summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@ev0ke.net>2014-11-10 14:38:53 -0500
committerDavid Goulet <dgoulet@ev0ke.net>2014-11-10 15:02:54 -0500
commit34eb007d2201bad44bd6b72681f2c3552445dfc4 (patch)
tree785412fba2f69c61a785c3415191557760f8856b
parentfed78bce8bc645866578a1739a10ee598bbaf4e0 (diff)
downloadtor-34eb007d2201bad44bd6b72681f2c3552445dfc4.tar.gz
tor-34eb007d2201bad44bd6b72681f2c3552445dfc4.zip
Fix: don't report timeout when closing parallel intro points
When closing parallel introduction points, the given reason (timeout) was actually changed to "no reason" thus when the circuit purpose was CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, we were reporting an introduction point failure and flagging it "unreachable". After three times, that intro point gets removed from the rend cache object. In the case of CIRCUIT_PURPOSE_C_INTRODUCING, the intro point was flagged has "timed out" and thus not used until the connection to the HS is closed where that flag gets reset. This commit adds an internal circuit reason called END_CIRC_REASON_IP_NOW_REDUNDANT which tells the closing circuit mechanism to not report any intro point failure. This has been observed while opening hundreds of connections to an HS on different circuit for each connection. This fix makes this use case to work like a charm. Fixes #13698. Signed-off-by: David Goulet <dgoulet@ev0ke.net>
-rw-r--r--changes/bug136984
-rw-r--r--src/or/circuitlist.c41
-rw-r--r--src/or/or.h4
-rw-r--r--src/or/rendclient.c5
4 files changed, 33 insertions, 21 deletions
diff --git a/changes/bug13698 b/changes/bug13698
new file mode 100644
index 0000000000..71e018b6ed
--- /dev/null
+++ b/changes/bug13698
@@ -0,0 +1,4 @@
+ o Bugfixes:
+ - When closing an introduction circuit that was opened in parallel, don't
+ mark it unreachable which can causes it to be removed from the rend cache
+ object thus not usable anymore.
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index c7b15e40ba..6f12df8778 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -1417,30 +1417,35 @@ circuit_mark_for_close_(circuit_t *circ, int reason, int line,
tor_assert(circ->state == CIRCUIT_STATE_OPEN);
tor_assert(ocirc->build_state->chosen_exit);
tor_assert(ocirc->rend_data);
- /* treat this like getting a nack from it */
- log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). %s",
- safe_str_client(ocirc->rend_data->onion_address),
- safe_str_client(build_state_get_exit_nickname(ocirc->build_state)),
- timed_out ? "Recording timeout." : "Removing from descriptor.");
- rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit,
- ocirc->rend_data,
- timed_out ?
- INTRO_POINT_FAILURE_TIMEOUT :
- INTRO_POINT_FAILURE_GENERIC);
+ if (orig_reason != END_CIRC_REASON_IP_NOW_REDUNDANT) {
+ /* treat this like getting a nack from it */
+ log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). %s",
+ safe_str_client(ocirc->rend_data->onion_address),
+ safe_str_client(build_state_get_exit_nickname(ocirc->build_state)),
+ timed_out ? "Recording timeout." : "Removing from descriptor.");
+ rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit,
+ ocirc->rend_data,
+ timed_out ?
+ INTRO_POINT_FAILURE_TIMEOUT :
+ INTRO_POINT_FAILURE_GENERIC);
+ }
} else if (circ->purpose == CIRCUIT_PURPOSE_C_INTRODUCING &&
reason != END_CIRC_REASON_TIMEOUT) {
origin_circuit_t *ocirc = TO_ORIGIN_CIRCUIT(circ);
if (ocirc->build_state->chosen_exit && ocirc->rend_data) {
- log_info(LD_REND, "Failed intro circ %s to %s "
- "(building circuit to intro point). "
- "Marking intro point as possibly unreachable.",
- safe_str_client(ocirc->rend_data->onion_address),
- safe_str_client(build_state_get_exit_nickname(ocirc->build_state)));
- rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit,
- ocirc->rend_data,
- INTRO_POINT_FAILURE_UNREACHABLE);
+ if (orig_reason != END_CIRC_REASON_IP_NOW_REDUNDANT) {
+ log_info(LD_REND, "Failed intro circ %s to %s "
+ "(building circuit to intro point). "
+ "Marking intro point as possibly unreachable.",
+ safe_str_client(ocirc->rend_data->onion_address),
+ safe_str_client(build_state_get_exit_nickname(ocirc->build_state)));
+ rend_client_report_intro_point_failure(ocirc->build_state->chosen_exit,
+ ocirc->rend_data,
+ INTRO_POINT_FAILURE_UNREACHABLE);
+ }
}
}
+
if (circ->n_chan) {
circuit_clear_cell_queue(circ, circ->n_chan);
/* Only send destroy if the channel isn't closing anyway */
diff --git a/src/or/or.h b/src/or/or.h
index 34f055cf06..f3e7b80fbd 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -659,6 +659,10 @@ typedef enum {
/* Negative reasons are internal: we never send them in a DESTROY or TRUNCATE
* call; they only go to the controller for tracking */
+
+/* Closing introduction point that were opened in parallel. */
+#define END_CIRC_REASON_IP_NOW_REDUNDANT -4
+
/** Our post-timeout circuit time measurement period expired.
* We must give up now */
#define END_CIRC_REASON_MEASUREMENT_EXPIRED -3
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 7abbfd6fc5..4ff000d3ed 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -368,8 +368,7 @@ rend_client_rendcirc_has_opened(origin_circuit_t *circ)
}
/**
- * Called to close other intro circuits we launched in parallel
- * due to timeout.
+ * Called to close other intro circuits we launched in parallel.
*/
static void
rend_client_close_other_intros(const char *onion_address)
@@ -387,7 +386,7 @@ rend_client_close_other_intros(const char *onion_address)
log_info(LD_REND|LD_CIRC, "Closing introduction circuit %d that we "
"built in parallel (Purpose %d).", oc->global_identifier,
c->purpose);
- circuit_mark_for_close(c, END_CIRC_REASON_TIMEOUT);
+ circuit_mark_for_close(c, END_CIRC_REASON_IP_NOW_REDUNDANT);
}
}
}