tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 88b146cda58087dea5d8945e02f2e2f5ebbe6a97
parent ca85d6621758269f7a94fbec22efa7f9d205c628
Author: Nick Mathewson <nickm@torproject.org>
Date:   Thu,  1 Feb 2018 08:22:44 -0500

Merge remote-tracking branch 'dgoulet/bug24469_033_01'

Diffstat:

Achanges/bug24469 | 4++++


Msrc/or/circuitlist.c | 7+++++++


Msrc/or/entrynodes.c | 16++++++++++++++++


Msrc/or/entrynodes.h | 2++


4 files changed, 29 insertions(+), 0 deletions(-)

diff --git a/changes/bug24469 b/changes/bug24469
@@ -0,0 +1,4 @@
+  o Minor bugfixes (circuit, cannibalization):
+    - Don't cannibalize circuits for which we don't know the first hop which
+      can happen if our Guard relay went off the consensus after the circuit
+      was created preemptively. Fixes bug 24469; bugfix on 0.0.6.
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
@@ -1803,6 +1803,13 @@ circuit_find_to_cannibalize(uint8_t purpose_to_produce, extend_info_t *info,
         goto next;
       }
 
+      /* Ignore any circuits for which we can't use the Guard. It is possible
+       * that the Guard was removed from the samepled set after the circuit
+       * was created so avoid using it. */
+      if (!entry_guard_could_succeed(circ->guard_state)) {
+        goto next;
+      }
+
       if ((!need_uptime || circ->build_state->need_uptime) &&
           (!need_capacity || circ->build_state->need_capacity) &&
           (internal == circ->build_state->is_internal) &&
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
@@ -3307,6 +3307,22 @@ entry_guards_update_state(or_state_t *state)
   entry_guards_dirty = 0;
 }
 
+/** Return true iff the circuit's guard can succeed that is can be used. */
+int
+entry_guard_could_succeed(const circuit_guard_state_t *guard_state)
+{
+  if (!guard_state) {
+    return 0;
+  }
+
+  entry_guard_t *guard = entry_guard_handle_get(guard_state->guard);
+  if (!guard || BUG(guard->in_selection == NULL)) {
+    return 0;
+  }
+
+  return 1;
+}
+
 /**
  * Format a single entry guard in the format expected by the controller.
  * Return a newly allocated string.
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
@@ -386,6 +386,8 @@ void entry_guards_note_internet_connectivity(guard_selection_t *gs);
 
 int update_guard_selection_choice(const or_options_t *options);
 
+int entry_guard_could_succeed(const circuit_guard_state_t *guard_state);
+
 MOCK_DECL(int,num_bridges_usable,(int use_maybe_reachable));
 
 #ifdef ENTRYNODES_PRIVATE