From 1901720fb92291daf71efbe848a94f27a629f180 Mon Sep 17 00:00:00 2001 From: trinity-1686a Date: Mon, 17 Jul 2023 19:19:04 +0200 Subject: Warn when operating as bridge and exit --- src/core/or/policies.c | 2 +- src/core/or/policies.h | 1 + src/feature/relay/relay_config.c | 8 ++++++++ 3 files changed, 10 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/core/or/policies.c b/src/core/or/policies.c index a53849b4d0..1864b84d5e 100644 --- a/src/core/or/policies.c +++ b/src/core/or/policies.c @@ -1138,7 +1138,7 @@ authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port) /** Check or_options to determine whether or not we are using the * default options for exit policy. Return true if so, false otherwise. */ -static int +int policy_using_default_exit_options(const or_options_t *or_options) { return (or_options->ExitPolicy == NULL && or_options->ExitRelay == -1 && diff --git a/src/core/or/policies.h b/src/core/or/policies.h index e11e1d0ff5..9276b76d01 100644 --- a/src/core/or/policies.h +++ b/src/core/or/policies.h @@ -108,6 +108,7 @@ int authdir_policy_valid_address(const tor_addr_t *addr, uint16_t port); int authdir_policy_badexit_address(const tor_addr_t *addr, uint16_t port); int authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port); +int policy_using_default_exit_options(const or_options_t *or_options); int validate_addr_policies(const or_options_t *options, char **msg); void policy_expand_private(smartlist_t **policy); void policy_expand_unspec(smartlist_t **policy); diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c index 553b269ecf..0b02461318 100644 --- a/src/feature/relay/relay_config.c +++ b/src/feature/relay/relay_config.c @@ -30,6 +30,7 @@ #include "core/mainloop/cpuworker.h" #include "core/mainloop/mainloop.h" #include "core/or/connection_or.h" +#include "core/or/policies.h" #include "core/or/port_cfg_st.h" #include "feature/hibernate/hibernate.h" @@ -1150,6 +1151,13 @@ options_validate_relay_mode(const or_options_t *old_options, REJECT("BridgeRelay is 1, ORPort is not set. This is an invalid " "combination."); + if (options->BridgeRelay == 1 && (options->ExitRelay == 1 || + !policy_using_default_exit_options(options))) { + log_warn(LD_CONFIG, "BridgeRelay is 1, but ExitRelay is 1 or an " + "ExitPolicy is configured. Tor will start, but it will not " + "function as an exit relay."); + } + if (server_mode(options)) { char *dircache_msg = NULL; if (have_enough_mem_for_dircache(options, 0, &dircache_msg)) { -- cgit v1.2.3-54-g00ecf