[tor-commits] [tor/master] Remove the AuthDirRejectUnlisted config option
nickm at torproject.org
nickm at torproject.org
Tue Sep 9 15:52:11 UTC 2014
commit 10fe5bad9aaf326b925092883b856f64f8dca478
Author: Sebastian Hahn <sebastian at torproject.org>
Date: Thu Sep 4 06:25:38 2014 +0200
Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
---
changes/bug12899 | 4 ++++
doc/tor.1.txt | 6 ------
src/or/config.c | 2 +-
src/or/dirserv.c | 6 ------
src/or/or.h | 2 --
5 files changed, 5 insertions(+), 15 deletions(-)
diff --git a/changes/bug12899 b/changes/bug12899
new file mode 100644
index 0000000..eb7c90d
--- /dev/null
+++ b/changes/bug12899
@@ -0,0 +1,4 @@
+ o Removed features:
+ - The "AuthDirRejectUnlisted" option no longer has any effect, as
+ the fingerprints file (approved-routers) has been deprecated.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a997bc3..3284b94 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1943,12 +1943,6 @@ on the public Tor network.
1 unless you plan to list non-functioning exits as bad; otherwise, you are
effectively voting in favor of every declared exit as an exit.)
-[[AuthDirRejectUnlisted]] **AuthDirRejectUnlisted** **0**|**1**::
- Authoritative directories only. If set to 1, the directory server rejects
- all uploaded server descriptors that aren't explicitly listed in the
- fingerprints file. This acts as a "panic button" if we get hit with a Sybil
- attack. (Default: 0)
-
[[AuthDirMaxServersPerAddr]] **AuthDirMaxServersPerAddr** __NUM__::
Authoritative directories only. The maximum number of servers that we will
list as acceptable on a single IP address. Set this to "0" for "no limit".
diff --git a/src/or/config.c b/src/or/config.c
index 7800ec1..ea7d728 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -150,7 +150,7 @@ static config_var_t option_vars_[] = {
V(AuthDirGuardBWGuarantee, MEMUNIT, "2 MB"),
V(AuthDirReject, LINELIST, NULL),
V(AuthDirRejectCCs, CSV, ""),
- V(AuthDirRejectUnlisted, BOOL, "0"),
+ OBSOLETE("AuthDirRejectUnlisted"),
V(AuthDirListBadDirs, BOOL, "0"),
V(AuthDirListBadExits, BOOL, "0"),
V(AuthDirMaxServersPerAddr, UINT, "2"),
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 8395c2e..00b282d 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -362,7 +362,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
const char *platform, const char *contact,
const char **msg, int should_log)
{
- int reject_unlisted = get_options()->AuthDirRejectUnlisted;
uint32_t result;
router_status_t *status_by_digest;
@@ -458,11 +457,6 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
nickname, fmt_addr32(addr));
result |= FP_INVALID;
}
- if (reject_unlisted) {
- if (msg)
- *msg = "Authdir rejects unknown routers.";
- return FP_REJECT;
- }
}
return result;
diff --git a/src/or/or.h b/src/or/or.h
index 3683607..207c70d 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3768,8 +3768,6 @@ typedef struct {
* and vote for all other dir mirrors as good. */
int AuthDirListBadExits; /**< True iff we should list bad exits,
* and vote for all other exits as good. */
- int AuthDirRejectUnlisted; /**< Boolean: do we reject all routers that
- * aren't named in our fingerprint file? */
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
* number of servers per IP address. */
int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
More information about the tor-commits
mailing list