Changes in version 0.2.2.11-alpha - 2010-03-??
+ o Minor features:
+ - Experiment with a more aggressive approach to preventing clients
+ from making one-hop exit streams. Exit relays who want to try it
+ out can set "RefuseUnknownExits 1" in their torrc, and then look
+ for "Attempt by %s to open a stream" log messages. Let us know
+ how it goes!
+
o Minor bugfixes:
- When we cleaned up the contrib/tor-exit-notice.html file, we left
out some key text. Fixes bug 1295.
V(RecommendedClientVersions, LINELIST, NULL),
V(RecommendedServerVersions, LINELIST, NULL),
OBSOLETE("RedirectExit"),
+ V(RefuseUnknownExits, BOOL, "0"),
V(RejectPlaintextPorts, CSV, ""),
V(RelayBandwidthBurst, MEMUNIT, "0"),
V(RelayBandwidthRate, MEMUNIT, "0"),
tor_free(address);
return 0;
}
- if (or_circ && or_circ->is_first_hop &&
- !get_options()->AllowSingleHopExits) {
+ if (or_circ && or_circ->p_conn && !get_options()->AllowSingleHopExits &&
+ (or_circ->is_first_hop ||
+ (!connection_or_digest_is_known_relay(
+ or_circ->p_conn->identity_digest) &&
+// XXX022 commented out so we can test it first in 0.2.2.11 -RD
+// networkstatus_get_param(NULL, "refuseunknownexits", 1)))) {
+ get_options()->RefuseUnknownExits))) {
/* Don't let clients use us as a single-hop proxy, unless the user
- * has explicitly allowed that in the config. It attracts attackers
+ * has explicitly allowed that in the config. It attracts attackers
* and users who'd be better off with, well, single-hop proxies.
*/
- log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
- "Attempt to open a stream on first hop of circuit. Closing.");
+// log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
+ log_notice(LD_PROTOCOL,
+ "Attempt by %s to open a stream %s. Closing.",
+ safe_str(or_circ->p_conn->_base.address),
+ or_circ->is_first_hop ? "on first hop of circuit" :
+ "from unknown relay");
relay_send_end_cell_from_edge(rh.stream_id, circ,
- END_STREAM_REASON_TORPROTOCOL, NULL);
+ or_circ->is_first_hop ?
+ END_STREAM_REASON_TORPROTOCOL :
+ END_STREAM_REASON_MISC,
+ NULL);
tor_free(address);
return 0;
}
/** Return 1 if identity digest <b>id_digest</b> is known to be a
* currently or recently running relay. Otherwise return 0. */
-static int
+int
connection_or_digest_is_known_relay(const char *id_digest)
{
if (router_get_consensus_status_by_id(id_digest))
int ConstrainedSockets; /**< Shrink xmit and recv socket buffers. */
uint64_t ConstrainedSockSize; /**< Size of constrained buffers. */
+ /** Whether we should drop exit streams from Tors that we don't know
+ * are relays. XXX022 In here for 0.2.2.11 as a temporary test before
+ * we switch over to putting it in consensusparams. -RD */
+ int RefuseUnknownExits;
+
/** Application ports that require all nodes in circ to have sufficient
* uptime. */
smartlist_t *LongLivedPorts;
int connection_or_flushed_some(or_connection_t *conn);
int connection_or_finished_flushing(or_connection_t *conn);
int connection_or_finished_connecting(or_connection_t *conn);
+int connection_or_digest_is_known_relay(const char *id_digest);
void connection_or_connect_failed(or_connection_t *conn,
int reason, const char *msg);
projects / thirdparty / tor.git / commitdiff
