Move BW-guarantee options in to dirauth module.

6 files changed, 24 insertions, 56 deletions

diff --git a/src/app/config/config.c b/src/app/config/config.c
index 095c12109c..f3d889edb6 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -329,8 +329,6 @@ static const config_var_t option_vars_[] = {
   V(AuthDirBadExitCCs,           CSV,      ""),
   V(AuthDirInvalid,              LINELIST, NULL),
   V(AuthDirInvalidCCs,           CSV,      ""),
-  V(AuthDirFastGuarantee,        MEMUNIT,  "100 KB"),
-  V(AuthDirGuardBWGuarantee,     MEMUNIT,  "2 MB"),
   V(AuthDirPinKeys,              BOOL,     "1"),
   V(AuthDirReject,               LINELIST, NULL),
   V(AuthDirRejectCCs,            CSV,      ""),
@@ -3876,8 +3874,6 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
 
   if (options_validate_relay_bandwidth(old_options, options, msg) < 0)
     return -1;
-  if (options_validate_dirauth_bandwidth(old_options, options, msg) < 0)
-    return -1;
 
   if (options->BandwidthRate > options->BandwidthBurst)
     REJECT("BandwidthBurst must be at least equal to BandwidthRate.");
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index 037dbf5a32..9d58633aab 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -462,14 +462,6 @@ struct or_options_t {
   int AuthDirHasIPv6Connectivity; /**< Boolean: are we on IPv6?  */
   int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */
 
-  /** If non-zero, always vote the Fast flag for any relay advertising
-   * this amount of capacity or more. */
-  uint64_t AuthDirFastGuarantee;
-
-  /** If non-zero, this advertised capacity or more is always sufficient
-   * to satisfy the bandwidth requirement for the Guard flag. */
-  uint64_t AuthDirGuardBWGuarantee;
-
   char *AccountingStart; /**< How long is the accounting interval, and when
                           * does it start? */
   uint64_t AccountingMax; /**< How many bytes do we allow per accounting
diff --git a/src/feature/dirauth/dirauth_config.c b/src/feature/dirauth/dirauth_config.c
index 821ea38acd..ccece9721d 100644
--- a/src/feature/dirauth/dirauth_config.c
+++ b/src/feature/dirauth/dirauth_config.c
@@ -118,39 +118,6 @@ options_validate_dirauth_mode(const or_options_t *old_options,
 }
 
 /**
- * Legacy validation/normalization function for the dirauth bandwidth options
- * in options. Uses old_options as the previous options.
- *
- * Returns 0 on success, returns -1 and sets *msg to a newly allocated string
- * on error.
- */
-int
-options_validate_dirauth_bandwidth(const or_options_t *old_options,
-                                   or_options_t *options,
-                                   char **msg)
-{
-  (void)old_options;
-
-  if (BUG(!options))
-    return -1;
-
-  if (BUG(!msg))
-    return -1;
-
-  if (!authdir_mode(options))
-    return 0;
-
-  if (config_ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
-                           "AuthDirFastGuarantee", msg) < 0)
-    return -1;
-  if (config_ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee,
-                           "AuthDirGuardBWGuarantee", msg) < 0)
-    return -1;
-
-  return 0;
-}
-
-/**
  * Legacy validation/normalization function for the dirauth schedule options
  * in options. Uses old_options as the previous options.
  *
@@ -441,6 +408,13 @@ dirauth_options_pre_normalize(void *arg, char **msg_out)
     options->RecommendedServerVersions =
       config_lines_dup(options->RecommendedVersions);
 
+  if (config_ensure_bandwidth_cap(&options->AuthDirFastGuarantee,
+                           "AuthDirFastGuarantee", msg_out) < 0)
+    return -1;
+  if (config_ensure_bandwidth_cap(&options->AuthDirGuardBWGuarantee,
+                                  "AuthDirGuardBWGuarantee", msg_out) < 0)
+    return -1;
+
   return 0;
 }
 
diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h
index d21fb69d1e..163f036e11 100644
--- a/src/feature/dirauth/dirauth_config.h
+++ b/src/feature/dirauth/dirauth_config.h
@@ -22,10 +22,6 @@ int options_validate_dirauth_mode(const struct or_options_t *old_options,
                                   struct or_options_t *options,
                                   char **msg);
 
-int options_validate_dirauth_bandwidth(const struct or_options_t *old_options,
-                                       struct or_options_t *options,
-                                       char **msg);
-
 int options_validate_dirauth_schedule(const struct or_options_t *old_options,
                                       struct or_options_t *options,
                                       char **msg);
@@ -67,8 +63,6 @@ options_validate_dirauth_mode(const struct or_options_t *old_options,
   return 0;
 }
 
-#define options_validate_dirauth_bandwidth(old_options, options, msg) \
-  (((void)(old_options)),((void)(options)),((void)(msg)),0)
 #define options_validate_dirauth_schedule(old_options, options, msg) \
   (((void)(old_options)),((void)(options)),((void)(msg)),0)
 #define options_validate_dirauth_testing(old_options, options, msg) \
diff --git a/src/feature/dirauth/dirauth_options.inc b/src/feature/dirauth/dirauth_options.inc
index f9ca2bb4dc..1870f46511 100644
--- a/src/feature/dirauth/dirauth_options.inc
+++ b/src/feature/dirauth/dirauth_options.inc
@@ -12,6 +12,14 @@
 /** Holds configuration about our directory authority options. */
 BEGIN_CONF_STRUCT(dirauth_options_t)
 
+/** If non-zero, always vote the Fast flag for any relay advertising
+ * this amount of capacity or more. */
+CONF_VAR(AuthDirFastGuarantee, MEMUNIT, 0, "100 KB")
+
+/** If non-zero, this advertised capacity or more is always sufficient
+ * to satisfy the bandwidth requirement for the Guard flag. */
+CONF_VAR(AuthDirGuardBWGuarantee, MEMUNIT, 0, "2 MB")
+
 /** Do not permit more than this number of servers per IP address. */
 CONF_VAR(AuthDirMaxServersPerAddr, POSINT, 0, "2")
 
diff --git a/src/feature/dirauth/voteflags.c b/src/feature/dirauth/voteflags.c
index f552af98c4..7129418a0a 100644
--- a/src/feature/dirauth/voteflags.c
+++ b/src/feature/dirauth/voteflags.c
@@ -18,6 +18,7 @@
 #include "core/or/policies.h"
 #include "feature/dirauth/bwauth.h"
 #include "feature/dirauth/reachability.h"
+#include "feature/dirauth/dirauth_sys.h"
 #include "feature/hibernate/hibernate.h"
 #include "feature/nodelist/dirlist.h"
 #include "feature/nodelist/networkstatus.h"
@@ -27,6 +28,7 @@
 #include "feature/relay/router.h"
 #include "feature/stats/rephist.h"
 
+#include "feature/dirauth/dirauth_options_st.h"
 #include "feature/nodelist/node_st.h"
 #include "feature/nodelist/routerinfo_st.h"
 #include "feature/nodelist/routerlist_st.h"
@@ -352,9 +354,11 @@ dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
   }
   /* Protect sufficiently fast nodes from being pushed out of the set
    * of Fast nodes. */
-  if (options->AuthDirFastGuarantee &&
-      fast_bandwidth_kb > options->AuthDirFastGuarantee/1000)
-    fast_bandwidth_kb = (uint32_t)options->AuthDirFastGuarantee/1000;
+  {
+    const uint64_t fast_opt = dirauth_get_options()->AuthDirFastGuarantee;
+    if (fast_opt && fast_bandwidth_kb > fast_opt / 1000)
+      fast_bandwidth_kb = (uint32_t)(fast_opt / 1000);
+  }
 
   /* Now that we have a time-known that 7/8 routers are known longer than,
    * fill wfus with the wfu of every such "familiar" router. */
@@ -571,10 +575,10 @@ dirauth_set_routerstatus_from_routerinfo(routerstatus_t *rs,
   set_routerstatus_from_routerinfo(rs, node, ri);
 
   /* Override rs->is_possible_guard. */
+  const uint64_t bw_opt = dirauth_get_options()->AuthDirGuardBWGuarantee;
   if (node->is_fast && node->is_stable &&
       ri->supports_tunnelled_dir_requests &&
-      ((options->AuthDirGuardBWGuarantee &&
-        routerbw_kb >= options->AuthDirGuardBWGuarantee/1000) ||
+      ((bw_opt && routerbw_kb >= bw_opt / 1000) ||
        routerbw_kb >= MIN(guard_bandwidth_including_exits_kb,
                           guard_bandwidth_excluding_exits_kb))) {
     long tk = rep_hist_get_weighted_time_known(