mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Remove AuthDirMaxServersPerAuthAddr
Back when Roger had do do most of our testing on the moria host, we needed a higher limit for the number of relays running on a single IP address when that limit was shared with an authority. Nowadays, the idea is pretty obsolete. Also remove the router_addr_is_trusted_dir() function, which served no other purpose. Closes ticket 20960.
This commit is contained in:
parent
56b11905e5
commit
55d02c004c
5
changes/ticket20960
Normal file
5
changes/ticket20960
Normal file
@ -0,0 +1,5 @@
|
||||
o Removed features:
|
||||
- The AuthDirMaxServersPerAuthAddr option no longer exists: The same
|
||||
limit for relays running on a single IP applies to authority IP
|
||||
addresses as well as to non-authority IP addresses. Closes ticket
|
||||
20960.
|
@ -2246,10 +2246,6 @@ on the public Tor network.
|
||||
list as acceptable on a single IP address. Set this to "0" for "no limit".
|
||||
(Default: 2)
|
||||
|
||||
[[AuthDirMaxServersPerAuthAddr]] **AuthDirMaxServersPerAuthAddr** __NUM__::
|
||||
Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
|
||||
to addresses shared with directory authorities. (Default: 5)
|
||||
|
||||
[[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**::
|
||||
Authoritative directories only. If non-zero, always vote the
|
||||
Fast flag for any relay advertising this amount of capacity or
|
||||
|
@ -218,7 +218,7 @@ static config_var_t option_vars_[] = {
|
||||
OBSOLETE("AuthDirListBadDirs"),
|
||||
V(AuthDirListBadExits, BOOL, "0"),
|
||||
V(AuthDirMaxServersPerAddr, UINT, "2"),
|
||||
V(AuthDirMaxServersPerAuthAddr,UINT, "5"),
|
||||
OBSOLETE("AuthDirMaxServersPerAuthAddr"),
|
||||
V(AuthDirHasIPv6Connectivity, BOOL, "0"),
|
||||
VAR("AuthoritativeDirectory", BOOL, AuthoritativeDir, "0"),
|
||||
V(AutomapHostsOnResolve, BOOL, "0"),
|
||||
@ -594,7 +594,6 @@ static const config_var_t testing_tor_network_defaults[] = {
|
||||
V(EnforceDistinctSubnets, BOOL, "0"),
|
||||
V(AssumeReachable, BOOL, "1"),
|
||||
V(AuthDirMaxServersPerAddr, UINT, "0"),
|
||||
V(AuthDirMaxServersPerAuthAddr,UINT, "0"),
|
||||
V(ClientBootstrapConsensusAuthorityDownloadSchedule, CSV_INTERVAL,
|
||||
"0, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
|
||||
V(ClientBootstrapConsensusFallbackDownloadSchedule, CSV_INTERVAL,
|
||||
|
@ -2056,12 +2056,8 @@ get_possible_sybil_list(const smartlist_t *routers)
|
||||
int addr_count;
|
||||
/* Allow at most this number of Tor servers on a single IP address, ... */
|
||||
int max_with_same_addr = options->AuthDirMaxServersPerAddr;
|
||||
/* ... unless it's a directory authority, in which case allow more. */
|
||||
int max_with_same_addr_on_authority = options->AuthDirMaxServersPerAuthAddr;
|
||||
if (max_with_same_addr <= 0)
|
||||
max_with_same_addr = INT_MAX;
|
||||
if (max_with_same_addr_on_authority <= 0)
|
||||
max_with_same_addr_on_authority = INT_MAX;
|
||||
|
||||
smartlist_add_all(routers_by_ip, routers);
|
||||
smartlist_sort(routers_by_ip, compare_routerinfo_by_ip_and_bw_);
|
||||
@ -2074,9 +2070,7 @@ get_possible_sybil_list(const smartlist_t *routers)
|
||||
last_addr = ri->addr;
|
||||
addr_count = 1;
|
||||
} else if (++addr_count > max_with_same_addr) {
|
||||
if (!router_addr_is_trusted_dir(ri->addr) ||
|
||||
addr_count > max_with_same_addr_on_authority)
|
||||
digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
|
||||
digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
|
||||
}
|
||||
} SMARTLIST_FOREACH_END(ri);
|
||||
|
||||
|
@ -3969,9 +3969,6 @@ typedef struct {
|
||||
* and vote for all other exits as good. */
|
||||
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
|
||||
* number of servers per IP address. */
|
||||
int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
|
||||
* number of servers per IP address shared
|
||||
* with an authority. */
|
||||
int AuthDirHasIPv6Connectivity; /**< Boolean: are we on IPv6? */
|
||||
int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */
|
||||
|
||||
|
@ -2991,20 +2991,6 @@ router_digest_is_trusted_dir_type(const char *digest, dirinfo_type_t type)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Return true iff <b>addr</b> is the address of one of our trusted
|
||||
* directory authorities. */
|
||||
int
|
||||
router_addr_is_trusted_dir(uint32_t addr)
|
||||
{
|
||||
if (!trusted_dir_servers)
|
||||
return 0;
|
||||
SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ent,
|
||||
if (ent->addr == addr)
|
||||
return 1;
|
||||
);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** If hexdigest is correctly formed, base16_decode it into
|
||||
* digest, which must have DIGEST_LEN space in it.
|
||||
* Return 0 on success, -1 on failure.
|
||||
|
@ -86,7 +86,6 @@ int router_digest_is_trusted_dir_type(const char *digest,
|
||||
#define router_digest_is_trusted_dir(d) \
|
||||
router_digest_is_trusted_dir_type((d), NO_DIRINFO)
|
||||
|
||||
int router_addr_is_trusted_dir(uint32_t addr);
|
||||
int hexdigest_to_digest(const char *hexdigest, char *digest);
|
||||
const routerinfo_t *router_get_by_id_digest(const char *digest);
|
||||
routerinfo_t *router_get_mutable_by_digest(const char *digest);
|
||||
|
Loading…
Reference in New Issue
Block a user