diff options
author | Nick Mathewson <nickm@torproject.org> | 2014-02-03 13:56:19 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2014-02-03 13:56:19 -0500 |
commit | 5991f9a15646d53b838562fd1424b6a8fd9ef614 (patch) | |
tree | 800e54ebf294ffa564f05e09b75d605ee13a55e3 /src | |
parent | 00ec6e6af0775cd693e12e56eb6df3cbefe57daa (diff) | |
download | tor-5991f9a15646d53b838562fd1424b6a8fd9ef614.tar.gz tor-5991f9a15646d53b838562fd1424b6a8fd9ef614.zip |
TransProxyType replaces TransTPROXY option
I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.
(See #10582 and #10267)
Diffstat (limited to 'src')
-rw-r--r-- | src/or/config.c | 25 | ||||
-rw-r--r-- | src/or/connection.c | 3 | ||||
-rw-r--r-- | src/or/or.h | 6 |
3 files changed, 24 insertions, 10 deletions
diff --git a/src/or/config.c b/src/or/config.c index b76243b709..e7847d5830 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -408,7 +408,7 @@ static config_var_t option_vars_[] = { OBSOLETE("TrafficShaping"), V(TransListenAddress, LINELIST, NULL), VPORT(TransPort, LINELIST, NULL), - V(TransTPROXY, BOOL, "0"), + V(TransProxyType, STRING, "default"), V(TunnelDirConns, BOOL, "1"), V(UpdateBridgesFromAuthority, BOOL, "0"), V(UseBridges, BOOL, "0"), @@ -2517,19 +2517,30 @@ options_validate(or_options_t *old_options, or_options_t *options, "undefined, and there aren't any hidden services configured. " "Tor will still run, but probably won't do anything."); + options->TransProxyType_parsed = TPT_DEFAULT; #ifdef USE_TRANSPARENT - if (options->TransTPROXY) { + if (options->TransProxyType) { + if (!strcasecmp(options->TransProxyType, "default")) { + options->TransProxyType_parsed = TPT_DEFAULT; + } else if (!strcasecmp(options->TransProxyType, "tproxy")) { #ifndef __linux__ - REJECT("TransTPROXY is a Linux-specific feature.") + REJECT("TPROXY is a Linux-specific feature."); +#else + options->TransProxyType_parsed = TPT_TPROXY; #endif - if (!options->TransPort_set) { - REJECT("Cannot use TransTPROXY without any valid TransPort or " + } else { + REJECT("Unrecognized value for TransProxyType"); + } + + if (strcasecmp(options->TransProxyType, "default") && + !options->TransPort_set) { + REJECT("Cannot use TransProxyType without any valid TransPort or " "TransListenAddress."); } } #else - if (options->TransPort_set || options->TransTPROXY) - REJECT("TransPort, TransListenAddress, and TransTPROXY are disabled " + if (options->TransPort_set) + REJECT("TransPort and TransListenAddress are disabled " "in this build."); #endif diff --git a/src/or/connection.c b/src/or/connection.c index 6dbba668c6..942bfc598f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1036,7 +1036,8 @@ connection_listener_new(const struct sockaddr *listensockaddr, make_socket_reuseable(s); #if defined USE_TRANSPARENT && defined(IP_TRANSPARENT) - if (options->TransTPROXY && type == CONN_TYPE_AP_TRANS_LISTENER) { + if (options->TransProxyType_parsed == TPT_TPROXY && + type == CONN_TYPE_AP_TRANS_LISTENER) { int one = 1; if (setsockopt(s, SOL_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0) { const char *extra = ""; diff --git a/src/or/or.h b/src/or/or.h index 40fc567f5e..b63b1ffcbe 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3498,8 +3498,10 @@ typedef struct { config_line_t *SocksPort_lines; /** Ports to listen on for transparent pf/netfilter connections. */ config_line_t *TransPort_lines; - int TransTPROXY; /** < Boolean: are we going to listen for all destinations - * on the TransPort_lines are required for TPROXY? */ + const char *TransProxyType; /**< What kind of transparent proxy + * implementation are we using? */ + /** Parsed value of TransProxyType. */ + enum { TPT_DEFAULT, TPT_TPROXY } TransProxyType_parsed; config_line_t *NATDPort_lines; /**< Ports to listen on for transparent natd * connections. */ config_line_t *ControlPort_lines; /**< Ports to listen on for control |