Merge branch 'warn-bridge-exit' into 'main'

Warn when operating as bridge and exit

Closes #40819

See merge request tpo/core/tor!730

src/core/or/policies.c

@@ -1138,7 +1138,7 @@ authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port)
 
 /** Check <b>or_options</b> to determine whether or not we are using the
  * default options for exit policy. Return true if so, false otherwise. */
-static int
+int
 policy_using_default_exit_options(const or_options_t *or_options)
 {
   return (or_options->ExitPolicy == NULL && or_options->ExitRelay == -1 &&

src/core/or/policies.h

@@ -108,6 +108,7 @@ int authdir_policy_valid_address(const tor_addr_t *addr, uint16_t port);
 int authdir_policy_badexit_address(const tor_addr_t *addr, uint16_t port);
 int authdir_policy_middleonly_address(const tor_addr_t *addr, uint16_t port);
 
+int policy_using_default_exit_options(const or_options_t *or_options);
 int validate_addr_policies(const or_options_t *options, char **msg);
 void policy_expand_private(smartlist_t **policy);
 void policy_expand_unspec(smartlist_t **policy);

src/feature/relay/relay_config.c

@@ -30,6 +30,7 @@
 #include "core/mainloop/cpuworker.h"
 #include "core/mainloop/mainloop.h"
 #include "core/or/connection_or.h"
+#include "core/or/policies.h"
 #include "core/or/port_cfg_st.h"
 
 #include "feature/hibernate/hibernate.h"
@@ -1150,6 +1151,13 @@ options_validate_relay_mode(const or_options_t *old_options,
     REJECT("BridgeRelay is 1, ORPort is not set. This is an invalid "
            "combination.");
 
+  if (options->BridgeRelay == 1 && (options->ExitRelay == 1 ||
+      !policy_using_default_exit_options(options))) {
+    log_warn(LD_CONFIG, "BridgeRelay is 1, but ExitRelay is 1 or an "
+           "ExitPolicy is configured. Tor will start, but it will not "
+           "function as an exit relay.");
+  }
+
   if (server_mode(options)) {
     char *dircache_msg = NULL;
     if (have_enough_mem_for_dircache(options, 0, &dircache_msg)) {