diff options
Diffstat (limited to 'src/app/config/or_options_st.h')
| -rw-r--r-- | src/app/config/or_options_st.h | 46 |
1 files changed, 12 insertions, 34 deletions
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h index 440c987365..151b77c457 100644 --- a/src/app/config/or_options_st.h +++ b/src/app/config/or_options_st.h @@ -1,7 +1,7 @@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2020, The Tor Project, Inc. */ + * Copyright (c) 2007-2021, The Tor Project, Inc. */ /* See LICENSE for licensing information */ /** @@ -336,7 +336,7 @@ struct or_options_t { /* Makes hidden service clients and servers non-anonymous on this tor * instance. Allows the non-anonymous HiddenServiceSingleHopMode. Enables * non-anonymous behaviour in the hidden service protocol. - * Use rend_service_non_anonymous_mode_enabled() instead of using this option + * Use hs_service_non_anonymous_mode_enabled() instead of using this option * directly. */ int HiddenServiceNonAnonymousMode; @@ -428,9 +428,6 @@ struct or_options_t { int NumCPUs; /**< How many CPUs should we try to use? */ struct config_line_t *RendConfigLines; /**< List of configuration lines * for rendezvous services. */ - struct config_line_t *HidServAuth; /**< List of configuration lines for - * client-side authorizations for hidden - * services */ char *ClientOnionAuthDir; /**< Directory to keep client * onion service authorization secret keys */ char *ContactInfo; /**< Contact info to be published in the directory. */ @@ -677,6 +674,9 @@ struct or_options_t { /** If true, include statistics file contents in extra-info documents. */ int ExtraInfoStatistics; + /** If true, include overload statistics in extra-info documents. */ + int OverloadStatistics; + /** If true, do not believe anybody who tells us that a domain resolves * to an internal address, or that an internal address has a PTR mapping. * Helps avoid some cross-site attacks. */ @@ -1031,40 +1031,18 @@ struct or_options_t { */ int DisableSignalHandlers; - /** Autobool: Is the circuit creation DoS mitigation subsystem enabled? */ - int DoSCircuitCreationEnabled; - /** Minimum concurrent connection needed from one single address before any - * defense is used. */ - int DoSCircuitCreationMinConnections; - /** Circuit rate used to refill the token bucket. */ - int DoSCircuitCreationRate; - /** Maximum allowed burst of circuits. Reaching that value, the address is - * detected as malicious and a defense might be used. */ - int DoSCircuitCreationBurst; - /** When an address is marked as malicious, what defense should be used - * against it. See the dos_cc_defense_type_t enum. */ - int DoSCircuitCreationDefenseType; - /** For how much time (in seconds) the defense is applicable for a malicious - * address. A random time delta is added to the defense time of an address - * which will be between 1 second and half of this value. */ - int DoSCircuitCreationDefenseTimePeriod; - - /** Autobool: Is the DoS connection mitigation subsystem enabled? */ - int DoSConnectionEnabled; - /** Maximum concurrent connection allowed per address. */ - int DoSConnectionMaxConcurrentCount; - /** When an address is reaches the maximum count, what defense should be - * used against it. See the dos_conn_defense_type_t enum. */ - int DoSConnectionDefenseType; - - /** Autobool: Do we refuse single hop client rendezvous? */ - int DoSRefuseSingleHopClientRendezvous; - /** Interval: how long without activity does it take for a client * to become dormant? **/ int DormantClientTimeout; + /** + * Boolean: If enabled, then we consider the timeout when deciding whether + * to be dormant. If not enabled, then only the SIGNAL ACTIVE/DORMANT + * controls can change our status. + **/ + int DormantTimeoutEnabled; + /** Boolean: true if having an idle stream is sufficient to prevent a client * from becoming dormant. **/ |