Mark confirmed guards primary as appropriate.

If a guard becomes primary as a result of confirming it, consider
the circuit through that guard as a primary circuit.

Also, note open questions on behavior when confirming nonprimary guards
This commit is contained in:
Nick Mathewson 2016-11-27 13:19:54 -05:00
parent d2af9826fd
commit 9493711077

View File

@ -1384,6 +1384,8 @@ entry_guards_note_guard_success(guard_selection_t *gs,
if (guard->confirmed_idx < 0) {
make_guard_confirmed(gs, guard);
if (!gs->primary_guards_up_to_date)
entry_guards_update_primary(gs);
}
unsigned new_state;
@ -1392,7 +1394,19 @@ entry_guards_note_guard_success(guard_selection_t *gs,
} else {
tor_assert_nonfatal(
old_state == GUARD_CIRC_STATE_USABLE_IF_NO_BETTER_GUARD);
if (guard->is_primary) {
/* XXXX prop271 -- I don't actually like this logic. It seems to make us
* a little more susceptible to evil-ISP attacks. The mitigations I'm
* thinking of, however, aren't local to this point, so I'll leave it
* alone. */
/* This guard may have become primary by virtue of being confirmed.
If so, the circuit for it is now complete.
*/
new_state = GUARD_CIRC_STATE_COMPLETE;
} else {
new_state = GUARD_CIRC_STATE_WAITING_FOR_BETTER_GUARD;
}
if (last_time_on_internet + get_internet_likely_down_interval()
< approx_time()) {