get_configured_bridge_by_addr_port_digest is not robust
In bridge_add_from_config()
we call get_configured_bridge_by_addr_port_digest()
to check if a carbon-copy version of the bridge already exists (so that we don't add duplicate bridges after SIGHUPs).
I think there are two shortcomings in get_configured_bridge_by_addr_port_digest()
:
a) It's not pluggable transports aware. If the bridge's transport changes, tor won't notice it. b) If a bridge has a fingerprint and it remains the same, but its address/port changes, tor won't notice it.
SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, bridge)
{
if (tor_digest_is_zero(bridge->identity) &&
!tor_addr_compare(&bridge->addr, addr, CMP_EXACT) &&
bridge->port == port)
return bridge;
if (digest && tor_memeq(bridge->identity, digest, DIGEST_LEN))
return bridge;
}