diff options
Diffstat (limited to 'control-spec.txt')
-rw-r--r-- | control-spec.txt | 64 |
1 files changed, 39 insertions, 25 deletions
diff --git a/control-spec.txt b/control-spec.txt index 01063b0..f09640c 100644 --- a/control-spec.txt +++ b/control-spec.txt @@ -811,6 +811,7 @@ if unknown "dir/status-vote/current/consensus" [added in Tor 0.2.1.6-alpha] + "dir/status-vote/current/consensus-microdesc" [added in Tor 0.4.3.1-alpha] "dir/status/authority" "dir/status/fp/<F>" "dir/status/fp/<F1>+<F2>+<F3>" @@ -1131,6 +1132,14 @@ 0 or 1, depending on whether it is possible to use SAVECONF without the FORCE flag. (Introduced in 0.3.1.1-alpha.) + "limits/max-mem-in-queues" + The amount of memory that Tor's out-of-memory checker will allow + Tor to allocate (in places it can see) before it starts freeing memory + and killing circuits. See the MaxMemInQueues option for more + details. Unlike the option, this value reflects Tor's actual limit, and + may be adjusted depending on the available system memory rather than on + the MaxMemInQueues option. (Introduced in 0.2.5.4-alpha) + Examples: C: GETINFO version desc/name/moria1 S: 250+desc/name/moria= @@ -1596,17 +1605,18 @@ KeyType = "NEW" / ; The server should generate a key of algorithm KeyBlob "RSA1024" / ; The server should use the 1024 bit RSA key provided - in as KeyBlob + in as KeyBlob (v2). "ED25519-V3"; The server should use the ed25519 v3 key provided in as - KeyBlob + KeyBlob (v3). KeyBlob = "BEST" / ; The server should generate a key using the "best" - supported algorithm (KeyType == "NEW") + supported algorithm (KeyType == "NEW"). + [As of 0.4.2.3-alpha, ED25519-V3 is used] "RSA1024" / ; The server should generate a 1024 bit RSA key - (KeyType == "NEW") + (KeyType == "NEW") (v2). "ED25519-V3"; The server should generate an ed25519 private key - (KeyType == "NEW") + (KeyType == "NEW") (v3). String ; A serialized private key (without whitespace) Flag = @@ -1615,7 +1625,7 @@ "Detach" / ; Do not associate the newly created Onion Service to the current control connection. "BasicAuth" / ; Client authorization is required using the "basic" - method. + method (v2 only). "NonAnonymous" /; Add a non-anonymous Single Onion Service. Tor checks this flag matches its configured hidden service anonymity mode. @@ -1633,10 +1643,10 @@ optional HiddenServicePort "TARGET" argument). ClientName = An identifier 1 to 16 characters long, using only - characters in A-Za-z0-9+-_ (no spaces). + characters in A-Za-z0-9+-_ (no spaces) (v2 only). ClientBlob = Authorization data for the client, in an opaque format - specific to the authorization method. + specific to the authorization method (v2 only). The server reply format is: "250-ServiceID=" ServiceID CRLF @@ -1659,11 +1669,11 @@ way to recreate the generated keypair and the corresponding Onion Service at a later date). - If client authorization is enabled using the "BasicAuth" flag, the - service will not be accessible to clients without valid authorization - data (configured with the "HidServAuth" option). The list of authorized - clients is specified with one or more "ClientAuth" parameters. If - "ClientBlob" is not specified for a client, a new credential will be + If client authorization is enabled using the "BasicAuth" flag (which is v2 + only), the service will not be accessible to clients without valid + authorization data (configured with the "HidServAuth" option). The list of + authorized clients is specified with one or more "ClientAuth" parameters. + If "ClientBlob" is not specified for a client, a new credential will be randomly generated and returned. Tor instances can either be in anonymous hidden service mode, or @@ -1701,13 +1711,9 @@ PRF secret, and just pay the cost of recomputing the public key when importing an ED25519-V3 key.] - (The "NEW:BEST" option obeys the HiddenServiceVersion torrc option default - value. Since 0.3.5.1-alpha, it is 3. For Tor versions before 0.3.5.1-alpha, - default HiddenServiceVersion is 2.) - Examples: C: ADD_ONION NEW:BEST Flags=DiscardPK Port=80 - S: 250-ServiceID=exampleonion1234 + S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad S: 250 OK C: ADD_ONION RSA1024:[Blob Redacted] Port=80,192.168.1.1:8080 @@ -1715,11 +1721,11 @@ S: 250 OK C: ADD_ONION NEW:BEST Port=22 Port=80,8080 - S: 250-ServiceID=testonion1234567 - S: 250-PrivateKey=RSA1024:[Blob Redacted] + S: 250-ServiceID=sampleonion4t2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad + S: 250-PrivateKey=ED25519-V3:[Blob Redacted] S: 250 OK - C: ADD_ONION NEW:BEST Flags=DiscardPK,BasicAuth Port=22 + C: ADD_ONION NEW:RSA1024 Flags=DiscardPK,BasicAuth Port=22 ClientAuth=alice:[Blob Redacted] ClientAuth=bob S: 250-ServiceID=testonion1234567 S: 250-ClientAuth=bob:[Blob Redacted] @@ -1728,7 +1734,7 @@ Examples with Tor in anonymous onion service mode: C: ADD_ONION NEW:BEST Flags=DiscardPK Port=22 - S: 250-ServiceID=testonion1234567 + S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad S: 250 OK C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22 @@ -1740,13 +1746,13 @@ S: 512 Tor is in non-anonymous hidden service mode C: ADD_ONION NEW:BEST Flags=DiscardPK,NonAnonymous Port=22 - S: 250-ServiceID=testonion1234567 + S: 250-ServiceID=exampleoniont2pqglbny66wpovyvao3ylc23eileodtevc4b75ikpad S: 250 OK [ADD_ONION was added in Tor 0.2.7.1-alpha.] - [ClientAuth was added in Tor 0.2.9.1-alpha.] - [NonAnonymous was added in Tor 0.2.9.3-alpha.] [MaxStreams and MaxStreamsCloseCircuit were added in Tor 0.2.7.2-alpha] + [ClientAuth was added in Tor 0.2.9.1-alpha. It is v2 only.] + [NonAnonymous was added in Tor 0.2.9.3-alpha.] [HS v3 support added 0.3.3.1-alpha] 3.28. DEL_ONION @@ -2340,6 +2346,14 @@ Severity = "DEBUG" / "INFO" / "NOTICE" / "WARN"/ "ERR" + Some low-level logs may be sent from signal handlers, so their destination + logs must be signal-safe. These low-level logs include backtraces, + logging function errors, and errors in code called by logging functions. + Signal-safe logs are never sent as control port log events. + + Control port message trace debug logs are never sent as control port log + events, to avoid modifying control output when debugging. + 4.1.6. New descriptors available This event is generated when new router descriptors (not microdescs or |