If DisableNetwork is set, we open all our ports and then close them at each setconf
/* Launch the listeners. (We do this before we setuid, so we can bind to
* ports under 1024.) We don't want to rebind if we're hibernating. If
* networking is disabled, this will close all but the control listeners,
* but disable those. */
if (!we_are_hibernating()) {
if (retry_all_listeners(replaced_listeners, new_listeners) < 0) {
*msg = tor_strdup("Failed to bind one of the listener ports.");
goto rollback;
}
}
if (options->DisableNetwork) {
/* Aggressively close non-controller stuff, NOW */
log_notice(LD_NET, "DisableNetwork is set. Tor will not make or accept "
"non-control network connections. Shutting down all existing "
"connections.");
connection_mark_all_noncontrol_connections();
}
It isn't sufficient to simply not call the first part when DisableNetwork is set, because of the case where we want to open new control ports. But it looks like we're just opening them all, even when in the next clause we'll close (most of) them again?