aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/feature224075
-rw-r--r--doc/tor.1.txt15
2 files changed, 18 insertions, 2 deletions
diff --git a/changes/feature22407 b/changes/feature22407
new file mode 100644
index 0000000000..aec6c15f46
--- /dev/null
+++ b/changes/feature22407
@@ -0,0 +1,5 @@
+ o Minor features (client):
+ - You can now use Tor as a tunneled HTTP proxy: use the HTTPTunnelPort
+ option to open a port that accepts HTTP CONNECT requests.
+ Closes ticket 22407.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 2e11534a68..1898b7237d 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -777,7 +777,8 @@ CLIENT OPTIONS
--------------
The following options are useful only for clients (that is, if
-**SocksPort**, **TransPort**, **DNSPort**, or **NATDPort** is non-zero):
+**SocksPort**, **HTTPTunnelPort**, **TransPort**, **DNSPort**, or
+**NATDPort** is non-zero):
[[Bridge]] **Bridge** [__transport__] __IP__:__ORPort__ [__fingerprint__]::
When set along with UseBridges, instructs Tor to use the relay at
@@ -1101,7 +1102,9 @@ The following options are useful only for clients (that is, if
Unsupported and force-disabled when using Unix domain sockets.)
**IsolateSOCKSAuth**;;
Don't share circuits with streams for which different
- SOCKS authentication was provided. (On by default;
+ SOCKS authentication was provided. (For HTTPTunnelPort
+ connections, this option looks at the Proxy-Authorization and
+ X-Tor-Stream-Isolation headers. On by default;
you can disable it with **NoIsolateSOCKSAuth**.)
**IsolateClientProtocol**;;
Don't share circuits with streams using a different protocol.
@@ -1322,6 +1325,14 @@ The following options are useful only for clients (that is, if
the node "foo". Disabled by default since attacking websites and exit
relays can use it to manipulate your path selection. (Default: 0)
+[[HTTPTunnelPort]] **HTTPTunnelPort** \['address':]__port__|**auto** [_isolation flags_]::
+ Open this port to listen for proxy connections using the "HTTP CONNECT"
+ protocol instead of SOCKS. Set this to 0
+ 0 if you don't want to allow "HTTP CONNECT" connections. Set the port
+ to "auto" to have Tor pick a port for you. This directive can be
+ specified multiple times to bind to multiple addresses/ports. See
+ SOCKSPort for an explanation of isolation flags. (Default: 0)
+
[[TransPort]] **TransPort** \['address':]__port__|**auto** [_isolation flags_]::
Open this port to listen for transparent proxy connections. Set this to
0 if you don't want to allow transparent proxy connections. Set the port