[tor-commits] [tor/master] config: Remove Bridge <-> ClientTransportPlugin validation

nickm at torproject.org nickm at torproject.org
Thu Jan 21 18:22:31 UTC 2021


commit 7692f443d4ba5c79c8acb74991b614685345c406
Author: David Goulet <dgoulet at torproject.org>
Date:   Wed Jan 20 11:24:47 2021 -0500

    config: Remove Bridge <-> ClientTransportPlugin validation
    
    This validation was only done if DisableNetwork was off because we would use
    the global list of transports/bridges and DisableNetwork would not populate
    it.
    
    This was a problem for any user using DisableNetwork which includes Tor
    Browser and thus leading to the Bug() warning.
    
    Without a more in depth refactoring, we can't do this validation without the
    global list.
    
    The previous commit makes it that any connection to a bridge without a
    transport won't happen thus we keep the security feature of not connecting to
    a bridge without its corresponding transport.
    
    Related to #40106
    
    Signed-off-by: David Goulet <dgoulet at torproject.org>
---
 changes/ticket40106     |  9 +++++----
 src/app/config/config.c | 17 -----------------
 2 files changed, 5 insertions(+), 21 deletions(-)

diff --git a/changes/ticket40106 b/changes/ticket40106
index d007cf535e..3f344d478f 100644
--- a/changes/ticket40106
+++ b/changes/ticket40106
@@ -1,5 +1,6 @@
   o Minor bugfixes (config, bridge):
-    - Really fix the case where torrc has a missing ClientTransportPlugin but
-      configured with a Bridge line and UseBridges. Previously, we failed to
-      also look at the managed proxy list and thus it would fail for the
-      "exec" case. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+    - Don't initiate a connection to a bridge without a corresponding
+      transport. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+    - This also reverts an earlier fix we did for this that would validate
+      configuration to avoid such situation but turns out it wouldn't work for
+      a DisableNetwork thus the new approach.
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 7db5e5cfa8..c7799ec1a2 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -2189,23 +2189,6 @@ options_act,(const or_options_t *old_options))
     }
   }
 
-  /* Validate that we actually have a configured transport for a Bridge line
-   * that has one.  This is done here because we require the bridge and
-   * transport to be added to the global list before doing the validation.
-   *
-   * In an ideal world, pt_parse_transport_line() would actually return a
-   * transport_t object so we could inspect it and thus do this step at
-   * validation time. */
-  SMARTLIST_FOREACH_BEGIN(bridge_list_get(), const bridge_info_t *, bi) {
-    const char *bi_transport_name = bridget_get_transport_name(bi);
-    if (bi_transport_name && (!transport_get_by_name(bi_transport_name) &&
-                          !managed_proxy_has_transport(bi_transport_name))) {
-      log_warn(LD_CONFIG, "Bridge line with transport %s is missing a "
-                          "ClientTransportPlugin line", bi_transport_name);
-      return -1;
-    }
-  } SMARTLIST_FOREACH_END(bi);
-
   if (options_act_server_transport(old_options) < 0)
     return -1;
 





More information about the tor-commits mailing list