[or-cvs] [tor/master] Abandon circs if the user changes Exclude*Nodes

arma at seul.org arma at seul.org
Mon Dec 21 09:07:17 UTC 2009 

Author: Roger Dingledine <arma at torproject.org>
Date: Sat, 19 Sep 2009 21:03:49 -0400
Subject: Abandon circs if the user changes Exclude*Nodes
Commit: c75a2eea60435dd078c6a8aaf20626162f7f8b27

If ExcludeNodes or ExcludeExitNodes changes on a config reload,
mark and discard all our origin circuits.
---
 src/or/config.c |   29 +++++++++--------------------
 1 files changed, 9 insertions(+), 20 deletions(-)

diff --git a/src/or/config.c b/src/or/config.c
index 2e2c89a..b67ed3f 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1418,9 +1418,16 @@ options_act(or_options_t *old_options)
 
   /* Check for transitions that need action. */
   if (old_options) {
-    if (options->UseEntryGuards && !old_options->UseEntryGuards) {
+
+    if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
+        (options->ExcludeNodes &&
+         !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes)) ||
+        (options->ExcludeExitNodes &&
+         !routerset_equal(old_options->ExcludeExitNodes,
+                          options->ExcludeExitNodes))) {
       log_info(LD_CIRC,
-               "Switching to entry guards; abandoning previous circuits");
+               "Changed to using entry guards, or changed ExcludeNodes, or "
+               "changed ExcludeExitNodes. Abandoning previous circuits.");
       circuit_mark_all_unused_circs();
       circuit_expire_all_dirty_circs();
     }
@@ -3204,24 +3211,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
              "features to be broken in unpredictable ways.");
   }
 
-#if 0 /* for now, it's ok to set StrictNodes without setting any actual
-       * preferences. It won't hurt anything. Eventually, either figure
-       * out the logic for the right case to complain, or just delete. -RD */
-  if (options->StrictExitNodes &&
-      (!options->ExitNodes) &&
-      (!old_options ||
-       (old_options->StrictExitNodes != options->StrictExitNodes) ||
-       (!routerset_equal(old_options->ExitNodes,options->ExitNodes))))
-    COMPLAIN("StrictExitNodes set, but no ExitNodes listed.");
-
-  if (options->StrictEntryNodes &&
-      (!options->EntryNodes) &&
-      (!old_options ||
-       (old_options->StrictEntryNodes != options->StrictEntryNodes) ||
-       (!routerset_equal(old_options->EntryNodes,options->EntryNodes))))
-    COMPLAIN("StrictEntryNodes set, but no EntryNodes listed.");
-#endif
-
   if (options->EntryNodes && !routerset_is_list(options->EntryNodes)) {
     /* XXXX fix this; see entry_guards_prepend_from_config(). */
     REJECT("IPs or countries are not yet supported in EntryNodes.");
-- 
1.5.6.5

More information about the tor-commits mailing list