tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 2dfd18018f7ae087c176dca973b1e8c7eea1b8c9
parent 4d9a5c77f8f7a3e2ba9abf92e359e39ee114e350
Author: teor <teor@torproject.org>
Date:   Thu, 31 Oct 2019 11:49:17 +1000

relay: Disable server transport options when the module is disabled

This commit:
* disables the ExtORPort, ServerTransportPlugin,
  ServerTransportListenAddress, and ServerTransportOptions options,
when the relay module is disabled.

Part of 32213.

Diffstat:

Msrc/feature/relay/transport_config.h | 36+++++++++++++++++++++++++++++++++---


1 file changed, 33 insertions(+), 3 deletions(-)

diff --git a/src/feature/relay/transport_config.h b/src/feature/relay/transport_config.h
@@ -19,13 +19,13 @@
 typedef struct or_options_t or_options_t;
 typedef struct smartlist_t smartlist_t;
 
-char *get_transport_bindaddr_from_config(const char *transport);
-smartlist_t *get_options_for_server_transport(const char *transport);
-
 int options_validate_server_transport(const or_options_t *old_options,
                                       or_options_t *options,
                                       char **msg);
 
+char *get_transport_bindaddr_from_config(const char *transport);
+smartlist_t *get_options_for_server_transport(const char *transport);
+
 int options_act_server_transport(const or_options_t *old_options);
 
 #ifdef RELAY_TRANSPORT_CONFIG_PRIVATE
@@ -38,6 +38,36 @@ STATIC smartlist_t *get_options_from_transport_options_line(
 
 #else
 
+/** When tor is compiled with the relay module disabled, it can't be
+ * configured with server pluggable transports.
+ *
+ * Returns -1 and sets msg to a newly allocated string, if ExtORPort,
+ * ServerTransportPlugin, ServerTransportListenAddr, or
+ * ServerTransportOptions are set in options. Otherwise returns 0. */
+static inline int
+options_validate_server_transport(const or_options_t *old_options,
+                                  or_options_t *options,
+                                  char **msg)
+{
+  (void)old_options;
+
+  /* These ExtORPort checks are too strict, and will reject valid configs
+   * that disable ports, like "ExtORPort 0". */
+  if (options->ServerTransportPlugin ||
+      options->ServerTransportListenAddr ||
+      options->ServerTransportOptions ||
+      options->ExtORPort_lines) {
+    /* REJECT() this configuration */
+    *msg = tor_strdup("This tor was built with relay mode disabled. "
+                      "It can not be configured with an ExtORPort, "
+                      "a ServerTransportPlugin, a ServerTransportListenAddr, "
+                      "or ServerTransportOptions.");
+    return -1;
+  }
+
+  return 0;
+}
+
 #define get_transport_bindaddr_from_config(transport) \
   (((void)(transport)),NULL)