aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2013-03-18 14:50:01 -0400
committerNick Mathewson <nickm@torproject.org>2013-03-18 14:50:01 -0400
commit26639b7798b5f5dae93e40bd7d050cb218a8aad2 (patch)
tree4e267e2dee87d5e3ffe6c1f4c94dd882961269e3
parent173efa10515e23b45e37f96a3755a2f16411a71a (diff)
parent44095312fa63c2623418346eb0cb487b45cf9c50 (diff)
downloadtor-26639b7798b5f5dae93e40bd7d050cb218a8aad2.tar.gz
tor-26639b7798b5f5dae93e40bd7d050cb218a8aad2.zip
Merge remote-tracking branch 'public/no_dup_guards' into maint-0.2.4
-rw-r--r--changes/bug82315
-rw-r--r--src/or/circuitbuild.c1
-rw-r--r--src/or/entrynodes.c31
-rw-r--r--src/or/or.h7
-rw-r--r--src/or/routerlist.c3
5 files changed, 46 insertions, 1 deletions
diff --git a/changes/bug8231 b/changes/bug8231
new file mode 100644
index 0000000000..fd87a1daec
--- /dev/null
+++ b/changes/bug8231
@@ -0,0 +1,5 @@
+ o Major bugfixes:
+ - When unable to find any working directory nodes to use as a
+ directory guard, give up rather than adding the same non-working
+ nodes to the list over and over. Fixes bug 8231; bugfix on
+ 0.2.4.8-alpha.
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index fbe94a98ba..bb5b253c83 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -3398,6 +3398,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
});
}
/* and exclude current entry guards and their families, if applicable */
+ /*XXXX025 use the using_as_guard flag to accomplish this.*/
if (options->UseEntryGuards) {
SMARTLIST_FOREACH(get_entry_guards(), const entry_guard_t *, entry,
{
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 5d356b6231..de80e88628 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -367,13 +367,22 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
} else {
const routerstatus_t *rs;
rs = router_pick_directory_server(MICRODESC_DIRINFO|V3_DIRINFO,
- PDS_PREFER_TUNNELED_DIR_CONNS_);
+ PDS_PREFER_TUNNELED_DIR_CONNS_|PDS_FOR_GUARD);
if (!rs)
return NULL;
node = node_get_by_id(rs->identity_digest);
if (!node)
return NULL;
}
+ if (node->using_as_guard)
+ return NULL;
+ if (entry_guard_get_by_id_digest(node->identity) != NULL) {
+ log_info(LD_CIRC, "I was about to add a duplicate entry guard.");
+ /* This can happen if we choose a guard, then the node goes away, then
+ * comes back. */
+ ((node_t*) node)->using_as_guard = 1;
+ return NULL;
+ }
entry = tor_malloc_zero(sizeof(entry_guard_t));
log_info(LD_CIRC, "Chose %s as new entry guard.",
node_describe(node));
@@ -391,6 +400,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
* this guard. For details, see the Jan 2010 or-dev thread. */
entry->chosen_on_date = time(NULL) - crypto_rand_int(3600*24*30);
entry->chosen_by_version = tor_strdup(VERSION);
+ ((node_t*)node)->using_as_guard = 1;
if (prepend)
smartlist_insert(entry_guards, 0, entry);
else
@@ -730,6 +740,21 @@ entry_nodes_should_be_added(void)
should_add_entry_nodes = 1;
}
+/** Update the using_as_guard fields of all the nodes. We do this after we
+ * remove entry guards from the list: This is the only function that clears
+ * the using_as_guard field. */
+static void
+update_node_guard_status(void)
+{
+ smartlist_t *nodes = nodelist_get_list();
+ SMARTLIST_FOREACH(nodes, node_t *, node, node->using_as_guard = 0);
+ SMARTLIST_FOREACH_BEGIN(entry_guards, entry_guard_t *, entry) {
+ node_t *node = node_get_mutable_by_id(entry->identity);
+ if (node)
+ node->using_as_guard = 1;
+ } SMARTLIST_FOREACH_END(entry);
+}
+
/** Adjust the entry guards list so that it only contains entries from
* EntryNodes, adding new entries from EntryNodes to the list as needed. */
static void
@@ -814,6 +839,8 @@ entry_guards_set_from_config(const or_options_t *options)
SMARTLIST_FOREACH(old_entry_guards_not_on_list, entry_guard_t *, e,
entry_guard_free(e));
+ update_node_guard_status();
+
smartlist_free(entry_nodes);
smartlist_free(worse_entry_nodes);
smartlist_free(entry_fps);
@@ -1269,6 +1296,8 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg)
* few lines, so we don't have to re-dirty it */
if (remove_obsolete_entry_guards(now))
entry_guards_dirty = 1;
+
+ update_node_guard_status();
}
digestmap_free(added_by, tor_free_);
return *msg ? -1 : 0;
diff --git a/src/or/or.h b/src/or/or.h
index 43fe5485da..8acd7365e3 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2249,6 +2249,9 @@ typedef struct node_t {
/** Local info: we treat this node as if it rejects everything */
unsigned int rejects_all:1;
+ /** Local info: this node is in our list of guards */
+ unsigned int using_as_guard:1;
+
/* Local info: derived. */
/** True if the IPv6 OR port is preferred over the IPv4 OR port. */
@@ -4784,6 +4787,10 @@ typedef struct dir_server_t {
#define PDS_NO_EXISTING_SERVERDESC_FETCH (1<<3)
#define PDS_NO_EXISTING_MICRODESC_FETCH (1<<4)
+/** This node is to be chosen as a directory guard, so don't choose any
+ * node that's currently a guard. */
+#define PDS_FOR_GUARD (1<<5)
+
#define PDS_PREFER_TUNNELED_DIR_CONNS_ (1<<16)
/** Possible ways to weight routers when choosing one randomly. See
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 7f4e88cf03..0c978e9d00 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1150,6 +1150,7 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
int requireother = ! (flags & PDS_ALLOW_SELF);
int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
int prefer_tunnel = (flags & PDS_PREFER_TUNNELED_DIR_CONNS_);
+ int for_guard = (flags & PDS_FOR_GUARD);
int try_excluding = 1, n_excluded = 0;
if (!consensus)
@@ -1189,6 +1190,8 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
if ((type & MICRODESC_DIRINFO) && !is_trusted &&
!node->rs->version_supports_microdesc_cache)
continue;
+ if (for_guard && node->using_as_guard)
+ continue; /* Don't make the same node a guard twice. */
if (try_excluding &&
routerset_contains_routerstatus(options->ExcludeNodes, status,
country)) {