Ticket #1010: 1010-use-only-127.patch

docs/configuration.rst

@@ -152 +152 @@
     You might want to override this value if your node lives behind a
     firewall that is doing inbound port forwarding, or if you are using other
     proxies such that the local IP address or port number is not the same one
-    that remote clients should use to connect. You might also want to control
-    this when using a Tor proxy to avoid revealing your actual IP address
-    through the Introducer announcement.
+    that remote clients should use to connect.
 
-    The value is a comma-separated string of host:port location hints, like
-    this::
+    You might also want to control this when using a Tor or I2P proxy to avoid
+    revealing your actual IP addresses through the Introducer announcement.
+    To hide the node's local IP addresses, use a blank value::
+
+      ``tub.location =``
+
+    Note that this is not the same as omitting ``tub.location``.
+
+    When it is not blank, the value is a comma-separated string of
+    ``host:port`` location hints, like this::
 
       123.45.67.89:8098,tahoe.example.com:8098,127.0.0.1:8098
 
@@ -183 +189 @@
 
     * Run a node behind a Tor proxy (perhaps via ``torsocks``), in
       client-only mode (i.e. we can make outbound connections, but other
-      nodes will not be able to connect to us). The literal
-      '``unreachable.example.org``' will not resolve, but will serve as a
-      reminder to human observers that this node cannot be reached. "Don't
-      call us.. we'll call you"::
+      nodes will not be able to connect to us). "Don't call us..
+      we'll call you"::
 
         tub.port = 8098
-        tub.location = unreachable.example.org:0
+        tub.location =
 
     * Run a node behind a Tor proxy, and make the server available as a Tor
       "hidden service". (This assumes that other clients are running their

src/allmydata/node.py

@@ -305 +305 @@
 
         service.MultiService.startService(self)
         d = defer.succeed(None)
-        d.addCallback(lambda res: iputil.get_local_addresses_async())
+        location = self.get_config("node", "tub.location", None)
+        if location is None:
+            d = iputil.get_local_addresses_async()
+        else:
+            # 'tub.location=' or 'tub.location=addr:port'. either way, we
+            # don't need to determine our local addresses
+            d = defer.succeed([])
         d.addCallback(self._setup_tub)
         def _ready(res):
             self.log("%s running" % self.NODETYPE)
@@ -378 +384 @@
         # next time
         fileutil.write_atomically(self._portnumfile, "%d\n" % portnum, mode="")
 
-        base_location = ",".join([ "%s:%d" % (addr, portnum)
-                                   for addr in local_addresses ])
-        location = self.get_config("node", "tub.location", base_location)
-        self.log("Tub location set to %s" % location)
+        location = self.get_config("node", "tub.location", None)
+        if location is None:
+            location = ",".join([ "%s:%d" % (addr, portnum)
+                                  for addr in local_addresses ])
+        elif location == "":
+            # we'd prefer to have no connection-hints, but foolscap can't
+            # handle that, so use 127.0.0.1
+            location = "127.0.0.1:%d" % portnum
+        # otherwise we use location as-is from tahoe.cfg
+        self.log("Tub location set to '%s'" % location)
         self.tub.setLocation(location)
 
         return self.tub

src/allmydata/test/test_node.py

@@ -33 +33 @@
         d.addCallback(flushEventualQueue)
         return d
 
+    # TODO: should use mock decorator from #1301
+    def test_anonymous_location(self):
+        patcher = patch('allmydata.util.iputil.get_local_addresses_async')
+        mock = patcher.__enter__()
+        try:
+            mock.return_value = ["1.2.3.4"]
+
+            basedir = "test_node/test_anonymous_location"
+            fileutil.make_dirs(basedir)
+            fileutil.write(os.path.join(basedir, 'tahoe.cfg'),
+                           "[node]\n"
+                           "tub.location = \n")
+            # "tub.location=" (i.e. empty string) means create FURL with no
+            # connection-hints. Foolscap can't handle that now, so instead we
+            # make one with only 127.0.0.1
+
+            n = TestNode(basedir)
+            n.setServiceParent(self.parent)
+            d = n.when_tub_ready()
+
+            def _check_addresses(ignored_result):
+                furl = n.tub.registerReference(n)
+                self.failIf("1.2.3.4" in furl, furl)
+                self.failUnless("127.0.0.1" in furl, furl)
+
+            d.addCallback(_check_addresses)
+            def cleanup(res):
+                patcher.__exit__()
+                return res
+            d.addBoth(cleanup)
+            return d
+        except:
+            patcher.__exit__()
+            raise
+
     def test_location(self):
         basedir = "test_node/test_location"
         fileutil.make_dirs(basedir)