Merge remote-tracking branch 'origin/maint-0.2.2'

This merge was a bit nontrivial, since I had to write a new
node_is_a_configured_bridge to parallel router_is_a_configured_bridge.

Conflicts:
	src/or/circuitbuild.c

3 files changed, 32 insertions, 0 deletions

diff --git a/changes/bug3321 b/changes/bug3321
new file mode 100644
index 0000000000..3605efce2d
--- /dev/null
+++ b/changes/bug3321
@@ -0,0 +1,7 @@
+  o Minor bugfixes:
+    - In bug 2511 we fixed a case where you could use an unconfigured
+      bridge if you had configured it as a bridge the last time you ran
+      Tor. Now fix another edge case: if you had configured it as a bridge
+      but then switched to a different bridge via the controller, you
+      would still be willing to use the old one. Bugfix on 0.2.0.1-alpha;
+      fixes bug 3321.
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 8140cc4c4c..96cd333819 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -3395,6 +3395,8 @@ entry_guard_set_status(entry_guard_t *e, const node_t *node,
   else if (options->UseBridges && (!node->ri ||
                                    node->ri->purpose != ROUTER_PURPOSE_BRIDGE))
     *reason = "not a bridge";
+  else if (options->UseBridges && !node_is_a_configured_bridge(node))
+    *reason = "not a configured bridge";
   else if (!options->UseBridges && !node->is_possible_guard &&
            !routerset_contains_node(options->EntryNodes,node))
     *reason = "not recommended as a guard";
@@ -3484,6 +3486,10 @@ entry_is_live(entry_guard_t *e, int need_uptime, int need_capacity,
       *msg = "not a bridge";
       return NULL;
     }
+    if (!node_is_a_configured_bridge(node)) {
+      *msg = "not a configured bridge";
+      return NULL;
+    }
   } else { /* !get_options()->UseBridges */
     if (node_get_purpose(node) != ROUTER_PURPOSE_GENERAL) {
       *msg = "not general-purpose";
@@ -4584,6 +4590,24 @@ routerinfo_is_a_configured_bridge(const routerinfo_t *ri)
   return get_configured_bridge_by_routerinfo(ri) ? 1 : 0;
 }
 
+/** Return 1 if <b>node</b> is one of our configured bridges, else 0. */
+int
+node_is_a_configured_bridge(const node_t *node)
+{
+  tor_addr_t addr;
+  uint16_t orport;
+  if (!node)
+    return 0;
+  if (node_get_addr(node, &addr) < 0)
+    return 0;
+  orport = node_get_orport(node);
+  if (orport == 0)
+    return 0;
+
+  return get_configured_bridge_by_addr_port_digest(
+                       &addr, orport, node->identity) != NULL;
+}
+
 /** We made a connection to a router at <b>addr</b>:<b>port</b>
  * without knowing its digest. Its digest turned out to be <b>digest</b>.
  * If it was a bridge, and we still don't know its digest, record it.
diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h
index 87adb9a1e8..b1eb5a6cad 100644
--- a/src/or/circuitbuild.h
+++ b/src/or/circuitbuild.h
@@ -66,6 +66,7 @@ int getinfo_helper_entry_guards(control_connection_t *conn,
 void mark_bridge_list(void);
 void sweep_bridge_list(void);
 int routerinfo_is_a_configured_bridge(const routerinfo_t *ri);
+int node_is_a_configured_bridge(const node_t *node);
 void learned_router_identity(const tor_addr_t *addr, uint16_t port,
                              const char *digest);
 void bridge_add_from_config(const tor_addr_t *addr, uint16_t port,