REPORT_HOST no longer defaults to HOST

Cleanup of identity handling. It is now possible to specify a Tor identity and no clearnet identity.
2017-04-01 11:59:54 +09:00 · 2017-04-01 11:59:54 +09:00 · 9abc1dc11e
commit 9abc1dc11e
parent abba36ac6c
2 changed files with 100 additions and 68 deletions
--- a/docs/ENVIRONMENT.rst
+++ b/docs/ENVIRONMENT.rst
@ -215,6 +215,7 @@ raise them.
  functioning Electrum clients by default will send pings roughly
  every 60 seconds.
 Peer Discovery
 --------------
@ -264,6 +265,49 @@ some of this.
  9150 (Tor browser bundle) and 1080 (socks).
 Server Advertising
 ------------------
 These environment variables affect how your server is advertised, both
 by peer discovery (if enabled) and IRC (if enabled).
 * **REPORT_HOST**
  The clearnet host to advertise.  If not set, no clearnet host is
  advertised.
 * **REPORT_TCP_PORT**
  The clearnet TCP port to advertise if **REPORT_HOST** is set.
  Defaults to **TCP_PORT**.  '0' disables publishing a TCP port.
 * **REPORT_SSL_PORT**
  The clearnet SSL port to advertise if **REPORT_HOST** is set.
  Defaults to **SSL_PORT**.  '0' disables publishing an SSL port.
 * **REPORT_HOST_TOR**
  If you wish run a Tor service, this is the Tor host name to
  advertise and must end with `.onion`.
 * **REPORT_TCP_PORT_TOR**
  The Tor TCP port to advertise.  The default is the clearnet
  **REPORT_TCP_PORT**, unless disabled or it is '0', otherwise
  **TCP_PORT**.  '0' disables publishing a Tor TCP port.
 * **REPORT_SSL_PORT_TOR**
  The Tor SSL port to advertise.  The default is the clearnet
  **REPORT_SSL_PORT**, unless disabled or it is '0', otherwise
  **SSL_PORT**.  '0' disables publishing a Tor SSL port.
  **NOTE**: Certificate-Authority signed certificates don't work over
  Tor, so you should set **REPORT_SSL_PORT_TOR** to 0 if yours is not
  self-signed.
 IRC
 ---
@ -280,41 +324,8 @@ connectivity on IRC:
  **REPORT_HOST**.  Either way a prefix will be prepended depending on
  **COIN** and **NET**.
-* **REPORT_HOST**
+  If **REPORT_HOST_TOR** is set, an additional connection to IRC
-
+  happens with '_tor' appended to **IRC_NICK**.
  The host to advertise.  Defaults to **HOST**.
 * **REPORT_TCP_PORT**
  The TCP port to advertise.  Defaults to **TCP_PORT**.  '0' disables
  publishing the port.
 * **REPORT_SSL_PORT**
  The SSL port to advertise.  Defaults to **SSL_PORT**.  '0' disables
  publishing the port.
 * **REPORT_HOST_TOR**
  The tor address to advertise; must end with `.onion`.  If set, an
  additional connection to IRC happens with '_tor' appended to
  **IRC_NICK**.
 * **REPORT_TCP_PORT_TOR**
  The TCP port to advertise for Tor.  Defaults to **REPORT_TCP_PORT**,
  unless it is '0', otherwise **TCP_PORT**.  '0' disables publishing
  the port.
 * **REPORT_SSL_PORT_TOR**
  The SSL port to advertise for Tor.  Defaults to **REPORT_SSL_PORT**,
  unless it is '0', otherwise **SSL_PORT**.  '0' disables publishing
  the port.
  **NOTE**: Certificate-Authority signed certificates don't work over
  Tor, so you should set **REPORT_SSL_PORT_TOR** to 0 if yours is not
  self-signed.
 Cache
--- a/server/env.py
+++ b/server/env.py
@ -70,33 +70,11 @@ class Env(LoggedClass):
        self.irc_nick = self.default('IRC_NICK', None)
        # Identities
-        report_host = self.default('REPORT_HOST', self.host)
+        clearnet_identity = self.clearnet_identity()
-        self.check_report_host(report_host)
+        tor_identity = self.tor_identity(clearnet_identity)
-        main_identity = NetIdentity(
+        self.identities = [identity
-            report_host,
+                           for identity in (clearnet_identity, tor_identity)
-            self.integer('REPORT_TCP_PORT', self.tcp_port) or None,
+                           if identity is not None]
            self.integer('REPORT_SSL_PORT', self.ssl_port) or None,
            ''
        )
        if main_identity.tcp_port == main_identity.ssl_port:
            raise self.Error('REPORT_TCP_PORT and REPORT_SSL_PORT are both {}'
                             .format(main_identity.tcp_port))
        self.identities = [main_identity]
        tor_host = self.default('REPORT_HOST_TOR', '')
        if tor_host.endswith('.onion'):
            self.identities.append(NetIdentity(
                tor_host,
                self.integer('REPORT_TCP_PORT_TOR',
                             main_identity.tcp_port
                             if main_identity.tcp_port else
                             self.tcp_port) or None,
                self.integer('REPORT_SSL_PORT_TOR',
                             main_identity.ssl_port
                             if main_identity.ssl_port else
                             self.ssl_port) or None,
                '_tor',
            ))
    def default(self, envvar, default):
        return environ.get(envvar, default)
@ -131,7 +109,16 @@ class Env(LoggedClass):
                             .format(env_value, value, nofile_limit))
        return value
-    def check_report_host(self, host):
+    def obsolete(self, envvars):
        bad = [envvar for envvar in envvars if environ.get(envvar)]
        if bad:
            raise self.Error('remove obsolete environment variables {}'
                             .format(bad))
    def clearnet_identity(self):
        host = self.default('REPORT_HOST', None)
        if host is None:
            return None
        try:
            ip = ip_address(host)
        except ValueError:
@ -140,9 +127,43 @@ class Env(LoggedClass):
            bad = ip.is_multicast or ip.is_unspecified
        if bad:
            raise self.Error('"{}" is not a valid REPORT_HOST'.format(host))
        tcp_port = self.integer('REPORT_TCP_PORT', self.tcp_port) or None
        ssl_port = self.integer('REPORT_SSL_PORT', self.ssl_port) or None
        if tcp_port == ssl_port:
            raise self.Error('REPORT_TCP_PORT and REPORT_SSL_PORT '
                             'both resolve to {}'.format(tcp_port))
        return NetIdentity(
            host,
            tcp_port,
            ssl_port,
            ''
        )
-    def obsolete(self, envvars):
+    def tor_identity(self, clearnet):
-        bad = [envvar for envvar in envvars if environ.get(envvar)]
+        host = self.default('REPORT_HOST_TOR', None)
-        if bad:
+        if host is None:
-            raise self.Error('remove obsolete environment variables {}'
+            return None
-                             .format(bad))
+        if not tor_host.endswith('.onion'):
            raise self.Error('tor host "{}" must end with ".onion"'
                             .format(host))
        def port(port_kind):
            '''Returns the clearnet identity port, if any and not zero,
            otherwise the listening port.'''
            result = 0
            if clearnet:
                result = getattr(clearnet, port_kind)
            return result or getattr(self, port_kind)
        tcp_port = self.integer('REPORT_TCP_PORT_TOR', port('tcp_port')) or None
        ssl_port = self.integer('REPORT_SSL_PORT_TOR', port('ssl_port')) or None
        if tcp_port == ssl_port:
            raise self.Error('REPORT_TCP_PORT_TOR and REPORT_SSL_PORT_TOR '
                             'both resolve to {}'.format(tcp_port))
        return NetIdentity(
            host,
            tcp_port,
            ssl_port,
            '_tor',
        )