Commit a40ad152 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

When using eventdns: suppress logging of addresses when SafeLogging is active,...

When using eventdns: suppress logging of addresses when SafeLogging is active, and make set of nameservers configurable from torrc.


svn:r6744
parent f33c4f97
...@@ -58,6 +58,7 @@ static config_abbrev_t _option_abbrevs[] = { ...@@ -58,6 +58,7 @@ static config_abbrev_t _option_abbrevs[] = {
PLURAL(LongLivedPort), PLURAL(LongLivedPort),
PLURAL(HiddenServiceNode), PLURAL(HiddenServiceNode),
PLURAL(HiddenServiceExcludeNode), PLURAL(HiddenServiceExcludeNode),
PLURAL(Nameserver),
PLURAL(NumCpu), PLURAL(NumCpu),
PLURAL(RendNode), PLURAL(RendNode),
PLURAL(RendExcludeNode), PLURAL(RendExcludeNode),
...@@ -191,6 +192,7 @@ static config_var_t _option_vars[] = { ...@@ -191,6 +192,7 @@ static config_var_t _option_vars[] = {
OBSOLETE("MonthlyAccountingStart"), OBSOLETE("MonthlyAccountingStart"),
VAR("MyFamily", STRING, MyFamily, NULL), VAR("MyFamily", STRING, MyFamily, NULL),
VAR("NewCircuitPeriod", INTERVAL, NewCircuitPeriod, "30 seconds"), VAR("NewCircuitPeriod", INTERVAL, NewCircuitPeriod, "30 seconds"),
VAR("Nameservers", CSV, Nameservers, ""),
VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"), VAR("NamingAuthoritativeDirectory",BOOL, NamingAuthoritativeDir, "0"),
VAR("Nickname", STRING, Nickname, NULL), VAR("Nickname", STRING, Nickname, NULL),
VAR("NoPublish", BOOL, NoPublish, "0"), VAR("NoPublish", BOOL, NoPublish, "0"),
...@@ -1971,6 +1973,30 @@ validate_ports_csv(smartlist_t *sl, const char *name, char **msg) ...@@ -1971,6 +1973,30 @@ validate_ports_csv(smartlist_t *sl, const char *name, char **msg)
return 0; return 0;
} }
/* Return 0 if every element of sl is a string holding an IP address, or if sl
* is NULL. Otherwise set *msg and return -1. */
static int
validate_ips_csv(smartlist_t *sl, const char *name, char **msg)
{
char buf[1024];
tor_assert(name);
if (!sl)
return 0;
SMARTLIST_FOREACH(sl, const char *, cp,
{
struct in_addr in;
if (0 == tor_inet_aton(cp, &in)) {
int r = tor_snprintf(buf, sizeof(buf),
"Malformed address '%s' out of range in %s", cp, name);
*msg = tor_strdup(r >= 0 ? buf : "internal error");
return -1;
}
});
return 0;
}
/** Lowest allowable value for RendPostPeriod; if this is too low, hidden /** Lowest allowable value for RendPostPeriod; if this is too low, hidden
* services can overload the directory system. */ * services can overload the directory system. */
#define MIN_REND_POST_PERIOD (5*60) #define MIN_REND_POST_PERIOD (5*60)
...@@ -2186,6 +2212,9 @@ options_validate(or_options_t *old_options, or_options_t *options, ...@@ -2186,6 +2212,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (validate_ports_csv(options->LongLivedPorts, "LongLivedPorts", msg) < 0) if (validate_ports_csv(options->LongLivedPorts, "LongLivedPorts", msg) < 0)
return -1; return -1;
if (validate_ips_csv(options->Nameservers, "Nameservers", msg) < 0)
return -1;
if (options->FascistFirewall && !options->ReachableAddresses) { if (options->FascistFirewall && !options->ReachableAddresses) {
if (smartlist_len(options->FirewallPorts)) { if (smartlist_len(options->FirewallPorts)) {
/* We already have firewall ports set, so migrate them to /* We already have firewall ports set, so migrate them to
......
...@@ -122,6 +122,11 @@ init_cache_map(void) ...@@ -122,6 +122,11 @@ init_cache_map(void)
static void static void
eventdns_log_cb(const char *msg) eventdns_log_cb(const char *msg)
{ {
if (!strcmpstart(msg, "Resolve requested for") &&
get_options()->SafeLogging) {
log(LOG_INFO, LD_EXIT, "eventdns: Resolve requested.");
return;
}
log(LOG_INFO, LD_EXIT, "eventdns: %s", msg); log(LOG_INFO, LD_EXIT, "eventdns: %s", msg);
} }
#endif #endif
...@@ -130,12 +135,29 @@ eventdns_log_cb(const char *msg) ...@@ -130,12 +135,29 @@ eventdns_log_cb(const char *msg)
void void
dns_init(void) dns_init(void)
{ {
init_cache_map(); init_cache_map();
dnsworkers_rotate(); dnsworkers_rotate();
#ifdef USE_EVENTDNS #ifdef USE_EVENTDNS
{
or_options_t *options = get_options();
eventdns_set_log_fn(eventdns_log_cb); eventdns_set_log_fn(eventdns_log_cb);
if (options->Nameservers && smartlist_len(options->Nameservers)) {
SMARTLIST_FOREACH(options->Nameservers, const char *, ip,
{
struct in_addr in;
log_info(LD_EXIT, "Parsing /etc/resolv.conf");
if (tor_inet_aton(ip, &in)) {
log_info(LD_EXIT, "Adding nameserver '%s'", ip);
eventdns_nameserver_add(in.s_addr);
}
});
} else {
log_info(LD_EXIT, "Parsing /etc/resolv.conf");
eventdns_resolv_conf_parse(DNS_OPTION_NAMESERVERS|DNS_OPTION_MISC, eventdns_resolv_conf_parse(DNS_OPTION_NAMESERVERS|DNS_OPTION_MISC,
"/etc/resolv.conf"); "/etc/resolv.conf");
}
}
#endif #endif
} }
......
...@@ -1414,6 +1414,8 @@ typedef struct { ...@@ -1414,6 +1414,8 @@ typedef struct {
char *VirtualAddrNetwork; /**< Address and mask to hand out for virtual char *VirtualAddrNetwork; /**< Address and mask to hand out for virtual
* MAPADDRESS requests. */ * MAPADDRESS requests. */
smartlist_t *Nameservers; /**< If provided, overrides the platform nameserver
* list. when using eventdns. */
} or_options_t; } or_options_t;
/** Persistent state for an onion router, as saved to disk. */ /** Persistent state for an onion router, as saved to disk. */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment