1 files changed, 119 insertions, 37 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 21b482802e..a02b1372c8 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -93,7 +93,9 @@ COMMAND-LINE OPTIONS
     into Tor.  (Any module not listed is not optional in this version of Tor.)
 
 [[opt-version]] **--version**::
-    Display Tor version and exit.
+    Display Tor version and exit. The output is a single line of the format
+    "Tor version [version number]."  (The version number format
+    is as specified in version-spec.txt.)
 
 [[opt-quiet]] **--quiet**|**--hush**::
     Override the default console log.  By default, Tor starts out logging
@@ -352,7 +354,7 @@ GENERAL OPTIONS
     all sockets will be set to this limit. Must be a value between 2048 and
     262144, in 1024 byte increments. Default of 8192 is recommended.
 
-[[ControlPort]] **ControlPort** __PORT__|**unix:**__path__|**auto** [__flags__]::
+[[ControlPort]] **ControlPort** \['address':]__port__|**unix:**__path__|**auto** [__flags__]::
     If set, Tor will accept connections on this port and allow those
     connections to control the Tor process using the Tor Control Protocol
     (described in control-spec.txt in
@@ -363,7 +365,8 @@ GENERAL OPTIONS
     methods means either method is sufficient to authenticate to Tor.) This
     option is required for many Tor controllers; most use the value of 9051.
     If a unix domain socket is used, you may quote the path using standard
-    C escape sequences.
+    C escape sequences. You can specify this directive multiple times, to
+    bind to multiple address/port pairs.
     Set it to "auto" to have Tor pick a port for you. (Default: 0) +
  +
     Recognized flags are...
@@ -602,20 +605,26 @@ GENERAL OPTIONS
     Otherwise the sandbox will be disabled. The option is currently an
     experimental feature. It only works on Linux-based operating systems,
     and only when Tor has been built with the libseccomp library. This option
-    can not be changed while tor is running.
+    can not be changed while tor is running. +
  +
-    When the Sandbox is 1, the following options can not be changed when tor
+    When the **Sandbox** is 1, the following options can not be changed when tor
     is running:
-    Address
-    ConnLimit
-    CookieAuthFile
-    DirPortFrontPage
-    ExtORPortCookieAuthFile
-    Logs
-    ServerDNSResolvConfFile
-    Tor must remain in client or server mode (some changes to ClientOnly and
-    ORPort are not allowed).
-    ClientOnionAuthDir and any files in it won't reload on HUP signal.
+    **Address**,
+    **ConnLimit**,
+    **CookieAuthFile**,
+    **DirPortFrontPage**,
+    **ExtORPortCookieAuthFile**,
+    **Logs**,
+    **ServerDNSResolvConfFile**,
+    **ClientOnionAuthDir** (and any files in it won't reload on HUP signal).
+ +
+    Launching new Onion Services through the control port is not supported
+    with current syscall sandboxing implementation.
+ +
+    Tor must remain in client or server mode (some changes to **ClientOnly**
+    and **ORPort** are not allowed). Currently, if **Sandbox** is 1,
+    **ControlPort** command "GETINFO address" will not work.
+ +
     (Default: 0)
 
 [[Socks4Proxy]] **Socks4Proxy** __host__[:__port__]::
@@ -673,7 +682,8 @@ GENERAL OPTIONS
  +
     The currently recognized domains are: general, crypto, net, config, fs,
     protocol, mm, http, app, control, circ, rend, bug, dir, dirserv, or, edge,
-    acct, hist, handshake, heartbeat, channel, sched, guard, consdiff, and dos.
+    acct, hist, handshake, heartbeat, channel, sched, guard, consdiff, dos,
+    process, pt, and btrack.
     Domain names are case-insensitive. +
  +
     For example, "`Log [handshake]debug [~net,~mm]info notice stdout`" sends
@@ -1015,6 +1025,26 @@ The following options are useful only for clients (that is, if
     The .exit address notation, if enabled via MapAddress, overrides
     this option.
 
+[[MiddleNodes]] **MiddleNodes** __node__,__node__,__...__::
+    A list of identity fingerprints and country codes of nodes
+    to use for "middle" hops in your normal circuits.
+    Normal circuits include all circuits except for direct connections
+    to directory servers. Middle hops are all hops other than exit and entry. +
++
+    This is an **experimental** feature that is meant to be used by researchers
+    and developers to test new features in the Tor network safely. Using it
+    without care will strongly influence your anonymity. This feature might get
+    removed in the future.
++
+    The HSLayer2Node and HSLayer3Node options override this option for onion
+    service circuits, if they are set. The vanguards addon will read this
+    option, and if set, it will set HSLayer2Nodes and HSLayer3Nodes to nodes
+    from this set.
++
+    The ExcludeNodes option overrides this option: any node listed in both
+    MiddleNodes and ExcludeNodes is treated as excluded. See
+    the **ExcludeNodes** option for more information on how to specify nodes.
+
 [[EntryNodes]] **EntryNodes** __node__,__node__,__...__::
     A list of identity fingerprints and country codes of nodes
     to use for the first hop in your normal circuits.
@@ -1031,13 +1061,14 @@ The following options are useful only for clients (that is, if
     If StrictNodes is set to 1, Tor will treat solely the ExcludeNodes option
     as a requirement to follow for all the circuits you generate, even if
     doing so will break functionality for you (StrictNodes applies to neither
-    ExcludeExitNodes nor to ExitNodes).  If StrictNodes is set to 0, Tor will
-    still try to avoid nodes in the ExcludeNodes list, but it will err on the
-    side of avoiding unexpected errors.  Specifically, StrictNodes 0 tells Tor
-    that it is okay to use an excluded node when it is *necessary* to perform
-    relay reachability self-tests, connect to a hidden service, provide a
-    hidden service to a client, fulfill a .exit request, upload directory
-    information, or download directory information.  (Default: 0)
+    ExcludeExitNodes nor to ExitNodes, nor to MiddleNodes).  If StrictNodes
+    is set to 0, Tor will still try to avoid nodes in the ExcludeNodes list,
+    but it will err on the side of avoiding unexpected errors.
+    Specifically, StrictNodes 0 tells Tor that it is okay to use an excluded
+    node when it is *necessary* to perform relay reachability self-tests,
+    connect to a hidden service, provide a hidden service to a client,
+    fulfill a .exit request, upload directory information, or download
+    directory information.  (Default: 0)
 
 [[FascistFirewall]] **FascistFirewall** **0**|**1**::
     If 1, Tor will only create outgoing connections to ORs running on ports
@@ -1132,17 +1163,18 @@ The following options are useful only for clients (that is, if
 
     1. When evaluating MapAddress expressions Tor stops when it hits the most
     recently added expression that matches the requested address. So if you
-    have the following in your torrc, www.torproject.org will map to 1.1.1.1:
+    have the following in your torrc, www.torproject.org will map to
+    198.51.100.1:
 
-     MapAddress www.torproject.org 2.2.2.2
-     MapAddress www.torproject.org 1.1.1.1
+     MapAddress www.torproject.org 192.0.2.1
+     MapAddress www.torproject.org 198.51.100.1
 
     2. Tor evaluates the MapAddress configuration until it finds no matches. So
     if you have the following in your torrc, www.torproject.org will map to
-    2.2.2.2:
+    203.0.113.1:
 
-      MapAddress 1.1.1.1 2.2.2.2
-      MapAddress www.torproject.org 1.1.1.1
+      MapAddress 198.51.100.1 203.0.113.1
+      MapAddress www.torproject.org 198.51.100.1
 
     3. The following MapAddress expression is invalid (and will be
     ignored) because you cannot map from a specific address to a wildcard
@@ -1202,6 +1234,8 @@ The following options are useful only for clients (that is, if
         information to anybody watching your network, and allow anybody
         to use your computer as an open proxy. +
  +
+    If multiple entries of this option are present in your configuration
+    file, Tor will perform stream isolation between listeners by default.
     The _isolation flags_ arguments give Tor rules for which streams
     received on this SocksPort are allowed to share circuits with one
     another.  Recognized isolation flags are:
@@ -1444,14 +1478,18 @@ The following options are useful only for clients (that is, if
     protocol instead of SOCKS. Set this to
     0 if you don't want to allow "HTTP CONNECT" connections. Set the port
     to "auto" to have Tor pick a port for you. This directive can be
-    specified multiple times to bind to multiple addresses/ports.  See
+    specified multiple times to bind to multiple addresses/ports. If multiple
+    entries of this option are present in your configuration file, Tor will
+    perform stream isolation between listeners by default. See
     SOCKSPort for an explanation of isolation flags. (Default: 0)
 
 [[TransPort]] **TransPort**  \['address':]__port__|**auto** [_isolation flags_]::
     Open this port to listen for transparent proxy connections.  Set this to
     0 if you don't want to allow transparent proxy connections.  Set the port
     to "auto" to have Tor pick a port for you. This directive can be
-    specified multiple times to bind to multiple addresses/ports.  See
+    specified multiple times to bind to multiple addresses/ports. If multiple
+    entries of this option are present in your configuration file, Tor will
+    perform stream isolation between listeners by default.  See
     SOCKSPort for an explanation of isolation flags. +
  +
     TransPort requires OS support for transparent proxies, such as BSDs' pf or
@@ -1488,7 +1526,9 @@ The following options are useful only for clients (that is, if
     included in old versions of FreeBSD, etc) using the NATD protocol.
     Use 0 if you don't want to allow NATD connections.  Set the port
     to "auto" to have Tor pick a port for you. This directive can be
-    specified multiple times to bind to multiple addresses/ports.  See
+    specified multiple times to bind to multiple addresses/ports.  If multiple
+    entries of this option are present in your configuration file, Tor will
+    perform stream isolation between listeners by default. See
     SocksPort for an explanation of isolation flags. +
  +
     This option is only for people who cannot use TransPort. (Default: 0)
@@ -1753,6 +1793,12 @@ The following options are useful only for clients (that is, if
     other clients prefer IPv4. Other things may influence the choice. This
     option breaks a tie to the favor of IPv6. (Default: auto)
 
+[[ClientAutoIPv6ORPort]] **ClientAutoIPv6ORPort** **0**|**1**::
+    If this option is set to 1, Tor clients randomly prefer a node's IPv4 or
+    IPv6 ORPort. The random preference is set every time a node is loaded
+    from a new consensus or bridge config. When this option is set to 1,
+    **ClientPreferIPv6ORPort** is ignored. (Default: 0)
+
 [[PathsNeededToBuildCircuits]] **PathsNeededToBuildCircuits** __NUM__::
     Tor clients don't build circuits for user traffic until they know
     about enough of the network so that they could potentially construct
@@ -1794,6 +1840,43 @@ The following options are useful only for clients (that is, if
     Try this many simultaneous connections to download a consensus before
     waiting for one to complete, timeout, or error out. (Default: 3)
 
+[[DormantClientTimeout]] **DormantClientTimeout**  __N__ **minutes**|**hours**|**days**|**weeks**::
+    If Tor spends this much time without any client activity,
+    enter a dormant state where automatic circuits are not built, and
+    directory information is not fetched.
+    Does not affect servers or onion services. Must be at least 10 minutes.
+    (Default: 24 hours)
+
+[[DormantTimeoutDisabledByIdleStreams]] **DormantTimeoutDisabledByIdleStreams**  **0**|**1**::
+    If true, then any open client stream (even one not reading or writing)
+    counts as client activity for the purpose of DormantClientTimeout.
+    If false, then only network activity counts. (Default: 1)
+
+[[DormantOnFirstStartup]] **DormantOnFirstStartup** **0**|**1**::
+    If true, then the first time Tor starts up with a fresh DataDirectory,
+    it starts in dormant mode, and takes no actions until the user has made
+    a request.  (This mode is recommended if installing a Tor client for a
+    user who might not actually use it.)  If false, Tor bootstraps the first
+    time it is started, whether it sees a user request or not.
+ +
+    After the first time Tor starts, it begins in dormant mode if it was
+    dormant before, and not otherwise. (Default: 0)
+
+[[DormantCanceledByStartup]] **DormantCanceledByStartup** **0**|**1**::
+    By default, Tor starts in active mode if it was active the last time
+    it was shut down, and in dormant mode if it was dormant.  But if
+    this option is true, Tor treats every startup event as user
+    activity, and Tor will never start in Dormant mode, even if it has
+    been unused for a long time on previous runs. (Default: 0)
+ +
+    Note: Packagers and application developers should change the value of
+    this option only with great caution: it has the potential to
+    create spurious traffic on the network.  This option should only
+    be used if Tor is started by an affirmative user activity (like
+    clicking on an applcation or running a command), and not if Tor
+    is launched for some other reason (for example, by a startup
+    process, or by an application that launches itself on every login.)
+
 SERVER OPTIONS
 --------------
 
@@ -2217,7 +2300,8 @@ is non-zero):
     __filename__. The file format is the same as the standard Unix
     "**resolv.conf**" file (7). This option, like all other ServerDNS options,
     only affects name lookups that your server does on behalf of clients.
-    (Defaults to use the system DNS configuration.)
+    (Defaults to use the system DNS configuration or a localhost DNS service
+    in case no nameservers are found in a given configuration.)
 
 [[ServerDNSAllowBrokenConfig]] **ServerDNSAllowBrokenConfig** **0**|**1**::
     If this option is false, Tor exits immediately if there are problems
@@ -2806,6 +2890,8 @@ The following options are used to configure a hidden service.
     Store data files for a hidden service in DIRECTORY. Every hidden service
     must have a separate directory. You may use this option  multiple times to
     specify multiple services. If DIRECTORY does not exist, Tor will create it.
+    Please note that you cannot add new Onion Service to already running Tor
+    instance if **Sandbox** is enabled.
     (Note: in current versions of Tor, if DIRECTORY is a relative path,
     it will be relative to the current
     working directory of Tor instance, not to its DataDirectory.  Do not
@@ -3260,10 +3346,6 @@ __CacheDirectory__**/cached-microdescs** and **cached-microdescs.new**::
     router. The ".new" file is an append-only journal; when it gets too
     large, all entries are merged into a new cached-microdescs file.
 
-__CacheDirectory__**/cached-routers** and **cached-routers.new**::
-    Obsolete versions of cached-descriptors and cached-descriptors.new. When
-    Tor can't find the newer files, it looks here instead.
-
 __DataDirectory__**/state**::
     A set of persistent key-value mappings. These are documented in
     the file. These include: