From 20883f5e8343039eca08b5e2e66e0d213143e65d Mon Sep 17 00:00:00 2001 From: Karsten Loesing Date: Fri, 19 Jun 2009 15:46:13 +0200 Subject: [PATCH 1/2] Revert "Backport fix for bug 997." This reverts commit 3847f54945933a11d14053b80427f268ffcfd8ad. --- ChangeLog | 8 -------- src/or/connection_edge.c | 27 +++++++++++++++++++++------ src/or/rendclient.c | 7 ++++--- src/or/rendcommon.c | 5 ----- 4 files changed, 25 insertions(+), 22 deletions(-) diff --git a/ChangeLog b/ChangeLog index f2da854be8..4f72328fd1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,14 +29,6 @@ Changes in version 0.2.1.16-?? - 2009-??-?? - Avoid crashing when we have a policy specified in a DirPolicy or SocksPolicy or ReachableAddresses option with ports set on it, and we re-load the policy. May fix bug 996. - - Hidden service clients didn't use a cached service descriptor that - was older than 15 minutes, but wouldn't fetch a new one either. Now, - use a cached descriptor no matter how old it is and only fetch a new - one when all introduction points fail. Fix for bug 997. Patch from - Marcus Griep. - - Fix refetching of hidden service descriptors when all introduction - points have turned out to not work. Fixes more of bug 997. - o Minor bugfixes (on 0.2.1.x): - When switching back and forth between bridge mode, do not start diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 83a7543c39..9b1f737917 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1683,12 +1683,27 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn, if (conn->rend_data->auth_type == REND_NO_AUTH) rend_client_refetch_renddesc(conn->rend_data->onion_address); } else { /* r > 0 */ - conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT; - log_info(LD_REND, "Descriptor is here and fresh enough. Great."); - if (connection_ap_handshake_attach_circuit(conn) < 0) { - if (!conn->_base.marked_for_close) - connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH); - return -1; +/** How long after we receive a hidden service descriptor do we consider + * it valid? */ +#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15) + if (now - entry->received < NUM_SECONDS_BEFORE_HS_REFETCH) { + conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT; + log_info(LD_REND, "Descriptor is here and fresh enough. Great."); + if (connection_ap_handshake_attach_circuit(conn) < 0) { + if (!conn->_base.marked_for_close) + connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH); + return -1; + } + } else { + conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT; + log_info(LD_REND, "Stale descriptor %s. Re-fetching.", + safe_str(conn->rend_data->onion_address)); + /* Fetch both, v0 and v2 rend descriptors in parallel. Use whichever + * arrives first. Exception: When using client authorization, only + * fetch v2 descriptors.*/ + rend_client_refetch_v2_renddesc(conn->rend_data); + if (conn->rend_data->auth_type == REND_NO_AUTH) + rend_client_refetch_renddesc(conn->rend_data->onion_address); } } return 0; diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 1103014fa7..784db9dadf 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -473,9 +473,10 @@ rend_client_refetch_renddesc(const char *query) } } -/** Unless we already have a descriptor for rend_query with at least - * one (possibly) working introduction point in it, start a connection to a - * hidden service directory to fetch a v2 rendezvous service descriptor. */ +/** Start a connection to a hidden service directory to fetch a v2 + * rendezvous service descriptor for the base32-encoded service ID + * query. + */ void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query) { diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 4d7b6381af..d21eb42efe 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -966,11 +966,6 @@ rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e) } if (!*e) return 0; - tor_assert((*e)->parsed && (*e)->parsed->intro_nodes); - /* XXX022 hack for now, to return "not found" if there are no intro - * points remaining. See bug 997. */ - if (smartlist_len((*e)->parsed->intro_nodes) == 0) - return 0; return 1; } From f266ecbeec83397acf2dce46feebd6389d896d14 Mon Sep 17 00:00:00 2001 From: Karsten Loesing Date: Fri, 19 Jun 2009 16:26:02 +0200 Subject: [PATCH 2/2] Better fix for 997. --- ChangeLog | 5 +++++ src/or/connection_edge.c | 3 --- src/or/or.h | 4 ++++ src/or/rendclient.c | 9 ++++++--- 4 files changed, 15 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4f72328fd1..b70b054be0 100644 --- a/ChangeLog +++ b/ChangeLog @@ -29,6 +29,11 @@ Changes in version 0.2.1.16-?? - 2009-??-?? - Avoid crashing when we have a policy specified in a DirPolicy or SocksPolicy or ReachableAddresses option with ports set on it, and we re-load the policy. May fix bug 996. + - Hidden service clients didn't use a cached service descriptor that + was older than 15 minutes, but wouldn't fetch a new one either, + because there was already one in the cache. Now, fetch a v2 + descriptor unless the same descriptor was added to the cache within + the last 15 minutes. Fixes bug 997; reported by Marcus Griep. o Minor bugfixes (on 0.2.1.x): - When switching back and forth between bridge mode, do not start diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 9b1f737917..1ef87dbffa 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1683,9 +1683,6 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn, if (conn->rend_data->auth_type == REND_NO_AUTH) rend_client_refetch_renddesc(conn->rend_data->onion_address); } else { /* r > 0 */ -/** How long after we receive a hidden service descriptor do we consider - * it valid? */ -#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15) if (now - entry->received < NUM_SECONDS_BEFORE_HS_REFETCH) { conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT; log_info(LD_REND, "Descriptor is here and fresh enough. Great."); diff --git a/src/or/or.h b/src/or/or.h index 330b2ecbe7..f84485f2f4 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -636,6 +636,10 @@ typedef enum { /** Length of a binary-encoded rendezvous service ID. */ #define REND_SERVICE_ID_LEN 10 +/** How long after we receive a hidden service descriptor do we consider + * it fresh? */ +#define NUM_SECONDS_BEFORE_HS_REFETCH (60*15) + /** Time period for which a v2 descriptor will be valid. */ #define REND_TIME_PERIOD_V2_DESC_VALIDITY (24*60*60) diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 784db9dadf..5b18a519b0 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -482,8 +482,9 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query) { char descriptor_id[DIGEST_LEN]; int replicas_left_to_try[REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS]; - int i, tries_left; + int i, tries_left, r; rend_cache_entry_t *e = NULL; + time_t now = time(NULL); tor_assert(rend_query); /* Are we configured to fetch descriptors? */ if (!get_options()->FetchHidServDescriptors) { @@ -492,9 +493,11 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query) return; } /* Before fetching, check if we already have the descriptor here. */ - if (rend_cache_lookup_entry(rend_query->onion_address, -1, &e) > 0) { + r = rend_cache_lookup_entry(rend_query->onion_address, -1, &e); + if (r > 0 && now - e->received < NUM_SECONDS_BEFORE_HS_REFETCH) { log_info(LD_REND, "We would fetch a v2 rendezvous descriptor, but we " - "already have that descriptor here. Not fetching."); + "already have a fresh copy of that descriptor here. " + "Not fetching."); return; } log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s",