mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 02:09:24 +01:00
Code Issues Projects Releases Wiki Activity

Abandon circs if the user changes Exclude*Nodes

Browse Source 
If ExcludeNodes or ExcludeExitNodes changes on a config reload,
mark and discard all our origin circuits.
This commit is contained in:
Roger Dingledine 2009-09-19 21:03:49 -04:00
parent f2c51cb998
commit c75a2eea60
1 changed files with 9 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/or/config.c
View File

@ -1418,9 +1418,16 @@ options_act(or_options_t *old_options)
/* Check for transitions that need action. */ /* Check for transitions that need action. */
if (old_options) { if (old_options) {
if (options->UseEntryGuards && !old_options->UseEntryGuards) {
if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
(options->ExcludeNodes &&
!routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes)) ||
(options->ExcludeExitNodes &&
!routerset_equal(old_options->ExcludeExitNodes,
options->ExcludeExitNodes))) {
log_info(LD_CIRC, log_info(LD_CIRC,
"Switching to entry guards; abandoning previous circuits"); "Changed to using entry guards, or changed ExcludeNodes, or "
"changed ExcludeExitNodes. Abandoning previous circuits.");
circuit_mark_all_unused_circs(); circuit_mark_all_unused_circs();
circuit_expire_all_dirty_circs(); circuit_expire_all_dirty_circs();
} }
@ -3204,24 +3211,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
"features to be broken in unpredictable ways."); "features to be broken in unpredictable ways.");
} }
#if 0 /* for now, it's ok to set StrictNodes without setting any actual
* preferences. It won't hurt anything. Eventually, either figure
* out the logic for the right case to complain, or just delete. -RD */
if (options->StrictExitNodes &&
(!options->ExitNodes) &&
(!old_options ||
(old_options->StrictExitNodes != options->StrictExitNodes) ||
(!routerset_equal(old_options->ExitNodes,options->ExitNodes))))
COMPLAIN("StrictExitNodes set, but no ExitNodes listed.");
if (options->StrictEntryNodes &&
(!options->EntryNodes) &&
(!old_options ||
(old_options->StrictEntryNodes != options->StrictEntryNodes) ||
(!routerset_equal(old_options->EntryNodes,options->EntryNodes))))
COMPLAIN("StrictEntryNodes set, but no EntryNodes listed.");
#endif
if (options->EntryNodes && !routerset_is_list(options->EntryNodes)) { if (options->EntryNodes && !routerset_is_list(options->EntryNodes)) {
/* XXXX fix this; see entry_guards_prepend_from_config(). */ /* XXXX fix this; see entry_guards_prepend_from_config(). */
REJECT("IPs or countries are not yet supported in EntryNodes."); REJECT("IPs or countries are not yet supported in EntryNodes.");