Remove RedirectExit feature; it has been deprecated since 0.2.0.3-alpha

svn:r17663

ChangeLog

@@ -71,6 +71,9 @@ Changes in version 0.2.1.9-alpha - 2008-12-2?
       introduction points thrown away; bugfix on 0.2.1.7-alpha. Spotted
       by John Brooks. Patch by Karsten. Fixes bug 874.
 
+  o Deprecated and removed features:
+    - RedirectExits has been removed.  It was deprecated since 0.2.0.3-alpha.
+
   o Code simplifications and refactoring:
     - Rename the confusing or_is_obsolete field to the more appropriate
       is_bad_for_new_circs, and move it to or_connection_t where it

doc/tor.1.in

@@ -917,20 +917,6 @@ to all directory authorities of the type(s) specified. The value "1" is
 treated as a synonym for the default, which is currently "v2,v3".
 .LP
 .TP
-\fBRedirectExit \fR\fIpattern target\fP
-THIS OPTION IS DEPRECATED.  It will go away in a future version of Tor.
-Whenever an outgoing connection tries to connect to one of a given set
-of addresses, connect to \fItarget\fP (an \fIaddress:port\fP pair) instead.
-The address
-pattern is given in the same format as for an exit policy.  The
-address translation applies after exit policies are applied.  Multiple
-\fBRedirectExit\fP options can be used: once any one has matched
-successfully, no subsequent rules are considered.  You can specify that no
-redirection is to be performed on a given set of addresses by using the
-special target string "pass", which prevents subsequent rules from being
-considered.
-.LP
-.TP
 \fBShutdownWaitLength\fR \fINUM\fP
 When we get a SIGINT and we're a server, we begin shutting down: we close
 listeners and start refusing new circuits. After \fBNUM\fP seconds,

src/or/config.c

@@ -278,7 +278,7 @@ static config_var_t _option_vars[] = {
   V(RecommendedVersions,         LINELIST, NULL),
   V(RecommendedClientVersions,   LINELIST, NULL),
   V(RecommendedServerVersions,   LINELIST, NULL),
-  V(RedirectExit,                LINELIST, NULL),
+  OBSOLETE("RedirectExit"),
   V(RejectPlaintextPorts,        CSV,      ""),
   V(RelayBandwidthBurst,         MEMUNIT,  "0"),
   V(RelayBandwidthRate,          MEMUNIT,  "0"),
@@ -552,9 +552,6 @@ static config_var_description_t options_description[] = {
     "clients and servers, instead of the default 0.0.0.0:ORPort." },
   { "PublishServerDescriptor", "Set to 0 to keep the server from "
     "uploading info to the directory authorities." },
-  /*{ "RedirectExit", "When an outgoing connection tries to connect to a "
-   *"given address, redirect it to another address instead." },
-   */
   /* ServerDNS: DetectHijacking, ResolvConfFile, SearchDomains */
   { "ShutdownWaitLength", "Wait this long for clients to finish when "
     "shutting down because of a SIGINT." },
@@ -679,8 +676,6 @@ static int parse_bridge_line(const char *line, int validate_only);
 static int parse_dir_server_line(const char *line,
                                  authority_type_t required_type,
                                  int validate_only);
-static int parse_redirect_line(smartlist_t *result,
-                               config_line_t *line, char **msg);
 static int validate_data_directory(or_options_t *options);
 static int write_configuration_file(const char *fname, or_options_t *options);
 static config_line_t *get_assigned_option(config_format_t *fmt,
@@ -1276,21 +1271,6 @@ options_act(or_options_t *old_options)
   if (!running_tor)
     return 0;
 
-  {
-    smartlist_t *sl = smartlist_create();
-    char *errmsg = NULL;
-    for (cl = options->RedirectExit; cl; cl = cl->next) {
-      if (parse_redirect_line(sl, cl, &errmsg)<0) {
-        log_warn(LD_CONFIG, "%s", errmsg);
-        tor_free(errmsg);
-        SMARTLIST_FOREACH(sl, exit_redirect_t *, er, tor_free(er));
-        smartlist_free(sl);
-        return -1;
-      }
-    }
-    set_exit_redirects(sl);
-  }
-
   /* Finish backgrounding the process */
   if (running_tor && options->RunAsDaemon) {
     /* We may be calling this for the n'th time (on SIGHUP), but it's safe. */
@@ -3441,11 +3421,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (validate_addr_policies(options, msg) < 0)
     return -1;
 
-  for (cl = options->RedirectExit; cl; cl = cl->next) {
-    if (parse_redirect_line(NULL, cl, msg)<0)
-      return -1;
-  }
-
   if (validate_dir_authorities(options, old_options) < 0)
     REJECT("Directory authority line did not parse. See logs for details.");
 
@@ -4262,60 +4237,6 @@ options_init_logs(or_options_t *options, int validate_only)
   return ok?0:-1;
 }
 
-/** Parse a single RedirectExit line's contents from <b>line</b>.  If
- *  they are valid, and <b>result</b> is not NULL, add an element to
- *  <b>result</b> and return 0. Else if they are valid, return 0.
- *  Else set *msg and return -1. */
-static int
-parse_redirect_line(smartlist_t *result, config_line_t *line, char **msg)
-{
-  smartlist_t *elements = NULL;
-  exit_redirect_t *r;
-
-  tor_assert(line);
-
-  r = tor_malloc_zero(sizeof(exit_redirect_t));
-  elements = smartlist_create();
-  smartlist_split_string(elements, line->value, NULL,
-                         SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
-  if (smartlist_len(elements) != 2) {
-    *msg = tor_strdup("Wrong number of elements in RedirectExit line");
-    goto err;
-  }
-  if (tor_addr_parse_mask_ports(smartlist_get(elements,0),&r->addr,
-                                &r->maskbits,&r->port_min,&r->port_max)) {
-    *msg = tor_strdup("Error parsing source address in RedirectExit line");
-    goto err;
-  }
-  if (0==strcasecmp(smartlist_get(elements,1), "pass")) {
-    r->is_redirect = 0;
-  } else {
-    if (tor_addr_port_parse(smartlist_get(elements,1),
-                            &r->addr_dest, &r->port_dest)) {
-      *msg = tor_strdup("Error parsing dest address in RedirectExit line");
-      goto err;
-    }
-    r->is_redirect = 1;
-  }
-
-  goto done;
- err:
-  tor_free(r);
- done:
-  SMARTLIST_FOREACH(elements, char *, cp, tor_free(cp));
-  smartlist_free(elements);
-  if (r) {
-    if (result)
-      smartlist_add(result, r);
-    else
-      tor_free(r);
-    return 0;
-  } else {
-    tor_assert(*msg);
-    return -1;
-  }
-}
-
 /** Read the contents of a Bridge line from <b>line</b>. Return 0
  * if the line is well-formed, and -1 if it isn't. If
  * <b>validate_only</b> is 0, and the line is well-formed, then add

src/or/connection_edge.c

@@ -31,9 +31,6 @@ const char connection_edge_c_id[] =
 #define SOCKS4_GRANTED          90
 #define SOCKS4_REJECT           91
 
-/** List of exit_redirect_t for every configured RedirectExit. */
-static smartlist_t *redirect_exit_list = NULL;
-
 static int connection_ap_handshake_process_socks(edge_connection_t *conn);
 static int connection_ap_process_natd(edge_connection_t *conn);
 static int connection_exit_connect_dir(edge_connection_t *exitconn);
@@ -2726,23 +2723,6 @@ connection_exit_connect(edge_connection_t *edge_conn)
 
   addr = &conn->addr;
   port = conn->port;
-  if (redirect_exit_list) {
-    SMARTLIST_FOREACH(redirect_exit_list, exit_redirect_t *, r,
-    {
-      if (tor_addr_compare_masked(addr, &r->addr, r->maskbits, CMP_SEMANTIC) &&
-          (r->port_min <= port) && (port <= r->port_max)) {
-        if (r->is_redirect) {
-          addr = &r->addr_dest;
-          if (r->port_dest)
-            port = r->port_dest;
-          log_debug(LD_EXIT, "Redirecting connection from %s:%d to %s:%d",
-                    escaped_safe_str(conn->address), conn->port,
-                    fmt_addr(addr), port);
-        }
-        break;
-      }
-    });
-  }
 
   log_debug(LD_EXIT,"about to try connecting");
   switch (connection_connect(conn, conn->address, addr, port, &socket_error)) {
@@ -2779,7 +2759,6 @@ connection_exit_connect(edge_connection_t *edge_conn)
                                  RELAY_COMMAND_CONNECTED,
                                  NULL, 0);
   } else { /* normal stream */
-    /* This must be the original address, not the redirected address. */
     char connected_payload[20];
     int connected_payload_len;
     if (tor_addr_family(&conn->addr) == AF_INET) {
@@ -2926,23 +2905,6 @@ connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit)
   return 1;
 }
 
-/** Make connection redirection follow the provided list of exit_redirect_t.
- * Steals a reference to <b>lst</b>; caller MUST NOT free <b>list</b>. */
-void
-set_exit_redirects(smartlist_t *lst)
-{
-  if (redirect_exit_list) {
-    SMARTLIST_FOREACH(redirect_exit_list, exit_redirect_t *, p, tor_free(p));
-    smartlist_free(redirect_exit_list);
-  }
-  if (lst && smartlist_len(lst)) {
-    log_warn(LD_GENERAL,
-             "The RedirectExit option is deprecated; it will go away in a "
-             "future version of Tor.");
-  }
-  redirect_exit_list = lst;
-}
-
 /** If address is of the form "y.onion" with a well-formed handle y:
  *     Put a NUL after y, lower-case it, and return ONION_HOSTNAME.
  *

src/or/main.c

@@ -1933,7 +1933,6 @@ tor_free_all(int postfork)
   routerlist_free_all();
   networkstatus_free_all();
   addressmap_free_all();
-  set_exit_redirects(NULL); /* free the registered exit redirects */
   dirserv_free_all();
   rend_service_free_all();
   rend_cache_free_all();

src/or/or.h

@@ -2105,22 +2105,6 @@ typedef enum invalid_router_usage_t {
   ALLOW_INVALID_INTRODUCTION=16,
 } invalid_router_usage_t;
 
-/** An entry specifying a set of addresses and ports that should be remapped
- * to another address and port before exiting this exit node. */
-typedef struct exit_redirect_t {
-  tor_addr_t addr; /**< Address to remap whenever we see it. */
-  uint16_t port_min; /**< Low end of port range to remap */
-  uint16_t port_max; /**< High end of port range to remap */
-  maskbits_t maskbits; /**< How many bits of addr need to match for us to
-                        * remap an address? */
-
-  tor_addr_t addr_dest; /**< What address do we remap these connections to? */
-  uint16_t port_dest; /**< What port do we remap these connections to? */
-  /** False iff this entry indicates a subset of the address space that
-   * <em>should not</em> be remapped. */
-  unsigned int is_redirect:1;
-} exit_redirect_t;
-
 /* limits for TCP send and recv buffer size used for constrained sockets */
 #define MIN_CONSTRAINED_TCP_BUFFER 2048
 #define MAX_CONSTRAINED_TCP_BUFFER 262144  /* 256k */
@@ -2377,8 +2361,6 @@ typedef struct {
   char *MyFamily; /**< Declared family for this OR. */
   config_line_t *NodeFamilies; /**< List of config lines for
                                        * node families */
-  config_line_t *RedirectExit; /**< List of config lines for simple
-                                       * addr/port redirection */
   config_line_t *AuthDirBadDir; /**< Address policy for descriptors to
                                  * mark as bad dir mirrors. */
   config_line_t *AuthDirBadExit; /**< Address policy for descriptors to
@@ -3092,7 +3074,6 @@ int connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
                                                crypt_path_t *cpath);
 int hostname_is_noconnect_address(const char *address);
 
-void set_exit_redirects(smartlist_t *lst);
 /** Possible return values for parse_extended_hostname. */
 typedef enum hostname_type_t {
   NORMAL_HOSTNAME, ONION_HOSTNAME, EXIT_HOSTNAME, BAD_HOSTNAME