aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2010-11-15 14:14:13 -0500
committerNick Mathewson <nickm@torproject.org>2010-11-15 14:14:13 -0500
commit8c2affe637e0cfbf5ddfe02c910c75bcd749ded3 (patch)
tree84c6140c4b32bbd7ef4b226c59329c8345ccde24 /src
parent3d7772ece3128097f4d541585e525c61f6ea27c2 (diff)
parentac2c0cb587548c4faf3fa225064cdbd183f609bb (diff)
downloadtor-8c2affe637e0cfbf5ddfe02c910c75bcd749ded3.tar.gz
tor-8c2affe637e0cfbf5ddfe02c910c75bcd749ded3.zip
Merge remote branch 'origin/maint-0.2.2'
Conflicts: src/or/config.c src/or/cpuworker.c
Diffstat (limited to 'src')
-rw-r--r--src/config/torrc.complete.in534
-rw-r--r--src/or/config.c92
-rw-r--r--src/or/connection.c8
-rw-r--r--src/or/connection_edge.c8
-rw-r--r--src/or/connection_or.c8
-rw-r--r--src/or/directory.c12
-rw-r--r--src/or/or.h28
-rw-r--r--src/or/router.c2
8 files changed, 74 insertions, 618 deletions
diff --git a/src/config/torrc.complete.in b/src/config/torrc.complete.in
deleted file mode 100644
index 1a1eea1548..0000000000
--- a/src/config/torrc.complete.in
+++ /dev/null
@@ -1,534 +0,0 @@
-####################################################################
-## This config file is divided into four sections. They are:
-## 1. Global Options (clients and servers)
-## 2. Client Options Only
-## 3. Server Options Only
-## 4. Directory Server Options (for running your own Tor network)
-## 5. Hidden Service Options (clients and servers)
-##
-## The conventions used are:
-## double hash (##) is for summary text about the config option;
-## single hash (#) is for the config option; and,
-## the config option is always after the text.
-####################################################################
-
-
-## Section 1: Global Options (clients and servers)
-
-## A token bucket limits the average incoming bandwidth on this node
-## to the specified number of bytes per second. (Default: 2MB)
-#BandwidthRate N bytes|KB|MB|GB|TB
-
-## Limit the maximum token bucket size (also known as the burst) to
-## the given number of bytes. (Default: 5 MB)
-#BandwidthBurst N bytes|KB|MB|GB|TB
-
-## If set, we will not advertise more than this amount of bandwidth
-## for our BandwidthRate. Server operators who want to reduce the
-## number of clients who ask to build circuits through them (since
-## this is proportional to advertised bandwidth rate) can thus
-## reduce the CPU demands on their server without impacting
-## network performance.
-#MaxAdvertisedBandwidth N bytes|KB|MB|GB|TB
-
-## If set, Tor will accept connections from the same machine
-## (localhost only) on this port, and allow those connections to
-## control the Tor process using the Tor Control Protocol
-## (described in control-spec.txt). Note: unless you also specify
-## one of HashedControlPassword or CookieAuthentication, setting
-## this option will cause Tor to allow any process on the local
-## host to control it.
-#ControlPort Port
-
-## Don’t allow any connections on the control port except when the
-## other process knows the password whose one-way hash is
-## hashed_password. You can compute the hash of a password by
-## running "tor --hash-password password".
-#HashedControlPassword hashed_password
-
-## If this option is set to 1, don’t allow any connections on the
-## control port except when the connecting process knows the
-## contents of a file named "control_auth_cookie", which Tor will
-## create in its data directory. This authentication method
-## should only be used on systems with good filesystem security.
-## (Default: 0)
-#CookieAuthentication 0|1
-
-## Store working data in DIR (Default: /usr/local/var/lib/tor)
-#DataDirectory DIR
-
-## Every time the specified period elapses, Tor downloads a direc-
-## tory. A directory contains a signed list of all known servers
-## as well as their current liveness status. A value of "0 sec-
-## onds" tells Tor to choose an appropriate default.
-## (Default: 1 hour for clients, 20 minutes for servers)
-#DirFetchPeriod N seconds|minutes|hours|days|weeks
-
-## Tor only trusts directories signed with one of these keys, and
-## uses the given addresses to connect to the trusted directory
-## servers. If no DirServer lines are specified, Tor uses the built-in
-## defaults (moria1, moria2, tor26), so you can leave this alone unless
-## you need to change it.
-##
-## WARNING! Changing these options will make your Tor behave
-## differently from everyone else's, and hurt your anonymity. Even
-## uncommenting these lines is a bad idea. They are the defaults now,
-## but the defaults may change in the future, leaving you behind.
-##
-#DirServer moria1 v1 18.244.0.188:9031 FFCB 46DB 1339 DA84 674C 70D7 CB58 6434 C437 0441
-#DirServer moria2 v1 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
-#DirServer tor26 v1 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
-
-## Attempt to lock current and future memory pages and effectively disable swap
-# DisableAllSwap 0|1
-
-## On startup, setgid to this user.
-#Group GID
-
-## Tor will make all its directory requests through this host:port
-## (or host:80 if port is not specified), rather than connecting
-## directly to any directory servers.
-#HttpProxy host[:port]
-
-## If defined, Tor will use this username:password for Basic Http
-## proxy authentication, as in RFC 2617. This is currently the
-## only form of Http proxy authentication that Tor supports; feel
-## free to submit a patch if you want it to support others.
-#HttpProxyAuthenticator username:password
-
-## Tor will make all its OR (SSL) connections through this
-## host:port (or host:443 if port is not specified), via HTTP CON-
-## NECT rather than connecting directly to servers. You may want
-## to set FascistFirewall to restrict the set of ports you might
-## try to connect to, if your Https proxy only allows connecting
-## to certain ports.
-#HttpsProxy host[:port]
-
-## If defined, Tor will use this username:password for Basic Https
-## proxy authentication, as in RFC 2617. This is currently the
-## only form of Https proxy authentication that Tor supports; feel
-## free to submit a patch if you want it to support others.
-#HttpsProxyAuthenticator username:password
-
-## To keep firewalls from expiring connections, send a padding
-## keepalive cell every NUM seconds on open connections that are
-## in use. If the connection has no open circuits, it will instead
-## be closed after NUM seconds of idleness. (Default: 5 minutes)
-#KeepalivePeriod NUM
-
-## Send all messages between minSeverity and maxSeverity to the
-## standard output stream, the standard error stream, or to the
-## system log. (The "syslog" value is only supported on Unix.)
-## Recognized severity levels are debug, info, notice, warn, and
-## err. If only one severity level is given, all messages of that
-## level or higher will be sent to the listed destination.
-#Log minSeverity[-maxSeverity] stderr|stdout|syslog
-
-## As above, but send log messages to the listed filename. The
-## "Log" option may appear more than once in a configuration file.
-## Messages are sent to all the logs that match their severity
-## level.
-#Log minSeverity[-maxSeverity] file FILENAME
-
-## Maximum number of simultaneous sockets allowed. You probably
-## don’t need to adjust this. (Default: 1024)
-#MaxConn NUM
-
-## Make all outbound connections originate from the IP address
-## specified. This is only useful when you have multiple network
-## interfaces, and you want all of Tor’s outgoing connections to
-## use a single one.
-#OutboundBindAddress IP
-
-## On startup, write our PID to FILE. On clean shutdown, remove
-## FILE.
-#PIDFile FILE
-
-## If 1, Tor forks and daemonizes to the background. (Default: 0)
-#RunAsDaemon 0|1
-
-## If 1, Tor replaces potentially sensitive strings in the logs
-## (e.g. addresses) with the string [scrubbed]. This way logs can
-## still be useful, but they don’t leave behind personally identi-
-## fying information about what sites a user might have visited.
-## (Default: 1)
-#SafeLogging 0|1
-
-## Every time the specified period elapses, Tor downloads signed
-## status information about the current state of known servers. A
-## value of "0 seconds" tells Tor to choose an appropriate
-## default. (Default: 30 minutes for clients, 15 minutes for
-## servers)
-#StatusFetchPeriod N seconds|minutes|hours|days|weeks
-
-## On startup, setuid to this user.
-#User UID
-
-## If non-zero, try to use crypto hardware acceleration when
-## available. (Default: 1)
-#HardwareAccel 0|1
-
-
-## Section 2: Client Options Only
-
-## Where on our circuits should we allow Tor servers that the
-## directory servers haven’t authenticated as "verified"?
-## (Default: middle,rendezvous)
-#AllowUnverifiedNodes entry|exit|middle|introduction|rendezvous|...
-
-## If set to 1, Tor will under no circumstances run as a server.
-## The default is to run as a client unless ORPort is configured.
-## (Usually, you don’t need to set this; Tor is pretty smart at
-## figuring out whether you are reliable and high-bandwidth enough
-## to be a useful server.)
-## This option will likely be deprecated in the future; see the
-## NoPublish option below. (Default: 0)
-#ClientOnly 0|1
-
-## A list of preferred nodes to use for the first hop in the
-## circuit, if possible.
-#EntryNodes nickname,nickname,...
-
-## A list of preferred nodes to use for the last hop in the
-## circuit, if possible.
-#ExitNodes nickname,nickname,...
-
-## A list of nodes to never use when building a circuit.
-#ExcludeNodes nickname,nickname,...
-
-## If 1, Tor will never use any nodes besides those listed in
-## "exitnodes" for the last hop of a circuit.
-#StrictExitNodes 0|1
-
-## If 1, Tor will never use any nodes besides those listed in
-## "entrynodes" for the first hop of a circuit.
-#StrictEntryNodes 0|1
-
-## If 1, Tor will only create outgoing connections to ORs running
-## on ports that your firewall allows (defaults to 80 and 443; see
-## FirewallPorts). This will allow you to run Tor as a client
-## behind a firewall with restrictive policies, but will not allow
-## you to run as a server behind such a firewall.
-#FascistFirewall 0|1
-
-## A list of ports that your firewall allows you to connect to.
-## Only used when FascistFirewall is set. (Default: 80, 443)
-#FirewallPorts PORTS
-
-## A comma-separated list of IPs that your firewall allows you to
-## connect to. Only used when FascistFirewall is set. The format
-## is as for the addresses in ExitPolicy.
-## For example, ’FirewallIPs 99.0.0.0/8, *:80’ means that your
-## firewall allows connections to everything inside net 99, and
-## to port 80 outside.
-#FirewallIPs ADDR[/MASK][:PORT]...
-
-## A list of ports for services that tend to have long-running
-## connections (e.g. chat and interactive shells). Circuits for
-## streams that use these ports will contain only high-uptime
-## nodes, to reduce the chance that a node will go down before the
-## stream is finished. (Default: 21, 22, 706, 1863, 5050, 5190,
-## 5222, 5223, 6667, 8300, 8888)
-#LongLivedPorts PORTS
-
-## When a request for address arrives to Tor, it will rewrite it
-## to newaddress before processing it. For example, if you always
-## want connections to www.indymedia.org to exit via torserver
-## (where torserver is the nickname of the server),
-## use "MapAddress www.indymedia.org www.indymedia.org.torserver.exit".
-#MapAddress address newaddress
-
-## Every NUM seconds consider whether to build a new circuit.
-## (Default: 30 seconds)
-#NewCircuitPeriod NUM
-
-## Feel free to reuse a circuit that was first used at most NUM
-## seconds ago, but never attach a new stream to a circuit that is
-## too old. (Default: 10 minutes)
-#MaxCircuitDirtiness NUM
-
-## The named Tor servers constitute a "family" of similar or co-
-## administered servers, so never use any two of them in the same
-## circuit. Defining a NodeFamily is only needed when a server
-## doesn’t list the family itself (with MyFamily). This option can
-## be used multiple times.
-#NodeFamily nickname,nickname,...
-
-## A list of preferred nodes to use for the rendezvous point, if
-## possible.
-#RendNodes nickname,nickname,...
-
-## A list of nodes to never use when choosing a rendezvous point.
-#RendExcludeNodes nickname,nickname,...
-
-## Advertise this port to listen for connections from SOCKS-speak-
-## ing applications. Set this to 0 if you don’t want to allow
-## application connections. (Default: 9050)
-#SOCKSPort PORT
-
-## Bind to this address to listen for connections from SOCKS-
-## speaking applications. (Default: 127.0.0.1) You can also spec-
-## ify a port (e.g. 192.168.0.1:9100). This directive can be spec-
-## ified multiple times to bind to multiple addresses/ports.
-#SOCKSBindAddress IP[:PORT]
-
-## Set an entrance policy for this server, to limit who can con-
-## nect to the SOCKS ports. The policies have the same form as
-## exit policies below.
-#SOCKSPolicy policy,policy,...
-
-## For each value in the comma separated list, Tor will track
-## recent connections to hosts that match this value and attempt
-## to reuse the same exit node for each. If the value is prepended
-## with a ’.’, it is treated as matching an entire domain. If one
-## of the values is just a ’.’, it means match everything. This
-## option is useful if you frequently connect to sites that will
-## expire all your authentication cookies (ie log you out) if your
-## IP address changes. Note that this option does have the disad-
-## vantage of making it more clear that a given history is associ-
-## ated with a single user. However, most people who would wish to
-## observe this will observe it through cookies or other protocol-
-## specific means anyhow.
-#TrackHostExits host,.domain,...
-
-## Since exit servers go up and down, it is desirable to expire
-## the association between host and exit server after NUM seconds.
-## The default is 1800 seconds (30 minutes).
-#TrackHostExitsExpire NUM
-
-## If this option is set to 1, we pick a few entry servers as our
-## "helpers", and try to use only those fixed entry servers. This
-## is desirable, because constantly changing servers increases the
-## odds that an adversary who owns some servers will observe a
-## fraction of your paths. (Defaults to 0; will eventually
-## default to 1.)
-#UseHelperNodes 0|1
-
-## If UseHelperNodes is set to 1, we will try to pick a total of
-## NUM helper nodes as entries for our circuits. (Defaults to 3.)
-#NumHelperNodes NUM
-
-
-## Section 3: Server Options Only
-
-## The IP or fqdn of this server (e.g. moria.mit.edu). You can
-## leave this unset, and Tor will guess your IP.
-#Address address
-
-## Administrative contact information for server.
-#ContactInfo email_address
-
-## Set an exit policy for this server. Each policy is of the form
-## "accept|reject ADDR[/MASK][:PORT]". If /MASK is omitted then
-## this policy just applies to the host given. Instead of giving
-## a host or network you can also use "*" to denote the universe
-## (0.0.0.0/0). PORT can be a single port number, an interval of
-## ports "FROM_PORT-TO_PORT", or "*". If PORT is omitted, that
-## means "*".
-##
-## For example, "reject 127.0.0.1:*,reject 192.168.1.0/24:*,accept
-## *:*" would reject any traffic destined for localhost and any
-## 192.168.1.* address, but accept anything else.
-##
-## This directive can be specified multiple times so you don’t
-## have to put it all on one line.
-##
-## See RFC 3330 for more details about internal and reserved IP
-## address space. Policies are considered first to last, and the
-## first match wins. If you want to _replace_ the default exit
-## policy, end your exit policy with either a reject *:* or an
-## accept *:*. Otherwise, you’re _augmenting_ (prepending to) the
-## default exit policy. The default exit policy is:
-## reject 0.0.0.0/8
-## reject 169.254.0.0/16
-## reject 127.0.0.0/8
-## reject 192.168.0.0/16
-## reject 10.0.0.0/8
-## reject 172.16.0.0/12
-## reject *:25
-## reject *:119
-## reject *:135-139
-## reject *:445
-## reject *:1214
-## reject *:4661-4666
-## reject *:6346-6429
-## reject *:6699
-## reject *:6881-6999
-## accept *:*
-#ExitPolicy policy,policy,...
-
-## If you have more than this number of onionskins queued for
-## decrypt, reject new ones. (Default: 100)
-#MaxOnionsPending NUM
-
-## Declare that this Tor server is controlled or administered by a
-## group or organization identical or similar to that of the other
-## named servers. When two servers both declare that they are in
-## the same ’family’, Tor clients will not use them in the same
-## circuit. (Each server only needs to list the other servers in
-## its family; it doesn’t need to list itself, but it won’t hurt.)
-#MyFamily nickname,nickname,...
-
-## Set the server’s nickname to ’name’.
-#Nickname name
-
-## If you set NoPublish 1, Tor will act as a server if you have an
-## ORPort defined, but it will not publish its descriptor to the
-## dirservers. This option is useful if you're testing out your
-## server, or if you're using alternate dirservers (e.g. for other
-## Tor networks such as Blossom). (Default: 0)
-#NoPublish 0|1
-
-## How many processes to use at once for decrypting onionskins.
-## (Default: 1)
-#NumCPUs num
-
-## Advertise this port to listen for connections from Tor clients
-## and servers.
-#ORPort PORT
-
-## Bind to this IP address to listen for connections from Tor
-## clients and servers. If you specify a port, bind to this port
-## rather than the one specified in ORPort. (Default: 0.0.0.0)
-#ORBindAddress IP[:PORT]
-
-## Whenever an outgoing connection tries to connect to one of a
-## given set of addresses, connect to target (an address:port
-## pair) instead. The address pattern is given in the same format
-## as for an exit policy. The address translation applies after
-## exit policies are applied. Multiple RedirectExit options can
-## be used: once any one has matched successfully, no subsequent
-## rules are considered. You can specify that no redirection is
-## to be performed on a given set of addresses by using the spe-
-## cial target string "pass", which prevents subsequent rules from
-## being considered.
-#RedirectExit pattern target
-
-## When we get a SIGINT and we're a server, we begin shutting
-## down: we close listeners and start refusing new circuits. After
-## NUM seconds, we exit. If we get a second SIGINT, we exit imme-
-## diately. (Default: 30 seconds)
-#ShutdownWaitLengthNUM
-
-## Every time the specified period elapses, Tor uploads its server
-## descriptors to the directory servers. This information is also
-## uploaded whenever it changes. (Default: 20 minutes)
-#DirPostPeriod N seconds|minutes|hours|days|weeks
-
-## A token bucket limits the average relayed bandwidth (server
-## traffic only, not client traffic) on this node to the specified
-## number of bytes per second.
-#RelayBandwidthRate N bytes|KB|MB|GB|TB
-
-## Limit the maximum token bucket size (also known as the burst) for
-## relayed traffic (server traffic only, not client traffic) to the
-## given number of bytes.
-#RelayBandwidthBurst N bytes|KB|MB|GB|TB
-
-## Never send more than the specified number of bytes in a given
-## accounting period, or receive more than that number in the
-## period. For example, with AccountingMax set to 1 GB, a server
-## could send 900 MB and receive 800 MB and continue running. It
-## will only hibernate once one of the two reaches 1 GB. When the
-## number of bytes is exhausted, Tor will hibernate until some
-## time in the next accounting period. To prevent all servers
-## from waking at the same time, Tor will also wait until a random
-## point in each period before waking up. If you have bandwidth
-## cost issues, enabling hibernation is preferable to setting a
-## low bandwidth, since it provides users with a collection of
-## fast servers that are up some of the time, which is more useful
-## than a set of slow servers that are always "available".
-#AccountingMax N bytes|KB|MB|GB|TB
-
-## Specify how long accounting periods last. If month is given,
-## each accounting period runs from the time HH:MM on the dayth
-## day of one month to the same day and time of the next. (The
-## day must be between 1 and 28.) If week is given, each account-
-## ing period runs from the time HH:MM of the dayth day of one
-## week to the same day and time of the next week, with Monday as
-## day 1 and Sunday as day 7. If day is given, each accounting
-## period runs from the time HH:MM each day to the same time on
-## the next day. All times are local, and given in 24-hour time.
-## (Defaults to "month 1 0:00".)
-#AccountingStart day|week|month [day] HH:MM
-
-
-## Section 4: Directory Server Options (for running your own Tor
-## network)
-
-## When this option is set to 1, Tor operates as an authoritative
-## directory server. Instead of caching the directory, it gener-
-## ates its own list of good servers, signs it, and sends that to
-## the clients. Unless the clients already have you listed as a
-## trusted directory, you probably do not want to set this option.
-## Please coordinate with the other admins at
-## tor-ops@freehaven.net if you think you should be a directory.
-#AuthoritativeDirectory 0|1
-
-## Advertise the directory service on this port.
-#DirPort PORT
-
-## Bind the directory service to this address. If you specify a
-## port, bind to this port rather than the one specified in DirPort.
-## (Default: 0.0.0.0)
-#DirBindAddress IP[:PORT]
-
-## Set an entrance policy for this server, to limit who can con-
-## nect to the directory ports. The policies have the same form
-## as exit policies above.
-#DirPolicy policy,policy,...
-
-## STRING is a command-separated list of Tor versions currently
-## believed to be safe. The list is included in each directory,
-## and nodes which pull down the directory learn whether they need
-## to upgrade. This option can appear multiple times: the values
-## from multiple lines are spliced together.
-#RecommendedVersions STRING
-
-
-## If set to 1, Tor will accept router descriptors with arbitrary
-## "Address" elements. Otherwise, if the address is not an IP or
-## is a private IP, it will reject the router descriptor. Defaults
-## to 0.
-#DirAllowPrivateAddresses 0|1
-
-## If set to 1, Tor tries to build circuits through all of the
-## servers it knows about, so it can tell which are up and which
-## are down. This option is only useful for authoritative direc-
-## tories, so you probably don't want to use it.
-#RunTesting 0|1
-
-## Section 5: Hidden Service Options (clients and servers)
-
-## Store data files for a hidden service in DIRECTORY. Every hid-
-## den service must have a separate directory. You may use this
-## option multiple times to specify multiple services.
-#HiddenServiceDir DIRECTORY
-
-## Configure a virtual port VIRTPORT for a hidden service. You
-## may use this option multiple times; each time applies to the
-## service using the most recent hiddenservicedir. By default,
-## this option maps the virtual port to the same port on
-## 127.0.0.1. You may override the target port, address, or both
-## by specifying a target of addr, port, or addr:port.
-#HiddenServicePort VIRTPORT [TARGET]
-
-## If possible, use the specified nodes as introduction points for
-## the hidden service. If this is left unset, Tor will be smart
-## and pick some reasonable ones; most people can leave this unset.
-#HiddenServiceNodes nickname,nickname,...
-
-## Do not use the specified nodes as introduction points for the
-## hidden service. In normal use there is no reason to set this.
-#HiddenServiceExcludeNodes nickname,nickname,...
-
-## Publish the given rendezvous service descriptor versions for the
-## hidden service.
-#HiddenServiceVersion 0,2
-
-## Every time the specified period elapses, Tor uploads any ren-
-## dezvous service descriptors to the directory servers. This
-## information is also uploaded whenever it changes.
-## (Default: 1 hour)
-#RendPostPeriod N seconds|minutes|hours|days|weeks
-#
diff --git a/src/or/config.c b/src/or/config.c
index 279b6599d5..114d59f5ec 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -85,7 +85,7 @@ static config_abbrev_t _option_abbrevs[] = {
PLURAL(LongLivedPort),
PLURAL(HiddenServiceNode),
PLURAL(HiddenServiceExcludeNode),
- PLURAL(NumCpu),
+ PLURAL(NumCPU),
PLURAL(RendNode),
PLURAL(RendExcludeNode),
PLURAL(StrictEntryNode),
@@ -279,10 +279,10 @@ static config_var_t _option_vars[] = {
V(HidServAuth, LINELIST, NULL),
V(HSAuthoritativeDir, BOOL, "0"),
OBSOLETE("HSAuthorityRecordStats"),
- V(HttpProxy, STRING, NULL),
- V(HttpProxyAuthenticator, STRING, NULL),
- V(HttpsProxy, STRING, NULL),
- V(HttpsProxyAuthenticator, STRING, NULL),
+ V(HTTPProxy, STRING, NULL),
+ V(HTTPProxyAuthenticator, STRING, NULL),
+ V(HTTPSProxy, STRING, NULL),
+ V(HTTPSProxyAuthenticator, STRING, NULL),
V(Socks4Proxy, STRING, NULL),
V(Socks5Proxy, STRING, NULL),
V(Socks5ProxyUsername, STRING, NULL),
@@ -304,13 +304,13 @@ static config_var_t _option_vars[] = {
V(MyFamily, STRING, NULL),
V(NewCircuitPeriod, INTERVAL, "30 seconds"),
VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
- V(NatdListenAddress, LINELIST, NULL),
- V(NatdPort, UINT, "0"),
+ V(NATDListenAddress, LINELIST, NULL),
+ V(NATDPort, UINT, "0"),
V(Nickname, STRING, NULL),
V(WarnUnsafeSocks, BOOL, "1"),
- V(NoPublish, BOOL, "0"),
+ OBSOLETE("NoPublish"),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
- V(NumCpus, UINT, "0"),
+ V(NumCPUs, UINT, "0"),
V(NumEntryGuards, UINT, "3"),
V(ORListenAddress, LINELIST, NULL),
V(ORPort, UINT, "0"),
@@ -343,7 +343,8 @@ static config_var_t _option_vars[] = {
V(RephistTrackTime, INTERVAL, "24 hours"),
OBSOLETE("RouterFile"),
V(RunAsDaemon, BOOL, "0"),
- V(RunTesting, BOOL, "0"),
+// V(RunTesting, BOOL, "0"),
+ OBSOLETE("RunTesting"), // currently unused
V(SafeLogging, STRING, "1"),
V(SafeSocks, BOOL, "0"),
V(ServerDNSAllowBrokenConfig, BOOL, "1"),
@@ -2952,8 +2953,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->TransPort == 0 && options->TransListenAddress != NULL)
REJECT("TransPort must be defined if TransListenAddress is defined.");
- if (options->NatdPort == 0 && options->NatdListenAddress != NULL)
- REJECT("NatdPort must be defined if NatdListenAddress is defined.");
+ if (options->NATDPort == 0 && options->NATDListenAddress != NULL)
+ REJECT("NATDPort must be defined if NATDListenAddress is defined.");
/* Don't gripe about SocksPort 0 with SocksListenAddress set; a standard
* configuration does this. */
@@ -2972,8 +2973,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
old = old_options ? old_options->TransListenAddress : NULL;
tp = "transparent proxy";
} else {
- opt = options->NatdListenAddress;
- old = old_options ? old_options->NatdListenAddress : NULL;
+ opt = options->NATDListenAddress;
+ old = old_options ? old_options->NATDListenAddress : NULL;
tp = "natd proxy";
}
@@ -3030,14 +3031,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options_init_logs(options, 1)<0) /* Validate the log(s) */
REJECT("Failed to validate Log options. See logs for details.");
- if (options->NoPublish) {
- log(LOG_WARN, LD_CONFIG,
- "NoPublish is obsolete. Use PublishServerDescriptor instead.");
- SMARTLIST_FOREACH(options->PublishServerDescriptor, char *, s,
- tor_free(s));
- smartlist_clear(options->PublishServerDescriptor);
- }
-
if (authdir_mode(options)) {
/* confirm that our address isn't broken, so we can complain now */
uint32_t tmp;
@@ -3065,14 +3058,14 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->TransPort < 0 || options->TransPort > 65535)
REJECT("TransPort option out of bounds.");
- if (options->NatdPort < 0 || options->NatdPort > 65535)
- REJECT("NatdPort option out of bounds.");
+ if (options->NATDPort < 0 || options->NATDPort > 65535)
+ REJECT("NATDPort option out of bounds.");
if (options->SocksPort == 0 && options->TransPort == 0 &&
- options->NatdPort == 0 && options->ORPort == 0 &&
+ options->NATDPort == 0 && options->ORPort == 0 &&
options->DNSPort == 0 && !options->RendConfigLines)
log(LOG_WARN, LD_CONFIG,
- "SocksPort, TransPort, NatdPort, DNSPort, and ORPort are all "
+ "SocksPort, TransPort, NATDPort, DNSPort, and ORPort are all "
"undefined, and there aren't any hidden services configured. "
"Tor will still run, but probably won't do anything.");
@@ -3435,32 +3428,32 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (accounting_parse_options(options, 1)<0)
REJECT("Failed to parse accounting options. See logs for details.");
- if (options->HttpProxy) { /* parse it now */
- if (tor_addr_port_parse(options->HttpProxy,
- &options->HttpProxyAddr, &options->HttpProxyPort) < 0)
- REJECT("HttpProxy failed to parse or resolve. Please fix.");
- if (options->HttpProxyPort == 0) { /* give it a default */
- options->HttpProxyPort = 80;
+ if (options->HTTPProxy) { /* parse it now */
+ if (tor_addr_port_parse(options->HTTPProxy,
+ &options->HTTPProxyAddr, &options->HTTPProxyPort) < 0)
+ REJECT("HTTPProxy failed to parse or resolve. Please fix.");
+ if (options->HTTPProxyPort == 0) { /* give it a default */
+ options->HTTPProxyPort = 80;
}
}
- if (options->HttpProxyAuthenticator) {
- if (strlen(options->HttpProxyAuthenticator) >= 48)
- REJECT("HttpProxyAuthenticator is too long (>= 48 chars).");
+ if (options->HTTPProxyAuthenticator) {
+ if (strlen(options->HTTPProxyAuthenticator) >= 48)
+ REJECT("HTTPProxyAuthenticator is too long (>= 48 chars).");
}
- if (options->HttpsProxy) { /* parse it now */
- if (tor_addr_port_parse(options->HttpsProxy,
- &options->HttpsProxyAddr, &options->HttpsProxyPort) <0)
- REJECT("HttpsProxy failed to parse or resolve. Please fix.");
- if (options->HttpsProxyPort == 0) { /* give it a default */
- options->HttpsProxyPort = 443;
+ if (options->HTTPSProxy) { /* parse it now */
+ if (tor_addr_port_parse(options->HTTPSProxy,
+ &options->HTTPSProxyAddr, &options->HTTPSProxyPort) <0)
+ REJECT("HTTPSProxy failed to parse or resolve. Please fix.");
+ if (options->HTTPSProxyPort == 0) { /* give it a default */
+ options->HTTPSProxyPort = 443;
}
}
- if (options->HttpsProxyAuthenticator) {
- if (strlen(options->HttpsProxyAuthenticator) >= 48)
- REJECT("HttpsProxyAuthenticator is too long (>= 48 chars).");
+ if (options->HTTPSProxyAuthenticator) {
+ if (strlen(options->HTTPSProxyAuthenticator) >= 48)
+ REJECT("HTTPSProxyAuthenticator is too long (>= 48 chars).");
}
if (options->Socks4Proxy) { /* parse it now */
@@ -3661,10 +3654,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
REJECT("Must set TunnelDirConns if PreferTunneledDirConns is set.");
if ((options->Socks4Proxy || options->Socks5Proxy) &&
- !options->HttpProxy && !options->PreferTunneledDirConns)
+ !options->HTTPProxy && !options->PreferTunneledDirConns)
REJECT("When Socks4Proxy or Socks5Proxy is configured, "
"PreferTunneledDirConns and TunnelDirConns must both be "
- "set to 1, or HttpProxy must be configured.");
+ "set to 1, or HTTPProxy must be configured.");
if (options->AutomapHostsSuffixes) {
SMARTLIST_FOREACH(options->AutomapHostsSuffixes, char *, suf,
@@ -3845,7 +3838,7 @@ options_transition_affects_workers(or_options_t *old_options,
or_options_t *new_options)
{
if (!opt_streq(old_options->DataDirectory, new_options->DataDirectory) ||
- old_options->NumCpus != new_options->NumCpus ||
+ old_options->NumCPUs != new_options->NumCPUs ||
old_options->ORPort != new_options->ORPort ||
old_options->ServerDNSSearchDomains !=
new_options->ServerDNSSearchDomains ||
@@ -3877,7 +3870,6 @@ options_transition_affects_descriptor(or_options_t *old_options,
old_options->ORPort != new_options->ORPort ||
old_options->DirPort != new_options->DirPort ||
old_options->ClientOnly != new_options->ClientOnly ||
- old_options->NoPublish != new_options->NoPublish ||
old_options->_PublishServerDescriptor !=
new_options->_PublishServerDescriptor ||
get_effective_bwrate(old_options) != get_effective_bwrate(new_options) ||
@@ -5000,11 +4992,11 @@ config_parse_interval(const char *s, int *ok)
int
get_num_cpus(const or_options_t *options)
{
- if (options->NumCpus == 0) {
+ if (options->NumCPUs == 0) {
int n = compute_num_cpus();
return (n >= 1) ? n : 1;
} else {
- return options->NumCpus;
+ return options->NumCPUs;
}
}
diff --git a/src/or/connection.c b/src/or/connection.c
index 52996e8ea4..14883157a9 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -623,7 +623,7 @@ connection_about_to_close_connection(connection_t *conn)
or_options_t *options = get_options();
rep_hist_note_connect_failed(or_conn->identity_digest, now);
entry_guard_register_connect_status(or_conn->identity_digest,0,
- !options->HttpsProxy, now);
+ !options->HTTPSProxy, now);
if (conn->state >= OR_CONN_STATE_TLS_HANDSHAKING) {
int reason = tls_error_to_orconn_end_reason(or_conn->tls_error);
control_event_or_conn_status(or_conn, OR_CONN_EVENT_FAILED,
@@ -1413,7 +1413,7 @@ connection_proxy_connect(connection_t *conn, int type)
case PROXY_CONNECT: {
char buf[1024];
char *base64_authenticator=NULL;
- const char *authenticator = options->HttpsProxyAuthenticator;
+ const char *authenticator = options->HTTPSProxyAuthenticator;
/* Send HTTP CONNECT and authentication (if available) in
* one request */
@@ -1918,8 +1918,8 @@ retry_all_listeners(smartlist_t *replaced_conns,
replaced_conns, new_conns, 0,
AF_INET)<0)
return -1;
- if (retry_listeners(CONN_TYPE_AP_NATD_LISTENER, options->NatdListenAddress,
- options->NatdPort, "127.0.0.1",
+ if (retry_listeners(CONN_TYPE_AP_NATD_LISTENER, options->NATDListenAddress,
+ options->NATDPort, "127.0.0.1",
replaced_conns, new_conns, 0,
AF_INET)<0)
return -1;
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 22711d6ae6..c0329b9d7a 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2004,13 +2004,13 @@ connection_ap_process_natd(edge_connection_t *conn)
if (err == 0)
return 0;
if (err < 0) {
- log_warn(LD_APP,"Natd handshake failed (DEST too long). Closing");
+ log_warn(LD_APP,"NATD handshake failed (DEST too long). Closing");
connection_mark_unattached_ap(conn, END_STREAM_REASON_INVALID_NATD_DEST);
return -1;
}
if (strcmpstart(tmp_buf, "[DEST ")) {
- log_warn(LD_APP,"Natd handshake was ill-formed; closing. The client "
+ log_warn(LD_APP,"NATD handshake was ill-formed; closing. The client "
"said: %s",
escaped(tmp_buf));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INVALID_NATD_DEST);
@@ -2019,7 +2019,7 @@ connection_ap_process_natd(edge_connection_t *conn)
daddr = tbuf = &tmp_buf[0] + 6; /* after end of "[DEST " */
if (!(tbuf = strchr(tbuf, ' '))) {
- log_warn(LD_APP,"Natd handshake was ill-formed; closing. The client "
+ log_warn(LD_APP,"NATD handshake was ill-formed; closing. The client "
"said: %s",
escaped(tmp_buf));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INVALID_NATD_DEST);
@@ -2033,7 +2033,7 @@ connection_ap_process_natd(edge_connection_t *conn)
socks->port = (uint16_t)
tor_parse_long(tbuf, 10, 1, 65535, &port_ok, &daddr);
if (!port_ok) {
- log_warn(LD_APP,"Natd handshake failed; port %s is ill-formed or out "
+ log_warn(LD_APP,"NATD handshake failed; port %s is ill-formed or out "
"of range.", escaped(tbuf));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INVALID_NATD_DEST);
return -1;
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 5b8236291a..0809934cea 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -326,7 +326,7 @@ connection_or_finished_connecting(or_connection_t *or_conn)
proxy_type = PROXY_NONE;
- if (get_options()->HttpsProxy)
+ if (get_options()->HTTPSProxy)
proxy_type = PROXY_CONNECT;
else if (get_options()->Socks4Proxy)
proxy_type = PROXY_SOCKS4;
@@ -842,10 +842,10 @@ connection_or_connect(const tor_addr_t *_addr, uint16_t port,
control_event_or_conn_status(conn, OR_CONN_EVENT_LAUNCHED, 0);
/* use a proxy server if available */
- if (options->HttpsProxy) {
+ if (options->HTTPSProxy) {
using_proxy = 1;
- tor_addr_copy(&addr, &options->HttpsProxyAddr);
- port = options->HttpsProxyPort;
+ tor_addr_copy(&addr, &options->HTTPSProxyAddr);
+ port = options->HTTPSProxyPort;
} else if (options->Socks4Proxy) {
using_proxy = 1;
tor_addr_copy(&addr, &options->Socks4ProxyAddr);
diff --git a/src/or/directory.c b/src/or/directory.c
index a4d123d64e..8dece8629a 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -860,7 +860,7 @@ directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
/* ensure that we don't make direct connections when a SOCKS server is
* configured. */
- if (!anonymized_connection && !use_begindir && !options->HttpProxy &&
+ if (!anonymized_connection && !use_begindir && !options->HTTPProxy &&
(options->Socks4Proxy || options->Socks5Proxy)) {
log_warn(LD_DIR, "Cannot connect to a directory server through a "
"SOCKS proxy!");
@@ -891,9 +891,9 @@ directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
if (!anonymized_connection && !use_begindir) {
/* then we want to connect to dirport directly */
- if (options->HttpProxy) {
- tor_addr_copy(&addr, &options->HttpProxyAddr);
- dir_port = options->HttpProxyPort;
+ if (options->HTTPProxy) {
+ tor_addr_copy(&addr, &options->HTTPProxyAddr);
+ dir_port = options->HTTPProxyPort;
}
switch (connection_connect(TO_CONN(conn), conn->_base.address, &addr,
@@ -1084,9 +1084,9 @@ directory_send_command(dir_connection_t *conn,
}
/* come up with some proxy lines, if we're using one. */
- if (direct && get_options()->HttpProxy) {
+ if (direct && get_options()->HTTPProxy) {
char *base64_authenticator=NULL;
- const char *authenticator = get_options()->HttpProxyAuthenticator;
+ const char *authenticator = get_options()->HTTPProxyAuthenticator;
tor_snprintf(proxystring, sizeof(proxystring),"http://%s", hoststring);
if (authenticator) {
diff --git a/src/or/or.h b/src/or/or.h
index 4b3c5a5422..8110500b26 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2535,7 +2535,7 @@ typedef struct {
* connections. */
config_line_t *TransListenAddress;
/** Addresses to bind for listening for transparent natd connections */
- config_line_t *NatdListenAddress;
+ config_line_t *NATDListenAddress;
/** Addresses to bind for listening for SOCKS connections. */
config_line_t *DNSListenAddress;
/** Addresses to bind for listening for OR connections. */
@@ -2559,7 +2559,7 @@ typedef struct {
int SocksPort; /**< Port to listen on for SOCKS connections. */
/** Port to listen on for transparent pf/netfilter connections. */
int TransPort;
- int NatdPort; /**< Port to listen on for transparent natd connections. */
+ int NATDPort; /**< Port to listen on for transparent natd connections. */
int ControlPort; /**< Port to listen on for control connections. */
config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on
* for control connections. */
@@ -2603,8 +2603,6 @@ typedef struct {
int AvoidDiskWrites; /**< Boolean: should we never cache things to disk?
* Not used yet. */
int ClientOnly; /**< Boolean: should we never evolve into a server role? */
- /** Boolean: should we never publish a descriptor? Deprecated. */
- int NoPublish;
/** To what authority types do we publish our descriptor? Choices are
* "v1", "v2", "v3", "bridge", or "". */
smartlist_t *PublishServerDescriptor;
@@ -2703,24 +2701,24 @@ typedef struct {
* use in a second for all relayed conns? */
uint64_t PerConnBWRate; /**< Long-term bw on a single TLS conn, if set. */
uint64_t PerConnBWBurst; /**< Allowed burst on a single TLS conn, if set. */
- int NumCpus; /**< How many CPUs should we try to use? */
- int RunTesting; /**< If true, create testing circuits to measure how well the
- * other ORs are running. */
+ int NumCPUs; /**< How many CPUs should we try to use? */
+//int RunTesting; /**< If true, create testing circuits to measure how well the
+// * other ORs are running. */
config_line_t *RendConfigLines; /**< List of configuration lines
* for rendezvous services. */
config_line_t *HidServAuth; /**< List of configuration lines for client-side
* authorizations for hidden services */
char *ContactInfo; /**< Contact info to be published in the directory. */
- char *HttpProxy; /**< hostname[:port] to use as http proxy, if any. */
- tor_addr_t HttpProxyAddr; /**< Parsed IPv4 addr for http proxy, if any. */
- uint16_t HttpProxyPort; /**< Parsed port for http proxy, if any. */
- char *HttpProxyAuthenticator; /**< username:password string, if any. */
+ char *HTTPProxy; /**< hostname[:port] to use as http proxy, if any. */
+ tor_addr_t HTTPProxyAddr; /**< Parsed IPv4 addr for http proxy, if any. */
+ uint16_t HTTPProxyPort; /**< Parsed port for http proxy, if any. */
+ char *HTTPProxyAuthenticator; /**< username:password string, if any. */
- char *HttpsProxy; /**< hostname[:port] to use as https proxy, if any. */
- tor_addr_t HttpsProxyAddr; /**< Parsed addr for https proxy, if any. */
- uint16_t HttpsProxyPort; /**< Parsed port for https proxy, if any. */
- char *HttpsProxyAuthenticator; /**< username:password string, if any. */
+ char *HTTPSProxy; /**< hostname[:port] to use as https proxy, if any. */
+ tor_addr_t HTTPSProxyAddr; /**< Parsed addr for https proxy, if any. */
+ uint16_t HTTPSProxyPort; /**< Parsed port for https proxy, if any. */
+ char *HTTPSProxyAuthenticator; /**< username:password string, if any. */
char *Socks4Proxy; /**< hostname:port to use as a SOCKS4 proxy, if any. */
tor_addr_t Socks4ProxyAddr; /**< Derived from Socks4Proxy. */
diff --git a/src/or/router.c b/src/or/router.c
index 4d3c66f4d5..f0f72eff3e 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1104,7 +1104,7 @@ proxy_mode(or_options_t *options)
{
return (options->SocksPort != 0 || options->SocksListenAddress ||
options->TransPort != 0 || options->TransListenAddress ||
- options->NatdPort != 0 || options->NatdListenAddress ||
+ options->NATDPort != 0 || options->NATDListenAddress ||
options->DNSPort != 0 || options->DNSListenAddress);
}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion