Avoid crashing on busy/NEWNYM+hidden service clients

When we ran out of intro points for a hidden service (which could happen on a newnym), we would change the connection's state back to "waiting for hidden service descriptor." But this would make an assertion fail if we went on to call circuit_get_open_circ_or_launch again. This fixes bug 16013; I believe the bug was introduced in 38be533c69, where we made it possible for circuit_get_open_circ_or_launch() to change the connection's state.
2015-06-25 11:10:43 -04:00 · 2015-06-25 11:10:43 -04:00 · 68eaaed798
parent 75388f67c0
commit 68eaaed798
2 changed files with 17 additions and 0 deletions
--- a/changes/bug16013
+++ b/changes/bug16013
@ -0,0 +1,5 @@
+  o Major bugfixes (hidden service, stability):
+    - Stop randomly crashing with an assertion failure when connecting to a
+      busy hidden service, or connecting to a hidden service while a NEWNYM
+      is in progress. Fixes bug 16013; bugfix on 0.1.0.1-rc.
+
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@ -2346,6 +2346,18 @@ connection_ap_handshake_attach_circuit(entry_connection_t *conn)
      return 1;
    }

+    /* At this point we need to re-check the state, since it's possible that
+     * our call to circuit_get_open_circ_or_launch() changed the connection's
+     * state from "CIRCUIT_WAIT" to "RENDDESC_WAIT" because we decided to
+     * re-fetch the descriptor.
+     */
+    if (ENTRY_TO_CONN(conn)->state != AP_CONN_STATE_CIRCUIT_WAIT) {
+      log_info(LD_REND, "This connection is no longer ready to attach; its "
+               "state changed."
+               "(We probably have to re-fetch its descriptor.)");
+      return 0;
+    }
+
    if (rendcirc && (rendcirc->base_.purpose ==
                     CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED)) {
      log_info(LD_REND,