Commit 3b2dd8d7 authored by Roger Dingledine's avatar Roger Dingledine
Browse files

Three new config options (AlternateDirAuthority,

AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.


svn:r12777
parent b8655872
......@@ -29,6 +29,10 @@ Changes in version 0.2.0.13-alpha - 2007-12-??
downloading new consensus documents. Bridge users now wait until
the end of the interval, so their bridge will be sure to have a
new consensus document.
- Three new config options (AlternateDirAuthority,
AlternateBridgeAuthority, and AlternateHSAuthority) that let the
user selectively replace the default directory authorities, rather
than the all-or-nothing replacement that DirServer offers.
o Minor bugfixes:
- The fix in 0.2.0.12-alpha cleared the "hsdir" flag in v3 network
......
......@@ -42,14 +42,16 @@ N * answer by IP/timestamp
- run a little web server on moria?
N d answer by answering email to bridges@torproject
- keep track of which addresses have been answered already
R d some sort of reachability testing on bridges
R - bridge communities
- spec
- deploy
- man page entries for Alternate*Authority config options
- make the Alternate*Authority config options pass a "default_type"
to parse_dir_server_line() so they don't demand as much redundancy
d some sort of reachability testing on bridges
- interface for letting soat modify flags that authorities assign
R . spec
- deploy
- add an AuthDirBadexit torrc option if we decide we want one.
o add an AuthDirBadexit torrc option if we decide we want one.
S * tor usb windows image (vidalia, polipo, tor, firefox)
S/M - vidalia can launch firefox
- build a community version of firefox
......
......@@ -130,6 +130,9 @@ static config_var_t _option_vars[] = {
V(Address, STRING, NULL),
V(AllowInvalidNodes, CSV, "middle,rendezvous"),
V(AllowNonRFC953Hostnames, BOOL, "0"),
V(AlternateBridgeAuthority, LINELIST, NULL),
V(AlternateDirAuthority, LINELIST, NULL),
V(AlternateHSAuthority, LINELIST, NULL),
V(AssumeReachable, BOOL, "0"),
V(AuthDirBadDir, LINELIST, NULL),
V(AuthDirBadExit, LINELIST, NULL),
......@@ -590,6 +593,7 @@ static void option_clear(config_format_t *fmt, or_options_t *options,
static void option_reset(config_format_t *fmt, or_options_t *options,
config_var_t *var, int use_defaults);
static void config_free(config_format_t *fmt, void *options);
static int config_lines_eq(config_line_t *a, config_line_t *b);
static int option_is_same(config_format_t *fmt,
or_options_t *o1, or_options_t *o2,
const char *name);
......@@ -608,7 +612,9 @@ static int check_nickname_list(const char *lst, const char *name, char **msg);
static void config_register_addressmaps(or_options_t *options);
static int parse_bridge_line(const char *line, int validate_only);
static int parse_dir_server_line(const char *line, int validate_only);
static int parse_dir_server_line(const char *line,
authority_type_t required_type,
int validate_only);
static int parse_redirect_line(smartlist_t *result,
config_line_t *line, char **msg);
static int parse_log_severity_range(const char *range, int *min_out,
......@@ -795,9 +801,10 @@ escaped_safe_str(const char *address)
return escaped(address);
}
/** Add the default directory servers directly into the trusted dir list. */
/** Add the default directory authorities directly into the trusted dir list,
* but only add them insofar as they share bits with <b>type</b>. */
static void
add_default_trusted_dirservers(void)
add_default_trusted_dir_authorities(authority_type_t type)
{
int i;
const char *dirservers[] = {
......@@ -818,7 +825,110 @@ add_default_trusted_dirservers(void)
NULL
};
for (i=0; dirservers[i]; i++)
parse_dir_server_line(dirservers[i], 0);
parse_dir_server_line(dirservers[i], type, 0);
}
/** Look at all the config options for using alternate directory
* authorities, and make sure none of them are broken. Also, warn the
* user if we changed any dangerous ones.
*/
static int
validate_dir_authorities(or_options_t *options, or_options_t *old_options)
{
config_line_t *cl;
if (options->DirServers &&
(options->AlternateDirAuthority || options->AlternateBridgeAuthority ||
options->AlternateHSAuthority)) {
log_warn(LD_CONFIG,
"You cannot set both DirServers and Alternate*Authority.");
return -1;
}
/* do we want to complain to the user about being partitionable? */
if ((options->DirServers &&
(!old_options ||
!config_lines_eq(options->DirServers, old_options->DirServers))) ||
(options->AlternateDirAuthority &&
(!old_options ||
!config_lines_eq(options->AlternateDirAuthority,
old_options->AlternateDirAuthority)))) {
log_warn(LD_CONFIG,
"You have used DirServer or AlternateDirAuthority to "
"specify alternate directory authorities in "
"your configuration. This is potentially dangerous: it can "
"make you look different from all other Tor users, and hurt "
"your anonymity. Even if you've specified the same "
"authorities as Tor uses by default, the defaults could "
"change in the future. Be sure you know what you're doing.");
}
/* Now go through the four ways you can configure an alternate
* set of directory authorities, and make sure none are broken. */
for (cl = options->DirServers; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 1)<0)
return -1;
for (cl = options->AlternateBridgeAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 1)<0)
return -1;
for (cl = options->AlternateDirAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 1)<0)
return -1;
for (cl = options->AlternateHSAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 1)<0)
return -1;
return 0;
}
/** Look at all the config options and assign new dir authorities
* as appropriate.
*/
static int
consider_adding_dir_authorities(or_options_t *options,
or_options_t *old_options)
{
config_line_t *cl;
int need_to_update =
!smartlist_len(router_get_trusted_dir_servers()) ||
!config_lines_eq(options->DirServers, old_options->DirServers) ||
!config_lines_eq(options->AlternateBridgeAuthority,
old_options->AlternateBridgeAuthority) ||
!config_lines_eq(options->AlternateDirAuthority,
old_options->AlternateDirAuthority) ||
!config_lines_eq(options->AlternateHSAuthority,
old_options->AlternateHSAuthority);
if (!need_to_update)
return 0; /* all done */
/* Start from a clean slate. */
clear_trusted_dir_servers();
if (!options->DirServers) {
/* then we may want some of the defaults */
authority_type_t type = NO_AUTHORITY;
if (!options->AlternateBridgeAuthority)
type |= BRIDGE_AUTHORITY;
if (!options->AlternateDirAuthority)
type |= V2_AUTHORITY | V3_AUTHORITY;
if (!options->AlternateHSAuthority)
type |= HIDSERV_AUTHORITY;
add_default_trusted_dir_authorities(type);
}
for (cl = options->DirServers; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 0)<0)
return -1;
for (cl = options->AlternateBridgeAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 0)<0)
return -1;
for (cl = options->AlternateDirAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 0)<0)
return -1;
for (cl = options->AlternateHSAuthority; cl; cl = cl->next)
if (parse_dir_server_line(cl->value, 0, 0)<0)
return -1;
return 0;
}
/** Fetch the active option list, and take actions based on it. All of the
......@@ -974,19 +1084,8 @@ options_act(or_options_t *old_options)
int running_tor = options->command == CMD_RUN_TOR;
char *msg;
if (options->DirServers) {
clear_trusted_dir_servers();
for (cl = options->DirServers; cl; cl = cl->next) {
if (parse_dir_server_line(cl->value, 0)<0) {
log_warn(LD_BUG,
"Previously validated DirServer line could not be added!");
return -1;
}
}
} else {
if (!smartlist_len(router_get_trusted_dir_servers()))
add_default_trusted_dirservers();
}
if (consider_adding_dir_authorities(options, old_options) < 0)
return -1;
if (options->Bridges) {
clear_bridge_list();
......@@ -2035,7 +2134,7 @@ resolve_my_address(int warn_severity, or_options_t *options,
if (is_internal_IP(ntohl(in.s_addr), 0) &&
options->_PublishServerDescriptor) {
/* make sure we're ok with publishing an internal IP */
if (!options->DirServers) {
if (!options->DirServers && !options->AlternateDirAuthority) {
/* if they are using the default dirservers, disallow internal IPs
* always. */
log_fn(warn_severity, LD_CONFIG,
......@@ -3011,20 +3110,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
return -1;
}
if (options->DirServers) {
if (!old_options ||
!config_lines_eq(options->DirServers, old_options->DirServers))
COMPLAIN("You have used DirServer to specify directory authorities in "
"your configuration. This is potentially dangerous: it can "
"make you look different from all other Tor users, and hurt "
"your anonymity. Even if you've specified the same "
"authorities as Tor uses by default, the defaults could "
"change in the future. Be sure you know what you're doing.");
for (cl = options->DirServers; cl; cl = cl->next) {
if (parse_dir_server_line(cl->value, 1)<0)
REJECT("DirServer line did not parse. See logs for details.");
}
}
if (validate_dir_authorities(options, old_options) < 0)
REJECT("Directory authority line did not parse. See logs for details.");
if (options->UseBridges && !options->Bridges)
REJECT("If you set UseBridges, you must specify at least one bridge.");
......@@ -3790,10 +3877,13 @@ parse_bridge_line(const char *line, int validate_only)
/** Read the contents of a DirServer line from <b>line</b>. Return 0
* if the line is well-formed, and -1 if it isn't. If
* <b>validate_only</b> is 0, and the line is well-formed, then add
* the dirserver described in the line as a valid authority. */
* <b>validate_only</b> is 0, and the line is well-formed, and it
* shares any bits with <b>required_type</b> or <b>required_type</b>
* is 0, then add the dirserver described in the line (minus whatever
* bits it's missing) as a valid authority. */
static int
parse_dir_server_line(const char *line, int validate_only)
parse_dir_server_line(const char *line, authority_type_t required_type,
int validate_only)
{
smartlist_t *items = NULL;
int r;
......@@ -3893,10 +3983,12 @@ parse_dir_server_line(const char *line, int validate_only)
goto err;
}
if (!validate_only) {
log_debug(LD_DIR, "Trusted dirserver at %s:%d (%s)", address,
(int)dir_port,
(char*)smartlist_get(items,0));
if (!validate_only && (!required_type || required_type & type)) {
if (required_type)
type &= required_type; /* pare down what we think of them as an
* authority for. */
log_debug(LD_DIR, "Trusted %d dirserver at %s:%d (%s)", (int)type,
address, (int)dir_port, (char*)smartlist_get(items,0));
add_trusted_dir_server(nickname, address, dir_port, or_port, digest,
v3_digest, type);
}
......
......@@ -2189,8 +2189,21 @@ typedef struct {
uint16_t HttpsProxyPort; /**< Parsed port for https proxy, if any */
char *HttpsProxyAuthenticator; /**< username:password string, if any */
config_line_t *DirServers; /**< List of configuration lines
* for directory servers. */
/** List of configuration lines for replacement directory authorities.
* If you just want to replace one class of authority at a time,
* use the "Alternate*Authority" options below instead. */
config_line_t *DirServers;
/** If set, use these main (currently v3) directory authorities and
* not the default ones. */
config_line_t *AlternateDirAuthority;
/** If set, use these bridge authorities and not the default one. */
config_line_t *AlternateBridgeAuthority;
/** If set, use these HS authorities and not the default ones. */
config_line_t *AlternateHSAuthority;
char *MyFamily; /**< Declared family for this OR. */
config_line_t *NodeFamilies; /**< List of config lines for
* node families */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment