diff options
| author | David Goulet <dgoulet@torproject.org> | 2023-07-20 14:40:13 +0000 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2023-07-20 14:40:13 +0000 |
| commit | e6a9e006907cddf380d3c528757e1d41c4171884 (patch) | |
| tree | 8dcc5cfa92763072ebff48987c2e418e65e190a0 | |
| parent | 6e43a27eb64f3bd7af7c4a5a4271e4cd417932b8 (diff) | |
| parent | 1901720fb92291daf71efbe848a94f27a629f180 (diff) | |
| download | tor-e6a9e006907cddf380d3c528757e1d41c4171884.tar.gz tor-e6a9e006907cddf380d3c528757e1d41c4171884.zip | |
Merge branch 'warn-bridge-exit' into 'main'
Warn when operating as bridge and exit
Closes #40819
See merge request tpo/core/tor!730
| -rw-r--r-- | src/core/or/policies.c | 2 | ||||
| -rw-r--r-- | src/core/or/policies.h | 1 | ||||
| -rw-r--r-- | src/feature/relay/relay_config.c | 8 |
3 files changed, 10 insertions, 1 deletions
diff --git a/src/core/or/policies.c b/src/core/or/policies.c index a53849b4d0..1864b84d5e 100644 --- a/src/core/or/policies.c +++ b/src/core/or/policies.c @@ -1138,7 +1138,7 @@ authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port) /** Check <b>or_options</b> to determine whether or not we are using the * default options for exit policy. Return true if so, false otherwise. */ -static int +int policy_using_default_exit_options(const or_options_t *or_options) { return (or_options->ExitPolicy == NULL && or_options->ExitRelay == -1 && diff --git a/src/core/or/policies.h b/src/core/or/policies.h index e11e1d0ff5..9276b76d01 100644 --- a/src/core/or/policies.h +++ b/src/core/or/policies.h @@ -108,6 +108,7 @@ int authdir_policy_valid_address(const tor_addr_t *addr, uint16_t port); int authdir_policy_badexit_address(const tor_addr_t *addr, uint16_t port); int authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port); +int policy_using_default_exit_options(const or_options_t *or_options); int validate_addr_policies(const or_options_t *options, char **msg); void policy_expand_private(smartlist_t **policy); void policy_expand_unspec(smartlist_t **policy); diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c index 553b269ecf..0b02461318 100644 --- a/src/feature/relay/relay_config.c +++ b/src/feature/relay/relay_config.c @@ -30,6 +30,7 @@ #include "core/mainloop/cpuworker.h" #include "core/mainloop/mainloop.h" #include "core/or/connection_or.h" +#include "core/or/policies.h" #include "core/or/port_cfg_st.h" #include "feature/hibernate/hibernate.h" @@ -1150,6 +1151,13 @@ options_validate_relay_mode(const or_options_t *old_options, REJECT("BridgeRelay is 1, ORPort is not set. This is an invalid " "combination."); + if (options->BridgeRelay == 1 && (options->ExitRelay == 1 || + !policy_using_default_exit_options(options))) { + log_warn(LD_CONFIG, "BridgeRelay is 1, but ExitRelay is 1 or an " + "ExitPolicy is configured. Tor will start, but it will not " + "function as an exit relay."); + } + if (server_mode(options)) { char *dircache_msg = NULL; if (have_enough_mem_for_dircache(options, 0, &dircache_msg)) { |