aboutsummaryrefslogtreecommitdiff
path: root/src/app
diff options
context:
space:
mode:
Diffstat (limited to 'src/app')
-rw-r--r--src/app/config/config.c107
-rw-r--r--src/app/config/confparse.c15
-rw-r--r--src/app/config/confparse.h2
-rw-r--r--src/app/config/or_options_st.h16
4 files changed, 33 insertions, 107 deletions
diff --git a/src/app/config/config.c b/src/app/config/config.c
index d7c9f6d610..6d5b44f1f4 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -180,7 +180,6 @@ static config_abbrev_t option_abbrevs_[] = {
PLURAL(AuthDirRejectCC),
PLURAL(EntryNode),
PLURAL(ExcludeNode),
- PLURAL(Tor2webRendezvousPoint),
PLURAL(FirewallPort),
PLURAL(LongLivedPort),
PLURAL(HiddenServiceNode),
@@ -266,6 +265,9 @@ DUMMY_TYPECHECK_INSTANCE(or_options_t);
VAR(#member, LINELIST_S, member ## _lines, NULL), \
VAR("__" #member, LINELIST_S, member ## _lines, NULL)
+/** UINT64_MAX as a decimal string */
+#define UINT64_MAX_STRING "18446744073709551615"
+
/** Array of configuration options. Until we disallow nonstandard
* abbreviations, order is significant, since the first matching option will
* be chosen first.
@@ -604,8 +606,8 @@ static config_var_t option_vars_[] = {
OBSOLETE("Support022HiddenServices"),
V(TestSocks, BOOL, "0"),
V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"),
- V(Tor2webMode, BOOL, "0"),
- V(Tor2webRendezvousPoints, ROUTERSET, NULL),
+ OBSOLETE("Tor2webMode"),
+ OBSOLETE("Tor2webRendezvousPoints"),
OBSOLETE("TLSECGroup"),
V(TrackHostExits, CSV, NULL),
V(TrackHostExitsExpire, INTERVAL, "30 minutes"),
@@ -653,7 +655,7 @@ static config_var_t option_vars_[] = {
VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
NULL),
VAR("__OwningControllerProcess",STRING,OwningControllerProcess, NULL),
- VAR("__OwningControllerFD",INT,OwningControllerFD, "-1"),
+ VAR("__OwningControllerFD", UINT64, OwningControllerFD, UINT64_MAX_STRING),
V(MinUptimeHidServDirectoryV2, INTERVAL, "96 hours"),
V(TestingServerDownloadInitialDelay, CSV_INTERVAL, "0"),
V(TestingClientDownloadInitialDelay, CSV_INTERVAL, "0"),
@@ -1705,8 +1707,7 @@ options_need_geoip_info(const or_options_t *options, const char **reason_out)
routerset_needs_geoip(options->ExcludeExitNodes) ||
routerset_needs_geoip(options->ExcludeNodes) ||
routerset_needs_geoip(options->HSLayer2Nodes) ||
- routerset_needs_geoip(options->HSLayer3Nodes) ||
- routerset_needs_geoip(options->Tor2webRendezvousPoints);
+ routerset_needs_geoip(options->HSLayer3Nodes);
if (routerset_usage && reason_out) {
*reason_out = "We've been configured to use (or avoid) nodes in certain "
@@ -1889,27 +1890,6 @@ options_act(const or_options_t *old_options)
"in a non-anonymous mode. It will provide NO ANONYMITY.");
}
-#ifdef ENABLE_TOR2WEB_MODE
-/* LCOV_EXCL_START */
- // XXXX This should move into options_validate()
- if (!options->Tor2webMode) {
- log_err(LD_CONFIG, "This copy of Tor was compiled to run in "
- "'tor2web mode'. It can only be run with the Tor2webMode torrc "
- "option enabled.");
- return -1;
- }
-/* LCOV_EXCL_STOP */
-#else /* !(defined(ENABLE_TOR2WEB_MODE)) */
- // XXXX This should move into options_validate()
- if (options->Tor2webMode) {
- log_err(LD_CONFIG, "This copy of Tor was not compiled to run in "
- "'tor2web mode'. It cannot be run with the Tor2webMode torrc "
- "option enabled. To enable Tor2webMode recompile with the "
- "--enable-tor2web-mode option.");
- return -1;
- }
-#endif /* defined(ENABLE_TOR2WEB_MODE) */
-
/* If we are a bridge with a pluggable transport proxy but no
Extended ORPort, inform the user that they are missing out. */
if (server_mode(options) && options->ServerTransportPlugin &&
@@ -1955,12 +1935,8 @@ options_act(const or_options_t *old_options)
// LCOV_EXCL_STOP
}
- if (running_tor && !old_options && options->OwningControllerFD != -1) {
-#ifdef _WIN32
- log_warn(LD_CONFIG, "OwningControllerFD is not supported on Windows. "
- "If you need it, tell the Tor developers.");
- return -1;
-#else
+ if (running_tor && !old_options &&
+ options->OwningControllerFD != UINT64_MAX) {
const unsigned ctrl_flags =
CC_LOCAL_FD_IS_OWNER |
CC_LOCAL_FD_IS_AUTHENTICATED;
@@ -1970,7 +1946,6 @@ options_act(const or_options_t *old_options)
"given FD.");
return -1;
}
-#endif /* defined(_WIN32) */
}
/* Load state */
@@ -2171,8 +2146,6 @@ options_act(const or_options_t *old_options)
options->HSLayer2Nodes) ||
!routerset_equal(old_options->HSLayer3Nodes,
options->HSLayer3Nodes) ||
- !routerset_equal(old_options->Tor2webRendezvousPoints,
- options->Tor2webRendezvousPoints) ||
options->StrictNodes != old_options->StrictNodes) {
log_info(LD_CIRC,
"Changed to using entry guards or bridges, or changed "
@@ -3314,23 +3287,12 @@ options_validate_single_onion(or_options_t *options, char **msg)
options->NATDPort_set ||
options->DNSPort_set ||
options->HTTPTunnelPort_set);
- if (rend_service_non_anonymous_mode_enabled(options) && client_port_set &&
- !options->Tor2webMode) {
+ if (rend_service_non_anonymous_mode_enabled(options) && client_port_set) {
REJECT("HiddenServiceNonAnonymousMode is incompatible with using Tor as "
"an anonymous client. Please set Socks/Trans/NATD/DNSPort to 0, or "
"revert HiddenServiceNonAnonymousMode to 0.");
}
- /* If you run a hidden service in non-anonymous mode, the hidden service
- * loses anonymity, even if SOCKSPort / Tor2web mode isn't used. */
- if (!rend_service_non_anonymous_mode_enabled(options) &&
- options->RendConfigLines && options->Tor2webMode) {
- REJECT("Non-anonymous (Tor2web) mode is incompatible with using Tor as a "
- "hidden service. Please remove all HiddenServiceDir lines, or use "
- "a version of tor compiled without --enable-tor2web-mode, or use "
- "HiddenServiceNonAnonymousMode.");
- }
-
if (rend_service_allow_non_anonymous_connection(options)
&& options->UseEntryGuards) {
/* Single Onion services only use entry guards when uploading descriptors;
@@ -3366,7 +3328,6 @@ STATIC int
options_validate(or_options_t *old_options, or_options_t *options,
or_options_t *default_options, int from_setconf, char **msg)
{
- int i;
config_line_t *cl;
const char *uname = get_uname();
int n_ports=0;
@@ -3687,30 +3648,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
}
}
- /* Terminate Reachable*Addresses with reject *
- */
- for (i=0; i<3; i++) {
- config_line_t **linep =
- (i==0) ? &options->ReachableAddresses :
- (i==1) ? &options->ReachableORAddresses :
- &options->ReachableDirAddresses;
- if (!*linep)
- continue;
- /* We need to end with a reject *:*, not an implicit accept *:* */
- for (;;) {
- linep = &((*linep)->next);
- if (!*linep) {
- *linep = tor_malloc_zero(sizeof(config_line_t));
- (*linep)->key = tor_strdup(
- (i==0) ? "ReachableAddresses" :
- (i==1) ? "ReachableORAddresses" :
- "ReachableDirAddresses");
- (*linep)->value = tor_strdup("reject *:*");
- break;
- }
- }
- }
-
if ((options->ReachableAddresses ||
options->ReachableORAddresses ||
options->ReachableDirAddresses ||
@@ -3825,26 +3762,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
REJECT("CircuitsAvailableTimeout is too large. Max is 24 hours.");
}
-#ifdef ENABLE_TOR2WEB_MODE
- if (options->Tor2webMode && options->UseEntryGuards) {
- /* tor2web mode clients do not (and should not) use entry guards
- * in any meaningful way. Further, tor2web mode causes the hidden
- * service client code to do things which break the path bias
- * detector, and it's far easier to turn off entry guards (and
- * thus the path bias detector with it) than to figure out how to
- * make a piece of code which cannot possibly help tor2web mode
- * users compatible with tor2web mode.
- */
- log_notice(LD_CONFIG,
- "Tor2WebMode is enabled; disabling UseEntryGuards.");
- options->UseEntryGuards = 0;
- }
-#endif /* defined(ENABLE_TOR2WEB_MODE) */
-
- if (options->Tor2webRendezvousPoints && !options->Tor2webMode) {
- REJECT("Tor2webRendezvousPoints cannot be set without Tor2webMode.");
- }
-
if (options->EntryNodes && !options->UseEntryGuards) {
REJECT("If EntryNodes is set, UseEntryGuards must be enabled.");
}
@@ -4721,8 +4638,7 @@ have_enough_mem_for_dircache(const or_options_t *options, size_t total_mem,
} else {
if (total_mem >= DIRCACHE_MIN_MEM_BYTES) {
*msg = tor_strdup("DirCache is disabled and we are configured as a "
- "relay. This may disqualify us from becoming a guard in the "
- "future.");
+ "relay. We will not become a Guard.");
}
}
return *msg == NULL ? 0 : -1;
@@ -8211,6 +8127,7 @@ getinfo_helper_config(control_connection_t *conn,
case CONFIG_TYPE_STRING: type = "String"; break;
case CONFIG_TYPE_FILENAME: type = "Filename"; break;
case CONFIG_TYPE_UINT: type = "Integer"; break;
+ case CONFIG_TYPE_UINT64: type = "Integer"; break;
case CONFIG_TYPE_INT: type = "SignedInteger"; break;
case CONFIG_TYPE_PORT: type = "Port"; break;
case CONFIG_TYPE_INTERVAL: type = "TimeInterval"; break;
diff --git a/src/app/config/confparse.c b/src/app/config/confparse.c
index 6fa4fd1ea8..045cbc94fe 100644
--- a/src/app/config/confparse.c
+++ b/src/app/config/confparse.c
@@ -195,6 +195,19 @@ config_assign_value(const config_format_t *fmt, void *options,
*(int *)lvalue = i;
break;
+ case CONFIG_TYPE_UINT64: {
+ uint64_t u64 = tor_parse_uint64(c->value, 10,
+ 0, UINT64_MAX, &ok, NULL);
+ if (!ok) {
+ tor_asprintf(msg,
+ "uint64 keyword '%s %s' is malformed or out of bounds.",
+ c->key, c->value);
+ return -1;
+ }
+ *(uint64_t *)lvalue = u64;
+ break;
+ }
+
case CONFIG_TYPE_CSV_INTERVAL: {
/* We used to have entire smartlists here. But now that all of our
* download schedules use exponential backoff, only the first part
@@ -574,6 +587,7 @@ config_get_assigned_option(const config_format_t *fmt, const void *options,
tor_asprintf(&result->value, "%d", *(int*)value);
escape_val = 0; /* Can't need escape. */
break;
+ case CONFIG_TYPE_UINT64: /* Fall through */
case CONFIG_TYPE_MEMUNIT:
tor_asprintf(&result->value, "%"PRIu64,
(*(uint64_t*)value));
@@ -781,6 +795,7 @@ config_clear(const config_format_t *fmt, void *options,
case CONFIG_TYPE_AUTOBOOL:
*(int*)lvalue = -1;
break;
+ case CONFIG_TYPE_UINT64:
case CONFIG_TYPE_MEMUNIT:
*(uint64_t*)lvalue = 0;
break;
diff --git a/src/app/config/confparse.h b/src/app/config/confparse.h
index 570428c904..aebd035c56 100644
--- a/src/app/config/confparse.h
+++ b/src/app/config/confparse.h
@@ -19,6 +19,7 @@ typedef enum config_type_t {
CONFIG_TYPE_FILENAME, /**< A filename: some prefixes get expanded. */
CONFIG_TYPE_UINT, /**< A non-negative integer less than MAX_INT */
CONFIG_TYPE_INT, /**< Any integer. */
+ CONFIG_TYPE_UINT64, /**< A value in range 0..UINT64_MAX */
CONFIG_TYPE_PORT, /**< A port from 1...65535, 0 for "not set", or
* "auto". */
CONFIG_TYPE_INTERVAL, /**< A number of seconds, with optional units*/
@@ -60,6 +61,7 @@ typedef union {
* "UINT", it still uses the C int type -- it just enforces that
* the values are in range [0,INT_MAX].
*/
+ uint64_t *UINT64;
int *INT;
int *PORT;
int *INTERVAL;
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 627b39aea3..9876a41614 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -262,14 +262,6 @@ struct or_options_t {
int AllDirActionsPrivate; /**< Should every directory action be sent
* through a Tor circuit? */
- /** Run in 'tor2web mode'? (I.e. only make client connections to hidden
- * services, and use a single hop for all hidden-service-related
- * circuits.) */
- int Tor2webMode;
-
- /** A routerset that should be used when picking RPs for HS circuits. */
- routerset_t *Tor2webRendezvousPoints;
-
/** A routerset that should be used when picking middle nodes for HS
* circuits. */
routerset_t *HSLayer2Nodes;
@@ -514,7 +506,7 @@ struct or_options_t {
* instance. Tor will terminate if its owning controller does. */
char *OwningControllerProcess;
/** FD specifier for a controller that owns this Tor instance. */
- int OwningControllerFD;
+ uint64_t OwningControllerFD;
int ShutdownWaitLength; /**< When we get a SIGINT and we're a server, how
* long do we wait before exiting? */
@@ -543,9 +535,9 @@ struct or_options_t {
* of fixed nodes? */
int UseEntryGuards_option;
/** Internal variable to remember whether we're actually acting on
- * UseEntryGuards_option -- when we're a non-anonymous Tor2web client or
- * Single Onion Service, it is always false, otherwise we use the value of
- * UseEntryGuards_option. */
+ * UseEntryGuards_option -- when we're a non-anonymous Single Onion Service,
+ * it is always false, otherwise we use the value of UseEntryGuards_option.
+ * */
int UseEntryGuards;
int NumEntryGuards; /**< How many entry guards do we try to establish? */
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion