summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Palfrader <peter@palfrader.org>2006-02-13 21:17:20 +0000
committerPeter Palfrader <peter@palfrader.org>2006-02-13 21:17:20 +0000
commit5eea6c76df83ab8891dba2af6838c6a5dc512e23 (patch)
tree9ab9c2a7d7576b79887fe68f096d5fd8a6f54b1d
parentd38f5fe5cdb056aea82c11c7dc7d614d1008dca8 (diff)
downloadtor-5eea6c76df83ab8891dba2af6838c6a5dc512e23.tar.gz
tor-5eea6c76df83ab8891dba2af6838c6a5dc512e23.zip
Split ReachableAddresses into ReachableDirAddresses and ReachableORAddresses
svn:r6009
Diffstat
-rw-r--r--doc/TODO14
-rw-r--r--src/or/circuitbuild.c8
-rw-r--r--src/or/config.c157
-rw-r--r--src/or/directory.c2
-rw-r--r--src/or/or.h9
-rw-r--r--src/or/routerlist.c4
6 files changed, 143 insertions, 51 deletions
diff --git a/doc/TODO b/doc/TODO
index e01d75af09..7e2dfb35db 100644
--- a/doc/TODO
+++ b/doc/TODO
@@ -36,7 +36,8 @@ N - building on freebsd 6.0: (with multiple openssl installations)
- <arma> should we detect if we have a --with-ssl-dir and try the -R
by default, if it works?
- - Split into ReachableDirAddresses and ReachableORAddresses
+ o Split into ReachableDirAddresses and ReachableORAddresses
+ - document
R - Jan 26 10:25:04.832 [warn] add_an_entry_guard(): Tried finding a
new entry, but failed. Bad news. XXX.
N - look at the proposed os x uninstaller:
@@ -91,6 +92,8 @@ R - When we connect to a Tor server, it sends back a signed cell listing
- non-naming dirservers don't need to have an approved-routers file.
- What are criteria to be a dirserver? Write a policy.
+ - Document AuthDirInvalid, AuthDirReject, AuthDirRejectUnlisted
+ - are there other options that we haven't documented so far?
Deferred from 0.1.1.x:
@@ -110,7 +113,14 @@ N - Display the reasons in 'destroy' and 'truncated' cells under some
file descriptors for saving files, etc. Otherwise we'll trigger
asserts when we're out of file descriptors and crash.
- - <weasel> it would be nice to support a unix socket for the control thing.
+ X <weasel> it would be nice to support a unix socket for the control thing.
+ The main motivation behind this was that we could let unix permissions
+ take care of the authentication step: everybody who can connect to the
+ socket is authenticated. However, the linux unix(7) manual page suggests
+ that requiring read/write permissions on the socket in order to use it
+ is Linux specific, and that many BSD-derived systems ignore the permissions
+ on the socket file. Portable programs should not rely on this feature for
+ security, therefore the motivation for this feature is gone.
- the tor client can do the "automatic proxy config url" thing?
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index c007fe168a..2f878b740a 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1518,14 +1518,14 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
smartlist_add(excluded, r);
routerlist_add_family(excluded, r);
}
- if (firewall_is_fascist()) {
+ if (firewall_is_fascist_or()) {
/* exclude all ORs that listen on the wrong port */
routerlist_t *rl = router_get_routerlist();
int i;
for (i=0; i < smartlist_len(rl->routers); i++) {
r = smartlist_get(rl->routers, i);
- if (!fascist_firewall_allows_address(r->addr,r->or_port))
+ if (!fascist_firewall_allows_address_or(r->addr,r->or_port))
smartlist_add(excluded, r);
}
}
@@ -1717,8 +1717,8 @@ entry_is_live(entry_guard_t *e, int need_uptime, int need_capacity)
return NULL;
if (router_is_unreliable(r, need_uptime, need_capacity, 0))
return NULL;
- if (firewall_is_fascist() &&
- !fascist_firewall_allows_address(r->addr,r->or_port))
+ if (firewall_is_fascist_or() &&
+ !fascist_firewall_allows_address_or(r->addr,r->or_port))
return NULL;
return r;
}
diff --git a/src/or/config.c b/src/or/config.c
index 60ec0c0213..c2c8d32656 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -198,6 +198,8 @@ static config_var_t _option_vars[] = {
VAR("PidFile", STRING, PidFile, NULL),
VAR("ProtocolWarnings", BOOL, ProtocolWarnings, "0"),
VAR("ReachableAddresses", LINELIST, ReachableAddresses, NULL),
+ VAR("ReachableORAddresses",LINELIST, ReachableORAddresses, NULL),
+ VAR("ReachableDirAddresses",LINELIST, ReachableDirAddresses, NULL),
VAR("RecommendedVersions", LINELIST, RecommendedVersions, NULL),
VAR("RecommendedClientVersions", LINELIST, RecommendedClientVersions, NULL),
VAR("RecommendedServerVersions", LINELIST, RecommendedServerVersions, NULL),
@@ -431,7 +433,8 @@ static char *torrc_fname = NULL;
/** Persistent serialized state. */
static or_state_t *global_state = NULL;
/** DOCDOC */
-static addr_policy_t *reachable_addr_policy = NULL;
+static addr_policy_t *reachable_or_addr_policy = NULL;
+static addr_policy_t *reachable_dir_addr_policy = NULL;
static void *
config_alloc(config_format_t *fmt)
@@ -488,9 +491,13 @@ config_free_all(void)
global_state = NULL;
}
tor_free(torrc_fname);
- if (reachable_addr_policy) {
- addr_policy_free(reachable_addr_policy);
- reachable_addr_policy = NULL;
+ if (reachable_or_addr_policy) {
+ addr_policy_free(reachable_or_addr_policy);
+ reachable_or_addr_policy = NULL;
+ }
+ if (reachable_dir_addr_policy) {
+ addr_policy_free(reachable_dir_addr_policy);
+ reachable_dir_addr_policy = NULL;
}
}
@@ -1830,14 +1837,30 @@ parse_reachable_addresses(void)
{
or_options_t *options = get_options();
- addr_policy_free(reachable_addr_policy);
- reachable_addr_policy = NULL;
-
- if (config_parse_addr_policy(options->ReachableAddresses,
- &reachable_addr_policy,
+ addr_policy_free(reachable_or_addr_policy);
+ reachable_or_addr_policy = NULL;
+ if (!options->ReachableORAddresses && options->ReachableAddresses)
+ log_notice(LD_CONFIG, "Using ReachableAddresses for "
+ "ReachableORAddresses");
+ if (config_parse_addr_policy(options->ReachableORAddresses ?
+ options->ReachableORAddresses :
+ options->ReachableAddresses,
+ &reachable_or_addr_policy,
+ ADDR_POLICY_ACCEPT)) {
+ log_warn(LD_CONFIG, "Error in ReachableORAddresses entry; ignoring.");
+ }
+
+ addr_policy_free(reachable_dir_addr_policy);
+ reachable_dir_addr_policy = NULL;
+ if (!options->ReachableDirAddresses && options->ReachableAddresses)
+ log_notice(LD_CONFIG, "Using ReachableAddresses for "
+ "ReachableDirAddresses");
+ if (config_parse_addr_policy(options->ReachableDirAddresses ?
+ options->ReachableDirAddresses :
+ options->ReachableAddresses,
+ &reachable_dir_addr_policy,
ADDR_POLICY_ACCEPT)) {
- log_warn(LD_CONFIG, "Error in ReachableAddresses entry; ignoring.");
- return;
+ log_warn(LD_CONFIG, "Error in ReachableDirAddresses entry; ignoring.");
}
}
@@ -1845,18 +1868,25 @@ parse_reachable_addresses(void)
* combination.
*/
int
-firewall_is_fascist(void)
+firewall_is_fascist_or(void)
{
- return reachable_addr_policy ? 1 : 0;
+ return !!reachable_or_addr_policy;
}
/** Return true iff we are configured to think that the local fascist
- * firewall (if any) will allow a connection to <b>addr</b>:<b>port</b>. */
+ * firewall (if any) will allow a connection to <b>addr</b>:<b>port</b>.
+ *
+ * If dir_or_or is 1 then it consults ReachableDirAddresses,
+ * if it is 2, then ReachableORAddresses are consulted.
+ * */
int
-fascist_firewall_allows_address(uint32_t addr, uint16_t port)
+_fascist_firewall_allows_address(uint32_t addr, uint16_t port, int dir_or_or)
{
+ assert(dir_or_or == 1 || dir_or_or == 2);
addr_policy_result_t p = router_compare_addr_to_addr_policy(
- addr, port, reachable_addr_policy);
+ addr, port, dir_or_or == 1 ?
+ reachable_dir_addr_policy :
+ reachable_or_addr_policy);
switch (p) {
case ADDR_POLICY_PROBABLY_ACCEPTED:
@@ -1871,6 +1901,18 @@ fascist_firewall_allows_address(uint32_t addr, uint16_t port)
}
}
+int
+fascist_firewall_allows_address_or(uint32_t addr, uint16_t port)
+{
+ return _fascist_firewall_allows_address(addr, port, 2);
+}
+
+int
+fascist_firewall_allows_address_dir(uint32_t addr, uint16_t port)
+{
+ return _fascist_firewall_allows_address(addr, port, 1);
+}
+
/** Return 0 if every setting in <b>options</b> is reasonable. Else
* warn and return -1. Should have no side effects, except for
* normalizing the contents of <b>options</b>.
@@ -1886,6 +1928,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
int from_setconf)
{
int result = 0;
+ int i;
config_line_t *cl;
addr_policy_t *addr_policy=NULL;
const char *uname;
@@ -2066,16 +2109,16 @@ options_validate(or_options_t *old_options, or_options_t *options,
result = -1;
if (options->FascistFirewall && !options->ReachableAddresses) {
- smartlist_t *instead = smartlist_create();
- config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
- new_line->key = tor_strdup("ReachableAddresses");
- /* If we're configured with the old format, we need to prepend some
- * open ports. */
- if (!smartlist_len(options->FirewallPorts)) {
- smartlist_add(options->FirewallPorts, tor_strdup("80"));
- smartlist_add(options->FirewallPorts, tor_strdup("443"));
- }
- SMARTLIST_FOREACH(options->FirewallPorts, const char *, portno,
+ if (smartlist_len(options->FirewallPorts)) {
+ /* We already have firewall ports set, so migrate them to
+ * ReachableAddresses, which will set ReachableOR and ReachableDir-
+ * Addresses if they aren't set otherwise*/
+ smartlist_t *instead = smartlist_create();
+ config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
+ new_line->key = tor_strdup("ReachableAddresses");
+ /* If we're configured with the old format, we need to prepend some
+ * open ports. */
+ SMARTLIST_FOREACH(options->FirewallPorts, const char *, portno,
{
int p = atoi(portno);
char *s;
@@ -2084,19 +2127,44 @@ options_validate(or_options_t *old_options, or_options_t *options,
tor_snprintf(s, 16, "*:%d", p);
smartlist_add(instead, s);
});
- new_line->value = smartlist_join_strings(instead,",",0,NULL);
- /* These have been deprecated since 0.1.1.5-alpha-cvs */
- log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall and FirewallPorts "
- "config options to new format: \"ReachableAddresses %s\"",
- new_line->value);
- options->ReachableAddresses = new_line;
- SMARTLIST_FOREACH(instead, char *, cp, tor_free(cp));
- smartlist_free(instead);
+ new_line->value = smartlist_join_strings(instead,",",0,NULL);
+ /* These have been deprecated since 0.1.1.5-alpha-cvs */
+ log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall and FirewallPorts "
+ "config options to new format: \"ReachableAddresses %s\"",
+ new_line->value);
+ options->ReachableAddresses = new_line;
+ SMARTLIST_FOREACH(instead, char *, cp, tor_free(cp));
+ smartlist_free(instead);
+ } else {
+ /* We do not have FirewallPorts set, so add 80 to ReachableDir-,
+ * and 443 to ReachableORAddresses */
+ if (!options->ReachableDirAddresses) {
+ config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
+ new_line->key = tor_strdup("ReachableDirAddresses");
+ new_line->value = tor_strdup("*:80");
+ options->ReachableDirAddresses = new_line;
+ log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall config option "
+ "to new format: \"ReachableDirAddresses *:80\"");
+ }
+ if (!options->ReachableORAddresses) {
+ config_line_t *new_line = tor_malloc_zero(sizeof(config_line_t));
+ new_line->key = tor_strdup("ReachableORAddresses");
+ new_line->value = tor_strdup("*:443");
+ options->ReachableORAddresses = new_line;
+ log(LOG_NOTICE, LD_CONFIG, "Converting FascistFirewall config option "
+ "to new format: \"ReachableORAddresses *:443\"");
+ }
+ }
}
- if (options->ReachableAddresses) {
+ for (i=0; i<3; i++){
+ config_line_t **linep =
+ (i==0) ? &options->ReachableAddresses :
+ (i==1) ? &options->ReachableORAddresses :
+ &options->ReachableDirAddresses;
+ if (!*linep)
+ continue;
/* We need to end with a reject *:*, not an implicit accept *:* */
- config_line_t **linep = &options->ReachableAddresses;
for (;;) {
if (!strcmp((*linep)->value, "reject *:*")) /* already there */
break;
@@ -2110,9 +2178,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
}
}
- if (options->ReachableAddresses && server_mode(options))
+ if ((options->ReachableAddresses ||
+ options->ReachableORAddresses ||
+ options->ReachableDirAddresses) &&
+ server_mode(options))
REJECT("Servers must be able to freely connect to the rest "
- "of the Internet, so they must not set ReachableAddresses "
+ "of the Internet, so they must not set Reachable*Addresses "
"or FascistFirewall.");
options->_AllowUnverified = 0;
@@ -2292,12 +2363,18 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (config_parse_addr_policy(options->ReachableAddresses, &addr_policy,
ADDR_POLICY_ACCEPT))
REJECT("Error in ReachableAddresses entry.");
+ if (config_parse_addr_policy(options->ReachableORAddresses, &addr_policy,
+ ADDR_POLICY_ACCEPT))
+ REJECT("Error in ReachableORAddresses entry.");
+ if (config_parse_addr_policy(options->ReachableDirAddresses, &addr_policy,
+ ADDR_POLICY_ACCEPT))
+ REJECT("Error in ReachableDirAddresses entry.");
if (config_parse_addr_policy(options->AuthDirReject, &addr_policy,
ADDR_POLICY_REJECT))
- REJECT("Error in ReachableAddresses entry.");
+ REJECT("Error in AuthDirReject entry.");
if (config_parse_addr_policy(options->AuthDirInvalid, &addr_policy,
ADDR_POLICY_REJECT))
- REJECT("Error in ReachableAddresses entry.");
+ REJECT("Error in AuthDirInvalid entry.");
addr_policy_free(addr_policy);
diff --git a/src/or/directory.c b/src/or/directory.c
index f9a51b93c7..48c202edc3 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -146,7 +146,7 @@ directory_post_to_dirservers(uint8_t purpose, const char *payload,
if (post_to_v1_only && !ds->is_v1_authority)
continue;
post_via_tor = purpose_is_private(purpose) ||
- !fascist_firewall_allows_address(ds->addr,ds->dir_port);
+ !fascist_firewall_allows_address_dir(ds->addr,ds->dir_port);
directory_initiate_command_routerstatus(rs, purpose, post_via_tor,
NULL, payload, payload_len);
});
diff --git a/src/or/or.h b/src/or/or.h
index bbed3872fa..c9c3ca46b0 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1278,6 +1278,10 @@ typedef struct {
* (strings). */
config_line_t *ReachableAddresses; /**< Which IP:ports our firewall allows
* (exit policy.) */
+ config_line_t *ReachableORAddresses; /**< Which IP:ports our firewall allows
+ * (exit policy.) */
+ config_line_t *ReachableDirAddresses; /**< Which IP:ports our firewall allows
+ * (exit policy.) */
/** Application ports that require all nodes in circ to have sufficient
* uptime. */
@@ -1613,8 +1617,9 @@ int or_state_save(void);
int config_getinfo_helper(const char *question, char **answer);
-int firewall_is_fascist(void);
-int fascist_firewall_allows_address(uint32_t addr, uint16_t port);
+int firewall_is_fascist_or(void);
+int fascist_firewall_allows_address_or(uint32_t addr, uint16_t port);
+int fascist_firewall_allows_address_dir(uint32_t addr, uint16_t port);
/********************************* connection.c ***************************/
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 65a341b9ca..2b8922a093 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -437,7 +437,7 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall,
if (requireother && router_digest_is_me(status->identity_digest))
continue;
if (fascistfirewall) {
- if (!fascist_firewall_allows_address(status->addr, status->dir_port))
+ if (!fascist_firewall_allows_address_dir(status->addr, status->dir_port))
continue;
}
is_trusted = router_digest_is_trusted_dir(status->identity_digest);
@@ -482,7 +482,7 @@ router_pick_trusteddirserver_impl(int need_v1_authority,
if (requireother && me && router_digest_is_me(d->digest))
continue;
if (fascistfirewall) {
- if (!fascist_firewall_allows_address(d->addr, d->dir_port))
+ if (!fascist_firewall_allows_address_dir(d->addr, d->dir_port))
continue;
}
smartlist_add(sl, &d->fake_status);
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion