Introduce the Tor2webRendezvousPoints torrc option.

This commit is contained in:
George Kadianakis 2014-09-15 15:26:42 +03:00
parent d6b2a1709d
commit e02138eb65
3 changed files with 29 additions and 1 deletions

View File

@ -1322,6 +1322,22 @@ The following options are useful only for clients (that is, if
To enable this option the compile time flag --enable-tor2webmode must be To enable this option the compile time flag --enable-tor2webmode must be
specified. (Default: 0) specified. (Default: 0)
[[Tor2webRendezvousPoints]] **Tor2webRendezvousPoints** __node__,__node__,__...__::
A list of identity fingerprints, nicknames, country codes and
address patterns of nodes that are allowed to be used as RPs
in HS circuits; any other nodes will not be used as RPs.
(Example:
Tor2webRendezvousPoints Fastyfasty, ABCD1234CDEF5678ABCD1234CDEF5678ABCD1234, \{cc}, 255.254.0.0/8) +
+
This feature can only be used if Tor2webMode is also enabled.
+
ExcludeNodes have higher priority than Tor2webRendezvousPoints,
which means that nodes specified in ExcludeNodes will not be
picked as RPs.
+
If no nodes in Tor2webRendezvousPoints are currently available for
use, Tor will choose a random node when building HS circuits.
[[UseMicrodescriptors]] **UseMicrodescriptors** **0**|**1**|**auto**:: [[UseMicrodescriptors]] **UseMicrodescriptors** **0**|**1**|**auto**::
Microdescriptors are a smaller version of the information that Tor needs Microdescriptors are a smaller version of the information that Tor needs
in order to build its circuits. Using microdescriptors makes Tor clients in order to build its circuits. Using microdescriptors makes Tor clients

View File

@ -66,6 +66,7 @@ static config_abbrev_t option_abbrevs_[] = {
PLURAL(ExitNode), PLURAL(ExitNode),
PLURAL(EntryNode), PLURAL(EntryNode),
PLURAL(ExcludeNode), PLURAL(ExcludeNode),
PLURAL(Tor2webRendezvousPoint),
PLURAL(FirewallPort), PLURAL(FirewallPort),
PLURAL(LongLivedPort), PLURAL(LongLivedPort),
PLURAL(HiddenServiceNode), PLURAL(HiddenServiceNode),
@ -407,6 +408,7 @@ static config_var_t option_vars_[] = {
OBSOLETE("TestVia"), OBSOLETE("TestVia"),
V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"), V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"),
V(Tor2webMode, BOOL, "0"), V(Tor2webMode, BOOL, "0"),
V(Tor2webRendezvousPoints, ROUTERSET, NULL),
V(TLSECGroup, STRING, NULL), V(TLSECGroup, STRING, NULL),
V(TrackHostExits, CSV, NULL), V(TrackHostExits, CSV, NULL),
V(TrackHostExitsExpire, INTERVAL, "30 minutes"), V(TrackHostExitsExpire, INTERVAL, "30 minutes"),
@ -1242,7 +1244,8 @@ options_need_geoip_info(const or_options_t *options, const char **reason_out)
routerset_needs_geoip(options->EntryNodes) || routerset_needs_geoip(options->EntryNodes) ||
routerset_needs_geoip(options->ExitNodes) || routerset_needs_geoip(options->ExitNodes) ||
routerset_needs_geoip(options->ExcludeExitNodes) || routerset_needs_geoip(options->ExcludeExitNodes) ||
routerset_needs_geoip(options->ExcludeNodes); routerset_needs_geoip(options->ExcludeNodes) ||
routerset_needs_geoip(options->Tor2webRendezvousPoints);
if (routerset_usage && reason_out) { if (routerset_usage && reason_out) {
*reason_out = "We've been configured to use (or avoid) nodes in certain " *reason_out = "We've been configured to use (or avoid) nodes in certain "
@ -1623,6 +1626,8 @@ options_act(const or_options_t *old_options)
options->ExcludeExitNodes) || options->ExcludeExitNodes) ||
!routerset_equal(old_options->EntryNodes, options->EntryNodes) || !routerset_equal(old_options->EntryNodes, options->EntryNodes) ||
!routerset_equal(old_options->ExitNodes, options->ExitNodes) || !routerset_equal(old_options->ExitNodes, options->ExitNodes) ||
!routerset_equal(old_options->Tor2webRendezvousPoints,
options->Tor2webRendezvousPoints) ||
options->StrictNodes != old_options->StrictNodes) { options->StrictNodes != old_options->StrictNodes) {
log_info(LD_CIRC, log_info(LD_CIRC,
"Changed to using entry guards or bridges, or changed " "Changed to using entry guards or bridges, or changed "
@ -2958,6 +2963,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
options->UseEntryGuards = 0; options->UseEntryGuards = 0;
} }
if (options->Tor2webRendezvousPoints && !options->Tor2webMode) {
REJECT("Tor2webRendezvousPoints cannot be set without Tor2webMode.");
}
if (!(options->UseEntryGuards) && if (!(options->UseEntryGuards) &&
(options->RendConfigLines != NULL)) { (options->RendConfigLines != NULL)) {
log_warn(LD_CONFIG, log_warn(LD_CONFIG,

View File

@ -3593,6 +3593,9 @@ typedef struct {
* circuits.) */ * circuits.) */
int Tor2webMode; int Tor2webMode;
/** A routerset that should be used when picking RPs for HS circuits. */
routerset_t *Tor2webRendezvousPoints;
/** Close hidden service client circuits immediately when they reach /** Close hidden service client circuits immediately when they reach
* the normal circuit-build timeout, even if they have already sent * the normal circuit-build timeout, even if they have already sent
* an INTRODUCE1 cell on its way to the service. */ * an INTRODUCE1 cell on its way to the service. */