diff --git a/src/core/include.am b/src/core/include.am
index 222bd44df517c0faf89421a92b0858d0487aff2c..fb467cf8199c206e4b6b2ad348676a2aab1e34ef 100644
--- a/src/core/include.am
+++ b/src/core/include.am
@@ -89,7 +89,6 @@ LIBTOR_APP_A_SOURCES = \
src/feature/control/control_proto.c \
src/feature/control/fmt_serverstatus.c \
src/feature/control/getinfo_geoip.c \
- src/feature/dirauth/dirauth_config.c \
src/feature/dircache/conscache.c \
src/feature/dircache/consdiffmgr.c \
src/feature/dircache/dircache.c \
@@ -180,6 +179,7 @@ MODULE_DIRAUTH_SOURCES = \
src/feature/dirauth/authmode.c \
src/feature/dirauth/bridgeauth.c \
src/feature/dirauth/bwauth.c \
+ src/feature/dirauth/dirauth_config.c \
src/feature/dirauth/dirauth_periodic.c \
src/feature/dirauth/dirauth_sys.c \
src/feature/dirauth/dircollate.c \
diff --git a/src/feature/dirauth/dirauth_config.c b/src/feature/dirauth/dirauth_config.c
index 03d6af60929266dcb1816e2bcd3c52d018362341..3334213ab4b576948a959e39c13708ccd53177d6 100644
--- a/src/feature/dirauth/dirauth_config.c
+++ b/src/feature/dirauth/dirauth_config.c
@@ -75,14 +75,12 @@ options_validate_dirauth_mode(const or_options_t *old_options,
REJECT("Versioning authoritative dir servers must set "
"Recommended*Versions.");
-#ifdef HAVE_MODULE_DIRAUTH
char *t;
/* Call these functions to produce warnings only. */
t = format_recommended_version_list(options->RecommendedClientVersions, 1);
tor_free(t);
t = format_recommended_version_list(options->RecommendedServerVersions, 1);
tor_free(t);
-#endif /* defined(HAVE_MODULE_DIRAUTH) */
if (options->UseEntryGuards) {
log_info(LD_CONFIG, "Authoritative directory servers can't set "
@@ -98,7 +96,7 @@ options_validate_dirauth_mode(const or_options_t *old_options,
options->V3AuthoritativeDir))
REJECT("AuthoritativeDir is set, but none of "
"(Bridge/V3)AuthoritativeDir is set.");
-#ifdef HAVE_MODULE_DIRAUTH
+
/* If we have a v3bandwidthsfile and it's broken, complain on startup */
if (options->V3BandwidthsFile && !old_options) {
dirserv_read_measured_bandwidths(options->V3BandwidthsFile, NULL, NULL,
@@ -108,9 +106,6 @@ options_validate_dirauth_mode(const or_options_t *old_options,
if (options->GuardfractionFile && !old_options) {
dirserv_read_guardfraction_file(options->GuardfractionFile, NULL);
}
-#else
- (void)old_options;
-#endif /* defined(HAVE_MODULE_DIRAUTH) */
}
if (options->AuthoritativeDir && !options->DirPort_set)
@@ -283,7 +278,7 @@ options_validate_dirauth_testing(const or_options_t *old_options,
* Return true if changing the configuration from <b>old</b> to <b>new</b>
* affects the timing of the voting subsystem
*/
-int
+static int
options_transition_affects_dirauth_timing(const or_options_t *old_options,
const or_options_t *new_options)
{
diff --git a/src/feature/dirauth/dirauth_config.h b/src/feature/dirauth/dirauth_config.h
index 21437ba248326e6ba73aed9535e62f3067164f06..95aef3de950a97be920634d6319777ca92ed1e79 100644
--- a/src/feature/dirauth/dirauth_config.h
+++ b/src/feature/dirauth/dirauth_config.h
@@ -14,6 +14,8 @@
typedef struct or_options_t or_options_t;
+#ifdef HAVE_MODULE_DIRAUTH
+
int options_validate_dirauth_mode(const or_options_t *old_options,
or_options_t *options,
char **msg);
@@ -26,10 +28,46 @@ int options_validate_dirauth_testing(const or_options_t *old_options,
or_options_t *options,
char **msg);
-int options_transition_affects_dirauth_timing(
- const or_options_t *old_options,
- const or_options_t *new_options);
-
int options_act_dirauth(const or_options_t *old_options);
+#else
+
+/** When tor is compiled with the dirauth module disabled, it can't be
+ * configured as a directory authority.
+ *
+ * Returns -1 and sets msg to a newly allocated string, if AuthoritativeDir
+ * is set in options. Otherwise returns 0. */
+static inline int
+options_validate_dirauth_mode(const or_options_t *old_options,
+ or_options_t *options,
+ char **msg)
+{
+ (void)old_options;
+
+ /* Only check the primary option for now, #29211 will disable more
+ * options. */
+ if (options->AuthoritativeDir) {
+ /* REJECT() this configuration */
+ *msg = tor_strdup("This tor was built with dirauth mode disabled. "
+ "It can not be configured with AuthoritativeDir 1.");
+ return -1;
+ }
+
+ return 0;
+}
+
+#define options_validate_dirauth_schedule(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_validate_dirauth_testing(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_validate_dirauth_testing(old_options, options, msg) \
+ (((void)(old_options)),((void)(options)),((void)(msg)),0)
+
+#define options_act_dirauth(old_options) \
+ (((void)(old_options)),0)
+
+#endif /* defined(HAVE_MODULE_DIRAUTH) */
+
#endif /* !defined(TOR_FEATURE_DIRAUTH_DIRAUTH_CONFIG_H) */
diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth b/src/test/conf_examples/bridgeauth_1/error_no_dirauth
new file mode 100644
index 0000000000000000000000000000000000000000..e6bd5db69cbd2ac52f47e0d21c77648067d98d35
--- /dev/null
+++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay
new file mode 100644
index 0000000000000000000000000000000000000000..e6bd5db69cbd2ac52f47e0d21c77648067d98d35
--- /dev/null
+++ b/src/test/conf_examples/bridgeauth_1/error_no_dirauth_relay
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth b/src/test/conf_examples/bridgeauth_1/expected_no_dirauth
deleted file mode 100644
index d43aaf2c8bc71b8d8225c07b46b4715f5a0be780..0000000000000000000000000000000000000000
--- a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth
+++ /dev/null
@@ -1,7 +0,0 @@
-Address 198.51.100.123
-AuthoritativeDirectory 1
-BridgeAuthoritativeDir 1
-ContactInfo tor_parse_test@example.com
-DirPort 80
-Nickname Unnamed
-ORPort 443
diff --git a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay b/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay
deleted file mode 100644
index e059d79971ba9d15ef4256cc84a1ff75f2cb2e9c..0000000000000000000000000000000000000000
--- a/src/test/conf_examples/bridgeauth_1/expected_no_dirauth_relay
+++ /dev/null
@@ -1,6 +0,0 @@
-Address 198.51.100.123
-AuthoritativeDirectory 1
-BridgeAuthoritativeDir 1
-ContactInfo tor_parse_test@example.com
-DirPort 80
-ORPort 443
diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth b/src/test/conf_examples/dirauth_1/error_no_dirauth
new file mode 100644
index 0000000000000000000000000000000000000000..e6bd5db69cbd2ac52f47e0d21c77648067d98d35
--- /dev/null
+++ b/src/test/conf_examples/dirauth_1/error_no_dirauth
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/dirauth_1/error_no_dirauth_relay b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay
new file mode 100644
index 0000000000000000000000000000000000000000..e6bd5db69cbd2ac52f47e0d21c77648067d98d35
--- /dev/null
+++ b/src/test/conf_examples/dirauth_1/error_no_dirauth_relay
@@ -0,0 +1 @@
+This tor was built with dirauth mode disabled.
diff --git a/src/test/conf_examples/dirauth_1/expected_no_dirauth b/src/test/conf_examples/dirauth_1/expected_no_dirauth
deleted file mode 100644
index f006c6f8f21da3e536e5c29f71627160025773d5..0000000000000000000000000000000000000000
--- a/src/test/conf_examples/dirauth_1/expected_no_dirauth
+++ /dev/null
@@ -1,7 +0,0 @@
-Address 192.0.2.1
-AuthoritativeDirectory 1
-ContactInfo tor_parse_test@example.net
-DirPort 9030
-Nickname Unnamed
-ORPort 9001
-V3AuthoritativeDirectory 1
diff --git a/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay b/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay
deleted file mode 100644
index 4b9ad49bb2f57f53c6ad32cefe12d9f88ab92224..0000000000000000000000000000000000000000
--- a/src/test/conf_examples/dirauth_1/expected_no_dirauth_relay
+++ /dev/null
@@ -1,6 +0,0 @@
-Address 192.0.2.1
-AuthoritativeDirectory 1
-ContactInfo tor_parse_test@example.net
-DirPort 9030
-ORPort 9001
-V3AuthoritativeDirectory 1