1 files changed, 82 insertions, 24 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index b2ee84837a..ca686281b8 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -379,12 +379,6 @@ GENERAL OPTIONS
     chosen with their regular weights, multiplied by this number, which
     should be 1.0 or less. (Default: 1.0)
 
-[[DynamicDHGroups]] **DynamicDHGroups** **0**|**1**::
-    If this option is set to 1, when running as a server, generate our
-    own Diffie-Hellman group instead of using the one from Apache's mod_ssl.
-    This option may help circumvent censorship based on static
-    Diffie-Hellman parameters. (Default: 0)
-
 [[AlternateDirAuthority]] **AlternateDirAuthority** [__nickname__] [**flags**] __address__:__port__ __fingerprint__ +
 
 [[AlternateBridgeAuthority]] **AlternateBridgeAuthority** [__nickname__] [**flags**] __address__:__port__ __ fingerprint__::
@@ -1325,7 +1319,7 @@ The following options are useful only for clients (that is, if
 [[DownloadExtraInfo]] **DownloadExtraInfo** **0**|**1**::
     If true, Tor downloads and caches "extra-info" documents. These documents
     contain information about servers other than the information in their
-    regular router descriptors. Tor does not use this information for anything
+    regular server descriptors. Tor does not use this information for anything
     itself; to save bandwidth, leave this option turned off. (Default: 0)
 
 [[WarnPlaintextPorts]] **WarnPlaintextPorts** __port__,__port__,__...__::
@@ -1504,8 +1498,8 @@ is non-zero):
 [[BridgeRelay]] **BridgeRelay** **0**|**1**::
     Sets the relay to act as a "bridge" with respect to relaying connections
     from bridge users to the Tor network. It mainly causes Tor to publish a
-    server descriptor to the bridge database, rather than publishing a relay
-    descriptor to the public directory authorities.
+    server descriptor to the bridge database, rather than
+    to the public directory authorities.
 
 [[ContactInfo]] **ContactInfo** __email_address__::
     Administrative contact information for this relay or bridge. This line
@@ -1804,27 +1798,53 @@ is non-zero):
     (Default: P256)
 
 [[CellStatistics]] **CellStatistics** **0**|**1**::
-    When this option is enabled, Tor writes statistics on the mean time that
-    cells spend in circuit queues to disk every 24 hours. (Default: 0)
+    Relays only.
+    When this option is enabled, Tor collects statistics about cell
+    processing (i.e. mean time a cell is spending in a queue, mean
+    number of cells in a queue and mean number of processed cells per
+    circuit) and writes them into disk every 24 hours. Onion router
+    operators may use the statistics for performance monitoring.
+    If ExtraInfoStatistics is enabled, it will published as part of
+    extra-info document. (Default: 0)
 
 [[DirReqStatistics]] **DirReqStatistics** **0**|**1**::
+    Relays and bridges only.
     When this option is enabled, a Tor directory writes statistics on the
     number and response time of network status requests to disk every 24
-    hours. (Default: 1)
+    hours. Enables relay and bridge operators to monitor how much their
+    server is being used by clients to learn about Tor network.
+    If ExtraInfoStatistics is enabled, it will published as part of
+    extra-info document. (Default: 1)
 
 [[EntryStatistics]] **EntryStatistics** **0**|**1**::
+    Relays only.
     When this option is enabled, Tor writes statistics on the number of
-    directly connecting clients to disk every 24 hours. (Default: 0)
+    directly connecting clients to disk every 24 hours. Enables relay
+    operators to monitor how much inbound traffic that originates from
+    Tor clients passes through their server to go further down the
+    Tor network. If ExtraInfoStatistics is enabled, it will be published
+    as part of extra-info document. (Default: 0)
 
 [[ExitPortStatistics]] **ExitPortStatistics** **0**|**1**::
-    When this option is enabled, Tor writes statistics on the number of relayed
-    bytes and opened stream per exit port to disk every 24 hours. (Default: 0)
+    Exit relays only.
+    When this option is enabled, Tor writes statistics on the number of
+    relayed bytes and opened stream per exit port to disk every 24 hours.
+    Enables exit relay operators to measure and monitor amounts of traffic
+    that leaves Tor network through their exit node. If ExtraInfoStatistics
+    is enabled, it will be published as part of extra-info document.
+    (Default: 0)
 
 [[ConnDirectionStatistics]] **ConnDirectionStatistics** **0**|**1**::
-    When this option is enabled, Tor writes statistics on the bidirectional use
-    of connections to disk every 24 hours. (Default: 0)
+    Relays only.
+    When this option is enabled, Tor writes statistics on the amounts of
+    traffic it passes between itself and other relays to disk every 24
+    hours. Enables relay operators to monitor how much their relay is
+    being used as middle node in the circuit. If ExtraInfoStatistics is
+    enabled, it will be published as part of extra-info document.
+    (Default: 0)
 
 [[HiddenServiceStatistics]] **HiddenServiceStatistics** **0**|**1**::
+    Relays only.
     When this option is enabled, a Tor relay writes obfuscated
     statistics on its role as hidden-service directory, introduction
     point, or rendezvous point to disk every 24 hours. If
@@ -1851,6 +1871,13 @@ is non-zero):
     this.  If this option is set to 0, Tor will try to pick a reasonable
     default based on your system's physical memory.  (Default: 0)
 
+[[SigningKeyLifetime]] **SigningKeyLifetime** __N__ **days**|**weeks**|**months**::
+    For how long should each Ed25519 signing key be valid?  Tor uses a
+    permanent master identity key that can be kept offline, and periodically
+    generates new "signing" keys that it uses online.  This option
+    configures their lifetime.
+    (Default: 30 days)
+
 DIRECTORY SERVER OPTIONS
 ------------------------
 
@@ -1943,7 +1970,7 @@ on the public Tor network.
 
 [[BridgeAuthoritativeDir]] **BridgeAuthoritativeDir** **0**|**1**::
     When this option is set in addition to **AuthoritativeDirectory**, Tor
-    accepts and serves router descriptors, but it caches and serves the main
+    accepts and serves server descriptors, but it caches and serves the main
     networkstatus documents rather than generating its own. (Default: 0)
 
 [[MinUptimeHidServDirectoryV2]] **MinUptimeHidServDirectoryV2** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**::
@@ -1962,9 +1989,9 @@ on the public Tor network.
     in the "params" line of its networkstatus vote.
 
 [[DirAllowPrivateAddresses]] **DirAllowPrivateAddresses** **0**|**1**::
-    If set to 1, Tor will accept router descriptors with arbitrary "Address"
+    If set to 1, Tor will accept server descriptors with arbitrary "Address"
     elements. Otherwise, if the address is not an IP address or is a private IP
-    address, it will reject the router descriptor. (Default: 0)
+    address, it will reject the server descriptor. (Default: 0)
 
 [[AuthDirBadExit]] **AuthDirBadExit** __AddressPattern...__::
     Authoritative directories only. A set of address patterns for servers that
@@ -2143,6 +2170,16 @@ The following options are used to configure a hidden service.
    not an authorization mechanism; it is instead meant to be a mild
    inconvenience to port-scanners.) (Default: 0)
 
+[[HiddenServiceMaxStreams]] **HiddenServiceMaxStreams** __N__::
+   The maximum number of simultaneous streams (connections) per rendezvous
+   circuit. (Setting this to 0 will allow an unlimited number of simultanous
+   streams.) (Default: 0)
+
+[[HiddenServiceMaxStreamsCloseCircuit]] **HiddenServiceMaxStreamsCloseCircuit** **0**|**1**::
+   If set to 1, then exceeding **HiddenServiceMaxStreams** will cause the
+   offending rendezvous circuit to be torn down, as opposed to stream creation
+   requests that exceed the limit being silently ignored. (Default: 0)
+
 [[RendPostPeriod]] **RendPostPeriod** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**::
     Every time the specified period elapses, Tor uploads any rendezvous
     service descriptors to the directory servers. This information  is also
@@ -2154,6 +2191,10 @@ The following options are used to configure a hidden service.
     only owner is able to read the hidden service directory. (Default: 0)
     Has no effect on Windows.
 
+[[HiddenServiceNumIntroductionPoints]] **HiddenServiceNumIntroductionPoints** __NUM__::
+    Number of introduction points the hidden service will have. You can't
+    have more than 10. (Default: 3)
+
 TESTING NETWORK OPTIONS
 -----------------------
 
@@ -2226,7 +2267,7 @@ The following options are used for running a testing Tor network.
     that **TestingTorNetwork** is set.  (Default: 30 minutes)
 
 [[TestingEstimatedDescriptorPropagationTime]] **TestingEstimatedDescriptorPropagationTime** __N__ **minutes**|**hours**::
-    Clients try downloading router descriptors from directory caches after this
+    Clients try downloading server descriptors from directory caches after this
     time. Changing this requires that **TestingTorNetwork** is set. (Default:
     10 minutes)
 
@@ -2274,7 +2315,7 @@ The following options are used for running a testing Tor network.
     this requires that **TestingTorNetwork** is set. (Default: 8)
 
 [[TestingDescriptorMaxDownloadTries]] **TestingDescriptorMaxDownloadTries** __NUM__::
-    Try this often to download a router descriptor before giving up.
+    Try this often to download a server descriptor before giving up.
     Changing this requires that **TestingTorNetwork** is set. (Default: 8)
 
 [[TestingMicrodescMaxDownloadTries]] **TestingMicrodescMaxDownloadTries** __NUM__::
@@ -2333,6 +2374,23 @@ The following options are used for running a testing Tor network.
     authority on a testing network. Overrides the usual default lower bound
     of 4 KB. (Default: 0)
 
+[[TestingLinkCertLifetime]] **TestingLinkCertifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**::
+    Overrides the default lifetime for the certificates used to authenticate
+    our X509 link cert with our ed25519 signing key.
+    (Default: 2 days)
+
+[[TestingAuthKeyLifetime]] **TestingAuthKeyLifetime** __N__ **seconds**|**minutes**|**hours**|**days**|**weeks**|**months**::
+    Overrides the default lifetime for a signing Ed25519 TLS Link authentication
+    key.
+    (Default: 2 days)
+
+[[TestingLinkKeySlop]] **TestingLinkKeySlop** __N__ **seconds**|**minutes**|**hours**::
+[[TestingAuthKeySlop]] **TestingAuthKeySlop** __N__ **seconds**|**minutes**|**hours**::
+[[TestingSigningKeySlop]] **TestingSigningKeySlop** __N__ **seconds**|**minutes**|**hours**::
+    How early before the official expiration of a an Ed25519 signing key do
+    we replace it and issue a new key?
+    (Default: 3 hours for link and auth; 1 day for signing.)
+
 SIGNALS
 -------
 
@@ -2416,7 +2474,7 @@ __DataDirectory__**/state**::
             below).
             - When the file was last written
             - What version of Tor generated the state file
-            - A short history of bandwidth usage, as produced in the router
+            - A short history of bandwidth usage, as produced in the server
             descriptors.
 
 __DataDirectory__**/bw_accounting**::
@@ -2461,7 +2519,7 @@ __DataDirectory__**/unverified-microdesc-consensus**::
     to check yet.
 
 __DataDirectory__**/unparseable-desc**::
-    Onion router descriptors that Tor was unable to parse are dumped to this
+    Onion server descriptors that Tor was unable to parse are dumped to this
     file. Only used for debugging.
 
 __DataDirectory__**/router-stability**::