commit d52a1e2faaf0edf8f5899c6fa9864d0cecebf692 Author: David Goulet dgoulet@torproject.org Date: Tue Apr 25 13:44:06 2017 -0400
config: Remove AllowSingleHopExits option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans up the code associated with it.
Partially fixes #22060
Signed-off-by: David Goulet dgoulet@torproject.org --- changes/bug22060 | 2 ++ doc/tor.1.txt | 7 ------- src/or/config.c | 11 +---------- src/or/connection_edge.c | 12 +++++------- src/or/or.h | 5 +---- src/or/router.c | 5 ++--- src/test/test_options.c | 43 ------------------------------------------- 7 files changed, 11 insertions(+), 74 deletions(-)
diff --git a/changes/bug22060 b/changes/bug22060 index 19c8d2c..caf624d 100644 --- a/changes/bug22060 +++ b/changes/bug22060 @@ -3,3 +3,5 @@ rendered obsolete. Code has been removed and feature no longer exists. - AllowSingleHopCircuits was deprecated in 0.2.9.2-alpha and now has been rendered obsolete. Code has been removed and feature no longer exists. + - AllowSingleHopExits was deprecated in 0.2.9.2-alpha and now has been + rendered obsolete. Code has been removed and feature no longer exists. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 3088c9b..e2e4808 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1660,13 +1660,6 @@ is non-zero): Tor client binds to. To bind to a different address, use the *ListenAddress and OutboundBindAddress options.
-[[AllowSingleHopExits]] **AllowSingleHopExits** **0**|**1**:: - This option controls whether clients can use this server as a single hop - proxy. If set to 1, clients can use this server as an exit even if it is - the only hop in the circuit. Note that most clients will refuse to use - servers that set this option, since most clients have - ExcludeSingleHopRelays set. (Default: 0) - [[AssumeReachable]] **AssumeReachable** **0**|**1**:: This option is used when bootstrapping a new Tor network. If set to 1, don't do self-reachability testing; just upload your server descriptor diff --git a/src/or/config.c b/src/or/config.c index 3621b8e..9b3570b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -208,7 +208,7 @@ static config_var_t option_vars_[] = { OBSOLETE("AllowInvalidNodes"), V(AllowNonRFC953Hostnames, BOOL, "0"), OBSOLETE("AllowSingleHopCircuits"), - V(AllowSingleHopExits, BOOL, "0"), + OBSOLETE("AllowSingleHopExits"), V(AlternateBridgeAuthority, LINELIST, NULL), V(AlternateDirAuthority, LINELIST, NULL), OBSOLETE("AlternateHSAuthority"), @@ -662,8 +662,6 @@ static const config_deprecation_t option_deprecation_notes_[] = { /* Deprecated since 0.2.9.2-alpha... */ { "AllowDotExit", "Unrestricted use of the .exit notation can be used for " "a wide variety of application-level attacks." }, - { "AllowSingleHopExits", "Turning this on will make your relay easier " - "to abuse." }, { "ClientDNSRejectInternalAddresses", "Turning this on makes your client " "easier to fingerprint, and may open you to esoteric attacks." }, { "ExcludeSingleHopRelays", "Turning it on makes your client easier to " @@ -4056,13 +4054,6 @@ options_validate(or_options_t *old_options, or_options_t *options, "AlternateDirAuthority and AlternateBridgeAuthority configured."); }
- if (options->AllowSingleHopExits && !options->DirAuthorities) { - COMPLAIN("You have set AllowSingleHopExits; now your relay will allow " - "others to make one-hop exits. However, since by default most " - "clients avoid relays that set this option, most clients will " - "ignore you."); - } - #define CHECK_DEFAULT(arg) \ STMT_BEGIN \ if (!options->TestingTorNetwork && \ diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 2c60d8d..8f5d343 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -3133,15 +3133,13 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) port = bcell.port;
if (or_circ && or_circ->p_chan) { - if (!options->AllowSingleHopExits && - (or_circ->is_first_hop || - (!connection_or_digest_is_known_relay( + if ((or_circ->is_first_hop || + (!connection_or_digest_is_known_relay( or_circ->p_chan->identity_digest) && should_refuse_unknown_exits(options)))) { - /* Don't let clients use us as a single-hop proxy, unless the user - * has explicitly allowed that in the config. It attracts attackers - * and users who'd be better off with, well, single-hop proxies. - */ + /* Don't let clients use us as a single-hop proxy. It attracts + * attackers and users who'd be better off with, well, single-hop + * proxies. */ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Attempt by %s to open a stream %s. Closing.", safe_str(channel_get_canonical_remote_descr(or_circ->p_chan)), diff --git a/src/or/or.h b/src/or/or.h index 4381459..3670078 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4114,10 +4114,7 @@ typedef struct { * if we are a cache). For authorities, this is always true. */ int DownloadExtraInfo;
- /** If true, and we are acting as a relay, allow exit circuits even when - * we are the first hop of a circuit. */ - int AllowSingleHopExits; - /** If true, don't allow relays with AllowSingleHopExits=1 to be used in + /** If true, don't allow relays with allow-single-hop-exits to be used in * circuits that we build. */ int ExcludeSingleHopRelays;
diff --git a/src/or/router.c b/src/or/router.c index 7fb49e8..ca86c33 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2932,7 +2932,7 @@ router_dump_router_to_string(routerinfo_t *router, "onion-key\n%s" "signing-key\n%s" "%s%s" - "%s%s%s%s", + "%s%s%s", router->nickname, address, router->or_port, @@ -2955,8 +2955,7 @@ router_dump_router_to_string(routerinfo_t *router, ntor_cc_line ? ntor_cc_line : "", family_line, we_are_hibernating() ? "hibernating 1\n" : "", - "hidden-service-dir\n", - options->AllowSingleHopExits ? "allow-single-hop-exits\n" : ""); + "hidden-service-dir\n");
if (options->ContactInfo && strlen(options->ContactInfo)) { const char *ci = options->ContactInfo; diff --git a/src/test/test_options.c b/src/test/test_options.c index 43aa907..2a7dfbd 100644 --- a/src/test/test_options.c +++ b/src/test/test_options.c @@ -4190,48 +4190,6 @@ test_options_validate__virtual_addr(void *ignored) }
static void -test_options_validate__exits(void *ignored) -{ - (void)ignored; - int ret; - char *msg; - options_test_data_t *tdata = NULL; - setup_capture_of_logs(LOG_WARN); - - free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AllowSingleHopExits 1" - ); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_log_msg("You have set AllowSingleHopExits; " - "now your relay will allow others to make one-hop exits. However," - " since by default most clients avoid relays that set this option," - " most clients will ignore you.\n"); - tor_free(msg); - - free_options_test_data(tdata); - tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES - "AllowSingleHopExits 1\n" - VALID_DIR_AUTH - ); - mock_clean_saved_logs(); - ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg); - tt_int_op(ret, OP_EQ, 0); - expect_no_log_msg("You have set AllowSingleHopExits; " - "now your relay will allow others to make one-hop exits. However," - " since by default most clients avoid relays that set this option," - " most clients will ignore you.\n"); - tor_free(msg); - - done: - policies_free_all(); - teardown_capture_of_logs(); - free_options_test_data(tdata); - tor_free(msg); -} - -static void test_options_validate__testing_options(void *ignored) { (void)ignored; @@ -4502,7 +4460,6 @@ struct testcase_t options_tests[] = { LOCAL_VALIDATE_TEST(constrained_sockets), LOCAL_VALIDATE_TEST(v3_auth), LOCAL_VALIDATE_TEST(virtual_addr), - LOCAL_VALIDATE_TEST(exits), LOCAL_VALIDATE_TEST(testing_options), LOCAL_VALIDATE_TEST(accel), END_OF_TESTCASES /* */