mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 15:43:32 +01:00
Prop 301: No longer vote on RecommendedPackages
This is the first half of implementing proposal 301. The RecommendedPackages torrc option is marked as obsolete and the test cases for the option removed. Additionally, the code relating to generating and formatting package lines in votes is removed. These lines may still appear in votes from other directory authorities running earlier versions of the code and so consensuses may still contain package lines. A new consensus method will be needed to stop including package lines in consensuses. Fixes: #28465
This commit is contained in:
parent
d86896b29c
commit
58cb98af32
6
changes/ticket29738
Normal file
6
changes/ticket29738
Normal file
@ -0,0 +1,6 @@
|
||||
o Minor features (recommended packages):
|
||||
- No longer include recommended packages in votes as detailed in proposal
|
||||
301. The RecommendedPackages torrc option is deprecated and will no
|
||||
longer have any effect. "package" lines will still be considered when
|
||||
computing consensuses for consensus methods that include them. Fixes
|
||||
ticket 29738.
|
@ -2720,12 +2720,6 @@ on the public Tor network.
|
||||
multiple times: the values from multiple lines are spliced together. When
|
||||
this is set then **VersioningAuthoritativeDirectory** should be set too.
|
||||
|
||||
[[RecommendedPackages]] **RecommendedPackages** __PACKAGENAME__ __VERSION__ __URL__ __DIGESTTYPE__**=**__DIGEST__ ::
|
||||
Adds "package" line to the directory authority's vote. This information
|
||||
is used to vote on the correct URL and digest for the released versions
|
||||
of different Tor-related packages, so that the consensus can certify
|
||||
them. This line may appear any number of times.
|
||||
|
||||
[[RecommendedClientVersions]] **RecommendedClientVersions** __STRING__::
|
||||
STRING is a comma-separated list of Tor versions currently believed to be
|
||||
safe for clients to use. This information is included in version 2
|
||||
|
@ -593,7 +593,7 @@ static config_var_t option_vars_[] = {
|
||||
V(RecommendedVersions, LINELIST, NULL),
|
||||
V(RecommendedClientVersions, LINELIST, NULL),
|
||||
V(RecommendedServerVersions, LINELIST, NULL),
|
||||
V(RecommendedPackages, LINELIST, NULL),
|
||||
OBSOLETE("RecommendedPackages"),
|
||||
V(ReducedConnectionPadding, BOOL, "0"),
|
||||
V(ConnectionPadding, AUTOBOOL, "auto"),
|
||||
V(RefuseUnknownExits, AUTOBOOL, "auto"),
|
||||
@ -3521,13 +3521,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
||||
"features to be broken in unpredictable ways.");
|
||||
}
|
||||
|
||||
for (cl = options->RecommendedPackages; cl; cl = cl->next) {
|
||||
if (! validate_recommended_package_line(cl->value)) {
|
||||
log_warn(LD_CONFIG, "Invalid RecommendedPackage line %s will be ignored",
|
||||
escaped(cl->value));
|
||||
}
|
||||
}
|
||||
|
||||
if (options->AuthoritativeDir) {
|
||||
if (!options->ContactInfo && !options->TestingTorNetwork)
|
||||
REJECT("Authoritative directory servers must set ContactInfo");
|
||||
|
@ -121,7 +121,6 @@ struct or_options_t {
|
||||
struct config_line_t *RecommendedVersions;
|
||||
struct config_line_t *RecommendedClientVersions;
|
||||
struct config_line_t *RecommendedServerVersions;
|
||||
struct config_line_t *RecommendedPackages;
|
||||
/** Whether dirservers allow router descriptors with private IPs. */
|
||||
int DirAllowPrivateAddresses;
|
||||
/** Whether routers accept EXTEND cells to routers with private IPs. */
|
||||
|
@ -220,7 +220,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
||||
networkstatus_t *v3_ns)
|
||||
{
|
||||
smartlist_t *chunks = smartlist_new();
|
||||
char *packages = NULL;
|
||||
char fingerprint[FINGERPRINT_LEN+1];
|
||||
char digest[DIGEST_LEN];
|
||||
uint32_t addr;
|
||||
@ -246,19 +245,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
||||
v3_ns->server_versions);
|
||||
protocols_lines = format_protocols_lines_for_vote(v3_ns);
|
||||
|
||||
if (v3_ns->package_lines) {
|
||||
smartlist_t *tmp = smartlist_new();
|
||||
SMARTLIST_FOREACH(v3_ns->package_lines, const char *, p,
|
||||
if (validate_recommended_package_line(p))
|
||||
smartlist_add_asprintf(tmp, "package %s\n", p));
|
||||
smartlist_sort_strings(tmp);
|
||||
packages = smartlist_join_strings(tmp, "", 0, NULL);
|
||||
SMARTLIST_FOREACH(tmp, char *, cp, tor_free(cp));
|
||||
smartlist_free(tmp);
|
||||
} else {
|
||||
packages = tor_strdup("");
|
||||
}
|
||||
|
||||
/* Get shared random commitments/reveals line(s). */
|
||||
shared_random_vote_str = sr_get_string_for_vote();
|
||||
|
||||
@ -344,7 +330,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
||||
"voting-delay %d %d\n"
|
||||
"%s%s" /* versions */
|
||||
"%s" /* protocols */
|
||||
"%s" /* packages */
|
||||
"known-flags %s\n"
|
||||
"flag-thresholds %s\n"
|
||||
"params %s\n"
|
||||
@ -361,7 +346,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
||||
client_versions_line,
|
||||
server_versions_line,
|
||||
protocols_lines,
|
||||
packages,
|
||||
flags,
|
||||
flag_thresholds,
|
||||
params,
|
||||
@ -461,7 +445,6 @@ format_networkstatus_vote(crypto_pk_t *private_signing_key,
|
||||
tor_free(client_versions_line);
|
||||
tor_free(server_versions_line);
|
||||
tor_free(protocols_lines);
|
||||
tor_free(packages);
|
||||
|
||||
SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
|
||||
smartlist_free(chunks);
|
||||
@ -4669,15 +4652,6 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
|
||||
tor_assert_nonfatal(protover_all_supported(
|
||||
v3_out->recommended_client_protocols, NULL));
|
||||
|
||||
v3_out->package_lines = smartlist_new();
|
||||
{
|
||||
config_line_t *cl;
|
||||
for (cl = get_options()->RecommendedPackages; cl; cl = cl->next) {
|
||||
if (validate_recommended_package_line(cl->value))
|
||||
smartlist_add_strdup(v3_out->package_lines, cl->value);
|
||||
}
|
||||
}
|
||||
|
||||
v3_out->known_flags = smartlist_new();
|
||||
smartlist_split_string(v3_out->known_flags,
|
||||
DIRVOTE_UNIVERSAL_FLAGS,
|
||||
|
@ -1342,29 +1342,6 @@ test_options_validate__token_bucket(void *ignored)
|
||||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__recommended_packages(void *ignored)
|
||||
{
|
||||
(void)ignored;
|
||||
int ret;
|
||||
char *msg;
|
||||
setup_capture_of_logs(LOG_WARN);
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"RecommendedPackages foo 1.2 http://foo.com sha1=123123123123\n"
|
||||
"RecommendedPackages invalid-package-line\n");
|
||||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
expect_no_log_msg("Invalid RecommendedPackage line "
|
||||
"invalid-package-line will be ignored\n");
|
||||
|
||||
done:
|
||||
escaped(NULL); // This will free the leaking memory from the previous escaped
|
||||
teardown_capture_of_logs();
|
||||
free_options_test_data(tdata);
|
||||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__fetch_dir(void *ignored)
|
||||
{
|
||||
@ -4200,7 +4177,6 @@ struct testcase_t options_tests[] = {
|
||||
LOCAL_VALIDATE_TEST(exclude_nodes),
|
||||
LOCAL_VALIDATE_TEST(node_families),
|
||||
LOCAL_VALIDATE_TEST(token_bucket),
|
||||
LOCAL_VALIDATE_TEST(recommended_packages),
|
||||
LOCAL_VALIDATE_TEST(fetch_dir),
|
||||
LOCAL_VALIDATE_TEST(conn_limit),
|
||||
LOCAL_VALIDATE_TEST(paths_needed),
|
||||
|
Loading…
Reference in New Issue
Block a user