diff --git a/changes/bug21596 b/changes/bug21596 new file mode 100644 index 000000000..ec0a46bb8 --- /dev/null +++ b/changes/bug21596 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden services): + - Make hidden services check for failed intro point connections, even when + they have exceeded their intro point creation limit. Fixes bug 21596; + bugfix on commit d67bf8b2f23 in Tor 0.2.7.2-alpha. Reported by + alecmuffett. diff --git a/src/or/bridges.c b/src/or/bridges.c index f766931b4..88154c6c8 100644 --- a/src/or/bridges.c +++ b/src/or/bridges.c @@ -218,7 +218,7 @@ get_configured_bridge_by_exact_addr_port_digest(const tor_addr_t *addr, if (digest && tor_memeq(bridge->identity, digest, DIGEST_LEN)) return bridge; - else if (!digest) + else if (!digest || tor_digest_is_zero(bridge->identity)) return bridge; } @@ -297,7 +297,7 @@ learned_router_identity(const tor_addr_t *addr, uint16_t port, (void)ed_id; int learned = 0; bridge_info_t *bridge = - get_configured_bridge_by_addr_port_digest(addr, port, digest); + get_configured_bridge_by_exact_addr_port_digest(addr, port, digest); if (bridge && tor_digest_is_zero(bridge->identity)) { memcpy(bridge->identity, digest, DIGEST_LEN); learned = 1; diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index e0a3854b7..5b5e13bce 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -3367,14 +3367,7 @@ guard_selection_have_enough_dir_info_to_build_circuits(guard_selection_t *gs) * guards in our list, since these are the guards that we typically use for * circuits. */ num_primary_to_check = get_n_primary_guards_to_use(GUARD_USAGE_TRAFFIC); - /* - We had added this to try to guarantee that we'd not normally try a guard - without a descriptor, even if we didn't use the first guard. But it led - to problems with the chutney bridges+ipv6-min test. A better solution is - needed. - - num_primary_to_check++; - */ + num_primary_to_check++; SMARTLIST_FOREACH_BEGIN(gs->primary_entry_guards, entry_guard_t *, guard) { entry_guard_consider_retry(guard); diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 79fec9fd5..fb777ca15 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -4070,6 +4070,10 @@ rend_consider_services_intro_points(void) smartlist_clear(exclude_nodes); smartlist_clear(retry_nodes); + /* Cleanup the invalid intro points and save the node objects, if any, + * in the exclude_nodes and retry_nodes lists. */ + remove_invalid_intro_points(service, exclude_nodes, retry_nodes, now); + /* This retry period is important here so we don't stress circuit * creation. */ if (now > service->intro_period_started + INTRO_CIRC_RETRY_PERIOD) { @@ -4080,14 +4084,10 @@ rend_consider_services_intro_points(void) rend_max_intro_circs_per_period( service->n_intro_points_wanted)) { /* We have failed too many times in this period; wait for the next - * one before we try again. */ + * one before we try to initiate any more connections. */ continue; } - /* Cleanup the invalid intro points and save the node objects, if apply, - * in the exclude_nodes and retry_nodes list. */ - remove_invalid_intro_points(service, exclude_nodes, retry_nodes, now); - /* Let's try to rebuild circuit on the nodes we want to retry on. */ SMARTLIST_FOREACH_BEGIN(retry_nodes, rend_intro_point_t *, intro) { r = rend_service_launch_establish_intro(service, intro);