mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-20 21:16:22 +02:00
Dirauth options: move versioning options to dirauth module
This commit moves VersioningAuthoritativeDirectory, RecommendedClientVersions, and RecommendedServerVersions.
This commit is contained in:
parent
a6ba56761b
commit
ea91edff15
@ -623,9 +623,6 @@ static const config_var_t option_vars_[] = {
|
||||
V(ReachableAddresses, LINELIST, NULL),
|
||||
V(ReachableDirAddresses, LINELIST, NULL),
|
||||
V(ReachableORAddresses, LINELIST, NULL),
|
||||
V(RecommendedVersions, LINELIST, NULL),
|
||||
V(RecommendedClientVersions, LINELIST, NULL),
|
||||
V(RecommendedServerVersions, LINELIST, NULL),
|
||||
OBSOLETE("RecommendedPackages"),
|
||||
V(ReducedConnectionPadding, BOOL, "0"),
|
||||
V(ConnectionPadding, AUTOBOOL, "auto"),
|
||||
@ -703,7 +700,6 @@ static const config_var_t option_vars_[] = {
|
||||
V(V3AuthUseLegacyKey, BOOL, "0"),
|
||||
V(V3BandwidthsFile, FILENAME, NULL),
|
||||
V(GuardfractionFile, FILENAME, NULL),
|
||||
VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
|
||||
OBSOLETE("VoteOnHidServDirectoriesV2"),
|
||||
V(VirtualAddrNetworkIPv4, STRING, "127.192.0.0/10"),
|
||||
V(VirtualAddrNetworkIPv6, STRING, "[FE80::]/10"),
|
||||
|
@ -113,11 +113,6 @@ struct or_options_t {
|
||||
* [][0] is IPv4, [][1] is IPv6
|
||||
*/
|
||||
tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2];
|
||||
/** Directory server only: which versions of
|
||||
* Tor should we tell users to run? */
|
||||
struct config_line_t *RecommendedVersions;
|
||||
struct config_line_t *RecommendedClientVersions;
|
||||
struct config_line_t *RecommendedServerVersions;
|
||||
/** Whether dirservers allow router descriptors with private IPs. */
|
||||
int DirAllowPrivateAddresses;
|
||||
/** Whether routers accept EXTEND cells to routers with private IPs. */
|
||||
@ -192,9 +187,6 @@ struct or_options_t {
|
||||
int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
|
||||
int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory
|
||||
* for version 3 directories? */
|
||||
int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative
|
||||
* directory that's willing to recommend
|
||||
* versions? */
|
||||
int BridgeAuthoritativeDir; /**< Boolean: is this an authoritative directory
|
||||
* that aggregates bridge descriptors? */
|
||||
|
||||
|
@ -73,24 +73,6 @@ options_validate_dirauth_mode(const or_options_t *old_options,
|
||||
|
||||
if (!options->ContactInfo && !options->TestingTorNetwork)
|
||||
REJECT("Authoritative directory servers must set ContactInfo");
|
||||
if (!options->RecommendedClientVersions)
|
||||
options->RecommendedClientVersions =
|
||||
config_lines_dup(options->RecommendedVersions);
|
||||
if (!options->RecommendedServerVersions)
|
||||
options->RecommendedServerVersions =
|
||||
config_lines_dup(options->RecommendedVersions);
|
||||
if (options->VersioningAuthoritativeDir &&
|
||||
(!options->RecommendedClientVersions ||
|
||||
!options->RecommendedServerVersions))
|
||||
REJECT("Versioning authoritative dir servers must set "
|
||||
"Recommended*Versions.");
|
||||
|
||||
char *t;
|
||||
/* Call these functions to produce warnings only. */
|
||||
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
|
||||
tor_free(t);
|
||||
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
|
||||
tor_free(t);
|
||||
|
||||
if (options->UseEntryGuards) {
|
||||
log_info(LD_CONFIG, "Authoritative directory servers can't set "
|
||||
@ -441,6 +423,55 @@ options_act_dirauth_stats(const or_options_t *old_options,
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Make any necessary modifications to a dirauth_options_t that occur
|
||||
* before validation. On success return 0; on failure return -1 and
|
||||
* set *<b>msg_out</b> to a newly allocated error string.
|
||||
**/
|
||||
static int
|
||||
dirauth_options_pre_normalize(void *arg, char **msg_out)
|
||||
{
|
||||
dirauth_options_t *options = arg;
|
||||
(void)msg_out;
|
||||
|
||||
if (!options->RecommendedClientVersions)
|
||||
options->RecommendedClientVersions =
|
||||
config_lines_dup(options->RecommendedVersions);
|
||||
if (!options->RecommendedServerVersions)
|
||||
options->RecommendedServerVersions =
|
||||
config_lines_dup(options->RecommendedVersions);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check whether a dirauth_options_t is correct.
|
||||
*
|
||||
* On success return 0; on failure return -1 and set *<b>msg_out</b> to a
|
||||
* newly allocated error string.
|
||||
**/
|
||||
static int
|
||||
dirauth_options_validate(const void *arg, char **msg)
|
||||
{
|
||||
const dirauth_options_t *options = arg;
|
||||
|
||||
if (options->VersioningAuthoritativeDirectory &&
|
||||
(!options->RecommendedClientVersions ||
|
||||
!options->RecommendedServerVersions)) {
|
||||
REJECT("Versioning authoritative dir servers must set "
|
||||
"Recommended*Versions.");
|
||||
}
|
||||
|
||||
char *t;
|
||||
/* Call these functions to produce warnings only. */
|
||||
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
|
||||
tor_free(t);
|
||||
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
|
||||
tor_free(t);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* Declare the options field table for dirauth_options */
|
||||
#define CONF_CONTEXT TABLE
|
||||
#include "feature/dirauth/dirauth_options.inc"
|
||||
@ -458,5 +489,7 @@ const config_format_t dirauth_options_fmt = {
|
||||
DIRAUTH_OPTIONS_MAGIC,
|
||||
offsetof(dirauth_options_t, magic) },
|
||||
.vars = dirauth_options_t_vars,
|
||||
};
|
||||
|
||||
.pre_normalize_fn = dirauth_options_pre_normalize,
|
||||
.validate_fn = dirauth_options_validate
|
||||
};
|
||||
|
@ -15,4 +15,17 @@ BEGIN_CONF_STRUCT(dirauth_options_t)
|
||||
/** Do not permit more than this number of servers per IP address. */
|
||||
CONF_VAR(AuthDirMaxServersPerAddr, POSINT, 0, "2")
|
||||
|
||||
/** Which versions of tor should we tell users to run? */
|
||||
CONF_VAR(RecommendedVersions, LINELIST, 0, NULL)
|
||||
|
||||
/** Which versions of tor should we tell users to run on clients? */
|
||||
CONF_VAR(RecommendedClientVersions, LINELIST, 0, NULL)
|
||||
|
||||
/** Which versions of tor should we tell users to run on relays? */
|
||||
CONF_VAR(RecommendedServerVersions, LINELIST, 0, NULL)
|
||||
|
||||
/** Boolean: is this an authoritative directory that's willing to recommend
|
||||
* versions? */
|
||||
CONF_VAR(VersioningAuthoritativeDirectory, BOOL, 0, "0")
|
||||
|
||||
END_CONF_STRUCT(dirauth_options_t)
|
||||
|
@ -4419,6 +4419,7 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
|
||||
authority_cert_t *cert)
|
||||
{
|
||||
const or_options_t *options = get_options();
|
||||
const dirauth_options_t *d_options = dirauth_get_options();
|
||||
networkstatus_t *v3_out = NULL;
|
||||
uint32_t addr;
|
||||
char *hostname = NULL, *client_versions = NULL, *server_versions = NULL;
|
||||
@ -4458,11 +4459,11 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
|
||||
hostname = tor_dup_ip(addr);
|
||||
}
|
||||
|
||||
if (options->VersioningAuthoritativeDir) {
|
||||
if (d_options->VersioningAuthoritativeDirectory) {
|
||||
client_versions =
|
||||
format_recommended_version_list(options->RecommendedClientVersions, 0);
|
||||
format_recommended_version_list(d_options->RecommendedClientVersions, 0);
|
||||
server_versions =
|
||||
format_recommended_version_list(options->RecommendedServerVersions, 0);
|
||||
format_recommended_version_list(d_options->RecommendedServerVersions, 0);
|
||||
}
|
||||
|
||||
contact = get_options()->ContactInfo;
|
||||
|
@ -10,6 +10,8 @@
|
||||
#include "lib/confmgt/confmgt.h"
|
||||
#include "app/config/config.h"
|
||||
#include "feature/dirauth/dirauth_config.h"
|
||||
#include "feature/dirauth/dirauth_options_st.h"
|
||||
#include "feature/dirauth/dirauth_sys.h"
|
||||
#include "feature/relay/relay_config.h"
|
||||
#include "test/test.h"
|
||||
#include "lib/geoip/geoip.h"
|
||||
@ -752,6 +754,14 @@ test_options_validate__logs(void *ignored)
|
||||
/* return config_line; */
|
||||
/* } */
|
||||
|
||||
static dirauth_options_t *
|
||||
get_dirauth_options(or_options_t *opt)
|
||||
{
|
||||
int idx = subsystems_get_options_idx(&sys_dirauth);
|
||||
tor_assert(idx >= 0);
|
||||
return config_mgr_get_obj_mutable(get_options_mgr(), opt, idx);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__authdir(void *ignored)
|
||||
{
|
||||
@ -762,6 +772,7 @@ test_options_validate__authdir(void *ignored)
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
ENABLE_AUTHORITY_V3_MIN
|
||||
"Address this.should.not!exist!.example.org");
|
||||
const dirauth_options_t *da_opt;
|
||||
|
||||
sandbox_disable_getaddrinfo_cache();
|
||||
|
||||
@ -820,8 +831,9 @@ test_options_validate__authdir(void *ignored)
|
||||
"RecommendedVersions 1.2, 3.14\n");
|
||||
mock_clean_saved_logs();
|
||||
options_validate(NULL, tdata->opt, &msg);
|
||||
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
|
||||
tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14");
|
||||
da_opt = get_dirauth_options(tdata->opt);
|
||||
tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
|
||||
tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14");
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
@ -831,8 +843,9 @@ test_options_validate__authdir(void *ignored)
|
||||
"RecommendedServerVersions 4.18\n");
|
||||
mock_clean_saved_logs();
|
||||
options_validate(NULL, tdata->opt, &msg);
|
||||
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "25");
|
||||
tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "4.18");
|
||||
da_opt = get_dirauth_options(tdata->opt);
|
||||
tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "25");
|
||||
tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "4.18");
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
@ -843,6 +856,7 @@ test_options_validate__authdir(void *ignored)
|
||||
"RecommendedServerVersions 4.18\n");
|
||||
mock_clean_saved_logs();
|
||||
options_validate(NULL, tdata->opt, &msg);
|
||||
da_opt = get_dirauth_options(tdata->opt);
|
||||
tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
|
||||
"AuthoritativeDir is set.");
|
||||
tor_free(msg);
|
||||
@ -853,6 +867,7 @@ test_options_validate__authdir(void *ignored)
|
||||
"RecommendedServerVersions 4.18\n");
|
||||
mock_clean_saved_logs();
|
||||
options_validate(NULL, tdata->opt, &msg);
|
||||
da_opt = get_dirauth_options(tdata->opt);
|
||||
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
|
||||
"Recommended*Versions.");
|
||||
tor_free(msg);
|
||||
@ -863,9 +878,11 @@ test_options_validate__authdir(void *ignored)
|
||||
"RecommendedClientVersions 4.18\n");
|
||||
mock_clean_saved_logs();
|
||||
options_validate(NULL, tdata->opt, &msg);
|
||||
da_opt = get_dirauth_options(tdata->opt);
|
||||
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
|
||||
"Recommended*Versions.");
|
||||
tor_free(msg);
|
||||
da_opt = NULL;
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(ENABLE_AUTHORITY_V3
|
||||
|
Loading…
Reference in New Issue
Block a user