make L2 vanguards actually independent

We had omitted some checks for whether our vanguards (second layer guards from proposal 333) overlapped or came from the same family. Now make sure to pick each of them to be independent. Fixes bug 40639; bugfix on 0.4.7.1-alpha.
2024-11-24 04:13:28 +01:00 · 2022-07-07 01:16:53 -04:00 · 2022-07-07 01:16:53 -04:00 · 7b1fffe0dd
commit 7b1fffe0dd
parent b2665ad639
2 changed files with 14 additions and 1 deletions
--- a/changes/bug40639
+++ b/changes/bug40639
@ -0,0 +1,5 @@
+  o Major bugfixes (vanguards):
+    - We had omitted some checks for whether our vanguards (second layer
+      guards from proposal 333) overlapped or came from the same family.
+      Now make sure to pick each of them to be independent. Fixes bug
+      40639; bugfix on 0.4.7.1-alpha.
--- a/src/feature/client/entrynodes.c
+++ b/src/feature/client/entrynodes.c
@ -4136,8 +4136,16 @@ maintain_layer2_guards(void)
  log_info(LD_GENERAL, "Adding %d guards to Layer2 routerset",
           new_guards_needed_n);

-  /* Add required guards to the list */
+  /* First gather the exclusions based on our current L2 guards */
  smartlist_t *excluded = smartlist_new();
+  SMARTLIST_FOREACH_BEGIN(layer2_guards, layer2_guard_t *, g) {
+    /* Exclude existing L2 guard + family so that we don't double-pick. */
+    const node_t *existing = node_get_by_id(g->identity);
+    if (existing)
+      nodelist_add_node_and_family(excluded, existing);
+  } SMARTLIST_FOREACH_END(g);
+
+  /* Add required guards to the list */
  for (int i = 0; i < new_guards_needed_n; i++) {
    const node_t *choice = NULL;
    const or_options_t *options = get_options();