diff options
author | Roger Dingledine <arma@torproject.org> | 2008-08-31 06:33:39 +0000 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2008-08-31 06:33:39 +0000 |
commit | cfff21e78a85bd7af1a6abc021ef17f1b42bc948 (patch) | |
tree | 876ef2e64b59f1beee610258d26e8af680ab0022 /src/or/circuitbuild.c | |
parent | 2efe3e767577ee2c150884664da1cf3dc6398fd2 (diff) | |
download | tor-cfff21e78a85bd7af1a6abc021ef17f1b42bc948.tar.gz tor-cfff21e78a85bd7af1a6abc021ef17f1b42bc948.zip |
backport candidate:
If not enough of our entry guards are available so we add a new
one, we might use the new one even if it overlapped with the
current circuit's exit relay (or its family). Anonymity bugfix
pointed out by rovv.
svn:r16698
Diffstat (limited to 'src/or/circuitbuild.c')
-rw-r--r-- | src/or/circuitbuild.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 66f2a95c0b..163c16a907 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -2476,8 +2476,13 @@ choose_random_entry(cpath_build_state_t *state) * be a long time til we get it. -RD */ r = add_an_entry_guard(NULL, 0); if (r) { - smartlist_add(live_entry_guards, r); entry_guards_changed(); + /* XXX we start over here in case the new node we added shares + * a family with our exit node. There's a chance that we'll just + * load up on entry guards here, if the network we're using is + * one big family. Perhaps we should teach add_an_entry_guard() + * to understand nodes-to-avoid-if-possible? -RD */ + goto retry; } } if (!r && need_uptime) { |