[tor-commits] [tor/master] config: Remove Bridge <-> ClientTransportPlugin validation
nickm at torproject.org
nickm at torproject.org
Thu Jan 21 18:22:31 UTC 2021
commit 7692f443d4ba5c79c8acb74991b614685345c406
Author: David Goulet <dgoulet at torproject.org>
Date: Wed Jan 20 11:24:47 2021 -0500
config: Remove Bridge <-> ClientTransportPlugin validation
This validation was only done if DisableNetwork was off because we would use
the global list of transports/bridges and DisableNetwork would not populate
it.
This was a problem for any user using DisableNetwork which includes Tor
Browser and thus leading to the Bug() warning.
Without a more in depth refactoring, we can't do this validation without the
global list.
The previous commit makes it that any connection to a bridge without a
transport won't happen thus we keep the security feature of not connecting to
a bridge without its corresponding transport.
Related to #40106
Signed-off-by: David Goulet <dgoulet at torproject.org>
---
changes/ticket40106 | 9 +++++----
src/app/config/config.c | 17 -----------------
2 files changed, 5 insertions(+), 21 deletions(-)
diff --git a/changes/ticket40106 b/changes/ticket40106
index d007cf535e..3f344d478f 100644
--- a/changes/ticket40106
+++ b/changes/ticket40106
@@ -1,5 +1,6 @@
o Minor bugfixes (config, bridge):
- - Really fix the case where torrc has a missing ClientTransportPlugin but
- configured with a Bridge line and UseBridges. Previously, we failed to
- also look at the managed proxy list and thus it would fail for the
- "exec" case. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+ - Don't initiate a connection to a bridge without a corresponding
+ transport. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+ - This also reverts an earlier fix we did for this that would validate
+ configuration to avoid such situation but turns out it wouldn't work for
+ a DisableNetwork thus the new approach.
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 7db5e5cfa8..c7799ec1a2 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -2189,23 +2189,6 @@ options_act,(const or_options_t *old_options))
}
}
- /* Validate that we actually have a configured transport for a Bridge line
- * that has one. This is done here because we require the bridge and
- * transport to be added to the global list before doing the validation.
- *
- * In an ideal world, pt_parse_transport_line() would actually return a
- * transport_t object so we could inspect it and thus do this step at
- * validation time. */
- SMARTLIST_FOREACH_BEGIN(bridge_list_get(), const bridge_info_t *, bi) {
- const char *bi_transport_name = bridget_get_transport_name(bi);
- if (bi_transport_name && (!transport_get_by_name(bi_transport_name) &&
- !managed_proxy_has_transport(bi_transport_name))) {
- log_warn(LD_CONFIG, "Bridge line with transport %s is missing a "
- "ClientTransportPlugin line", bi_transport_name);
- return -1;
- }
- } SMARTLIST_FOREACH_END(bi);
-
if (options_act_server_transport(old_options) < 0)
return -1;
More information about the tor-commits
mailing list