Merge branch 'tor-github/pr/1255' into maint-0.4.1

This commit is contained in:
David Goulet 2019-08-29 08:55:27 -04:00
commit 337b733cfc
2 changed files with 21 additions and 4 deletions

6
changes/bug23818_v2 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (v2 single onion services):
- Always retry v2 single onion service intro and rend circuits with a
3-hop path. Previously, v2 single onion services used a 3-hop path
when rend circuits were retried after a remote or delayed failure,
but a 1-hop path for immediate retries. Fixes bug 23818;
bugfix on 0.2.9.3-alpha.

View File

@ -2123,8 +2123,12 @@ rend_service_receive_introduction(origin_circuit_t *circuit,
int flags = CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_IS_INTERNAL; int flags = CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_IS_INTERNAL;
if (circ_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME; if (circ_needs_uptime) flags |= CIRCLAUNCH_NEED_UPTIME;
/* A Single Onion Service only uses a direct connection if its /* A Single Onion Service only uses a direct connection if its
* firewall rules permit direct connections to the address. */ * firewall rules permit direct connections to the address.
if (rend_service_use_direct_connection(options, rp)) { *
* We only use a one-hop path on the first attempt. If the first attempt
* fails, we use a 3-hop path for reachability / reliability.
* See the comment in rend_service_relauch_rendezvous() for details. */
if (rend_service_use_direct_connection(options, rp) && i == 0) {
flags = flags | CIRCLAUNCH_ONEHOP_TUNNEL; flags = flags | CIRCLAUNCH_ONEHOP_TUNNEL;
} }
launched = circuit_launch_by_extend_info( launched = circuit_launch_by_extend_info(
@ -3086,8 +3090,15 @@ rend_service_launch_establish_intro(rend_service_t *service,
extend_info_t *launch_ei = intro->extend_info; extend_info_t *launch_ei = intro->extend_info;
extend_info_t *direct_ei = NULL; extend_info_t *direct_ei = NULL;
/* Are we in single onion mode? */ /* Are we in single onion mode?
if (rend_service_allow_non_anonymous_connection(options)) { *
* We only use a one-hop path on the first attempt. If the first attempt
* fails, we use a 3-hop path for reachability / reliability.
* (Unlike v3, retries is incremented by the caller after it calls this
* function.)
*/
if (rend_service_allow_non_anonymous_connection(options) &&
intro->circuit_retries == 0) {
/* Do we have a descriptor for the node? /* Do we have a descriptor for the node?
* We've either just chosen it from the consensus, or we've just reviewed * We've either just chosen it from the consensus, or we've just reviewed
* our intro points to see which ones are still valid, and deleted the ones * our intro points to see which ones are still valid, and deleted the ones