mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Bug 25870: Allow the last hop in a vanguard circuit to be our guard.
The last hop in vanguard circuits can be an RP/IP/HSDir. Since vanguard circuits are at least 3 hops (sometimes 4) before this node, this change will not cause A - B - A paths.
This commit is contained in:
parent
d8ac7d557c
commit
d634c1ba6b
@ -2628,7 +2628,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state,
|
|||||||
/* This request is for an entry server to use for a regular circuit,
|
/* This request is for an entry server to use for a regular circuit,
|
||||||
* and we use entry guard nodes. Just return one of the guard nodes. */
|
* and we use entry guard nodes. Just return one of the guard nodes. */
|
||||||
tor_assert(guard_state_out);
|
tor_assert(guard_state_out);
|
||||||
return guards_choose_guard(state, guard_state_out);
|
return guards_choose_guard(state, purpose, guard_state_out);
|
||||||
}
|
}
|
||||||
|
|
||||||
excluded = smartlist_new();
|
excluded = smartlist_new();
|
||||||
|
@ -118,6 +118,7 @@
|
|||||||
#include "circpathbias.h"
|
#include "circpathbias.h"
|
||||||
#include "circuitbuild.h"
|
#include "circuitbuild.h"
|
||||||
#include "circuitlist.h"
|
#include "circuitlist.h"
|
||||||
|
#include "circuituse.h"
|
||||||
#include "circuitstats.h"
|
#include "circuitstats.h"
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
#include "confparse.h"
|
#include "confparse.h"
|
||||||
@ -3473,12 +3474,18 @@ guards_update_all(void)
|
|||||||
used. */
|
used. */
|
||||||
const node_t *
|
const node_t *
|
||||||
guards_choose_guard(cpath_build_state_t *state,
|
guards_choose_guard(cpath_build_state_t *state,
|
||||||
|
uint8_t purpose,
|
||||||
circuit_guard_state_t **guard_state_out)
|
circuit_guard_state_t **guard_state_out)
|
||||||
{
|
{
|
||||||
const node_t *r = NULL;
|
const node_t *r = NULL;
|
||||||
const uint8_t *exit_id = NULL;
|
const uint8_t *exit_id = NULL;
|
||||||
entry_guard_restriction_t *rst = NULL;
|
entry_guard_restriction_t *rst = NULL;
|
||||||
if (state && (exit_id = build_state_get_exit_rsa_id(state))) {
|
|
||||||
|
/* Only apply restrictions if we have a specific exit node in mind, and only
|
||||||
|
* if we are not doing vanguard circuits: we don't want to apply guard
|
||||||
|
* restrictions to vanguard circuits. */
|
||||||
|
if (state && !circuit_should_use_vanguards(purpose) &&
|
||||||
|
(exit_id = build_state_get_exit_rsa_id(state))) {
|
||||||
/* We're building to a targeted exit node, so that node can't be
|
/* We're building to a targeted exit node, so that node can't be
|
||||||
* chosen as our guard for this circuit. Remember that fact in a
|
* chosen as our guard for this circuit. Remember that fact in a
|
||||||
* restriction. */
|
* restriction. */
|
||||||
|
@ -322,6 +322,7 @@ struct circuit_guard_state_t {
|
|||||||
/* Common entry points for old and new guard code */
|
/* Common entry points for old and new guard code */
|
||||||
int guards_update_all(void);
|
int guards_update_all(void);
|
||||||
const node_t *guards_choose_guard(cpath_build_state_t *state,
|
const node_t *guards_choose_guard(cpath_build_state_t *state,
|
||||||
|
uint8_t purpose,
|
||||||
circuit_guard_state_t **guard_state_out);
|
circuit_guard_state_t **guard_state_out);
|
||||||
const node_t *guards_choose_dirguard(uint8_t dir_purpose,
|
const node_t *guards_choose_dirguard(uint8_t dir_purpose,
|
||||||
circuit_guard_state_t **guard_state_out);
|
circuit_guard_state_t **guard_state_out);
|
||||||
|
Loading…
Reference in New Issue
Block a user