summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2011-04-03 20:06:31 -0400
committerNick Mathewson <nickm@torproject.org>2011-04-26 23:54:18 -0400
commit79a3b3cd3719b3b87b0edbab62b256e42c7b42de (patch)
tree6c309e248529babbf510d7e8534140c8b8a224f4
parent6afad6b691d577fba2fe88f2fe9ed76a2f80002d (diff)
downloadtor-79a3b3cd3719b3b87b0edbab62b256e42c7b42de.tar.gz
tor-79a3b3cd3719b3b87b0edbab62b256e42c7b42de.zip
Check transition of circuit purpose from INTRO->GENERAL if nodes are constrained
This looked at first like another fun way around our node selection logic: if we had introduction circuits, and we wound up building too many, we would turn extras into general-purpose circuits. But when we did so, we wouldn't necessarily check whether the general-purpose circuits conformed to our node constraints. For example, the last node could totally be in ExcludedExitNodes and we wouldn't have cared... ...except that the circuit should already be internal, so it won't get user streams attached to it, so the transition should generally be allowed. Add an assert to make sure we're right about this, and have it not check whether ExitNodes is set, since that's irrelevant to internal circuits.
-rw-r--r--src/or/rendservice.c29
1 files changed, 19 insertions, 10 deletions
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 5b85394ddc..cd8f9eabeb 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1347,17 +1347,26 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
}
/* If we already have enough introduction circuits for this service,
- * redefine this one as a general circuit. */
+ * redefine this one as a general circuit or close it, depending. */
if (count_established_intro_points(serviceid) > NUM_INTRO_POINTS) {
- log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
- "circuit, but we already have enough. Redefining purpose to "
- "general.");
- /* XXX022-1090: This can wind up violating ExcludeNodes/
- * ExitNodes/ExcludeExitNodes restrictions.
- */
- TO_CIRCUIT(circuit)->purpose = CIRCUIT_PURPOSE_C_GENERAL;
- circuit_has_opened(circuit);
- return;
+ or_options_t *options = get_options();
+ if (options->ExcludeNodes) {
+ /* XXXX in some future version, we can test whether the transition is
+ allowed or not given the actual nodes in the circuit. But for now,
+ this case, we might as well close the thing. */
+ log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
+ "circuit, but we already have enough. Closing it.");
+ circuit_mark_for_close(TO_CIRCUIT(circuit), END_CIRC_REASON_NONE);
+ return;
+ } else {
+ tor_assert(circuit->build_state->is_internal);
+ log_info(LD_CIRC|LD_REND, "We have just finished an introduction "
+ "circuit, but we already have enough. Redefining purpose to "
+ "general; leaving as internal.");
+ TO_CIRCUIT(circuit)->purpose = CIRCUIT_PURPOSE_C_GENERAL;
+ circuit_has_opened(circuit);
+ return;
+ }
}
log_info(LD_REND,