Only launch transport proxies that provide useful transports.

4 files changed, 43 insertions, 4 deletions

diff --git a/changes/bug5018 b/changes/bug5018
new file mode 100644
index 000000000..c5c12efab
--- /dev/null
+++ b/changes/bug5018
@@ -0,0 +1,3 @@
+  o Minor features:
+    - Don't launch pluggable transport proxies that contribute
+      transports we don't need. Resolves ticket 5018.
diff --git a/src/or/config.c b/src/or/config.c
index 18f1c2950..331f41073 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -4242,7 +4242,8 @@ parse_client_transport_line(const char *line, int validate_only)
   int is_managed=0;
   char **proxy_argv=NULL;
   char **tmp=NULL;
-  int proxy_argc,i;
+  int proxy_argc, i;
+  int is_useless_proxy=1;
 
   int line_length;
 
@@ -4264,11 +4265,16 @@ parse_client_transport_line(const char *line, int validate_only)
   smartlist_split_string(transport_list, transports, ",",
                          SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
   SMARTLIST_FOREACH_BEGIN(transport_list, const char *, transport_name) {
+    /* validate transport names */
     if (!string_is_C_identifier(transport_name)) {
       log_warn(LD_CONFIG, "Transport name is not a C identifier (%s).",
                transport_name);
       goto err;
     }
+
+    /* see if we actually need the transports provided by this proxy */
+    if (!validate_only && transport_is_needed(transport_name))
+      is_useless_proxy = 0;
   } SMARTLIST_FOREACH_END(transport_name);
 
   /* field2 is either a SOCKS version or "exec" */
@@ -4287,9 +4293,15 @@ parse_client_transport_line(const char *line, int validate_only)
   }
 
   if (is_managed) { /* managed */
-    if (!validate_only) {  /* if we are not just validating, use the
-                             rest of the line as the argv of the proxy
-                             to be launched */
+    if (!validate_only && is_useless_proxy) {
+      log_warn(LD_GENERAL, "Pluggable transport proxy (%s) does not provide "
+               "any needed transports and will not be launched.", line);
+    }
+
+    /* If we are not just validating, use the rest of the line as the
+       argv of the proxy to be launched. Also, make sure that we are
+       only launching proxies that contribute useful transports.  */
+    if (!validate_only && !is_useless_proxy) {
       proxy_argc = line_length-2;
       tor_assert(proxy_argc > 0);
       proxy_argv = tor_malloc_zero(sizeof(char*)*(proxy_argc+1));
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index f1af75aef..beb855de9 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -1761,6 +1761,29 @@ bridge_resolve_conflicts(const tor_addr_t *addr, uint16_t port,
   } SMARTLIST_FOREACH_END(bridge);
 }
 
+/** Return True if we have a bridge that uses a transport with name
+ *  <b>transport_name</b>. */
+int
+transport_is_needed(const char *transport_name)
+{
+  int retval;
+  smartlist_t *needed_transports = NULL;
+
+  if (!bridge_list)
+    return 0;
+
+  needed_transports = smartlist_new();
+
+  SMARTLIST_FOREACH_BEGIN(bridge_list, const bridge_info_t *, bridge) {
+    if (bridge->transport_name)
+      smartlist_add(needed_transports, bridge->transport_name);
+  } SMARTLIST_FOREACH_END(bridge);
+
+  retval = smartlist_string_isin(needed_transports, transport_name);
+  smartlist_free(needed_transports);
+  return retval;
+}
+
 /** Remember a new bridge at <b>addr</b>:<b>port</b>. If <b>digest</b>
  * is set, it tells us the identity key too.  If we already had the
  * bridge in our list, unmark it, and don't actually add anything new.
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
index 52b8dc00e..b02cd482d 100644
--- a/src/or/entrynodes.h
+++ b/src/or/entrynodes.h
@@ -118,6 +118,7 @@ struct transport_t;
 int find_transport_by_bridge_addrport(const tor_addr_t *addr, uint16_t port,
                                       const struct transport_t **transport);
 
+int transport_is_needed(const char *transport_name);
 int validate_pluggable_transports_config(void);
 
 double pathbias_get_close_success_count(entry_guard_t *guard);