Merge branch 'dgoulet_ticket22060_031_01_squashed'
This commit is contained in:
commit
2a1013948d
|
@ -0,0 +1,27 @@
|
|||
o Remove configuration option (confic):
|
||||
- AllowInvalidNodes was deprecated in 0.2.9.2-alpha and now has been
|
||||
removed. It is not possible anymore to use Invalid nodes.
|
||||
- AllowSingleHopCircuits was deprecated in 0.2.9.2-alpha and now has been
|
||||
removed. It's not possible anymore to attach streams to single hop exit
|
||||
circuit.
|
||||
- AllowSingleHopExits was deprecated in 0.2.9.2-alpha and now has been
|
||||
removed. Relays no longer advertise that they can be used for single hop
|
||||
exit proxy.
|
||||
- ExcludeSingleHopRelays was deprecated in 0.2.9.2-alpha and now has been
|
||||
removed. Client will always exclude relays that supports single hop
|
||||
exits meaning relays that still advertise AllowSingleHopExits.
|
||||
- FastFirstHopPK was deprecated in 0.2.9.2-alpha and now has been removed.
|
||||
Decision for this feature will always be decided by the consensus.
|
||||
- CloseHSClientCircuitsImmediatelyOnTimeout was deprecated in
|
||||
0.2.9.2-alpha and now has been removed. HS circuits never close on
|
||||
circuit build timeout, they have a longer timeout period.
|
||||
- CloseHSServiceRendCircuitsImmediatelyOnTimeout was deprecated in
|
||||
0.2.9.2-alpha and now has been removed. HS circuits never close on
|
||||
circuit build timeout, they have a long timeout period.
|
||||
- WarnUnsafeSocks was deprecated in 0.2.9.2-alpha and now has been
|
||||
removed. Tor will now always warn the user if only an IP address is
|
||||
given instead of an hostname on a SOCKS connection if SafeSocks is 1.
|
||||
- TLSECGroup was deprecated in 0.2.9.2-alpha and now has been removed.
|
||||
P256 EC group is always used.
|
||||
- {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress was deprecated in
|
||||
0.2.9.2-alpha and now has been removed. Use the ORPort (and others).
|
138
doc/tor.1.txt
138
doc/tor.1.txt
|
@ -341,14 +341,6 @@ GENERAL OPTIONS
|
|||
Unix domain sockets only: Do not insist that the directory
|
||||
that holds the socket be read-restricted.
|
||||
|
||||
[[ControlListenAddress]] **ControlListenAddress** __IP__[:__PORT__]::
|
||||
Bind the controller listener to this address. If you specify a port, bind
|
||||
to this port rather than the one specified in ControlPort. We strongly
|
||||
recommend that you leave this alone unless you know what you're doing,
|
||||
since giving attackers access to your control listener is really
|
||||
dangerous. This directive can be specified multiple
|
||||
times to bind to multiple addresses/ports. (Default: 127.0.0.1)
|
||||
|
||||
[[ControlSocket]] **ControlSocket** __Path__::
|
||||
Like ControlPort, but listens on a Unix domain socket, rather than a TCP
|
||||
socket. '0' disables ControlSocket (Unix and Unix-like systems only.)
|
||||
|
@ -772,23 +764,7 @@ CLIENT OPTIONS
|
|||
The following options are useful only for clients (that is, if
|
||||
**SocksPort**, **TransPort**, **DNSPort**, or **NATDPort** is non-zero):
|
||||
|
||||
[[AllowInvalidNodes]] **AllowInvalidNodes** **entry**|**exit**|**middle**|**introduction**|**rendezvous**|**...**::
|
||||
If some Tor servers are obviously not working right, the directory
|
||||
authorities can manually mark them as invalid, meaning that it's not
|
||||
recommended you use them for entry or exit positions in your circuits. You
|
||||
can opt to use them in some circuit positions, though. The default is
|
||||
"middle,rendezvous", and other choices are not advised.
|
||||
|
||||
[[ExcludeSingleHopRelays]] **ExcludeSingleHopRelays** **0**|**1**::
|
||||
This option controls whether circuits built by Tor will include relays with
|
||||
the AllowSingleHopExits flag set to true. If ExcludeSingleHopRelays is set
|
||||
to 0, these relays will be included. Note that these relays might be at
|
||||
higher risk of being seized or observed, so they are not normally
|
||||
included. Also note that relatively few clients turn off this option,
|
||||
so using these relays might make your client stand out.
|
||||
(Default: 1)
|
||||
|
||||
[[Bridge]] **Bridge** [__transport__] __IP__:__ORPort__ [__fingerprint__] [__key__=__val__...]::
|
||||
[[Bridge]] **Bridge** [__transport__] __IP__:__ORPort__ [__fingerprint__]::
|
||||
When set along with UseBridges, instructs Tor to use the relay at
|
||||
"IP:ORPort" as a "bridge" relaying into the Tor network. If "fingerprint"
|
||||
is provided (using the same format as for DirAuthority), we will verify that
|
||||
|
@ -1006,24 +982,6 @@ The following options are useful only for clients (that is, if
|
|||
services can be configured to require authorization using the
|
||||
**HiddenServiceAuthorizeClient** option.
|
||||
|
||||
[[CloseHSClientCircuitsImmediatelyOnTimeout]] **CloseHSClientCircuitsImmediatelyOnTimeout** **0**|**1**::
|
||||
If 1, Tor will close unfinished hidden service client circuits
|
||||
which have not moved closer to connecting to their destination
|
||||
hidden service when their internal state has not changed for the
|
||||
duration of the current circuit-build timeout. Otherwise, such
|
||||
circuits will be left open, in the hope that they will finish
|
||||
connecting to their destination hidden services. In either case,
|
||||
another set of introduction and rendezvous circuits for the same
|
||||
destination hidden service will be launched. (Default: 0)
|
||||
|
||||
[[CloseHSServiceRendCircuitsImmediatelyOnTimeout]] **CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
|
||||
If 1, Tor will close unfinished hidden-service-side rendezvous
|
||||
circuits after the current circuit-build timeout. Otherwise, such
|
||||
circuits will be left open, in the hope that they will finish
|
||||
connecting to their destinations. In either case, another
|
||||
rendezvous circuit for the same destination client will be
|
||||
launched. (Default: 0)
|
||||
|
||||
[[LongLivedPorts]] **LongLivedPorts** __PORTS__::
|
||||
A list of ports for services that tend to have long-running connections
|
||||
(e.g. chat and interactive shells). Circuits for streams that use these
|
||||
|
@ -1224,16 +1182,6 @@ The following options are useful only for clients (that is, if
|
|||
line is used, and all earlier flags are ignored. No error is issued for
|
||||
conflicting flags.
|
||||
|
||||
[[SocksListenAddress]] **SocksListenAddress** __IP__[:__PORT__]::
|
||||
Bind to this address to listen for connections from Socks-speaking
|
||||
applications. (Default: 127.0.0.1) You can also specify a port (e.g.
|
||||
192.168.0.1:9100). This directive can be specified multiple times to bind
|
||||
to multiple addresses/ports. (DEPRECATED: As of 0.2.3.x-alpha, you can
|
||||
now use multiple SocksPort entries, and provide addresses for SocksPort
|
||||
entries, so SocksListenAddress no longer has a purpose. For backward
|
||||
compatibility, SocksListenAddress is only allowed when SocksPort is just
|
||||
a port number.)
|
||||
|
||||
[[SocksPolicy]] **SocksPolicy** __policy__,__policy__,__...__::
|
||||
Set an entrance policy for this server, to limit who can connect to the
|
||||
SocksPort and DNSPort ports. The policies have the same form as exit
|
||||
|
@ -1332,12 +1280,6 @@ The following options are useful only for clients (that is, if
|
|||
helps to determine whether an application using Tor is possibly leaking
|
||||
DNS requests. (Default: 0)
|
||||
|
||||
[[WarnUnsafeSocks]] **WarnUnsafeSocks** **0**|**1**::
|
||||
When this option is enabled, Tor will warn whenever a request is
|
||||
received that only contains an IP address instead of a hostname. Allowing
|
||||
applications to do DNS resolves themselves is usually a bad idea and
|
||||
can leak your location to attackers. (Default: 1)
|
||||
|
||||
[[VirtualAddrNetworkIPv4]] **VirtualAddrNetworkIPv4** __Address__/__bits__ +
|
||||
|
||||
[[VirtualAddrNetworkIPv6]] **VirtualAddrNetworkIPv6** [__Address__]/__bits__::
|
||||
|
@ -1369,18 +1311,6 @@ The following options are useful only for clients (that is, if
|
|||
the node "foo". Disabled by default since attacking websites and exit
|
||||
relays can use it to manipulate your path selection. (Default: 0)
|
||||
|
||||
[[FastFirstHopPK]] **FastFirstHopPK** **0**|**1**|**auto**::
|
||||
When this option is disabled, Tor uses the public key step for the first
|
||||
hop of creating circuits. Skipping it is generally safe since we have
|
||||
already used TLS to authenticate the relay and to establish forward-secure
|
||||
keys. Turning this option off makes circuit building a little
|
||||
slower. Setting this option to "auto" takes advice from the authorities
|
||||
in the latest consensus about whether to use this feature. +
|
||||
+
|
||||
Note that Tor will always use the public key step for the first hop if it's
|
||||
operating as a relay, and it will never use the public key step if it
|
||||
doesn't yet know the onion key of the first hop. (Default: auto)
|
||||
|
||||
[[TransPort]] **TransPort** \['address':]__port__|**auto** [_isolation flags_]::
|
||||
Open this port to listen for transparent proxy connections. Set this to
|
||||
0 if you don't want to allow transparent proxy connections. Set the port
|
||||
|
@ -1391,17 +1321,7 @@ The following options are useful only for clients (that is, if
|
|||
TransPort requires OS support for transparent proxies, such as BSDs' pf or
|
||||
Linux's IPTables. If you're planning to use Tor as a transparent proxy for
|
||||
a network, you'll want to examine and change VirtualAddrNetwork from the
|
||||
default setting. You'll also want to set the TransListenAddress option for
|
||||
the network you'd like to proxy. (Default: 0)
|
||||
|
||||
[[TransListenAddress]] **TransListenAddress** __IP__[:__PORT__]::
|
||||
Bind to this address to listen for transparent proxy connections. (Default:
|
||||
127.0.0.1). This is useful for exporting a transparent proxy server to an
|
||||
entire network. (DEPRECATED: As of 0.2.3.x-alpha, you can
|
||||
now use multiple TransPort entries, and provide addresses for TransPort
|
||||
entries, so TransListenAddress no longer has a purpose. For backward
|
||||
compatibility, TransListenAddress is only allowed when TransPort is just
|
||||
a port number.)
|
||||
default setting. (Default: 0)
|
||||
|
||||
[[TransProxyType]] **TransProxyType** **default**|**TPROXY**|**ipfw**|**pf-divert**::
|
||||
TransProxyType may only be enabled when there is transparent proxy listener
|
||||
|
@ -1409,9 +1329,7 @@ The following options are useful only for clients (that is, if
|
|||
+
|
||||
Set this to "TPROXY" if you wish to be able to use the TPROXY Linux module
|
||||
to transparently proxy connections that are configured using the TransPort
|
||||
option. This setting lets the listener on the TransPort accept connections
|
||||
for all addresses, even when the TransListenAddress is configured for an
|
||||
internal address. Detailed information on how to configure the TPROXY
|
||||
option. Detailed information on how to configure the TPROXY
|
||||
feature can be found in the Linux kernel source tree in the file
|
||||
Documentation/networking/tproxy.txt. +
|
||||
+
|
||||
|
@ -1439,13 +1357,6 @@ The following options are useful only for clients (that is, if
|
|||
+
|
||||
This option is only for people who cannot use TransPort. (Default: 0)
|
||||
|
||||
[[NATDListenAddress]] **NATDListenAddress** __IP__[:__PORT__]::
|
||||
Bind to this address to listen for NATD connections. (DEPRECATED: As of
|
||||
0.2.3.x-alpha, you can now use multiple NATDPort entries, and provide
|
||||
addresses for NATDPort entries, so NATDListenAddress no longer has a
|
||||
purpose. For backward compatibility, NATDListenAddress is only allowed
|
||||
when NATDPort is just a port number.)
|
||||
|
||||
[[AutomapHostsOnResolve]] **AutomapHostsOnResolve** **0**|**1**::
|
||||
When this option is enabled, and we get a request to resolve an address
|
||||
that ends with one of the suffixes in **AutomapHostsSuffixes**, we map an
|
||||
|
@ -1466,13 +1377,6 @@ The following options are useful only for clients (that is, if
|
|||
addresses/ports. See SocksPort for an explanation of isolation
|
||||
flags. (Default: 0)
|
||||
|
||||
[[DNSListenAddress]] **DNSListenAddress** __IP__[:__PORT__]::
|
||||
Bind to this address to listen for DNS connections. (DEPRECATED: As of
|
||||
0.2.3.x-alpha, you can now use multiple DNSPort entries, and provide
|
||||
addresses for DNSPort entries, so DNSListenAddress no longer has a
|
||||
purpose. For backward compatibility, DNSListenAddress is only allowed
|
||||
when DNSPort is just a port number.)
|
||||
|
||||
[[ClientDNSRejectInternalAddresses]] **ClientDNSRejectInternalAddresses** **0**|**1**::
|
||||
If true, Tor does not believe any anonymously retrieved DNS answer that
|
||||
tells it that an address resolves to an internal address (like 127.0.0.1 or
|
||||
|
@ -1502,11 +1406,6 @@ The following options are useful only for clients (that is, if
|
|||
Like WarnPlaintextPorts, but instead of warning about risky port uses, Tor
|
||||
will instead refuse to make the connection. (Default: None)
|
||||
|
||||
[[AllowSingleHopCircuits]] **AllowSingleHopCircuits** **0**|**1**::
|
||||
When this option is set, the attached Tor controller can use relays
|
||||
that have the **AllowSingleHopExits** option turned on to build
|
||||
one-hop Tor connections. (Default: 0)
|
||||
|
||||
[[OptimisticData]] **OptimisticData** **0**|**1**|**auto**::
|
||||
When this option is set, and Tor is using an exit node that supports
|
||||
the feature, it will try optimistically to send data to the exit node
|
||||
|
@ -1699,13 +1598,6 @@ is non-zero):
|
|||
Tor client binds to. To bind to a different address, use the
|
||||
*ListenAddress and OutboundBindAddress options.
|
||||
|
||||
[[AllowSingleHopExits]] **AllowSingleHopExits** **0**|**1**::
|
||||
This option controls whether clients can use this server as a single hop
|
||||
proxy. If set to 1, clients can use this server as an exit even if it is
|
||||
the only hop in the circuit. Note that most clients will refuse to use
|
||||
servers that set this option, since most clients have
|
||||
ExcludeSingleHopRelays set. (Default: 0)
|
||||
|
||||
[[AssumeReachable]] **AssumeReachable** **0**|**1**::
|
||||
This option is used when bootstrapping a new Tor network. If set to 1,
|
||||
don't do self-reachability testing; just upload your server descriptor
|
||||
|
@ -1889,15 +1781,6 @@ is non-zero):
|
|||
For obvious reasons, NoAdvertise and NoListen are mutually exclusive, and
|
||||
IPv4Only and IPv6Only are mutually exclusive.
|
||||
|
||||
[[ORListenAddress]] **ORListenAddress** __IP__[:__PORT__]::
|
||||
Bind to this IP address to listen for connections from Tor clients and
|
||||
servers. If you specify a port, bind to this port rather than the one
|
||||
specified in ORPort. (Default: 0.0.0.0) This directive can be specified
|
||||
multiple times to bind to multiple addresses/ports. +
|
||||
+
|
||||
This option is deprecated; you can get the same behavior with ORPort now
|
||||
that it supports NoAdvertise and explicit addresses.
|
||||
|
||||
[[PortForwarding]] **PortForwarding** **0**|**1**::
|
||||
Attempt to automatically forward the DirPort and ORPort on a NAT router
|
||||
connecting this Tor server to the Internet. If set, Tor will try both
|
||||
|
@ -2049,12 +1932,6 @@ is non-zero):
|
|||
[[GeoIPv6File]] **GeoIPv6File** __filename__::
|
||||
A filename containing IPv6 GeoIP data, for use with by-country statistics.
|
||||
|
||||
[[TLSECGroup]] **TLSECGroup** **P224**|**P256**::
|
||||
What EC group should we try to use for incoming TLS connections?
|
||||
P224 is faster, but makes us stand out more. Has no effect if
|
||||
we're a client, or if our OpenSSL version lacks support for ECDHE.
|
||||
(Default: P256)
|
||||
|
||||
[[CellStatistics]] **CellStatistics** **0**|**1**::
|
||||
Relays only.
|
||||
When this option is enabled, Tor collects statistics about cell
|
||||
|
@ -2181,15 +2058,6 @@ details.)
|
|||
+
|
||||
The same flags are supported here as are supported by ORPort.
|
||||
|
||||
[[DirListenAddress]] **DirListenAddress** __IP__[:__PORT__]::
|
||||
Bind the directory service to this address. If you specify a port, bind to
|
||||
this port rather than the one specified in DirPort. (Default: 0.0.0.0)
|
||||
This directive can be specified multiple times to bind to multiple
|
||||
addresses/ports. +
|
||||
+
|
||||
This option is deprecated; you can get the same behavior with DirPort now
|
||||
that it supports NoAdvertise and explicit addresses.
|
||||
|
||||
[[DirPolicy]] **DirPolicy** __policy__,__policy__,__...__::
|
||||
Set an entrance policy for this server, to limit who can connect to the
|
||||
directory ports. The policies have the same form as exit policies above,
|
||||
|
|
|
@ -1319,7 +1319,7 @@ fetch_from_buf_http(buf_t *buf,
|
|||
|
||||
/**
|
||||
* Wait this many seconds before warning the user about using SOCKS unsafely
|
||||
* again (requires that WarnUnsafeSocks is turned on). */
|
||||
* again. */
|
||||
#define SOCKS_WARN_INTERVAL 5
|
||||
|
||||
/** Warn that the user application has made an unsafe socks request using
|
||||
|
@ -1331,9 +1331,6 @@ log_unsafe_socks_warning(int socks_protocol, const char *address,
|
|||
{
|
||||
static ratelim_t socks_ratelim = RATELIM_INIT(SOCKS_WARN_INTERVAL);
|
||||
|
||||
const or_options_t *options = get_options();
|
||||
if (! options->WarnUnsafeSocks)
|
||||
return;
|
||||
if (safe_socks) {
|
||||
log_fn_ratelim(&socks_ratelim, LOG_WARN, LD_APP,
|
||||
"Your application (using socks%d to port %d) is giving "
|
||||
|
|
|
@ -816,12 +816,7 @@ should_use_create_fast_for_circuit(origin_circuit_t *circ)
|
|||
* creating on behalf of others. */
|
||||
return 0;
|
||||
}
|
||||
if (options->FastFirstHopPK == -1) {
|
||||
/* option is "auto", so look at the consensus. */
|
||||
return networkstatus_get_param(NULL, "usecreatefast", 0, 0, 1);
|
||||
}
|
||||
|
||||
return options->FastFirstHopPK;
|
||||
return networkstatus_get_param(NULL, "usecreatefast", 0, 0, 1);
|
||||
}
|
||||
|
||||
/** Return true if <b>circ</b> is the type of circuit we want to count
|
||||
|
@ -1837,15 +1832,16 @@ choose_good_exit_server_general(int need_uptime, int need_capacity)
|
|||
* we'll retry later in this function with need_update and
|
||||
* need_capacity set to 0. */
|
||||
}
|
||||
if (!(node->is_valid || options->AllowInvalid_ & ALLOW_INVALID_EXIT)) {
|
||||
if (!(node->is_valid)) {
|
||||
/* if it's invalid and we don't want it */
|
||||
n_supported[i] = -1;
|
||||
// log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- invalid router.",
|
||||
// router->nickname, i);
|
||||
continue; /* skip invalid routers */
|
||||
}
|
||||
if (options->ExcludeSingleHopRelays &&
|
||||
node_allows_single_hop_exits(node)) {
|
||||
/* We do not allow relays that allow single hop exits by default. Option
|
||||
* was deprecated in 0.2.9.2-alpha and removed in 0.3.1.0-alpha. */
|
||||
if (node_allows_single_hop_exits(node)) {
|
||||
n_supported[i] = -1;
|
||||
continue;
|
||||
}
|
||||
|
@ -1977,7 +1973,6 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags,
|
|||
const or_options_t *options)
|
||||
{
|
||||
const node_t *rp_node = NULL;
|
||||
const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
|
||||
const int need_desc = (flags & CRN_NEED_DESC) != 0;
|
||||
const int pref_addr = (flags & CRN_PREF_ADDR) != 0;
|
||||
const int direct_conn = (flags & CRN_DIRECT_CONN) != 0;
|
||||
|
@ -1989,7 +1984,6 @@ pick_tor2web_rendezvous_node(router_crn_flags_t flags,
|
|||
|
||||
/* Add all running nodes to all_live_nodes */
|
||||
router_add_running_nodes_to_smartlist(all_live_nodes,
|
||||
allow_invalid,
|
||||
0, 0, 0,
|
||||
need_desc,
|
||||
pref_addr,
|
||||
|
@ -2031,9 +2025,6 @@ pick_rendezvous_node(router_crn_flags_t flags)
|
|||
{
|
||||
const or_options_t *options = get_options();
|
||||
|
||||
if (options->AllowInvalid_ & ALLOW_INVALID_RENDEZVOUS)
|
||||
flags |= CRN_ALLOW_INVALID;
|
||||
|
||||
#ifdef ENABLE_TOR2WEB_MODE
|
||||
/* We want to connect directly to the node if we can */
|
||||
router_crn_flags_t direct_flags = flags;
|
||||
|
@ -2090,8 +2081,6 @@ choose_good_exit_server(uint8_t purpose,
|
|||
|
||||
switch (purpose) {
|
||||
case CIRCUIT_PURPOSE_C_GENERAL:
|
||||
if (options->AllowInvalid_ & ALLOW_INVALID_MIDDLE)
|
||||
flags |= CRN_ALLOW_INVALID;
|
||||
if (is_internal) /* pick it like a middle hop */
|
||||
return router_choose_random_node(NULL, options->ExcludeNodes, flags);
|
||||
else
|
||||
|
@ -2289,10 +2278,6 @@ count_acceptable_nodes, (smartlist_t *nodes))
|
|||
if (! node->is_running)
|
||||
// log_debug(LD_CIRC,"Nope, the directory says %d is not running.",i);
|
||||
continue;
|
||||
/* XXX This clause makes us count incorrectly: if AllowInvalidRouters
|
||||
* allows this node in some places, then we're getting an inaccurate
|
||||
* count. For now, be conservative and don't count it. But later we
|
||||
* should try to be smarter. */
|
||||
if (! node->is_valid)
|
||||
// log_debug(LD_CIRC,"Nope, the directory says %d is not valid.",i);
|
||||
continue;
|
||||
|
@ -2363,8 +2348,6 @@ choose_good_middle_server(uint8_t purpose,
|
|||
flags |= CRN_NEED_UPTIME;
|
||||
if (state->need_capacity)
|
||||
flags |= CRN_NEED_CAPACITY;
|
||||
if (options->AllowInvalid_ & ALLOW_INVALID_MIDDLE)
|
||||
flags |= CRN_ALLOW_INVALID;
|
||||
choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
|
||||
smartlist_free(excluded);
|
||||
return choice;
|
||||
|
@ -2417,8 +2400,6 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state,
|
|||
if (state->need_capacity)
|
||||
flags |= CRN_NEED_CAPACITY;
|
||||
}
|
||||
if (options->AllowInvalid_ & ALLOW_INVALID_ENTRY)
|
||||
flags |= CRN_ALLOW_INVALID;
|
||||
|
||||
choice = router_choose_random_node(excluded, options->ExcludeNodes, flags);
|
||||
smartlist_free(excluded);
|
||||
|
|
|
@ -705,18 +705,15 @@ circuit_expire_building(void)
|
|||
}
|
||||
}
|
||||
|
||||
/* If this is a hidden service client circuit which is far enough
|
||||
* along in connecting to its destination, and we haven't already
|
||||
* flagged it as 'timed out', and the user has not told us to
|
||||
* close such circs immediately on timeout, flag it as 'timed out'
|
||||
* so we'll launch another intro or rend circ, but don't mark it
|
||||
* for close yet.
|
||||
/* If this is a hidden service client circuit which is far enough along in
|
||||
* connecting to its destination, and we haven't already flagged it as
|
||||
* 'timed out', flag it so we'll launch another intro or rend circ, but
|
||||
* don't mark it for close yet.
|
||||
*
|
||||
* (Circs flagged as 'timed out' are given a much longer timeout
|
||||
* period above, so we won't close them in the next call to
|
||||
* circuit_expire_building.) */
|
||||
if (!(options->CloseHSClientCircuitsImmediatelyOnTimeout) &&
|
||||
!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) {
|
||||
if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out)) {
|
||||
switch (victim->purpose) {
|
||||
case CIRCUIT_PURPOSE_C_REND_READY:
|
||||
/* We only want to spare a rend circ if it has been specified in
|
||||
|
@ -750,8 +747,7 @@ circuit_expire_building(void)
|
|||
/* If this is a service-side rendezvous circuit which is far
|
||||
* enough along in connecting to its destination, consider sparing
|
||||
* it. */
|
||||
if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) &&
|
||||
!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
|
||||
if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
|
||||
victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
|
||||
log_info(LD_CIRC,"Marking circ %u (state %d:%s, purpose %d) "
|
||||
"as timed-out HS circ; relaunching rendezvous attempt.",
|
||||
|
|
265
src/or/config.c
265
src/or/config.c
|
@ -206,10 +206,10 @@ static config_var_t option_vars_[] = {
|
|||
V(AccountingStart, STRING, NULL),
|
||||
V(Address, STRING, NULL),
|
||||
V(AllowDotExit, BOOL, "0"),
|
||||
V(AllowInvalidNodes, CSV, "middle,rendezvous"),
|
||||
OBSOLETE("AllowInvalidNodes"),
|
||||
V(AllowNonRFC953Hostnames, BOOL, "0"),
|
||||
V(AllowSingleHopCircuits, BOOL, "0"),
|
||||
V(AllowSingleHopExits, BOOL, "0"),
|
||||
OBSOLETE("AllowSingleHopCircuits"),
|
||||
OBSOLETE("AllowSingleHopExits"),
|
||||
V(AlternateBridgeAuthority, LINELIST, NULL),
|
||||
V(AlternateDirAuthority, LINELIST, NULL),
|
||||
OBSOLETE("AlternateHSAuthority"),
|
||||
|
@ -264,7 +264,7 @@ static config_var_t option_vars_[] = {
|
|||
V(ConstrainedSockets, BOOL, "0"),
|
||||
V(ConstrainedSockSize, MEMUNIT, "8192"),
|
||||
V(ContactInfo, STRING, NULL),
|
||||
V(ControlListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("ControlListenAddress"),
|
||||
VPORT(ControlPort),
|
||||
V(ControlPortFileGroupReadable,BOOL, "0"),
|
||||
V(ControlPortWriteToFile, FILENAME, NULL),
|
||||
|
@ -281,7 +281,7 @@ static config_var_t option_vars_[] = {
|
|||
V(DisableNetwork, BOOL, "0"),
|
||||
V(DirAllowPrivateAddresses, BOOL, "0"),
|
||||
V(TestingAuthDirTimeToLearnReachability, INTERVAL, "30 minutes"),
|
||||
V(DirListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("DirListenAddress"),
|
||||
V(DirPolicy, LINELIST, NULL),
|
||||
VPORT(DirPort),
|
||||
V(DirPortFrontPage, FILENAME, NULL),
|
||||
|
@ -295,7 +295,7 @@ static config_var_t option_vars_[] = {
|
|||
OBSOLETE("DisableV2DirectoryInfo_"),
|
||||
OBSOLETE("DynamicDHGroups"),
|
||||
VPORT(DNSPort),
|
||||
V(DNSListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("DNSListenAddress"),
|
||||
V(DownloadExtraInfo, BOOL, "0"),
|
||||
V(TestingEnableConnBwEvent, BOOL, "0"),
|
||||
V(TestingEnableCellStatsEvent, BOOL, "0"),
|
||||
|
@ -306,7 +306,7 @@ static config_var_t option_vars_[] = {
|
|||
V(TestingEstimatedDescriptorPropagationTime, INTERVAL, "10 minutes"),
|
||||
V(ExcludeNodes, ROUTERSET, NULL),
|
||||
V(ExcludeExitNodes, ROUTERSET, NULL),
|
||||
V(ExcludeSingleHopRelays, BOOL, "1"),
|
||||
OBSOLETE("ExcludeSingleHopRelays"),
|
||||
V(ExitNodes, ROUTERSET, NULL),
|
||||
V(ExitPolicy, LINELIST, NULL),
|
||||
V(ExitPolicyRejectPrivate, BOOL, "1"),
|
||||
|
@ -326,7 +326,7 @@ static config_var_t option_vars_[] = {
|
|||
OBSOLETE("FallbackNetworkstatusFile"),
|
||||
V(FascistFirewall, BOOL, "0"),
|
||||
V(FirewallPorts, CSV, ""),
|
||||
V(FastFirstHopPK, AUTOBOOL, "auto"),
|
||||
OBSOLETE("FastFirstHopPK"),
|
||||
V(FetchDirInfoEarly, BOOL, "0"),
|
||||
V(FetchDirInfoExtraEarly, BOOL, "0"),
|
||||
V(FetchServerDescriptors, BOOL, "1"),
|
||||
|
@ -363,8 +363,8 @@ static config_var_t option_vars_[] = {
|
|||
VAR("HiddenServiceNumIntroductionPoints", LINELIST_S, RendConfigLines, NULL),
|
||||
VAR("HiddenServiceStatistics", BOOL, HiddenServiceStatistics_option, "1"),
|
||||
V(HidServAuth, LINELIST, NULL),
|
||||
V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
|
||||
V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
|
||||
OBSOLETE("CloseHSClientCircuitsImmediatelyOnTimeout"),
|
||||
OBSOLETE("CloseHSServiceRendCircuitsImmediatelyOnTimeout"),
|
||||
V(HiddenServiceSingleHopMode, BOOL, "0"),
|
||||
V(HiddenServiceNonAnonymousMode,BOOL, "0"),
|
||||
V(HTTPProxy, STRING, NULL),
|
||||
|
@ -401,17 +401,17 @@ static config_var_t option_vars_[] = {
|
|||
V(MyFamily, STRING, NULL),
|
||||
V(NewCircuitPeriod, INTERVAL, "30 seconds"),
|
||||
OBSOLETE("NamingAuthoritativeDirectory"),
|
||||
V(NATDListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("NATDListenAddress"),
|
||||
VPORT(NATDPort),
|
||||
V(Nickname, STRING, NULL),
|
||||
OBSOLETE("PredictedPortsRelevanceTime"),
|
||||
V(WarnUnsafeSocks, BOOL, "1"),
|
||||
OBSOLETE("WarnUnsafeSocks"),
|
||||
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
|
||||
V(NumCPUs, UINT, "0"),
|
||||
V(NumDirectoryGuards, UINT, "0"),
|
||||
V(NumEntryGuards, UINT, "0"),
|
||||
V(OfflineMasterKey, BOOL, "0"),
|
||||
V(ORListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("ORListenAddress"),
|
||||
VPORT(ORPort),
|
||||
V(OutboundBindAddress, LINELIST, NULL),
|
||||
V(OutboundBindAddressOR, LINELIST, NULL),
|
||||
|
@ -486,7 +486,7 @@ static config_var_t option_vars_[] = {
|
|||
V(SchedulerHighWaterMark__, MEMUNIT, "101 MB"),
|
||||
V(SchedulerMaxFlushCells__, UINT, "1000"),
|
||||
V(ShutdownWaitLength, INTERVAL, "30 seconds"),
|
||||
V(SocksListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("SocksListenAddress"),
|
||||
V(SocksPolicy, LINELIST, NULL),
|
||||
VPORT(SocksPort),
|
||||
V(SocksTimeout, INTERVAL, "2 minutes"),
|
||||
|
@ -499,10 +499,10 @@ static config_var_t option_vars_[] = {
|
|||
V(TokenBucketRefillInterval, MSEC_INTERVAL, "100 msec"),
|
||||
V(Tor2webMode, BOOL, "0"),
|
||||
V(Tor2webRendezvousPoints, ROUTERSET, NULL),
|
||||
V(TLSECGroup, STRING, NULL),
|
||||
OBSOLETE("TLSECGroup"),
|
||||
V(TrackHostExits, CSV, NULL),
|
||||
V(TrackHostExitsExpire, INTERVAL, "30 minutes"),
|
||||
V(TransListenAddress, LINELIST, NULL),
|
||||
OBSOLETE("TransListenAddress"),
|
||||
VPORT(TransPort),
|
||||
V(TransProxyType, STRING, "default"),
|
||||
OBSOLETE("TunnelDirConns"),
|
||||
|
@ -667,35 +667,8 @@ static const config_deprecation_t option_deprecation_notes_[] = {
|
|||
/* Deprecated since 0.2.9.2-alpha... */
|
||||
{ "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
|
||||
"a wide variety of application-level attacks." },
|
||||
{ "AllowInvalidNodes", "There is no reason to enable this option; at best "
|
||||
"it will make you easier to track." },
|
||||
{ "AllowSingleHopCircuits", "Almost no relays actually allow single-hop "
|
||||
"exits, making this option pointless." },
|
||||
{ "AllowSingleHopExits", "Turning this on will make your relay easier "
|
||||
"to abuse." },
|
||||
{ "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
|
||||
"easier to fingerprint, and may open you to esoteric attacks." },
|
||||
{ "ExcludeSingleHopRelays", "Turning it on makes your client easier to "
|
||||
"fingerprint." },
|
||||
{ "FastFirstHopPK", "Changing this option does not make your client more "
|
||||
"secure, but does make it easier to fingerprint." },
|
||||
{ "CloseHSClientCircuitsImmediatelyOnTimeout", "This option makes your "
|
||||
"client easier to fingerprint." },
|
||||
{ "CloseHSServiceRendCircuitsImmediatelyOnTimeout", "This option makes "
|
||||
"your hidden services easier to fingerprint." },
|
||||
{ "WarnUnsafeSocks", "Changing this option makes it easier for you "
|
||||
"to accidentally lose your anonymity by leaking DNS information" },
|
||||
{ "TLSECGroup", "The default is a nice secure choice; the other option "
|
||||
"is less secure." },
|
||||
{ "ControlListenAddress", "Use ControlPort instead." },
|
||||
{ "DirListenAddress", "Use DirPort instead, possibly with the "
|
||||
"NoAdvertise sub-option" },
|
||||
{ "DNSListenAddress", "Use DNSPort instead." },
|
||||
{ "SocksListenAddress", "Use SocksPort instead." },
|
||||
{ "TransListenAddress", "Use TransPort instead." },
|
||||
{ "NATDListenAddress", "Use NATDPort instead." },
|
||||
{ "ORListenAddress", "Use ORPort instead, possibly with the "
|
||||
"NoAdvertise sub-option" },
|
||||
/* End of options deprecated since 0.2.9.2-alpha. */
|
||||
|
||||
{ NULL, NULL }
|
||||
|
@ -1558,23 +1531,6 @@ get_effective_bwburst(const or_options_t *options)
|
|||
return (uint32_t)bw;
|
||||
}
|
||||
|
||||
/** Return True if any changes from <b>old_options</b> to
|
||||
* <b>new_options</b> needs us to refresh our TLS context. */
|
||||
static int
|
||||
options_transition_requires_fresh_tls_context(const or_options_t *old_options,
|
||||
const or_options_t *new_options)
|
||||
{
|
||||
tor_assert(new_options);
|
||||
|
||||
if (!old_options)
|
||||
return 0;
|
||||
|
||||
if (!opt_streq(old_options->TLSECGroup, new_options->TLSECGroup))
|
||||
return 1;
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true if changing the configuration from <b>old</b> to <b>new</b>
|
||||
* affects the guard susbsystem.
|
||||
|
@ -1793,13 +1749,6 @@ options_act(const or_options_t *old_options)
|
|||
log_warn(LD_BUG,"Error initializing keys; exiting");
|
||||
return -1;
|
||||
}
|
||||
} else if (old_options &&
|
||||
options_transition_requires_fresh_tls_context(old_options,
|
||||
options)) {
|
||||
if (router_initialize_tls_context() < 0) {
|
||||
log_warn(LD_BUG,"Error initializing TLS context.");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
/* Write our PID to the PID file. If we do not have write permissions we
|
||||
|
@ -3012,6 +2961,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
tor_assert(msg);
|
||||
*msg = NULL;
|
||||
|
||||
if (parse_ports(options, 1, msg, &n_ports,
|
||||
&world_writable_control_socket) < 0)
|
||||
return -1;
|
||||
|
||||
/* Set UseEntryGuards from the configured value, before we check it below.
|
||||
* We change UseEntryGuards when it's incompatible with other options,
|
||||
* but leave UseEntryGuards_option with the original value.
|
||||
|
@ -3030,10 +2983,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
"for details.", uname);
|
||||
}
|
||||
|
||||
if (parse_ports(options, 1, msg, &n_ports,
|
||||
&world_writable_control_socket) < 0)
|
||||
return -1;
|
||||
|
||||
if (parse_outbound_addresses(options, 1, msg) < 0)
|
||||
return -1;
|
||||
|
||||
|
@ -3126,14 +3075,12 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
|
||||
if (strcasecmp(options->TransProxyType, "default") &&
|
||||
!options->TransPort_set) {
|
||||
REJECT("Cannot use TransProxyType without any valid TransPort or "
|
||||
"TransListenAddress.");
|
||||
REJECT("Cannot use TransProxyType without any valid TransPort.");
|
||||
}
|
||||
}
|
||||
#else
|
||||
if (options->TransPort_set)
|
||||
REJECT("TransPort and TransListenAddress are disabled "
|
||||
"in this build.");
|
||||
REJECT("TransPort is disabled in this build.");
|
||||
#endif
|
||||
|
||||
if (options->TokenBucketRefillInterval <= 0
|
||||
|
@ -3170,15 +3117,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
}
|
||||
}
|
||||
|
||||
if (options->TLSECGroup && (strcasecmp(options->TLSECGroup, "P256") &&
|
||||
strcasecmp(options->TLSECGroup, "P224"))) {
|
||||
COMPLAIN("Unrecognized TLSECGroup: Falling back to the default.");
|
||||
tor_free(options->TLSECGroup);
|
||||
}
|
||||
if (!evaluate_ecgroup_for_tls(options->TLSECGroup)) {
|
||||
REJECT("Unsupported TLSECGroup.");
|
||||
}
|
||||
|
||||
if (options->ExcludeNodes && options->StrictNodes) {
|
||||
COMPLAIN("You have asked to exclude certain relays from all positions "
|
||||
"in your circuits. Expect hidden services and other Tor "
|
||||
|
@ -3386,28 +3324,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
server_mode(options));
|
||||
options->MaxMemInQueues_low_threshold = (options->MaxMemInQueues / 4) * 3;
|
||||
|
||||
options->AllowInvalid_ = 0;
|
||||
|
||||
if (options->AllowInvalidNodes) {
|
||||
SMARTLIST_FOREACH_BEGIN(options->AllowInvalidNodes, const char *, cp) {
|
||||
if (!strcasecmp(cp, "entry"))
|
||||
options->AllowInvalid_ |= ALLOW_INVALID_ENTRY;
|
||||
else if (!strcasecmp(cp, "exit"))
|
||||
options->AllowInvalid_ |= ALLOW_INVALID_EXIT;
|
||||
else if (!strcasecmp(cp, "middle"))
|
||||
options->AllowInvalid_ |= ALLOW_INVALID_MIDDLE;
|
||||
else if (!strcasecmp(cp, "introduction"))
|
||||
options->AllowInvalid_ |= ALLOW_INVALID_INTRODUCTION;
|
||||
else if (!strcasecmp(cp, "rendezvous"))
|
||||
options->AllowInvalid_ |= ALLOW_INVALID_RENDEZVOUS;
|
||||
else {
|
||||
tor_asprintf(msg,
|
||||
"Unrecognized value '%s' in AllowInvalidNodes", cp);
|
||||
return -1;
|
||||
}
|
||||
} SMARTLIST_FOREACH_END(cp);
|
||||
}
|
||||
|
||||
if (!options->SafeLogging ||
|
||||
!strcasecmp(options->SafeLogging, "0")) {
|
||||
options->SafeLogging_ = SAFELOG_SCRUB_NONE;
|
||||
|
@ -4104,13 +4020,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|||
"AlternateDirAuthority and AlternateBridgeAuthority configured.");
|
||||
}
|
||||
|
||||
if (options->AllowSingleHopExits && !options->DirAuthorities) {
|
||||
COMPLAIN("You have set AllowSingleHopExits; now your relay will allow "
|
||||
"others to make one-hop exits. However, since by default most "
|
||||
"clients avoid relays that set this option, most clients will "
|
||||
"ignore you.");
|
||||
}
|
||||
|
||||
#define CHECK_DEFAULT(arg) \
|
||||
STMT_BEGIN \
|
||||
if (!options->TestingTorNetwork && \
|
||||
|
@ -6471,14 +6380,9 @@ warn_client_dns_cache(const char *option, int disabling)
|
|||
/**
|
||||
* Parse port configuration for a single port type.
|
||||
*
|
||||
* Read entries of the "FooPort" type from the list <b>ports</b>, and
|
||||
* entries of the "FooListenAddress" type from the list
|
||||
* <b>listenaddrs</b>. Two syntaxes are supported: a legacy syntax
|
||||
* where FooPort is at most a single entry containing a port number and
|
||||
* where FooListenAddress has any number of address:port combinations;
|
||||
* and a new syntax where there are no FooListenAddress entries and
|
||||
* where FooPort can have any number of entries of the format
|
||||
* "[Address:][Port] IsolationOptions".
|
||||
* Read entries of the "FooPort" type from the list <b>ports</b>. Syntax is
|
||||
* that FooPort can have any number of entries of the format
|
||||
* "[Address:][Port] IsolationOptions".
|
||||
*
|
||||
* In log messages, describe the port type as <b>portname</b>.
|
||||
*
|
||||
|
@ -6492,9 +6396,6 @@ warn_client_dns_cache(const char *option, int disabling)
|
|||
* ports are not on a local address. If CL_PORT_FORBID_NONLOCAL is set,
|
||||
* this is a control port with no password set: don't even allow it.
|
||||
*
|
||||
* Unless CL_PORT_ALLOW_EXTRA_LISTENADDR is set in <b>flags</b>, warn
|
||||
* if FooListenAddress is set but FooPort is 0.
|
||||
*
|
||||
* If CL_PORT_SERVER_OPTIONS is set in <b>flags</b>, do not allow stream
|
||||
* isolation options in the FooPort entries; instead allow the
|
||||
* server-port option set.
|
||||
|
@ -6509,7 +6410,6 @@ warn_client_dns_cache(const char *option, int disabling)
|
|||
STATIC int
|
||||
parse_port_config(smartlist_t *out,
|
||||
const config_line_t *ports,
|
||||
const config_line_t *listenaddrs,
|
||||
const char *portname,
|
||||
int listener_type,
|
||||
const char *defaultaddr,
|
||||
|
@ -6526,90 +6426,12 @@ parse_port_config(smartlist_t *out,
|
|||
const unsigned forbid_nonlocal = flags & CL_PORT_FORBID_NONLOCAL;
|
||||
const unsigned default_to_group_writable =
|
||||
flags & CL_PORT_DFLT_GROUP_WRITABLE;
|
||||
const unsigned allow_spurious_listenaddr =
|
||||
flags & CL_PORT_ALLOW_EXTRA_LISTENADDR;
|
||||
const unsigned takes_hostnames = flags & CL_PORT_TAKES_HOSTNAMES;
|
||||
const unsigned is_unix_socket = flags & CL_PORT_IS_UNIXSOCKET;
|
||||
int got_zero_port=0, got_nonzero_port=0;
|
||||
char *unix_socket_path = NULL;
|
||||
|
||||
/* FooListenAddress is deprecated; let's make it work like it used to work,
|
||||
* though. */
|
||||
if (listenaddrs) {
|
||||
int mainport = defaultport;
|
||||
|
||||
if (ports && ports->next) {
|
||||
log_warn(LD_CONFIG, "%sListenAddress can't be used when there are "
|
||||
"multiple %sPort lines", portname, portname);
|
||||
return -1;
|
||||
} else if (ports) {
|
||||
if (!strcmp(ports->value, "auto")) {
|
||||
mainport = CFG_AUTO_PORT;
|
||||
} else {
|
||||
int ok;
|
||||
mainport = (int)tor_parse_long(ports->value, 10, 0, 65535, &ok, NULL);
|
||||
if (!ok) {
|
||||
log_warn(LD_CONFIG, "%sListenAddress can only be used with a single "
|
||||
"%sPort with value \"auto\" or 1-65535 and no options set.",
|
||||
portname, portname);
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (mainport == 0) {
|
||||
if (allow_spurious_listenaddr)
|
||||
return 1; /*DOCDOC*/
|
||||
log_warn(LD_CONFIG, "%sPort must be defined if %sListenAddress is used",
|
||||
portname, portname);
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (use_server_options && out) {
|
||||
/* Add a no_listen port. */
|
||||
port_cfg_t *cfg = port_cfg_new(0);
|
||||
cfg->type = listener_type;
|
||||
cfg->port = mainport;
|
||||
tor_addr_make_unspec(&cfg->addr); /* Server ports default to 0.0.0.0 */
|
||||
cfg->server_cfg.no_listen = 1;
|
||||
cfg->server_cfg.bind_ipv4_only = 1;
|
||||
/* cfg->entry_cfg defaults are already set by port_cfg_new */
|
||||
smartlist_add(out, cfg);
|
||||
}
|
||||
|
||||
for (; listenaddrs; listenaddrs = listenaddrs->next) {
|
||||
tor_addr_t addr;
|
||||
uint16_t port = 0;
|
||||
if (tor_addr_port_lookup(listenaddrs->value, &addr, &port) < 0) {
|
||||
log_warn(LD_CONFIG, "Unable to parse %sListenAddress '%s'",
|
||||
portname, listenaddrs->value);
|
||||
return -1;
|
||||
}
|
||||
if (out) {
|
||||
port_cfg_t *cfg = port_cfg_new(0);
|
||||
cfg->type = listener_type;
|
||||
cfg->port = port ? port : mainport;
|
||||
tor_addr_copy(&cfg->addr, &addr);
|
||||
cfg->entry_cfg.session_group = SESSION_GROUP_UNSET;
|
||||
cfg->entry_cfg.isolation_flags = ISO_DEFAULT;
|
||||
cfg->server_cfg.no_advertise = 1;
|
||||
smartlist_add(out, cfg);
|
||||
}
|
||||
}
|
||||
|
||||
if (warn_nonlocal && out) {
|
||||
if (is_control)
|
||||
warn_nonlocal_controller_ports(out, forbid_nonlocal);
|
||||
else if (is_ext_orport)
|
||||
warn_nonlocal_ext_orports(out, portname);
|
||||
else
|
||||
warn_nonlocal_client_ports(out, portname, listener_type);
|
||||
}
|
||||
return 0;
|
||||
} /* end if (listenaddrs) */
|
||||
|
||||
/* No ListenAddress lines. If there's no FooPort, then maybe make a default
|
||||
* one. */
|
||||
/* If there's no FooPort, then maybe make a default one. */
|
||||
if (! ports) {
|
||||
if (defaultport && defaultaddr && out) {
|
||||
port_cfg_t *cfg = port_cfg_new(is_unix_socket ? strlen(defaultaddr) : 0);
|
||||
|
@ -7080,36 +6902,35 @@ parse_ports(or_options_t *options, int validate_only,
|
|||
const unsigned gw_flag = options->SocksSocketsGroupWritable ?
|
||||
CL_PORT_DFLT_GROUP_WRITABLE : 0;
|
||||
if (parse_port_config(ports,
|
||||
options->SocksPort_lines, options->SocksListenAddress,
|
||||
options->SocksPort_lines,
|
||||
"Socks", CONN_TYPE_AP_LISTENER,
|
||||
"127.0.0.1", 9050,
|
||||
CL_PORT_WARN_NONLOCAL|CL_PORT_ALLOW_EXTRA_LISTENADDR|
|
||||
CL_PORT_TAKES_HOSTNAMES|gw_flag) < 0) {
|
||||
*msg = tor_strdup("Invalid SocksPort/SocksListenAddress configuration");
|
||||
CL_PORT_WARN_NONLOCAL|CL_PORT_TAKES_HOSTNAMES|gw_flag) < 0) {
|
||||
*msg = tor_strdup("Invalid SocksPort configuration");
|
||||
goto err;
|
||||
}
|
||||
if (parse_port_config(ports,
|
||||
options->DNSPort_lines, options->DNSListenAddress,
|
||||
options->DNSPort_lines,
|
||||
"DNS", CONN_TYPE_AP_DNS_LISTENER,
|
||||
"127.0.0.1", 0,
|
||||
CL_PORT_WARN_NONLOCAL|CL_PORT_TAKES_HOSTNAMES) < 0) {
|
||||
*msg = tor_strdup("Invalid DNSPort/DNSListenAddress configuration");
|
||||
*msg = tor_strdup("Invalid DNSPort configuration");
|
||||
goto err;
|
||||
}
|
||||
if (parse_port_config(ports,
|
||||
options->TransPort_lines, options->TransListenAddress,
|
||||
options->TransPort_lines,
|
||||
"Trans", CONN_TYPE_AP_TRANS_LISTENER,
|
||||
"127.0.0.1", 0,
|
||||
CL_PORT_WARN_NONLOCAL) < 0) {
|
||||
*msg = tor_strdup("Invalid TransPort/TransListenAddress configuration");
|
||||
*msg = tor_strdup("Invalid TransPort configuration");
|
||||
goto err;
|
||||
}
|
||||
if (parse_port_config(ports,
|
||||
options->NATDPort_lines, options->NATDListenAddress,
|
||||
options->NATDPort_lines,
|
||||
"NATD", CONN_TYPE_AP_NATD_LISTENER,
|
||||
"127.0.0.1", 0,
|
||||
CL_PORT_WARN_NONLOCAL) < 0) {
|
||||
*msg = tor_strdup("Invalid NatdPort/NatdListenAddress configuration");
|
||||
*msg = tor_strdup("Invalid NatdPort configuration");
|
||||
goto err;
|
||||
}
|
||||
{
|
||||
|
@ -7125,16 +6946,14 @@ parse_ports(or_options_t *options, int validate_only,
|
|||
|
||||
if (parse_port_config(ports,
|
||||
options->ControlPort_lines,
|
||||
options->ControlListenAddress,
|
||||
"Control", CONN_TYPE_CONTROL_LISTENER,
|
||||
"127.0.0.1", 0,
|
||||
control_port_flags) < 0) {
|
||||
*msg = tor_strdup("Invalid ControlPort/ControlListenAddress "
|
||||
"configuration");
|
||||
*msg = tor_strdup("Invalid ControlPort configuration");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (parse_port_config(ports, options->ControlSocket, NULL,
|
||||
if (parse_port_config(ports, options->ControlSocket,
|
||||
"ControlSocket",
|
||||
CONN_TYPE_CONTROL_LISTENER, NULL, 0,
|
||||
control_port_flags | CL_PORT_IS_UNIXSOCKET) < 0) {
|
||||
|
@ -7144,15 +6963,15 @@ parse_ports(or_options_t *options, int validate_only,
|
|||
}
|
||||
if (! options->ClientOnly) {
|
||||
if (parse_port_config(ports,
|
||||
options->ORPort_lines, options->ORListenAddress,
|
||||
options->ORPort_lines,
|
||||
"OR", CONN_TYPE_OR_LISTENER,
|
||||
"0.0.0.0", 0,
|
||||
CL_PORT_SERVER_OPTIONS) < 0) {
|
||||
*msg = tor_strdup("Invalid ORPort/ORListenAddress configuration");
|
||||
*msg = tor_strdup("Invalid ORPort configuration");
|
||||
goto err;
|
||||
}
|
||||
if (parse_port_config(ports,
|
||||
options->ExtORPort_lines, NULL,
|
||||
options->ExtORPort_lines,
|
||||
"ExtOR", CONN_TYPE_EXT_OR_LISTENER,
|
||||
"127.0.0.1", 0,
|
||||
CL_PORT_SERVER_OPTIONS|CL_PORT_WARN_NONLOCAL) < 0) {
|
||||
|
@ -7160,11 +6979,11 @@ parse_ports(or_options_t *options, int validate_only,
|
|||
goto err;
|
||||
}
|
||||
if (parse_port_config(ports,
|
||||
options->DirPort_lines, options->DirListenAddress,
|
||||
options->DirPort_lines,
|
||||
"Dir", CONN_TYPE_DIR_LISTENER,
|
||||
"0.0.0.0", 0,
|
||||
CL_PORT_SERVER_OPTIONS) < 0) {
|
||||
*msg = tor_strdup("Invalid DirPort/DirListenAddress configuration");
|
||||
*msg = tor_strdup("Invalid DirPort configuration");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -157,7 +157,7 @@ smartlist_t *get_options_for_server_transport(const char *transport);
|
|||
|
||||
#define CL_PORT_NO_STREAM_OPTIONS (1u<<0)
|
||||
#define CL_PORT_WARN_NONLOCAL (1u<<1)
|
||||
#define CL_PORT_ALLOW_EXTRA_LISTENADDR (1u<<2)
|
||||
/* Was CL_PORT_ALLOW_EXTRA_LISTENADDR (1u<<2) */
|
||||
#define CL_PORT_SERVER_OPTIONS (1u<<3)
|
||||
#define CL_PORT_FORBID_NONLOCAL (1u<<4)
|
||||
#define CL_PORT_TAKES_HOSTNAMES (1u<<5)
|
||||
|
@ -193,7 +193,6 @@ STATIC int have_enough_mem_for_dircache(const or_options_t *options,
|
|||
size_t total_mem, char **msg);
|
||||
STATIC int parse_port_config(smartlist_t *out,
|
||||
const config_line_t *ports,
|
||||
const config_line_t *listenaddrs,
|
||||
const char *portname,
|
||||
int listener_type,
|
||||
const char *defaultaddr,
|
||||
|
|
|
@ -3133,15 +3133,13 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
|||
port = bcell.port;
|
||||
|
||||
if (or_circ && or_circ->p_chan) {
|
||||
if (!options->AllowSingleHopExits &&
|
||||
(or_circ->is_first_hop ||
|
||||
(!connection_or_digest_is_known_relay(
|
||||
if ((or_circ->is_first_hop ||
|
||||
(!connection_or_digest_is_known_relay(
|
||||
or_circ->p_chan->identity_digest) &&
|
||||
should_refuse_unknown_exits(options)))) {
|
||||
/* Don't let clients use us as a single-hop proxy, unless the user
|
||||
* has explicitly allowed that in the config. It attracts attackers
|
||||
* and users who'd be better off with, well, single-hop proxies.
|
||||
*/
|
||||
/* Don't let clients use us as a single-hop proxy. It attracts
|
||||
* attackers and users who'd be better off with, well, single-hop
|
||||
* proxies. */
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Attempt by %s to open a stream %s. Closing.",
|
||||
safe_str(channel_get_canonical_remote_descr(or_circ->p_chan)),
|
||||
|
|
|
@ -3551,24 +3551,9 @@ handle_control_attachstream(control_connection_t *conn, uint32_t len,
|
|||
}
|
||||
/* Is this a single hop circuit? */
|
||||
if (circ && (circuit_get_cpath_len(circ)<2 || hop==1)) {
|
||||
const node_t *node = NULL;
|
||||
char *exit_digest = NULL;
|
||||
if (circ->build_state &&
|
||||
circ->build_state->chosen_exit &&
|
||||
!tor_digest_is_zero(circ->build_state->chosen_exit->identity_digest)) {
|
||||
exit_digest = circ->build_state->chosen_exit->identity_digest;
|
||||
node = node_get_by_id(exit_digest);
|
||||
}
|
||||
/* Do both the client and relay allow one-hop exit circuits? */
|
||||
if (!node ||
|
||||
!node_allows_single_hop_exits(node) ||
|
||||
!get_options()->AllowSingleHopCircuits) {
|
||||
connection_write_str_to_buf(
|
||||
"551 Can't attach stream to this one-hop circuit.\r\n", conn);
|
||||
return 0;
|
||||
}
|
||||
tor_assert(exit_digest);
|
||||
ap_conn->chosen_exit_name = tor_strdup(hex_str(exit_digest, DIGEST_LEN));
|
||||
connection_write_str_to_buf(
|
||||
"551 Can't attach stream to this one-hop circuit.\r\n", conn);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (circ && hop>0) {
|
||||
|
|
56
src/or/or.h
56
src/or/or.h
|
@ -3480,15 +3480,6 @@ static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(
|
|||
return DOWNCAST(origin_circuit_t, x);
|
||||
}
|
||||
|
||||
/** Bitfield type: things that we're willing to use invalid routers for. */
|
||||
typedef enum invalid_router_usage_t {
|
||||
ALLOW_INVALID_ENTRY =1,
|
||||
ALLOW_INVALID_EXIT =2,
|
||||
ALLOW_INVALID_MIDDLE =4,
|
||||
ALLOW_INVALID_RENDEZVOUS =8,
|
||||
ALLOW_INVALID_INTRODUCTION=16,
|
||||
} invalid_router_usage_t;
|
||||
|
||||
/* limits for TCP send and recv buffer size used for constrained sockets */
|
||||
#define MIN_CONSTRAINED_TCP_BUFFER 2048
|
||||
#define MAX_CONSTRAINED_TCP_BUFFER 262144 /* 256k */
|
||||
|
@ -3614,10 +3605,6 @@ typedef struct {
|
|||
int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our
|
||||
* process for all current and future memory. */
|
||||
|
||||
/** List of "entry", "middle", "exit", "introduction", "rendezvous". */
|
||||
smartlist_t *AllowInvalidNodes;
|
||||
/** Bitmask; derived from AllowInvalidNodes. */
|
||||
invalid_router_usage_t AllowInvalid_;
|
||||
config_line_t *ExitPolicy; /**< Lists of exit policy components. */
|
||||
int ExitPolicyRejectPrivate; /**< Should we not exit to reserved private
|
||||
* addresses, and our own published addresses?
|
||||
|
@ -3628,21 +3615,6 @@ typedef struct {
|
|||
* configured ports. */
|
||||
config_line_t *SocksPolicy; /**< Lists of socks policy components */
|
||||
config_line_t *DirPolicy; /**< Lists of dir policy components */
|
||||
/** Addresses to bind for listening for SOCKS connections. */
|
||||
config_line_t *SocksListenAddress;
|
||||
/** Addresses to bind for listening for transparent pf/netfilter
|
||||
* connections. */
|
||||
config_line_t *TransListenAddress;
|
||||
/** Addresses to bind for listening for transparent natd connections */
|
||||
config_line_t *NATDListenAddress;
|
||||
/** Addresses to bind for listening for SOCKS connections. */
|
||||
config_line_t *DNSListenAddress;
|
||||
/** Addresses to bind for listening for OR connections. */
|
||||
config_line_t *ORListenAddress;
|
||||
/** Addresses to bind for listening for directory connections. */
|
||||
config_line_t *DirListenAddress;
|
||||
/** Addresses to bind for listening for control connections. */
|
||||
config_line_t *ControlListenAddress;
|
||||
/** Local address to bind outbound sockets */
|
||||
config_line_t *OutboundBindAddress;
|
||||
/** Local address to bind outbound relay sockets */
|
||||
|
@ -3801,15 +3773,6 @@ typedef struct {
|
|||
/** A routerset that should be used when picking RPs for HS circuits. */
|
||||
routerset_t *Tor2webRendezvousPoints;
|
||||
|
||||
/** Close hidden service client circuits immediately when they reach
|
||||
* the normal circuit-build timeout, even if they have already sent
|
||||
* an INTRODUCE1 cell on its way to the service. */
|
||||
int CloseHSClientCircuitsImmediatelyOnTimeout;
|
||||
|
||||
/** Close hidden-service-side rendezvous circuits immediately when
|
||||
* they reach the normal circuit-build timeout. */
|
||||
int CloseHSServiceRendCircuitsImmediatelyOnTimeout;
|
||||
|
||||
/** Onion Services in HiddenServiceSingleHopMode make one-hop (direct)
|
||||
* circuits between the onion service server, and the introduction and
|
||||
* rendezvous points. (Onion service descriptors are still posted using
|
||||
|
@ -4091,8 +4054,6 @@ typedef struct {
|
|||
int NumDirectoryGuards; /**< How many dir guards do we try to establish?
|
||||
* If 0, use value from NumEntryGuards. */
|
||||
int RephistTrackTime; /**< How many seconds do we keep rephist info? */
|
||||
int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
|
||||
* of our PK time by sending CREATE_FAST cells? */
|
||||
/** Should we always fetch our dir info on the mirror schedule (which
|
||||
* means directly from the authorities) no matter our other config? */
|
||||
int FetchDirInfoEarly;
|
||||
|
@ -4148,16 +4109,6 @@ typedef struct {
|
|||
* if we are a cache). For authorities, this is always true. */
|
||||
int DownloadExtraInfo;
|
||||
|
||||
/** If true, and we are acting as a relay, allow exit circuits even when
|
||||
* we are the first hop of a circuit. */
|
||||
int AllowSingleHopExits;
|
||||
/** If true, don't allow relays with AllowSingleHopExits=1 to be used in
|
||||
* circuits that we build. */
|
||||
int ExcludeSingleHopRelays;
|
||||
/** If true, and the controller tells us to use a one-hop circuit, and the
|
||||
* exit allows it, we use it. */
|
||||
int AllowSingleHopCircuits;
|
||||
|
||||
/** If true, we convert "www.google.com.foo.exit" addresses on the
|
||||
* socks/trans/natd ports into "www.google.com" addresses that
|
||||
* exit from the node "foo". Disabled by default since attacking
|
||||
|
@ -4165,10 +4116,6 @@ typedef struct {
|
|||
* selection. */
|
||||
int AllowDotExit;
|
||||
|
||||
/** If true, we will warn if a user gives us only an IP address
|
||||
* instead of a hostname. */
|
||||
int WarnUnsafeSocks;
|
||||
|
||||
/** If true, we're configured to collect statistics on clients
|
||||
* requesting network statuses from us as directory. */
|
||||
int DirReqStatistics_option;
|
||||
|
@ -4528,8 +4475,6 @@ typedef struct {
|
|||
|
||||
int IPv6Exit; /**< Do we support exiting to IPv6 addresses? */
|
||||
|
||||
char *TLSECGroup; /**< One of "P256", "P224", or nil for auto */
|
||||
|
||||
/** Fraction: */
|
||||
double PathsNeededToBuildCircuits;
|
||||
|
||||
|
@ -5381,7 +5326,6 @@ typedef enum {
|
|||
CRN_NEED_UPTIME = 1<<0,
|
||||
CRN_NEED_CAPACITY = 1<<1,
|
||||
CRN_NEED_GUARD = 1<<2,
|
||||
CRN_ALLOW_INVALID = 1<<3,
|
||||
/* XXXX not used, apparently. */
|
||||
CRN_WEIGHT_AS_EXIT = 1<<5,
|
||||
CRN_NEED_DESC = 1<<6,
|
||||
|
|
|
@ -4205,8 +4205,6 @@ rend_consider_services_intro_points(void)
|
|||
const node_t *node;
|
||||
rend_intro_point_t *intro;
|
||||
router_crn_flags_t flags = CRN_NEED_UPTIME|CRN_NEED_DESC;
|
||||
if (get_options()->AllowInvalid_ & ALLOW_INVALID_INTRODUCTION)
|
||||
flags |= CRN_ALLOW_INVALID;
|
||||
router_crn_flags_t direct_flags = flags;
|
||||
direct_flags |= CRN_PREF_ADDR;
|
||||
direct_flags |= CRN_DIRECT_CONN;
|
||||
|
|
|
@ -779,12 +779,6 @@ router_initialize_tls_context(void)
|
|||
int lifetime = options->SSLKeyLifetime;
|
||||
if (public_server_mode(options))
|
||||
flags |= TOR_TLS_CTX_IS_PUBLIC_SERVER;
|
||||
if (options->TLSECGroup) {
|
||||
if (!strcasecmp(options->TLSECGroup, "P256"))
|
||||
flags |= TOR_TLS_CTX_USE_ECDHE_P256;
|
||||
else if (!strcasecmp(options->TLSECGroup, "P224"))
|
||||
flags |= TOR_TLS_CTX_USE_ECDHE_P224;
|
||||
}
|
||||
if (!lifetime) { /* we should guess a good ssl cert lifetime */
|
||||
|
||||
/* choose between 5 and 365 days, and round to the day */
|
||||
|
@ -1663,8 +1657,7 @@ MOCK_IMPL(int,
|
|||
server_mode,(const or_options_t *options))
|
||||
{
|
||||
if (options->ClientOnly) return 0;
|
||||
/* XXXX I believe we can kill off ORListenAddress here.*/
|
||||
return (options->ORPort_set || options->ORListenAddress);
|
||||
return (options->ORPort_set);
|
||||
}
|
||||
|
||||
/** Return true iff we are trying to be a non-bridge server.
|
||||
|
@ -2942,7 +2935,7 @@ router_dump_router_to_string(routerinfo_t *router,
|
|||
"onion-key\n%s"
|
||||
"signing-key\n%s"
|
||||
"%s%s"
|
||||
"%s%s%s%s",
|
||||
"%s%s%s",
|
||||
router->nickname,
|
||||
address,
|
||||
router->or_port,
|
||||
|
@ -2965,8 +2958,7 @@ router_dump_router_to_string(routerinfo_t *router,
|
|||
ntor_cc_line ? ntor_cc_line : "",
|
||||
family_line,
|
||||
we_are_hibernating() ? "hibernating 1\n" : "",
|
||||
"hidden-service-dir\n",
|
||||
options->AllowSingleHopExits ? "allow-single-hop-exits\n" : "");
|
||||
"hidden-service-dir\n");
|
||||
|
||||
if (options->ContactInfo && strlen(options->ContactInfo)) {
|
||||
const char *ci = options->ContactInfo;
|
||||
|
|
|
@ -2320,17 +2320,16 @@ routerlist_add_node_and_family(smartlist_t *sl, const routerinfo_t *router)
|
|||
* we can pick a node for a circuit.
|
||||
*/
|
||||
void
|
||||
router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid,
|
||||
int need_uptime, int need_capacity,
|
||||
int need_guard, int need_desc,
|
||||
int pref_addr, int direct_conn)
|
||||
router_add_running_nodes_to_smartlist(smartlist_t *sl, int need_uptime,
|
||||
int need_capacity, int need_guard,
|
||||
int need_desc, int pref_addr,
|
||||
int direct_conn)
|
||||
{
|
||||
const int check_reach = !router_skip_or_reachability(get_options(),
|
||||
pref_addr);
|
||||
/* XXXX MOVE */
|
||||
SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), const node_t *, node) {
|
||||
if (!node->is_running ||
|
||||
(!node->is_valid && !allow_invalid))
|
||||
if (!node->is_running || !node->is_valid)
|
||||
continue;
|
||||
if (need_desc && !(node->ri || (node->rs && node->md)))
|
||||
continue;
|
||||
|
@ -2776,8 +2775,6 @@ node_sl_choose_by_bandwidth(const smartlist_t *sl,
|
|||
* a minimum uptime, return one of those.
|
||||
* If <b>CRN_NEED_CAPACITY</b> is set in flags, weight your choice by the
|
||||
* advertised capacity of each router.
|
||||
* If <b>CRN_ALLOW_INVALID</b> is not set in flags, consider only Valid
|
||||
* routers.
|
||||
* If <b>CRN_NEED_GUARD</b> is set in flags, consider only Guard routers.
|
||||
* If <b>CRN_WEIGHT_AS_EXIT</b> is set in flags, we weight bandwidths as if
|
||||
* picking an exit node, otherwise we weight bandwidths for picking a relay
|
||||
|
@ -2798,7 +2795,6 @@ router_choose_random_node(smartlist_t *excludedsmartlist,
|
|||
const int need_uptime = (flags & CRN_NEED_UPTIME) != 0;
|
||||
const int need_capacity = (flags & CRN_NEED_CAPACITY) != 0;
|
||||
const int need_guard = (flags & CRN_NEED_GUARD) != 0;
|
||||
const int allow_invalid = (flags & CRN_ALLOW_INVALID) != 0;
|
||||
const int weight_for_exit = (flags & CRN_WEIGHT_AS_EXIT) != 0;
|
||||
const int need_desc = (flags & CRN_NEED_DESC) != 0;
|
||||
const int pref_addr = (flags & CRN_PREF_ADDR) != 0;
|
||||
|
@ -2814,20 +2810,17 @@ router_choose_random_node(smartlist_t *excludedsmartlist,
|
|||
rule = weight_for_exit ? WEIGHT_FOR_EXIT :
|
||||
(need_guard ? WEIGHT_FOR_GUARD : WEIGHT_FOR_MID);
|
||||
|
||||
/* Exclude relays that allow single hop exit circuits, if the user
|
||||
* wants to (such relays might be risky) */
|
||||
if (get_options()->ExcludeSingleHopRelays) {
|
||||
SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
|
||||
if (node_allows_single_hop_exits(node)) {
|
||||
smartlist_add(excludednodes, node);
|
||||
});
|
||||
}
|
||||
/* Exclude relays that allow single hop exit circuits. This is an obsolete
|
||||
* option since 0.2.9.2-alpha and done by default in 0.3.1.0-alpha. */
|
||||
SMARTLIST_FOREACH(nodelist_get_list(), node_t *, node,
|
||||
if (node_allows_single_hop_exits(node)) {
|
||||
smartlist_add(excludednodes, node);
|
||||
});
|
||||
|
||||
if ((r = routerlist_find_my_routerinfo()))
|
||||
routerlist_add_node_and_family(excludednodes, r);
|
||||
|
||||
router_add_running_nodes_to_smartlist(sl, allow_invalid,
|
||||
need_uptime, need_capacity,
|
||||
router_add_running_nodes_to_smartlist(sl, need_uptime, need_capacity,
|
||||
need_guard, need_desc, pref_addr,
|
||||
direct_conn);
|
||||
log_debug(LD_CIRC,
|
||||
|
|
|
@ -62,10 +62,10 @@ int router_skip_or_reachability(const or_options_t *options, int try_ip_pref);
|
|||
int router_get_my_share_of_directory_requests(double *v3_share_out);
|
||||
void router_reset_status_download_failures(void);
|
||||
int routers_have_same_or_addrs(const routerinfo_t *r1, const routerinfo_t *r2);
|
||||
void router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid,
|
||||
int need_uptime, int need_capacity,
|
||||
int need_guard, int need_desc,
|
||||
int pref_addr, int direct_conn);
|
||||
void router_add_running_nodes_to_smartlist(smartlist_t *sl, int need_uptime,
|
||||
int need_capacity, int need_guard,
|
||||
int need_desc, int pref_addr,
|
||||
int direct_conn);
|
||||
|
||||
const routerinfo_t *routerlist_find_my_routerinfo(void);
|
||||
uint32_t router_get_advertised_bandwidth(const routerinfo_t *router);
|
||||
|
|
|
@ -3863,144 +3863,6 @@ mock_config_line(const char *key, const char *val)
|
|||
return config_line;
|
||||
}
|
||||
|
||||
static void
|
||||
test_config_parse_port_config__listenaddress(void *data)
|
||||
{
|
||||
(void)data;
|
||||
int ret;
|
||||
config_line_t *config_listen_address = NULL, *config_listen_address2 = NULL,
|
||||
*config_listen_address3 = NULL;
|
||||
config_line_t *config_port1 = NULL, *config_port2 = NULL,
|
||||
*config_port3 = NULL, *config_port4 = NULL, *config_port5 = NULL;
|
||||
smartlist_t *slout = NULL;
|
||||
port_cfg_t *port_cfg = NULL;
|
||||
|
||||
// Test basic invocation with no arguments
|
||||
ret = parse_port_config(NULL, NULL, NULL, NULL, 0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Setup some test data
|
||||
config_listen_address = mock_config_line("DNSListenAddress", "127.0.0.1");
|
||||
config_listen_address2 = mock_config_line("DNSListenAddress", "x$$$:::345");
|
||||
config_listen_address3 = mock_config_line("DNSListenAddress",
|
||||
"127.0.0.1:1442");
|
||||
config_port1 = mock_config_line("DNSPort", "42");
|
||||
config_port2 = mock_config_line("DNSPort", "43");
|
||||
config_port1->next = config_port2;
|
||||
config_port3 = mock_config_line("DNSPort", "auto");
|
||||
config_port4 = mock_config_line("DNSPort", "55542");
|
||||
config_port5 = mock_config_line("DNSPort", "666777");
|
||||
|
||||
// Test failure when we have a ListenAddress line and several
|
||||
// Port lines for the same portname
|
||||
ret = parse_port_config(NULL, config_port1, config_listen_address, "DNS", 0,
|
||||
NULL, 0, 0);
|
||||
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test case when we have a listen address, no default port and allow
|
||||
// spurious listen address lines
|
||||
ret = parse_port_config(NULL, NULL, config_listen_address, "DNS", 0, NULL,
|
||||
0, CL_PORT_ALLOW_EXTRA_LISTENADDR);
|
||||
tt_int_op(ret, OP_EQ, 1);
|
||||
|
||||
// Test case when we have a listen address, no default port but doesn't
|
||||
// allow spurious listen address lines
|
||||
ret = parse_port_config(NULL, NULL, config_listen_address, "DNS", 0, NULL,
|
||||
0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test case when we have a listen address, and a port that points to auto,
|
||||
// should use the AUTO port
|
||||
slout = smartlist_new();
|
||||
ret = parse_port_config(slout, config_port3, config_listen_address, "DNS",
|
||||
0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
port_cfg = (port_cfg_t *)smartlist_get(slout, 0);
|
||||
tt_int_op(port_cfg->port, OP_EQ, CFG_AUTO_PORT);
|
||||
|
||||
// Test when we have a listen address and a custom port
|
||||
ret = parse_port_config(slout, config_port4, config_listen_address, "DNS",
|
||||
0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 2);
|
||||
port_cfg = (port_cfg_t *)smartlist_get(slout, 1);
|
||||
tt_int_op(port_cfg->port, OP_EQ, 55542);
|
||||
|
||||
// Test when we have a listen address and an invalid custom port
|
||||
ret = parse_port_config(slout, config_port5, config_listen_address, "DNS",
|
||||
0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test we get a server port configuration when asked for it
|
||||
ret = parse_port_config(slout, NULL, config_listen_address, "DNS", 0, NULL,
|
||||
123, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 4);
|
||||
port_cfg = (port_cfg_t *)smartlist_get(slout, 2);
|
||||
tt_int_op(port_cfg->port, OP_EQ, 123);
|
||||
tt_int_op(port_cfg->server_cfg.no_listen, OP_EQ, 1);
|
||||
tt_int_op(port_cfg->server_cfg.bind_ipv4_only, OP_EQ, 1);
|
||||
|
||||
// Test an invalid ListenAddress configuration
|
||||
ret = parse_port_config(NULL, NULL, config_listen_address2, "DNS", 0, NULL,
|
||||
222, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test default to the port in the listen address if available
|
||||
ret = parse_port_config(slout, config_port2, config_listen_address3, "DNS",
|
||||
0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 5);
|
||||
port_cfg = (port_cfg_t *)smartlist_get(slout, 4);
|
||||
tt_int_op(port_cfg->port, OP_EQ, 1442);
|
||||
|
||||
// Test we work correctly without an out, but with a listen address
|
||||
// and a port
|
||||
ret = parse_port_config(NULL, config_port2, config_listen_address, "DNS",
|
||||
0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test warning nonlocal control
|
||||
ret = parse_port_config(slout, config_port2, config_listen_address, "DNS",
|
||||
CONN_TYPE_CONTROL_LISTENER, NULL, 0,
|
||||
CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test warning nonlocal ext or listener
|
||||
ret = parse_port_config(slout, config_port2, config_listen_address, "DNS",
|
||||
CONN_TYPE_EXT_OR_LISTENER, NULL, 0,
|
||||
CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test warning nonlocal other
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, config_port2, config_listen_address, "DNS",
|
||||
0, NULL, 0, CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test warning nonlocal control without an out
|
||||
ret = parse_port_config(NULL, config_port2, config_listen_address, "DNS",
|
||||
CONN_TYPE_CONTROL_LISTENER, NULL, 0,
|
||||
CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
done:
|
||||
config_free_lines(config_listen_address);
|
||||
config_free_lines(config_listen_address2);
|
||||
config_free_lines(config_listen_address3);
|
||||
config_free_lines(config_port1);
|
||||
/* 2 was linked from 1. */
|
||||
config_free_lines(config_port3);
|
||||
config_free_lines(config_port4);
|
||||
config_free_lines(config_port5);
|
||||
if (slout)
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_free(slout);
|
||||
}
|
||||
|
||||
static void
|
||||
test_config_parse_port_config__ports__no_ports_given(void *data)
|
||||
{
|
||||
|
@ -4012,40 +3874,40 @@ test_config_parse_port_config__ports__no_ports_given(void *data)
|
|||
slout = smartlist_new();
|
||||
|
||||
// Test no defaultport, no defaultaddress and no out
|
||||
ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, NULL, 0, 0);
|
||||
ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test with defaultport, no defaultaddress and no out
|
||||
ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, NULL, 42, 0);
|
||||
ret = parse_port_config(NULL, NULL, "DNS", 0, NULL, 42, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test no defaultport, with defaultaddress and no out
|
||||
ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0);
|
||||
ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test with defaultport, with defaultaddress and no out
|
||||
ret = parse_port_config(NULL, NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0);
|
||||
ret = parse_port_config(NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test no defaultport, no defaultaddress and with out
|
||||
ret = parse_port_config(slout, NULL, NULL, "DNS", 0, NULL, 0, 0);
|
||||
ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 0);
|
||||
|
||||
// Test with defaultport, no defaultaddress and with out
|
||||
ret = parse_port_config(slout, NULL, NULL, "DNS", 0, NULL, 42, 0);
|
||||
ret = parse_port_config(slout, NULL, "DNS", 0, NULL, 42, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 0);
|
||||
|
||||
// Test no defaultport, with defaultaddress and with out
|
||||
ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "127.0.0.2", 0, 0);
|
||||
ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 0);
|
||||
|
||||
// Test with defaultport, with defaultaddress and out, adds a new port cfg
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "127.0.0.2", 42, 0);
|
||||
ret = parse_port_config(slout, NULL, "DNS", 0, "127.0.0.2", 42, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
port_cfg = (port_cfg_t *)smartlist_get(slout, 0);
|
||||
|
@ -4056,7 +3918,7 @@ test_config_parse_port_config__ports__no_ports_given(void *data)
|
|||
// for a unix address
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, NULL, NULL, "DNS", 0, "/foo/bar/unixdomain",
|
||||
ret = parse_port_config(slout, NULL, "DNS", 0, "/foo/bar/unixdomain",
|
||||
42, CL_PORT_IS_UNIXSOCKET);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4085,28 +3947,28 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
|
||||
// Test error when encounters an invalid Port specification
|
||||
config_port_invalid = mock_config_line("DNSPort", "");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL,
|
||||
0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test error when encounters an empty unix domain specification
|
||||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort", "unix:");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0, NULL,
|
||||
0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test error when encounters a unix domain specification but the listener
|
||||
// doesn't support domain sockets
|
||||
config_port_valid = mock_config_line("DNSPort", "unix:/tmp/foo/bar");
|
||||
ret = parse_port_config(NULL, config_port_valid, NULL, "DNS",
|
||||
ret = parse_port_config(NULL, config_port_valid, "DNS",
|
||||
CONN_TYPE_AP_DNS_LISTENER, NULL, 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test valid unix domain
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0, 0);
|
||||
#ifdef _WIN32
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4131,7 +3993,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
"unix:/tmp/foo/bar NoIPv4Traffic "
|
||||
"NoIPv6Traffic "
|
||||
"NoOnionTraffic");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "SOCKS",
|
||||
ret = parse_port_config(NULL, config_port_invalid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4140,7 +4002,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort",
|
||||
"127.0.0.1:80 NoDNSRequest");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS",
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS",
|
||||
CONN_TYPE_AP_DNS_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4153,7 +4015,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_valid = mock_config_line("DNSPort", "127.0.0.1:80 "
|
||||
"NoIPv6Traffic "
|
||||
"NoIPv4Traffic NoOnionTraffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS",
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS",
|
||||
CONN_TYPE_AP_DNS_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
@ -4169,7 +4031,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_invalid = mock_config_line("SOCKSPort",
|
||||
"NoIPv6Traffic "
|
||||
"unix:/tmp/foo/bar NoIPv4Traffic");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "SOCKS",
|
||||
ret = parse_port_config(NULL, config_port_invalid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4182,7 +4044,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar "
|
||||
"NoIPv6Traffic "
|
||||
"NoDNSRequest NoIPv4Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
#ifdef _WIN32
|
||||
|
@ -4204,7 +4066,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar\" "
|
||||
"NoIPv6Traffic "
|
||||
"NoDNSRequest NoIPv4Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
#ifdef _WIN32
|
||||
|
@ -4226,7 +4088,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_valid = mock_config_line("SOCKSPort", "unix:\"/tmp/foo/ bar "
|
||||
"NoIPv6Traffic "
|
||||
"NoDNSRequest NoIPv4Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4238,7 +4100,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_valid = mock_config_line("SOCKSPort", "unix:\"\" "
|
||||
"NoIPv6Traffic "
|
||||
"NoDNSRequest NoIPv4Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4249,7 +4111,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar "
|
||||
"OnionTrafficOnly");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
#ifdef _WIN32
|
||||
|
@ -4270,7 +4132,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar "
|
||||
"NoIPv4Traffic IPv6Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
#ifdef _WIN32
|
||||
|
@ -4289,7 +4151,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/foo/bar "
|
||||
"IPv4Traffic IPv6Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, NULL, 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
#ifdef _WIN32
|
||||
|
@ -4305,28 +4167,28 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
// Test failure if we specify world writable for an IP Port
|
||||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 WorldWritable");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test failure if we specify group writable for an IP Port
|
||||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 GroupWritable");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test failure if we specify group writable for an IP Port
|
||||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 RelaxDirModeCheck");
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test success with only a port (this will fail without a default address)
|
||||
config_free_lines(config_port_valid); config_port_valid = NULL;
|
||||
config_port_valid = mock_config_line("DNSPort", "42");
|
||||
ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
|
@ -4335,7 +4197,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IsolateDestPort");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4348,7 +4210,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 NoIsolateDestPorts");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4361,7 +4223,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IsolateDestAddr");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4374,7 +4236,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IsolateSOCKSAuth");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4387,7 +4249,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IsolateClientProtocol");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4400,7 +4262,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IsolateClientAddr");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4411,7 +4273,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
// Test success with ignored unknown options
|
||||
config_free_lines(config_port_valid); config_port_valid = NULL;
|
||||
config_port_valid = mock_config_line("DNSPort", "42 ThisOptionDoesntExist");
|
||||
ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
|
@ -4420,7 +4282,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 NoIsolateSOCKSAuth");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.3", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4433,7 +4295,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("SOCKSPort",
|
||||
"42 IPv6Traffic PreferIPv6");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, "127.0.0.42", 0,
|
||||
CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
@ -4446,7 +4308,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 CacheIPv4DNS");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4459,7 +4321,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 CacheIPv6DNS");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4472,7 +4334,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 NoCacheIPv4DNS");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4485,7 +4347,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 CacheDNS");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, CL_PORT_TAKES_HOSTNAMES);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4498,7 +4360,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 UseIPv4Cache");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4511,7 +4373,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 UseIPv6Cache");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4524,7 +4386,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 UseDNSCache");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4537,7 +4399,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 NoPreferIPv6Automap");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4549,7 +4411,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 PreferSOCKSNoAuth");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4564,14 +4426,14 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_port_invalid = mock_config_line("DNSPort", "0");
|
||||
config_port_valid = mock_config_line("DNSPort", "42");
|
||||
config_port_invalid->next = config_port_valid;
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.42", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
// Test success with warn non-local control
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "Control",
|
||||
ret = parse_port_config(slout, config_port_valid, "Control",
|
||||
CONN_TYPE_CONTROL_LISTENER, "127.0.0.42", 0,
|
||||
CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
@ -4579,7 +4441,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
// Test success with warn non-local listener
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "ExtOR",
|
||||
ret = parse_port_config(slout, config_port_valid, "ExtOR",
|
||||
CONN_TYPE_EXT_OR_LISTENER, "127.0.0.42", 0,
|
||||
CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
@ -4587,12 +4449,12 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
// Test success with warn non-local other
|
||||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
// Test success with warn non-local other without out
|
||||
ret = parse_port_config(NULL, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_valid, "DNS", 0,
|
||||
"127.0.0.42", 0, CL_PORT_WARN_NONLOCAL);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
|
||||
|
@ -4603,7 +4465,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 IPv4Traffic "
|
||||
"IPv6Traffic");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.44", 0,
|
||||
CL_PORT_TAKES_HOSTNAMES |
|
||||
CL_PORT_NO_STREAM_OPTIONS);
|
||||
|
@ -4618,7 +4480,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=invalid");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4630,7 +4492,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.44", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4640,7 +4502,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "42 SessionGroup=123 "
|
||||
"SessionGroup=321");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4649,7 +4511,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "42 SessionGroup=1111122");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.44", 0, CL_PORT_NO_STREAM_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4661,7 +4523,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "0");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 0);
|
||||
|
@ -4671,7 +4533,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "something");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.45", 0, CL_PORT_IS_UNIXSOCKET);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4684,7 +4546,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "auto");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4698,7 +4560,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "127.0.0.122:auto");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4711,7 +4573,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
config_free_lines(config_port_invalid); config_port_invalid = NULL;
|
||||
config_port_invalid = mock_config_line("DNSPort", "invalidstuff!!:auto");
|
||||
MOCK(tor_addr_lookup, mock_tor_addr_lookup__fail_on_bad_addrs);
|
||||
ret = parse_port_config(NULL, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(NULL, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
UNMOCK(tor_addr_lookup);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
@ -4721,7 +4583,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "127.0.0.123:656");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4735,7 +4597,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "something wrong");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4744,7 +4606,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "127.0.1.0:123:auto");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0,
|
||||
"127.0.0.46", 0, 0);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4754,7 +4616,7 @@ test_config_parse_port_config__ports__ports_given(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("SOCKSPort", "unix:/tmp/somewhere");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "SOCKS",
|
||||
ret = parse_port_config(slout, config_port_valid, "SOCKS",
|
||||
CONN_TYPE_AP_LISTENER, "127.0.0.46", 0,
|
||||
CL_PORT_DFLT_GROUP_WRITABLE);
|
||||
#ifdef _WIN32
|
||||
|
@ -4789,7 +4651,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
config_free_lines(config_port_valid); config_port_valid = NULL;
|
||||
config_port_valid = mock_config_line("DNSPort",
|
||||
"127.0.0.124:656 NoAdvertise");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0,
|
||||
CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4802,7 +4664,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0,
|
||||
CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4816,7 +4678,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 NoListen "
|
||||
"NoAdvertise");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL,
|
||||
0, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4825,7 +4687,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 IPv4Only");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0,
|
||||
CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4838,7 +4700,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "[::1]:656 IPv6Only");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0,
|
||||
CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4852,7 +4714,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "127.0.0.124:656 IPv6Only "
|
||||
"IPv4Only");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL,
|
||||
0, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4861,7 +4723,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_valid = mock_config_line("DNSPort", "127.0.0.124:656 unknown");
|
||||
ret = parse_port_config(slout, config_port_valid, NULL, "DNS", 0, NULL, 0,
|
||||
ret = parse_port_config(slout, config_port_valid, "DNS", 0, NULL, 0,
|
||||
CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
tt_int_op(smartlist_len(slout), OP_EQ, 1);
|
||||
|
@ -4872,7 +4734,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort",
|
||||
"127.0.0.124:656 IPv6Only");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL,
|
||||
0, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4881,7 +4743,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("DNSPort", "[::1]:656 IPv4Only");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "DNS", 0, NULL,
|
||||
ret = parse_port_config(slout, config_port_invalid, "DNS", 0, NULL,
|
||||
0, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4890,7 +4752,7 @@ test_config_parse_port_config__ports__server_options(void *data)
|
|||
SMARTLIST_FOREACH(slout,port_cfg_t *,pf,port_cfg_free(pf));
|
||||
smartlist_clear(slout);
|
||||
config_port_invalid = mock_config_line("ORPort", "unix:\"\"");
|
||||
ret = parse_port_config(slout, config_port_invalid, NULL, "ORPort", 0, NULL,
|
||||
ret = parse_port_config(slout, config_port_invalid, "ORPort", 0, NULL,
|
||||
0, CL_PORT_SERVER_OPTIONS);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
|
||||
|
@ -4951,7 +4813,6 @@ struct testcase_t config_tests[] = {
|
|||
CONFIG_TEST(fix_my_family, 0),
|
||||
CONFIG_TEST(directory_fetch, 0),
|
||||
CONFIG_TEST(port_cfg_line_extract_addrport, 0),
|
||||
CONFIG_TEST(parse_port_config__listenaddress, 0),
|
||||
CONFIG_TEST(parse_port_config__ports__no_ports_given, 0),
|
||||
CONFIG_TEST(parse_port_config__ports__server_options, 0),
|
||||
CONFIG_TEST(parse_port_config__ports__ports_given, 0),
|
||||
|
|
|
@ -469,7 +469,7 @@ test_options_validate__uname_for_server(void *ignored)
|
|||
(void)ignored;
|
||||
char *msg;
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"ORListenAddress 127.0.0.1:5555");
|
||||
"ORPort 127.0.0.1:5555");
|
||||
setup_capture_of_logs(LOG_WARN);
|
||||
|
||||
MOCK(get_uname, fixed_get_uname);
|
||||
|
@ -603,7 +603,7 @@ test_options_validate__contactinfo(void *ignored)
|
|||
int ret;
|
||||
char *msg;
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"ORListenAddress 127.0.0.1:5555\nORPort 955");
|
||||
"ORPort 127.0.0.1:5555");
|
||||
setup_capture_of_logs(LOG_DEBUG);
|
||||
tdata->opt->ContactInfo = NULL;
|
||||
|
||||
|
@ -616,7 +616,7 @@ test_options_validate__contactinfo(void *ignored)
|
|||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("ORListenAddress 127.0.0.1:5555\nORPort 955\n"
|
||||
tdata = get_options_test_data("ORPort 127.0.0.1:5555\n"
|
||||
"ContactInfo hella@example.org");
|
||||
mock_clean_saved_logs();
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
|
@ -1024,8 +1024,7 @@ test_options_validate__relay_with_hidden_services(void *ignored)
|
|||
char *msg;
|
||||
setup_capture_of_logs(LOG_DEBUG);
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"HiddenServiceDir "
|
||||
"/Library/Tor/var/lib/tor/hidden_service/\n"
|
||||
"HiddenServicePort 80 127.0.0.1:8080\n"
|
||||
|
@ -1095,7 +1094,7 @@ test_options_validate__transproxy(void *ignored)
|
|||
#else
|
||||
tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_PF_DIVERT);
|
||||
tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without "
|
||||
"any valid TransPort or TransListenAddress.");
|
||||
"any valid TransPort.");
|
||||
#endif
|
||||
tor_free(msg);
|
||||
|
||||
|
@ -1110,7 +1109,7 @@ test_options_validate__transproxy(void *ignored)
|
|||
#else
|
||||
tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_TPROXY);
|
||||
tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid "
|
||||
"TransPort or TransListenAddress.");
|
||||
"TransPort.");
|
||||
#endif
|
||||
tor_free(msg);
|
||||
|
||||
|
@ -1126,7 +1125,7 @@ test_options_validate__transproxy(void *ignored)
|
|||
#else
|
||||
tt_int_op(tdata->opt->TransProxyType_parsed, OP_EQ, TPT_IPFW);
|
||||
tt_str_op(msg, OP_EQ, "Cannot use TransProxyType without any valid "
|
||||
"TransPort or TransListenAddress.");
|
||||
"TransPort.");
|
||||
#endif
|
||||
tor_free(msg);
|
||||
|
||||
|
@ -1184,8 +1183,7 @@ test_options_validate__transproxy(void *ignored)
|
|||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
tt_str_op(msg, OP_EQ, "TransPort and TransListenAddress are disabled in "
|
||||
"this build.");
|
||||
tt_str_op(msg, OP_EQ, "TransPort is disabled in this build.");
|
||||
tor_free(msg);
|
||||
#endif
|
||||
|
||||
|
@ -1379,54 +1377,6 @@ test_options_validate__node_families(void *ignored)
|
|||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__tlsec(void *ignored)
|
||||
{
|
||||
(void)ignored;
|
||||
int ret;
|
||||
char *msg;
|
||||
setup_capture_of_logs(LOG_DEBUG);
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"TLSECGroup ed25519\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
expect_log_msg("Unrecognized TLSECGroup: Falling back to the default.\n");
|
||||
tt_assert(!tdata->opt->TLSECGroup);
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("TLSECGroup P224\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
mock_clean_saved_logs();
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
expect_no_log_msg(
|
||||
"Unrecognized TLSECGroup: Falling back to the default.\n");
|
||||
tt_assert(tdata->opt->TLSECGroup);
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("TLSECGroup P256\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
mock_clean_saved_logs();
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
expect_no_log_msg(
|
||||
"Unrecognized TLSECGroup: Falling back to the default.\n");
|
||||
tt_assert(tdata->opt->TLSECGroup);
|
||||
tor_free(msg);
|
||||
|
||||
done:
|
||||
teardown_capture_of_logs();
|
||||
free_options_test_data(tdata);
|
||||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__token_bucket(void *ignored)
|
||||
{
|
||||
|
@ -1809,8 +1759,7 @@ test_options_validate__reachable_addresses(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("ReachableAddresses *:82\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
|
@ -1823,8 +1772,7 @@ test_options_validate__reachable_addresses(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("ReachableORAddresses *:82\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
|
@ -1837,8 +1785,7 @@ test_options_validate__reachable_addresses(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("ReachableDirAddresses *:82\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
|
@ -1851,8 +1798,7 @@ test_options_validate__reachable_addresses(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("ClientUseIPv4 0\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
|
@ -1952,8 +1898,7 @@ test_options_validate__use_bridges(void *ignored)
|
|||
options_test_data_t *tdata = get_options_test_data(
|
||||
"UseBridges 1\n"
|
||||
"ClientUseIPv4 1\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
|
@ -2074,56 +2019,6 @@ test_options_validate__entry_nodes(void *ignored)
|
|||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__invalid_nodes(void *ignored)
|
||||
{
|
||||
(void)ignored;
|
||||
int ret;
|
||||
char *msg;
|
||||
options_test_data_t *tdata = get_options_test_data(
|
||||
"AllowInvalidNodes something_stupid\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
tt_str_op(msg, OP_EQ,
|
||||
"Unrecognized value 'something_stupid' in AllowInvalidNodes");
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("AllowInvalidNodes entry, middle, exit\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
tt_int_op(tdata->opt->AllowInvalid_, OP_EQ, ALLOW_INVALID_ENTRY |
|
||||
ALLOW_INVALID_EXIT | ALLOW_INVALID_MIDDLE);
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data("AllowInvalidNodes introduction, rendezvous\n"
|
||||
"MaxClientCircuitsPending 1\n"
|
||||
"ConnLimit 1\n"
|
||||
"SchedulerHighWaterMark__ 42\n"
|
||||
"SchedulerLowWaterMark__ 10\n");
|
||||
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, -1);
|
||||
tt_int_op(tdata->opt->AllowInvalid_, OP_EQ, ALLOW_INVALID_INTRODUCTION |
|
||||
ALLOW_INVALID_RENDEZVOUS);
|
||||
tor_free(msg);
|
||||
|
||||
done:
|
||||
free_options_test_data(tdata);
|
||||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__safe_logging(void *ignored)
|
||||
{
|
||||
|
@ -2539,8 +2434,7 @@ test_options_validate__bandwidth(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 1\n"
|
||||
);
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
|
@ -2551,8 +2445,7 @@ test_options_validate__bandwidth(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76800\n"
|
||||
"MaxAdvertisedBandwidth 30000\n"
|
||||
);
|
||||
|
@ -2564,8 +2457,7 @@ test_options_validate__bandwidth(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76800\n"
|
||||
"RelayBandwidthRate 1\n"
|
||||
"MaxAdvertisedBandwidth 38400\n"
|
||||
|
@ -2578,8 +2470,7 @@ test_options_validate__bandwidth(void *ignored)
|
|||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76800\n"
|
||||
"BandwidthBurst 76800\n"
|
||||
"RelayBandwidthRate 76800\n"
|
||||
|
@ -3017,8 +2908,7 @@ test_options_validate__accounting(void *ignored)
|
|||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(
|
||||
TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76800\n"
|
||||
"BandwidthBurst 76800\n"
|
||||
"MaxAdvertisedBandwidth 38400\n"
|
||||
|
@ -3652,8 +3542,7 @@ test_options_validate__families(void *ignored)
|
|||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"MyFamily home\n"
|
||||
"BridgeRelay 1\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 51300\n"
|
||||
"BandwidthBurst 51300\n"
|
||||
"MaxAdvertisedBandwidth 25700\n"
|
||||
|
@ -3882,8 +3771,7 @@ test_options_validate__transport(void *ignored)
|
|||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ServerTransportPlugin foo exec bar\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76900\n"
|
||||
"BandwidthBurst 76900\n"
|
||||
"MaxAdvertisedBandwidth 38500\n"
|
||||
|
@ -3925,8 +3813,7 @@ test_options_validate__transport(void *ignored)
|
|||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"ServerTransportListenAddr foo 127.0.0.42:55\n"
|
||||
"ServerTransportPlugin foo exec bar\n"
|
||||
"ORListenAddress 127.0.0.1:5555\n"
|
||||
"ORPort 955\n"
|
||||
"ORPort 127.0.0.1:5555\n"
|
||||
"BandwidthRate 76900\n"
|
||||
"BandwidthBurst 76900\n"
|
||||
"MaxAdvertisedBandwidth 38500\n"
|
||||
|
@ -4282,48 +4169,6 @@ test_options_validate__virtual_addr(void *ignored)
|
|||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__exits(void *ignored)
|
||||
{
|
||||
(void)ignored;
|
||||
int ret;
|
||||
char *msg;
|
||||
options_test_data_t *tdata = NULL;
|
||||
setup_capture_of_logs(LOG_WARN);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"AllowSingleHopExits 1"
|
||||
);
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
expect_log_msg("You have set AllowSingleHopExits; "
|
||||
"now your relay will allow others to make one-hop exits. However,"
|
||||
" since by default most clients avoid relays that set this option,"
|
||||
" most clients will ignore you.\n");
|
||||
tor_free(msg);
|
||||
|
||||
free_options_test_data(tdata);
|
||||
tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
|
||||
"AllowSingleHopExits 1\n"
|
||||
VALID_DIR_AUTH
|
||||
);
|
||||
mock_clean_saved_logs();
|
||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||
tt_int_op(ret, OP_EQ, 0);
|
||||
expect_no_log_msg("You have set AllowSingleHopExits; "
|
||||
"now your relay will allow others to make one-hop exits. However,"
|
||||
" since by default most clients avoid relays that set this option,"
|
||||
" most clients will ignore you.\n");
|
||||
tor_free(msg);
|
||||
|
||||
done:
|
||||
policies_free_all();
|
||||
teardown_capture_of_logs();
|
||||
free_options_test_data(tdata);
|
||||
tor_free(msg);
|
||||
}
|
||||
|
||||
static void
|
||||
test_options_validate__testing_options(void *ignored)
|
||||
{
|
||||
|
@ -4562,7 +4407,6 @@ struct testcase_t options_tests[] = {
|
|||
LOCAL_VALIDATE_TEST(exclude_nodes),
|
||||
LOCAL_VALIDATE_TEST(scheduler),
|
||||
LOCAL_VALIDATE_TEST(node_families),
|
||||
LOCAL_VALIDATE_TEST(tlsec),
|
||||
LOCAL_VALIDATE_TEST(token_bucket),
|
||||
LOCAL_VALIDATE_TEST(recommended_packages),
|
||||
LOCAL_VALIDATE_TEST(fetch_dir),
|
||||
|
@ -4573,7 +4417,6 @@ struct testcase_t options_tests[] = {
|
|||
LOCAL_VALIDATE_TEST(reachable_addresses),
|
||||
LOCAL_VALIDATE_TEST(use_bridges),
|
||||
LOCAL_VALIDATE_TEST(entry_nodes),
|
||||
LOCAL_VALIDATE_TEST(invalid_nodes),
|
||||
LOCAL_VALIDATE_TEST(safe_logging),
|
||||
LOCAL_VALIDATE_TEST(publish_server_descriptor),
|
||||
LOCAL_VALIDATE_TEST(testing),
|
||||
|
@ -4595,7 +4438,6 @@ struct testcase_t options_tests[] = {
|
|||
LOCAL_VALIDATE_TEST(constrained_sockets),
|
||||
LOCAL_VALIDATE_TEST(v3_auth),
|
||||
LOCAL_VALIDATE_TEST(virtual_addr),
|
||||
LOCAL_VALIDATE_TEST(exits),
|
||||
LOCAL_VALIDATE_TEST(testing_options),
|
||||
LOCAL_VALIDATE_TEST(accel),
|
||||
END_OF_TESTCASES /* */
|
||||
|
|
Loading…
Reference in New Issue