[or-cvs] Add "panic" option to reject all servers not in fingerprint...

Nick Mathewson nickm at seul.org
Thu Dec 15 21:39:40 UTC 2005 

Update of /home/or/cvsroot/tor/src/or
In directory moria:/tmp/cvs-serv26157/src/or

Modified Files:
	config.c dirserv.c or.h 
Log Message:
Add "panic" option to reject all servers not in fingerprint list.

Index: config.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/config.c,v
retrieving revision 1.464
retrieving revision 1.465
diff -u -d -r1.464 -r1.465
--- config.c	14 Dec 2005 20:40:40 -0000	1.464
+++ config.c	15 Dec 2005 21:39:37 -0000	1.465
@@ -112,6 +112,7 @@
   VAR("AssumeReachable",     BOOL,     AssumeReachable,      "0"),
   VAR("AuthDirInvalid",      LINELIST, AuthDirInvalid,       NULL),
   VAR("AuthDirReject",       LINELIST, AuthDirReject,        NULL),
+  VAR("AuthDirRejectUnlisted",BOOL,    AuthDirRejectUnlisted,"0"),
   VAR("AuthoritativeDirectory",BOOL,   AuthoritativeDir,     "0"),
   VAR("BandwidthBurst",      MEMUNIT,  BandwidthBurst,       "5 MB"),
   VAR("BandwidthRate",       MEMUNIT,  BandwidthRate,        "2 MB"),

Index: dirserv.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/dirserv.c,v
retrieving revision 1.281
retrieving revision 1.282
diff -u -d -r1.281 -r1.282
--- dirserv.c	15 Dec 2005 21:30:57 -0000	1.281
+++ dirserv.c	15 Dec 2005 21:39:38 -0000	1.282
@@ -280,6 +280,7 @@
                         const char **msg, int should_log)
 {
   fingerprint_entry_t *nn_ent = NULL, *fp_ent = NULL;
+  int reject_unlisted = get_options()->AuthDirRejectUnlisted;
   if (!fingerprint_list)
     fingerprint_list = smartlist_create();
 
@@ -327,7 +328,7 @@
       return FP_INVALID;
     }
     if (!platform || tor_version_as_new_as(platform,"0.1.0.2-rc"))
-      return FP_VALID;
+      return reject_unlisted ? FP_REJECT : FP_VALID;
     else
       return FP_INVALID;
     if (should_log)

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.761
retrieving revision 1.762
diff -u -d -r1.761 -r1.762
--- or.h	15 Dec 2005 21:30:57 -0000	1.761
+++ or.h	15 Dec 2005 21:39:38 -0000	1.762
@@ -1315,6 +1315,8 @@
                                  * reject. */
   config_line_t *AuthDirInvalid; /**< Address policy for descriptors to
                                   * never mark as valid. */
+  int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
+                              * aren't named in our fingprint file? */
   char *AccountingStart; /**< How long is the accounting interval, and when
                           * does it start? */
   uint64_t AccountingMax; /**< How many bytes do we allow per accounting

More information about the tor-commits mailing list