Merge remote-tracking branch 'origin/maint-0.2.2'

4 files changed, 41 insertions, 8 deletions

diff --git a/changes/bug2355 b/changes/bug2355
new file mode 100644
index 0000000000..ee0ae4b96a
--- /dev/null
+++ b/changes/bug2355
@@ -0,0 +1,8 @@
+  o Major features:
+    - If "UseBridges 1" is set and no bridges are configured, Tor will
+      now refuse to build any circuits until some bridges are set.
+      If "UseBridges auto" is set, Tor will use bridges if they are
+      configured and we are not running as a server, but otherwise
+      will make circuits as usual. The new default is "auto". Patch
+      by anonym.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 7d72350eb8..9838c07546 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -726,10 +726,14 @@ The following options are useful only for clients (that is, if
     from the configured bridge authorities when feasible. It will fall back to
     a direct request if the authority responds with a 404. (Default: 0)
 
-**UseBridges** **0**|**1**::
-    When set, Tor will fetch descriptors for each bridge listed in the "Bridge"
+**UseBridges** **0**|**1**|**auto**::
+    Make Tor fetch descriptors for each bridge listed in the "Bridge"
     config lines, and use these relays as both entry guards and directory
-    guards. (Default: 0)
+    guards. If the option is 1, bridges must be used and if no bridges are
+    configured Tor will not make any connections until a bridge is configured;
+    if it's "auto", Tor will use bridges if any are configured, otherwise it
+    will connect directly to the Tor network; if it's 0, bridges are not used
+    at all. (Defaults to auto)
 
 **UseEntryGuards** **0**|**1**::
     If this option is set to 1, we pick a few long-term entry servers, and try
diff --git a/src/or/config.c b/src/or/config.c
index 988998ed56..124dcb97d9 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -387,7 +387,7 @@ static config_var_t _option_vars[] = {
   V(TransPort,                   PORT,     "0"),
   V(TunnelDirConns,              BOOL,     "1"),
   V(UpdateBridgesFromAuthority,  BOOL,     "0"),
-  V(UseBridges,                  BOOL,     "0"),
+  VAR("UseBridges",              STRING,   UseBridges_, "auto"),
   V(UseEntryGuards,              BOOL,     "1"),
   V(UseMicrodescriptors,         AUTOBOOL, "0"),
   V(User,                        STRING,   NULL),
@@ -3308,6 +3308,19 @@ options_validate(or_options_t *old_options, or_options_t *options,
            "of the Internet, so they must not set Reachable*Addresses "
            "or FascistFirewall.");
 
+  /* XXX023 use autobool instead. */
+  if (!strcmp(options->UseBridges_, "auto")) {
+    options->UseBridges = (options->Bridges &&
+                           !server_mode(options) &&
+                           !options->EntryNodes);
+  } else if (!strcmp(options->UseBridges_, "0")) {
+    options->UseBridges = 0;
+  } else if (!strcmp(options->UseBridges_, "1")) {
+    options->UseBridges = 1;
+  } else {
+    REJECT("UseBridges must be 0, 1, or auto");
+  }
+
   if (options->UseBridges &&
       server_mode(options))
     REJECT("Servers must be able to freely connect to the rest "
@@ -3653,10 +3666,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (validate_dir_authorities(options, old_options) < 0)
     REJECT("Directory authority line did not parse. See logs for details.");
 
-  if (options->UseBridges && !options->Bridges)
-    REJECT("If you set UseBridges, you must specify at least one bridge.");
   if (options->UseBridges && !options->TunnelDirConns)
-    REJECT("If you set UseBridges, you must set TunnelDirConns.");
+    REJECT("TunnelDirConns set to 0 only works with UseBridges set to 0");
   if (options->Bridges) {
     for (cl = options->Bridges; cl; cl = cl->next) {
       if (parse_bridge_line(cl->value, 1)<0)
diff --git a/src/or/or.h b/src/or/or.h
index 7daf195265..1b4cdb8a53 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2646,7 +2646,17 @@ typedef struct {
    * when doing so. */
   char *BridgePassword;
 
-  int UseBridges; /**< Boolean: should we start all circuits with a bridge? */
+  /** Whether we should start all circuits with a bridge. "1" means strictly
+   * yes, "0" means strictly no, and "auto" means that we do iff any bridges
+   * are configured, we are not running a server and have not specified a list
+   * of entry nodes. */
+  char *UseBridges_;
+  /** Effective value of UseBridges. Will be set equally for UseBridges set to
+   * 1 or 0, but for 'auto' it will be set to 1 iff any bridges are
+   * configured, we are not running a server and have not specified a list of
+   * entry nodes. */
+  int UseBridges;
+
   config_line_t *Bridges; /**< List of bootstrap bridge addresses. */
 
   int BridgeRelay; /**< Boolean: are we acting as a bridge relay? We make