diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-02-28 08:16:43 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-02-28 08:16:43 -0500 |
| commit | 16f337e7639c42b5c6106d6bc9828cb9e6614054 (patch) | |
| tree | f6030021b0e05809cb864924f161b950f49cf405 | |
| parent | eef8bd4d3c49bf093f11bf6fa81bfd8561f02fc5 (diff) | |
| parent | 1582adabbb13871bcf6f91be4fa8523aeb36f79a (diff) | |
| download | tor-16f337e7639c42b5c6106d6bc9828cb9e6614054.tar.gz tor-16f337e7639c42b5c6106d6bc9828cb9e6614054.zip | |
Merge branch 'bug21027_v2_squashed' into maint-0.3.0
| -rw-r--r-- | changes/bug21027 | 8 | ||||
| -rw-r--r-- | src/or/bridges.c | 27 | ||||
| -rw-r--r-- | src/or/bridges.h | 4 | ||||
| -rw-r--r-- | src/or/entrynodes.c | 37 |
4 files changed, 55 insertions, 21 deletions
diff --git a/changes/bug21027 b/changes/bug21027 new file mode 100644 index 0000000000..d20df876fa --- /dev/null +++ b/changes/bug21027 @@ -0,0 +1,8 @@ + o Major bugfixes (bridges): + + - When the same bridge is configured multiple times at different + address:port combinations (but with the same identity), treat + those bridge instances as separate guards. This allows clients to + configure the same bridge with multiple pluggable transports, once + again. Fixes bug 21027; bugfix on 0.3.0.1-alpha. + diff --git a/src/or/bridges.c b/src/or/bridges.c index 8b37f412ea..f766931b46 100644 --- a/src/or/bridges.c +++ b/src/or/bridges.c @@ -199,6 +199,33 @@ get_configured_bridge_by_addr_port_digest(const tor_addr_t *addr, return NULL; } +/** + * As get_configured_bridge_by_addr_port, but require that the + * address match <b>addr</b>:<b>port</b>, and that the ID digest match + * <b>digest</b>. (The other function will ignore the address if the + * digest matches.) + */ +bridge_info_t * +get_configured_bridge_by_exact_addr_port_digest(const tor_addr_t *addr, + uint16_t port, + const char *digest) +{ + if (!bridge_list) + return NULL; + SMARTLIST_FOREACH_BEGIN(bridge_list, bridge_info_t *, bridge) { + if (!tor_addr_compare(&bridge->addr, addr, CMP_EXACT) && + bridge->port == port) { + + if (digest && tor_memeq(bridge->identity, digest, DIGEST_LEN)) + return bridge; + else if (!digest) + return bridge; + } + + } SMARTLIST_FOREACH_END(bridge); + return NULL; +} + /** If we have a bridge configured whose digest matches <b>digest</b>, or a * bridge with no known digest whose address matches <b>addr</b>:<b>port</b>, * return 1. Else return 0. If <b>digest</b> is NULL, check for diff --git a/src/or/bridges.h b/src/or/bridges.h index de23fe6eeb..27ea5e197c 100644 --- a/src/or/bridges.h +++ b/src/or/bridges.h @@ -27,6 +27,10 @@ bridge_info_t *get_configured_bridge_by_addr_port_digest( const tor_addr_t *addr, uint16_t port, const char *digest); +bridge_info_t *get_configured_bridge_by_exact_addr_port_digest( + const tor_addr_t *addr, + uint16_t port, + const char *digest); int addr_is_a_configured_bridge(const tor_addr_t *addr, uint16_t port, const char *digest); diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 3bb5169355..3e871477b4 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -768,11 +768,6 @@ get_sampled_guard_for_bridge(guard_selection_t *gs, const uint8_t *id = bridge_get_rsa_id_digest(bridge); const tor_addr_port_t *addrport = bridge_get_addr_port(bridge); entry_guard_t *guard; - if (id) { - guard = get_sampled_guard_with_id(gs, id); - if (guard) - return guard; - } if (BUG(!addrport)) return NULL; // LCOV_EXCL_LINE guard = get_sampled_guard_by_bridge_addr(gs, addrport); @@ -787,16 +782,17 @@ get_sampled_guard_for_bridge(guard_selection_t *gs, static bridge_info_t * get_bridge_info_for_guard(const entry_guard_t *guard) { + const uint8_t *identity = NULL; if (! tor_digest_is_zero(guard->identity)) { - bridge_info_t *bridge = find_bridge_by_digest(guard->identity); - if (bridge) - return bridge; + identity = (const uint8_t *)guard->identity; } if (BUG(guard->bridge_addr == NULL)) return NULL; - return get_configured_bridge_by_addr_port_digest(&guard->bridge_addr->addr, - guard->bridge_addr->port, - NULL); + + return get_configured_bridge_by_exact_addr_port_digest( + &guard->bridge_addr->addr, + guard->bridge_addr->port, + (const char*)identity); } /** @@ -820,6 +816,10 @@ entry_guard_add_to_sample(guard_selection_t *gs, log_info(LD_GUARD, "Adding %s as to the entry guard sample set.", node_describe(node)); + /* make sure that the guard is not already sampled. */ + if (BUG(have_sampled_guard_with_id(gs, (const uint8_t*)node->identity))) + return NULL; // LCOV_EXCL_LINE + return entry_guard_add_to_sample_impl(gs, (const uint8_t*)node->identity, node_get_nickname(node), @@ -843,9 +843,6 @@ entry_guard_add_to_sample_impl(guard_selection_t *gs, // XXXX #20827 take ed25519 identity here too. - /* make sure that the guard is not already sampled. */ - if (rsa_id_digest && BUG(have_sampled_guard_with_id(gs, rsa_id_digest))) - return NULL; // LCOV_EXCL_LINE /* Make sure we can actually identify the guard. */ if (BUG(!rsa_id_digest && !bridge_addrport)) return NULL; // LCOV_EXCL_LINE @@ -890,6 +887,10 @@ entry_guard_add_bridge_to_sample(guard_selection_t *gs, tor_assert(addrport); + /* make sure that the guard is not already sampled. */ + if (BUG(get_sampled_guard_for_bridge(gs, bridge))) + return NULL; // LCOV_EXCL_LINE + return entry_guard_add_to_sample_impl(gs, id_digest, NULL, addrport); } @@ -2901,13 +2902,7 @@ entry_guard_t * entry_guard_get_by_id_digest_for_guard_selection(guard_selection_t *gs, const char *digest) { - tor_assert(gs != NULL); - - SMARTLIST_FOREACH(gs->sampled_entry_guards, entry_guard_t *, entry, - if (tor_memeq(digest, entry->identity, DIGEST_LEN)) - return entry; - ); - return NULL; + return get_sampled_guard_with_id(gs, (const uint8_t*)digest); } /** Return the node_t associated with a single entry_guard_t. May |