abstract ORPort/SocksPort checks into server_mode(), proxy_mode(), clique_mode(), etc. Dont change underlying comments.

svn:r2054

src/or/circuitbuild.c

@@ -113,7 +113,7 @@ void circuit_rep_hist_note_result(circuit_t *circ) {
      */
     return;
   }
-  if (options.ORPort) {
+  if (server_mode()) {
     prev_digest = router_get_my_routerinfo()->identity_digest;
   }
   do {
@@ -1014,7 +1014,7 @@ static int count_acceptable_routers(smartlist_t *routers) {
       log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
       goto next_i_loop;
     }
-    if(options.ORPort) {
+    if(clique_mode()) {
       conn = connection_get_by_identity_digest(r->identity_digest,
                                                CONN_TYPE_OR);
       if(!conn || conn->type != CONN_TYPE_OR || conn->state != OR_CONN_STATE_OPEN) {

src/or/circuituse.c

@@ -299,7 +299,7 @@ void circuit_build_needed_circs(time_t now) {
   if(time_to_new_circuit < now) {
     circuit_reset_failure_count();
     time_to_new_circuit = now + options.NewCircuitPeriod;
-    if(options.SocksPort)
+    if(proxy_mode())
       client_dns_clean();
     circuit_expire_old_circuits();
 

src/or/config.c

@@ -679,22 +679,20 @@ int getconfig(int argc, char **argv, or_options_t *options) {
     result = -1;
   }
 
-  if (options->ORPort) {
-    if (options->Nickname == NULL) {
-      if (!(options->Nickname = get_default_nickname()))
-        return -1;
-      log_fn(LOG_INFO, "Choosing default nickname %s", options->Nickname);
-    } else {
-      if (strspn(options->Nickname, LEGAL_NICKNAME_CHARACTERS) !=
-                 strlen(options->Nickname)) {
-        log_fn(LOG_WARN, "Nickname '%s' contains illegal characters.", options->Nickname);
-        result = -1;
-      }
-      if (strlen(options->Nickname) > MAX_NICKNAME_LEN) {
-        log_fn(LOG_WARN, "Nickname '%s' has more than %d characters.",
-               options->Nickname, MAX_NICKNAME_LEN);
-        result = -1;
-      }
+  if (options->Nickname == NULL) {
+    if (!(options->Nickname = get_default_nickname()))
+      return -1;
+    log_fn(LOG_INFO, "Choosing default nickname %s", options->Nickname);
+  } else {
+    if (strspn(options->Nickname, LEGAL_NICKNAME_CHARACTERS) !=
+        strlen(options->Nickname)) {
+      log_fn(LOG_WARN, "Nickname '%s' contains illegal characters.", options->Nickname);
+      result = -1;
+    }
+    if (strlen(options->Nickname) > MAX_NICKNAME_LEN) {
+      log_fn(LOG_WARN, "Nickname '%s' has more than %d characters.",
+             options->Nickname, MAX_NICKNAME_LEN);
+      result = -1;
     }
   }
 
@@ -732,7 +730,7 @@ int getconfig(int argc, char **argv, or_options_t *options) {
 
   /* XXX008 if AuthDir and ClientOnly then fail */
 
-  if(options->SocksPort > 1 &&
+  if(options->SocksPort >= 1 &&
      (options->PathlenCoinWeight < 0.0 || options->PathlenCoinWeight >= 1.0)) {
     log(LOG_WARN,"PathlenCoinWeight option must be >=0.0 and <1.0.");
     result = -1;

src/or/connection.c

@@ -545,7 +545,7 @@ static int retry_listeners(int type, struct config_line_t *cfg,
  *  - Relaunch listeners for each port you have open.
  */
 int retry_all_connections(void) {
-  if(options.ORPort) {
+  if(clique_mode()) {
     router_retry_connections();
   }
 

src/or/connection_or.c

@@ -272,7 +272,7 @@ connection_tls_finish_handshake(connection_t *conn) {
   connection_watch_events(conn, POLLIN);
   log_fn(LOG_DEBUG,"tls handshake done. verifying.");
   if (! tor_tls_peer_has_cert(conn->tls)) { /* It's an OP. */
-    if (options.ORPort) { /* I'm an OR; good. */
+    if (server_mode()) { /* I'm an OR; good. */
       conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
       return 0;
     } else { /* Neither side sent a certificate: ouch. */
@@ -323,7 +323,7 @@ connection_tls_finish_handshake(connection_t *conn) {
     connection_or_init_conn_from_router(conn,router);
   }
 
-  if (!options.ORPort) { /* If I'm an OP... */
+  if (!server_mode()) { /* If I'm an OP... */
     conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
   }
   directory_set_dirty();

src/or/main.c

@@ -345,7 +345,7 @@ void directory_has_arrived(void) {
 
   has_fetched_directory=1;
 
-  if(options.ORPort) { /* connect to them all */
+  if(clique_mode()) { /* connect to them all */
     router_retry_connections();
   }
 }
@@ -370,7 +370,7 @@ static void run_connection_housekeeping(int i, time_t now) {
      the connection or send a keepalive, depending. */
   if(connection_speaks_cells(conn) &&
      now >= conn->timestamp_lastwritten + options.KeepalivePeriod) {
-    if((!options.ORPort && !circuit_get_by_conn(conn)) ||
+    if((!clique_mode() && !circuit_get_by_conn(conn)) ||
        (!connection_state_is_open(conn))) {
       /* we're an onion proxy, with no circuits;
        * or our handshake has expired. kill it. */
@@ -380,7 +380,7 @@ static void run_connection_housekeeping(int i, time_t now) {
       connection_mark_for_close(conn);
       conn->hold_open_until_flushed = 1;
     } else {
-      /* either a full router, or we've got a circuit. send a padding cell. */
+      /* either in clique mode, or we've got a circuit. send a padding cell. */
       log_fn(LOG_DEBUG,"Sending keepalive to (%s:%d)",
              conn->address, conn->port);
       memset(&cell,0,sizeof(cell_t));
@@ -393,7 +393,7 @@ static void run_connection_housekeeping(int i, time_t now) {
 #define MIN_BW_TO_PUBLISH_DESC 5000 /* 5000 bytes/s sustained */
 #define MIN_UPTIME_TO_PUBLISH_DESC (30*60) /* half an hour */
 
-/** Decide if we're a server or just a client. We are a server if:
+/** Decide if we're a publishable server or just a client. We are a server if:
  * - We have the AuthoritativeDirectory option set.
  * or
  * - We don't have the ClientOnly option set; and
@@ -402,7 +402,7 @@ static void run_connection_housekeeping(int i, time_t now) {
  * - We have processed some suitable minimum bandwidth recently; and
  * - We believe we are reachable from the outside.
  */
-static int decide_if_server(time_t now) {
+static int decide_if_publishable_server(time_t now) {
 
   if(options.AuthoritativeDir)
     return 1;
@@ -420,6 +420,30 @@ static int decide_if_server(time_t now) {
   return 1;
 }
 
+/** Return true iff we try to stay connected to all ORs at once.  This
+ * option should go away as Tor becomes more P2P.
+ */
+int clique_mode(void) {
+  return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be a server.
+ */
+int server_mode(void) {
+  return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be an exit server.
+ */
+int exit_server_mode(void) {
+  return (options.ORPort != 0);
+}
+
+/** Return true iff we are trying to be a socks proxy. */
+int proxy_mode(void) {
+  return (options.SocksPort != 0);
+}
+
 /** Perform regular maintenance tasks.  This function gets run once per
  * second by prepare_for_poll.
  */
@@ -433,7 +457,7 @@ static void run_scheduled_events(time_t now) {
    *  shut down and restart all cpuworkers, and update the directory if
    *  necessary.
    */
-  if (options.ORPort && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
+  if (server_mode() && get_onion_key_set_at()+MIN_ONION_KEY_LIFETIME < now) {
     log_fn(LOG_INFO,"Rotating onion key.");
     rotate_onion_key();
     cpuworkers_rotate();
@@ -446,7 +470,10 @@ static void run_scheduled_events(time_t now) {
   /** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
   if (!last_rotated_certificate)
     last_rotated_certificate = now;
-  if (options.ORPort && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
+  /*XXXX008 we should remove the server_mode() check once OPs also use
+   * identity keys (which they can't do until the known-router check in
+   * connection_or.c is removed. */
+  if (server_mode() && last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
     log_fn(LOG_INFO,"Rotating tls context.");
     if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
                             MAX_SSL_KEY_LIFETIME) < 0) {
@@ -461,7 +488,7 @@ static void run_scheduled_events(time_t now) {
    *    our descriptor (if we've passed our internal checks). */
   if(time_to_fetch_directory < now) {
 
-    if(decide_if_server(now)) {
+    if(decide_if_publishable_server(now)) {
       router_rebuild_descriptor();
       router_upload_dir_desc_to_dirservers();
     }
@@ -665,11 +692,12 @@ static int do_hup(void) {
     /* fetch a new directory */
     directory_get_from_dirserver(DIR_PURPOSE_FETCH_DIR, NULL, 0);
   }
-  if(options.ORPort) {
+  if(server_mode()) {
     /* Restart cpuworker and dnsworker processes, so they get up-to-date
      * configuration options. */
     cpuworkers_rotate();
-    dnsworkers_rotate();
+    if (exit_server_mode())
+      dnsworkers_rotate();
     /* Rebuild fresh descriptor as needed. */
     router_rebuild_descriptor();
     sprintf(keydir,"%s/router.desc", get_data_directory(&options));
@@ -713,7 +741,7 @@ static int do_main_loop(void) {
     directory_has_arrived();
   }
 
-  if(options.ORPort) {
+  if(server_mode()) {
     cpu_init(); /* launch cpuworkers. Need to do this *after* we've read the onion key. */
   }
 
@@ -922,10 +950,10 @@ int tor_init(int argc, char *argv[]) {
     log_fn(LOG_WARN,"You are running Tor as root. You don't need to, and you probably shouldn't.");
 #endif
 
-  if(options.ORPort) { /* only spawn dns handlers if we're a router */
+  if(exit_server_mode()) { /* only spawn dns handlers if we're a router */
     dns_init(); /* initialize the dns resolve tree, and spawn workers */
   }
-  if(options.SocksPort) {
+  if(proxy_mode()) {
     client_dns_init(); /* init the client dns cache */
   }
 

src/or/or.h

@@ -1194,6 +1194,10 @@ void connection_stop_writing(connection_t *conn);
 void connection_start_writing(connection_t *conn);
 
 void directory_has_arrived(void);
+int clique_mode(void);
+int server_mode(void);
+int exit_server_mode(void);
+int proxy_mode(void);
 
 int main(int argc, char *argv[]);
 

src/or/router.c

@@ -217,10 +217,24 @@ int init_keys(void) {
   if (!key_lock)
     key_lock = tor_mutex_new();
 
-  /* OP's don't need keys.  Just initialize the TLS context.*/
-  if (!options.ORPort) {
+  /* OP's don't need persistant keys; just make up an identity and
+   * initialize the TLS context. */
+  if (!server_mode()) {
     tor_assert(!options.DirPort);
-    if (tor_tls_context_new(NULL, 0, NULL, 0)<0) {
+#if 0
+    /* XXXX008 enable this once we make ORs tolerate unknown routers. */
+    if (!(prkey = crypto_new_pk_env()))
+      return -1;
+    if (crypto_pk_generate_key(prkey))
+      return -1;
+    set_identity_key(prkey);
+    if (tor_tls_context_new(get_identity_key(), 1, options.Nickname,
+                            MAX_SSL_KEY_LIFETIME) < 0) {
+      log_fn(LOG_ERR, "Error creating TLS context for OP.");
+      return -1;
+    }
+#endif
+    if (tor_tls_context_new(NULL, 0, NULL, MAX_SSL_KEY_LIFETIME)<0) {
       log_fn(LOG_ERR, "Error creating TLS context for OP.");
       return -1;
     }
@@ -435,7 +449,7 @@ int router_is_me(routerinfo_t *router)
  * necessary.  Return NULL on error, or if called on an OP. */
 routerinfo_t *router_get_my_routerinfo(void)
 {
-  if (!options.ORPort)
+  if (!server_mode())
     return NULL;
 
   if (!desc_routerinfo) {

src/or/routerlist.c

@@ -168,7 +168,7 @@ void router_add_running_routers_to_smartlist(smartlist_t *sl) {
   for(i=0;i<smartlist_len(routerlist->routers);i++) {
     router = smartlist_get(routerlist->routers, i);
     if(router->is_running &&
-       (!options.ORPort ||
+       (!clique_mode() ||
         connection_get_by_identity_digest(router->identity_digest,
                                           CONN_TYPE_OR)))
       smartlist_add(sl, router);