tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit dd63e8cf9dd12677ba1396f3b8f697718538d9bf
parent 7ce17c2b008dee04b209ac698e7a380eae63987e
Author: David Goulet <dgoulet@torproject.org>
Date:   Wed, 16 Mar 2022 11:01:56 -0400

hs: Transfer ccontrol from circuit to cpath

Once the cpath is finalized, e2e encryption setup, transfer the ccontrol
from the rendezvous circuit to the cpath.

This allows the congestion control subsystem to properly function for
both upload and download side of onion services.

Closes #40586

Signed-off-by: David Goulet <dgoulet@torproject.org>

Diffstat:

Achanges/ticket40586 | 5+++++


Msrc/feature/hs/hs_circuit.c | 16++++++++++++++++


Msrc/feature/hs/hs_client.c | 5+++++


3 files changed, 26 insertions(+), 0 deletions(-)

diff --git a/changes/ticket40586 b/changes/ticket40586
@@ -0,0 +1,5 @@
+  o Major bugfixes (onion service, congestion control):
+    - Fix the onion service upload case where the congestion control parameters
+      were not added to the right object. Fixes bug 40586; bugfix on
+      0.4.7.4-alpha.
+
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
@@ -131,6 +131,12 @@ finalize_rend_circuit(origin_circuit_t *circ, crypt_path_t *hop,
    * so we can actually use it. */
   circ->hs_circ_has_timed_out = 0;
 
+  /* If congestion control, transfer ccontrol onto the cpath. */
+  if (TO_CIRCUIT(circ)->ccontrol) {
+    hop->ccontrol = TO_CIRCUIT(circ)->ccontrol;
+    TO_CIRCUIT(circ)->ccontrol = NULL;
+  }
+
   /* Append the hop to the cpath of this circuit */
   cpath_extend_linked_list(&circ->cpath, hop);
 
@@ -416,6 +422,11 @@ launch_rendezvous_point_circuit,(const hs_service_t *service,
       .sendme_inc_cells = congestion_control_sendme_inc(),
     };
 
+    /* It is setup on the circuit in order to indicate that congestion control
+     * is enabled. It will be transferred to the RP crypt_path_t once the
+     * handshake is finalized in finalize_rend_circuit() because the final hop
+     * is not available until then. */
+
     /* Initialize ccontrol for appropriate path type */
     if (service->config.is_single_onion) {
       TO_CIRCUIT(circ)->ccontrol = congestion_control_new(&circ_params,
@@ -533,6 +544,11 @@ retry_service_rendezvous_point(const origin_circuit_t *circ)
       .sendme_inc_cells = TO_CIRCUIT(circ)->ccontrol->sendme_inc,
     };
 
+    /* It is setup on the circuit in order to indicate that congestion control
+     * is enabled. It will be transferred to the RP crypt_path_t once the
+     * handshake is finalized in finalize_rend_circuit() because the final hop
+     * is not available until then. */
+
     /* As per above, in this case, we are a full 3 hop rend, even if we're a
      * single-onion service */
     if (get_options()->HSLayer3Nodes) {
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
@@ -826,6 +826,11 @@ setup_rendezvous_circ_congestion_control(origin_circuit_t *circ)
   if (circ_params.cc_enabled) {
     circ_params.sendme_inc_cells = desc->encrypted_data.sendme_inc;
 
+    /* It is setup on the circuit in order to indicate that congestion control
+     * is enabled. It will be transferred to the RP crypt_path_t once the
+     * handshake is finalized in finalize_rend_circuit() because the final hop
+     * is not available until then. */
+
     if (desc->encrypted_data.single_onion_service) {
       TO_CIRCUIT(circ)->ccontrol = congestion_control_new(&circ_params,
                                                           CC_PATH_ONION_SOS);