commit 0a511778eb6f3ca00d0e3da99327cce2cf179830 Author: teor teor@torproject.org Date: Tue Oct 29 17:57:04 2019 +1000
config: Move bw & other configs into the dirauth module
This commit: * moves bandwidth checks into dirauth_config, and * moves some other minor checks into dirauth_config.
The moved code is disabled when the dirauth module is disabled. (And some of the checks are re-ordered, so the order of some warnings may change.)
Part of 32213. --- src/app/config/config.c | 22 ++---------------- src/feature/dirauth/dirauth_config.c | 45 ++++++++++++++++++++++++++++++++++++ src/feature/dirauth/dirauth_config.h | 7 ++++++ 3 files changed, 54 insertions(+), 20 deletions(-)
diff --git a/src/app/config/config.c b/src/app/config/config.c index b9a15a682..7c31a4443 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -3418,13 +3418,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg) if (options_init_logs(old_options, options, 1)<0) REJECT("Failed to validate Log options. See logs for details.");
- if (authdir_mode(options)) { - /* confirm that our address isn't broken, so we can complain now */ - uint32_t tmp; - if (resolve_my_address(LOG_WARN, options, &tmp, NULL, NULL) < 0) - REJECT("Failed to resolve/guess local address. See logs for details."); - } - /* XXXX require that the only port not be DirPort? */ /* XXXX require that at least one port be listened-upon. */ if (n_ports == 0 && !options->RendConfigLines) @@ -3649,12 +3642,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg) if (options_validate_relay_padding(old_options, options, msg) < 0) return -1;
- if (options->MinUptimeHidServDirectoryV2 < 0) { - log_warn(LD_CONFIG, "MinUptimeHidServDirectoryV2 option must be at " - "least 0 seconds. Changing to 0."); - options->MinUptimeHidServDirectoryV2 = 0; - } - const int min_rendpostperiod = options->TestingTorNetwork ? MIN_REND_POST_PERIOD_TESTING : MIN_REND_POST_PERIOD; @@ -3833,16 +3820,11 @@ options_validate_cb(const void *old_options_, void *options_, char **msg) if (ensure_bandwidth_cap(&options->BandwidthBurst, "BandwidthBurst", msg) < 0) return -1; - if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee, - "AuthDirFastGuarantee", msg) < 0) - return -1; - if (ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee, - "AuthDirGuardBWGuarantee", msg) < 0) - return -1; -
if (options_validate_relay_bandwidth(old_options, options, msg) < 0) return -1; + if (options_validate_dirauth_bandwidth(old_options, options, msg) < 0) + return -1;
if (options->BandwidthRate > options->BandwidthBurst) REJECT("BandwidthBurst must be at least equal to BandwidthRate."); diff --git a/src/feature/dirauth/dirauth_config.c b/src/feature/dirauth/dirauth_config.c index 56a71e950..6574edb54 100644 --- a/src/feature/dirauth/dirauth_config.c +++ b/src/feature/dirauth/dirauth_config.c @@ -61,6 +61,11 @@ options_validate_dirauth_mode(const or_options_t *old_options, return -1;
if (options->AuthoritativeDir) { + /* confirm that our address isn't broken, so we can complain now */ + uint32_t tmp; + if (resolve_my_address(LOG_WARN, options, &tmp, NULL, NULL) < 0) + REJECT("Failed to resolve/guess local address. See logs for details."); + if (!options->ContactInfo && !options->TestingTorNetwork) REJECT("Authoritative directory servers must set ContactInfo"); if (!options->RecommendedClientVersions) @@ -117,6 +122,46 @@ options_validate_dirauth_mode(const or_options_t *old_options, REJECT("Running as authoritative directory, but ClientOnly also set."); }
+ /* 31851: the tests expect us to validate these options, even when we are + * not in authority mode. */ + if (options->MinUptimeHidServDirectoryV2 < 0) { + log_warn(LD_CONFIG, "MinUptimeHidServDirectoryV2 option must be at " + "least 0 seconds. Changing to 0."); + options->MinUptimeHidServDirectoryV2 = 0; + } + + return 0; +} + +/** + * Legacy validation/normalization function for the dirauth bandwidth options + * in options. Uses old_options as the previous options. + * + * Returns 0 on success, returns -1 and sets *msg to a newly allocated string + * on error. + */ +int +options_validate_dirauth_bandwidth(const or_options_t *old_options, + or_options_t *options, + char **msg) +{ + (void)old_options; + + if (BUG(!options)) + return -1; + + if (BUG(!msg)) + return -1; + + /* 31851: the tests expect us to validate these options, even when we are + * not in authority mode. */ + if (ensure_bandwidth_cap(&options->AuthDirFastGuarantee, + "AuthDirFastGuarantee", msg) < 0) + return -1; + if (ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee, + "AuthDirGuardBWGuarantee", msg) < 0) + return -1; + return 0; }
diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h index 95aef3de9..2c67c62ec 100644 --- a/src/feature/dirauth/dirauth_config.h +++ b/src/feature/dirauth/dirauth_config.h @@ -20,6 +20,10 @@ int options_validate_dirauth_mode(const or_options_t *old_options, or_options_t *options, char **msg);
+int options_validate_dirauth_bandwidth(const or_options_t *old_options, + or_options_t *options, + char **msg); + int options_validate_dirauth_schedule(const or_options_t *old_options, or_options_t *options, char **msg); @@ -56,6 +60,9 @@ options_validate_dirauth_mode(const or_options_t *old_options, return 0; }
+#define options_validate_dirauth_bandwidth(old_options, options, msg) \ + (((void)(old_options)),((void)(options)),((void)(msg)),0) + #define options_validate_dirauth_schedule(old_options, options, msg) \ (((void)(old_options)),((void)(options)),((void)(msg)),0)