aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSebastian Hahn <sebastian@torproject.org>2014-09-04 06:25:38 +0200
committerSebastian Hahn <sebastian@torproject.org>2014-09-04 06:25:38 +0200
commit10fe5bad9aaf326b925092883b856f64f8dca478 (patch)
tree2931015cb43ec7eb5a29bedfde7ce6b45728a39a
parent54348201f7cce9c0c01e9d4835714a2fec55c67c (diff)
downloadtor-10fe5bad9aaf326b925092883b856f64f8dca478.tar.gz
tor-10fe5bad9aaf326b925092883b856f64f8dca478.zip
Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming system from Tor. In its wake, the approved-routers file is being deprecated, and a replacement option to allow only pre-approved routers is not being implemented.
-rw-r--r--changes/bug128994
-rw-r--r--doc/tor.1.txt6
-rw-r--r--src/or/config.c2
-rw-r--r--src/or/dirserv.c6
-rw-r--r--src/or/or.h2
5 files changed, 5 insertions, 15 deletions
diff --git a/changes/bug12899 b/changes/bug12899
new file mode 100644
index 0000000000..eb7c90dd7e
--- /dev/null
+++ b/changes/bug12899
@@ -0,0 +1,4 @@
+ o Removed features:
+ - The "AuthDirRejectUnlisted" option no longer has any effect, as
+ the fingerprints file (approved-routers) has been deprecated.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a997bc3ad0..3284b94ea8 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1943,12 +1943,6 @@ on the public Tor network.
1 unless you plan to list non-functioning exits as bad; otherwise, you are
effectively voting in favor of every declared exit as an exit.)
-[[AuthDirRejectUnlisted]] **AuthDirRejectUnlisted** **0**|**1**::
- Authoritative directories only. If set to 1, the directory server rejects
- all uploaded server descriptors that aren't explicitly listed in the
- fingerprints file. This acts as a "panic button" if we get hit with a Sybil
- attack. (Default: 0)
-
[[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
Authoritative directories only. The maximum number of servers that we will
list as acceptable on a single IP address. Set this to "0" for "no limit".
diff --git a/src/or/config.c b/src/or/config.c
index 7800ec1908..ea7d728ef7 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -150,7 +150,7 @@ static config_var_t option_vars_[] = {
V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"),
V(AuthDirReject, LINELIST, NULL),
V(AuthDirRejectCCs, CSV, ""),
- V(AuthDirRejectUnlisted, BOOL, "0"),
+ OBSOLETE("AuthDirRejectUnlisted"),
V(AuthDirListBadDirs, BOOL, "0"),
V(AuthDirListBadExits, BOOL, "0"),
V(AuthDirMaxServersPerAddr, UINT, "2"),
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 8395c2e414..00b282d918 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -362,7 +362,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
const char *platform, const char *contact,
const char **msg, int should_log)
{
- int reject_unlisted = get_options()->AuthDirRejectUnlisted;
uint32_t result;
router_status_t *status_by_digest;
@@ -458,11 +457,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
nickname, fmt_addr32(addr));
result |= FP_INVALID;
}
- if (reject_unlisted) {
- if (msg)
- *msg = "Authdir rejects unknown routers.";
- return FP_REJECT;
- }
}
return result;
diff --git a/src/or/or.h b/src/or/or.h
index 3683607741..207c70de7b 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3768,8 +3768,6 @@ typedef struct {
* and vote for all other dir mirrors as good. */
int AuthDirListBadExits; /**< True iff we should list bad exits,
* and vote for all other exits as good. */
- int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
- * aren't named in our fingerprint file? */
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
* number of servers per IP address. */
int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this