1 files changed, 52 insertions, 27 deletions

diff --git a/src/or/config.c b/src/or/config.c
index 1faf13871..10df83975 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -536,9 +536,11 @@ static int options_transition_affects_descriptor(
       const or_options_t *old_options, const or_options_t *new_options);
 static int check_nickname_list(char **lst, const char *name, char **msg);
 
-static int parse_client_transport_line(const char *line, int validate_only);
+static int parse_client_transport_line(const or_options_t *options,
+                                       const char *line, int validate_only);
 
-static int parse_server_transport_line(const char *line, int validate_only);
+static int parse_server_transport_line(const or_options_t *options,
+                                       const char *line, int validate_only);
 static char *get_bindaddr_from_transport_listen_line(const char *line,
                                                      const char *transport);
 static int parse_dir_authority_line(const char *line,
@@ -1141,13 +1143,11 @@ options_act_reversible(const or_options_t *old_options, char **msg)
   if (!running_tor)
     goto commit;
 
-  if (!sandbox_is_active()) {
-    mark_logs_temp(); /* Close current logs once new logs are open. */
-    logs_marked = 1;
-    if (options_init_logs(options, 0)<0) { /* Configure the tor_log(s) */
-      *msg = tor_strdup("Failed to init Log options. See logs for details.");
-      goto rollback;
-    }
+  mark_logs_temp(); /* Close current logs once new logs are open. */
+  logs_marked = 1;
+  if (options_init_logs(options, 0)<0) { /* Configure the tor_log(s) */
+    *msg = tor_strdup("Failed to init Log options. See logs for details.");
+    goto rollback;
   }
 
  commit:
@@ -1426,7 +1426,7 @@ options_act(const or_options_t *old_options)
   pt_prepare_proxy_list_for_config_read();
   if (options->ClientTransportPlugin) {
     for (cl = options->ClientTransportPlugin; cl; cl = cl->next) {
-      if (parse_client_transport_line(cl->value, 0)<0) {
+      if (parse_client_transport_line(options, cl->value, 0)<0) {
         log_warn(LD_BUG,
                  "Previously validated ClientTransportPlugin line "
                  "could not be added!");
@@ -1437,7 +1437,7 @@ options_act(const or_options_t *old_options)
 
   if (options->ServerTransportPlugin && server_mode(options)) {
     for (cl = options->ServerTransportPlugin; cl; cl = cl->next) {
-      if (parse_server_transport_line(cl->value, 0)<0) {
+      if (parse_server_transport_line(options, cl->value, 0)<0) {
         log_warn(LD_BUG,
                  "Previously validated ServerTransportPlugin line "
                  "could not be added!");
@@ -3029,6 +3029,11 @@ options_validate(or_options_t *old_options, or_options_t *options,
   if (options->KeepalivePeriod < 1)
     REJECT("KeepalivePeriod option must be positive.");
 
+  if (options->PortForwarding && options->Sandbox) {
+    REJECT("PortForwarding is not compatible with Sandbox; at most one can "
+           "be set");
+  }
+
   if (ensure_bandwidth_cap(&options->BandwidthRate,
                            "BandwidthRate", msg) < 0)
     return -1;
@@ -3284,13 +3289,13 @@ options_validate(or_options_t *old_options, or_options_t *options,
   }
 
   for (cl = options->ClientTransportPlugin; cl; cl = cl->next) {
-    if (parse_client_transport_line(cl->value, 1)<0)
-      REJECT("Transport line did not parse. See logs for details.");
+    if (parse_client_transport_line(options, cl->value, 1)<0)
+      REJECT("Invalid client transport line. See logs for details.");
   }
 
   for (cl = options->ServerTransportPlugin; cl; cl = cl->next) {
-    if (parse_server_transport_line(cl->value, 1)<0)
-      REJECT("Server transport line did not parse. See logs for details.");
+    if (parse_server_transport_line(options, cl->value, 1)<0)
+      REJECT("Invalid server transport line. See logs for details.");
   }
 
   if (options->ServerTransportPlugin && !server_mode(options)) {
@@ -3717,10 +3722,22 @@ options_transition_allowed(const or_options_t *old,
   }
 
   if (sandbox_is_active()) {
-    if (! opt_streq(old->PidFile, new_val->PidFile)) {
-      *msg = tor_strdup("Can't change PidFile while Sandbox is active");
-      return -1;
-    }
+#define SB_NOCHANGE_STR(opt)                                            \
+    do {                                                                \
+      if (! opt_streq(old->opt, new_val->opt)) {                        \
+        *msg = tor_strdup("Can't change " #opt " while Sandbox is active"); \
+        return -1;                                                      \
+      }                                                                 \
+    } while (0)
+
+    SB_NOCHANGE_STR(PidFile);
+    SB_NOCHANGE_STR(ServerDNSResolvConfFile);
+    SB_NOCHANGE_STR(DirPortFrontPage);
+    SB_NOCHANGE_STR(CookieAuthFile);
+    SB_NOCHANGE_STR(ExtORPortCookieAuthFile);
+
+#undef SB_NOCHANGE_STR
+
     if (! config_lines_eq(old->Logs, new_val->Logs)) {
       *msg = tor_strdup("Can't change Logs while Sandbox is active");
       return -1;
@@ -3729,12 +3746,6 @@ options_transition_allowed(const or_options_t *old,
       *msg = tor_strdup("Can't change ConnLimit while Sandbox is active");
       return -1;
     }
-    if (! opt_streq(old->ServerDNSResolvConfFile,
-                    new_val->ServerDNSResolvConfFile)) {
-      *msg = tor_strdup("Can't change ServerDNSResolvConfFile"
-                        " while Sandbox is active");
-      return -1;
-    }
     if (server_mode(old) != server_mode(new_val)) {
       *msg = tor_strdup("Can't start/stop being a server while "
                         "Sandbox is active");
@@ -4734,7 +4745,8 @@ parse_bridge_line(const char *line)
  * our internal transport list.
  * - If it's a managed proxy line, launch the managed proxy. */
 static int
-parse_client_transport_line(const char *line, int validate_only)
+parse_client_transport_line(const or_options_t *options,
+                            const char *line, int validate_only)
 {
   smartlist_t *items = NULL;
   int r;
@@ -4801,6 +4813,12 @@ parse_client_transport_line(const char *line, int validate_only)
     goto err;
   }
 
+  if (is_managed && options->Sandbox) {
+    log_warn(LD_CONFIG, "Managed proxies are not compatible with Sandbox mode."
+             "(ClientTransportPlugin line was %s)", escaped(line));
+    goto err;
+  }
+
   if (is_managed) { /* managed */
     if (!validate_only && is_useless_proxy) {
       log_notice(LD_GENERAL, "Pluggable transport proxy (%s) does not provide "
@@ -5027,7 +5045,8 @@ get_options_for_server_transport(const char *transport)
  * If <b>validate_only</b> is 0, the line is well-formed, and it's a
  * managed proxy line, launch the managed proxy. */
 static int
-parse_server_transport_line(const char *line, int validate_only)
+parse_server_transport_line(const or_options_t *options,
+                            const char *line, int validate_only)
 {
   smartlist_t *items = NULL;
   int r;
@@ -5082,6 +5101,12 @@ parse_server_transport_line(const char *line, int validate_only)
     goto err;
   }
 
+  if (is_managed && options->Sandbox) {
+    log_warn(LD_CONFIG, "Managed proxies are not compatible with Sandbox mode."
+             "(ServerTransportPlugin line was %s)", escaped(line));
+    goto err;
+  }
+
   if (is_managed) { /* managed */
     if (!validate_only) {
       proxy_argc = line_length-2;