| Commit message (Collapse) | Author | Age |
|\
| |
| |
| |
| | |
Conflicts:
src/or/main.c
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If we can't detect the physical memory, the new default is 8 GB on
64-bit architectures, and 1 GB on 32-bit architectures.
If we *can* detect the physical memory, the new default is
CLAMP(256 MB, phys_mem * 0.75, MAX_DFLT)
where MAX_DFLT is 8 GB on 64-bit architectures and 2 GB on 32-bit
architectures.
You can still override the default by hand. The logic here is simply
trying to choose a lower default value on systems with less than 12 GB
of physical RAM.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This means that tor can run without needing to communicate with ioctls
to the firewall, and therefore doesn't need to run with privileges to
open the /dev/pf device node.
A new TransProxyType is added for this purpose, "pf-divert"; if the user
specifies this TransProxyType in their torrc, then the pf device node is
never opened and the connection destination is determined with getsockname
(as per pf(4)). The default behaviour (ie., when TransProxyType is "default"
when using the pf firewall) is still to assume that pf is configured with
rdr-to rules.
|
|/
|
|
|
|
| |
This isn't on by default; to get it, you need to set "TransProxyType
ipfw". (The original patch had automatic detection for whether
/dev/pf is present and openable, but that seems marginally fragile.)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We are searching @CONFDIR@ before $HOME, but the documentation
implied otherwise.
I screwed this up in f5e86bcd6c06d43ff3af5acd8135bd8b577bc3, when I
first documented the $HOME/.torrc possibility.
Fix for bug 9213; bugfix on 0.2.3.18-rc.
|
| |
| |
| |
| |
| |
| |
| |
| | |
The build was broken by changes in f8c45339f72525c68, but we didn't
notice, since that commit also made torify.1 only get built when
tor-fw-helper was turned on.
Fixes bug 11321; bugfix on Tor 0.2.5.1-alpha.
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
In the end this required a slightly nasty hack using a dummy anchor as
an option heading in order to make the "Other recognized __flags__"
line indent properly.
Fixes bug 11061; Bugfix on 61d740ed.
|
|\ \ |
|
| | | |
|
| | | |
|
|/ / |
|
| |
| |
| |
| |
| |
| | |
The option is unneeded, not meaningless, so explain what it does.
Patch from Matt Pagan; fixes 9059.
|
|\ \ |
|
| | |
| | |
| | |
| | | |
Improvement on 11108 fix; suggested by cypherpunks.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them. This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}. It
also adjusts the manpage to say that ports are ignored.
Fixes ticket 11108.
|
| | | |
|
| | |
| | |
| | |
| | | |
All circuits are predictive; it's the ports that are expiring here.
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
Conflicts:
doc/tor.1.txt
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| |_|/ /
|/| | |
| | | |
| | | | |
Conflicts:
src/test/test.c
|
| |\ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
src/or/circuitlist.c
|
| | |\ \ \
| | | |_|/
| | |/| |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
doc/tor.1.txt
src/or/config.c
src/or/or.h
The conflicts were all pretty trivial.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
REND_CLIENTNAME_MAX_LEN is set to 16, not 19.
|
| | | | |
| | | | |
| | | | |
| | | | | |
Implements #10884.
|
|/ / / / |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
Per a comment from karsten, there is no longer v2 authority support,
so stop pretending there is. Also, fix a grammar error.x
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
(There is no longer meaningfully any such thing as a HS authority,
since we stopped uploading or downloading v0 hs descriptors in
0.2.2.1-alpha.)
Implements #10881, and part of #10841.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.
(See #10582 and #10267)
|
| | | |
| | | |
| | | |
| | | | |
Based on patch from "thomo" at #10582.
|
| | | | |
|
|\| | | |
|
| | | |
| | | |
| | | |
| | | | |
Fix for #10470 as suggested by arma
|
|\| | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We renamed the option, but we didn't actually fix it in the log
messages or the docs. This patch does that.
For #10124. Patch by sqrt2.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
Conflicts:
src/or/or.h
|
| |/ / /
| | | |
| | | |
| | | |
| | | | |
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
|
|\| | | |
|
| |\ \ \ |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
According to the manpage, bridges use P256 for conformity and relays
use P224 for speed. But skruffy points out that we've gotten it
backwards in the code.
In this patch, we make the default P256 for everybody.
Fixes bug 9780; bugfix on 0.2.4.8-alpha.
|
| | | | | |
|