config: Remove Bridge <-> ClientTransportPlugin validation

This validation was only done if DisableNetwork was off because we would use
the global list of transports/bridges and DisableNetwork would not populate
it.

This was a problem for any user using DisableNetwork which includes Tor
Browser and thus leading to the Bug() warning.

Without a more in depth refactoring, we can't do this validation without the
global list.

The previous commit makes it that any connection to a bridge without a
transport won't happen thus we keep the security feature of not connecting to
a bridge without its corresponding transport.

Related to #40106

Signed-off-by: David Goulet <dgoulet@torproject.org>

diff --git a/changes/ticket40106 b/changes/ticket40106
index d007cf535e6aac4ecf5f01ded632a7c5c5ce193d..3f344d478f08f59b2555cbb4300154fb57900d7f 100644 (file)
--- a/changes/ticket40106
+++ b/changes/ticket40106
@@ -1,5 +1,6 @@
   o Minor bugfixes (config, bridge):
-    - Really fix the case where torrc has a missing ClientTransportPlugin but
-      configured with a Bridge line and UseBridges. Previously, we failed to
-      also look at the managed proxy list and thus it would fail for the
-      "exec" case. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+    - Don't initiate a connection to a bridge without a corresponding
+      transport. Fixes bug 40106; bugfix on 0.4.5.1-alpha.
+    - This also reverts an earlier fix we did for this that would validate
+      configuration to avoid such situation but turns out it wouldn't work for
+      a DisableNetwork thus the new approach.

diff --git a/src/app/config/config.c b/src/app/config/config.c
index 7db5e5cfa85ab7b0b5ef7b3eec0a186d36417d83..c7799ec1a2b780db2f210444ac685a3c4a469eae 100644 (file)
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -2189,23 +2189,6 @@ options_act,(const or_options_t *old_options))
     }
   }
 
-  /* Validate that we actually have a configured transport for a Bridge line
-   * that has one.  This is done here because we require the bridge and
-   * transport to be added to the global list before doing the validation.
-   *
-   * In an ideal world, pt_parse_transport_line() would actually return a
-   * transport_t object so we could inspect it and thus do this step at
-   * validation time. */
-  SMARTLIST_FOREACH_BEGIN(bridge_list_get(), const bridge_info_t *, bi) {
-    const char *bi_transport_name = bridget_get_transport_name(bi);
-    if (bi_transport_name && (!transport_get_by_name(bi_transport_name) &&
-                          !managed_proxy_has_transport(bi_transport_name))) {
-      log_warn(LD_CONFIG, "Bridge line with transport %s is missing a "
-                          "ClientTransportPlugin line", bi_transport_name);
-      return -1;
-    }
-  } SMARTLIST_FOREACH_END(bi);
-
   if (options_act_server_transport(old_options) < 0)
     return -1;