New 'DisableNetwork' option to prevent Tor from using the network

Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.

We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners.  Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.

To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled.  In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.

1 files changed, 1 insertions, 10 deletions

diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index 6fd2b4f197..ce64581d1c 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -735,7 +735,6 @@ hibernate_soft_limit_reached(void)
 static void
 hibernate_begin(hibernate_state_t new_state, time_t now)
 {
-  connection_t *conn;
   const or_options_t *options = get_options();
 
   if (new_state == HIBERNATE_STATE_EXITING &&
@@ -756,15 +755,7 @@ hibernate_begin(hibernate_state_t new_state, time_t now)
   }
 
   /* close listeners. leave control listener(s). */
-  while ((conn = connection_get_by_type(CONN_TYPE_OR_LISTENER)) ||
-         (conn = connection_get_by_type(CONN_TYPE_AP_LISTENER)) ||
-         (conn = connection_get_by_type(CONN_TYPE_AP_TRANS_LISTENER)) ||
-         (conn = connection_get_by_type(CONN_TYPE_AP_DNS_LISTENER)) ||
-         (conn = connection_get_by_type(CONN_TYPE_AP_NATD_LISTENER)) ||
-         (conn = connection_get_by_type(CONN_TYPE_DIR_LISTENER))) {
-    log_info(LD_NET,"Closing listener type %d", conn->type);
-    connection_mark_for_close(conn);
-  }
+  connection_mark_all_noncontrol_listeners();
 
   /* XXX kill intro point circs */
   /* XXX upload rendezvous service descriptors with no intro points */