[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] r10817: Backport r10730: Do not choose guard nodes that appear after (in tor/branches/tor-0_1_2-patches: . doc src/or)
Author: nickm
Date: 2007-07-12 13:00:44 -0400 (Thu, 12 Jul 2007)
New Revision: 10817
Modified:
tor/branches/tor-0_1_2-patches/
tor/branches/tor-0_1_2-patches/ChangeLog
tor/branches/tor-0_1_2-patches/doc/TODO.012
tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c
Log:
r13738@catbus: nickm | 2007-07-12 13:00:35 -0400
Backport r10730: Do not choose guard nodes that appear after any never-before-connected-to guard.
Property changes on: tor/branches/tor-0_1_2-patches
___________________________________________________________________
svk:merge ticket from /tor/012 [r13738] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog 2007-07-12 17:00:42 UTC (rev 10816)
+++ tor/branches/tor-0_1_2-patches/ChangeLog 2007-07-12 17:00:44 UTC (rev 10817)
@@ -9,12 +9,17 @@
routerlist while inserting a new router.
- Fix eventdns.c behavior on Solaris: It is critical to include
orconfig.h _before_ sys/types.h, so that we can get the expected
- definition of _FILE_OFFSET_BITS. [Bugfix on 0.1.2.x]
+ definition of _FILE_OFFSET_BITS.
o Major bugfixes (security):
- Fix a possible buffer overrun when using BSD natd support. Bug found
by "Mr. Croup."
+ o Minor bugfixes (guard nodes):
+ - If there's a never-before-connected-to guard node in our list,
+ never choose any guards past it. This way we don't expand our
+ guard list unless we need to.
+
o Minor bugfixes (security):
- When sending destroy cells from a circuit's origin, don't include
the reason for tearing down the circuit. The spec says we didn't,
Modified: tor/branches/tor-0_1_2-patches/doc/TODO.012
===================================================================
--- tor/branches/tor-0_1_2-patches/doc/TODO.012 2007-07-12 17:00:42 UTC (rev 10816)
+++ tor/branches/tor-0_1_2-patches/doc/TODO.012 2007-07-12 17:00:44 UTC (rev 10817)
@@ -13,7 +13,7 @@
o r10563: use correct types with desc_digest_map.
o r10566: build correctly on systems where size_t is bigger than ulong.
o r10643: eventdns.c behavior fix for solaris.
- - r10730: Don't choose guards after any never-connected-to guard. (??)
+ o r10730: Don't choose guards after any never-connected-to guard.
o r10760: fix possible buffer overrun in old BSD natd code
o r10790: Don't include reasons in destroy cells from the origin.
- Some fix for bug 455.
Modified: tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c 2007-07-12 17:00:42 UTC (rev 10816)
+++ tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c 2007-07-12 17:00:44 UTC (rev 10817)
@@ -2354,6 +2354,13 @@
r = entry_is_live(entry, need_uptime, need_capacity, 0);
if (r && !smartlist_isin(exit_family, r)) {
smartlist_add(live_entry_guards, r);
+ if (!entry->made_contact) {
+ /* Always start with the first not-yet-contacted entry
+ * guard. Otherwise we might add several new ones, pick
+ * the second new one, and now we've expanded our entry
+ * guard list without needing to. */
+ goto choose_and_finish;
+ }
if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
break; /* we have enough */
}
@@ -2387,6 +2394,7 @@
/* live_entry_guards will be empty below. Oh well, we tried. */
}
+ choose_and_finish:
r = smartlist_choose(live_entry_guards);
smartlist_free(live_entry_guards);
smartlist_free(exit_family);