tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit e23947716e227a9888690b9fca7a5069038d4c0f
parent 314a6b42c59c7d9ea240b758ccffd796963efd0f
Author: George Kadianakis <desnacked@riseup.net>
Date:   Thu,  1 Jul 2021 17:49:27 +0300

Use L2 vanguards during path selection

Co-authored-by: Mike Perry <mikeperry-git@torproject.org>

Diffstat:

Msrc/core/or/circuitbuild.c | 12+++++++++---


Msrc/core/or/circuituse.c | 12++++--------


Msrc/feature/nodelist/networkstatus.c | 3+++


3 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
@@ -2259,8 +2259,9 @@ middle_node_must_be_vanguard(const or_options_t *options,
     return 0;
   }
 
-  /* If we have sticky L2 nodes, and this is an L2 pick, use vanguards */
-  if (options->HSLayer2Nodes && cur_len == 1) {
+  /* If we are a hidden service circuit, always use either vanguards-lite
+   * or HSLayer2Nodes for 2nd hop. */
+  if (cur_len == 1) {
     return 1;
   }
 
@@ -2284,7 +2285,8 @@ pick_vanguard_middle_node(const or_options_t *options,
 
   /* Pick the right routerset based on the current hop */
   if (cur_len == 1) {
-    vanguard_routerset = options->HSLayer2Nodes;
+    vanguard_routerset = options->HSLayer2Nodes ?
+      options->HSLayer2Nodes : get_layer2_guards();
   } else if (cur_len == 2) {
     vanguard_routerset = options->HSLayer3Nodes;
   } else {
@@ -2293,6 +2295,10 @@ pick_vanguard_middle_node(const or_options_t *options,
     return NULL;
   }
 
+  if (BUG(!vanguard_routerset)) {
+    return NULL;
+  }
+
   node = pick_restricted_middle_node(flags, vanguard_routerset,
                                      options->ExcludeNodes, excluded,
                                      cur_len+1);
diff --git a/src/core/or/circuituse.c b/src/core/or/circuituse.c
@@ -2022,16 +2022,12 @@ circuit_is_hs_v3(const circuit_t *circ)
 int
 circuit_should_use_vanguards(uint8_t purpose)
 {
-  const or_options_t *options = get_options();
-
-  /* Only hidden service circuits use vanguards */
-  if (!circuit_purpose_is_hidden_service(purpose))
-    return 0;
-
-  /* Pinned middles are effectively vanguards */
-  if (options->HSLayer2Nodes || options->HSLayer3Nodes)
+  /* All hidden service circuits use either vanguards or
+   * vanguards-lite. */
+  if (circuit_purpose_is_hidden_service(purpose))
     return 1;
 
+  /* Everything else is a normal circuit */
   return 0;
 }
 
diff --git a/src/feature/nodelist/networkstatus.c b/src/feature/nodelist/networkstatus.c
@@ -1699,6 +1699,9 @@ notify_after_networkstatus_changes(void)
   channelpadding_new_consensus_params(c);
   circpad_new_consensus_params(c);
   router_new_consensus_params(c);
+
+  /* Maintenance of our L2 guard list */
+  maintain_layer2_guards();
 }
 
 /** Copy all the ancillary information (like router download status and so on)