[tor-commits] [tor/main] Prop335: Changes file and manual entries.

ahf at torproject.org ahf at torproject.org
Thu Oct 21 12:58:22 UTC 2021 

commit 54ab43d05e67984bda5661cb9530ad8a0b1e2a7a
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Oct 8 11:42:55 2021 -0400

    Prop335: Changes file and manual entries.
    
    Closes #40448.
---
 changes/prop335   | 11 +++++++++++
 doc/man/tor.1.txt | 29 ++++++++++++++++++++++-------
 2 files changed, 33 insertions(+), 7 deletions(-)

diff --git a/changes/prop335 b/changes/prop335
new file mode 100644
index 0000000000..4fa61ca2e9
--- /dev/null
+++ b/changes/prop335
@@ -0,0 +1,11 @@
+  o Major features (directory authority):
+    - Authorities can now be configured to label relays as "MiddleOnly".
+      When voting for this flag, authorities automatically vote against
+      Exit, Guard, HSDir, and V2Dir; and in favor of BadExit.
+      Implements part of proposal 335. Based on a patch from Neel
+      Chauhan.
+    - Add a new consensus method to handle MiddleOnly specially. When
+      enough authorities are using this method, then any relay
+      tagged with the MiddleOnly flag will have its Exit, Guard, HSDir,
+      and V2Dir flags automatically cleared, and will have its BadExit flag
+      automatically set. Implements part of proposal 335.
diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt
index 551ead7533..149d35b018 100644
--- a/doc/man/tor.1.txt
+++ b/doc/man/tor.1.txt
@@ -3025,6 +3025,11 @@ on the public Tor network.
     is the same as for exit policies, except that you don't need to say
     "accept" or "reject", and ports are not needed.)
 
+[[AuthDirMiddleOnly]] **AuthMiddleOnly** __AddressPattern...__::
+    Authoritative directories only. A set of address patterns for servers that
+    will be listed as middle-only in any network status document this authority
+    publishes, if **AuthDirListMiddleOnly** is set. +
+
 [[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**::
     Authoritative directories only. If non-zero, always vote the
     Fast flag for any relay advertising this amount of capacity or
@@ -3072,6 +3077,13 @@ on the public Tor network.
     1 unless you plan to list non-functioning exits as bad; otherwise, you are
     effectively voting in favor of every declared exit as an exit.)
 
+[[AuthDirListMiddleOnly]] **AuthDirListMiddleOnly** **0**|**1**::
+    Authoritative directories only. If set to 1, this directory has some
+    opinion about which nodes should only be used in the middle position.
+    (Do not set this to 1 unless you plan to list questionable relays
+    as "middle only"; otherwise, you are effectively voting _against_
+    middle-only status for every relay.)
+
 [[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
     Authoritative directories only. The maximum number of servers that we will
     list as acceptable on a single IP address. Set this to "0" for "no limit".
@@ -3090,18 +3102,20 @@ on the public Tor network.
     authority publishes, or accepted as an OR address in any descriptor
     submitted for publication by this authority.
 
+[[AuthDirRejectRequestsUnderLoad]] **AuthDirRejectRequestsUnderLoad** **0**|**1**::
+    If set, the directory authority will start rejecting directory requests
+    from non relay connections by sending a 503 error code if it is under
+    bandwidth pressure (reaching the configured limit if any). Relays will
+    always tried to be answered even if this is on. (Default: 1)
+
 //Out of order because it logically belongs with the other CCs options.
 [[AuthDirBadExitCCs]] **AuthDirBadExitCCs** __CC__,... +
 
 //Out of order because it logically belongs with the other CCs options.
 [[AuthDirInvalidCCs]] **AuthDirInvalidCCs** __CC__,... +
 
-
-[[AuthDirRejectRequestsUnderLoad]] **AuthDirRejectRequestsUnderLoad** **0**|**1**::
-    If set, the directory authority will start rejecting directory requests
-    from non relay connections by sending a 503 error code if it is under
-    bandwidth pressure (reaching the configured limit if any). Relays will
-    always tried to be answered even if this is on. (Default: 1)
+//Out of order because it logically belongs with the other CCs options.
+[[AuthDirMiddleOnlytCCs]] **AuthDirMiddleOnlyCCs** __CC__,... +
 
 [[AuthDirRejectCCs]] **AuthDirRejectCCs** __CC__,...::
     Authoritative directories only. These options contain a comma-separated
@@ -3847,7 +3861,8 @@ __DataDirectory__/**`approved-routers`**::
     descriptors are accepted, but marked in the vote as not valid.
     If it is **!badexit**, then the authority will vote for it to receive a
     BadExit flag, indicating that it shouldn't be used for traffic leaving
-    the Tor network.
+    the Tor network.  If it is **!middleonly**, then the authority will
+    vote for it to only be used in the middle of circuits.
     (Neither rejected nor invalid relays are included in the consensus.)
 
 __DataDirectory__/**`v3-status-votes`**::

More information about the tor-commits mailing list