[tor-commits] [tor/master] Stop ignoring misconfigured hidden services
nickm at torproject.org
nickm at torproject.org
Fri Dec 2 12:47:56 UTC 2016
commit b917b3875e1cf19ec5b9c733afbfb1a48dead086
Author: teor <teor2345 at gmail.com>
Date: Fri Nov 4 16:37:57 2016 +1100
Stop ignoring misconfigured hidden services
Instead, refuse to start tor until the misconfigurations have been corrected.
Fixes bug 20559; bugfix on multiple commits in 0.2.7.1-alpha and earlier.
---
changes/bug20559 | 4 ++++
src/or/rendservice.c | 28 +++++++++++++---------------
2 files changed, 17 insertions(+), 15 deletions(-)
diff --git a/changes/bug20559 b/changes/bug20559
new file mode 100644
index 0000000..f117162
--- /dev/null
+++ b/changes/bug20559
@@ -0,0 +1,4 @@
+ o Minor bugfixes (hidden services):
+ - Stop ignoring misconfigured hidden services. Instead, refuse to start
+ tor until the misconfigurations have been corrected.
+ Fixes bug 20559; bugfix on multiple commits in 0.2.7.1-alpha and earlier.
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 5f13b6a..457c2a0 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -286,7 +286,7 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service)
if (service->max_streams_per_circuit < 0) {
log_warn(LD_CONFIG, "Hidden service (%s) configured with negative max "
- "streams per circuit; ignoring.",
+ "streams per circuit.",
rend_service_escaped_dir(service));
rend_service_free(service);
return -1;
@@ -295,7 +295,7 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service)
if (service->max_streams_close_circuit < 0 ||
service->max_streams_close_circuit > 1) {
log_warn(LD_CONFIG, "Hidden service (%s) configured with invalid "
- "max streams handling; ignoring.",
+ "max streams handling.",
rend_service_escaped_dir(service));
rend_service_free(service);
return -1;
@@ -305,15 +305,14 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service)
(!service->clients ||
smartlist_len(service->clients) == 0)) {
log_warn(LD_CONFIG, "Hidden service (%s) with client authorization but no "
- "clients; ignoring.",
+ "clients.",
rend_service_escaped_dir(service));
rend_service_free(service);
return -1;
}
if (!service->ports || !smartlist_len(service->ports)) {
- log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured; "
- "ignoring.",
+ log_warn(LD_CONFIG, "Hidden service (%s) with no ports configured.",
rend_service_escaped_dir(service));
rend_service_free(service);
return -1;
@@ -341,13 +340,12 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service)
!strcmp(ptr->directory, service->directory));
if (dupe) {
log_warn(LD_REND, "Another hidden service is already configured for "
- "directory %s, ignoring.",
+ "directory %s.",
rend_service_escaped_dir(service));
rend_service_free(service);
return -1;
}
}
- smartlist_add(s_list, service);
log_debug(LD_REND,"Configuring service with directory %s",
rend_service_escaped_dir(service));
for (i = 0; i < smartlist_len(service->ports); ++i) {
@@ -363,14 +361,16 @@ rend_add_service(smartlist_t *service_list, rend_service_t *service)
"Service maps port %d to socket at \"%s\"",
p->virtual_port, p->unix_addr);
#else
- log_debug(LD_REND,
- "Service maps port %d to an AF_UNIX socket, but we "
- "have no AF_UNIX support on this platform. This is "
- "probably a bug.",
- p->virtual_port);
+ log_warn(LD_BUG,
+ "Service maps port %d to an AF_UNIX socket, but we "
+ "have no AF_UNIX support on this platform. This is "
+ "probably a bug.",
+ p->virtual_port);
+ return -1;
#endif /* defined(HAVE_SYS_UN_H) */
}
}
+ smartlist_add(s_list, service);
return 0;
}
/* NOTREACHED */
@@ -538,9 +538,7 @@ rend_service_check_dir_and_add(smartlist_t *service_list,
if (BUG(!s_list)) {
return -1;
}
- /* Ignore service failures until 030 */
- rend_add_service(s_list, service);
- return 0;
+ return rend_add_service(s_list, service);
}
}
More information about the tor-commits
mailing list