[tor-commits] [tor/release-0.2.2] discard circuits when we change our bridge configuration

arma at torproject.org arma at torproject.org
Wed May 18 01:15:39 UTC 2011 

commit 073fed06c458fac428b2377b4828412acb7d3802
Author: Roger Dingledine <arma at torproject.org>
Date:   Tue May 17 20:51:47 2011 -0400

    discard circuits when we change our bridge configuration
    
    otherwise we might reuse circuits from the previous configuration,
    which could be bad depending on the user's situation
---
 changes/bug3200 |    6 ++++++
 src/or/config.c |    8 ++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/changes/bug3200 b/changes/bug3200
new file mode 100644
index 0000000..a80d516
--- /dev/null
+++ b/changes/bug3200
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - When a client starts or stops using bridges, never use a circuit
+      that was built before the configuration change. This behavior could
+      put at risk a user who uses bridges to ensure that her traffic
+      only goes to the chosen addresses. Bugfix on 0.2.0.3-alpha; fixes
+      bug 3200.
diff --git a/src/or/config.c b/src/or/config.c
index 36a8940..8b59d50 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1275,6 +1275,9 @@ options_act(or_options_t *old_options)
     int revise_trackexithosts = 0;
     int revise_automap_entries = 0;
     if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
+        options->UseBridges != old_options->UseBridges ||
+        (options->UseBridges &&
+         !config_lines_eq(options->Bridges, old_options->Bridges)) ||
         !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) ||
         !routerset_equal(old_options->ExcludeExitNodes,
                          options->ExcludeExitNodes) ||
@@ -1282,8 +1285,9 @@ options_act(or_options_t *old_options)
         !routerset_equal(old_options->ExitNodes, options->ExitNodes) ||
         options->StrictNodes != old_options->StrictNodes) {
       log_info(LD_CIRC,
-               "Changed to using entry guards, or changed preferred or "
-               "excluded node lists. Abandoning previous circuits.");
+               "Changed to using entry guards or bridges, or changed "
+               "preferred or excluded node lists. "
+               "Abandoning previous circuits.");
       circuit_mark_all_unused_circs();
       circuit_expire_all_dirty_circs();
       revise_trackexithosts = 1;

More information about the tor-commits mailing list