diff options
| author | Nick Mathewson <nickm@torproject.org> | 2021-08-18 08:43:31 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2021-08-18 08:43:31 -0400 |
| commit | 984e3a9c6c4d193e095c376637321c0bfa371c08 (patch) | |
| tree | f15a2081d07707831ad297114a8280c269074f89 | |
| parent | 00b57e81f827d524dc42e2eab052e4d3b61b2cb6 (diff) | |
| parent | cac612af42798bc76d8933837a9da97ddc039c9b (diff) | |
| download | tor-984e3a9c6c4d193e095c376637321c0bfa371c08.tar.gz tor-984e3a9c6c4d193e095c376637321c0bfa371c08.zip | |
Merge remote-tracking branch 'tor-gitlab/mr/420'
| -rw-r--r-- | changes/ticket40434 | 6 | ||||
| -rw-r--r-- | src/feature/dirclient/dirclient.c | 17 | ||||
| -rw-r--r-- | src/feature/dircommon/directory.h | 6 |
3 files changed, 28 insertions, 1 deletions
diff --git a/changes/ticket40434 b/changes/ticket40434 new file mode 100644 index 0000000000..988bb416be --- /dev/null +++ b/changes/ticket40434 @@ -0,0 +1,6 @@ + o Minor bugfix (onion service): + - Do not flag an HSDir as non-running in case the descriptor upload or + fetch fails. An onion service closes pending directory connections + before uploading a new descriptor which can thus lead to wrongly + flagging many relays and thus affecting circuit building path selection. + Fixes bug 40434; bugfix on 0.2.0.13-alpha. diff --git a/src/feature/dirclient/dirclient.c b/src/feature/dirclient/dirclient.c index a2b20621a0..4e9c8e2f45 100644 --- a/src/feature/dirclient/dirclient.c +++ b/src/feature/dirclient/dirclient.c @@ -709,7 +709,22 @@ connection_dir_client_request_failed(dir_connection_t *conn) entry_guard_failed(&conn->guard_state); } if (!entry_list_is_constrained(get_options())) - router_set_status(conn->identity_digest, 0); /* don't try this one again */ + /* We must not set a directory to non-running for HS purposes else we end + * up flagging nodes from the hashring has unusable. It doesn't have direct + * effect on the HS subsystem because the nodes are selected regardless of + * their status but still, we shouldn't flag them as non running. + * + * One example where this can go bad is if a tor instance gets added a lot + * of ephemeral services and with a network with problem then many nodes in + * the consenus ends up unusable. + * + * Furthermore, a service does close any pending directory connections + * before uploading a descriptor and thus we can end up here in a natural + * way since closing a pending directory connection leads to this code + * path. */ + if (!DIR_PURPOSE_IS_HS(TO_CONN(conn)->purpose)) { + router_set_status(conn->identity_digest, 0); + } if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC || conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) { log_info(LD_DIR, "Giving up on serverdesc/extrainfo fetch from " diff --git a/src/feature/dircommon/directory.h b/src/feature/dircommon/directory.h index f233e8b244..7d861682bb 100644 --- a/src/feature/dircommon/directory.h +++ b/src/feature/dircommon/directory.h @@ -80,6 +80,12 @@ const dir_connection_t *CONST_TO_DIR_CONN(const connection_t *c); (p)==DIR_PURPOSE_UPLOAD_SIGNATURES || \ (p)==DIR_PURPOSE_UPLOAD_HSDESC) +/** True iff p is a purpose corresponding to onion service that is either + * uploading or fetching actions. */ +#define DIR_PURPOSE_IS_HS(p) \ + ((p) == DIR_PURPOSE_FETCH_HSDESC || \ + (p) == DIR_PURPOSE_UPLOAD_HSDESC) + enum compress_method_t; int parse_http_response(const char *headers, int *code, time_t *date, enum compress_method_t *compression, char **response); |