mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2025-02-24 14:51:11 +01:00
Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming system from Tor. In its wake, the approved-routers file is being deprecated, and a replacement option to allow only pre-approved routers is not being implemented.
This commit is contained in:
parent
54348201f7
commit
10fe5bad9a
5 changed files with 5 additions and 15 deletions
4
changes/bug12899
Normal file
4
changes/bug12899
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
o Removed features:
|
||||||
|
- The "AuthDirRejectUnlisted" option no longer has any effect, as
|
||||||
|
the fingerprints file (approved-routers) has been deprecated.
|
||||||
|
|
|
@ -1943,12 +1943,6 @@ on the public Tor network.
|
||||||
1 unless you plan to list non-functioning exits as bad; otherwise, you are
|
1 unless you plan to list non-functioning exits as bad; otherwise, you are
|
||||||
effectively voting in favor of every declared exit as an exit.)
|
effectively voting in favor of every declared exit as an exit.)
|
||||||
|
|
||||||
[[AuthDirRejectUnlisted]] **AuthDirRejectUnlisted** **0**|**1**::
|
|
||||||
Authoritative directories only. If set to 1, the directory server rejects
|
|
||||||
all uploaded server descriptors that aren't explicitly listed in the
|
|
||||||
fingerprints file. This acts as a "panic button" if we get hit with a Sybil
|
|
||||||
attack. (Default: 0)
|
|
||||||
|
|
||||||
[[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
|
[[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
|
||||||
Authoritative directories only. The maximum number of servers that we will
|
Authoritative directories only. The maximum number of servers that we will
|
||||||
list as acceptable on a single IP address. Set this to "0" for "no limit".
|
list as acceptable on a single IP address. Set this to "0" for "no limit".
|
||||||
|
|
|
@ -150,7 +150,7 @@ static config_var_t option_vars_[] = {
|
||||||
V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"),
|
V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"),
|
||||||
V(AuthDirReject, LINELIST, NULL),
|
V(AuthDirReject, LINELIST, NULL),
|
||||||
V(AuthDirRejectCCs, CSV, ""),
|
V(AuthDirRejectCCs, CSV, ""),
|
||||||
V(AuthDirRejectUnlisted, BOOL, "0"),
|
OBSOLETE("AuthDirRejectUnlisted"),
|
||||||
V(AuthDirListBadDirs, BOOL, "0"),
|
V(AuthDirListBadDirs, BOOL, "0"),
|
||||||
V(AuthDirListBadExits, BOOL, "0"),
|
V(AuthDirListBadExits, BOOL, "0"),
|
||||||
V(AuthDirMaxServersPerAddr, UINT, "2"),
|
V(AuthDirMaxServersPerAddr, UINT, "2"),
|
||||||
|
|
|
@ -362,7 +362,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
|
||||||
const char *platform, const char *contact,
|
const char *platform, const char *contact,
|
||||||
const char **msg, int should_log)
|
const char **msg, int should_log)
|
||||||
{
|
{
|
||||||
int reject_unlisted = get_options()->AuthDirRejectUnlisted;
|
|
||||||
uint32_t result;
|
uint32_t result;
|
||||||
router_status_t *status_by_digest;
|
router_status_t *status_by_digest;
|
||||||
|
|
||||||
|
@ -458,11 +457,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
|
||||||
nickname, fmt_addr32(addr));
|
nickname, fmt_addr32(addr));
|
||||||
result |= FP_INVALID;
|
result |= FP_INVALID;
|
||||||
}
|
}
|
||||||
if (reject_unlisted) {
|
|
||||||
if (msg)
|
|
||||||
*msg = "Authdir rejects unknown routers.";
|
|
||||||
return FP_REJECT;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return result;
|
return result;
|
||||||
|
|
|
@ -3768,8 +3768,6 @@ typedef struct {
|
||||||
* and vote for all other dir mirrors as good. */
|
* and vote for all other dir mirrors as good. */
|
||||||
int AuthDirListBadExits; /**< True iff we should list bad exits,
|
int AuthDirListBadExits; /**< True iff we should list bad exits,
|
||||||
* and vote for all other exits as good. */
|
* and vote for all other exits as good. */
|
||||||
int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
|
|
||||||
* aren't named in our fingerprint file? */
|
|
||||||
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
|
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
|
||||||
* number of servers per IP address. */
|
* number of servers per IP address. */
|
||||||
int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
|
int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
|
||||||
|
|
Loading…
Add table
Reference in a new issue