summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2009-12-21 04:38:49 -0500
committerRoger Dingledine <arma@torproject.org>2009-12-21 04:38:49 -0500
commit937607056b53bbb3d6c94b57d930e144de8e7c8c (patch)
treed14bcb611aeccb80ce8b00bbd7656fa956bab11f
parent22e07b4ead93914708b4579aa1241f7f4f4121a2 (diff)
downloadtor-937607056b53bbb3d6c94b57d930e144de8e7c8c.tar.gz
tor-937607056b53bbb3d6c94b57d930e144de8e7c8c.zip
a changelog and doc fixes for the strictnodes work
-rw-r--r--ChangeLog23
-rw-r--r--doc/tor.1.in23
-rw-r--r--src/or/config.c4
3 files changed, 35 insertions, 15 deletions
diff --git a/ChangeLog b/ChangeLog
index 4fd40371ac..c7c8fcc655 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,5 @@
Changes in version 0.2.2.7-alpha - 2009-??-??
- o Major features:
+ o Major features (performance):
- When choosing which cells to relay first, we can now favor circuits
that have been quiet recently, so as to get lower latency for
low-volume circuits. By default, relays enable or disable this
@@ -9,6 +9,27 @@ Changes in version 0.2.2.7-alpha - 2009-??-??
"CircuitPriorityHalflife" config option. Design and code by Ian
Goldberg, Can Tang, and Chris Alexander.
+ o Major features (relay selection):
+ - Switch to a StrictNodes config option, rather than the previous
+ "StrictEntryNodes" / "StrictExitNodes" separation.
+ - If EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes
+ change during a config reload, mark and discard all our origin
+ circuits. This fix should address edge cases where we change the
+ config options and but then choose a circuit that we created before
+ the change.
+ - If EntryNodes or ExitNodes are set, be more willing to use an
+ unsuitable (e.g. slow or unstable) circuit. The user asked for it,
+ they get it.
+ - Make EntryNodes config option much more aggressive even when
+ StrictNodes is not set. Before it would prepend your requested
+ entrynodes to your list of guard nodes, but feel free to use others
+ after that. Now it chooses only from your EntryNodes if any of
+ those are available, and only falls back to others if a) they're
+ all down and b) StrictNodes is not set.
+ - Now we refresh your entry guards from EntryNodes at each consensus
+ fetch -- rather than just at startup and then they slowly rot as
+ the network changes.
+
o Minor features:
- New config option "CircuitStreamTimeout" to override our internal
timeout schedule for how many seconds until we detach a stream from
diff --git a/doc/tor.1.in b/doc/tor.1.in
index 8a34b63f21..b08e670352 100644
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@@ -515,26 +515,25 @@ list.
.TP
\fBEntryNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
A list of identity fingerprints, nicknames, country codes and address patterns
-of nodes to use for the first hop in the circuit.
-These are treated only as preferences unless StrictEntryNodes (see
+of nodes to use for the first hop in normal circuits.
+These are treated only as preferences unless StrictNodes (see
below) is also set.
.LP
.TP
\fBExitNodes \fR\fInode\fR,\fInode\fR,\fI...\fP
A list of identity fingerprints, nicknames, country codes and address patterns
-of nodes to use for the last hop in the circuit.
-These are treated only as preferences unless StrictExitNodes (see
+of nodes to use for the last hop in normal exit circuits.
+These are treated only as preferences unless StrictNodes (see
below) is also set.
.LP
.TP
-\fBStrictEntryNodes \fR\fB0\fR|\fB1\fR\fP
-If 1, Tor will never use any nodes besides those listed in "EntryNodes" for
-the first hop of a circuit.
-.LP
-.TP
-\fBStrictExitNodes \fR\fB0\fR|\fB1\fR\fP
-If 1, Tor will never use any nodes besides those listed in "ExitNodes" for
-the last hop of a circuit.
+\fBStrictNodes \fR\fB0\fR|\fB1\fR\fP
+If 1 and EntryNodes config option is set, Tor will never use any
+nodes besides those listed in EntryNodes for the first hop of a normal
+circuit. If 1 and ExitNodes config option is set, Tor will never use any
+nodes besides those listed in ExitNodes for the last hop of a normal exit
+circuit. Note that Tor might still use these nodes for non-exit circuits
+such as one-hop directory fetches or hidden service support circuits.
.LP
.TP
\fBFascistFirewall \fR\fB0\fR|\fB1\fR\fP
diff --git a/src/or/config.c b/src/or/config.c
index 0f6d99765f..e07a8250ee 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -551,8 +551,8 @@ static config_var_description_t options_description[] = {
"to the SOCKSPort." },
/* SocksTimeout */
{ "StrictNodes", "If set, Tor will fail to operate when none of the "
- "configured EntryNodes, ExitNodes, ExcludeNodes, or ExcludeExitNodes "
- "can be used." },
+ "configured EntryNodes or ExitNodes can be used (or if the usable ones "
+ "are listed in ExcludeNodes or ExcludeExitNodes)." },
/* TestSocks */
{ "TrackHostsExit", "Hosts and domains which should, if possible, be "
"accessed from the same exit node each time we connect to them." },