First cut of code to enable RefuseUnknownExits

The RefuseUnknownExits config option is now a tristate, with "1"
meaning "enable it no matter what the consensus says", "0" meaning
"disable it no matter what the consensus says", and "auto" meaning "do
what the consensus says".  If the consensus is silent, we enable
RefuseUnknownExits.

This patch also changes the dirserv logic so that refuseunknownexits
won't make us cache unless we're an exit.

1 files changed, 9 insertions, 3 deletions

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 3fcf1783d7..6dca0d100f 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1153,18 +1153,21 @@ directory_fetches_from_authorities(or_options_t *options)
 {
   routerinfo_t *me;
   uint32_t addr;
+  int refuseunknown;
   if (options->FetchDirInfoEarly)
     return 1;
   if (options->BridgeRelay == 1)
     return 0;
   if (server_mode(options) && router_pick_published_address(options, &addr)<0)
     return 1; /* we don't know our IP address; ask an authority. */
-  if (options->DirPort == 0 && !options->RefuseUnknownExits)
+  refuseunknown = router_my_exit_policy_is_reject_star() &&
+    should_refuse_unknown_exits(options);
+  if (options->DirPort == 0 && !refuseunknown)
     return 0;
   if (!server_mode(options) || !advertised_server_mode())
     return 0;
   me = router_get_my_routerinfo();
-  if (!me || (!me->dir_port && !options->RefuseUnknownExits))
+  if (!me || (!me->dir_port && !refuseunknown))
     return 0; /* if dirport not advertised, return 0 too */
   return 1;
 }
@@ -1208,7 +1211,10 @@ directory_caches_dir_info(or_options_t *options)
     return 1;
   if (!server_mode(options) || !advertised_server_mode())
     return 0;
-  return options->RefuseUnknownExits;
+  /* We need an up-to-date view of network info if we're going to try to
+   * block unknown exits. */
+  return router_my_exit_policy_is_reject_star() &&
+    should_refuse_unknown_exits(options);
 }
 
 /** Return 1 if we want to allow remote people to ask us directory