Move DataDirectoryGroupReadable 1 up a few lines to more clearly
communicate that it is required for the filesystem group to read the
DataDirectory.
Per the Tor documentation
https://2019.www.torproject.org/docs/tor-manual.html.en#DataDirectoryGroupReadable
"If this option is set to 0, don’t allow the filesystem group to read
the DataDirectory. If the option is set to 1, make the DataDirectory
readable by the default GID. (Default: 0)"
and harmonize them as follows
- s/outgoing/automatic outbound/
- s/Incoming/Inbound and manual/ (are not affected by this option.)
- s/only through network/only to network/
- s/this option. This option/this option. It/
- s/network types/networks/
and also pick up a few nits in doc/p2p-bad-ports.md
0eea83a85e scripted-diff: rename `proxyType` to `Proxy` (Vasil Dimov)
e53a8505db net: respect -onlynet= when making outbound connections (Vasil Dimov)
Pull request description:
Do not make outbound connections to hosts which belong to a network
which is restricted by `-onlynet`.
This applies to hosts that are automatically chosen to connect to and to
anchors.
This does not apply to hosts given to `-connect`, `-addnode`,
`addnode` RPC, dns seeds, `-seednode`.
Fixes https://github.com/bitcoin/bitcoin/issues/13378
Fixes https://github.com/bitcoin/bitcoin/issues/22647
Supersedes https://github.com/bitcoin/bitcoin/pull/22651
ACKs for top commit:
naumenkogs:
utACK 0eea83a85e
prayank23:
reACK 0eea83a85e
jonatack:
ACK 0eea83a85e code review, rebased to master, debug built, and did some manual testing with various config options on signet
Tree-SHA512: 37d68b449dd6d2715843fc84d85f48fa2508be40ea105a7f4a28443b318d0b6bd39e3b2ca2a6186f2913836adf08d91038a8b142928e1282130f39ac81aa741b
86a4a15bdc Highlight DNS request part (Prayank)
Pull request description:
_What?_
Highlight DNS requests part in Proxy section
_Why?_
1. DNS requests are very important while considering privacy
2. Lot of users might skip reading it because of the way it is mixed with everything else in the doc right now
3. I have seen lot of users ignoring DNS requests or unaware of such things while using privacy tools
_How?_
Initially I had tried keeping these lines separate from code block but [Jonatack didn't agree with the changes](https://github.com/bitcoin/bitcoin/pull/21157#discussion_r618177116). Harding suggested using [bold/italic in `<pre></pre>`](https://github.com/bitcoin/bitcoin/pull/21157#discussion_r644364143). I have used the suggestions from previous PR and added `---`
This is a part of alternative described in https://github.com/bitcoin/bitcoin/pull/22316
ACKs for top commit:
jonatack:
ACK 86a4a15bdc
Rspigler:
ACK 86a4a15bdc
achow101:
ACK 86a4a15bdc
RiccardoMasutti:
ACK 86a4a15
lsilva01:
ACK 86a4a15bdc
kristapsk:
ACK 86a4a15bdc
theStack:
ACK 86a4a15bdc
Tree-SHA512: a4fe0e8c08df330e5ca78ce19ce74be7034c653f4374469d928908847a6debf385283e3a6da66de600566c7bab6290ccd35df26864aef94cbb3f294123391437
5984084610 Specifies how to set the value of TORGROUP (lsilva01)
Pull request description:
This change just makes it more explicit how to assign the value to the TORGROUP variable.
ACKs for top commit:
laanwj:
ACK 5984084610
Zero-1729:
Concept ACK 5984084610
Tree-SHA512: af5cc0f87fa309201b5937a2741dea9374eafc09e84664ca138669c1827ce44fe6d25e3853d53ed2c838321aa4b28c6fd9d8dbe23f7194fdd6559d49453416e4
49d503aefa doc: update -addrinfo in release-notes.md and tor.md (Jon Atack)
75ea9ecf11 cli -addrinfo: drop torv2, torv3 becomes onion per GetNetworkName() (Jon Atack)
Pull request description:
#22050 removed torv2 support from 22.0. For 23.0 and subsequent releases, we can probably remove torv2 from -addrinfo.
before
```
"addresses_known": {
"ipv4": 58305,
"ipv6": 5138,
"torv2": 0,
"torv3": 5441,
"i2p": 14,
"total": 68898
}
```
after
```
"addresses_known": {
"ipv4": 58305,
"ipv6": 5138,
"onion": 5441,
"i2p": 14,
"total": 68898
}
```
Per the naming of `netbase.{h, cpp}::GetNetworkName()`, torv3 becomes onion, which is what is printed in the output of getpeerinfo, getnetworkinfo and getnodeaddresses.
ACKs for top commit:
practicalswift:
cr ACK 49d503aefa
Zero-1729:
tACK 49d503aefa🧉
klementtan:
Code review and tested ACK 49d503aefa
Tree-SHA512: bca52520d8b12c26f1c329d661b9e22c567954ed2af7d2a16d7669eae1a221eada20944f8b2f4e78e31a7190d5f3d3fbfd37509e5edf2d9a3747a0a8f4e375bb
a34eceb4cc doc: update -externalip documentation in tor.md (Jon Atack)
dc8a591222 doc: add tor.md section on how to get tor info via bitcoind (Jon Atack)
e1765d8b04 doc: update tor.md address examples from onion v2 to v3 (Jon Atack)
Pull request description:
It looks like `doc/tor.md` could use some updates and improvements, not only for Tor v3, but also for setting multiple addresses with `-externalip` (see the conversation from http://www.erisian.com.au/bitcoin-core-dev/log-2020-09-16.html#l-39), how to see information about your Tor config via Bitcoin Core, and other improvements.
Closes#19924.
ACKs for top commit:
laanwj:
ACK a34eceb4cc
Tree-SHA512: 3197cdca1188dbd645c8f9e6ed7c023da5ad9bcf246a6bcbfbe6078f40c01c563032b4906736cde253a2daf71aaed28a659121628891a5d0bf6e89f821a17a28
This is a follow up to https://github.com/bitcoin/bitcoin/pull/19638 that left some deprectaed "hidden service/server" naming occurences.
It also shall make the chapter titles regarding creation of onion services stringent and easy to read and distinguish.
It removes the one and only reference to the testnet (here the testnet onion service port), as it is not explained that it references to the testnet and I do not know why it is mentioned there. It is only confusing. Also, as said, the testnet is not referenced at any other place in this document.
For a couple of years, Tor documentation has made
the term hidden service obsolete, in favor of onion
service.
This PR updates all the references in the code base.
Starting bitcoind with `-onlynet=onion` immediately after adding bitcoind user to debian-tor group will yield the following notice on debug.log:
"tor: Authentication cookie /run/tor/control.authcookie could not be opened (check permissions)"
Elaborate on the need to re-login to ensure debian-tor group has been applied to bitcoind user after:
sudo usermod -a -G debian-tor username
Verification can be done via `groups` command in shell.
The current documentation leads the reader to think `hash-password` is an other option.
This change is less confusing and make it clear how to use this option.
39d2911 [Docs] Add version footnote to tor.md (Damian Williamson)
Pull request description:
[Docs] Add version footnote to tor.md
Added note to section 2, part -edits to `/etc/tor/torrc`- indicating this is only required for Tor version 0.2.7.0 and older, since section 3 states it is valid for Tor version 0.2.7.1 and newer. Added ref link from section 2 version footnote to section 3. Re-styled headings to work on GitHub -alternate heading style markup creation issue with numbered headings and thus headings and automatic heading links are broken-
Ref: [Issue# 12376](https://github.com/bitcoin/bitcoin/issues/12376)
Signed-off-by: Damian Williamson \<willtech@live.com.au\>
Tree-SHA512: 439f4ccc3e196011af448b220adf26b0e653ac589bf4cfbbc276c1500c9d08f209c9d6101e4d232857779d9f25164cfb222ed30e3d63de116f9121e6ebde31c3
Added note to section 2, part -edits to `/etc/tor/torrc`- indicating this is only required for Tor version 0.2.7.0 and older, since section 3 states it is valid for Tor version 0.2.7.1 and newer. Added ref link from section 2 version footnote to section 3. Re-styled headings to work on GitHub -alternate heading style markup creation issue with numbered headings and thus headings and automatic heading links are broken- Ref: [Issue# 12376](https://github.com/bitcoin/bitcoin/issues/12376)
Signed-off-by: Damian Williamson <willtech@live.com.au>
> This new feature is enabled by default if Bitcoin Core is listening, and a connection to Tor can be made. It can be configured with the -listenonion, -torcontrol and -torpassword settings. To show verbose debugging information, pass -debug=tor.
But it is correct to say that the feature is enabled *regardless* of whether a connection to Tor can be made.
I propose to clarify that so that users can eliminate these in their logs (when `listen=1` and no Tor).
And I think it's okay to clarify about the `listen` option, because on several occasions when I read this before I always assumed `listening` meant `server=1` which cost me a lot of time in troubleshooting.
```
2016-10-24 06:19:22.551029 tor: Error connecting to Tor control socket
2016-10-24 06:19:22.551700 tor: Not connected to Tor control port 127.0.0.1:9051, trying to reconnect
```
### What version of bitcoin-core are you using?
0.12.1
Seems like there are a lot of advertised testnet HS nodes that
don't actually work. Lack of the testnet port on the example
HS config might be one reason.
I've seen users confused multiple times thinking they
should be using -tor to set their tor proxy and then
finding in horror that they were still connecting to
the IPv4 internet.
Even Jeff guesses wrong about what the knob does, so
I think we should rename it. This leaves the old
knob working, we can pull it out completely in a
later release.