diff options
| author | David Goulet <dgoulet@torproject.org> | 2018-01-31 15:23:45 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2018-01-31 16:10:48 -0500 |
| commit | fb93c6fc517f8717891fa8bfb41c9381a12dc491 (patch) | |
| tree | c395b724a621bff62bf26a6f52a988503c183d7c /src/or/circuitlist.c | |
| parent | a846fd267edf5a457d6647b37ad7ef2ac62a1612 (diff) | |
| download | tor-fb93c6fc517f8717891fa8bfb41c9381a12dc491.tar.gz tor-fb93c6fc517f8717891fa8bfb41c9381a12dc491.zip | |
circ: Don't cannibalize a circuit if the guard state is unusable
Tor preemptiely builds circuits and they can be cannibalized later in their
lifetime. A Guard node can become unusable (from our guard state) but we can
still have circuits using that node opened. It is important to not pick those
circuits for any usage through the cannibalization process.
Fixes #24469
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/or/circuitlist.c')
| -rw-r--r-- | src/or/circuitlist.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 27d8c62b5b..8c02cd1c19 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -1803,6 +1803,13 @@ circuit_find_to_cannibalize(uint8_t purpose_to_produce, extend_info_t *info, goto next; } + /* Ignore any circuits for which we can't use the Guard. It is possible + * that the Guard was removed from the samepled set after the circuit + * was created so avoid using it. */ + if (!entry_guard_could_succeed(circ->guard_state)) { + goto next; + } + if ((!need_uptime || circ->build_state->need_uptime) && (!need_capacity || circ->build_state->need_capacity) && (internal == circ->build_state->is_internal) && |