New config option V2AuthoritativeDirectory that all directory

authorities should set. This will let future authorities choose 
not to serve V2 directory information.

Also, go through and revamp all the authdir_mode stuff so it tries
to do the right thing if you're an auth but not a V1 or V2 auth.


svn:r10092

ChangeLog

@@ -66,6 +66,9 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
     - Directory authorities allow multiple router descriptors and/or extra
       info documents to be uploaded in a single go.  This will make
       implementing proposal 104 simpler.
+    - New config option V2AuthoritativeDirectory that all directory
+      authorities should set. This will let future authorities choose
+      not to serve V2 directory information.
 
   o Minor features (controller):
     - Add a new config option __DisablePredictedCircuits designed for

doc/tor.1.in

@@ -837,11 +837,15 @@ admins at tor-ops@freehaven.net if you think you should be a directory.
 .LP
 .TP
 \fBV1AuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
-When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor also
-generates a version 1 directory (for Tor clients up to 0.1.0.x).
-(As of Tor 0.1.1.12 every (v2) authoritative directory still provides most of
-the v1 directory functionality, even without this option set to 1.
-This however is expected to change in the future.)
+When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor
+generates version 1 directory and running-routers documents (for legacy
+Tor clients up to 0.1.0.x).
+.LP
+.TP
+\fBV2AuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
+When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor
+generates version 2 network statuses and serves descriptors, etc as
+described in doc/spec/dir-spec.txt.
 .LP
 .TP
 \fBVersioningAuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP

src/or/circuituse.c

@@ -1097,7 +1097,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
 }
 
 /** Return true iff <b>crypt_path</b> is one of the crypt_paths for
- * <b>circ</b> */
+ * <b>circ</b>. */
 static int
 cpath_is_on_circuit(origin_circuit_t *circ, crypt_path_t *crypt_path)
 {

src/or/config.c

@@ -256,6 +256,7 @@ static config_var_t _option_vars[] = {
   VAR("UseEntryGuards",      BOOL,     UseEntryGuards,       "1"),
   VAR("User",                STRING,   User,                 NULL),
   VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
+  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
   VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
   VAR("VirtualAddrNetwork",  STRING,   VirtualAddrNetwork,   "127.192.0.0/10"),
   VAR("__AllDirActionsPrivate",BOOL,   AllDirActionsPrivate, "0"),

src/or/connection_or.c

@@ -676,7 +676,7 @@ connection_or_check_valid_handshake(or_connection_t *conn, int started_here,
               END_OR_CONN_REASON_OR_IDENTITY);
       as_advertised = 0;
     }
-    if (authdir_mode(options)) {
+    if (authdir_mode_handles_descs(options)) {
       /* We initiated this connection to address:port.  Drop all routers
        * with the same address:port and a different key.
        */

src/or/directory.c

@@ -886,6 +886,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
   int skewed=0;
   int allow_partial = conn->_base.purpose == DIR_PURPOSE_FETCH_SERVERDESC;
   int was_compressed=0;
+  time_t now = time(NULL);
 
   switch (fetch_from_buf_http(conn->_base.inbuf,
                               &headers, MAX_HEADERS_SIZE,
@@ -957,7 +958,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
   if (status_code == 503) {
     local_routerstatus_t *rs;
     trusted_dir_server_t *ds;
-    time_t now = time(NULL);
     log_info(LD_DIR,"Received http status code %d (%s) from server "
              "'%s:%d'. I'll try again soon.",
              status_code, escaped(reason), conn->_base.address,
@@ -1118,7 +1118,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
       if (next)
         next[1] = '\0';
       /* learn from it, and then remove it from 'which' */
-      if (router_set_networkstatus(cp, time(NULL), source, which)<0)
+      if (router_set_networkstatus(cp, now, source, which)<0)
         break;
       if (next) {
         next[1] = 'n';
@@ -1126,8 +1126,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
       } else
         break;
     }
-    routers_update_all_from_networkstatus(); /*launches router downloads*/
-    directory_info_has_arrived(time(NULL), 0);
+    routers_update_all_from_networkstatus(now); /*launches router downloads*/
+    directory_info_has_arrived(now, 0);
     if (which) {
       if (smartlist_len(which)) {
         dir_networkstatus_download_failed(which, status_code);
@@ -1180,7 +1180,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
                   !strcmpstart(conn->requested_resource, "all"))) {
       /* as we learn from them, we remove them from 'which' */
       router_load_routers_from_string(body, SAVED_NOWHERE, which);
-      directory_info_has_arrived(time(NULL), 0);
+      directory_info_has_arrived(now, 0);
     }
     if (which) { /* mark remaining ones as failed */
       log_info(LD_DIR, "Received %d/%d routers requested from %s:%d",
@@ -1831,7 +1831,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
 
   if (!strcmp(url,"/tor/dir-all-weaselhack") &&
       (conn->_base.addr == 0x7f000001ul) &&
-      authdir_mode(options)) {
+      authdir_mode_v2(options)) {
     /* until weasel rewrites his scripts at noreply */
     char *new_directory=NULL;
 
@@ -1889,7 +1889,8 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,
   }
   log_debug(LD_DIRSERV,"rewritten url as '%s'.", url);
 
-  if (!strcmp(url,"/tor/")) { /* server descriptor post */
+  if (authdir_mode_handles_descs(options) &&
+      !strcmp(url,"/tor/")) { /* server descriptor post */
     const char *msg;
     int r = dirserv_add_multiple_descriptors(body, &msg);
     tor_assert(msg);

src/or/dirserv.c

@@ -232,16 +232,7 @@ dirserv_load_fingerprint_file(void)
       /* If you approved an OR called "client", then clients who use
        * the default nickname could all be rejected.  That's no good. */
       log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' would break "
-                 "many clients; skipping.",
-                 DEFAULT_CLIENT_NICKNAME);
-      continue;
-    }
-    if (0==strcasecmp(nickname, DEFAULT_CLIENT_NICKNAME)) {
-      /* If you approved an OR called "client", then clients who use
-       * the default nickname could all be rejected.  That's no good. */
-      log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' would break "
+                 "Authorizing nickname '%s' would break "
                  "many clients; skipping.",
                  DEFAULT_CLIENT_NICKNAME);
       continue;
@@ -250,7 +241,7 @@ dirserv_load_fingerprint_file(void)
       /* If you approved an OR called "unnamed", then clients will be
        * confused. */
       log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' is not allowed; skipping.",
+                 "Authorizing nickname '%s' is not allowed; skipping.",
                  UNNAMED_ROUTER_NICKNAME);
       continue;
     }
@@ -754,7 +745,7 @@ directory_set_dirty(void)
 
 /**
  * Allocate and return a description of the status of the server <b>desc</b>,
- * for use in a router-status line.  The server is listed
+ * for use in a v1-style router-status line.  The server is listed
  * as running iff <b>is_live</b> is true.
  */
 static char *
@@ -814,7 +805,7 @@ dirserv_thinks_router_is_blatantly_unreachable(routerinfo_t *router,
 }
 
 /** Based on the routerinfo_ts in <b>routers</b>, allocate the
- * contents of a router-status line, and store it in
+ * contents of a v1-style router-status line, and store it in
  * *<b>router_status_out</b>.  Return 0 on success, -1 on failure.
  *
  * If for_controller is true, include the routers with very old descriptors.
@@ -829,14 +820,17 @@ list_server_status(smartlist_t *routers, char **router_status_out,
   smartlist_t *rs_entries;
   time_t now = time(NULL);
   time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
-  int authdir_mode = get_options()->AuthoritativeDir;
+  or_options_t *options = get_options();
+  /* We include v2 dir auths here too, because they need to answer
+   * controllers. Eventually we'll deprecate this whole function. */
+  int authdir = authdir_mode_handles_descs(options);
   tor_assert(router_status_out);
 
   rs_entries = smartlist_create();
 
   SMARTLIST_FOREACH(routers, routerinfo_t *, ri,
   {
-    if (authdir_mode) {
+    if (authdir) {
       /* Update router status in routerinfo_t. */
       ri->is_running = dirserv_thinks_router_is_reachable(ri, now);
     }
@@ -1004,12 +998,12 @@ dirserv_dump_directory_to_string(char **dir_out,
   return -1;
 }
 
-/** Most recently generated encoded signed v1 directory. (auth dirservers
- * only.)*/
+/** Most recently generated encoded signed v1 directory. (v1 auth dirservers
+ * only.) */
 static cached_dir_t *the_directory = NULL;
 
-/* Used only by non-auth dirservers: The v1 directory and runningrouters we'll
- * serve when requested. */
+/* Used only by non-v1-auth dirservers: The v1 directory and
+ * runningrouters we'll serve when requested. */
 static cached_dir_t *cached_directory = NULL;
 static cached_dir_t cached_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
 
@@ -1098,8 +1092,8 @@ _free_cached_dir(void *_d)
  *
  * If <b>published</b> is too old, do nothing.
  *
- * If <b>is_running_routers</b>, this is really a running_routers document
- * rather than a v1 directory.
+ * If <b>is_running_routers</b>, this is really a v1 running_routers
+ * document rather than a v1 directory.
  */
 void
 dirserv_set_cached_directory(const char *directory, time_t published,
@@ -1118,11 +1112,13 @@ dirserv_set_cached_directory(const char *directory, time_t published,
   }
 }
 
-/** We've just received a v2 network-status for an authoritative directory
- * with identity digest <b>identity</b> published at
- * <b>published</b>.  Store it so we can serve it to others.  If
- * <b>directory</b> is NULL, remove the entry with the given fingerprint from
- * the cache.
+/** If <b>networkstatus</b> is non-NULL, we've just received a v2
+ * network-status for an authoritative directory with identity digest
+ * <b>identity</b> published at <b>published</b> -- store it so we can
+ * serve it to others.
+ *
+ * If <b>networkstatus</b> is NULL, remove the entry with the given
+ * identity fingerprint from the v2 cache.
  */
 void
 dirserv_set_cached_networkstatus_v2(const char *networkstatus,
@@ -1181,7 +1177,7 @@ dirserv_set_cached_networkstatus_v2(const char *networkstatus,
   }
 }
 
-/** Remove any networkstatus from the directory cache that was published
+/** Remove any v2 networkstatus from the directory cache that was published
  * before <b>cutoff</b>. */
 void
 dirserv_clear_old_networkstatuses(time_t cutoff)
@@ -1230,8 +1226,8 @@ dirserv_clear_old_v1_info(time_t now)
   }
 }
 
-/** Helper: If we're an authority for the right directory version (the
- * directory version is determined by <b>is_v1_object</b>), try to regenerate
+/** Helper: If we're an authority for the right directory version (v1 if
+ * <b>is_v1_object</b> if non-0, else v2), try to regenerate
  * auth_src as appropriate and return it, falling back to cache_src on
  * failure.  If we're a cache, return cache_src.
  */
@@ -1242,8 +1238,9 @@ dirserv_pick_cached_dir_obj(cached_dir_t *cache_src,
                             const char *name,
                             int is_v1_object)
 {
-  int authority = get_options()->AuthoritativeDir &&
-    (!is_v1_object || get_options()->V1AuthoritativeDir);
+  or_options_t *options = get_options();
+  int authority = (authdir_mode_v1(options) && is_v1_object) ||
+                  (authdir_mode_v2(options) && !is_v1_object);
 
   if (!authority) {
     return cache_src;
@@ -1298,9 +1295,9 @@ dirserv_get_obj(const char **out,
   }
 }
 
-/** Return the most recently generated encoded signed directory, generating a
- * new one as necessary.  If not an authoritative directory may return NULL if
- * no directory is yet cached. */
+/** Return the most recently generated encoded signed v1 directory,
+ * generating a new one as necessary.  If not a v1 authoritative directory
+ * may return NULL if no directory is yet cached. */
 cached_dir_t *
 dirserv_get_directory(void)
 {
@@ -1310,9 +1307,9 @@ dirserv_get_directory(void)
                                      "server directory", 1);
 }
 
-/**
- * Generate a fresh v1 directory (authdirservers only); set the_directory
- * and return a pointer to the new value.
+/** Only called by v1 auth dirservers.
+ * Generate a fresh v1 directory; set the_directory and return a pointer
+ * to the new value.
  */
 static cached_dir_t *
 dirserv_regenerate_directory(void)
@@ -1344,7 +1341,8 @@ dirserv_regenerate_directory(void)
 /** For authoritative directories: the current (v1) network status. */
 static cached_dir_t the_runningrouters = { NULL, NULL, 0, 0, 0, -1 };
 
-/** Replace the current running-routers list with a newly generated one. */
+/** Only called by v1 auth dirservers.
+ * Replace the current running-routers list with a newly generated one. */
 static cached_dir_t *
 generate_runningrouters(void)
 {
@@ -1415,11 +1413,11 @@ dirserv_get_runningrouters(const char **rr, int compress)
 static cached_dir_t *the_v2_networkstatus = NULL;
 
 /** Return true iff our opinion of the routers has been stale for long
- * enough that we should generate a new network status doc. */
+ * enough that we should generate a new v2 network status doc. */
 static int
 should_generate_v2_networkstatus(void)
 {
-  return get_options()->AuthoritativeDir &&
+  return authdir_mode_v2(get_options()) &&
     the_v2_networkstatus_is_dirty &&
     the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
 }
@@ -1569,7 +1567,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
   smartlist_free(bandwidths_excluding_exits);
 }
 
-/** For authoritative directories only: replace the contents of
+/** For v2 authoritative directories only: replace the contents of
  * <b>the_v2_networkstatus</b> with a newly generated network status
  * object. */
 static cached_dir_t *
@@ -1744,6 +1742,8 @@ generate_v2_networkstatus(void)
                        f_running?" Running":"",
                        f_valid?" Valid":"",
                        f_v2_dir?" V2Dir":"")<0) {
+                       /* when adding more flags, remember to change
+                        * the #defines at the top of this function. */
         log_warn(LD_BUG, "Unable to print router status.");
         goto done;
       }
@@ -1819,7 +1819,7 @@ dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
     generate_v2_networkstatus();
 
   if (!strcmp(key,"authority")) {
-    if (get_options()->AuthoritativeDir) {
+    if (authdir_mode_v2(get_options())) {
       routerinfo_t *me = router_get_my_routerinfo();
       if (me)
         smartlist_add(result,
@@ -1839,7 +1839,8 @@ dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
     } else {
       SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
                   trusted_dir_server_t *, ds,
-                  smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
+                  if (ds->is_v2_authority)
+                    smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
     }
     smartlist_sort_digests(result);
     if (smartlist_len(result) == 0)

src/or/or.h

@@ -1716,6 +1716,8 @@ typedef struct {
   int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
   int V1AuthoritativeDir; /**< Boolean: is this an authoritative directory
                            * for version 1 directories? */
+  int V2AuthoritativeDir; /**< Boolean: is this an authoritative directory
+                           * for version 2 directories? */
   int HSAuthoritativeDir; /**< Boolean: does this an authoritative directory
                            * handle hidden service requests? */
   int HSAuthorityRecordStats; /**< Boolean: does this HS authoritative
@@ -2938,6 +2940,9 @@ void router_dirport_found_reachable(void);
 void router_perform_bandwidth_test(int num_circs, time_t now);
 
 int authdir_mode(or_options_t *options);
+int authdir_mode_v1(or_options_t *options);
+int authdir_mode_v2(or_options_t *options);
+int authdir_mode_handles_descs(or_options_t *options);
 int clique_mode(or_options_t *options);
 int server_mode(or_options_t *options);
 int advertised_server_mode(void);
@@ -3107,7 +3112,7 @@ local_routerstatus_t *router_get_combined_status_by_digest(const char *digest);
 routerstatus_t *routerstatus_get_by_hexdigest(const char *hexdigest);
 void update_networkstatus_downloads(time_t now);
 void update_router_descriptor_downloads(time_t now);
-void routers_update_all_from_networkstatus(void);
+void routers_update_all_from_networkstatus(time_t now);
 void routers_update_status_from_networkstatus(smartlist_t *routers,
                                               int reset_failures);
 smartlist_t *router_list_superseded(void);

src/or/router.c

@@ -377,7 +377,7 @@ init_keys(void)
                            (uint16_t)options->ORPort,
                            digest,
                            options->V1AuthoritativeDir, /* v1 authority */
-                           1, /* v2 authority */
+                           options->V2AuthoritativeDir, /* v2 authority */
                            options->HSAuthoritativeDir /*hidserv authority*/);
   }
   return 0; /* success */
@@ -594,12 +594,37 @@ authdir_mode(or_options_t *options)
 {
   return options->AuthoritativeDir != 0;
 }
+/** Return true iff we believe ourselves to be a v1 authoritative
+ * directory server.
+ */
+int
+authdir_mode_v1(or_options_t *options)
+{
+  return authdir_mode(options) && options->V1AuthoritativeDir != 0;
+}
+/** Return true iff we believe ourselves to be a v2 authoritative
+ * directory server.
+ */
+int
+authdir_mode_v2(or_options_t *options)
+{
+  return authdir_mode(options) && options->V2AuthoritativeDir != 0;
+}
+/** Return true iff we are an authoritative directory server that
+ * handles descriptors -- including receiving posts, creating directories,
+ * and testing reachability.
+ */
+int
+authdir_mode_handles_descs(or_options_t *options)
+{
+  return authdir_mode_v1(options) || authdir_mode_v2(options);
+}
 /** Return true iff we try to stay connected to all ORs at once.
  */
 int
 clique_mode(or_options_t *options)
 {
-  return authdir_mode(options);
+  return authdir_mode_handles_descs(options);
 }
 
 /** Return true iff we are trying to be a server.
@@ -647,7 +672,7 @@ proxy_mode(or_options_t *options)
  * - We have ORPort set
  * and
  * - We believe we are reachable from the outside; or
- * - We have the AuthoritativeDirectory option set.
+ * - We are an authoritative directory server.
  */
 static int
 decide_if_publishable_server(void)
@@ -660,7 +685,7 @@ decide_if_publishable_server(void)
     return 0;
   if (!server_mode(options))
     return 0;
-  if (options->AuthoritativeDir)
+  if (authdir_mode(options))
     return 1;
 
   return check_whether_orport_reachable();
@@ -695,8 +720,8 @@ consider_publishable_server(int force)
  * Clique maintenance -- to be phased out.
  */
 
-/** Return true iff this OR should try to keep connections open to all
- * other ORs. */
+/** Return true iff we believe this OR tries to keep connections open
+ * to all other ORs. */
 int
 router_is_clique_mode(routerinfo_t *router)
 {
@@ -1128,7 +1153,7 @@ check_descriptor_ipaddress_changed(time_t now)
  * headers. */
 static uint32_t last_guessed_ip = 0;
 
-/** A directory authority told us our IP address is <b>suggestion</b>.
+/** A directory server told us our IP address is <b>suggestion</b>.
  * If this address is different from the one we think we are now, and
  * if our computer doesn't actually know its IP address, then switch. */
 void

src/or/routerlist.c

@@ -153,7 +153,7 @@ router_reload_networkstatus(void)
   SMARTLIST_FOREACH(entries, char *, fn, tor_free(fn));
   smartlist_free(entries);
   networkstatus_list_clean(time(NULL));
-  routers_update_all_from_networkstatus();
+  routers_update_all_from_networkstatus(time(NULL));
   routerlist_check_bug_417();
   return 0;
 }
@@ -565,8 +565,7 @@ router_get_trusteddirserver_by_digest(const char *digest)
 /** Try to find a running trusted dirserver. If there are no running
  * trusted dirservers and <b>retry_if_no_servers</b> is non-zero,
  * set them all as running again, and try again.
- * If <b>need_v1_authority</b> is set, return only trusted servers
- * that are authorities for the V1 directory protocol.
+ * <b>type> specifies the type of authoritative dir we require.
  * Other args are as in router_pick_trusteddirserver_impl().
  */
 routerstatus_t *
@@ -594,7 +593,8 @@ router_pick_trusteddirserver(authority_type_t type,
 #define DIR_503_TIMEOUT (60*60)
 
 /** Pick a random running valid directory server/mirror from our
- * routerlist.  Don't pick an authority if any non-authorities are viable.
+ * routerlist.
+ *
  * If <b>fascistfirewall</b>, make sure the router we pick is allowed
  * by our firewall options.
  * If <b>requireother</b>, it cannot be us. If <b>for_v2_directory</b>,
@@ -602,8 +602,9 @@ router_pick_trusteddirserver(authority_type_t type,
  * functionality.
  * If <b>prefer_tunnel</b>, choose a directory server that is reachable
  * and supports BEGIN_DIR cells, if possible.
- * Try to avoid using servers that are overloaded (have returned 503
- * recently).
+ *
+ * Don't pick an authority if any non-authorities are viable. Try to
+ * avoid using servers that are overloaded (have returned 503 recently).
  */
 static routerstatus_t *
 router_pick_directory_server_impl(int requireother, int fascistfirewall,
@@ -681,9 +682,8 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall,
 
 /** Choose randomly from among the trusted dirservers that are up.  If
  * <b>fascistfirewall</b>, make sure the port we pick is allowed by our
- * firewall options.  If <b>requireother</b>, it cannot be us.  If
- * <b>need_v1_authority</b>, choose a trusted authority for the v1 directory
- * system.
+ * firewall options.  If <b>requireother</b>, it cannot be us.
+ * <b>type> specifies the type of authoritative dir we require.
  */
 static routerstatus_t *
 router_pick_trusteddirserver_impl(authority_type_t type,
@@ -1433,8 +1433,7 @@ router_digest_is_trusted_dir(const char *digest)
 {
   if (!trusted_dir_servers)
     return 0;
-  if (get_options()->AuthoritativeDir &&
-      router_digest_is_me(digest))
+  if (authdir_mode(get_options()) && router_digest_is_me(digest))
     return 1;
   SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
                     if (!memcmp(digest, ent->digest, DIGEST_LEN)) return 1);
@@ -2103,7 +2102,7 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
                          int from_cache, int from_fetch)
 {
   const char *id_digest;
-  int authdir = get_options()->AuthoritativeDir;
+  int authdir = authdir_mode(get_options());
   int authdir_believes_valid = 0;
   routerinfo_t *old_router;
 
@@ -2778,7 +2777,7 @@ router_set_networkstatus(const char *s, time_t arrived_at,
        * authority we didn't recognize. */
       log_info(LD_DIR,
                "We do not recognize authority (%s) but we are willing "
-               "to cache it", fp);
+               "to cache it.", fp);
       add_networkstatus_to_cache(s, source, ns);
       networkstatus_free(ns);
     }
@@ -3043,14 +3042,15 @@ signed_desc_digest_is_recognized(signed_descriptor_t *desc)
 #define NONAUTHORITY_NS_CACHE_INTERVAL (15*60)
 
 /** We are a directory server, and so cache network_status documents.
- * Initiate downloads as needed to update them.  For authorities, this means
- * asking each trusted directory for its network-status.  For caches, this
- * means asking a random authority for all network-statuses.
+ * Initiate downloads as needed to update them.  For v2 authorities,
+ * this means asking each trusted directory for its network-status.
+ * For caches, this means asking a random v2 authority for all
+ * network-statuses.
  */
 static void
 update_networkstatus_cache_downloads(time_t now)
 {
-  int authority = authdir_mode(get_options());
+  int authority = authdir_mode_v2(get_options());
   int interval =
     authority ? AUTHORITY_NS_CACHE_INTERVAL : NONAUTHORITY_NS_CACHE_INTERVAL;
 
@@ -3491,17 +3491,15 @@ compute_recommended_versions(time_t now, int client,
  * list.
  */
 void
-routers_update_all_from_networkstatus(void)
+routers_update_all_from_networkstatus(time_t now)
 {
   routerinfo_t *me;
-  time_t now;
   if (!routerlist || !networkstatus_list ||
       (!networkstatus_list_has_changed && !routerstatus_list_has_changed))
     return;
 
   router_dir_info_changed();
 
-  now = time(NULL);
   if (networkstatus_list_has_changed)
     routerstatus_list_update_from_networkstatus(now);
 
@@ -3756,7 +3754,7 @@ routerstatus_list_update_from_networkstatus(time_t now)
                  other_digest != conflict) {
         if (!warned) {
           char *d;
-          int should_warn = options->DirPort && options->AuthoritativeDir;
+          int should_warn = options->DirPort && authdir_mode(options);
           char fp1[HEX_DIGEST_LEN+1];
           char fp2[HEX_DIGEST_LEN+1];
           base16_encode(fp1, sizeof(fp1), other_digest, DIGEST_LEN);
@@ -3982,9 +3980,8 @@ routers_update_status_from_networkstatus(smartlist_t *routers,
   trusted_dir_server_t *ds;
   local_routerstatus_t *rs;
   or_options_t *options = get_options();
-  int authdir = options->AuthoritativeDir;
-  int namingdir = options->AuthoritativeDir &&
-    options->NamingAuthoritativeDir;
+  int authdir = authdir_mode_v2(options);
+  int namingdir = authdir && options->NamingAuthoritativeDir;
 
   if (!routerstatus_list)
     return;
@@ -4299,7 +4296,6 @@ update_router_descriptor_cache_downloads(time_t now)
   int i, j, n;
   int n_download;
   or_options_t *options = get_options();
-  (void) now;
 
   if (!options->DirPort) {
     log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads() "
@@ -4357,7 +4353,7 @@ update_router_descriptor_cache_downloads(time_t now)
             rs->need_to_mirror = 0;
             continue;
           }
-          if (options->AuthoritativeDir && dirserv_would_reject_router(rs)) {
+          if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
             rs->need_to_mirror = 0;
             continue;
           }

src/or/routerparse.c

@@ -491,7 +491,7 @@ router_parse_directory(const char *str)
 
   /* Now that we know the signature is okay, and we have a
    * publication time, cache the directory. */
-  if (get_options()->DirPort && !get_options()->V1AuthoritativeDir)
+  if (get_options()->DirPort && !authdir_mode_v1(get_options()))
     dirserv_set_cached_directory(str, published_on, 0);
 
   r = 0;
@@ -551,7 +551,7 @@ router_parse_runningrouters(const char *str)
 
   /* Now that we know the signature is okay, and we have a
    * publication time, cache the list. */
-  if (get_options()->DirPort && !get_options()->V1AuthoritativeDir)
+  if (get_options()->DirPort && !authdir_mode_v1(get_options()))
     dirserv_set_cached_directory(str, published_on, 1);
 
   r = 0;