mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
config: Move accounting/bandwidth config into the relay module
This commit: * moves accounting and bandwidth checks into relay_config, * moves testing options checks into relay_config, * moves some other minor checks into relay_config, * exposes some code from src/app/config.c (we'll refactor it later in 29211), and * adds thin wrappers to make the moved code compile. No functional changes: the moved code is still enabled, even if the relay module is disabled. (Some of the checks are re-ordered, so the order of some warnings may change.) Part of 32213.
This commit is contained in:
parent
11f283f561
commit
d5ca56e254
@ -1747,32 +1747,6 @@ options_need_geoip_info(const or_options_t *options, const char **reason_out)
|
||||
return bridge_usage || routerset_usage;
|
||||
}
|
||||
|
||||
/** Return the bandwidthrate that we are going to report to the authorities
|
||||
* based on the config options. */
|
||||
uint32_t
|
||||
get_effective_bwrate(const or_options_t *options)
|
||||
{
|
||||
uint64_t bw = options->BandwidthRate;
|
||||
if (bw > options->MaxAdvertisedBandwidth)
|
||||
bw = options->MaxAdvertisedBandwidth;
|
||||
if (options->RelayBandwidthRate > 0 && bw > options->RelayBandwidthRate)
|
||||
bw = options->RelayBandwidthRate;
|
||||
/* ensure_bandwidth_cap() makes sure that this cast can't overflow. */
|
||||
return (uint32_t)bw;
|
||||
}
|
||||
|
||||
/** Return the bandwidthburst that we are going to report to the authorities
|
||||
* based on the config options. */
|
||||
uint32_t
|
||||
get_effective_bwburst(const or_options_t *options)
|
||||
{
|
||||
uint64_t bw = options->BandwidthBurst;
|
||||
if (options->RelayBandwidthBurst > 0 && bw > options->RelayBandwidthBurst)
|
||||
bw = options->RelayBandwidthBurst;
|
||||
/* ensure_bandwidth_cap() makes sure that this cast can't overflow. */
|
||||
return (uint32_t)bw;
|
||||
}
|
||||
|
||||
/* Used in the various options_transition_affects* functions. */
|
||||
#define YES_IF_CHANGED_BOOL(opt) \
|
||||
if (!CFG_EQ_BOOL(old_options, new_options, opt)) return 1;
|
||||
@ -3091,7 +3065,7 @@ validate_ports_csv(smartlist_t *sl, const char *name, char **msg)
|
||||
* a complaint into *<b>msg</b> using string <b>desc</b>, and return -1.
|
||||
* Else return 0.
|
||||
*/
|
||||
static int
|
||||
int
|
||||
ensure_bandwidth_cap(uint64_t *value, const char *desc, char **msg)
|
||||
{
|
||||
if (*value > ROUTER_MAX_DECLARED_BANDWIDTH) {
|
||||
@ -3418,6 +3392,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
if (options_validate_relay_os(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
|
||||
/* 31851: OutboundBindAddressExit is unused in client mode */
|
||||
if (parse_outbound_addresses(options, 1, msg) < 0)
|
||||
return -1;
|
||||
|
||||
@ -3426,6 +3401,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
|
||||
/* need to check for relative paths after we populate
|
||||
* options->DataDirectory (just above). */
|
||||
/* 31851: some paths are unused in client mode */
|
||||
if (warn_about_relative_paths(options) && options->RunAsDaemon) {
|
||||
REJECT("You have specified at least one relative path (see above) "
|
||||
"with the RunAsDaemon option. RunAsDaemon is not compatible "
|
||||
@ -3435,6 +3411,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
if (options_validate_relay_info(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
|
||||
/* 31851: this function is currently a no-op in client mode */
|
||||
check_network_configuration(server_mode(options));
|
||||
|
||||
/* Validate the tor_log(s) */
|
||||
@ -3448,13 +3425,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
REJECT("Failed to resolve/guess local address. See logs for details.");
|
||||
}
|
||||
|
||||
if (server_mode(options) && options->RendConfigLines)
|
||||
log_warn(LD_CONFIG,
|
||||
"Tor is currently configured as a relay and a hidden service. "
|
||||
"That's not very secure: you should probably run your hidden service "
|
||||
"in a separate Tor process, at least -- see "
|
||||
"https://trac.torproject.org/8742");
|
||||
|
||||
/* XXXX require that the only port not be DirPort? */
|
||||
/* XXXX require that at least one port be listened-upon. */
|
||||
if (n_ports == 0 && !options->RendConfigLines)
|
||||
@ -3863,21 +3833,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
if (ensure_bandwidth_cap(&options->BandwidthBurst,
|
||||
"BandwidthBurst", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->MaxAdvertisedBandwidth,
|
||||
"MaxAdvertisedBandwidth", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->RelayBandwidthRate,
|
||||
"RelayBandwidthRate", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->RelayBandwidthBurst,
|
||||
"RelayBandwidthBurst", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->PerConnBWRate,
|
||||
"PerConnBWRate", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->PerConnBWBurst,
|
||||
"PerConnBWBurst", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
|
||||
"AuthDirFastGuarantee", msg) < 0)
|
||||
return -1;
|
||||
@ -3885,58 +3840,15 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
"AuthDirGuardBWGuarantee", msg) < 0)
|
||||
return -1;
|
||||
|
||||
if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
|
||||
options->RelayBandwidthBurst = options->RelayBandwidthRate;
|
||||
if (options->RelayBandwidthBurst && !options->RelayBandwidthRate)
|
||||
options->RelayBandwidthRate = options->RelayBandwidthBurst;
|
||||
|
||||
if (options_validate_relay_bandwidth(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
|
||||
if (options->RelayBandwidthRate > options->RelayBandwidthBurst)
|
||||
REJECT("RelayBandwidthBurst must be at least equal "
|
||||
"to RelayBandwidthRate.");
|
||||
|
||||
if (options->BandwidthRate > options->BandwidthBurst)
|
||||
REJECT("BandwidthBurst must be at least equal to BandwidthRate.");
|
||||
|
||||
/* if they set relaybandwidth* really high but left bandwidth*
|
||||
* at the default, raise the defaults. */
|
||||
if (options->RelayBandwidthRate > options->BandwidthRate)
|
||||
options->BandwidthRate = options->RelayBandwidthRate;
|
||||
if (options->RelayBandwidthBurst > options->BandwidthBurst)
|
||||
options->BandwidthBurst = options->RelayBandwidthBurst;
|
||||
|
||||
if (accounting_parse_options(options, 1)<0)
|
||||
REJECT("Failed to parse accounting options. See logs for details.");
|
||||
|
||||
if (options->AccountingMax) {
|
||||
if (options->RendConfigLines && server_mode(options)) {
|
||||
log_warn(LD_CONFIG, "Using accounting with a hidden service and an "
|
||||
"ORPort is risky: your hidden service(s) and your public "
|
||||
"address will all turn off at the same time, which may alert "
|
||||
"observers that they are being run by the same party.");
|
||||
} else if (config_count_key(options->RendConfigLines,
|
||||
"HiddenServiceDir") > 1) {
|
||||
log_warn(LD_CONFIG, "Using accounting with multiple hidden services is "
|
||||
"risky: they will all turn off at the same time, which may "
|
||||
"alert observers that they are being run by the same party.");
|
||||
}
|
||||
}
|
||||
|
||||
options->AccountingRule = ACCT_MAX;
|
||||
if (options->AccountingRule_option) {
|
||||
if (!strcmp(options->AccountingRule_option, "sum"))
|
||||
options->AccountingRule = ACCT_SUM;
|
||||
else if (!strcmp(options->AccountingRule_option, "max"))
|
||||
options->AccountingRule = ACCT_MAX;
|
||||
else if (!strcmp(options->AccountingRule_option, "in"))
|
||||
options->AccountingRule = ACCT_IN;
|
||||
else if (!strcmp(options->AccountingRule_option, "out"))
|
||||
options->AccountingRule = ACCT_OUT;
|
||||
else
|
||||
REJECT("AccountingRule must be 'sum', 'max', 'in', or 'out'");
|
||||
}
|
||||
if (options_validate_relay_accounting(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
|
||||
if (options_validate_relay_mode(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
@ -4122,14 +4034,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
MIN_CONSTRAINED_TCP_BUFFER, MAX_CONSTRAINED_TCP_BUFFER);
|
||||
return -1;
|
||||
}
|
||||
if (options->DirPort_set) {
|
||||
/* Providing cached directory entries while system TCP buffers are scarce
|
||||
* will exacerbate the socket errors. Suggest that this be disabled. */
|
||||
COMPLAIN("You have requested constrained socket buffers while also "
|
||||
"serving directory entries via DirPort. It is strongly "
|
||||
"suggested that you disable serving directory requests when "
|
||||
"system TCP buffer resources are scarce.");
|
||||
}
|
||||
}
|
||||
|
||||
if (options_validate_dirauth_schedule(old_options, options, msg) < 0)
|
||||
@ -4174,6 +4078,7 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
if (! options->TestingTorNetwork && !options->UsingTestNetworkDefaults_) {
|
||||
or_options_t *dflt_options = options_new();
|
||||
options_init(dflt_options);
|
||||
/* 31851: some of these options are dirauth or relay only */
|
||||
CHECK_DEFAULT(TestingV3AuthInitialVotingInterval);
|
||||
CHECK_DEFAULT(TestingV3AuthInitialVoteDelay);
|
||||
CHECK_DEFAULT(TestingV3AuthInitialDistDelay);
|
||||
@ -4201,13 +4106,9 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
|
||||
!(options->DirAuthorities ||
|
||||
(options->AlternateDirAuthority && options->AlternateBridgeAuthority)))
|
||||
REJECT("ClientDNSRejectInternalAddresses used for default network.");
|
||||
if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
|
||||
REJECT("SigningKeyLifetime is too short.");
|
||||
if (options->TestingLinkCertLifetime < options->TestingAuthKeySlop*2)
|
||||
REJECT("LinkCertLifetime is too short.");
|
||||
if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
|
||||
REJECT("TestingAuthKeyLifetime is too short.");
|
||||
|
||||
if (options_validate_relay_testing(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
if (options_validate_dirauth_testing(old_options, options, msg) < 0)
|
||||
return -1;
|
||||
|
||||
|
@ -189,9 +189,6 @@ int getinfo_helper_config(control_connection_t *conn,
|
||||
const char *question, char **answer,
|
||||
const char **errmsg);
|
||||
|
||||
uint32_t get_effective_bwrate(const or_options_t *options);
|
||||
uint32_t get_effective_bwburst(const or_options_t *options);
|
||||
|
||||
int init_cookie_authentication(const char *fname, const char *header,
|
||||
int cookie_len, int group_readable,
|
||||
uint8_t **cookie_out, int *cookie_is_set_out);
|
||||
@ -277,6 +274,7 @@ int count_real_listeners(const smartlist_t *ports,
|
||||
int parse_transport_line(const or_options_t *options,
|
||||
const char *line, int validate_only,
|
||||
int server);
|
||||
int ensure_bandwidth_cap(uint64_t *value, const char *desc, char **msg);
|
||||
|
||||
#ifdef CONFIG_PRIVATE
|
||||
|
||||
|
@ -27,6 +27,7 @@
|
||||
#include "core/mainloop/connection.h"
|
||||
#include "core/or/port_cfg_st.h"
|
||||
|
||||
#include "feature/hibernate/hibernate.h"
|
||||
#include "feature/nodelist/nickname.h"
|
||||
|
||||
#include "feature/relay/dns.h"
|
||||
@ -522,6 +523,29 @@ options_validate_relay_bandwidth(const or_options_t *old_options,
|
||||
if (BUG(!msg))
|
||||
return -1;
|
||||
|
||||
/* 31851: the tests expect us to validate bandwidths, even when we are not
|
||||
* in relay mode. */
|
||||
if (ensure_bandwidth_cap(&options->MaxAdvertisedBandwidth,
|
||||
"MaxAdvertisedBandwidth", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->RelayBandwidthRate,
|
||||
"RelayBandwidthRate", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->RelayBandwidthBurst,
|
||||
"RelayBandwidthBurst", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->PerConnBWRate,
|
||||
"PerConnBWRate", msg) < 0)
|
||||
return -1;
|
||||
if (ensure_bandwidth_cap(&options->PerConnBWBurst,
|
||||
"PerConnBWBurst", msg) < 0)
|
||||
return -1;
|
||||
|
||||
if (options->RelayBandwidthRate && !options->RelayBandwidthBurst)
|
||||
options->RelayBandwidthBurst = options->RelayBandwidthRate;
|
||||
if (options->RelayBandwidthBurst && !options->RelayBandwidthRate)
|
||||
options->RelayBandwidthRate = options->RelayBandwidthBurst;
|
||||
|
||||
if (server_mode(options)) {
|
||||
const unsigned required_min_bw =
|
||||
public_server_mode(options) ?
|
||||
@ -555,6 +579,101 @@ options_validate_relay_bandwidth(const or_options_t *old_options,
|
||||
}
|
||||
}
|
||||
|
||||
/* 31851: the tests expect us to validate bandwidths, even when we are not
|
||||
* in relay mode. */
|
||||
if (options->RelayBandwidthRate > options->RelayBandwidthBurst)
|
||||
REJECT("RelayBandwidthBurst must be at least equal "
|
||||
"to RelayBandwidthRate.");
|
||||
|
||||
/* if they set relaybandwidth* really high but left bandwidth*
|
||||
* at the default, raise the defaults. */
|
||||
if (options->RelayBandwidthRate > options->BandwidthRate)
|
||||
options->BandwidthRate = options->RelayBandwidthRate;
|
||||
if (options->RelayBandwidthBurst > options->BandwidthBurst)
|
||||
options->BandwidthBurst = options->RelayBandwidthBurst;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/** Return the bandwidthrate that we are going to report to the authorities
|
||||
* based on the config options. */
|
||||
uint32_t
|
||||
get_effective_bwrate(const or_options_t *options)
|
||||
{
|
||||
uint64_t bw = options->BandwidthRate;
|
||||
if (bw > options->MaxAdvertisedBandwidth)
|
||||
bw = options->MaxAdvertisedBandwidth;
|
||||
if (options->RelayBandwidthRate > 0 && bw > options->RelayBandwidthRate)
|
||||
bw = options->RelayBandwidthRate;
|
||||
/* ensure_bandwidth_cap() makes sure that this cast can't overflow. */
|
||||
return (uint32_t)bw;
|
||||
}
|
||||
|
||||
/** Return the bandwidthburst that we are going to report to the authorities
|
||||
* based on the config options. */
|
||||
uint32_t
|
||||
get_effective_bwburst(const or_options_t *options)
|
||||
{
|
||||
uint64_t bw = options->BandwidthBurst;
|
||||
if (options->RelayBandwidthBurst > 0 && bw > options->RelayBandwidthBurst)
|
||||
bw = options->RelayBandwidthBurst;
|
||||
/* ensure_bandwidth_cap() makes sure that this cast can't overflow. */
|
||||
return (uint32_t)bw;
|
||||
}
|
||||
|
||||
/**
|
||||
* Legacy validation/normalization function for the relay bandwidth accounting
|
||||
* options. Uses old_options as the previous options.
|
||||
*
|
||||
* Returns 0 on success, returns -1 and sets *msg to a newly allocated string
|
||||
* on error.
|
||||
*/
|
||||
int
|
||||
options_validate_relay_accounting(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg)
|
||||
{
|
||||
(void)old_options;
|
||||
|
||||
if (BUG(!options))
|
||||
return -1;
|
||||
|
||||
if (BUG(!msg))
|
||||
return -1;
|
||||
|
||||
/* 31851: the tests expect us to validate accounting, even when we are not
|
||||
* in relay mode. */
|
||||
if (accounting_parse_options(options, 1)<0)
|
||||
REJECT("Failed to parse accounting options. See logs for details.");
|
||||
|
||||
if (options->AccountingMax) {
|
||||
if (options->RendConfigLines && server_mode(options)) {
|
||||
log_warn(LD_CONFIG, "Using accounting with a hidden service and an "
|
||||
"ORPort is risky: your hidden service(s) and your public "
|
||||
"address will all turn off at the same time, which may alert "
|
||||
"observers that they are being run by the same party.");
|
||||
} else if (config_count_key(options->RendConfigLines,
|
||||
"HiddenServiceDir") > 1) {
|
||||
log_warn(LD_CONFIG, "Using accounting with multiple hidden services is "
|
||||
"risky: they will all turn off at the same time, which may "
|
||||
"alert observers that they are being run by the same party.");
|
||||
}
|
||||
}
|
||||
|
||||
options->AccountingRule = ACCT_MAX;
|
||||
if (options->AccountingRule_option) {
|
||||
if (!strcmp(options->AccountingRule_option, "sum"))
|
||||
options->AccountingRule = ACCT_SUM;
|
||||
else if (!strcmp(options->AccountingRule_option, "max"))
|
||||
options->AccountingRule = ACCT_MAX;
|
||||
else if (!strcmp(options->AccountingRule_option, "in"))
|
||||
options->AccountingRule = ACCT_IN;
|
||||
else if (!strcmp(options->AccountingRule_option, "out"))
|
||||
options->AccountingRule = ACCT_OUT;
|
||||
else
|
||||
REJECT("AccountingRule must be 'sum', 'max', 'in', or 'out'");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -703,6 +822,13 @@ options_validate_relay_mode(const or_options_t *old_options,
|
||||
if (BUG(!msg))
|
||||
return -1;
|
||||
|
||||
if (server_mode(options) && options->RendConfigLines)
|
||||
log_warn(LD_CONFIG,
|
||||
"Tor is currently configured as a relay and a hidden service. "
|
||||
"That's not very secure: you should probably run your hidden service "
|
||||
"in a separate Tor process, at least -- see "
|
||||
"https://trac.torproject.org/8742");
|
||||
|
||||
if (options->BridgeRelay && options->DirPort_set) {
|
||||
log_warn(LD_CONFIG, "Can't set a DirPort on a bridge relay; disabling "
|
||||
"DirPort");
|
||||
@ -747,5 +873,46 @@ options_validate_relay_mode(const or_options_t *old_options,
|
||||
options->MyFamily_lines, "MyFamily", msg))
|
||||
return -1;
|
||||
|
||||
if (options->ConstrainedSockets) {
|
||||
if (options->DirPort_set) {
|
||||
/* Providing cached directory entries while system TCP buffers are scarce
|
||||
* will exacerbate the socket errors. Suggest that this be disabled. */
|
||||
COMPLAIN("You have requested constrained socket buffers while also "
|
||||
"serving directory entries via DirPort. It is strongly "
|
||||
"suggested that you disable serving directory requests when "
|
||||
"system TCP buffer resources are scarce.");
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Legacy validation/normalization function for the relay testing options
|
||||
* in options. Uses old_options as the previous options.
|
||||
*
|
||||
* Returns 0 on success, returns -1 and sets *msg to a newly allocated string
|
||||
* on error.
|
||||
*/
|
||||
int
|
||||
options_validate_relay_testing(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg)
|
||||
{
|
||||
(void)old_options;
|
||||
|
||||
if (BUG(!options))
|
||||
return -1;
|
||||
|
||||
if (BUG(!msg))
|
||||
return -1;
|
||||
|
||||
if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
|
||||
REJECT("SigningKeyLifetime is too short.");
|
||||
if (options->TestingLinkCertLifetime < options->TestingAuthKeySlop*2)
|
||||
REJECT("LinkCertLifetime is too short.");
|
||||
if (options->TestingAuthKeyLifetime < options->TestingLinkKeySlop*2)
|
||||
REJECT("TestingAuthKeyLifetime is too short.");
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
@ -44,11 +44,21 @@ int options_validate_relay_padding(const or_options_t *old_options,
|
||||
int options_validate_relay_bandwidth(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg);
|
||||
uint32_t get_effective_bwrate(const or_options_t *options);
|
||||
uint32_t get_effective_bwburst(const or_options_t *options);
|
||||
|
||||
int options_validate_relay_accounting(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg);
|
||||
|
||||
int options_validate_relay_mode(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg);
|
||||
|
||||
int options_validate_relay_testing(const or_options_t *old_options,
|
||||
or_options_t *options,
|
||||
char **msg);
|
||||
|
||||
#ifdef RELAY_CONFIG_PRIVATE
|
||||
|
||||
STATIC int check_bridge_distribution_setting(const char *bd);
|
||||
|
@ -35,6 +35,7 @@
|
||||
#include "feature/nodelist/routerlist.h"
|
||||
#include "feature/nodelist/torcert.h"
|
||||
#include "feature/relay/dns.h"
|
||||
#include "feature/relay/relay_config.h"
|
||||
#include "feature/relay/router.h"
|
||||
#include "feature/relay/routerkeys.h"
|
||||
#include "feature/relay/routermode.h"
|
||||
|
Loading…
Reference in New Issue
Block a user