From: Roger Dingledine <arma@torproject.org>
Date: Wed, 18 May 2011 00:51:47 +0000 (-0400)
Subject: discard circuits when we change our bridge configuration
X-Git-Tag: tor-0.2.2.27-beta~3^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=073fed06c458fac428b2377b4828412acb7d3802;p=thirdparty%2Ftor.git

discard circuits when we change our bridge configuration

otherwise we might reuse circuits from the previous configuration,
which could be bad depending on the user's situation
---

diff --git a/changes/bug3200 b/changes/bug3200
new file mode 100644
index 0000000000..a80d51633e
--- /dev/null
+++ b/changes/bug3200
@@ -0,0 +1,6 @@
+  o Minor bugfixes:
+    - When a client starts or stops using bridges, never use a circuit
+      that was built before the configuration change. This behavior could
+      put at risk a user who uses bridges to ensure that her traffic
+      only goes to the chosen addresses. Bugfix on 0.2.0.3-alpha; fixes
+      bug 3200.
diff --git a/src/or/config.c b/src/or/config.c
index 36a8940cab..8b59d509ec 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1275,6 +1275,9 @@ options_act(or_options_t *old_options)
     int revise_trackexithosts = 0;
     int revise_automap_entries = 0;
     if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
+        options->UseBridges != old_options->UseBridges ||
+        (options->UseBridges &&
+         !config_lines_eq(options->Bridges, old_options->Bridges)) ||
         !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) ||
         !routerset_equal(old_options->ExcludeExitNodes,
                          options->ExcludeExitNodes) ||
@@ -1282,8 +1285,9 @@ options_act(or_options_t *old_options)
         !routerset_equal(old_options->ExitNodes, options->ExitNodes) ||
         options->StrictNodes != old_options->StrictNodes) {
       log_info(LD_CIRC,
-               "Changed to using entry guards, or changed preferred or "
-               "excluded node lists. Abandoning previous circuits.");
+               "Changed to using entry guards or bridges, or changed "
+               "preferred or excluded node lists. "
+               "Abandoning previous circuits.");
       circuit_mark_all_unused_circs();
       circuit_expire_all_dirty_circs();
       revise_trackexithosts = 1;