1 files changed, 33 insertions, 16 deletions

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index e87385f857..3dd7f5a64a 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -186,6 +186,13 @@ The following options in this section are only recognized on the
     ISO-8601 format.  For example, the output sent to stdout will be
     of the form: "signing-cert-expiry: 2017-07-25 08:30:15 UTC"
 
+[[opt-dbg]] **--dbg-**...::
+    Tor may support other options beginning with the string "dbg". These
+    are intended for use by developers to debug and test Tor. They are
+    not supported or guaranteed to be stable, and you should probably
+    not use them.
+
+
 [[conf-format]]
 == THE CONFIGURATION FILE FORMAT
 
@@ -204,6 +211,8 @@ file will be parsed as if they were written where the %include option is. If
 the path is a folder, all files on that folder will be parsed following lexical
 order. Files starting with a dot are ignored. Files on subfolders are ignored.
 The %include option can be used recursively.
+New configuration files or directories cannot be added to already running Tor
+instance if **Sandbox** is enabled.
 
 By default, an option on the command line overrides an option found in the
 configuration file, and an option in a configuration file overrides one in
@@ -525,9 +534,9 @@ forward slash (/) in the configuration file and on the command line.
 
 [[ExtendByEd25519ID]] **ExtendByEd25519ID** **0**|**1**|**auto**::
     If this option is set to 1, we always try to include a relay's Ed25519 ID
-    when telling the proceeding relay in a circuit to extend to it.
+    when telling the preceding relay in a circuit to extend to it.
     If this option is set to 0, we never include Ed25519 IDs when extending
-    circuits.  If the option is set to "default", we obey a
+    circuits.  If the option is set to "auto", we obey a
     parameter in the consensus document. (Default: auto)
 
 [[ExtORPort]] **ExtORPort** ['address'**:**]{empty}__port__|**auto**::
@@ -848,6 +857,10 @@ forward slash (/) in the configuration file and on the command line.
     and **ORPort** are not allowed). Currently, if **Sandbox** is 1,
     **ControlPort** command "GETINFO address" will not work. +
      +
+    When using %include in the tor configuration files, reloading the tor
+    configuration is not supported after adding new configuration files or
+    directories. +
+     +
     (Default: 0)
 
 [[Schedulers]] **Schedulers** **KIST**|**KISTLite**|**Vanilla**::
@@ -1556,15 +1569,13 @@ The following options are useful only for clients (that is, if
 
           X'F2' Onion Service Introduction Failed
 
-            Client failed to introduce to the service meaning the descriptor
-            was found but the service is not connected anymore to the
-            introduction point. The service has likely changed its descriptor
-            or is not running. (v3 only)
+            All introduction attempts failed either due to a combination of
+            NACK by the intro point or time out. (v3 only)
 
           X'F3' Onion Service Rendezvous Failed
 
-            Client failed to rendezvous with the service which means that the
-            client is unable to finalize the connection. (v3 only)
+            Every rendezvous circuit has timed out and thus the client is
+            unable to rendezvous with the service. (v3 only)
 
           X'F4' Onion Service Missing Client Authorization
 
@@ -1585,6 +1596,11 @@ The following options are useful only for clients (that is, if
             error is returned: address checksum doesn't match, ed25519 public
             key is invalid or the encoding is invalid. (v3 only)
 
+          X'F7' Onion Service Introduction Timed Out
+
+            Similar to X'F2' code but in this case, all introduction attempts
+            have failed due to a time out. (v3 only)
+
 // Anchor only for formatting, not visible in the man page.
 [[SocksPortFlagsMisc]]::
     Flags are processed left to right. If flags conflict, the last flag on the
@@ -3714,14 +3730,15 @@ __DataDirectory__/**`hashed-fingerprint`**::
     identity key. (That is, the hash of the hash of the identity key.)
 
 __DataDirectory__/**`approved-routers`**::
-    Only used by authoritative directory servers. This file lists the status
-    and a fingerprint/pubkey. Each line lists a status and a fingerprint
-    separated by whitespace. See your **fingerprint** file in the
-    __DataDirectory__ for an example fingerprint line. If the status is
-    **!reject** then descriptors from the given identity (fingerprint/pubkey)
-    are rejected by this server. If it is **!invalid** then descriptors are
-    accepted but marked in the directory as not valid, that is, not
-    recommended.
+    Only used by authoritative directory servers. Each line lists a status and
+    an identity, separated by whitespace. Identities can be hex-encoded RSA
+    fingerprints, or base-64 encoded ed25519 public keys. See the
+    **fingerprint** file in a tor relay's __DataDirectory__ for an example
+    fingerprint line. If the status is **!reject**, then descriptors from the
+    given identity are rejected by this server. If it is **!invalid** then
+    descriptors are accepted, but marked in the directory as not valid, that
+    is, not recommended. In either case, the corresponding relays are not
+    included in the consensus.
 
 __DataDirectory__/**`v3-status-votes`**::
     Only for v3 authoritative directory servers. This file contains status