Loading src/core/or/protover.c +112 −1 Original line number Diff line number Diff line Loading @@ -384,8 +384,13 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } /* * XXX START OF HAZARDOUS ZONE XXX */ /** Return the canonical string containing the list of protocols * that we support. */ * that we support. **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) Loading @@ -395,6 +400,38 @@ protover_get_supported_protocols(void) * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you * are editing this list. */ /* * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, * you'll cause all the instances without it to warn. * * If you remove an entry while it still appears as "required" in the * consensus, you'll cause all the instances without it to refuse to connect * to the network, and shut down. * * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * * Suppose that the client supports protocols "HsDir=1-2" and the consensus * requires protocols "HsDir=1-2. If the client supported protocol list is * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ return "Cons=1-2 " "Desc=1-2 " Loading @@ -414,6 +451,80 @@ protover_get_supported_protocols(void) "Relay=1-3"; } /* * XXX: WARNING! * * The recommended and required values are hardwired, to avoid disaster. Voting * on the wrong subprotocols here has the potential to take down the network. * * In particular, you need to be EXTREMELY CAREFUL before adding new versions * to the required protocol list. Doing so will cause every relay or client * that doesn't support those versions to refuse to connect to the network and * shut down. * * Note that this applies to versions, not just protocols! If you say that * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. * * It is okay to do this only for SUPER OLD relays that are not supported on * the network anyway. For clients, we really shouldn't kick them off the * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the * supported list above is changed, so that these lists appear in the * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * * XXX: WARNING! */ /* * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define * that can either set "1" or "1,3" and so we can't enforce one or the other * due to this uncertainty on how tor was built. */ /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_relay_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the required client protocols list that directory authorities * put in the consensus. */ const char * protover_get_required_client_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the required relay protocols list that directory authorities * put in the consensus. */ const char * protover_get_required_relay_protocols(void) { return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=3-4 Microdesc=1 Relay=1-2"; } /* * XXX END OF HAZARDOUS ZONE XXX */ /** The protocols from protover_get_supported_protocols(), as parsed into a * list of proto_entry_t values. Access this via * get_supported_protocol_list. */ Loading src/core/or/protover.h +4 −0 Original line number Diff line number Diff line Loading @@ -73,6 +73,10 @@ bool protover_list_is_invalid(const char *s); int protover_all_supported(const char *s, char **missing); int protover_is_supported_here(protocol_type_t pr, uint32_t ver); const char *protover_get_supported_protocols(void); const char *protover_get_recommended_client_protocols(void); const char *protover_get_recommended_relay_protocols(void); const char *protover_get_required_client_protocols(void); const char *protover_get_required_relay_protocols(void); char *protover_compute_vote(const struct smartlist_t *list_of_proto_strings, int threshold); Loading src/feature/dirauth/dirvote.c +5 −7 Original line number Diff line number Diff line Loading @@ -4782,16 +4782,14 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; /* These are hardwired, to avoid disaster. */ v3_out->recommended_relay_protocols = tor_strdup(DIRVOTE_RECOMMEND_RELAY_PROTO); tor_strdup(protover_get_recommended_relay_protocols()); v3_out->recommended_client_protocols = tor_strdup(DIRVOTE_RECOMMEND_CLIENT_PROTO); v3_out->required_relay_protocols = tor_strdup(DIRVOTE_REQUIRE_RELAY_PROTO); tor_strdup(protover_get_recommended_client_protocols()); v3_out->required_client_protocols = tor_strdup(DIRVOTE_REQUIRE_CLIENT_PROTO); tor_strdup(protover_get_required_client_protocols()); v3_out->required_relay_protocols = tor_strdup(protover_get_required_relay_protocols()); /* We are not allowed to vote to require anything we don't have. */ tor_assert(protover_all_supported(v3_out->required_relay_protocols, NULL)); Loading Loading
src/core/or/protover.c +112 −1 Original line number Diff line number Diff line Loading @@ -384,8 +384,13 @@ protocol_list_supports_protocol_or_later(const char *list, return contains; } /* * XXX START OF HAZARDOUS ZONE XXX */ /** Return the canonical string containing the list of protocols * that we support. */ * that we support. **/ /// C_RUST_COUPLED: src/rust/protover/protover.rs `SUPPORTED_PROTOCOLS` const char * protover_get_supported_protocols(void) Loading @@ -395,6 +400,38 @@ protover_get_supported_protocols(void) * Remember to edit the SUPPORTED_PROTOCOLS list in protover.rs if you * are editing this list. */ /* * XXX: WARNING! * * Be EXTREMELY CAREFUL when *removing* versions from this list. If you * remove an entry while it still appears as "recommended" in the consensus, * you'll cause all the instances without it to warn. * * If you remove an entry while it still appears as "required" in the * consensus, you'll cause all the instances without it to refuse to connect * to the network, and shut down. * * If you need to remove a version from this list, you need to make sure that * it is not listed in the _current consensuses_: just removing it from the * required list below is NOT ENOUGH. You need to remove it from the * required list, and THEN let the authorities upgrade and vote on new * consensuses without it. Only once those consensuses are out is it safe to * remove from this list. * * One concrete example of a very dangerous race that could occur: * * Suppose that the client supports protocols "HsDir=1-2" and the consensus * requires protocols "HsDir=1-2. If the client supported protocol list is * then changed to "HSDir=2", while the consensus stills lists "HSDir=1-2", * then these clients, even very recent ones, will shut down because they * don't support "HSDir=1". * * And so, changes need to be done in strict sequence as described above. * * XXX: WARNING! */ return "Cons=1-2 " "Desc=1-2 " Loading @@ -414,6 +451,80 @@ protover_get_supported_protocols(void) "Relay=1-3"; } /* * XXX: WARNING! * * The recommended and required values are hardwired, to avoid disaster. Voting * on the wrong subprotocols here has the potential to take down the network. * * In particular, you need to be EXTREMELY CAREFUL before adding new versions * to the required protocol list. Doing so will cause every relay or client * that doesn't support those versions to refuse to connect to the network and * shut down. * * Note that this applies to versions, not just protocols! If you say that * Foobar=8-9 is required, and the client only has Foobar=9, it will shut down. * * It is okay to do this only for SUPER OLD relays that are not supported on * the network anyway. For clients, we really shouldn't kick them off the * network unless their presence is causing serious active harm. * * The following required and recommended lists MUST be changed BEFORE the * supported list above is changed, so that these lists appear in the * consensus BEFORE clients need them. * * Please, see the warning in protocol_get_supported_versions(). * * XXX: WARNING! */ /* * NOTE: A keen observer will notice that "LinkAuth" is not recommended nor * required. This is due to the HAVE_WORKING_TOR_TLS_GET_TLSSECRETS define * that can either set "1" or "1,3" and so we can't enforce one or the other * due to this uncertainty on how tor was built. */ /** Return the recommended client protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_client_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the recommended relay protocols list that directory authorities * put in the consensus. */ const char * protover_get_recommended_relay_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the required client protocols list that directory authorities * put in the consensus. */ const char * protover_get_required_client_protocols(void) { return "Cons=1-2 Desc=1-2 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=4 Microdesc=1-2 Relay=2"; } /** Return the required relay protocols list that directory authorities * put in the consensus. */ const char * protover_get_required_relay_protocols(void) { return "Cons=1 Desc=1 DirCache=1 HSDir=1 HSIntro=3 HSRend=1 " "Link=3-4 Microdesc=1 Relay=1-2"; } /* * XXX END OF HAZARDOUS ZONE XXX */ /** The protocols from protover_get_supported_protocols(), as parsed into a * list of proto_entry_t values. Access this via * get_supported_protocol_list. */ Loading
src/core/or/protover.h +4 −0 Original line number Diff line number Diff line Loading @@ -73,6 +73,10 @@ bool protover_list_is_invalid(const char *s); int protover_all_supported(const char *s, char **missing); int protover_is_supported_here(protocol_type_t pr, uint32_t ver); const char *protover_get_supported_protocols(void); const char *protover_get_recommended_client_protocols(void); const char *protover_get_recommended_relay_protocols(void); const char *protover_get_required_client_protocols(void); const char *protover_get_required_relay_protocols(void); char *protover_compute_vote(const struct smartlist_t *list_of_proto_strings, int threshold); Loading
src/feature/dirauth/dirvote.c +5 −7 Original line number Diff line number Diff line Loading @@ -4782,16 +4782,14 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key, v3_out->client_versions = client_versions; v3_out->server_versions = server_versions; /* These are hardwired, to avoid disaster. */ v3_out->recommended_relay_protocols = tor_strdup(DIRVOTE_RECOMMEND_RELAY_PROTO); tor_strdup(protover_get_recommended_relay_protocols()); v3_out->recommended_client_protocols = tor_strdup(DIRVOTE_RECOMMEND_CLIENT_PROTO); v3_out->required_relay_protocols = tor_strdup(DIRVOTE_REQUIRE_RELAY_PROTO); tor_strdup(protover_get_recommended_client_protocols()); v3_out->required_client_protocols = tor_strdup(DIRVOTE_REQUIRE_CLIENT_PROTO); tor_strdup(protover_get_required_client_protocols()); v3_out->required_relay_protocols = tor_strdup(protover_get_required_relay_protocols()); /* We are not allowed to vote to require anything we don't have. */ tor_assert(protover_all_supported(v3_out->required_relay_protocols, NULL)); Loading
