[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r9171: Add an orport option to dirserver lines so that clients can (in tor/trunk: . doc src/or)
- To: or-cvs@xxxxxxxxxxxxx
- Subject: [or-cvs] r9171: Add an orport option to dirserver lines so that clients can (in tor/trunk: . doc src/or)
- From: nickm@xxxxxxxx
- Date: Sat, 23 Dec 2006 21:45:29 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Sat, 23 Dec 2006 21:45:39 -0500
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-cvs@xxxxxxxxxxxxx
Author: nickm
Date: 2006-12-23 21:45:27 -0500 (Sat, 23 Dec 2006)
New Revision: 9171
Modified:
tor/trunk/
tor/trunk/ChangeLog
tor/trunk/doc/TODO
tor/trunk/doc/tor.1.in
tor/trunk/src/or/config.c
tor/trunk/src/or/or.h
tor/trunk/src/or/router.c
tor/trunk/src/or/routerlist.c
Log:
r11676@Kushana: nickm | 2006-12-23 20:42:17 -0500
Add an orport option to dirserver lines so that clients can tell where to connect to open an encrypted tunnel to a dirserver even before they have its descriptor.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r11676] on c95137ef-5f19-0410-b913-86e773d04f59
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/ChangeLog 2006-12-24 02:45:27 UTC (rev 9171)
@@ -36,6 +36,9 @@
- Remove some options that have been deprecated since at least 0.1.0.x:
AccountingMaxKB, LogFile, DebugLogFile, LogLevel, and SysLog. Use
AccountingMax instead of AccountingMaxKB; use Log to set log options.
+ - DirServer configuration lines now have an orport option so clients can
+ open encrypted tunnels to the authorities without having downloaded
+ their descriptors yet.
o Security bugfixes:
- Stop sending the HttpProxyAuthenticator string to directory
Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/doc/TODO 2006-12-24 02:45:27 UTC (rev 9171)
@@ -53,7 +53,7 @@
R - turn the received socks addr:port into a digest for setting .exit
- be able to connect without having a server descriptor, to bootstrap.
R - handle connect-dir streams that don't have a chosen_exit_name set.
-N - include ORPort in DirServers lines so we can know where to connect.
+ o include ORPort in DirServers lines so we can know where to connect.
list the orport as 0 if it can't handle begin_dir.
N - list versions in status page
a new line in the status entry. "Tor 0.1.2.2-alpha". If it's
Modified: tor/trunk/doc/tor.1.in
===================================================================
--- tor/trunk/doc/tor.1.in 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/doc/tor.1.in 2006-12-24 02:45:27 UTC (rev 9171)
@@ -108,7 +108,9 @@
authority for old-style (v1) directories as well. (Only directory mirrors
care about this.) Tor will use this server as an authority for hidden
service information if the "hs" flag is set, or if the "v1" flag is set and
-the "no-hs" flag is \fBnot\fP set.
+the "no-hs" flag is \fBnot\fP set. If a flag "orport=\fBport\fR" is given,
+Tor will consider use the given port to open encrypted tunnels to the
+dirserver.
If no \fBdirserver\fP line is given, Tor will use the default
directory servers. NOTE: this option is intended
for setting up a private Tor network with its own directory authorities. If
Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/src/or/config.c 2006-12-24 02:45:27 UTC (rev 9171)
@@ -3329,7 +3329,7 @@
smartlist_t *items = NULL;
int r;
char *addrport=NULL, *address=NULL, *nickname=NULL, *fingerprint=NULL;
- uint16_t port;
+ uint16_t dir_port = 0, or_port = 0;
char digest[DIGEST_LEN];
int is_v1_authority = 0, is_hidserv_authority = 0,
is_not_hidserv_authority = 0, is_v2_authority = 1;
@@ -3359,6 +3359,12 @@
is_not_hidserv_authority = 1;
} else if (!strcasecmp(flag, "no-v2")) {
is_v2_authority = 0;
+ } else if (!strcasecmpstart(flag, "orport=")) {
+ int ok;
+ flag += strlen("orport=");
+ or_port = tor_parse_long(flag, 10, 1, 65535, &ok, NULL);
+ if (!ok)
+ log_warn(LD_CONFIG, "Invalid orport '%s' on DirServer line.", flag);
} else {
log_warn(LD_CONFIG, "Unrecognized flag '%s' on DirServer line",
flag);
@@ -3375,11 +3381,11 @@
goto err;
}
addrport = smartlist_get(items, 0);
- if (parse_addr_port(LOG_WARN, addrport, &address, NULL, &port)<0) {
+ if (parse_addr_port(LOG_WARN, addrport, &address, NULL, &dir_port)<0) {
log_warn(LD_CONFIG, "Error parsing DirServer address '%s'", addrport);
goto err;
}
- if (!port) {
+ if (!dir_port) {
log_warn(LD_CONFIG, "Missing port in DirServer address '%s'",addrport);
goto err;
}
@@ -3396,9 +3402,11 @@
}
if (!validate_only) {
- log_debug(LD_DIR, "Trusted dirserver at %s:%d (%s)", address, (int)port,
+ log_debug(LD_DIR, "Trusted dirserver at %s:%d (%s)", address,
+ (int)dir_port,
(char*)smartlist_get(items,1));
- add_trusted_dir_server(nickname, address, port, digest, is_v1_authority,
+ add_trusted_dir_server(nickname, address, dir_port, or_port, digest,
+ is_v1_authority,
is_v2_authority, is_hidserv_authority);
}
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/src/or/or.h 2006-12-24 02:45:27 UTC (rev 9171)
@@ -2661,6 +2661,7 @@
char *address; /**< Hostname */
uint32_t addr; /**< IPv4 address */
uint16_t dir_port; /**< Directory port */
+ uint16_t or_port; /**< OR port: Used for tunneling connections */
char digest[DIGEST_LEN]; /**< Digest of identity key */
unsigned int is_running:1; /**< True iff we think this server is running. */
/** True iff this server is an authority for the older ("v1") directory
@@ -2759,8 +2760,8 @@
int need_uptime);
int router_exit_policy_rejects_all(routerinfo_t *router);
-void add_trusted_dir_server(const char *nickname,
- const char *address, uint16_t port,
+void add_trusted_dir_server(const char *nickname, const char *address,
+ uint16_t dir_port, uint16_t or_port,
const char *digest, int is_v1_authority,
int is_v2_authority, int is_hidserv_authority);
void clear_trusted_dir_servers(void);
Modified: tor/trunk/src/or/router.c
===================================================================
--- tor/trunk/src/or/router.c 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/src/or/router.c 2006-12-24 02:45:27 UTC (rev 9171)
@@ -377,7 +377,9 @@
crypto_pk_get_digest(get_identity_key(), digest);
if (!router_digest_is_trusted_dir(digest)) {
add_trusted_dir_server(options->Nickname, NULL,
- (uint16_t)options->DirPort, digest,
+ (uint16_t)options->DirPort,
+ (uint16_t)options->ORPort,
+ digest,
options->V1AuthoritativeDir, /* v1 authority */
1, /* v2 authority */
options->HSAuthoritativeDir /*hidserv authority*/);
Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c 2006-12-23 08:48:16 UTC (rev 9170)
+++ tor/trunk/src/or/routerlist.c 2006-12-24 02:45:27 UTC (rev 9171)
@@ -2819,7 +2819,8 @@
* <b>address</b> is NULL, add ourself. */
void
add_trusted_dir_server(const char *nickname, const char *address,
- uint16_t port, const char *digest, int is_v1_authority,
+ uint16_t dir_port, uint16_t or_port,
+ const char *digest, int is_v1_authority,
int is_v2_authority, int is_hidserv_authority)
{
trusted_dir_server_t *ent;
@@ -2851,7 +2852,8 @@
ent->nickname = nickname ? tor_strdup(nickname) : NULL;
ent->address = hostname;
ent->addr = a;
- ent->dir_port = port;
+ ent->dir_port = dir_port;
+ ent->or_port = or_port;
ent->is_running = 1;
ent->is_v1_authority = is_v1_authority;
ent->is_v2_authority = is_v2_authority;
@@ -2862,10 +2864,10 @@
ent->description = tor_malloc(dlen);
if (nickname)
tor_snprintf(ent->description, dlen, "directory server \"%s\" at %s:%d",
- nickname, hostname, (int)port);
+ nickname, hostname, (int)dir_port);
else
tor_snprintf(ent->description, dlen, "directory server at %s:%d",
- hostname, (int)port);
+ hostname, (int)dir_port);
ent->fake_status.addr = ent->addr;
memcpy(ent->fake_status.identity_digest, digest, DIGEST_LEN);
@@ -2875,6 +2877,7 @@
else
ent->fake_status.nickname[0] = '\0';
ent->fake_status.dir_port = ent->dir_port;
+ ent->fake_status.or_port = ent->or_port;
smartlist_add(trusted_dir_servers, ent);
router_dir_info_changed();