|
@@ -169,6 +169,8 @@ static config_abbrev_t option_abbrevs_[] = {
|
|
|
{ "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
|
|
|
{ "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
|
|
|
{ "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0},
|
|
|
+ { "ClientDNSRejectInternalAddresses",
|
|
|
+ "TestingClientDNSRejectInternalAddresses", 0, 1, },
|
|
|
{ NULL, NULL, 0, 0},
|
|
|
};
|
|
|
|
|
@@ -251,7 +253,7 @@ static config_var_t option_vars_[] = {
|
|
|
V(CircuitsAvailableTimeout, INTERVAL, "0"),
|
|
|
V(CircuitStreamTimeout, INTERVAL, "0"),
|
|
|
V(CircuitPriorityHalflife, DOUBLE, "-100.0"), /*negative:'Use default'*/
|
|
|
- V(ClientDNSRejectInternalAddresses, BOOL,"1"),
|
|
|
+ V(TestingClientDNSRejectInternalAddresses, BOOL,"1"),
|
|
|
V(ClientOnly, BOOL, "0"),
|
|
|
V(ClientPreferIPv6ORPort, AUTOBOOL, "auto"),
|
|
|
V(ClientPreferIPv6DirPort, AUTOBOOL, "auto"),
|
|
@@ -635,7 +637,7 @@ static const config_var_t testing_tor_network_defaults[] = {
|
|
|
"0, 1, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
|
|
|
V(ClientBootstrapConsensusMaxDownloadTries, UINT, "80"),
|
|
|
V(ClientBootstrapConsensusAuthorityOnlyMaxDownloadTries, UINT, "80"),
|
|
|
- V(ClientDNSRejectInternalAddresses, BOOL,"0"), // deprecated in 0.2.9.2-alpha
|
|
|
+ V(TestingClientDNSRejectInternalAddresses, BOOL,"0"),
|
|
|
V(ClientRejectInternalAddresses, BOOL, "0"),
|
|
|
V(CountPrivateBandwidth, BOOL, "1"),
|
|
|
V(ExitPolicyRejectPrivate, BOOL, "0"),
|
|
@@ -684,8 +686,6 @@ static const config_deprecation_t option_deprecation_notes_[] = {
|
|
|
/* Deprecated since 0.2.9.2-alpha... */
|
|
|
{ "AllowDotExit", "Unrestricted use of the .exit notation can be used for "
|
|
|
"a wide variety of application-level attacks." },
|
|
|
- { "ClientDNSRejectInternalAddresses", "Turning this on makes your client "
|
|
|
- "easier to fingerprint, and may open you to esoteric attacks." },
|
|
|
/* End of options deprecated since 0.2.9.2-alpha. */
|
|
|
|
|
|
/* Deprecated since 0.3.2.0-alpha. */
|
|
@@ -4121,6 +4121,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
|
|
|
CHECK_DEFAULT(TestingSigningKeySlop);
|
|
|
CHECK_DEFAULT(TestingAuthKeySlop);
|
|
|
CHECK_DEFAULT(TestingLinkKeySlop);
|
|
|
+ CHECK_DEFAULT(TestingClientDNSRejectInternalAddresses);
|
|
|
#undef CHECK_DEFAULT
|
|
|
|
|
|
if (options->SigningKeyLifetime < options->TestingSigningKeySlop*2)
|