Commit 66e610da authored by Nick Mathewson's avatar Nick Mathewson 👁
Browse files

Mark a big pile of options as deprecated.

parent e6220ccb
......@@ -588,6 +588,44 @@ static const config_var_t testing_tor_network_defaults[] = {
#undef V
#undef OBSOLETE
static const config_deprecation_t option_deprecation_notes_[] = {
{ "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
"a wide variety of application-level attacks." },
{ "AllowInvalidNodes", "There is no reason to enable this option; at best "
"it will make you easier to track." },
{ "AllowSingleHopCircuits", "Almost no relays actually allow single-hop "
"exits, making this option pointless." },
{ "AllowSingleHopExits", "Turning this on will make your relay easier "
"to abuse." },
{ "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
"easier to fingerprint, and may open you to esoteric attacks." },
{ "ExcludeSingleHopRelays", "Turning it on makes your client easier to "
"fingerprint." },
{ "FastFirstHopPK", "Changing this option does not make your client more "
"secure, but does make it easier to fingerprint." },
{ "CloseHSClientCircutisImmediatelyOnTimeout", "This option makes your "
"client easier to fingerprint." },
{ "CloseHSServiceRendircutisImmediatelyOnTimeout", "This option makes "
"your hidden services easier to fingerprint." },
{ "WarnUnsafeSocks", "Changing this option makes it easier for you "
"to accidentally lose your anonymity by leaking DNS information" },
{ "TLSECGroup", "The default is a nice secure choice; the other option "
"is less secure." },
{ "UseNTorHandshake", "The ntor handshake should always be used." },
{ "ControlListenAddress", "Use ControlPort instead." },
{ "DirListenAddress", "Use DirPort instead, possibly with the "
"NoAdvertise sub-option" },
{ "DNSListenAddress", "Use DNSPort instead." },
{ "SocksListenAddress", "Use SocksPort instead." },
{ "TransListenAddress", "Use TransPort instead." },
{ "NATDListenAddress", "Use NATDPort instead." },
{ "ORListenAddress", "Use ORPort instead, possibly with the "
"NoAdvertise sub-option" },
{ NULL, NULL }
};
#ifdef _WIN32
static char *get_windows_conf_root(void);
#endif
......@@ -636,7 +674,7 @@ STATIC config_format_t options_format = {
OR_OPTIONS_MAGIC,
STRUCT_OFFSET(or_options_t, magic_),
option_abbrevs_,
NULL,
option_deprecation_notes_,
option_vars_,
options_validate_cb,
NULL
......
......@@ -192,7 +192,7 @@ config_find_deprecation(const config_format_t *fmt, const char *key)
if (fmt->deprecations == NULL)
return NULL;
config_deprecation_t *d;
const config_deprecation_t *d;
for (d = fmt->deprecations; d->name; ++d) {
if (!strcasecmp(d->name, key)) {
return d->why_deprecated ? d->why_deprecated : "";
......@@ -486,10 +486,11 @@ config_mark_lists_fragile(const config_format_t *fmt, void *options)
void
warn_deprecated_option(const char *what, const char *why)
{
const char *space = (why && strlen(why)) ? " " : "";
log_warn(LD_CONFIG, "The %s option is deprecated, and will most likely "
"be removed in a future version of Tor.%s (If you think this is "
"be removed in a future version of Tor.%s%s (If you think this is "
"a mistake, please let us know!)",
what, why);
what, space, why);
}
/** If <b>c</b> is a syntactically valid configuration line, update
......
......@@ -81,7 +81,7 @@ typedef struct config_format_t {
off_t magic_offset; /**< Offset of the magic value within the struct. */
config_abbrev_t *abbrevs; /**< List of abbreviations that we expand when
* parsing this format. */
config_deprecation_t *deprecations; /** List of deprecated options */
const config_deprecation_t *deprecations; /** List of deprecated options */
config_var_t *vars; /**< List of variables we recognize, their default
* values, and where we stick them in the structure. */
validate_fn_t validate_fn; /**< Function to validate config. */
......@@ -133,6 +133,5 @@ const char *config_expand_abbrev(const config_format_t *fmt,
int command_line, int warn_obsolete);
void warn_deprecated_option(const char *what, const char *why);
#endif
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment