summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorSebastian Hahn <sebastian@torproject.org>2010-03-01 22:26:44 +0100
committerSebastian Hahn <sebastian@torproject.org>2010-06-04 21:04:08 +0200
commitfaf51fa52a7462e356927ac521ff4e6ee0703d7c (patch)
treef67a570a6d54a6e616813204180b5f66ae7b011a /src
parent7e300cbba36a0716b8d4ca6373ffbe372fca9713 (diff)
downloadtor-faf51fa52a7462e356927ac521ff4e6ee0703d7c.tar.gz
tor-faf51fa52a7462e356927ac521ff4e6ee0703d7c.zip
Don't cannibalize one-hop circuits
In rare cases, we could cannibalize a one-hop circuit, ending up with a two-hop circuit. This circuit would not be actually used, but we should prevent its creation in the first place. Thanks to outofwords and swissknife for helping to analyse this.
Diffstat (limited to 'src')
-rw-r--r--src/or/circuitlist.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 73e2e06cce..d71d6a21b0 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -905,6 +905,10 @@ circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info,
int need_capacity = (flags & CIRCLAUNCH_NEED_CAPACITY) != 0;
int internal = (flags & CIRCLAUNCH_IS_INTERNAL) != 0;
+ /* Make sure we're not trying to create a onehop circ by
+ * cannibalization. */
+ tor_assert(!(flags & CIRCLAUNCH_ONEHOP_TUNNEL));
+
log_debug(LD_CIRC,
"Hunting for a circ to cannibalize: purpose %d, uptime %d, "
"capacity %d, internal %d",
@@ -920,7 +924,8 @@ circuit_find_to_cannibalize(uint8_t purpose, extend_info_t *info,
if ((!need_uptime || circ->build_state->need_uptime) &&
(!need_capacity || circ->build_state->need_capacity) &&
(internal == circ->build_state->is_internal) &&
- circ->remaining_relay_early_cells) {
+ circ->remaining_relay_early_cells &&
+ !circ->build_state->onehop_tunnel) {
if (info) {
/* need to make sure we don't duplicate hops */
crypt_path_t *hop = circ->cpath;