[tor-commits] [tor/master] dirauth: Disable dirauth config when the module is disabled
teor at torproject.org
teor at torproject.org
Tue Nov 5 04:28:52 UTC 2019
commit da49c4d78dee04aa493ebce2a60169034a48b464
Author: teor <teor at torproject.org>
Date: Tue Oct 29 00:29:00 2019 +1000
dirauth: Disable dirauth config when the module is disabled
Part of 32213.
---
src/core/include.am | 2 +-
src/feature/dirauth/dirauth_config.c | 9 +----
src/feature/dirauth/dirauth_config.h | 46 ++++++++++++++++++++--
.../conf_examples/bridgeauth_1/error_no_dirauth | 1 +
.../bridgeauth_1/error_no_dirauth_relay | 1 +
.../conf_examples/bridgeauth_1/expected_no_dirauth | 7 ----
.../bridgeauth_1/expected_no_dirauth_relay | 6 ---
src/test/conf_examples/dirauth_1/error_no_dirauth | 1 +
.../conf_examples/dirauth_1/error_no_dirauth_relay | 1 +
.../conf_examples/dirauth_1/expected_no_dirauth | 7 ----
.../dirauth_1/expected_no_dirauth_relay | 6 ---
11 files changed, 49 insertions(+), 38 deletions(-)
diff --git a/src/core/include.am b/src/core/include.am
index 222bd44df..fb467cf81 100644
--- a/src/core/include.am
+++ b/src/core/include.am
@@ -89,7 +89,6 @@ LIBTOR_APP_A_SOURCES = \
src/feature/control/control_proto.c \
src/feature/control/fmt_serverstatus.c \
src/feature/control/getinfo_geoip.c \
- src/feature/dirauth/dirauth_config.c \
src/feature/dircache/conscache.c \
src/feature/dircache/consdiffmgr.c \
src/feature/dircache/dircache.c \
@@ -180,6 +179,7 @@ MODULE_DIRAUTH_SOURCES = \
src/feature/dirauth/authmode.c \
src/feature/dirauth/bridgeauth.c \
src/feature/dirauth/bwauth.c \
+ src/feature/dirauth/dirauth_config.c \
src/feature/dirauth/dirauth_periodic.c \
src/feature/dirauth/dirauth_sys.c \
src/feature/dirauth/dircollate.c \
diff --git a/src/feature/dirauth/dirauth_config.c b/src/feature/dirauth/dirauth_config.c
index 03d6af609..3334213ab 100644
--- a/src/feature/dirauth/dirauth_config.c
+++ b/src/feature/dirauth/dirauth_config.c
@@ -75,14 +75,12 @@ options_validate_dirauth_mode(const or_options_t *old_options,
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
-#ifdef HAVE_MODULE_DIRAUTH
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
-#endif /* defined(HAVE_MODULE_DIRAUTH) */
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
@@ -98,7 +96,7 @@ options_validate_dirauth_mode(const or_options_t *old_options,
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/V3)AuthoritativeDir is set.");
-#ifdef HAVE_MODULE_DIRAUTH
+
/* If we have a v3bandwidthsfile and it's broken, complain on startup */
if (options->V3BandwidthsFile && !old_options) {
dirserv_read_measured_bandwidths(options->V3BandwidthsFile, NULL, NULL,
@@ -108,9 +106,6 @@ options_validate_dirauth_mode(const or_options_t *old_options,
if (options->GuardfractionFile && !old_options) {
dirserv_read_guardfraction_file(options->GuardfractionFile, NULL);
}
-#else
- (void)old_options;
-#endif /* defined(HAVE_MODULE_DIRAUTH) */
}
if (options->AuthoritativeDir && !options->DirPort_set)
@@ -283,7 +278,7 @@ options_validate_dirauth_testing(const or_options_t *old_options,
* Return true if changing the configuration from <b>old</b> to <b>new</b>
* affects the timing of the voting subsystem
*/
-int
+static int
options_transition_affects_dirauth_timing(const or_options_t *old_options,
const or_options_t *new_options)
{
diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h
index 21437ba24..95aef3de9 100644
--- a/src/feature/dirauth/dirauth_config.h
+++ b/src/feature/dirauth/dirauth_config.h
@@ -14,6 +14,8 @@
typedef struct or_options_t or_options_t;
+#ifdef HAVE_MODULE_DIRAUTH
+
int options_validate_dirauth_mode(const or_options_t *old_options,
or_options_t *options,
char **msg);
@@ -26,10 +28,46 @@ int options_validate_dirauth_testing(const or_options_t *old_options,
or_options_t *options,
char **msg);
-int options_transition_affects_dirauth_timing(
- const or_options_t *old_options,
- const or_options_t *new_options);
-
int options_act_dirauth(const or_options_t *old_options);
+#else
+
+/** When tor is compiled with the dirauth module disabled, it can't be
+ * configured as a directory authority.
+ *
+ * Returns -1 and sets msg to a newly allocated string, if AuthoritativeDir
+ * is set in options. Otherwise returns 0. */
+static inline int
+options_validate_dirauth_mode(const or_options_t *old_options,
+ or_options_t *options,
+ char **msg)
+{
+ (void)old_options;
+
+ /* Only check the primary option for now, #29211 will disable more
+ * options. */
+ if (options->AuthoritativeDir) {
+ /* REJECT() this configuration */
+ *msg = tor_strdup("This tor was built with dirauth mode disabled. "
+ "It can not be configured with AuthoritativeDir 1.");
+ return -1;
+ }
+
+ return 0;
+}
+
+#define options_validate_dirauth_schedule(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_validate_dirauth_testing(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_validate_dirauth_testing(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_act_dirauth(old_options) \
+ (((void)(old_options)),0)
+
+#endif /* defined(HAVE_MODULE_DIRAUTH) */
+
#endif /* !defined(TOR_FEATURE_DIRAUTH_DIRAUTH_CONFIG_H) */
diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth b/src/test/conf_examples/bridgeauth_1/error_no_dirauth
new file mode 100644
index 000000000..e6bd5db69
--- /dev/null
+++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay
new file mode 100644
index 000000000..e6bd5db69
--- /dev/null
+++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth b/src/test/conf_examples/bridgeauth_1/expected_no_dirauth
deleted file mode 100644
index d43aaf2c8..000000000
--- a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth
+++ /dev/null
@@ -1,7 +0,0 @@
-Address 198.51.100.123
-AuthoritativeDirectory 1
-BridgeAuthoritativeDir 1
-ContactInfo tor_parse_test at example.com
-DirPort 80
-Nickname Unnamed
-ORPort 443
diff --git a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay b/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay
deleted file mode 100644
index e059d7997..000000000
--- a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay
+++ /dev/null
@@ -1,6 +0,0 @@
-Address 198.51.100.123
-AuthoritativeDirectory 1
-BridgeAuthoritativeDir 1
-ContactInfo tor_parse_test at example.com
-DirPort 80
-ORPort 443
diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth b/src/test/conf_examples/dirauth_1/error_no_dirauth
new file mode 100644
index 000000000..e6bd5db69
--- /dev/null
+++ b/src/test/conf_examples/dirauth_1/error_no_dirauth
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth_relay b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay
new file mode 100644
index 000000000..e6bd5db69
--- /dev/null
+++ b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/dirauth_1/expected_no_dirauth b/src/test/conf_examples/dirauth_1/expected_no_dirauth
deleted file mode 100644
index f006c6f8f..000000000
--- a/src/test/conf_examples/dirauth_1/expected_no_dirauth
+++ /dev/null
@@ -1,7 +0,0 @@
-Address 192.0.2.1
-AuthoritativeDirectory 1
-ContactInfo tor_parse_test at example.net
-DirPort 9030
-Nickname Unnamed
-ORPort 9001
-V3AuthoritativeDirectory 1
diff --git a/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay b/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay
deleted file mode 100644
index 4b9ad49bb..000000000
--- a/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay
+++ /dev/null
@@ -1,6 +0,0 @@
-Address 192.0.2.1
-AuthoritativeDirectory 1
-ContactInfo tor_parse_test at example.net
-DirPort 9030
-ORPort 9001
-V3AuthoritativeDirectory 1
More information about the tor-commits
mailing list