commit 3d45079c27b94f073442f80b203f9787857c2d01
parent e4692fad9680ffea938dd6024ceacfc1ba1edffa
Author: teor <teor@torproject.org>
Date: Tue, 9 Apr 2019 11:36:59 +1000
Merge branch 'maint-0.4.0'
Diffstat:
4 files changed, 25 insertions(+), 5 deletions(-)
diff --git a/changes/bug28614_better_logging b/changes/bug28614_better_logging
@@ -0,0 +1,6 @@
+ o Minor bugfixes (logging):
+ - On Windows, when errors cause us to reload a consensus from disk, tell
+ the user that we are retrying at log level "notice". Previously we only
+ logged this information at "info", which was confusing because the
+ errors themselves were logged at "warning". Improves previous fix for
+ 28614. Fixes bug 30004; bugfix on 0.4.0.2-alpha.
diff --git a/changes/doc29121 b/changes/doc29121
@@ -0,0 +1,3 @@
+ o Documentation:
+ - Clarify that Tor performs stream isolation between *Port listeners by
+ default. Resolves issue 29121.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
@@ -1230,6 +1230,8 @@ The following options are useful only for clients (that is, if
information to anybody watching your network, and allow anybody
to use your computer as an open proxy. +
+
+ If multiple entries of this option are present in your configuration
+ file, Tor will perform stream isolation between listeners by default.
The _isolation flags_ arguments give Tor rules for which streams
received on this SocksPort are allowed to share circuits with one
another. Recognized isolation flags are:
@@ -1472,14 +1474,18 @@ The following options are useful only for clients (that is, if
protocol instead of SOCKS. Set this to
0 if you don't want to allow "HTTP CONNECT" connections. Set the port
to "auto" to have Tor pick a port for you. This directive can be
- specified multiple times to bind to multiple addresses/ports. See
+ specified multiple times to bind to multiple addresses/ports. If multiple
+ entries of this option are present in your configuration file, Tor will
+ perform stream isolation between listeners by default. See
SOCKSPort for an explanation of isolation flags. (Default: 0)
[[TransPort]] **TransPort** \['address':]__port__|**auto** [_isolation flags_]::
Open this port to listen for transparent proxy connections. Set this to
0 if you don't want to allow transparent proxy connections. Set the port
to "auto" to have Tor pick a port for you. This directive can be
- specified multiple times to bind to multiple addresses/ports. See
+ specified multiple times to bind to multiple addresses/ports. If multiple
+ entries of this option are present in your configuration file, Tor will
+ perform stream isolation between listeners by default. See
SOCKSPort for an explanation of isolation flags. +
+
TransPort requires OS support for transparent proxies, such as BSDs' pf or
@@ -1516,7 +1522,9 @@ The following options are useful only for clients (that is, if
included in old versions of FreeBSD, etc) using the NATD protocol.
Use 0 if you don't want to allow NATD connections. Set the port
to "auto" to have Tor pick a port for you. This directive can be
- specified multiple times to bind to multiple addresses/ports. See
+ specified multiple times to bind to multiple addresses/ports. If multiple
+ entries of this option are present in your configuration file, Tor will
+ perform stream isolation between listeners by default. See
SocksPort for an explanation of isolation flags. +
+
This option is only for people who cannot use TransPort. (Default: 0)
diff --git a/src/feature/nodelist/networkstatus.c b/src/feature/nodelist/networkstatus.c
@@ -1761,8 +1761,11 @@ reload_consensus_from_file(const char *fname,
flavor, flags, source_dir);
#ifdef _WIN32
if (rv < 0 && tor_memstr(map->data, map->size, "\r\n")) {
- log_info(LD_GENERAL, "Found CRLF in consensus file %s; falling back to "
- "read_file_to_string.", escaped(fname));
+ log_notice(LD_GENERAL, "Looks like the above failures are probably "
+ "because of a CRLF in consensus file %s; falling back to "
+ "read_file_to_string. Nothing to worry about: this file "
+ "was probably saved by an earlier version of Tor.",
+ escaped(fname));
char *content = read_file_to_str(fname, RFTS_IGNORE_MISSING, NULL);
rv = networkstatus_set_current_consensus(content, strlen(content),
flavor, flags, source_dir);
