From f0364ccac62cff3334d9d7bad5340fd785096009 Mon Sep 17 00:00:00 2001
From: JeremyRand <biolizard89@gmail.com>
Date: Fri, 20 Sep 2019 14:33:36 +0000
Subject: Bug 19859: Add stream isolation fields to STREAM event

---
 control-spec.txt | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 55 insertions(+), 1 deletion(-)

(limited to 'control-spec.txt')

diff --git a/control-spec.txt b/control-spec.txt
index 97bee17..cb6f274 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -2105,7 +2105,13 @@
       "650" SP "STREAM" SP StreamID SP StreamStatus SP CircuitID SP Target
           [SP "REASON=" Reason [ SP "REMOTE_REASON=" Reason ]]
           [SP "SOURCE=" Source] [ SP "SOURCE_ADDR=" Address ":" Port ]
-          [SP "PURPOSE=" Purpose]
+          [SP "PURPOSE=" Purpose] [SP "SOCKS_USERNAME=" EscapedUsername]
+          [SP "SOCKS_PASSWORD=" EscapedPassword]
+          [SP "CLIENT_PROTOCOL=" ClientProtocol] SP "NYM_EPOCH=" NymEpoch
+          SP "SESSION_GROUP=" SessionGroup SP "ISO_DESTPORT=" IsoDestPort
+          SP "ISO_DESTADDR=" IsoDestAddr SP "ISO_SOCKSAUTH=" IsoSocksAuth
+          SP "ISO_CLIENTPROTO=" IsoClientProto
+          SP "ISO_CLIENTADDR=" IsoClientAddr
           CRLF
 
       StreamStatus =
@@ -2123,6 +2129,26 @@
        Port = an integer from 0 to 65535 inclusive
        TargetAddress = Address / "(Tor_internal)"
 
+       EscapedUsername = QuotedString
+       EscapedPassword = QuotedString
+
+       ClientProtocol =
+               "SOCKS4"  /
+               "SOCKS5"  /
+               "TRANS"   /
+               "NATD"    /
+               "DNS"     /
+               "UNKNOWN"
+
+       NymEpoch = a nonnegative integer
+       SessionGroup = an integer
+
+       IsoDestPort = a Boolean
+       IsoDestAddr = a Boolean
+       IsoSocksAuth = a Boolean
+       IsoClientProto = a Boolean
+       IsoClientAddr = a Boolean
+
   The circuit ID designates which circuit this stream is attached to.  If
   the stream is unattached, the circuit ID "0" is given.  The target
   indicates the address which the stream is meant to resolve or connect to;
@@ -2180,6 +2206,34 @@
        "USER" -- This stream is handling user traffic, OR it's internal
          to Tor, but it doesn't match one of the purposes above.
 
+   The "SOCKS_USERNAME" and "SOCKS_PASSWORD" fields indicate the credentials
+   that were used by a SOCKS client to connect to Tor's SOCKS port and
+   initiate this stream. (Streams for SOCKS clients connected with different
+   usernames and/or passwords are isolated on separate circuits if the
+   IsolateSOCKSAuth flag is active; see Proposal 171.)
+
+   The "CLIENT_PROTOCOL" field indicates the protocol that was used by a client
+   to initiate this stream. (Streams for clients connected with different
+   protocols are isolated on separate circuits if the IsolateClientProtocol
+   flag is active.)
+
+   The "NYM_EPOCH" field indicates the nym epoch that was active when a client
+   initiated this stream. The epoch increments when the NEWNYM signal is
+   received. (Streams with different nym epochs are isolated on separate
+   circuits.)
+
+   The "SESSION_GROUP" field indicates the session group of the listener port
+   that a client used to initiate this stream. By default, the session group is
+   different for each listener port, but this can be overridden for a listener
+   via the "SessionGroup" option in torrc. (Streams with different session
+   groups are isolated on separate circuits.)
+
+   The "ISO_DESTPORT", "ISO_DESTADDR", "ISO_SOCKSAUTH", "ISO_CLIENTPROTO", and
+   "ISO_CLIENTADDR" fields indicate the values of the "IsolateDestPort",
+   "IsolateDestAddr", "IsolateSOCKSAuth", "IsolateClientProtocol", and
+   "IsolateClientAddr" flags for the listener port that a client used to
+   initiate this stream.
+
 4.1.3. OR Connection status changed
 
   The syntax is:
-- 
cgit v1.2.3-54-g00ecf


From de0ea88236b01363e6259a2e46b53c1300438739 Mon Sep 17 00:00:00 2001
From: JeremyRand <biolizard89@gmail.com>
Date: Fri, 11 Oct 2019 00:11:52 +0000
Subject: Bug 19859: Consolidate flag fields into ISO_FIELDS

---
 control-spec.txt | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

(limited to 'control-spec.txt')

diff --git a/control-spec.txt b/control-spec.txt
index cb6f274..9817a48 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -2108,10 +2108,7 @@
           [SP "PURPOSE=" Purpose] [SP "SOCKS_USERNAME=" EscapedUsername]
           [SP "SOCKS_PASSWORD=" EscapedPassword]
           [SP "CLIENT_PROTOCOL=" ClientProtocol] SP "NYM_EPOCH=" NymEpoch
-          SP "SESSION_GROUP=" SessionGroup SP "ISO_DESTPORT=" IsoDestPort
-          SP "ISO_DESTADDR=" IsoDestAddr SP "ISO_SOCKSAUTH=" IsoSocksAuth
-          SP "ISO_CLIENTPROTO=" IsoClientProto
-          SP "ISO_CLIENTADDR=" IsoClientAddr
+          SP "SESSION_GROUP=" SessionGroup SP "ISO_FIELDS=" IsoFields
           CRLF
 
       StreamStatus =
@@ -2143,11 +2140,14 @@
        NymEpoch = a nonnegative integer
        SessionGroup = an integer
 
-       IsoDestPort = a Boolean
-       IsoDestAddr = a Boolean
-       IsoSocksAuth = a Boolean
-       IsoClientProto = a Boolean
-       IsoClientAddr = a Boolean
+       IsoFields = a comma-separated list of IsoField values
+
+       IsoField =
+               "CLIENTADDR" /
+               "CLIENTPORT" /
+               "DESTADDR" /
+               "DESTPORT" /
+               the name of a field that is valid for STREAM events
 
   The circuit ID designates which circuit this stream is attached to.  If
   the stream is unattached, the circuit ID "0" is given.  The target
@@ -2228,11 +2228,12 @@
    via the "SessionGroup" option in torrc. (Streams with different session
    groups are isolated on separate circuits.)
 
-   The "ISO_DESTPORT", "ISO_DESTADDR", "ISO_SOCKSAUTH", "ISO_CLIENTPROTO", and
-   "ISO_CLIENTADDR" fields indicate the values of the "IsolateDestPort",
-   "IsolateDestAddr", "IsolateSOCKSAuth", "IsolateClientProtocol", and
-   "IsolateClientAddr" flags for the listener port that a client used to
-   initiate this stream.
+   The "ISO_FIELDS" field indicates the set of STREAM event fields for which
+   stream isolation is enabled for the listener port that a client used to
+   initiate this stream.  The special values "CLIENTADDR", "CLIENTPORT",
+   "DESTADDR", and "DESTPORT", if their correspondingly named fields are not
+   present, refer to the Address and Port components of the "SOURCE_ADDR" and
+   Target fields.
 
 4.1.3. OR Connection status changed
 
-- 
cgit v1.2.3-54-g00ecf


From c5d276cfb9192e95862ece77c35c104946d87634 Mon Sep 17 00:00:00 2001
From: JeremyRand <biolizard89@gmail.com>
Date: Wed, 9 Oct 2019 22:52:24 +0000
Subject: Bug 19859: Mark all stream isolation fields as optional

---
 control-spec.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'control-spec.txt')

diff --git a/control-spec.txt b/control-spec.txt
index 9817a48..03439eb 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -2107,8 +2107,8 @@
           [SP "SOURCE=" Source] [ SP "SOURCE_ADDR=" Address ":" Port ]
           [SP "PURPOSE=" Purpose] [SP "SOCKS_USERNAME=" EscapedUsername]
           [SP "SOCKS_PASSWORD=" EscapedPassword]
-          [SP "CLIENT_PROTOCOL=" ClientProtocol] SP "NYM_EPOCH=" NymEpoch
-          SP "SESSION_GROUP=" SessionGroup SP "ISO_FIELDS=" IsoFields
+          [SP "CLIENT_PROTOCOL=" ClientProtocol] [SP "NYM_EPOCH=" NymEpoch]
+          [SP "SESSION_GROUP=" SessionGroup] [SP "ISO_FIELDS=" IsoFields]
           CRLF
 
       StreamStatus =
-- 
cgit v1.2.3-54-g00ecf


From cd916518f3e3ea5f8a390d24727eadf68cb8271f Mon Sep 17 00:00:00 2001
From: JeremyRand <biolizard89@gmail.com>
Date: Wed, 9 Oct 2019 22:56:51 +0000
Subject: Bug 19859: Note that client protocols might be extended later

---
 control-spec.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'control-spec.txt')

diff --git a/control-spec.txt b/control-spec.txt
index 03439eb..d7c7cc9 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -2215,7 +2215,7 @@
    The "CLIENT_PROTOCOL" field indicates the protocol that was used by a client
    to initiate this stream. (Streams for clients connected with different
    protocols are isolated on separate circuits if the IsolateClientProtocol
-   flag is active.)
+   flag is active.)  Controllers MUST tolerate unrecognized client protocols.
 
    The "NYM_EPOCH" field indicates the nym epoch that was active when a client
    initiated this stream. The epoch increments when the NEWNYM signal is
-- 
cgit v1.2.3-54-g00ecf


From 54a7ad226cba634ae321a9f3f542ce2ff03ef302 Mon Sep 17 00:00:00 2001
From: JeremyRand <biolizard89@gmail.com>
Date: Sun, 27 Oct 2019 06:23:54 +0000
Subject: Bug 19859: Add HTTPCONNECT client protocol

---
 control-spec.txt | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'control-spec.txt')

diff --git a/control-spec.txt b/control-spec.txt
index d7c7cc9..ab164ea 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -2130,11 +2130,12 @@
        EscapedPassword = QuotedString
 
        ClientProtocol =
-               "SOCKS4"  /
-               "SOCKS5"  /
-               "TRANS"   /
-               "NATD"    /
-               "DNS"     /
+               "SOCKS4"      /
+               "SOCKS5"      /
+               "TRANS"       /
+               "NATD"        /
+               "DNS"         /
+               "HTTPCONNECT" /
                "UNKNOWN"
 
        NymEpoch = a nonnegative integer
-- 
cgit v1.2.3-54-g00ecf