[tor-commits] [tor/master] config: Remove AllowSingleHopExits option

nickm at torproject.org nickm at torproject.org
Tue May 9 14:42:11 UTC 2017


commit d52a1e2faaf0edf8f5899c6fa9864d0cecebf692
Author: David Goulet <dgoulet at torproject.org>
Date:   Tue Apr 25 13:44:06 2017 -0400

    config: Remove AllowSingleHopExits option
    
    Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
    up the code associated with it.
    
    Partially fixes #22060
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 changes/bug22060         |  2 ++
 doc/tor.1.txt            |  7 -------
 src/or/config.c          | 11 +----------
 src/or/connection_edge.c | 12 +++++-------
 src/or/or.h              |  5 +----
 src/or/router.c          |  5 ++---
 src/test/test_options.c  | 43 -------------------------------------------
 7 files changed, 11 insertions(+), 74 deletions(-)

diff --git a/changes/bug22060 b/changes/bug22060
index 19c8d2c..caf624d 100644
--- a/changes/bug22060
+++ b/changes/bug22060
@@ -3,3 +3,5 @@
       rendered obsolete. Code has been removed and feature no longer exists.
     - AllowSingleHopCircuits was deprecated in 0.2.9.2-alpha and now has been
       rendered obsolete. Code has been removed and feature no longer exists.
+    - AllowSingleHopExits was deprecated in 0.2.9.2-alpha and now has been
+      rendered obsolete. Code has been removed and feature no longer exists.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 3088c9b..e2e4808 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1660,13 +1660,6 @@ is non-zero):
     Tor client binds to.  To bind to a different address, use the
     *ListenAddress and OutboundBindAddress options.
 
-[[AllowSingleHopExits]] **AllowSingleHopExits** **0**|**1**::
-    This option controls whether clients can use this server as a single hop
-    proxy. If set to 1, clients can use this server as an exit even if it is
-    the only hop in the circuit.  Note that most clients will refuse to use
-    servers that set this option, since most clients have
-    ExcludeSingleHopRelays set.  (Default: 0)
-
 [[AssumeReachable]] **AssumeReachable** **0**|**1**::
     This option is used when bootstrapping a new Tor network. If set to 1,
     don't do self-reachability testing; just upload your server descriptor
diff --git a/src/or/config.c b/src/or/config.c
index 3621b8e..9b3570b 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -208,7 +208,7 @@ static config_var_t option_vars_[] = {
   OBSOLETE("AllowInvalidNodes"),
   V(AllowNonRFC953Hostnames,     BOOL,     "0"),
   OBSOLETE("AllowSingleHopCircuits"),
-  V(AllowSingleHopExits,         BOOL,     "0"),
+  OBSOLETE("AllowSingleHopExits"),
   V(AlternateBridgeAuthority,    LINELIST, NULL),
   V(AlternateDirAuthority,       LINELIST, NULL),
   OBSOLETE("AlternateHSAuthority"),
@@ -662,8 +662,6 @@ static const config_deprecation_t option_deprecation_notes_[] = {
   /* Deprecated since 0.2.9.2-alpha... */
   { "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
     "a wide variety of application-level attacks." },
-  { "AllowSingleHopExits", "Turning this on will make your relay easier "
-    "to abuse." },
   { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
     "easier to fingerprint, and may open you to esoteric attacks." },
   { "ExcludeSingleHopRelays", "Turning it on makes your client easier to "
@@ -4056,13 +4054,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
            "AlternateDirAuthority and AlternateBridgeAuthority configured.");
   }
 
-  if (options->AllowSingleHopExits && !options->DirAuthorities) {
-    COMPLAIN("You have set AllowSingleHopExits; now your relay will allow "
-             "others to make one-hop exits. However, since by default most "
-             "clients avoid relays that set this option, most clients will "
-             "ignore you.");
-  }
-
 #define CHECK_DEFAULT(arg)                                              \
   STMT_BEGIN                                                            \
     if (!options->TestingTorNetwork &&                                  \
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 2c60d8d..8f5d343 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -3133,15 +3133,13 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
     port = bcell.port;
 
     if (or_circ && or_circ->p_chan) {
-      if (!options->AllowSingleHopExits &&
-           (or_circ->is_first_hop ||
-            (!connection_or_digest_is_known_relay(
+      if ((or_circ->is_first_hop ||
+           (!connection_or_digest_is_known_relay(
                 or_circ->p_chan->identity_digest) &&
           should_refuse_unknown_exits(options)))) {
-        /* Don't let clients use us as a single-hop proxy, unless the user
-         * has explicitly allowed that in the config. It attracts attackers
-         * and users who'd be better off with, well, single-hop proxies.
-         */
+        /* Don't let clients use us as a single-hop proxy. It attracts
+         * attackers and users who'd be better off with, well, single-hop
+         * proxies. */
         log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
                "Attempt by %s to open a stream %s. Closing.",
                safe_str(channel_get_canonical_remote_descr(or_circ->p_chan)),
diff --git a/src/or/or.h b/src/or/or.h
index 4381459..3670078 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4114,10 +4114,7 @@ typedef struct {
    * if we are a cache).  For authorities, this is always true. */
   int DownloadExtraInfo;
 
-  /** If true, and we are acting as a relay, allow exit circuits even when
-   * we are the first hop of a circuit. */
-  int AllowSingleHopExits;
-  /** If true, don't allow relays with AllowSingleHopExits=1 to be used in
+  /** If true, don't allow relays with allow-single-hop-exits to be used in
    * circuits that we build. */
   int ExcludeSingleHopRelays;
 
diff --git a/src/or/router.c b/src/or/router.c
index 7fb49e8..ca86c33 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -2932,7 +2932,7 @@ router_dump_router_to_string(routerinfo_t *router,
                     "onion-key\n%s"
                     "signing-key\n%s"
                     "%s%s"
-                    "%s%s%s%s",
+                    "%s%s%s",
     router->nickname,
     address,
     router->or_port,
@@ -2955,8 +2955,7 @@ router_dump_router_to_string(routerinfo_t *router,
     ntor_cc_line ? ntor_cc_line : "",
     family_line,
     we_are_hibernating() ? "hibernating 1\n" : "",
-    "hidden-service-dir\n",
-    options->AllowSingleHopExits ? "allow-single-hop-exits\n" : "");
+    "hidden-service-dir\n");
 
   if (options->ContactInfo && strlen(options->ContactInfo)) {
     const char *ci = options->ContactInfo;
diff --git a/src/test/test_options.c b/src/test/test_options.c
index 43aa907..2a7dfbd 100644
--- a/src/test/test_options.c
+++ b/src/test/test_options.c
@@ -4190,48 +4190,6 @@ test_options_validate__virtual_addr(void *ignored)
 }
 
 static void
-test_options_validate__exits(void *ignored)
-{
-  (void)ignored;
-  int ret;
-  char *msg;
-  options_test_data_t *tdata = NULL;
-  setup_capture_of_logs(LOG_WARN);
-
-  free_options_test_data(tdata);
-  tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
-                                "AllowSingleHopExits 1"
-                                );
-  ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
-  tt_int_op(ret, OP_EQ, 0);
-  expect_log_msg("You have set AllowSingleHopExits; "
-            "now your relay will allow others to make one-hop exits. However,"
-            " since by default most clients avoid relays that set this option,"
-            " most clients will ignore you.\n");
-  tor_free(msg);
-
-  free_options_test_data(tdata);
-  tdata = get_options_test_data(TEST_OPTIONS_DEFAULT_VALUES
-                                "AllowSingleHopExits 1\n"
-                                VALID_DIR_AUTH
-                                );
-  mock_clean_saved_logs();
-  ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
-  tt_int_op(ret, OP_EQ, 0);
-  expect_no_log_msg("You have set AllowSingleHopExits; "
-            "now your relay will allow others to make one-hop exits. However,"
-            " since by default most clients avoid relays that set this option,"
-            " most clients will ignore you.\n");
-  tor_free(msg);
-
- done:
-  policies_free_all();
-  teardown_capture_of_logs();
-  free_options_test_data(tdata);
-  tor_free(msg);
-}
-
-static void
 test_options_validate__testing_options(void *ignored)
 {
   (void)ignored;
@@ -4502,7 +4460,6 @@ struct testcase_t options_tests[] = {
   LOCAL_VALIDATE_TEST(constrained_sockets),
   LOCAL_VALIDATE_TEST(v3_auth),
   LOCAL_VALIDATE_TEST(virtual_addr),
-  LOCAL_VALIDATE_TEST(exits),
   LOCAL_VALIDATE_TEST(testing_options),
   LOCAL_VALIDATE_TEST(accel),
   END_OF_TESTCASES              /*  */





More information about the tor-commits mailing list