1 files changed, 38 insertions, 10 deletions

diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c
index 5436b74b9c..e5c89645f6 100644
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@@ -126,6 +126,7 @@
 #include "core/or/circuitlist.h"
 #include "core/or/circuitstats.h"
 #include "core/or/circuituse.h"
+#include "core/or/conflux_pool.h"
 #include "core/or/policies.h"
 #include "feature/client/bridges.h"
 #include "feature/client/circpathbias.h"
@@ -152,6 +153,8 @@
 #include "app/config/or_state_st.h"
 #include "src/feature/nodelist/routerstatus_st.h"
 
+#include "core/or/conflux_util.h"
+
 /** A list of existing guard selection contexts. */
 static smartlist_t *guard_contexts = NULL;
 /** The currently enabled guard selection context. */
@@ -611,7 +614,7 @@ mark_primary_guards_maybe_reachable(guard_selection_t *gs)
 }
 
 /* Called when we exhaust all guards in our sampled set: Marks all guards as
-   maybe-reachable so that we 'll try them again. */
+   maybe-reachable so that we'll try them again. */
 static void
 mark_all_guards_maybe_reachable(guard_selection_t *gs)
 {
@@ -1059,7 +1062,7 @@ get_max_sample_size(guard_selection_t *gs,
 }
 
 /**
- * Return a smartlist of the all the guards that are not currently
+ * Return a smartlist of all the guards that are not currently
  * members of the sample (GUARDS - SAMPLED_GUARDS).  The elements of
  * this list are node_t pointers in the non-bridge case, and
  * bridge_info_t pointers in the bridge case.  Set *<b>n_guards_out</b>
@@ -1589,6 +1592,19 @@ guard_create_exit_restriction(const uint8_t *exit_id)
   return rst;
 }
 
+/* Allocate and return a new exit guard restriction that excludes all current
+ * and pending conflux guards */
+STATIC entry_guard_restriction_t *
+guard_create_conflux_restriction(const origin_circuit_t *circ)
+{
+  entry_guard_restriction_t *rst = NULL;
+  rst = tor_malloc_zero(sizeof(entry_guard_restriction_t));
+  rst->type = RST_EXCL_LIST;
+  rst->excluded = smartlist_new();
+  conflux_add_guards_to_exclude_list(circ, rst->excluded);
+  return rst;
+}
+
 /** If we have fewer than this many possible usable guards, don't set
  * MD-availability-based restrictions: we might denylist all of them. */
 #define MIN_GUARDS_FOR_MD_RESTRICTION 10
@@ -1681,6 +1697,8 @@ entry_guard_obeys_restriction(const entry_guard_t *guard,
     return guard_obeys_exit_restriction(guard, rst);
   } else if (rst->type == RST_OUTDATED_MD_DIRSERVER) {
     return guard_obeys_md_dirserver_restriction(guard);
+  } else if (rst->type == RST_EXCL_LIST) {
+    return !smartlist_contains_digest(rst->excluded, guard->identity);
   }
 
   tor_assert_nonfatal_unreached();
@@ -1896,7 +1914,7 @@ make_guard_confirmed(guard_selection_t *gs, entry_guard_t *guard)
 
   guard->confirmed_idx = gs->next_confirmed_idx++;
   smartlist_add(gs->confirmed_entry_guards, guard);
-  /** The confirmation ordering might not be the sample ording. We need to
+  /** The confirmation ordering might not be the sample ordering. We need to
    * reorder */
   smartlist_sort(gs->confirmed_entry_guards, compare_guards_by_sampled_idx);
 
@@ -2428,6 +2446,11 @@ entry_guard_has_higher_priority(entry_guard_t *a, entry_guard_t *b)
 STATIC void
 entry_guard_restriction_free_(entry_guard_restriction_t *rst)
 {
+  if (rst && rst->excluded) {
+    SMARTLIST_FOREACH(rst->excluded, void *, g,
+                      tor_free(g));
+    smartlist_free(rst->excluded);
+  }
   tor_free(rst);
 }
 
@@ -3781,7 +3804,8 @@ guards_update_all(void)
 /** Helper: pick a guard for a circuit, with whatever algorithm is
     used. */
 const node_t *
-guards_choose_guard(cpath_build_state_t *state,
+guards_choose_guard(const origin_circuit_t *circ,
+                    cpath_build_state_t *state,
                     uint8_t purpose,
                     circuit_guard_state_t **guard_state_out)
 {
@@ -3789,14 +3813,18 @@ guards_choose_guard(cpath_build_state_t *state,
   const uint8_t *exit_id = NULL;
   entry_guard_restriction_t *rst = NULL;
 
-  /* Only apply restrictions if we have a specific exit node in mind, and only
-   * if we are not doing vanguard circuits: we don't want to apply guard
-   * restrictions to vanguard circuits. */
-  if (state && !circuit_should_use_vanguards(purpose) &&
+  /* If we this is a conflux circuit, build an exclusion list for it. */
+  if (CIRCUIT_IS_CONFLUX(TO_CIRCUIT(circ))) {
+    rst = guard_create_conflux_restriction(circ);
+    /* Don't allow connecting back to the exit if there is one */
+    if (state && (exit_id = build_state_get_exit_rsa_id(state))) {
+      /* add the exit_id to the excluded list */
+      smartlist_add(rst->excluded, tor_memdup(exit_id, DIGEST_LEN));
+    }
+  } else if (state && !circuit_should_use_vanguards(purpose) &&
       (exit_id = build_state_get_exit_rsa_id(state))) {
     /* We're building to a targeted exit node, so that node can't be
-     * chosen as our guard for this circuit.  Remember that fact in a
-     * restriction. */
+     * chosen as our guard for this circuit, unless we're vanguards. */
     rst = guard_create_exit_restriction(exit_id);
     tor_assert(rst);
   }