Remove the AuthDirRejectUnlisted config option

This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.

5 files changed, 5 insertions, 15 deletions

diff --git a/changes/bug12899 b/changes/bug12899
new file mode 100644
index 0000000000..eb7c90dd7e
--- /dev/null
+++ b/changes/bug12899
@@ -0,0 +1,4 @@
+  o Removed features:
+    - The "AuthDirRejectUnlisted" option no longer has any effect, as
+      the fingerprints file (approved-routers) has been deprecated.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a997bc3ad0..3284b94ea8 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1943,12 +1943,6 @@ on the public Tor network.
     1 unless you plan to list non-functioning exits as bad; otherwise, you are
     effectively voting in favor of every declared exit as an exit.)
 
-[[AuthDirRejectUnlisted]] **AuthDirRejectUnlisted** **0**|**1**::
-    Authoritative directories only. If set to 1, the directory server rejects
-    all uploaded server descriptors that aren't explicitly listed in the
-    fingerprints file. This acts as a "panic button" if we get hit with a Sybil
-    attack. (Default: 0)
-
 [[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
     Authoritative directories only. The maximum number of servers that we will
     list as acceptable on a single IP address. Set this to "0" for "no limit".
diff --git a/src/or/config.c b/src/or/config.c
index 7800ec1908..ea7d728ef7 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -150,7 +150,7 @@ static config_var_t option_vars_[] = {
   V(AuthDirGuardBWGuarantee,     MEMUNIT,  "2 MB"),
   V(AuthDirReject,               LINELIST, NULL),
   V(AuthDirRejectCCs,            CSV,      ""),
-  V(AuthDirRejectUnlisted,       BOOL,     "0"),
+  OBSOLETE("AuthDirRejectUnlisted"),
   V(AuthDirListBadDirs,          BOOL,     "0"),
   V(AuthDirListBadExits,         BOOL,     "0"),
   V(AuthDirMaxServersPerAddr,    UINT,     "2"),
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 8395c2e414..00b282d918 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -362,7 +362,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
                         const char *platform, const char *contact,
                         const char **msg, int should_log)
 {
-  int reject_unlisted = get_options()->AuthDirRejectUnlisted;
   uint32_t result;
   router_status_t *status_by_digest;
 
@@ -458,11 +457,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
                  nickname, fmt_addr32(addr));
       result |= FP_INVALID;
     }
-    if (reject_unlisted) {
-      if (msg)
-        *msg = "Authdir rejects unknown routers.";
-      return FP_REJECT;
-    }
   }
 
   return result;
diff --git a/src/or/or.h b/src/or/or.h
index 3683607741..207c70de7b 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3768,8 +3768,6 @@ typedef struct {
                            * and vote for all other dir mirrors as good. */
   int AuthDirListBadExits; /**< True iff we should list bad exits,
                             * and vote for all other exits as good. */
-  int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
-                              * aren't named in our fingerprint file? */
   int AuthDirMaxServersPerAddr; /**< Do not permit more than this
                                  * number of servers per IP address. */
   int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this