nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

Dirauth options: move versioning options to dirauth module

Browse Source 
This commit moves VersioningAuthoritativeDirectory,
RecommendedClientVersions, and RecommendedServerVersions.
This commit is contained in:
Nick Mathewson 2019-12-19 08:24:46 -05:00
parent a6ba56761b
commit ea91edff15
6 changed files with 90 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/app/config/config.c
View File

@ -623,9 +623,6 @@ static const config_var_t option_vars_[] = {
V(ReachableAddresses, LINELIST, NULL),
V(ReachableDirAddresses, LINELIST, NULL),
V(ReachableORAddresses, LINELIST, NULL),
V(RecommendedVersions, LINELIST, NULL),
V(RecommendedClientVersions, LINELIST, NULL),
V(RecommendedServerVersions, LINELIST, NULL),
OBSOLETE("RecommendedPackages"),
V(ReducedConnectionPadding, BOOL, "0"),
V(ConnectionPadding, AUTOBOOL, "auto"),
@ -703,7 +700,6 @@ static const config_var_t option_vars_[] = {
V(V3AuthUseLegacyKey, BOOL, "0"),
V(V3BandwidthsFile, FILENAME, NULL),
V(GuardfractionFile, FILENAME, NULL),
VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
OBSOLETE("VoteOnHidServDirectoriesV2"),
V(VirtualAddrNetworkIPv4, STRING, "127.192.0.0/10"),
V(VirtualAddrNetworkIPv6, STRING, "[FE80::]/10"),

8
src/app/config/or_options_st.h
View File

@ -113,11 +113,6 @@ struct or_options_t {
* [][0] is IPv4, [][1] is IPv6
*/
tor_addr_t OutboundBindAddresses[OUTBOUND_ADDR_MAX][2];
/** Directory server only: which versions of
* Tor should we tell users to run? */
struct config_line_t *RecommendedVersions;
struct config_line_t *RecommendedClientVersions;
struct config_line_t *RecommendedServerVersions;
/** Whether dirservers allow router descriptors with private IPs. */
int DirAllowPrivateAddresses;
/** Whether routers accept EXTEND cells to routers with private IPs. */
@ -192,9 +187,6 @@ struct or_options_t {
int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
int V3AuthoritativeDir; /**< Boolean: is this an authoritative directory
* for version 3 directories? */
int VersioningAuthoritativeDir; /**< Boolean: is this an authoritative
* directory that's willing to recommend
* versions? */
int BridgeAuthoritativeDir; /**< Boolean: is this an authoritative directory
* that aggregates bridge descriptors? */

71
src/feature/dirauth/dirauth_config.c
View File

@ -73,24 +73,6 @@ options_validate_dirauth_mode(const or_options_t *old_options,
if (!options->ContactInfo && !options->TestingTorNetwork)
REJECT("Authoritative directory servers must set ContactInfo");
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
if (options->VersioningAuthoritativeDir &&
(!options->RecommendedClientVersions ||
!options->RecommendedServerVersions))
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
@ -441,6 +423,55 @@ options_act_dirauth_stats(const or_options_t *old_options,
return 0;
}
/**
* Make any necessary modifications to a dirauth_options_t that occur
* before validation. On success return 0; on failure return -1 and
* set *<b>msg_out</b> to a newly allocated error string.
**/
static int
dirauth_options_pre_normalize(void *arg, char **msg_out)
{
dirauth_options_t *options = arg;
(void)msg_out;
if (!options->RecommendedClientVersions)
options->RecommendedClientVersions =
config_lines_dup(options->RecommendedVersions);
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
return 0;
}
/**
* Check whether a dirauth_options_t is correct.
*
* On success return 0; on failure return -1 and set *<b>msg_out</b> to a
* newly allocated error string.
**/
static int
dirauth_options_validate(const void *arg, char **msg)
{
const dirauth_options_t *options = arg;
if (options->VersioningAuthoritativeDirectory &&
(!options->RecommendedClientVersions ||
!options->RecommendedServerVersions)) {
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
}
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
return 0;
}
/* Declare the options field table for dirauth_options */
#define CONF_CONTEXT TABLE
#include "feature/dirauth/dirauth_options.inc"
@ -458,5 +489,7 @@ const config_format_t dirauth_options_fmt = {
DIRAUTH_OPTIONS_MAGIC,
offsetof(dirauth_options_t, magic) },
.vars = dirauth_options_t_vars,
};
.pre_normalize_fn = dirauth_options_pre_normalize,
.validate_fn = dirauth_options_validate
};

13
src/feature/dirauth/dirauth_options.inc
View File

@ -15,4 +15,17 @@ BEGIN_CONF_STRUCT(dirauth_options_t)
/** Do not permit more than this number of servers per IP address. */
CONF_VAR(AuthDirMaxServersPerAddr, POSINT, 0, "2")
/** Which versions of tor should we tell users to run? */
CONF_VAR(RecommendedVersions, LINELIST, 0, NULL)
/** Which versions of tor should we tell users to run on clients? */
CONF_VAR(RecommendedClientVersions, LINELIST, 0, NULL)
/** Which versions of tor should we tell users to run on relays? */
CONF_VAR(RecommendedServerVersions, LINELIST, 0, NULL)
/** Boolean: is this an authoritative directory that's willing to recommend
* versions? */
CONF_VAR(VersioningAuthoritativeDirectory, BOOL, 0, "0")
END_CONF_STRUCT(dirauth_options_t)

7
src/feature/dirauth/dirvote.c
View File

@ -4419,6 +4419,7 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
authority_cert_t *cert)
{
const or_options_t *options = get_options();
const dirauth_options_t *d_options = dirauth_get_options();
networkstatus_t *v3_out = NULL;
uint32_t addr;
char *hostname = NULL, *client_versions = NULL, *server_versions = NULL;
@ -4458,11 +4459,11 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
hostname = tor_dup_ip(addr);
}
if (options->VersioningAuthoritativeDir) {
if (d_options->VersioningAuthoritativeDirectory) {
client_versions =
format_recommended_version_list(options->RecommendedClientVersions, 0);
format_recommended_version_list(d_options->RecommendedClientVersions, 0);
server_versions =
format_recommended_version_list(options->RecommendedServerVersions, 0);
format_recommended_version_list(d_options->RecommendedServerVersions, 0);
}
contact = get_options()->ContactInfo;

25
src/test/test_options.c
View File

@ -10,6 +10,8 @@
#include "lib/confmgt/confmgt.h"
#include "app/config/config.h"
#include "feature/dirauth/dirauth_config.h"
#include "feature/dirauth/dirauth_options_st.h"
#include "feature/dirauth/dirauth_sys.h"
#include "feature/relay/relay_config.h"
#include "test/test.h"
#include "lib/geoip/geoip.h"
@ -752,6 +754,14 @@ test_options_validate__logs(void *ignored)
/* return config_line; */
/* } */
static dirauth_options_t *
get_dirauth_options(or_options_t *opt)
{
int idx = subsystems_get_options_idx(&sys_dirauth);
tor_assert(idx >= 0);
return config_mgr_get_obj_mutable(get_options_mgr(), opt, idx);
}
static void
test_options_validate__authdir(void *ignored)
{
@ -762,6 +772,7 @@ test_options_validate__authdir(void *ignored)
options_test_data_t *tdata = get_options_test_data(
ENABLE_AUTHORITY_V3_MIN
"Address this.should.not!exist!.example.org");
const dirauth_options_t *da_opt;
sandbox_disable_getaddrinfo_cache();
@ -820,8 +831,9 @@ test_options_validate__authdir(void *ignored)
"RecommendedVersions 1.2, 3.14\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14");
da_opt = get_dirauth_options(tdata->opt);
tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "1.2, 3.14");
tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "1.2, 3.14");
tor_free(msg);
free_options_test_data(tdata);
@ -831,8 +843,9 @@ test_options_validate__authdir(void *ignored)
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
tt_str_op(tdata->opt->RecommendedClientVersions->value, OP_EQ, "25");
tt_str_op(tdata->opt->RecommendedServerVersions->value, OP_EQ, "4.18");
da_opt = get_dirauth_options(tdata->opt);
tt_str_op(da_opt->RecommendedClientVersions->value, OP_EQ, "25");
tt_str_op(da_opt->RecommendedServerVersions->value, OP_EQ, "4.18");
tor_free(msg);
free_options_test_data(tdata);
@ -843,6 +856,7 @@ test_options_validate__authdir(void *ignored)
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
da_opt = get_dirauth_options(tdata->opt);
tt_str_op(msg, OP_EQ, "AuthoritativeDir is set, but none of (Bridge/V3)"
"AuthoritativeDir is set.");
tor_free(msg);
@ -853,6 +867,7 @@ test_options_validate__authdir(void *ignored)
"RecommendedServerVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
da_opt = get_dirauth_options(tdata->opt);
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
"Recommended*Versions.");
tor_free(msg);
@ -863,9 +878,11 @@ test_options_validate__authdir(void *ignored)
"RecommendedClientVersions 4.18\n");
mock_clean_saved_logs();
options_validate(NULL, tdata->opt, &msg);
da_opt = get_dirauth_options(tdata->opt);
tt_str_op(msg, OP_EQ, "Versioning authoritative dir servers must set "
"Recommended*Versions.");
tor_free(msg);
da_opt = NULL;
free_options_test_data(tdata);
tdata = get_options_test_data(ENABLE_AUTHORITY_V3