this option the compile time flag --enable-tor2webmode must be specified. (Default: 0) +config_options.Tor2webMode.description When this option is set, Tor connects to hidden services non-anonymously. This option also disables client connections to non-hidden-service hostnames through Tor. It must only be used when running a tor2web Hidden Service web proxy. To enable this option the compile time flag --enable-tor2web-mode must be specified. (Default: 0) config_options.Tor2webRendezvousPoints.category Client config_options.Tor2webRendezvousPoints.name Tor2webRendezvousPoints config_options.Tor2webRendezvousPoints.usage node,node,... @@ -655,6 +668,36 @@ config_options.PathsNeededToBuildCircuits.name PathsNeededToBuildCircuits config_options.PathsNeededToBuildCircuits.usage NUM config_options.PathsNeededToBuildCircuits.summary Portion of relays to require information for before making circuits config_options.PathsNeededToBuildCircuits.description Tor clients don't build circuits for user traffic until they know about enough of the network so that they could potentially construct enough of the possible paths through the network. If this option is set to a fraction between 0.25 and 0.95, Tor won't build circuits until it has enough descriptors or microdescriptors to construct that fraction of possible paths. Note that setting this option too low can make your Tor client less anonymous, and setting it too high can prevent your Tor client from bootstrapping. If this option is negative, Tor will use a default value chosen by the directory authorities. (Default: -1.) +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.category Client +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.name ClientBootstrapConsensusAuthorityDownloadSchedule +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.usage N,N,... +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.summary +config_options.ClientBootstrapConsensusAuthorityDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 10, 11, 3600, 10800, 25200, 54000, 111600, 262800) +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.category Client +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.name ClientBootstrapConsensusFallbackDownloadSchedule +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.usage N,N,... +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.summary +config_options.ClientBootstrapConsensusFallbackDownloadSchedule.description Schedule for when clients should download consensuses from fallback directory mirrors if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 0, 1, 4, 11, 3600, 10800, 25200, 54000, 111600, 262800) +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.category Client +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.name ClientBootstrapConsensusAuthorityOnlyDownloadSchedule +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.usage N,N,... +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.summary +config_options.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients which don't have or won't fetch from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. (Default: 0, 3, 7, 3600, 10800, 25200, 54000, 111600, 262800) +config_options.ClientBootstrapConsensusMaxDownloadTries.category Client +config_options.ClientBootstrapConsensusMaxDownloadTries.name ClientBootstrapConsensusMaxDownloadTries +config_options.ClientBootstrapConsensusMaxDownloadTries.usage NUM +config_options.ClientBootstrapConsensusMaxDownloadTries.summary +config_options.ClientBootstrapConsensusMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using fallback directory mirrors before giving up. (Default: 7) +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.category Client +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.name ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.usage NUM +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.summary +config_options.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using authorities before giving up. (Default: 4) +config_options.ClientBootstrapConsensusMaxInProgressTries.category Client +config_options.ClientBootstrapConsensusMaxInProgressTries.name ClientBootstrapConsensusMaxInProgressTries +config_options.ClientBootstrapConsensusMaxInProgressTries.usage NUM +config_options.ClientBootstrapConsensusMaxInProgressTries.summary +config_options.ClientBootstrapConsensusMaxInProgressTries.description Try this many simultaneous connections to download a consensus before waiting for one to complete, timeout, or error out. (Default: 4) config_options.DirPortFrontPage.category Directory config_options.DirPortFrontPage.name DirPortFrontPage config_options.DirPortFrontPage.usage FILENAME @@ -1010,6 +1053,11 @@ config_options.LogMessageDomains.name LogMessageDomains config_options.LogMessageDomains.usage 0|1 config_options.LogMessageDomains.summary Includes a domain when logging messages config_options.LogMessageDomains.description If 1, Tor includes message domains with each log message. Every log message currently has at least one domain; most currently have exactly one. This doesn't affect controller log messages. (Default: 0) +config_options.MaxUnparseableDescSizeToLog.category General +config_options.MaxUnparseableDescSizeToLog.name MaxUnparseableDescSizeToLog +config_options.MaxUnparseableDescSizeToLog.usage N bytes|KBytes|MBytes|GBytes +config_options.MaxUnparseableDescSizeToLog.summary +config_options.MaxUnparseableDescSizeToLog.description Unparseable descriptors (e.g. for votes, consensuses, routers) are logged in separate files by hash, up to the specified size in total. Note that only files logged during the lifetime of this Tor process count toward the total; this is intended to be used to debug problems without opening live servers to resource exhaustion attacks. (Default: 10 MB) config_options.OutboundBindAddress.category General config_options.OutboundBindAddress.name OutboundBindAddress config_options.OutboundBindAddress.usage IP @@ -1483,6 +1531,14 @@ config_options.TestingTorNetwork.description | AssumeReachable 1 | AuthDirMaxServersPerAddr 0 | AuthDirMaxServersPerAuthAddr 0 +| ClientBootstrapConsensusAuthorityDownloadSchedule 0, 2, +| 4 (for 40 seconds), 8, 16, 32, 60 +| ClientBootstrapConsensusFallbackDownloadSchedule 0, 1, +| 4 (for 40 seconds), 8, 16, 32, 60 +| ClientBootstrapConsensusAuthorityOnlyDownloadSchedule 0, 1, +| 4 (for 40 seconds), 8, 16, 32, 60 +| ClientBootstrapConsensusMaxDownloadTries 80 +| ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries 80 | ClientDNSRejectInternalAddresses 0 | ClientRejectInternalAddresses 0 | CountPrivateBandwidth 1 @@ -1501,18 +1557,10 @@ config_options.TestingTorNetwork.description | TestingClientDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 | TestingServerConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 | TestingClientConsensusDownloadSchedule 0, 0, 5, 10, 15, 20, 30, 60 -| TestingClientBootstrapConsensusAuthorityDownloadSchedule 0, 2, -| 4 (for 40 seconds), 8, 16, 32, 60 -| TestingClientBootstrapConsensusFallbackDownloadSchedule 0, 1, -| 4 (for 40 seconds), 8, 16, 32, 60 -| TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule 0, 1, -| 4 (for 40 seconds), 8, 16, 32, 60 | TestingBridgeDownloadSchedule 60, 30, 30, 60 | TestingClientMaxIntervalWithoutRequest 5 seconds | TestingDirConnectionMaxStall 30 seconds | TestingConsensusMaxDownloadTries 80 -| TestingClientBootstrapConsensusMaxDownloadTries 80 -| TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries 80 | TestingDescriptorMaxDownloadTries 80 | TestingMicrodescMaxDownloadTries 80 | TestingCertMaxDownloadTries 80 @@ -1574,21 +1622,6 @@ config_options.TestingClientConsensusDownloadSchedule.name TestingClientConsensu config_options.TestingClientConsensusDownloadSchedule.usage N,N,... config_options.TestingClientConsensusDownloadSchedule.summary Schedule for when we should download the consensus as a client config_options.TestingClientConsensusDownloadSchedule.description Schedule for when clients should download consensuses. Changing this requires that TestingTorNetwork is set. (Default: 0, 0, 60, 300, 600, 1800, 3600, 3600, 3600, 10800, 21600, 43200) -config_options.TestingClientBootstrapConsensusAuthorityDownloadSchedule.category Testing -config_options.TestingClientBootstrapConsensusAuthorityDownloadSchedule.name TestingClientBootstrapConsensusAuthorityDownloadSchedule -config_options.TestingClientBootstrapConsensusAuthorityDownloadSchedule.usage N,N,... -config_options.TestingClientBootstrapConsensusAuthorityDownloadSchedule.summary Schedule when bootstrapping for when to download resources from authorities -config_options.TestingClientBootstrapConsensusAuthorityDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. Changing this schedule requires that TestingTorNetwork is set. (Default: 10, 11, 3600, 10800, 25200, 54000, 111600, 262800) -config_options.TestingClientBootstrapConsensusFallbackDownloadSchedule.category Testing -config_options.TestingClientBootstrapConsensusFallbackDownloadSchedule.name TestingClientBootstrapConsensusFallbackDownloadSchedule -config_options.TestingClientBootstrapConsensusFallbackDownloadSchedule.usage N,N,... -config_options.TestingClientBootstrapConsensusFallbackDownloadSchedule.summary Schedule when bootstrapping for when to download resources from fallback authorities -config_options.TestingClientBootstrapConsensusFallbackDownloadSchedule.description Schedule for when clients should download consensuses from fallback directory mirrors if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients fetching from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. Changing this schedule requires that TestingTorNetwork is set. (Default: 0, 1, 4, 11, 3600, 10800, 25200, 54000, 111600, 262800) -config_options.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule.category Testing -config_options.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule.name TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule -config_options.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule.usage N,N,... -config_options.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule.summary Schedule when bootstrapping for when to download resources from authorities when fallbacks unavailable -config_options.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule.description Schedule for when clients should download consensuses from authorities if they are bootstrapping (that is, they don't have a usable, reasonably live consensus). Only used by clients which don't have or won't fetch from a list of fallback directory mirrors. This schedule is advanced by (potentially concurrent) connection attempts, unlike other schedules, which are advanced by connection failures. Changing this schedule requires that TestingTorNetwork is set. (Default: 0, 3, 7, 3600, 10800, 25200, 54000, 111600, 262800) config_options.TestingBridgeDownloadSchedule.category Testing config_options.TestingBridgeDownloadSchedule.name TestingBridgeDownloadSchedule config_options.TestingBridgeDownloadSchedule.usage N,N,... @@ -1609,21 +1642,6 @@ config_options.TestingConsensusMaxDownloadTries.name TestingConsensusMaxDownload config_options.TestingConsensusMaxDownloadTries.usage NUM config_options.TestingConsensusMaxDownloadTries.summary Retries for downloading the consensus config_options.TestingConsensusMaxDownloadTries.description Try this many times to download a consensus before giving up. Changing this requires that TestingTorNetwork is set. (Default: 8) -config_options.TestingClientBootstrapConsensusMaxDownloadTries.category Testing -config_options.TestingClientBootstrapConsensusMaxDownloadTries.name TestingClientBootstrapConsensusMaxDownloadTries -config_options.TestingClientBootstrapConsensusMaxDownloadTries.usage NUM -config_options.TestingClientBootstrapConsensusMaxDownloadTries.summary Number of times to attempt downloading consensus -config_options.TestingClientBootstrapConsensusMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using fallback directory mirrors before giving up. Changing this requires that TestingTorNetwork is set. (Default: 7) -config_options.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.category Testing -config_options.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.name TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries -config_options.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.usage NUM -config_options.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.summary Number of times to attempt downloading consensus from authorities -config_options.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries.description Try this many times to download a consensus while bootstrapping using authorities before giving up. Changing this requires that TestingTorNetwork is set. (Default: 4) -config_options.TestingClientBootstrapConsensusMaxInProgressTries.category Testing -config_options.TestingClientBootstrapConsensusMaxInProgressTries.name TestingClientBootstrapConsensusMaxInProgressTries -config_options.TestingClientBootstrapConsensusMaxInProgressTries.usage NUM -config_options.TestingClientBootstrapConsensusMaxInProgressTries.summary Number of consensus download requests to allow in-flight at once -config_options.TestingClientBootstrapConsensusMaxInProgressTries.description Try this many simultaneous connections to download a consensus before waiting for one to complete, timeout, or error out. Changing this requires that TestingTorNetwork is set. (Default: 4) config_options.TestingDescriptorMaxDownloadTries.category Testing config_options.TestingDescriptorMaxDownloadTries.name TestingDescriptorMaxDownloadTries config_options.TestingDescriptorMaxDownloadTries.usage NUM @@ -1736,7 +1754,7 @@ config_options.AuthoritativeDirectory.category Authority config_options.AuthoritativeDirectory.name AuthoritativeDirectory config_options.AuthoritativeDirectory.usage 0|1 config_options.AuthoritativeDirectory.summary Act as a directory authority -config_options.AuthoritativeDirectory.description When this option is set to 1, Tor operates as an authoritative directory server. Instead of caching the directory, it generates its own list of good servers, signs it, and sends that to the clients. Unless the clients already have you listed as a trusted directory, you probably do not want to set this option. Please coordinate with the other admins at tor-ops@torproject.org if you think you should be a directory. +config_options.AuthoritativeDirectory.description When this option is set to 1, Tor operates as an authoritative directory server. Instead of caching the directory, it generates its own list of good servers, signs it, and sends that to the clients. Unless the clients already have you listed as a trusted directory, you probably do not want to set this option. config_options.V3AuthoritativeDirectory.category Authority config_options.V3AuthoritativeDirectory.name V3AuthoritativeDirectory config_options.V3AuthoritativeDirectory.usage 0|1 diff --git a/stem/descriptor/fallback_directories.cfg b/stem/descriptor/fallback_directories.cfg index c896c5b..3e18d93 100644 --- a/stem/descriptor/fallback_directories.cfg +++ b/stem/descriptor/fallback_directories.cfg @@ -1,10 +1,5 @@ -tor_commit 1fd4340f827065485f8ce3fd03c5573f89880893 -stem_commit 7773234cbdd43e768babe6bb930303e4c13b74e3 -9504CB22EEB25D344DE63CB7A6F2C46F895C3686.address 46.101.102.71 -9504CB22EEB25D344DE63CB7A6F2C46F895C3686.or_port 443 -9504CB22EEB25D344DE63CB7A6F2C46F895C3686.dir_port 80 -9504CB22EEB25D344DE63CB7A6F2C46F895C3686.orport6_address 2a03:b0c0:3:d0::2ed:7001 -9504CB22EEB25D344DE63CB7A6F2C46F895C3686.orport6_port 9050 +tor_commit 26146dbe9eb2404274b7c51121710f3f3529c930 +stem_commit 1c9727dc1117f6c94cc7b195760a31e48b57111a 823AA81E277F366505545522CEDC2F529CE4DC3F.address 192.160.102.164 823AA81E277F366505545522CEDC2F529CE4DC3F.or_port 9001 823AA81E277F366505545522CEDC2F529CE4DC3F.dir_port 80 @@ -13,9 +8,6 @@ AEA43CB1E47BE5F8051711B2BF01683DB1568E05.or_port 443 AEA43CB1E47BE5F8051711B2BF01683DB1568E05.dir_port 80 AEA43CB1E47BE5F8051711B2BF01683DB1568E05.orport6_address 2001:41d0:a:74a::1 AEA43CB1E47BE5F8051711B2BF01683DB1568E05.orport6_port 443 -86C281AD135058238D7A337D546C902BE8505DDE.address 185.96.88.29 -86C281AD135058238D7A337D546C902BE8505DDE.or_port 443 -86C281AD135058238D7A337D546C902BE8505DDE.dir_port 80 8664DC892540F3C789DB37008236C096C871734D.address 163.172.138.22 8664DC892540F3C789DB37008236C096C871734D.or_port 443 8664DC892540F3C789DB37008236C096C871734D.dir_port 80 @@ -87,9 +79,6 @@ D5039E1EBFD96D9A3F9846BF99EC9F75EDDE902A.dir_port 9030 AE6A8C18E7499B586CD36246AC4BCAFFBBF93AB2.address 178.254.44.135 AE6A8C18E7499B586CD36246AC4BCAFFBBF93AB2.or_port 443 AE6A8C18E7499B586CD36246AC4BCAFFBBF93AB2.dir_port 80 -262B66AD25C79588AD1FC8ED0E966395B47E5C1D.address 51.254.215.121 -262B66AD25C79588AD1FC8ED0E966395B47E5C1D.or_port 443 -262B66AD25C79588AD1FC8ED0E966395B47E5C1D.dir_port 80 01A9258A46E97FF8B2CAC7910577862C14F2C524.address 193.171.202.146 01A9258A46E97FF8B2CAC7910577862C14F2C524.or_port 9001 01A9258A46E97FF8B2CAC7910577862C14F2C524.dir_port 9030 @@ -118,11 +107,6 @@ D64366987CB39F61AD21DBCF8142FA0577B92811.dir_port 9030 BC630CBBB518BE7E9F4E09712AB0269E9DC7D626.address 197.231.221.211 BC630CBBB518BE7E9F4E09712AB0269E9DC7D626.or_port 9001 BC630CBBB518BE7E9F4E09712AB0269E9DC7D626.dir_port 9030 -AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C.address 195.154.164.243 -AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C.or_port 443 -AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C.dir_port 80 -AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C.orport6_address 2001:bc8:399f:f000::1 -AC66FFA4AB35A59EBBF5BF4C70008BF24D8A7A5C.orport6_port 993 A10C4F666D27364036B562823E5830BC448E046A.address 171.25.193.77 A10C4F666D27364036B562823E5830BC448E046A.or_port 443 A10C4F666D27364036B562823E5830BC448E046A.dir_port 80 @@ -136,9 +120,6 @@ CBEFF7BA4A4062045133C053F2D70524D8BBE5BE.or_port 443 CBEFF7BA4A4062045133C053F2D70524D8BBE5BE.dir_port 80 CBEFF7BA4A4062045133C053F2D70524D8BBE5BE.orport6_address 2a03:b0c0:2:d0::b7:5001 CBEFF7BA4A4062045133C053F2D70524D8BBE5BE.orport6_port 443 -B87C84E38DAECFFFFDE98E5AEE5786AFDC748F2C.address 178.62.36.64 -B87C84E38DAECFFFFDE98E5AEE5786AFDC748F2C.or_port 9001 -B87C84E38DAECFFFFDE98E5AEE5786AFDC748F2C.dir_port 9030 EC413181CEB1C8EDC17608BBB177CD5FD8535E99.address 91.219.236.222 EC413181CEB1C8EDC17608BBB177CD5FD8535E99.or_port 443 EC413181CEB1C8EDC17608BBB177CD5FD8535E99.dir_port 80 @@ -148,9 +129,9 @@ EC413181CEB1C8EDC17608BBB177CD5FD8535E99.dir_port 80 C697612CA5AED06B8D829FCC6065B9287212CB2F.address 195.154.79.128 C697612CA5AED06B8D829FCC6065B9287212CB2F.or_port 443 C697612CA5AED06B8D829FCC6065B9287212CB2F.dir_port 80 -8B7F47AE1A5D954A3E58ACDE0865D09DBA5B738D.address 178.217.184.32 -8B7F47AE1A5D954A3E58ACDE0865D09DBA5B738D.or_port 443 -8B7F47AE1A5D954A3E58ACDE0865D09DBA5B738D.dir_port 9030 +DDD7871C1B7FA32CB55061E08869A236E61BDDF8.address 5.34.183.205 +DDD7871C1B7FA32CB55061E08869A236E61BDDF8.or_port 443 +DDD7871C1B7FA32CB55061E08869A236E61BDDF8.dir_port 80 CBD0D1BD110EC52963082D839AC6A89D0AE243E7.address 37.59.46.159 CBD0D1BD110EC52963082D839AC6A89D0AE243E7.or_port 9001 CBD0D1BD110EC52963082D839AC6A89D0AE243E7.dir_port 9030 @@ -173,28 +154,17 @@ FFA72BD683BC2FCF988356E6BEC1E490F313FB07.orport6_port 9001 5665A3904C89E22E971305EE8C1997BCA4123C69.address 94.23.204.175 5665A3904C89E22E971305EE8C1997BCA4123C69.or_port 9001 5665A3904C89E22E971305EE8C1997BCA4123C69.dir_port 9030 -8844D87E9B038BE3270938F05AF797E1D3C74C0F.address 93.180.156.84 -8844D87E9B038BE3270938F05AF797E1D3C74C0F.or_port 9001 -8844D87E9B038BE3270938F05AF797E1D3C74C0F.dir_port 9030 E781F4EC69671B3F1864AE2753E0890351506329.address 176.31.180.157 E781F4EC69671B3F1864AE2753E0890351506329.or_port 22 E781F4EC69671B3F1864AE2753E0890351506329.dir_port 143 E781F4EC69671B3F1864AE2753E0890351506329.orport6_address 2001:41d0:8:eb9d::1 E781F4EC69671B3F1864AE2753E0890351506329.orport6_port 22 -D62FB817B0288085FAC38A6DC8B36DCD85B70260.address 185.14.185.240 -D62FB817B0288085FAC38A6DC8B36DCD85B70260.or_port 443 -D62FB817B0288085FAC38A6DC8B36DCD85B70260.dir_port 9030 4F0DB7E687FC7C0AE55C8F243DA8B0EB27FBF1F2.address 108.53.208.157 4F0DB7E687FC7C0AE55C8F243DA8B0EB27FBF1F2.or_port 443 4F0DB7E687FC7C0AE55C8F243DA8B0EB27FBF1F2.dir_port 80 0BEA4A88D069753218EAAAD6D22EA87B9A1319D6.address 5.39.92.199 0BEA4A88D069753218EAAAD6D22EA87B9A1319D6.or_port 443 0BEA4A88D069753218EAAAD6D22EA87B9A1319D6.dir_port 80 -CFECDDCA990E3EF7B7EC958B22441386B6B8D820.address 81.7.17.171 -CFECDDCA990E3EF7B7EC958B22441386B6B8D820.or_port 443 -CFECDDCA990E3EF7B7EC958B22441386B6B8D820.dir_port 80 -CFECDDCA990E3EF7B7EC958B22441386B6B8D820.orport6_address 2a02:180:1:1::517:11ab -CFECDDCA990E3EF7B7EC958B22441386B6B8D820.orport6_port 443 92ECC9E0E2AF81BB954719B189AC362E254AD4A5.address 91.219.237.244 92ECC9E0E2AF81BB954719B189AC362E254AD4A5.or_port 443 92ECC9E0E2AF81BB954719B189AC362E254AD4A5.dir_port 80 @@ -217,9 +187,6 @@ D2A1703758A0FBBA026988B92C2F88BAB59F9361.dir_port 9030 DAA39FC00B196B353C2A271459C305C429AF09E4.address 193.35.52.53 DAA39FC00B196B353C2A271459C305C429AF09E4.or_port 9001 DAA39FC00B196B353C2A271459C305C429AF09E4.dir_port 9030 -DDD7871C1B7FA32CB55061E08869A236E61BDDF8.address 5.34.183.205 -DDD7871C1B7FA32CB55061E08869A236E61BDDF8.or_port 443 -DDD7871C1B7FA32CB55061E08869A236E61BDDF8.dir_port 80 E589316576A399C511A9781A73DA4545640B479D.address 46.252.26.2 E589316576A399C511A9781A73DA4545640B479D.or_port 49991 E589316576A399C511A9781A73DA4545640B479D.dir_port 45212 @@ -274,9 +241,9 @@ BF0FB582E37F738CD33C3651125F2772705BB8E8.orport6_port 9010 75F1992FD3F403E9C082A5815EB5D12934CDF46C.dir_port 9030 75F1992FD3F403E9C082A5815EB5D12934CDF46C.orport6_address 2a03:b0c0:3:d0::208:5001 75F1992FD3F403E9C082A5815EB5D12934CDF46C.orport6_port 9050 -855BC2DABE24C861CD887DB9B2E950424B49FC34.address 84.219.173.60 -855BC2DABE24C861CD887DB9B2E950424B49FC34.or_port 443 -855BC2DABE24C861CD887DB9B2E950424B49FC34.dir_port 9030 +8844D87E9B038BE3270938F05AF797E1D3C74C0F.address 93.180.156.84 +8844D87E9B038BE3270938F05AF797E1D3C74C0F.or_port 9001 +8844D87E9B038BE3270938F05AF797E1D3C74C0F.dir_port 9030 29F1020B94BE25E6BE1AD13E93CE19D2131B487C.address 194.150.168.79 29F1020B94BE25E6BE1AD13E93CE19D2131B487C.or_port 11111 29F1020B94BE25E6BE1AD13E93CE19D2131B487C.dir_port 11112 @@ -325,9 +292,6 @@ FCB6695F8F2DC240E974510A4B3A0F2B12AB5B64.dir_port 80 5525D0429BFE5DC4F1B0E9DE47A4CFA169661E33.address 5.175.233.86 5525D0429BFE5DC4F1B0E9DE47A4CFA169661E33.or_port 443 5525D0429BFE5DC4F1B0E9DE47A4CFA169661E33.dir_port 80 -5C4DF16A0029CC4F67D3E127356E68F219269859.address 185.100.85.138 -5C4DF16A0029CC4F67D3E127356E68F219269859.or_port 46356 -5C4DF16A0029CC4F67D3E127356E68F219269859.dir_port 80 B1726B94885CE3AC3910CA8B60622B97B98E2529.address 185.66.250.141 B1726B94885CE3AC3910CA8B60622B97B98E2529.or_port 9001 B1726B94885CE3AC3910CA8B60622B97B98E2529.dir_port 9030 diff --git a/stem/settings.cfg b/stem/settings.cfg index d08cc6e..b561f73 100644 --- a/stem/settings.cfg +++ b/stem/settings.cfg @@ -100,6 +100,7 @@ manual.summary.SocksSocketsGroupWritable Group write permissions for the socks s manual.summary.KeepalivePeriod Rate at which to send keepalive packets manual.summary.Log Runlevels and location for tor logging manual.summary.LogMessageDomains Includes a domain when logging messages +manual.summary.MaxUnparseableDescSizeToLog Size of the dedicated log for unparseable descriptors manual.summary.OutboundBindAddress Sets the IP used for connecting to tor manual.summary.PidFile Path for a file tor writes containing its process id manual.summary.ProtocolWarnings Toggles if protocol errors give warnings or not @@ -211,6 +212,12 @@ manual.summary.ClientUseIPv6 Allow IPv6 connections to guards and fetching conse manual.summary.ClientPreferIPv6DirPort Perfer relays with IPv6 when fetching consensus manual.summary.ClientPreferIPv6ORPort Prefer a guard's IPv6 rather than IPv4 endpoint manual.summary.PathsNeededToBuildCircuits Portion of relays to require information for before making circuits +manual.summary.ClientBootstrapConsensusAuthorityDownloadSchedule Schedule when bootstrapping for when to download resources from authorities +manual.summary.ClientBootstrapConsensusFallbackDownloadSchedule Schedule when bootstrapping for when to download resources from fallback authorities +manual.summary.ClientBootstrapConsensusAuthorityOnlyDownloadSchedule Schedule when bootstrapping for when to download resources from authorities when fallbacks unavailable +manual.summary.ClientBootstrapConsensusMaxDownloadTries Number of times to attempt downloading consensus +manual.summary.ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries Number of times to attempt downloading consensus from authorities +manual.summary.ClientBootstrapConsensusMaxInProgressTries Number of consensus download requests to allow in-flight at once
# Server Config Options
@@ -334,16 +341,10 @@ manual.summary.TestingServerDownloadSchedule Schedule for when we should downloa manual.summary.TestingClientDownloadSchedule Schedule for when we should download resources as a client manual.summary.TestingServerConsensusDownloadSchedule Schedule for when we should download the consensus as a relay manual.summary.TestingClientConsensusDownloadSchedule Schedule for when we should download the consensus as a client -manual.summary.TestingClientBootstrapConsensusAuthorityDownloadSchedule Schedule when bootstrapping for when to download resources from authorities -manual.summary.TestingClientBootstrapConsensusFallbackDownloadSchedule Schedule when bootstrapping for when to download resources from fallback authorities -manual.summary.TestingClientBootstrapConsensusAuthorityOnlyDownloadSchedule Schedule when bootstrapping for when to download resources from authorities when fallbacks unavailable manual.summary.TestingBridgeDownloadSchedule Schedule for when we should download bridge descriptors manual.summary.TestingClientMaxIntervalWithoutRequest Maximum time to wait to batch requests for missing descriptors manual.summary.TestingDirConnectionMaxStall Duration to let directory connections stall before timing out manual.summary.TestingConsensusMaxDownloadTries Retries for downloading the consensus -manual.summary.TestingClientBootstrapConsensusMaxDownloadTries Number of times to attempt downloading consensus -manual.summary.TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries Number of times to attempt downloading consensus from authorities -manual.summary.TestingClientBootstrapConsensusMaxInProgressTries Number of consensus download requests to allow in-flight at once manual.summary.TestingDescriptorMaxDownloadTries Retries for downloading server descriptors manual.summary.TestingMicrodescMaxDownloadTries Retries for downloading microdescriptors manual.summary.TestingCertMaxDownloadTries Retries for downloading authority certificates