commit c7b6ed1d8065375e430d54c14f79d3bd0d6abbe5
parent 3eeb7c6e26d4e43873a01da6e3926ca33baf54dc
Author: Nick Mathewson <nickm@torproject.org>
Date: Wed, 7 Nov 2018 11:21:13 -0500
Merge remote-tracking branch 'tor-github/pr/271'
Diffstat:
4 files changed, 23 insertions(+), 12 deletions(-)
diff --git a/changes/bug25885 b/changes/bug25885
@@ -0,0 +1,7 @@
+ o Minor bugfixes (guards):
+ - In count_acceptable_nodes(), check if we have at least one bridge
+ or guard node, and two non-guard nodes for a circuit. Previously,
+ we have added up the sum of all nodes with a descriptor, but that
+ could cause us to build circuits that fail if we had either too
+ many bridges, or not enough guard nodes. Fixes bug 25885; bugfix
+ on 0.3.6.1-alpha. Patch by Neel Chauhan.
diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
@@ -1658,22 +1658,25 @@ route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
STATIC int
new_route_len(uint8_t purpose, extend_info_t *exit_ei, smartlist_t *nodes)
{
- int num_acceptable_routers;
int routelen;
tor_assert(nodes);
routelen = route_len_for_purpose(purpose, exit_ei);
- num_acceptable_routers = count_acceptable_nodes(nodes);
+ int num_acceptable_direct = count_acceptable_nodes(nodes, 1);
+ int num_acceptable_indirect = count_acceptable_nodes(nodes, 0);
- log_debug(LD_CIRC,"Chosen route length %d (%d/%d routers suitable).",
- routelen, num_acceptable_routers, smartlist_len(nodes));
+ log_debug(LD_CIRC,"Chosen route length %d (%d direct and %d indirect "
+ "routers suitable).", routelen, num_acceptable_direct,
+ num_acceptable_indirect);
- if (num_acceptable_routers < routelen) {
+ if (num_acceptable_direct < 1 || num_acceptable_indirect < routelen - 1) {
log_info(LD_CIRC,
- "Not enough acceptable routers (%d/%d). Discarding this circuit.",
- num_acceptable_routers, routelen);
+ "Not enough acceptable routers (%d/%d direct and %d/%d "
+ "indirect routers suitable). Discarding this circuit.",
+ num_acceptable_direct, routelen,
+ num_acceptable_indirect, routelen);
return -1;
}
@@ -2315,7 +2318,7 @@ circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit_ei)
* particular router. See bug #25885.)
*/
MOCK_IMPL(STATIC int,
-count_acceptable_nodes, (smartlist_t *nodes))
+count_acceptable_nodes, (smartlist_t *nodes, int direct))
{
int num=0;
@@ -2329,7 +2332,7 @@ count_acceptable_nodes, (smartlist_t *nodes))
if (! node->is_valid)
// log_debug(LD_CIRC,"Nope, the directory says %d is not valid.",i);
continue;
- if (! node_has_any_descriptor(node))
+ if (! node_has_preferred_descriptor(node, direct))
continue;
/* The node has a descriptor, so we can just check the ntor key directly */
if (!node_has_curve25519_onion_key(node))
diff --git a/src/core/or/circuitbuild.h b/src/core/or/circuitbuild.h
@@ -84,7 +84,8 @@ void circuit_upgrade_circuits_from_guard_wait(void);
STATIC circid_t get_unique_circ_id_by_chan(channel_t *chan);
STATIC int new_route_len(uint8_t purpose, extend_info_t *exit_ei,
smartlist_t *nodes);
-MOCK_DECL(STATIC int, count_acceptable_nodes, (smartlist_t *nodes));
+MOCK_DECL(STATIC int, count_acceptable_nodes, (smartlist_t *nodes,
+ int direct));
STATIC int onion_extend_cpath(origin_circuit_t *circ);
diff --git a/src/test/test_circuitbuild.c b/src/test/test_circuitbuild.c
@@ -21,11 +21,11 @@ static smartlist_t dummy_nodes;
static extend_info_t dummy_ei;
static int
-mock_count_acceptable_nodes(smartlist_t *nodes)
+mock_count_acceptable_nodes(smartlist_t *nodes, int direct)
{
(void)nodes;
- return DEFAULT_ROUTE_LEN + 1;
+ return direct ? 1 : DEFAULT_ROUTE_LEN + 1;
}
/* Test route lengths when the caller of new_route_len() doesn't
