aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2005-12-15 21:39:38 +0000
committerNick Mathewson <nickm@torproject.org>2005-12-15 21:39:38 +0000
commit89eded7b175dc541a4c140587d48b01cc0e914eb (patch)
tree3f01f0c95f2e9ef36b09c146ceeecbc97008e733 /src/or
parentcf8c70b79c69b0227f43e42b689da75379ac7069 (diff)
downloadtor-89eded7b175dc541a4c140587d48b01cc0e914eb.tar.gz
tor-89eded7b175dc541a4c140587d48b01cc0e914eb.zip
Add "panic" option to reject all servers not in fingerprint list.
svn:r5601
Diffstat (limited to 'src/or')
-rw-r--r--src/or/config.c1
-rw-r--r--src/or/dirserv.c3
-rw-r--r--src/or/or.h2
3 files changed, 5 insertions, 1 deletions
diff --git a/src/or/config.c b/src/or/config.c
index 4d53f20e23..27478b1e08 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -112,6 +112,7 @@ static config_var_t _option_vars[] = {
VAR("AssumeReachable", BOOL, AssumeReachable, "0"),
VAR("AuthDirInvalid", LINELIST, AuthDirInvalid, NULL),
VAR("AuthDirReject", LINELIST, AuthDirReject, NULL),
+ VAR("AuthDirRejectUnlisted",BOOL, AuthDirRejectUnlisted,"0"),
VAR("AuthoritativeDirectory",BOOL, AuthoritativeDir, "0"),
VAR("BandwidthBurst", MEMUNIT, BandwidthBurst, "5 MB"),
VAR("BandwidthRate", MEMUNIT, BandwidthRate, "2 MB"),
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 7fe5bcab3d..a787f919bf 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -280,6 +280,7 @@ dirserv_get_status_impl(const char *fp, const char *nickname,
const char **msg, int should_log)
{
fingerprint_entry_t *nn_ent = NULL, *fp_ent = NULL;
+ int reject_unlisted = get_options()->AuthDirRejectUnlisted;
if (!fingerprint_list)
fingerprint_list = smartlist_create();
@@ -327,7 +328,7 @@ dirserv_get_status_impl(const char *fp, const char *nickname,
return FP_INVALID;
}
if (!platform || tor_version_as_new_as(platform,"0.1.0.2-rc"))
- return FP_VALID;
+ return reject_unlisted ? FP_REJECT : FP_VALID;
else
return FP_INVALID;
if (should_log)
diff --git a/src/or/or.h b/src/or/or.h
index 7250265c8a..75a2d66af1 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1315,6 +1315,8 @@ typedef struct {
* reject. */
config_line_t *AuthDirInvalid; /**< Address policy for descriptors to
* never mark as valid. */
+ int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
+ * aren't named in our fingprint file? */
char *AccountingStart; /**< How long is the accounting interval, and when
* does it start? */
uint64_t AccountingMax; /**< How many bytes do we allow per accounting