Add documentation for directory guard options

diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 7d1742c0ea45d41d1fcf443a791fa4e243ca010b..26e7882309553af7121f08f0a36349c619d5196e 100644 (file)
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1021,10 +1021,22 @@ The following options are useful only for clients (that is, if
     increases the odds that an adversary who owns some servers will observe a
     fraction of your paths. (Default: 1)
 
+**UseEntryGuardsAsDirectoryGuards** **0**|**1**::
+    If this option is set to 1, we try to use our entry guards as directory
+    guards, and failing that, pick more nodes to act as our directory guards.
+    This helps prevent an adversary from enumerating clients. It's only
+    available for clients (non-relay, non-bridge) that aren't configured to
+    download any non-default directory material.  It doesn't currently
+    do anything when we lack a live consensus. (Default: 1)
+
 **NumEntryGuards** __NUM__::
     If UseEntryGuards is set to 1, we will try to pick a total of NUM routers
     as long-term entries for our circuits. (Default: 3)
 
+**NumDirectoryGuards** __NUM__::
+    If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
+    have at least NUM routers to use as directory guards. (Default: 3)
+
 **SafeSocks** **0**|**1**::
     When this option is enabled, Tor will reject application connections that
     use unsafe variants of the socks protocol -- ones that only provide an IP