hs: Always use a 3-hop path when a v3 single onion intro fails

Previously, we always used a 1-hop path, no matter how many times a v3 single onion intro failed. Fixes bug 23818; bugfix on 0.3.2.1-alpha.
author: teor <teor@torproject.org> 2019-08-23 14:56:01 +1000
committer: teor <teor@torproject.org> 2019-08-23 15:09:55 +1000
commit: 229a982405e0fd2f9980d3c1a41c34e0cf26ae26 (patch)
tree: 398a1250ada3c1ef119ddddfd2f042bb49e47e00 /src/feature/hs
parent: c94904b35982a73a652d9bed8b195ce625bbb962 (diff)
download: tor-229a982405e0fd2f9980d3c1a41c34e0cf26ae26.tar.gz
tor-229a982405e0fd2f9980d3c1a41c34e0cf26ae26.zip
1 files changed, 9 insertions, 2 deletions
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c
index f7996a24f5..d74b088f07 100644
--- a/src/feature/hs/hs_circuit.c
+++ b/src/feature/hs/hs_circuit.c
@@ -775,8 +775,15 @@ hs_circ_launch_intro_point(hs_service_t *service,
   tor_assert(ei);
 
   /* Update circuit flags in case of a single onion service that requires a
-   * direct connection. */
-  if (service->config.is_single_onion) {
+   * direct connection.
+   *
+   * We only use a one-hop path on the first attempt. If the first attempt
+   * fails, we use a 3-hop path for reachability / reliability.
+   * (Unlike v2, retries is incremented by the caller before it calls this
+   * function.)
+   */
+  tor_assert_nonfatal(ip->circuit_retries > 0);
+  if (service->config.is_single_onion && ip->circuit_retries == 1) {
     circ_flags |= CIRCLAUNCH_ONEHOP_TUNNEL;
   }
author	teor <teor@torproject.org>	2019-08-23 14:56:01 +1000
committer	teor <teor@torproject.org>	2019-08-23 15:09:55 +1000
commit	229a982405e0fd2f9980d3c1a41c34e0cf26ae26 (patch)
tree	398a1250ada3c1ef119ddddfd2f042bb49e47e00 /src/feature/hs
parent	c94904b35982a73a652d9bed8b195ce625bbb962 (diff)
download	tor-229a982405e0fd2f9980d3c1a41c34e0cf26ae26.tar.gz tor-229a982405e0fd2f9980d3c1a41c34e0cf26ae26.zip