mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-12-01 08:03:31 +01:00
Mark a big pile of options as deprecated.
This commit is contained in:
parent
e6220ccbf8
commit
66e610da72
@ -588,6 +588,44 @@ static const config_var_t testing_tor_network_defaults[] = {
|
|||||||
#undef V
|
#undef V
|
||||||
#undef OBSOLETE
|
#undef OBSOLETE
|
||||||
|
|
||||||
|
static const config_deprecation_t option_deprecation_notes_[] = {
|
||||||
|
{ "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
|
||||||
|
"a wide variety of application-level attacks." },
|
||||||
|
{ "AllowInvalidNodes", "There is no reason to enable this option; at best "
|
||||||
|
"it will make you easier to track." },
|
||||||
|
{ "AllowSingleHopCircuits", "Almost no relays actually allow single-hop "
|
||||||
|
"exits, making this option pointless." },
|
||||||
|
{ "AllowSingleHopExits", "Turning this on will make your relay easier "
|
||||||
|
"to abuse." },
|
||||||
|
{ "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
|
||||||
|
"easier to fingerprint, and may open you to esoteric attacks." },
|
||||||
|
{ "ExcludeSingleHopRelays", "Turning it on makes your client easier to "
|
||||||
|
"fingerprint." },
|
||||||
|
{ "FastFirstHopPK", "Changing this option does not make your client more "
|
||||||
|
"secure, but does make it easier to fingerprint." },
|
||||||
|
{ "CloseHSClientCircutisImmediatelyOnTimeout", "This option makes your "
|
||||||
|
"client easier to fingerprint." },
|
||||||
|
{ "CloseHSServiceRendircutisImmediatelyOnTimeout", "This option makes "
|
||||||
|
"your hidden services easier to fingerprint." },
|
||||||
|
{ "WarnUnsafeSocks", "Changing this option makes it easier for you "
|
||||||
|
"to accidentally lose your anonymity by leaking DNS information" },
|
||||||
|
{ "TLSECGroup", "The default is a nice secure choice; the other option "
|
||||||
|
"is less secure." },
|
||||||
|
{ "UseNTorHandshake", "The ntor handshake should always be used." },
|
||||||
|
|
||||||
|
{ "ControlListenAddress", "Use ControlPort instead." },
|
||||||
|
{ "DirListenAddress", "Use DirPort instead, possibly with the "
|
||||||
|
"NoAdvertise sub-option" },
|
||||||
|
{ "DNSListenAddress", "Use DNSPort instead." },
|
||||||
|
{ "SocksListenAddress", "Use SocksPort instead." },
|
||||||
|
{ "TransListenAddress", "Use TransPort instead." },
|
||||||
|
{ "NATDListenAddress", "Use NATDPort instead." },
|
||||||
|
{ "ORListenAddress", "Use ORPort instead, possibly with the "
|
||||||
|
"NoAdvertise sub-option" },
|
||||||
|
|
||||||
|
{ NULL, NULL }
|
||||||
|
};
|
||||||
|
|
||||||
#ifdef _WIN32
|
#ifdef _WIN32
|
||||||
static char *get_windows_conf_root(void);
|
static char *get_windows_conf_root(void);
|
||||||
#endif
|
#endif
|
||||||
@ -636,7 +674,7 @@ STATIC config_format_t options_format = {
|
|||||||
OR_OPTIONS_MAGIC,
|
OR_OPTIONS_MAGIC,
|
||||||
STRUCT_OFFSET(or_options_t, magic_),
|
STRUCT_OFFSET(or_options_t, magic_),
|
||||||
option_abbrevs_,
|
option_abbrevs_,
|
||||||
NULL,
|
option_deprecation_notes_,
|
||||||
option_vars_,
|
option_vars_,
|
||||||
options_validate_cb,
|
options_validate_cb,
|
||||||
NULL
|
NULL
|
||||||
|
@ -192,7 +192,7 @@ config_find_deprecation(const config_format_t *fmt, const char *key)
|
|||||||
if (fmt->deprecations == NULL)
|
if (fmt->deprecations == NULL)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
config_deprecation_t *d;
|
const config_deprecation_t *d;
|
||||||
for (d = fmt->deprecations; d->name; ++d) {
|
for (d = fmt->deprecations; d->name; ++d) {
|
||||||
if (!strcasecmp(d->name, key)) {
|
if (!strcasecmp(d->name, key)) {
|
||||||
return d->why_deprecated ? d->why_deprecated : "";
|
return d->why_deprecated ? d->why_deprecated : "";
|
||||||
@ -486,10 +486,11 @@ config_mark_lists_fragile(const config_format_t *fmt, void *options)
|
|||||||
void
|
void
|
||||||
warn_deprecated_option(const char *what, const char *why)
|
warn_deprecated_option(const char *what, const char *why)
|
||||||
{
|
{
|
||||||
|
const char *space = (why && strlen(why)) ? " " : "";
|
||||||
log_warn(LD_CONFIG, "The %s option is deprecated, and will most likely "
|
log_warn(LD_CONFIG, "The %s option is deprecated, and will most likely "
|
||||||
"be removed in a future version of Tor.%s (If you think this is "
|
"be removed in a future version of Tor.%s%s (If you think this is "
|
||||||
"a mistake, please let us know!)",
|
"a mistake, please let us know!)",
|
||||||
what, why);
|
what, space, why);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** If <b>c</b> is a syntactically valid configuration line, update
|
/** If <b>c</b> is a syntactically valid configuration line, update
|
||||||
|
@ -81,7 +81,7 @@ typedef struct config_format_t {
|
|||||||
off_t magic_offset; /**< Offset of the magic value within the struct. */
|
off_t magic_offset; /**< Offset of the magic value within the struct. */
|
||||||
config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
|
config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
|
||||||
* parsing this format. */
|
* parsing this format. */
|
||||||
config_deprecation_t *deprecations; /** List of deprecated options */
|
const config_deprecation_t *deprecations; /** List of deprecated options */
|
||||||
config_var_t *vars; /**< List of variables we recognize, their default
|
config_var_t *vars; /**< List of variables we recognize, their default
|
||||||
* values, and where we stick them in the structure. */
|
* values, and where we stick them in the structure. */
|
||||||
validate_fn_t validate_fn; /**< Function to validate config. */
|
validate_fn_t validate_fn; /**< Function to validate config. */
|
||||||
@ -133,6 +133,5 @@ const char *config_expand_abbrev(const config_format_t *fmt,
|
|||||||
int command_line, int warn_obsolete);
|
int command_line, int warn_obsolete);
|
||||||
void warn_deprecated_option(const char *what, const char *why);
|
void warn_deprecated_option(const char *what, const char *why);
|
||||||
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user