mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-20 21:16:22 +02:00
Avoid excluding guards from path building in minimal test networks
choose_good_entry_server() now excludes current entry guards and their families, unless we're in a test network, and excluding guards would exclude all nodes. This typically occurs in incredibly small tor networks, and those using TestingAuthVoteGuard * This is an incomplete fix, but is no worse than the previous behaviour, and only applies to minimal, testing tor networks (so it's no less secure). Discovered as part of #13718.
This commit is contained in:
parent
2d199bdffe
commit
22a1e9cac1
8
changes/bug13718-avoid-excluding-guards
Normal file
8
changes/bug13718-avoid-excluding-guards
Normal file
@ -0,0 +1,8 @@
|
||||
o Minor bugfixes:
|
||||
- Avoid excluding guards from path building in minimal test networks,
|
||||
when we're in a test network, and excluding guards would exclude
|
||||
all nodes. This typically occurs in incredibly small tor networks,
|
||||
and those using TestingAuthVoteGuard *
|
||||
This fix only applies to minimal, testing tor networks,
|
||||
so it's no less secure.
|
||||
Discovered as part of #13718.
|
@ -2053,9 +2053,18 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
|
||||
smartlist_add(excluded, (void*)node);
|
||||
});
|
||||
}
|
||||
/* and exclude current entry guards and their families, if applicable */
|
||||
/* and exclude current entry guards and their families,
|
||||
* unless we're in a test network, and excluding guards
|
||||
* would exclude all nodes (i.e. we're in an incredibly small tor network,
|
||||
* or we're using TestingAuthVoteGuard *).
|
||||
* This is an incomplete fix, but is no worse than the previous behaviour,
|
||||
* and only applies to minimal, testing tor networks
|
||||
* (so it's no less secure) */
|
||||
/*XXXX025 use the using_as_guard flag to accomplish this.*/
|
||||
if (options->UseEntryGuards) {
|
||||
if (options->UseEntryGuards
|
||||
&& (!options->TestingTorNetwork ||
|
||||
smartlist_len(nodelist_get_list()) > smartlist_len(get_entry_guards())
|
||||
)) {
|
||||
SMARTLIST_FOREACH(get_entry_guards(), const entry_guard_t *, entry,
|
||||
{
|
||||
if ((node = node_get_by_id(entry->identity))) {
|
||||
|
Loading…
Reference in New Issue
Block a user