1 files changed, 39 insertions, 25 deletions

diff --git a/control-spec.txt b/control-spec.txt
index 01063b0..f09640c 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -811,6 +811,7 @@
      if unknown
 
     "dir/status-vote/current/consensus" [added in Tor 0.2.1.6-alpha]
+    "dir/status-vote/current/consensus-microdesc" [added in Tor 0.4.3.1-alpha]
     "dir/status/authority"
     "dir/status/fp/<F>"
     "dir/status/fp/<F1>+<F2>+<F3>"
@@ -1131,6 +1132,14 @@
       0 or 1, depending on whether it is possible to use SAVECONF without the
       FORCE flag. (Introduced in 0.3.1.1-alpha.)
 
+    "limits/max-mem-in-queues"
+      The amount of memory that Tor's out-of-memory checker will allow
+      Tor to allocate (in places it can see) before it starts freeing memory
+      and killing circuits. See the MaxMemInQueues option for more
+      details. Unlike the option, this value reflects Tor's actual limit, and
+      may be adjusted depending on the available system memory rather than on
+      the MaxMemInQueues option. (Introduced in 0.2.5.4-alpha)
+
   Examples:
      C: GETINFO version desc/name/moria1
      S: 250+desc/name/moria=
@@ -1596,17 +1605,18 @@
     KeyType =
      "NEW"     / ; The server should generate a key of algorithm KeyBlob
      "RSA1024" / ; The server should use the 1024 bit RSA key provided
-                   in as KeyBlob
+                   in as KeyBlob (v2).
      "ED25519-V3"; The server should use the ed25519 v3 key provided in as
-                   KeyBlob
+                   KeyBlob (v3).
 
     KeyBlob =
      "BEST"    / ; The server should generate a key using the "best"
-                   supported algorithm (KeyType == "NEW")
+                   supported algorithm (KeyType == "NEW").
+                   [As of 0.4.2.3-alpha, ED25519-V3 is used]
      "RSA1024" / ; The server should generate a 1024 bit RSA key
-                   (KeyType == "NEW")
+                   (KeyType == "NEW") (v2).
      "ED25519-V3"; The server should generate an ed25519 private key
-                   (KeyType == "NEW")
+                   (KeyType == "NEW") (v3).
      String      ; A serialized private key (without whitespace)
 
     Flag =
@@ -1615,7 +1625,7 @@
      "Detach"    / ; Do not associate the newly created Onion Service
                      to the current control connection.
      "BasicAuth" / ; Client authorization is required using the "basic"
-                     method.
+                     method (v2 only).
      "NonAnonymous" /; Add a non-anonymous Single Onion Service. Tor
                        checks this flag matches its configured hidden
                        service anonymity mode.
@@ -1633,10 +1643,10 @@
              optional HiddenServicePort "TARGET" argument).
 
     ClientName = An identifier 1 to 16 characters long, using only
-                 characters in A-Za-z0-9+-_ (no spaces).
+                 characters in A-Za-z0-9+-_ (no spaces) (v2 only).
 
     ClientBlob = Authorization data for the client, in an opaque format
-                 specific to the authorization method.
+                 specific to the authorization method (v2 only).
 
   The server reply format is:
     "250-ServiceID=" ServiceID CRLF
@@ -1659,11 +1669,11 @@
   way to recreate the generated keypair and the corresponding Onion
   Service at a later date).
 
-  If client authorization is enabled using the "BasicAuth" flag, the
-  service will not be accessible to clients without valid authorization
-  data (configured with the "HidServAuth" option).  The list of authorized
-  clients is specified with one or more "ClientAuth" parameters.  If
-  "ClientBlob" is not specified for a client, a new credential will be
+  If client authorization is enabled using the "BasicAuth" flag (which is v2
+  only), the service will not be accessible to clients without valid
+  authorization data (configured with the "HidServAuth" option).  The list of
+  authorized clients is specified with one or more "ClientAuth" parameters.
+  If "ClientBlob" is not specified for a client, a new credential will be
   randomly generated and returned.
 
   Tor instances can either be in anonymous hidden service mode, or
@@ -1701,13 +1711,9 @@
   PRF secret, and just pay the cost of recomputing the public key when
   importing an ED25519-V3 key.]
 
-  (The "NEW:BEST" option obeys the HiddenServiceVersion torrc option default
-  value. Since 0.3.5.1-alpha, it is 3. For Tor versions before 0.3.5.1-alpha,
-  default HiddenServiceVersion is 2.)
-
   Examples:
      C: ADD_ONION NEW:BEST Flags=DiscardPK Port=80
-     S: 250-ServiceID=exampleonion1234
+     S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad
      S: 250 OK
 
      C: ADD_ONION RSA1024:[Blob Redacted] Port=80,192.168.1.1:8080
@@ -1715,11 +1721,11 @@
      S: 250 OK
 
      C: ADD_ONION NEW:BEST Port=22 Port=80,8080
-     S: 250-ServiceID=testonion1234567
-     S: 250-PrivateKey=RSA1024:[Blob Redacted]
+     S: 250-ServiceID=sampleonion4t2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad
+     S: 250-PrivateKey=ED25519-V3:[Blob Redacted]
      S: 250 OK
 
-     C: ADD_ONION NEW:BEST Flags=DiscardPK,BasicAuth Port=22
+     C: ADD_ONION NEW:RSA1024 Flags=DiscardPK,BasicAuth Port=22
         ClientAuth=alice:[Blob Redacted] ClientAuth=bob
      S: 250-ServiceID=testonion1234567
      S: 250-ClientAuth=bob:[Blob Redacted]
@@ -1728,7 +1734,7 @@
   Examples with Tor in anonymous onion service mode:
 
      C: ADD_ONION NEW:BEST Flags=DiscardPK Port=22
-     S: 250-ServiceID=testonion1234567
+     S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad
      S: 250 OK
 
      C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22
@@ -1740,13 +1746,13 @@
      S: 512 Tor is in non-anonymous hidden service mode
 
      C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22
-     S: 250-ServiceID=testonion1234567
+     S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad
      S: 250 OK
 
   [ADD_ONION was added in Tor 0.2.7.1-alpha.]
-  [ClientAuth was added in Tor 0.2.9.1-alpha.]
-  [NonAnonymous was added in Tor 0.2.9.3-alpha.]
   [MaxStreams and MaxStreamsCloseCircuit were added in Tor 0.2.7.2-alpha]
+  [ClientAuth was added in Tor 0.2.9.1-alpha. It is v2 only.]
+  [NonAnonymous was added in Tor 0.2.9.3-alpha.]
   [HS v3 support added 0.3.3.1-alpha]
 
 3.28. DEL_ONION
@@ -2340,6 +2346,14 @@
 
      Severity = "DEBUG" / "INFO" / "NOTICE" / "WARN"/ "ERR"
 
+  Some low-level logs may be sent from signal handlers, so their destination
+  logs must be signal-safe. These low-level logs include backtraces,
+  logging function errors, and errors in code called by logging functions.
+  Signal-safe logs are never sent as control port log events.
+
+  Control port message trace debug logs are never sent as control port log
+  events, to avoid modifying control output when debugging.
+
 4.1.6. New descriptors available
 
   This event is generated when new router descriptors (not microdescs or