[tor-commits] [tor/master] Move AuthDirPinKeys to dirauth module.
nickm at torproject.org
nickm at torproject.org
Fri Jan 17 13:37:45 UTC 2020
commit 99874ecc1de43756bc5ba7f92ef8073e5d5b3c72
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Dec 19 09:27:35 2019 -0500
Move AuthDirPinKeys to dirauth module.
---
src/app/config/config.c | 1 -
src/app/config/or_options_st.h | 2 --
src/feature/dirauth/dirauth_options.inc | 3 +++
src/feature/dirauth/process_descs.c | 6 ++++--
4 files changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 815cd76e8..02ab2f2f8 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -329,7 +329,6 @@ static const config_var_t option_vars_[] = {
V(AuthDirBadExitCCs, CSV, ""),
V(AuthDirInvalid, LINELIST, NULL),
V(AuthDirInvalidCCs, CSV, ""),
- V(AuthDirPinKeys, BOOL, "1"),
V(AuthDirReject, LINELIST, NULL),
V(AuthDirRejectCCs, CSV, ""),
OBSOLETE("AuthDirRejectUnlisted"),
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 45175e7c2..b55c364c2 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -457,8 +457,6 @@ struct or_options_t {
struct smartlist_t *AuthDirRejectCCs;
/**@}*/
- int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */
-
char *AccountingStart; /**< How long is the accounting interval, and when
* does it start? */
uint64_t AccountingMax; /**< How many bytes do we allow per accounting
diff --git a/src/feature/dirauth/dirauth_options.inc b/src/feature/dirauth/dirauth_options.inc
index af3a22c8f..dddb53898 100644
--- a/src/feature/dirauth/dirauth_options.inc
+++ b/src/feature/dirauth/dirauth_options.inc
@@ -30,6 +30,9 @@ CONF_VAR(AuthDirListBadExits, BOOL, 0, "0")
/** Do not permit more than this number of servers per IP address. */
CONF_VAR(AuthDirMaxServersPerAddr, POSINT, 0, "2")
+/** Boolean: Do we enforce key-pinning? */
+CONF_VAR(AuthDirPinKeys, BOOL, 0, "1")
+
/** Which versions of tor should we tell users to run? */
CONF_VAR(RecommendedVersions, LINELIST, 0, NULL)
diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c
index 8dae4e933..207aae379 100644
--- a/src/feature/dirauth/process_descs.c
+++ b/src/feature/dirauth/process_descs.c
@@ -18,6 +18,7 @@
#include "app/config/config.h"
#include "core/or/policies.h"
#include "core/or/versions.h"
+#include "feature/dirauth/dirauth_sys.h"
#include "feature/dirauth/keypin.h"
#include "feature/dirauth/reachability.h"
#include "feature/dirclient/dlstatus.h"
@@ -32,6 +33,7 @@
#include "feature/relay/router.h"
#include "core/or/tor_version_st.h"
+#include "feature/dirauth/dirauth_options_st.h"
#include "feature/nodelist/extrainfo_st.h"
#include "feature/nodelist/node_st.h"
#include "feature/nodelist/routerinfo_st.h"
@@ -232,7 +234,7 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg,
int severity)
{
char d[DIGEST_LEN];
- const int key_pinning = get_options()->AuthDirPinKeys;
+ const int key_pinning = dirauth_get_options()->AuthDirPinKeys;
if (crypto_pk_get_digest(router->identity_pkey, d)) {
log_warn(LD_BUG,"Error computing fingerprint");
@@ -666,7 +668,7 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
char *desc, *nickname;
const size_t desclen = ri->cache_info.signed_descriptor_len +
ri->cache_info.annotations_len;
- const int key_pinning = get_options()->AuthDirPinKeys;
+ const int key_pinning = dirauth_get_options()->AuthDirPinKeys;
*msg = NULL;
/* If it's too big, refuse it now. Otherwise we'll cache it all over the
More information about the tor-commits
mailing list