Loading src/or/circuituse.c +0 −3 Original line number Diff line number Diff line Loading @@ -85,9 +85,6 @@ static int circuit_is_acceptable(circuit_t *circ, if (conn->socks_request && conn->socks_request->command == SOCKS_COMMAND_RESOLVE) { /* 0.0.8 servers have buggy resolve support. */ if (!tor_version_as_new_as(exitrouter->platform, "0.0.9pre1")) return 0; } else if (purpose == CIRCUIT_PURPOSE_C_GENERAL) { if (!connection_ap_can_use_exit(conn, exitrouter)) { /* can't exit from this router */ Loading src/or/config.c +1 −2 Original line number Diff line number Diff line Loading @@ -1332,8 +1332,7 @@ options_validate(or_options_t *options) #define MIN_REND_POST_PERIOD 300 #define MIN_STATUS_FETCH_PERIOD 60 /* After 0.0.8 is dead, change this to MIN_ONION_KEY_LIFETIME. */ #define MAX_DIR_PERIOD (OLD_MIN_ONION_KEY_LIFETIME/2) #define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2) #define MAX_CACHE_DIR_FETCH_PERIOD 3600 #define MAX_CACHE_STATUS_FETCH_PERIOD 900 Loading src/or/connection_edge.c +1 −5 Original line number Diff line number Diff line Loading @@ -1016,11 +1016,7 @@ int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit) } } if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE) { /* 0.0.8 servers have buggy resolve support. */ if (!tor_version_as_new_as(exit->platform, "0.0.9pre1")) return 0; } else { if (conn->socks_request->command != SOCKS_COMMAND_RESOLVE) { addr = client_dns_lookup_entry(conn->socks_request->address); if (router_compare_addr_to_addr_policy(addr, conn->socks_request->port, exit->exit_policy) == ADDR_POLICY_REJECTED) Loading src/or/connection_or.c +3 −9 Original line number Diff line number Diff line Loading @@ -344,16 +344,10 @@ connection_tls_finish_handshake(connection_t *conn) { conn->state = OR_CONN_STATE_OPEN; connection_watch_events(conn, EV_READ); log_fn(LOG_DEBUG,"tls handshake done. verifying."); if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an old OP. */ if (server_mode(options)) { /* I'm an OR; good. */ conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP; return 0; } else { /* Neither side sent a certificate: ouch. */ log_fn(LOG_WARN,"Neither peer sent a cert! Closing."); if (! tor_tls_peer_has_cert(conn->tls)) { log_fn(LOG_WARN,"Peer didn't send a cert! Closing."); return -1; } } /* Okay; the other side is an OR or a post-0.0.8 OP (with a cert). */ if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, sizeof(nickname))) { log_fn(LOG_WARN,"Other side (%s:%d) has a cert without a valid nickname. Closing.", conn->address, conn->port); Loading src/or/or.h +0 −1 Original line number Diff line number Diff line Loading @@ -145,7 +145,6 @@ #endif /** How often do we rotate onion keys? */ #define OLD_MIN_ONION_KEY_LIFETIME (12*60*60) /* twice a day */ #define MIN_ONION_KEY_LIFETIME (7*24*60*60) /* once a week */ /** How often do we rotate TLS contexts? */ #define MAX_SSL_KEY_LIFETIME (120*60) Loading Loading
src/or/circuituse.c +0 −3 Original line number Diff line number Diff line Loading @@ -85,9 +85,6 @@ static int circuit_is_acceptable(circuit_t *circ, if (conn->socks_request && conn->socks_request->command == SOCKS_COMMAND_RESOLVE) { /* 0.0.8 servers have buggy resolve support. */ if (!tor_version_as_new_as(exitrouter->platform, "0.0.9pre1")) return 0; } else if (purpose == CIRCUIT_PURPOSE_C_GENERAL) { if (!connection_ap_can_use_exit(conn, exitrouter)) { /* can't exit from this router */ Loading
src/or/config.c +1 −2 Original line number Diff line number Diff line Loading @@ -1332,8 +1332,7 @@ options_validate(or_options_t *options) #define MIN_REND_POST_PERIOD 300 #define MIN_STATUS_FETCH_PERIOD 60 /* After 0.0.8 is dead, change this to MIN_ONION_KEY_LIFETIME. */ #define MAX_DIR_PERIOD (OLD_MIN_ONION_KEY_LIFETIME/2) #define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2) #define MAX_CACHE_DIR_FETCH_PERIOD 3600 #define MAX_CACHE_STATUS_FETCH_PERIOD 900 Loading
src/or/connection_edge.c +1 −5 Original line number Diff line number Diff line Loading @@ -1016,11 +1016,7 @@ int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit) } } if (conn->socks_request->command == SOCKS_COMMAND_RESOLVE) { /* 0.0.8 servers have buggy resolve support. */ if (!tor_version_as_new_as(exit->platform, "0.0.9pre1")) return 0; } else { if (conn->socks_request->command != SOCKS_COMMAND_RESOLVE) { addr = client_dns_lookup_entry(conn->socks_request->address); if (router_compare_addr_to_addr_policy(addr, conn->socks_request->port, exit->exit_policy) == ADDR_POLICY_REJECTED) Loading
src/or/connection_or.c +3 −9 Original line number Diff line number Diff line Loading @@ -344,16 +344,10 @@ connection_tls_finish_handshake(connection_t *conn) { conn->state = OR_CONN_STATE_OPEN; connection_watch_events(conn, EV_READ); log_fn(LOG_DEBUG,"tls handshake done. verifying."); if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an old OP. */ if (server_mode(options)) { /* I'm an OR; good. */ conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP; return 0; } else { /* Neither side sent a certificate: ouch. */ log_fn(LOG_WARN,"Neither peer sent a cert! Closing."); if (! tor_tls_peer_has_cert(conn->tls)) { log_fn(LOG_WARN,"Peer didn't send a cert! Closing."); return -1; } } /* Okay; the other side is an OR or a post-0.0.8 OP (with a cert). */ if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, sizeof(nickname))) { log_fn(LOG_WARN,"Other side (%s:%d) has a cert without a valid nickname. Closing.", conn->address, conn->port); Loading
src/or/or.h +0 −1 Original line number Diff line number Diff line Loading @@ -145,7 +145,6 @@ #endif /** How often do we rotate onion keys? */ #define OLD_MIN_ONION_KEY_LIFETIME (12*60*60) /* twice a day */ #define MIN_ONION_KEY_LIFETIME (7*24*60*60) /* once a week */ /** How often do we rotate TLS contexts? */ #define MAX_SSL_KEY_LIFETIME (120*60) Loading
