tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 3335829347e780a44751315402e878e6e5281242
parent d60fab8c9e03ed63ab9c2854b9b9502d05b3d98e
Author: Roger Dingledine <arma@torproject.org>
Date:   Wed,  5 Jul 2023 18:39:57 -0400

replace L2 vanguards that aren't Fast or Stable

Rotate to a new L2 vanguard whenever an existing one loses the
Stable or Fast flag. Previously, we would leave these relays in the
L2 vanguard list but never use them, and if all of our vanguards
end up like this we wouldn't have any middle nodes left to choose
from so we would fail to make onion-related circuits.

Fixes bug 40805; bugfix on 0.4.7.1-alpha.

Diffstat:

Achanges/bug40805 | 7+++++++


Msrc/feature/client/entrynodes.c | 7+++++--


2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/changes/bug40805 b/changes/bug40805
@@ -0,0 +1,7 @@
+  o Major bugfixes (vanguards):
+    - Rotate to a new L2 vanguard whenever an existing one loses the
+      Stable or Fast flag. Previously, we would leave these relays in the
+      L2 vanguard list but never use them, and if all of our vanguards
+      end up like this we wouldn't have any middle nodes left to choose
+      from so we would fail to make onion-related circuits. Fixes bug
+      40805; bugfix on 0.4.7.1-alpha.
diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
@@ -150,6 +150,7 @@
 #include "feature/nodelist/node_st.h"
 #include "core/or/origin_circuit_st.h"
 #include "app/config/or_state_st.h"
+#include "src/feature/nodelist/routerstatus_st.h"
 
 /** A list of existing guard selection contexts. */
 static smartlist_t *guard_contexts = NULL;
@@ -4115,8 +4116,10 @@ maintain_layer2_guards(void)
     }
 
     /* Expire if relay has left consensus */
-    if (router_get_consensus_status_by_id(g->identity) == NULL) {
-      log_info(LD_GENERAL, "Removing missing Layer2 guard %s",
+    const routerstatus_t *rs = router_get_consensus_status_by_id(g->identity);
+    if (rs == NULL || !rs->is_stable || !rs->is_fast) {
+      log_info(LD_GENERAL, "Removing %s Layer2 guard %s",
+               rs ? "unsuitable" : "missing",
                safe_str_client(hex_str(g->identity, DIGEST_LEN)));
       // Nickname may be gone from consensus and doesn't matter anyway
       control_event_guard("None", g->identity, "BAD_L2");