From d72b256f4f0a3a9c90793ea12daae7af74072a16 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 22 Apr 2008 18:38:25 +0000 Subject: When we choose to abandon a new entry guard because we think our older ones might be better, close any circuits pending on that new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger. svn:r14417 --- ChangeLog | 4 +++- src/or/connection_or.c | 7 ++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 27388c36d6..146d8cbfe0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,9 @@ Changes in version 0.2.1.1-alpha - 2008-??-?? Patch from mwenge. Fixes bug 646. - Correctly notify one-hop connections when a circuit build has failed. Possible fix for bug 669. Found by lodger. + - When we choose to abandon a new entry guard because we think our + older ones might be better, close any circuits pending on that + new entry guard connection. Bugfix on 0.1.2.8-beta; found by lodger. o Minor features: - Allow separate log levels to be configured for different logging @@ -46,7 +49,6 @@ Changes in version 0.2.1.1-alpha - 2008-??-?? - Add a malloc_good_size implementation to OpenBSD_malloc_linux.c, to avoid unused RAM in buffer chunks and memory pools. - Downgrade "sslv3 alert handshake failure" message to INFO. - - Only log guard node status when guard node status has changed. - Add a couple of extra warnings to --enable-gcc-warnings for GCC 4.3, and stop using a warning that had become unfixably verbose under GCC 4.3. diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 00217f2dcb..6c44840862 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -889,7 +889,12 @@ connection_or_set_state_open(or_connection_t *conn) rep_hist_note_connect_succeeded(conn->identity_digest, now); if (entry_guard_register_connect_status(conn->identity_digest, 1, now) < 0) { - /* pending circs get closed in circuit_about_to_close_connection() */ + /* Close any circuits pending on this conn. We leave it in state + * 'open' though, because it didn't actually *fail* -- we just + * chose not to use it. (Otherwise + * connection_about_to_close_connection() will call a big pile of + * functions to indicate we shouldn't try it again.) */ + circuit_n_conn_done(conn, 0); return -1; } router_set_status(conn->identity_digest, 1); -- cgit v1.2.3-54-g00ecf