[tor-commits] [stem/master] Update config summaries for the latest tor manual

Sun Dec 6 21:57:11 UTC 2015

commit 5f2ca351e0a70565e4d58545ddbbd7b79e357262
Author: Damian Johnson <atagar at torproject.org>
Date:   Fri Nov 20 09:42:18 2015 -0800

    Update config summaries for the latest tor manual
    
    Arm's configuration summaries were written years ago. No surprise tor's man
    page has changed since then, adding new options and dropping others. Filling in
    the gaps and enabling the test that checks we're in sync.
---
 stem/manual.cfg     |  150 ++++++++++++++++++++++++++++++++++++++++-----------
 stem/manual.py      |   14 ++---
 test/unit/manual.py |   19 ++++---
 3 files changed, 137 insertions(+), 46 deletions(-)

diff --git a/stem/manual.cfg b/stem/manual.cfg
index f7a29c0..512501e 100644
--- a/stem/manual.cfg
+++ b/stem/manual.cfg
@@ -22,7 +22,7 @@ manual.important User
 manual.important Bridge
 manual.important ExcludeNodes
 manual.important MaxCircuitDirtiness
-manual.important SocksPort
+manual.important SOCKSPort
 manual.important UseBridges
 
 manual.important BridgeRelay
@@ -50,12 +50,21 @@ manual.summary.RelayBandwidthRate Average bandwidth usage limit for relaying
 manual.summary.RelayBandwidthBurst Maximum bandwidth usage limit for relaying
 manual.summary.PerConnBWRate Average relayed bandwidth limit per connection
 manual.summary.PerConnBWBurst Maximum relayed bandwidth limit per connection
+manual.summary.ClientTransportPlugin Proxy when establishing bridge connections
+manual.summary.ServerTransportPlugin Proxy when servicing bridge connections
+manual.summary.ServerTransportListenAddr Endpoint for bridge's pluggable transport proxy
+manual.summary.ServerTransportOptions Additional arguments for bridge's proxy
+manual.summary.ExtORPort Endpoint for extended ORPort connections
+manual.summary.ExtORPortCookieAuthFile Location of the ExtORPort's authentication cookie
+manual.summary.ExtORPortCookieAuthFileGroupReadable Group read permissions for the ExtORPort's authentication cookie
 manual.summary.ConnLimit Minimum number of file descriptors for Tor to start
+manual.summary.DisableNetwork Don't accept non-controller connections
 manual.summary.ConstrainedSockets Shrinks sockets to ConstrainedSockSize
 manual.summary.ConstrainedSockSize Limit for the received and transmit buffers of sockets
 manual.summary.ControlPort Port providing access to tor controllers (nyx, vidalia, etc)
 manual.summary.ControlListenAddress Address providing controller access
 manual.summary.ControlSocket Socket providing controller access
+manual.summary.ControlSocketsGroupWritable Group read permissions for the control socket
 manual.summary.HashedControlPassword Hash of the password for authenticating to the control port
 manual.summary.CookieAuthentication If set, authenticates controllers via a cookie
 manual.summary.CookieAuthFile Location of the authentication cookie
@@ -63,43 +72,49 @@ manual.summary.CookieAuthFileGroupReadable Group read permissions for the authen
 manual.summary.ControlPortWriteToFile Path for a file tor writes containing its control port
 manual.summary.ControlPortFileGroupReadable Group read permissions for the control port file
 manual.summary.DataDirectory Location for storing runtime data (state, keys, etc)
-manual.summary.DirServer Alternative directory authorities
+manual.summary.FallbackDir Fallback when unable to retrieve descriptor information
+manual.summary.DirAuthority Alternative directory authorities
+manual.summary.DirAuthorityFallbackRate Rate at which to use fallback directory
 manual.summary.AlternateDirAuthority Alternative directory authorities (consensus only)
-manual.summary.AlternateHSAuthority Alternative directory authorities (hidden services only)
 manual.summary.AlternateBridgeAuthority Alternative directory authorities (bridges only)
 manual.summary.DisableAllSwap Locks all allocated memory so they can't be paged out
+manual.summary.DisableDebuggerAttachment Limit information applications can retrieve about the process
 manual.summary.FetchDirInfoEarly Keeps consensus information up to date, even if unnecessary
 manual.summary.FetchDirInfoExtraEarly Updates consensus information when it's first available
 manual.summary.FetchHidServDescriptors Toggles if hidden service descriptors are fetched automatically or not
 manual.summary.FetchServerDescriptors Toggles if the consensus is fetched automatically or not
 manual.summary.FetchUselessDescriptors Toggles if relay descriptors are fetched when they aren't strictly necessary
-manual.summary.Group GID for the process when started
-manual.summary.HttpProxy HTTP proxy for connecting to tor
-manual.summary.HttpProxyAuthenticator Authentication credentials for HttpProxy
-manual.summary.HttpsProxy SSL proxy for connecting to tor
-manual.summary.HttpsProxyAuthenticator Authentication credentials for HttpsProxy
+manual.summary.HTTPProxy HTTP proxy for connecting to tor
+manual.summary.HTTPProxyAuthenticator Authentication credentials for HTTPProxy
+manual.summary.HTTPSProxy SSL proxy for connecting to tor
+manual.summary.HTTPSProxyAuthenticator Authentication credentials for HTTPSProxy
+manual.summary.Sandbox Run within a syscall sandbox
 manual.summary.Socks4Proxy SOCKS 4 proxy for connecting to tor
 manual.summary.Socks5Proxy SOCKS 5 for connecting to tor
 manual.summary.Socks5ProxyUsername Username for connecting to the Socks5Proxy
 manual.summary.Socks5ProxyPassword Password for connecting to the Socks5Proxy
+manual.summary.SocksSocketsGroupWritable Group write permissions for the socks socket
 manual.summary.KeepalivePeriod Rate at which to send keepalive packets
 manual.summary.Log Runlevels and location for tor logging
 manual.summary.LogMessageDomains Includes a domain when logging messages
 manual.summary.OutboundBindAddress Sets the IP used for connecting to tor
 manual.summary.PidFile Path for a file tor writes containing its process id
 manual.summary.ProtocolWarnings Toggles if protocol errors give warnings or not
+manual.summary.PredictedPortsRelevanceTime Duration to ensure circuits for previously used ports remain available
 manual.summary.RunAsDaemon Toggles if tor runs as a daemon process
 manual.summary.LogTimeGranularity limits granularity of log message timestamps
+manual.summary.TruncateLogFile Overwrites log file rather than appending when restarted
+manual.summary.SyslogIdentityTag Tag logs appended to the syslog as being from tor
 manual.summary.SafeLogging Toggles if logs are scrubbed of sensitive information
 manual.summary.User UID for the process when started
 manual.summary.HardwareAccel Toggles if tor attempts to use hardware acceleration
 manual.summary.AccelName OpenSSL engine name for crypto acceleration
 manual.summary.AccelDir Crypto acceleration library path
 manual.summary.AvoidDiskWrites Toggles if tor avoids frequently writing to disk
-manual.summary.TunnelDirConns Toggles if directory requests can be made over the ORPort
-manual.summary.PreferTunneledDirConns Avoids directory requests that can't be made over the ORPort if set
 manual.summary.CircuitPriorityHalflife Overwrite method for prioritizing traffic among relayed connections
 manual.summary.DisableIOCP Disables use of the Windows IOCP networking API
+manual.summary.UserspaceIOCPBuffers Disable kernel-space IOCP TCP buffers
+manual.summary.UseFilteringSSLBufferevents Use SSL for a chain of bufferevents
 manual.summary.CountPrivateBandwidth Applies rate limiting to private IP addresses
 
 # Client Config Options
@@ -114,12 +129,15 @@ manual.summary.CircuitStreamTimeout Timeout for shifting streams among circuits
 manual.summary.ClientOnly Ensures that we aren't used as a relay or directory mirror
 manual.summary.ExcludeNodes Relays or locales never to be used in circuits
 manual.summary.ExcludeExitNodes Relays or locales never to be used for exits
+manual.summary.GeoIPExcludeUnknown Don't use relays with an unknown locale in circuits
 manual.summary.ExitNodes Preferred final hop for circuits
 manual.summary.EntryNodes Preferred first hops for circuits
 manual.summary.StrictNodes Never uses notes outside of Entry/ExitNodes
 manual.summary.FascistFirewall Only make outbound connections on FirewallPorts
 manual.summary.FirewallPorts Ports used by FascistFirewall
 manual.summary.HidServAuth Authentication credentials for connecting to a hidden service
+manual.summary.CloseHSClientCircuitsImmediatelyOnTimeout Close hidden service circuits that timeout
+manual.summary.CloseHSServiceRendCircuitsImmediatelyOnTimeout Close hidden service rendezvous circuits that timeout
 manual.summary.ReachableAddresses Rules for bypassing the local firewall
 manual.summary.ReachableDirAddresses Rules for bypassing the local firewall (directory fetches)
 manual.summary.ReachableORAddresses Rules for bypassing the local firewall (OR connections)
@@ -127,27 +145,36 @@ manual.summary.LongLivedPorts Ports requiring highly reliable relays
 manual.summary.MapAddress Alias mappings for address requests
 manual.summary.NewCircuitPeriod Period for considering the creation of new circuits
 manual.summary.MaxCircuitDirtiness Duration for reusing constructed circuits
+manual.summary.MaxClientCircuitsPending Number of circuits that can be in construction at once
 manual.summary.NodeFamily Define relays as belonging to a family
 manual.summary.EnforceDistinctSubnets Prevent use of multiple relays from the same subnet on a circuit
-manual.summary.SocksPort Port for using tor as a Socks proxy
-manual.summary.SocksListenAddress Address from which Socks connections can be made
+manual.summary.SOCKSPort Port for using tor as a Socks proxy
+manual.summary.SOCKSListenAddress Address from which Socks connections can be made
 manual.summary.SocksPolicy Access policy for the pocks port
 manual.summary.SocksTimeout Time until idle or unestablished socks connections are closed
+manual.summary.TokenBucketRefillInterval Frequency at which exhausted connections are checked for new traffic
 manual.summary.TrackHostExits Maintains use of the same exit whenever connecting to this destination
 manual.summary.TrackHostExitsExpire Time until use of an exit for tracking expires
 manual.summary.UpdateBridgesFromAuthority Toggles fetching bridge descriptors from the authorities
 manual.summary.UseBridges Make use of configured bridges
 manual.summary.UseEntryGuards Use guard relays for first hop
+manual.summary.UseEntryGuardsAsDirGuards Retrieve descriptors via guards when able
+manual.summary.GuardfractionFile File containing information with duration of our guards
+manual.summary.UseGuardFraction Take guardfraction into account for path selection
 manual.summary.NumEntryGuards Pool size of guard relays we'll select from
+manual.summary.NumDirectoryGuards Pool size of directory guards we'll select from
+manual.summary.GuardLifetime Minimum time to keep entry guards
 manual.summary.SafeSocks Toggles rejecting unsafe variants of the socks protocol
 manual.summary.TestSocks Provide notices for if socks connections are of the safe or unsafe variants
 manual.summary.WarnUnsafeSocks Toggle warning of unsafe socks connection
-manual.summary.VirtualAddrNetwork Address range used with MAPADDRESS
+manual.summary.VirtualAddrNetworkIPv4 IPv4 address range to use when needing a virtual address
+manual.summary.VirtualAddrNetworkIPv6 IPv6 address range to use when needing a virtual address
 manual.summary.AllowNonRFC953Hostnames Toggles blocking invalid characters in hostname resolution
 manual.summary.AllowDotExit Toggles allowing exit notation in addresses
 manual.summary.FastFirstHopPK Toggle public key usage for the first hop
 manual.summary.TransPort Port for transparent proxying if the OS supports it
 manual.summary.TransListenAddress Address from which transparent proxy connections can be made
+manual.summary.TransProxyType Proxy type to be used
 manual.summary.NATDPort Port for forwarding ipfw NATD connections
 manual.summary.NATDListenAddress Address from which NATD forwarded connections can be made
 manual.summary.AutomapHostsOnResolve Map addresses ending with special suffixes to virtual addresses
@@ -157,10 +184,27 @@ manual.summary.DNSListenAddress Address for performing DNS resolution
 manual.summary.ClientDNSRejectInternalAddresses Ignores DNS responses for internal addresses
 manual.summary.ClientRejectInternalAddresses Disables use of Tor for internal connections
 manual.summary.DownloadExtraInfo Toggles fetching of extra information about relays
-manual.summary.FallbackNetworkstatusFile Path for a fallback cache of the consensus
 manual.summary.WarnPlaintextPorts Toggles warnings for using risky ports
 manual.summary.RejectPlaintextPorts Prevents connections on risky ports
 manual.summary.AllowSingleHopCircuits Makes use of single hop exits if able
+manual.summary.OptimisticData Use exits without confirmation that prior connections succeeded
+manual.summary.Tor2webMode Establish non-anonymous hidden service connections
+manual.summary.Tor2webRendezvousPoints Rendezvous points to use for hidden services when in Tor2webMode
+manual.summary.UseMicrodescriptors Retrieve microdescriptors rather than server descriptors
+manual.summary.UseNTorHandshake Use ntor for establishing circuits with relays
+manual.summary.PathBiasCircThreshold Number of circuits through a guard before applying bias checks
+manual.summary.PathBiasNoticeRate Fraction of circuits that must succeed before logging a notice
+manual.summary.PathBiasWarnRate Fraction of circuits that must succeed before logging a warning
+manual.summary.PathBiasExtremeRate Fraction of circuits that must succeed before logging an error
+manual.summary.PathBiasDropGuards Drop guards failing to establish circuits
+manual.summary.PathBiasScaleThreshold Circuits through a guard before scaling past observations down
+manual.summary.PathBiasUseThreshold Number of streams through a circuit before applying bias checks
+manual.summary.PathBiasNoticeUseRate Fraction of streams that must succeed before logging a notice
+manual.summary.PathBiasExtremeUseRate Fraction of streams that must succeed before logging an error
+manual.summary.PathBiasScaleUseThreshold Streams through a circuit before scaling past observations down
+manual.summary.ClientUseIPv6 Allow IPv6 connections to guards
+manual.summary.ClientPreferIPv6ORPort Prefer a guard's IPv6 rather than IPv4 endpoint
+manual.summary.PathsNeededToBuildCircuits Portion of relays to require information for before making circuits
 
 # Server Config Options
 
@@ -169,9 +213,11 @@ manual.summary.AllowSingleHopExits Toggles permitting use of this relay as a sin
 manual.summary.AssumeReachable Skips reachability test at startup
 manual.summary.BridgeRelay Act as a bridge
 manual.summary.ContactInfo Contact information for this relay
+manual.summary.ExitRelay Allow relaying of exit traffic
 manual.summary.ExitPolicy Traffic destinations that can exit from this relay
 manual.summary.ExitPolicyRejectPrivate Prevent exiting connection on the local network
-manual.summary.MaxOnionsPending Decryption queue size
+manual.summary.IPv6Exit Allow clients to use us for IPv6 traffic
+manual.summary.MaxOnionQueueDelay Duration to reject new onionskins if we have more than we can process
 manual.summary.MyFamily Other relays this operator administers
 manual.summary.Nickname Identifier for this relay
 manual.summary.NumCPUs Number of processes spawned for decryption
@@ -181,8 +227,10 @@ manual.summary.PortForwarding Use UPnP or NAT-PMP if needed to relay
 manual.summary.PortForwardingHelper Executable for configuring port forwarding
 manual.summary.PublishServerDescriptor Types of descriptors published
 manual.summary.ShutdownWaitLength Delay before quitting after receiving a SIGINT signal
+manual.summary.SSLKeyLifetime Lifetime for our link certificate
 manual.summary.HeartbeatPeriod Rate at which an INFO level heartbeat message is sent
 manual.summary.AccountingMax Amount of traffic before hibernating
+manual.summary.AccountingRule Method to determine when the accounting limit is reached
 manual.summary.AccountingStart Duration of an accounting period
 manual.summary.RefuseUnknownExits Prevents relays not in the consensus from using us as an exit
 manual.summary.ServerDNSResolvConfFile Overriding resolver config for DNS queries we provide
@@ -193,48 +241,54 @@ manual.summary.ServerDNSTestAddresses Addresses to test to see if valid DNS quer
 manual.summary.ServerDNSAllowNonRFC953Hostnames Toggles if we reject DNS queries with invalid characters
 manual.summary.BridgeRecordUsageByCountry Tracks geoip information on bridge usage
 manual.summary.ServerDNSRandomizeCase Toggles DNS query case randomization
-manual.summary.GeoIPFile Path to file containing geoip information
+manual.summary.GeoIPFile Path to file containing IPv4 geoip information
+manual.summary.GeoIPv6File Path to file containing IPv6 geoip information
+manual.summary.TLSECGroup EC group for incoming SSL connections
 manual.summary.CellStatistics Toggles storing circuit queue duration to disk
 manual.summary.DirReqStatistics Toggles storing network status counts and performance to disk
 manual.summary.EntryStatistics Toggles storing client connection counts to disk
 manual.summary.ExitPortStatistics Toggles storing traffic and port usage data to disk
 manual.summary.ConnDirectionStatistics Toggles storing connection use to disk
+manual.summary.HiddenServiceStatistics Toggles storing hidden service stats to disk
 manual.summary.ExtraInfoStatistics Publishes statistic data in the extra-info documents
+manual.summary.ExtendAllowPrivateAddresses Allow circuits to be extended to the local network
+manual.summary.MaxMemInQueues Threshold at which tor will terminate circuits to avoid running out of memory
+manual.summary.SigningKeyLifetime Duration the Ed25519 signing key is valid for
+manual.summary.OfflineMasterKey Don't generate the master secret key
 
 # Directory Server Options
 
-manual.summary.AuthoritativeDirectory Act as a directory authority
 manual.summary.DirPortFrontPage Publish this html file on the DirPort
-manual.summary.V1AuthoritativeDirectory Generates a version 1 consensus
-manual.summary.V2AuthoritativeDirectory Generates a version 2 consensus
-manual.summary.V3AuthoritativeDirectory Generates a version 3 consensus
-manual.summary.VersioningAuthoritativeDirectory Provides opinions on recommended versions of tor
-manual.summary.NamingAuthoritativeDirectory Provides opinions on fingerprint to nickname bindings
-manual.summary.HSAuthoritativeDir Toggles accepting hidden service descriptors
 manual.summary.HidServDirectoryV2 Toggles accepting version 2 hidden service descriptors
-manual.summary.BridgeAuthoritativeDir Acts as a bridge authority
-manual.summary.MinUptimeHidServDirectoryV2 Required uptime before accepting hidden service directory
 manual.summary.DirPort Port for directory connections
 manual.summary.DirListenAddress Address the directory service is bound to
 manual.summary.DirPolicy Access policy for the DirPort
-manual.summary.FetchV2Networkstatus Get the obsolete V2 consensus
 
 # Directory Authority Server Options
 
-manual.summary.RecommendedVersions Tor versions believed to be safe
+manual.summary.AuthoritativeDirectory Act as a directory authority
+manual.summary.V3AuthoritativeDirectory Generates a version 3 consensus
+manual.summary.VersioningAuthoritativeDirectory Provides opinions on recommended versions of tor
+manual.summary.RecommendedVersions Suggested versions of tor
+manual.summary.RecommendedPackageVersions Suggested versions of applications other than tor
 manual.summary.RecommendedClientVersions Tor versions believed to be safe for clients
+manual.summary.BridgeAuthoritativeDir Acts as a bridge authority
+manual.summary.MinUptimeHidServDirectoryV2 Required uptime before accepting hidden service directory
 manual.summary.RecommendedServerVersions Tor versions believed to be safe for relays
 manual.summary.ConsensusParams Params entry of the networkstatus vote
 manual.summary.DirAllowPrivateAddresses Toggles allowing arbitrary input or non-public IPs in descriptors
-manual.summary.AuthDirBadDir Relays to be flagged as bad directory caches
 manual.summary.AuthDirBadExit Relays to be flagged as bad exits
 manual.summary.AuthDirInvalid Relays from which the valid flag is withheld
 manual.summary.AuthDirReject Relays to be dropped from the consensus
-manual.summary.AuthDirListBadDirs Toggles if we provide an opinion on bad directory caches
+manual.summary.AuthDirBadExitCCs Countries for which to flag all relays as bad exits
+manual.summary.AuthDirInvalidCCs Countries for which the valid flag is withheld
+manual.summary.AuthDirRejectCCs Countries for which relays aren't accepted into the consensus
 manual.summary.AuthDirListBadExits Toggles if we provide an opinion on bad exits
-manual.summary.AuthDirRejectUnlisted Rejects further relay descriptors
 manual.summary.AuthDirMaxServersPerAddr Limit on the number of relays accepted per ip
 manual.summary.AuthDirMaxServersPerAuthAddr Limit on the number of relays accepted per an authority's ip
+manual.summary.AuthDirFastGuarantee Advertised rate at which the Fast flag is granted
+manual.summary.AuthDirGuardBWGuarantee Advertised rate necessary to be a guard
+manual.summary.AuthDirPinKeys Don't accept descriptors with conflicting identity keypairs
 manual.summary.BridgePassword Password for requesting bridge information
 manual.summary.V3AuthVotingInterval Consensus voting interval
 manual.summary.V3AuthVoteDelay Wait time to collect votes of other authorities
@@ -242,7 +296,10 @@ manual.summary.V3AuthDistDelay Wait time to collect the signatures of other auth
 manual.summary.V3AuthNIntervalsValid Number of voting intervals a consensus is valid for
 manual.summary.V3BandwidthsFile Path to a file containing measured relay bandwidths
 manual.summary.V3AuthUseLegacyKey Signs consensus with both the current and legacy keys
-manual.summary.RephistTrackTime Discards old, unchanged reliability informaition
+manual.summary.RephistTrackTime Discards old, unchanged reliability information
+manual.summary.VoteOnHidServDirectoriesV2 Determines if the authority votes on hidden service directories
+manual.summary.AuthDirHasIPv6Connectivity Descriptors can be retrieved over the authority's IPv6 ORPort
+manual.summary.MinMeasuredBWsForAuthToIgnoreAdvertised Total measured value before advertised bandwidths are treated as unreliable
 
 # Hidden Service Options
 
@@ -251,7 +308,12 @@ manual.summary.HiddenServicePort Port the hidden service is provided on
 manual.summary.PublishHidServDescriptors Toggles automated publishing of the hidden service to the rendezvous directory
 manual.summary.HiddenServiceVersion Version for published hidden service descriptors
 manual.summary.HiddenServiceAuthorizeClient Restricts access to the hidden service
+manual.summary.HiddenServiceAllowUnknownPorts Allow rendezvous circuits on unrecognized ports
+manual.summary.HiddenServiceMaxStreams Maximum streams per rendezvous circuit
+manual.summary.HiddenServiceMaxStreamsCloseCircuit Closes rendezvous circuits that exceed the maximum number of streams
 manual.summary.RendPostPeriod Period at which the rendezvous service descriptors are refreshed
+manual.summary.HiddenServiceDirGroupReadable Group read permissions for the hidden service directory
+manual.summary.HiddenServiceNumIntroductionPoints Number of introduction points the hidden service will have
 
 # Testing Network Options
 
@@ -259,6 +321,32 @@ manual.summary.TestingTorNetwork Overrides other options to be a testing network
 manual.summary.TestingV3AuthInitialVotingInterval Overrides V3AuthVotingInterval for the first consensus
 manual.summary.TestingV3AuthInitialVoteDelay Overrides TestingV3AuthInitialVoteDelay for the first consensus
 manual.summary.TestingV3AuthInitialDistDelay Overrides TestingV3AuthInitialDistDelay for the first consensus
+manual.summary.TestingV3AuthVotingStartOffset Offset for the point at which the authority votes
 manual.summary.TestingAuthDirTimeToLearnReachability Delay until opinions are given about which relays are running or not
 manual.summary.TestingEstimatedDescriptorPropagationTime Delay before clients attempt to fetch descriptors from directory caches
+manual.summary.TestingMinFastFlagThreshold Minimum value for the Fast flag
+manual.summary.TestingServerDownloadSchedule Schedule for when we should download resources as a relay
+manual.summary.TestingClientDownloadSchedule Schedule for when we should download resources as a client
+manual.summary.TestingServerConsensusDownloadSchedule Schedule for when we should download the consensus as a relay
+manual.summary.TestingClientConsensusDownloadSchedule Schedule for when we should download the consensus as a client
+manual.summary.TestingBridgeDownloadSchedule Schedule for when we should download bridge descriptors
+manual.summary.TestingClientMaxIntervalWithoutRequest Maximum time to wait to batch requests for missing descriptors
+manual.summary.TestingDirConnectionMaxStall Duration to let directory connections stall before timing out
+manual.summary.TestingConsensusMaxDownloadTries Retries for downloading the consensus
+manual.summary.TestingDescriptorMaxDownloadTries Retries for downloading server descriptors
+manual.summary.TestingMicrodescMaxDownloadTries Retries for downloading microdescriptors
+manual.summary.TestingCertMaxDownloadTries Retries for downloading authority certificates
+manual.summary.TestingDirAuthVoteExit Relays to give the Exit flag to
+manual.summary.TestingDirAuthVoteExitIsStrict Only grant the Exit flag to relays listed by TestingDirAuthVoteExit
+manual.summary.TestingDirAuthVoteGuard Relays to give the Guard flag to
+manual.summary.TestingDirAuthVoteGuardIsStrict Only grant the Guard flag to relays listed by TestingDirAuthVoteGuard
+manual.summary.TestingDirAuthVoteHSDir Relays to give the HSDir flag to
+manual.summary.TestingDirAuthVoteHSDirIsStrict Only grant the HSDir flag to relays listed by TestingDirAuthVoteHSDir
+manual.summary.TestingEnableConnBwEvent Allow controllers to request CONN_BW events
+manual.summary.TestingEnableCellStatsEvent Allow controllers to request CELL_STATS events
+manual.summary.TestingEnableTbEmptyEvent Allow controllers to request TB_EMPTY events
+manual.summary.TestingMinExitFlagThreshold Lower bound for assigning the Exit flag
+manual.summary.TestingLinkCertifetime Duration of our ed25519 certificate
+manual.summary.TestingAuthKeyLifetime Duration for our ed25519 signing key
+manual.summary.TestingLinkKeySlop Time before expiration that we replace our ed25519 key
 
diff --git a/stem/manual.py b/stem/manual.py
index 52f25e6..cf1be50 100644
--- a/stem/manual.py
+++ b/stem/manual.py
@@ -53,15 +53,15 @@ CATEGORY_SECTIONS = {
 
 
 @lru_cache()
-def _config():
+def _config(lowercase = True):
   """
   Provides a dictionary for our manual.cfg. This has a couple categories...
 
-    * manual.important (list) - list of lowercase configuration options
-      considered to be important
+    * manual.important (list) - configuration options considered to be important
+    * manual.summary.* (str) - summary descriptions of config options
 
-    * manual.summary.* (str) - summary descriptions of config options, key uses
-      the lowercase configuration option
+  :param bool lowercase: uses lowercase keys if **True** to allow for case
+    insensitive lookups
   """
 
   config = stem.util.conf.Config()
@@ -69,8 +69,8 @@ def _config():
 
   try:
     config.load(config_path)
-    config_dict = dict([(key.lower(), config.get_value(key)) for key in config.keys()])
-    config_dict['manual.important'] = [name.lower() for name in config.get_value('manual.important', [], multiple = True)]
+    config_dict = dict([(key.lower() if lowercase else key, config.get_value(key)) for key in config.keys()])
+    config_dict['manual.important'] = [name.lower() if lowercase else name for name in config.get_value('manual.important', [], multiple = True)]
     return config_dict
   except Exception as exc:
     stem.util.log.warn("BUG: stem failed to load its internal manual information from '%s': %s" % (config_path, exc))
diff --git a/test/unit/manual.py b/test/unit/manual.py
index c9e682a..60ae291 100644
--- a/test/unit/manual.py
+++ b/test/unit/manual.py
@@ -117,17 +117,20 @@ class TestManual(unittest.TestCase):
       test.runner.skip(self, '(unavailable on windows)')
       return
 
-    test.runner.skip(self, 'coming soon!')  # TODO: yup, got a few to fill in...
-
     manual = stem.manual.Manual.from_man(TEST_MAN_PAGE)
-    missing_summary = []
+    present = set(manual.config_options.keys())
+    expected = set([key[15:] for key in stem.manual._config(lowercase = False) if key.startswith('manual.summary.')])
+
+    # TODO: The 'Recognized' config name is due to our man page being slightly
+    # malformed. Sending a tor patch later to fix it.
 
-    for config_option in manual.config_options.values():
-      if not config_option.summary and config_option.category != Category.TESTING:
-        missing_summary.append(config_option.name)
+    missing_options = present.difference(expected).difference(set(['Recognized']))
+    extra_options = expected.difference(present)
 
-    if missing_summary:
-      self.fail("The following config options are missing summaries: %s" % ', '.join(missing_summary))
+    if missing_options:
+      self.fail("The following config options are missing summaries: %s" % ', '.join(missing_options))
+    elif extra_options:
+      self.fail("The following config options no longer exist in tor, so don't need summaries: %s" % ', '.join(extra_options))
 
   def test_attributes(self):
     if stem.util.system.is_windows():



