summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--changes/bug81807
-rw-r--r--src/or/config.c8
2 files changed, 11 insertions, 4 deletions
diff --git a/changes/bug8180 b/changes/bug8180
new file mode 100644
index 0000000000..39e6ce7f9a
--- /dev/null
+++ b/changes/bug8180
@@ -0,0 +1,7 @@
+ o Minor bugfixes (security usability):
+ - Elevate the severity of the warning message when setting
+ EntryNodes but disabling UseGuardNodes to an error. The outcome
+ of letting Tor procede with those options enabled (which causes
+ EntryNodes to get ignored) is sufficiently different from what
+ was expected that it's best to just refuse to proceed. Fixes bug
+ 8180; bugfix on 0.2.3.11-alpha.
diff --git a/src/or/config.c b/src/or/config.c
index 90a5dfbda1..aa34f87cef 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2001 Matej Pfajfar.
+ /* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
* Copyright (c) 2007-2012, The Tor Project, Inc. */
@@ -3664,9 +3664,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->UseBridges && options->EntryNodes)
REJECT("You cannot set both UseBridges and EntryNodes.");
- if (options->EntryNodes && !options->UseEntryGuards)
- log_warn(LD_CONFIG, "EntryNodes is set, but UseEntryGuards is disabled. "
- "EntryNodes will be ignored.");
+ if (options->EntryNodes && !options->UseEntryGuards) {
+ REJECT("If EntryNodes is set, UseEntryGuards must be enabled.");
+ }
options->_AllowInvalid = 0;
if (options->AllowInvalidNodes) {