This clears up the remaining issue stopping me from closing bug 6297.

Implements ticket 6786.

Also remove some trailing whitespace.

Patch from maker; fixes bug 6024.

addresses bug 6605.

The current cutoff is 30KB, but in reality a useful cutoff is probably
more like 50KB or 100KB.

See #4771 for rationale.

Note that this patch does not take suggested changes in #4470 into
account and keeps treating AuthDirHasIPv6Connectivity as an
AUTOBOOL. Thus, bug fixes for that are included here as well.

This is a fix on master, unreleased as of now.

This is a fix of unreleased tor. It solves ticket #6770.

Linus Nordberg authored 12 years ago and Nick Mathewson committed 12 years ago

Add ClientUseIPv6 and ClientPreferIPv6ORPort configuration options.

Use "preferred OR port" for all entry nodes, not only for bridges.

Mark bridges with "prefer IPv6 OR port" if an IPv6 address is
configured in Bridge line and ClientPreferIPv6ORPort is set.

Mark relays with "prefer IPv6 OR port" if an IPv6 address is found in
descriptor and ClientPreferIPv6ORPort is set.

Filter "preferred OR port" through the ClientUseIPv6 config option. We
might want to move this test to where actual connection is being set
up once we have a fall back mechanism in place.

Have only non-servers pick an IPv6 address for the first hop: We
don't want relays to connect over IPv6 yet. (IPv6 has never been used
for second or third hops.)

Implements ticket 5535.

Bugfix for #6732.

This is important, since otherwise an attacker can use timing info
to probe the internal network.

Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.

Fix for bug 6710; bugfix on all released versions of Tor.

This is based on a pair of patches from A. Costa. I couldn't apply
those directly, since they changed the generated *roff files, not
the asciidoc source.

Fixes Tor bug 6500 and Debian bug 683359.

Linus Nordberg authored 12 years ago and Nick Mathewson committed 12 years ago

Test for config option AuthDirPublishIPv6 == 1 rather than for running
as a bridge authority when deciding whether to care or not about IPv6
OR ports in descriptors.

Implements enhancement #6406.

Linus Nordberg authored 12 years ago and Linus Nordberg committed 12 years ago

Implements enhancement 5974.

Bug 4748

squash! Document 0.2.3.x torrc/default-torrc/command line semantics changes

Incorporates fixes suggested by rransom.

The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.

If the failure rate exceeds a certain amount, a notice is emitted.

If it exceeds a greater amount, a warn is emitted and the guard is disabled.

These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.

Nearly everywhere, we end options with "(Default: foo)".  But in a
few places, we inserted an extra period after or before the close
parenthesis, and in a few other places we said "(Defaults to foo)".
Let's not do that.

This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721) and bridge
tracing (#6087) regressions.

We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088).  Before we can do so, we need a fix for bugs #6087 and

Resolves ticket #5598 for now.

We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.

Closes ticket 4572.

It is for the not-yet-implemented bridge community design.

There isn't really any point to messing with it. Resolves ticket 5005.