TransProxyType replaces TransTPROXY option

I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.

(See #10582 and #10267)

3 files changed, 24 insertions, 10 deletions

diff --git a/src/or/config.c b/src/or/config.c
index b76243b70..e7847d583 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -408,7 +408,7 @@ static config_var_t option_vars_[] = {
   OBSOLETE("TrafficShaping"),
   V(TransListenAddress,          LINELIST, NULL),
   VPORT(TransPort,                   LINELIST, NULL),
-  V(TransTPROXY,                 BOOL,     "0"),
+  V(TransProxyType,              STRING,   "default"),
   V(TunnelDirConns,              BOOL,     "1"),
   V(UpdateBridgesFromAuthority,  BOOL,     "0"),
   V(UseBridges,                  BOOL,     "0"),
@@ -2517,19 +2517,30 @@ options_validate(or_options_t *old_options, or_options_t *options,
         "undefined, and there aren't any hidden services configured.  "
         "Tor will still run, but probably won't do anything.");
 
+  options->TransProxyType_parsed = TPT_DEFAULT;
 #ifdef USE_TRANSPARENT
-  if (options->TransTPROXY) {
+  if (options->TransProxyType) {
+    if (!strcasecmp(options->TransProxyType, "default")) {
+      options->TransProxyType_parsed = TPT_DEFAULT;
+    } else if (!strcasecmp(options->TransProxyType, "tproxy")) {
 #ifndef __linux__
-    REJECT("TransTPROXY is a Linux-specific feature.")
+      REJECT("TPROXY is a Linux-specific feature.");
+#else
+      options->TransProxyType_parsed = TPT_TPROXY;
 #endif
-    if (!options->TransPort_set) {
-      REJECT("Cannot use TransTPROXY without any valid TransPort or "
+    } else {
+      REJECT("Unrecognized value for TransProxyType");
+    }
+
+    if (strcasecmp(options->TransProxyType, "default") &&
+        !options->TransPort_set) {
+      REJECT("Cannot use TransProxyType without any valid TransPort or "
              "TransListenAddress.");
     }
   }
 #else
-  if (options->TransPort_set || options->TransTPROXY)
-    REJECT("TransPort, TransListenAddress, and TransTPROXY are disabled "
+  if (options->TransPort_set)
+    REJECT("TransPort and TransListenAddress are disabled "
            "in this build.");
 #endif
 
diff --git a/src/or/connection.c b/src/or/connection.c
index 6dbba668c..942bfc598 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1036,7 +1036,8 @@ connection_listener_new(const struct sockaddr *listensockaddr,
     make_socket_reuseable(s);
 
 #if defined USE_TRANSPARENT && defined(IP_TRANSPARENT)
-    if (options->TransTPROXY && type == CONN_TYPE_AP_TRANS_LISTENER) {
+    if (options->TransProxyType_parsed == TPT_TPROXY &&
+        type == CONN_TYPE_AP_TRANS_LISTENER) {
       int one = 1;
       if (setsockopt(s, SOL_IP, IP_TRANSPARENT, &one, sizeof(one)) < 0) {
         const char *extra = "";
diff --git a/src/or/or.h b/src/or/or.h
index 40fc567f5..b63b1ffcb 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3498,8 +3498,10 @@ typedef struct {
   config_line_t *SocksPort_lines;
   /** Ports to listen on for transparent pf/netfilter connections. */
   config_line_t *TransPort_lines;
-  int TransTPROXY; /** < Boolean: are we going to listen for all destinations
-                    * on the TransPort_lines are required for TPROXY? */
+  const char *TransProxyType; /**< What kind of transparent proxy
+                               * implementation are we using? */
+  /** Parsed value of TransProxyType. */
+  enum { TPT_DEFAULT, TPT_TPROXY } TransProxyType_parsed;
   config_line_t *NATDPort_lines; /**< Ports to listen on for transparent natd
                             * connections. */
   config_line_t *ControlPort_lines; /**< Ports to listen on for control