[tor-commits] [stem/master] Update tor manual options
atagar at torproject.org
atagar at torproject.org
Sat Dec 12 21:38:19 UTC 2015
commit d4fac7f81c180cf8e83ea81d4f3f2e8d0d2ce491
Author: Damian Johnson <atagar at torproject.org>
Date: Sat Dec 12 13:42:14 2015 -0800
Update tor manual options
Updating with a few minor additions such as DataDirectoryGroupReadable...
https://gitweb.torproject.org/tor.git/commit/?id=ec4ef68
---
stem/cached_tor_manual.cfg | 13 +++++++++----
stem/settings.cfg | 1 +
test/unit/manual.py | 2 +-
3 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/stem/cached_tor_manual.cfg b/stem/cached_tor_manual.cfg
index fb7b637..aa6d7d0 100644
--- a/stem/cached_tor_manual.cfg
+++ b/stem/cached_tor_manual.cfg
@@ -6,8 +6,8 @@ description
|Basically, Tor provides a distributed network of servers or relays ("onion routers"). Users bounce their TCP streams -- web traffic, ftp, ssh, etc. -- around the network, and recipients, observers, and even the relays themselves have difficulty tracking the source of the stream.
|
|By default, tor will only act as a client only. To help the network by providing bandwidth as a relay, change the ORPort configuration option -- see below. Please also consult the documentation on the Tor Project's website.
-man_commit 8661b4b5a2664f2bcda36d51371c0e141be497bd
-stem_commit 6d328e8d16c7b34c87d50d4259a6936451225e89
+man_commit ec4ef68271ab65b4ec643088153211e861cdc7b3
+stem_commit ef9894dca36e18076815362e44ebf639f0c34fcf
commandline_options -f FILE => Specify a new configuration file to contain further Tor configuration options OR pass - to make Tor read its configuration from standard input. (Default: @CONFDIR@/torrc, or $HOME/.torrc if that file is not found)
commandline_options --ignore-missing-torrc => Specifies that Tor should treat a missing torrc file as though it were empty. Ordinarily, Tor does this for missing default torrc files, but not for those specified on the command line.
commandline_options --list-fingerprint => Generate your keys and output your nickname and fingerprint.
@@ -844,6 +844,11 @@ config_options.DataDirectory.name DataDirectory
config_options.DataDirectory.usage DIR
config_options.DataDirectory.summary Location for storing runtime data (state, keys, etc)
config_options.DataDirectory.description Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
+config_options.DataDirectoryGroupReadable.category General
+config_options.DataDirectoryGroupReadable.name DataDirectoryGroupReadable
+config_options.DataDirectoryGroupReadable.usage 0|1
+config_options.DataDirectoryGroupReadable.summary Group read permissions for the data directory
+config_options.DataDirectoryGroupReadable.description If this option is set to 0, don't allow the filesystem group to read the DataDirectory. If the option is set to 1, make the DataDirectory readable by the default GID. (Default: 0)
config_options.FallbackDir.category General
config_options.FallbackDir.name FallbackDir
config_options.FallbackDir.usage address:port orport=port id=fingerprint [weight=num]
@@ -1293,7 +1298,7 @@ config_options.ServerDNSTestAddresses.category Relay
config_options.ServerDNSTestAddresses.name ServerDNSTestAddresses
config_options.ServerDNSTestAddresses.usage address,address,...
config_options.ServerDNSTestAddresses.summary Addresses to test to see if valid DNS queries are being hijacked
-config_options.ServerDNSTestAddresses.description When we're detecting DNS hijacking, make sure that these valid addresses aren't getting redirected. If they are, then our DNS is completely useless, and we'll reset our exit policy to "reject :". This option only affects name lookups that your server does on behalf of clients. (Default: "www.google.com, www.mit.edu, www.yahoo.com, www.slashdot.org")
+config_options.ServerDNSTestAddresses.description When we're detecting DNS hijacking, make sure that these valid addresses aren't getting redirected. If they are, then our DNS is completely useless, and we'll reset our exit policy to "reject *:*". This option only affects name lookups that your server does on behalf of clients. (Default: "www.google.com, www.mit.edu, www.yahoo.com, www.slashdot.org")
config_options.ServerDNSAllowNonRFC953Hostnames.category Relay
config_options.ServerDNSAllowNonRFC953Hostnames.name ServerDNSAllowNonRFC953Hostnames
config_options.ServerDNSAllowNonRFC953Hostnames.usage 0|1
@@ -1363,7 +1368,7 @@ config_options.ExtendAllowPrivateAddresses.category Relay
config_options.ExtendAllowPrivateAddresses.name ExtendAllowPrivateAddresses
config_options.ExtendAllowPrivateAddresses.usage 0|1
config_options.ExtendAllowPrivateAddresses.summary Allow circuits to be extended to the local network
-config_options.ExtendAllowPrivateAddresses.description When this option is enabled, Tor routers allow EXTEND request to localhost, RFC1918 addresses, and so on. This can create security issues; you should probably leave it off. (Default: 0)
+config_options.ExtendAllowPrivateAddresses.description When this option is enabled, Tor will connect to localhost, RFC1918 addresses, and so on. In particular, Tor will make direct connections, and Tor routers allow EXTEND requests, to these private addresses. This can create security issues; you should probably leave it off. (Default: 0)
config_options.MaxMemInQueues.category Relay
config_options.MaxMemInQueues.name MaxMemInQueues
config_options.MaxMemInQueues.usage N bytes|KB|MB|GB
diff --git a/stem/settings.cfg b/stem/settings.cfg
index 78bf014..dcedc44 100644
--- a/stem/settings.cfg
+++ b/stem/settings.cfg
@@ -72,6 +72,7 @@ manual.summary.CookieAuthFileGroupReadable Group read permissions for the authen
manual.summary.ControlPortWriteToFile Path for a file tor writes containing its control port
manual.summary.ControlPortFileGroupReadable Group read permissions for the control port file
manual.summary.DataDirectory Location for storing runtime data (state, keys, etc)
+manual.summary.DataDirectoryGroupReadable Group read permissions for the data directory
manual.summary.FallbackDir Fallback when unable to retrieve descriptor information
manual.summary.DirAuthority Alternative directory authorities
manual.summary.DirAuthorityFallbackRate Rate at which to use fallback directory
diff --git a/test/unit/manual.py b/test/unit/manual.py
index 0b9c7cd..ab8219e 100644
--- a/test/unit/manual.py
+++ b/test/unit/manual.py
@@ -186,7 +186,7 @@ class TestManual(unittest.TestCase):
self.assertEqual(14, len(manual.commandline_options))
self.assertEqual(8, len(manual.signals))
self.assertEqual(31, len(manual.files))
- self.assertEqual(288, len(manual.config_options))
+ self.assertEqual(289, len(manual.config_options))
def test_download_man_page_without_arguments(self):
try:
More information about the tor-commits
mailing list