[proposal 136] Re: Proposal: Simplify Configuration of Private Tor Networks
Nick Mathewson
nickm at freehaven.net
Thu May 15 21:17:14 UTC 2008
On Thu, May 15, 2008 at 09:24:05PM +0200, Karsten Loesing wrote:
[...]
> | Sounds good, but DirTimeToLearnReachability would probably be a better
> | name. I don't think that it needs to be conditioned on
> | PrivateTorNetwork, though: the affect of an authority setting it badly
> | is not "voting fails" but "the authority gets confused and outvoted."
>
> Sure, I can change the name. But is it useful to change this value on a
> directory authority in the public network?
Hm. I think what we really want to do is instrument an authority to
figure out how long it *really* takes to converge on a view of
routers' statuses; the 30 minute figure was never more than an
estimate that happened to work okay: it may be that a longer or
shorter window would be more reasonable.
But yeah, point taken. No reason to expose this for non-testing cases.
> | Also, you should define the semantics for
> | specifying TestingTorNetwork *and* a specifying a value for one of
> | these options, as in:
> | TestingTorNetwork 1
> | DirAllowPrivateAddresses 0
> | I think that the more specific option should take precedence.
>
> Right. The implementation might require some code magic as I mentioned
> in the patch:
>
> /* TODO It should be possible to override those values that are set by
> ~ * "PrivateTorNetwork 1" with the original default values (or even some
> ~ * other value). Idea: Change default values of these configuration
> ~ * options to invalid value, e.g. -1, in order to distinguish default
> ~ * values (then -1) from overridden values, e.g. 0. Requires to safely
> ~ * change all -1 values back to the actual default values afterwards! Is
> ~ * this a hack? Well, of course it is, but is there a better way to
> ~ * achieve the same goal? -KL */
It's kind of an ugly hack too.
What about having a preprocessing step on the options list that
expands PrivateTorNetwork 1 into the entire list of options it
implies? It's not an error to specify an option twice; when you do,
the second takes precedence.
This would mean that RESETCONF wouldn't do the right thing, though.
Perhaps a hack like the one in weasel's debian-tor user patch would
handle that better. It's still a hack, but not a totally insane hack.
More elegant (maybe) would be a more generic default mechanism that
supported stuff like this by design.
yrs,
--
Nick
More information about the tor-dev
mailing list