New config option V2AuthoritativeDirectory that all directory

authorities should set. This will let future authorities choose not to serve V2 directory information. Also, go through and revamp all the authdir_mode stuff so it tries to do the right thing if you're an auth but not a V1 or V2 auth. svn:r10092
2024-11-23 20:03:31 +01:00 · 2007-05-02 09:12:04 +00:00 · 2007-05-02 09:12:04 +00:00 · 1b95bbdba6
commit 1b95bbdba6
parent 87c19c0c49
11 changed files with 129 additions and 93 deletions
--- a/3
+++ b/3
@ -66,6 +66,9 @@ Changes in version 0.2.0.1-alpha - 2007-??-??
    - Directory authorities allow multiple router descriptors and/or extra
      info documents to be uploaded in a single go.  This will make
      implementing proposal 104 simpler.
+    - New config option V2AuthoritativeDirectory that all directory
+      authorities should set. This will let future authorities choose
+      not to serve V2 directory information.

  o Minor features (controller):
    - Add a new config option __DisablePredictedCircuits designed for
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@ -837,11 +837,15 @@ admins at tor-ops@freehaven.net if you think you should be a directory.
 .LP
 .TP
 \fBV1AuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
-When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor also
-generates a version 1 directory (for Tor clients up to 0.1.0.x).
-(As of Tor 0.1.1.12 every (v2) authoritative directory still provides most of
-the v1 directory functionality, even without this option set to 1.
-This however is expected to change in the future.)
+When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor
+generates version 1 directory and running-routers documents (for legacy
+Tor clients up to 0.1.0.x).
+.LP
+.TP
+\fBV2AuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
+When this option is set in addition to \fBAuthoritativeDirectory\fP, Tor
+generates version 2 network statuses and serves descriptors, etc as
+described in doc/spec/dir-spec.txt.
 .LP
 .TP
 \fBVersioningAuthoritativeDirectory \fR\fB0\fR|\fB1\fR\fP
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@ -1097,7 +1097,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
 }

 /** Return true iff <b>crypt_path</b> is one of the crypt_paths for
- * <b>circ</b> */
+ * <b>circ</b>. */
 static int
 cpath_is_on_circuit(origin_circuit_t *circ, crypt_path_t *crypt_path)
 {
--- a/src/or/config.c
+++ b/src/or/config.c
@ -256,6 +256,7 @@ static config_var_t _option_vars[] = {
  VAR("UseEntryGuards",      BOOL,     UseEntryGuards,       "1"),
  VAR("User",                STRING,   User,                 NULL),
  VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
+  VAR("V2AuthoritativeDirectory",BOOL, V2AuthoritativeDir,   "0"),
  VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
  VAR("VirtualAddrNetwork",  STRING,   VirtualAddrNetwork,   "127.192.0.0/10"),
  VAR("__AllDirActionsPrivate",BOOL,   AllDirActionsPrivate, "0"),
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@ -676,7 +676,7 @@ connection_or_check_valid_handshake(or_connection_t *conn, int started_here,
              END_OR_CONN_REASON_OR_IDENTITY);
      as_advertised = 0;
    }
-    if (authdir_mode(options)) {
+    if (authdir_mode_handles_descs(options)) {
      /* We initiated this connection to address:port.  Drop all routers
       * with the same address:port and a different key.
       */
--- a/src/or/directory.c
+++ b/src/or/directory.c
@ -886,6 +886,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
  int skewed=0;
  int allow_partial = conn->_base.purpose == DIR_PURPOSE_FETCH_SERVERDESC;
  int was_compressed=0;
+  time_t now = time(NULL);

  switch (fetch_from_buf_http(conn->_base.inbuf,
                              &headers, MAX_HEADERS_SIZE,
@ -957,7 +958,6 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
  if (status_code == 503) {
    local_routerstatus_t *rs;
    trusted_dir_server_t *ds;
-    time_t now = time(NULL);
    log_info(LD_DIR,"Received http status code %d (%s) from server "
             "'%s:%d'. I'll try again soon.",
             status_code, escaped(reason), conn->_base.address,
@ -1118,7 +1118,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
      if (next)
        next[1] = '\0';
      /* learn from it, and then remove it from 'which' */
-      if (router_set_networkstatus(cp, time(NULL), source, which)<0)
+      if (router_set_networkstatus(cp, now, source, which)<0)
        break;
      if (next) {
        next[1] = 'n';
@ -1126,8 +1126,8 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
      } else
        break;
    }
-    routers_update_all_from_networkstatus(); /*launches router downloads*/
-    directory_info_has_arrived(time(NULL), 0);
+    routers_update_all_from_networkstatus(now); /*launches router downloads*/
+    directory_info_has_arrived(now, 0);
    if (which) {
      if (smartlist_len(which)) {
        dir_networkstatus_download_failed(which, status_code);
@ -1180,7 +1180,7 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
                  !strcmpstart(conn->requested_resource, "all"))) {
      /* as we learn from them, we remove them from 'which' */
      router_load_routers_from_string(body, SAVED_NOWHERE, which);
-      directory_info_has_arrived(time(NULL), 0);
+      directory_info_has_arrived(now, 0);
    }
    if (which) { /* mark remaining ones as failed */
      log_info(LD_DIR, "Received %d/%d routers requested from %s:%d",
@ -1831,7 +1831,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,

  if (!strcmp(url,"/tor/dir-all-weaselhack") &&
      (conn->_base.addr == 0x7f000001ul) &&
-      authdir_mode(options)) {
+      authdir_mode_v2(options)) {
    /* until weasel rewrites his scripts at noreply */
    char *new_directory=NULL;

@ -1889,7 +1889,8 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,
  }
  log_debug(LD_DIRSERV,"rewritten url as '%s'.", url);

-  if (!strcmp(url,"/tor/")) { /* server descriptor post */
+  if (authdir_mode_handles_descs(options) &&
+      !strcmp(url,"/tor/")) { /* server descriptor post */
    const char *msg;
    int r = dirserv_add_multiple_descriptors(body, &msg);
    tor_assert(msg);
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -232,16 +232,7 @@ dirserv_load_fingerprint_file(void)
      /* If you approved an OR called "client", then clients who use
       * the default nickname could all be rejected.  That's no good. */
      log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' would break "
-                 "many clients; skipping.",
-                 DEFAULT_CLIENT_NICKNAME);
-      continue;
-    }
-    if (0==strcasecmp(nickname, DEFAULT_CLIENT_NICKNAME)) {
-      /* If you approved an OR called "client", then clients who use
-       * the default nickname could all be rejected.  That's no good. */
-      log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' would break "
+                 "Authorizing nickname '%s' would break "
                 "many clients; skipping.",
                 DEFAULT_CLIENT_NICKNAME);
      continue;
@ -250,7 +241,7 @@ dirserv_load_fingerprint_file(void)
      /* If you approved an OR called "unnamed", then clients will be
       * confused. */
      log_notice(LD_CONFIG,
-                 "Authorizing a nickname '%s' is not allowed; skipping.",
+                 "Authorizing nickname '%s' is not allowed; skipping.",
                 UNNAMED_ROUTER_NICKNAME);
      continue;
    }
@ -754,7 +745,7 @@ directory_set_dirty(void)

 /**
 * Allocate and return a description of the status of the server <b>desc</b>,
- * for use in a router-status line.  The server is listed
+ * for use in a v1-style router-status line.  The server is listed
 * as running iff <b>is_live</b> is true.
 */
 static char *
@ -814,7 +805,7 @@ dirserv_thinks_router_is_blatantly_unreachable(routerinfo_t *router,
 }

 /** Based on the routerinfo_ts in <b>routers</b>, allocate the
- * contents of a router-status line, and store it in
+ * contents of a v1-style router-status line, and store it in
 * *<b>router_status_out</b>.  Return 0 on success, -1 on failure.
 *
 * If for_controller is true, include the routers with very old descriptors.
@ -829,14 +820,17 @@ list_server_status(smartlist_t *routers, char **router_status_out,
  smartlist_t *rs_entries;
  time_t now = time(NULL);
  time_t cutoff = now - ROUTER_MAX_AGE_TO_PUBLISH;
-  int authdir_mode = get_options()->AuthoritativeDir;
+  or_options_t *options = get_options();
+  /* We include v2 dir auths here too, because they need to answer
+   * controllers. Eventually we'll deprecate this whole function. */
+  int authdir = authdir_mode_handles_descs(options);
  tor_assert(router_status_out);

  rs_entries = smartlist_create();

  SMARTLIST_FOREACH(routers, routerinfo_t *, ri,
  {
-    if (authdir_mode) {
+    if (authdir) {
      /* Update router status in routerinfo_t. */
      ri->is_running = dirserv_thinks_router_is_reachable(ri, now);
    }
@ -1004,12 +998,12 @@ dirserv_dump_directory_to_string(char **dir_out,
  return -1;
 }

-/** Most recently generated encoded signed v1 directory. (auth dirservers
- * only.)*/
+/** Most recently generated encoded signed v1 directory. (v1 auth dirservers
+ * only.) */
 static cached_dir_t *the_directory = NULL;

-/* Used only by non-auth dirservers: The v1 directory and runningrouters we'll
- * serve when requested. */
+/* Used only by non-v1-auth dirservers: The v1 directory and
+ * runningrouters we'll serve when requested. */
 static cached_dir_t *cached_directory = NULL;
 static cached_dir_t cached_runningrouters = { NULL, NULL, 0, 0, 0, -1 };

@ -1098,8 +1092,8 @@ _free_cached_dir(void *_d)
 *
 * If <b>published</b> is too old, do nothing.
 *
- * If <b>is_running_routers</b>, this is really a running_routers document
- * rather than a v1 directory.
+ * If <b>is_running_routers</b>, this is really a v1 running_routers
+ * document rather than a v1 directory.
 */
 void
 dirserv_set_cached_directory(const char *directory, time_t published,
@ -1118,11 +1112,13 @@ dirserv_set_cached_directory(const char *directory, time_t published,
  }
 }

-/** We've just received a v2 network-status for an authoritative directory
- * with identity digest <b>identity</b> published at
- * <b>published</b>.  Store it so we can serve it to others.  If
- * <b>directory</b> is NULL, remove the entry with the given fingerprint from
- * the cache.
+/** If <b>networkstatus</b> is non-NULL, we've just received a v2
+ * network-status for an authoritative directory with identity digest
+ * <b>identity</b> published at <b>published</b> -- store it so we can
+ * serve it to others.
+ *
+ * If <b>networkstatus</b> is NULL, remove the entry with the given
+ * identity fingerprint from the v2 cache.
 */
 void
 dirserv_set_cached_networkstatus_v2(const char *networkstatus,
@ -1181,7 +1177,7 @@ dirserv_set_cached_networkstatus_v2(const char *networkstatus,
  }
 }

-/** Remove any networkstatus from the directory cache that was published
+/** Remove any v2 networkstatus from the directory cache that was published
 * before <b>cutoff</b>. */
 void
 dirserv_clear_old_networkstatuses(time_t cutoff)
@ -1230,8 +1226,8 @@ dirserv_clear_old_v1_info(time_t now)
  }
 }

-/** Helper: If we're an authority for the right directory version (the
- * directory version is determined by <b>is_v1_object</b>), try to regenerate
+/** Helper: If we're an authority for the right directory version (v1 if
+ * <b>is_v1_object</b> if non-0, else v2), try to regenerate
 * auth_src as appropriate and return it, falling back to cache_src on
 * failure.  If we're a cache, return cache_src.
 */
@ -1242,8 +1238,9 @@ dirserv_pick_cached_dir_obj(cached_dir_t *cache_src,
                            const char *name,
                            int is_v1_object)
 {
-  int authority = get_options()->AuthoritativeDir &&
-    (!is_v1_object || get_options()->V1AuthoritativeDir);
+  or_options_t *options = get_options();
+  int authority = (authdir_mode_v1(options) && is_v1_object) ||
+                  (authdir_mode_v2(options) && !is_v1_object);

  if (!authority) {
    return cache_src;
@ -1298,9 +1295,9 @@ dirserv_get_obj(const char **out,
  }
 }

-/** Return the most recently generated encoded signed directory, generating a
- * new one as necessary.  If not an authoritative directory may return NULL if
- * no directory is yet cached. */
+/** Return the most recently generated encoded signed v1 directory,
+ * generating a new one as necessary.  If not a v1 authoritative directory
+ * may return NULL if no directory is yet cached. */
 cached_dir_t *
 dirserv_get_directory(void)
 {
@ -1310,9 +1307,9 @@ dirserv_get_directory(void)
                                     "server directory", 1);
 }

-/**
- * Generate a fresh v1 directory (authdirservers only); set the_directory
- * and return a pointer to the new value.
+/** Only called by v1 auth dirservers.
+ * Generate a fresh v1 directory; set the_directory and return a pointer
+ * to the new value.
 */
 static cached_dir_t *
 dirserv_regenerate_directory(void)
@ -1344,7 +1341,8 @@ dirserv_regenerate_directory(void)
 /** For authoritative directories: the current (v1) network status. */
 static cached_dir_t the_runningrouters = { NULL, NULL, 0, 0, 0, -1 };

-/** Replace the current running-routers list with a newly generated one. */
+/** Only called by v1 auth dirservers.
+ * Replace the current running-routers list with a newly generated one. */
 static cached_dir_t *
 generate_runningrouters(void)
 {
@ -1415,11 +1413,11 @@ dirserv_get_runningrouters(const char **rr, int compress)
 static cached_dir_t *the_v2_networkstatus = NULL;

 /** Return true iff our opinion of the routers has been stale for long
- * enough that we should generate a new network status doc. */
+ * enough that we should generate a new v2 network status doc. */
 static int
 should_generate_v2_networkstatus(void)
 {
-  return get_options()->AuthoritativeDir &&
+  return authdir_mode_v2(get_options()) &&
    the_v2_networkstatus_is_dirty &&
    the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
 }
@ -1569,7 +1567,7 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
  smartlist_free(bandwidths_excluding_exits);
 }

-/** For authoritative directories only: replace the contents of
+/** For v2 authoritative directories only: replace the contents of
 * <b>the_v2_networkstatus</b> with a newly generated network status
 * object. */
 static cached_dir_t *
@ -1744,6 +1742,8 @@ generate_v2_networkstatus(void)
                       f_running?" Running":"",
                       f_valid?" Valid":"",
                       f_v2_dir?" V2Dir":"")<0) {
+                       /* when adding more flags, remember to change
+                        * the #defines at the top of this function. */
        log_warn(LD_BUG, "Unable to print router status.");
        goto done;
      }
@ -1819,7 +1819,7 @@ dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
    generate_v2_networkstatus();

  if (!strcmp(key,"authority")) {
-    if (get_options()->AuthoritativeDir) {
+    if (authdir_mode_v2(get_options())) {
      routerinfo_t *me = router_get_my_routerinfo();
      if (me)
        smartlist_add(result,
@ -1839,7 +1839,8 @@ dirserv_get_networkstatus_v2_fingerprints(smartlist_t *result,
    } else {
      SMARTLIST_FOREACH(router_get_trusted_dir_servers(),
                  trusted_dir_server_t *, ds,
-                  smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
+                  if (ds->is_v2_authority)
+                    smartlist_add(result, tor_memdup(ds->digest, DIGEST_LEN)));
    }
    smartlist_sort_digests(result);
    if (smartlist_len(result) == 0)
--- a/src/or/or.h
+++ b/src/or/or.h
@ -1716,6 +1716,8 @@ typedef struct {
  int AuthoritativeDir; /**< Boolean: is this an authoritative directory? */
  int V1AuthoritativeDir; /**< Boolean: is this an authoritative directory
                           * for version 1 directories? */
+  int V2AuthoritativeDir; /**< Boolean: is this an authoritative directory
+                           * for version 2 directories? */
  int HSAuthoritativeDir; /**< Boolean: does this an authoritative directory
                           * handle hidden service requests? */
  int HSAuthorityRecordStats; /**< Boolean: does this HS authoritative
@ -2938,6 +2940,9 @@ void router_dirport_found_reachable(void);
 void router_perform_bandwidth_test(int num_circs, time_t now);

 int authdir_mode(or_options_t *options);
+int authdir_mode_v1(or_options_t *options);
+int authdir_mode_v2(or_options_t *options);
+int authdir_mode_handles_descs(or_options_t *options);
 int clique_mode(or_options_t *options);
 int server_mode(or_options_t *options);
 int advertised_server_mode(void);
@ -3107,7 +3112,7 @@ local_routerstatus_t *router_get_combined_status_by_digest(const char *digest);
 routerstatus_t *routerstatus_get_by_hexdigest(const char *hexdigest);
 void update_networkstatus_downloads(time_t now);
 void update_router_descriptor_downloads(time_t now);
-void routers_update_all_from_networkstatus(void);
+void routers_update_all_from_networkstatus(time_t now);
 void routers_update_status_from_networkstatus(smartlist_t *routers,
                                              int reset_failures);
 smartlist_t *router_list_superseded(void);
--- a/src/or/router.c
+++ b/src/or/router.c
@ -377,7 +377,7 @@ init_keys(void)
                           (uint16_t)options->ORPort,
                           digest,
                           options->V1AuthoritativeDir, /* v1 authority */
-                           1, /* v2 authority */
+                           options->V2AuthoritativeDir, /* v2 authority */
                           options->HSAuthoritativeDir /*hidserv authority*/);
  }
  return 0; /* success */
@ -594,12 +594,37 @@ authdir_mode(or_options_t *options)
 {
  return options->AuthoritativeDir != 0;
 }
+/** Return true iff we believe ourselves to be a v1 authoritative
+ * directory server.
+ */
+int
+authdir_mode_v1(or_options_t *options)
+{
+  return authdir_mode(options) && options->V1AuthoritativeDir != 0;
+}
+/** Return true iff we believe ourselves to be a v2 authoritative
+ * directory server.
+ */
+int
+authdir_mode_v2(or_options_t *options)
+{
+  return authdir_mode(options) && options->V2AuthoritativeDir != 0;
+}
+/** Return true iff we are an authoritative directory server that
+ * handles descriptors -- including receiving posts, creating directories,
+ * and testing reachability.
+ */
+int
+authdir_mode_handles_descs(or_options_t *options)
+{
+  return authdir_mode_v1(options) || authdir_mode_v2(options);
+}
 /** Return true iff we try to stay connected to all ORs at once.
 */
 int
 clique_mode(or_options_t *options)
 {
-  return authdir_mode(options);
+  return authdir_mode_handles_descs(options);
 }

 /** Return true iff we are trying to be a server.
@ -647,7 +672,7 @@ proxy_mode(or_options_t *options)
 * - We have ORPort set
 * and
 * - We believe we are reachable from the outside; or
- * - We have the AuthoritativeDirectory option set.
+ * - We are an authoritative directory server.
 */
 static int
 decide_if_publishable_server(void)
@ -660,7 +685,7 @@ decide_if_publishable_server(void)
    return 0;
  if (!server_mode(options))
    return 0;
-  if (options->AuthoritativeDir)
+  if (authdir_mode(options))
    return 1;

  return check_whether_orport_reachable();
@ -695,8 +720,8 @@ consider_publishable_server(int force)
 * Clique maintenance -- to be phased out.
 */

-/** Return true iff this OR should try to keep connections open to all
- * other ORs. */
+/** Return true iff we believe this OR tries to keep connections open
+ * to all other ORs. */
 int
 router_is_clique_mode(routerinfo_t *router)
 {
@ -1128,7 +1153,7 @@ check_descriptor_ipaddress_changed(time_t now)
 * headers. */
 static uint32_t last_guessed_ip = 0;

-/** A directory authority told us our IP address is <b>suggestion</b>.
+/** A directory server told us our IP address is <b>suggestion</b>.
 * If this address is different from the one we think we are now, and
 * if our computer doesn't actually know its IP address, then switch. */
 void
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@ -153,7 +153,7 @@ router_reload_networkstatus(void)
  SMARTLIST_FOREACH(entries, char *, fn, tor_free(fn));
  smartlist_free(entries);
  networkstatus_list_clean(time(NULL));
-  routers_update_all_from_networkstatus();
+  routers_update_all_from_networkstatus(time(NULL));
  routerlist_check_bug_417();
  return 0;
 }
@ -565,8 +565,7 @@ router_get_trusteddirserver_by_digest(const char *digest)
 /** Try to find a running trusted dirserver. If there are no running
 * trusted dirservers and <b>retry_if_no_servers</b> is non-zero,
 * set them all as running again, and try again.
- * If <b>need_v1_authority</b> is set, return only trusted servers
- * that are authorities for the V1 directory protocol.
+ * <b>type> specifies the type of authoritative dir we require.
 * Other args are as in router_pick_trusteddirserver_impl().
 */
 routerstatus_t *
@ -594,7 +593,8 @@ router_pick_trusteddirserver(authority_type_t type,
 #define DIR_503_TIMEOUT (60*60)

 /** Pick a random running valid directory server/mirror from our
- * routerlist.  Don't pick an authority if any non-authorities are viable.
+ * routerlist.
+ *
 * If <b>fascistfirewall</b>, make sure the router we pick is allowed
 * by our firewall options.
 * If <b>requireother</b>, it cannot be us. If <b>for_v2_directory</b>,
@ -602,8 +602,9 @@ router_pick_trusteddirserver(authority_type_t type,
 * functionality.
 * If <b>prefer_tunnel</b>, choose a directory server that is reachable
 * and supports BEGIN_DIR cells, if possible.
- * Try to avoid using servers that are overloaded (have returned 503
- * recently).
+ *
+ * Don't pick an authority if any non-authorities are viable. Try to
+ * avoid using servers that are overloaded (have returned 503 recently).
 */
 static routerstatus_t *
 router_pick_directory_server_impl(int requireother, int fascistfirewall,
@ -681,9 +682,8 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall,

 /** Choose randomly from among the trusted dirservers that are up.  If
 * <b>fascistfirewall</b>, make sure the port we pick is allowed by our
- * firewall options.  If <b>requireother</b>, it cannot be us.  If
- * <b>need_v1_authority</b>, choose a trusted authority for the v1 directory
- * system.
+ * firewall options.  If <b>requireother</b>, it cannot be us.
+ * <b>type> specifies the type of authoritative dir we require.
 */
 static routerstatus_t *
 router_pick_trusteddirserver_impl(authority_type_t type,
@ -1433,8 +1433,7 @@ router_digest_is_trusted_dir(const char *digest)
 {
  if (!trusted_dir_servers)
    return 0;
-  if (get_options()->AuthoritativeDir &&
-      router_digest_is_me(digest))
+  if (authdir_mode(get_options()) && router_digest_is_me(digest))
    return 1;
  SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ent,
                    if (!memcmp(digest, ent->digest, DIGEST_LEN)) return 1);
@ -2103,7 +2102,7 @@ router_add_to_routerlist(routerinfo_t *router, const char **msg,
                         int from_cache, int from_fetch)
 {
  const char *id_digest;
-  int authdir = get_options()->AuthoritativeDir;
+  int authdir = authdir_mode(get_options());
  int authdir_believes_valid = 0;
  routerinfo_t *old_router;

@ -2778,7 +2777,7 @@ router_set_networkstatus(const char *s, time_t arrived_at,
       * authority we didn't recognize. */
      log_info(LD_DIR,
               "We do not recognize authority (%s) but we are willing "
-               "to cache it", fp);
+               "to cache it.", fp);
      add_networkstatus_to_cache(s, source, ns);
      networkstatus_free(ns);
    }
@ -3043,14 +3042,15 @@ signed_desc_digest_is_recognized(signed_descriptor_t *desc)
 #define NONAUTHORITY_NS_CACHE_INTERVAL (15*60)

 /** We are a directory server, and so cache network_status documents.
- * Initiate downloads as needed to update them.  For authorities, this means
- * asking each trusted directory for its network-status.  For caches, this
- * means asking a random authority for all network-statuses.
+ * Initiate downloads as needed to update them.  For v2 authorities,
+ * this means asking each trusted directory for its network-status.
+ * For caches, this means asking a random v2 authority for all
+ * network-statuses.
 */
 static void
 update_networkstatus_cache_downloads(time_t now)
 {
-  int authority = authdir_mode(get_options());
+  int authority = authdir_mode_v2(get_options());
  int interval =
    authority ? AUTHORITY_NS_CACHE_INTERVAL : NONAUTHORITY_NS_CACHE_INTERVAL;

@ -3491,17 +3491,15 @@ compute_recommended_versions(time_t now, int client,
 * list.
 */
 void
-routers_update_all_from_networkstatus(void)
+routers_update_all_from_networkstatus(time_t now)
 {
  routerinfo_t *me;
-  time_t now;
  if (!routerlist || !networkstatus_list ||
      (!networkstatus_list_has_changed && !routerstatus_list_has_changed))
    return;

  router_dir_info_changed();

-  now = time(NULL);
  if (networkstatus_list_has_changed)
    routerstatus_list_update_from_networkstatus(now);

@ -3756,7 +3754,7 @@ routerstatus_list_update_from_networkstatus(time_t now)
                 other_digest != conflict) {
        if (!warned) {
          char *d;
-          int should_warn = options->DirPort && options->AuthoritativeDir;
+          int should_warn = options->DirPort && authdir_mode(options);
          char fp1[HEX_DIGEST_LEN+1];
          char fp2[HEX_DIGEST_LEN+1];
          base16_encode(fp1, sizeof(fp1), other_digest, DIGEST_LEN);
@ -3982,9 +3980,8 @@ routers_update_status_from_networkstatus(smartlist_t *routers,
  trusted_dir_server_t *ds;
  local_routerstatus_t *rs;
  or_options_t *options = get_options();
-  int authdir = options->AuthoritativeDir;
-  int namingdir = options->AuthoritativeDir &&
-    options->NamingAuthoritativeDir;
+  int authdir = authdir_mode_v2(options);
+  int namingdir = authdir && options->NamingAuthoritativeDir;

  if (!routerstatus_list)
    return;
@ -4299,7 +4296,6 @@ update_router_descriptor_cache_downloads(time_t now)
  int i, j, n;
  int n_download;
  or_options_t *options = get_options();
-  (void) now;

  if (!options->DirPort) {
    log_warn(LD_BUG, "Called update_router_descriptor_cache_downloads() "
@ -4357,7 +4353,7 @@ update_router_descriptor_cache_downloads(time_t now)
            rs->need_to_mirror = 0;
            continue;
          }
-          if (options->AuthoritativeDir && dirserv_would_reject_router(rs)) {
+          if (authdir_mode(options) && dirserv_would_reject_router(rs)) {
            rs->need_to_mirror = 0;
            continue;
          }
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@ -491,7 +491,7 @@ router_parse_directory(const char *str)

  /* Now that we know the signature is okay, and we have a
   * publication time, cache the directory. */
-  if (get_options()->DirPort && !get_options()->V1AuthoritativeDir)
+  if (get_options()->DirPort && !authdir_mode_v1(get_options()))
    dirserv_set_cached_directory(str, published_on, 0);

  r = 0;
@ -551,7 +551,7 @@ router_parse_runningrouters(const char *str)

  /* Now that we know the signature is okay, and we have a
   * publication time, cache the list. */
-  if (get_options()->DirPort && !get_options()->V1AuthoritativeDir)
+  if (get_options()->DirPort && !authdir_mode_v1(get_options()))
    dirserv_set_cached_directory(str, published_on, 1);

  r = 0;