[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor] 11/20: Prop#329: Add purposes for conflux circuits



This is an automated email from the git hooks/post-receive script.

ahf pushed a commit to branch main
in repository tor.

commit a4ee0c29ee52052f82692f0825a50e1a55e01e5c
Author: Mike Perry <mikeperry-git@xxxxxxxxxxxxxx>
AuthorDate: Thu Feb 9 01:43:14 2023 +0000

    Prop#329: Add purposes for conflux circuits
    
    Because UNLINKED circuits must never be used for streams, but LINKED circuits
    can be, we want these separate.
---
 src/core/or/circuitbuild.c        | 11 +++++++++--
 src/core/or/circuitlist.c         | 20 ++++++++++++++++++++
 src/core/or/circuitlist.h         |  9 ++++++++-
 src/core/or/circuituse.c          | 19 +++++++++++++++++--
 src/core/or/connection_edge.c     | 10 ++++++++--
 src/feature/client/circpathbias.c | 13 ++++++++++++-
 6 files changed, 74 insertions(+), 8 deletions(-)

diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
index 257d33f1ab..8089f438a7 100644
--- a/src/core/or/circuitbuild.c
+++ b/src/core/or/circuitbuild.c
@@ -1444,6 +1444,7 @@ route_len_for_purpose(uint8_t purpose, extend_info_t *exit_ei)
   switch (purpose) {
     /* These purposes connect to a router that we chose, so DEFAULT_ROUTE_LEN
      * is safe: */
+  case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
   case CIRCUIT_PURPOSE_TESTING:
     /* router reachability testing */
     known_purpose = 1;
@@ -1927,6 +1928,7 @@ choose_good_exit_server(origin_circuit_t *circ,
        * since it should be random. */
       tor_assert_nonfatal(is_internal);
       FALLTHROUGH;
+    case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
     case CIRCUIT_PURPOSE_C_GENERAL:
       if (is_internal) /* pick it like a middle hop */
         return router_choose_random_node(NULL, options->ExcludeNodes, flags);
@@ -1974,6 +1976,8 @@ warn_if_last_router_excluded(origin_circuit_t *circ,
     case CIRCUIT_PURPOSE_S_HSDIR_POST:
     case CIRCUIT_PURPOSE_C_HSDIR_GET:
     case CIRCUIT_PURPOSE_C_GENERAL:
+    case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
+    case CIRCUIT_PURPOSE_CONFLUX_LINKED:
       if (circ->build_state->is_internal)
         return;
       description = "requested exit node";
@@ -2109,8 +2113,11 @@ onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit_ei,
     }
     exit_ei = extend_info_from_node(node, state->onehop_tunnel,
                 /* for_exit_use */
-                !state->is_internal && TO_CIRCUIT(circ)->purpose ==
-                  CIRCUIT_PURPOSE_C_GENERAL);
+                !state->is_internal && (
+                  TO_CIRCUIT(circ)->purpose ==
+                  CIRCUIT_PURPOSE_C_GENERAL ||
+                  TO_CIRCUIT(circ)->purpose ==
+                  CIRCUIT_PURPOSE_CONFLUX_UNLINKED));
     if (BUG(exit_ei == NULL))
       return -1;
   }
diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c
index 4ea55968ab..01baf7c795 100644
--- a/src/core/or/circuitlist.c
+++ b/src/core/or/circuitlist.c
@@ -841,6 +841,11 @@ circuit_purpose_to_controller_string(uint8_t purpose)
     case CIRCUIT_PURPOSE_C_CIRCUIT_PADDING:
       return "CIRCUIT_PADDING";
 
+    case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
+      return "CONFLUX_UNLINKED";
+    case CIRCUIT_PURPOSE_CONFLUX_LINKED:
+      return "CONFLUX_LINKED";
+
     default:
       tor_snprintf(buf, sizeof(buf), "UNKNOWN_%d", (int)purpose);
       return buf;
@@ -870,6 +875,8 @@ circuit_purpose_to_controller_hs_state_string(uint8_t purpose)
     case CIRCUIT_PURPOSE_PATH_BIAS_TESTING:
     case CIRCUIT_PURPOSE_HS_VANGUARDS:
     case CIRCUIT_PURPOSE_C_CIRCUIT_PADDING:
+    case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
+    case CIRCUIT_PURPOSE_CONFLUX_LINKED:
       return NULL;
 
     case CIRCUIT_PURPOSE_INTRO_POINT:
@@ -973,6 +980,12 @@ circuit_purpose_to_string(uint8_t purpose)
     case CIRCUIT_PURPOSE_C_CIRCUIT_PADDING:
       return "Circuit kept open for padding";
 
+    case CIRCUIT_PURPOSE_CONFLUX_UNLINKED:
+      return "Unlinked conflux circuit";
+
+    case CIRCUIT_PURPOSE_CONFLUX_LINKED:
+      return "Linked conflux circuit";
+
     default:
       tor_snprintf(buf, sizeof(buf), "UNKNOWN_%d", (int)purpose);
       return buf;
@@ -1841,6 +1854,9 @@ get_circuit_purpose_needed_to_cannibalize(uint8_t purpose)
      * circuits so that we get the same path construction logic. */
     return CIRCUIT_PURPOSE_HS_VANGUARDS;
   } else {
+    /* Conflux purposes should never get here */
+    tor_assert_nonfatal(purpose != CIRCUIT_PURPOSE_CONFLUX_UNLINKED &&
+                        purpose != CIRCUIT_PURPOSE_CONFLUX_LINKED);
     /* If no vanguards are used just get a general circuit! */
     return CIRCUIT_PURPOSE_C_GENERAL;
   }
@@ -1886,6 +1902,10 @@ circuit_find_to_cannibalize(uint8_t purpose_to_produce, extend_info_t *info,
   tor_assert_nonfatal(purpose_to_search_for == CIRCUIT_PURPOSE_C_GENERAL ||
                       purpose_to_search_for == CIRCUIT_PURPOSE_HS_VANGUARDS);
 
+  tor_assert_nonfatal(purpose_to_search_for !=
+                      CIRCUIT_PURPOSE_CONFLUX_UNLINKED);
+  tor_assert_nonfatal(purpose_to_produce != CIRCUIT_PURPOSE_CONFLUX_UNLINKED);
+
   log_debug(LD_CIRC,
             "Hunting for a circ to cannibalize: purpose %d, uptime %d, "
             "capacity %d, internal %d",
diff --git a/src/core/or/circuitlist.h b/src/core/or/circuitlist.h
index 49ded11f12..ca3c5bd0ee 100644
--- a/src/core/or/circuitlist.h
+++ b/src/core/or/circuitlist.h
@@ -130,7 +130,14 @@
  *  actual needed HS purpose. */
 #define CIRCUIT_PURPOSE_HS_VANGUARDS 24
 
-#define CIRCUIT_PURPOSE_MAX_ 24
+/**
+ * These two purposes are for conflux. The first is for circuits that are
+ * being built, but not yet linked. The second is for circuits that are
+ * linked and ready to use for streams. */
+#define CIRCUIT_PURPOSE_CONFLUX_UNLINKED 25
+#define CIRCUIT_PURPOSE_CONFLUX_LINKED 26
+
+#define CIRCUIT_PURPOSE_MAX_ 26
 /** A catch-all for unrecognized purposes. Currently we don't expect
  * to make or see any circuits with this purpose. */
 #define CIRCUIT_PURPOSE_UNKNOWN 255
diff --git a/src/core/or/circuituse.c b/src/core/or/circuituse.c
index 77c5deaafb..9110252976 100644
--- a/src/core/or/circuituse.c
+++ b/src/core/or/circuituse.c
@@ -138,7 +138,8 @@ circuit_is_acceptable(const origin_circuit_t *origin_circ,
       purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
       purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
       purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
-      purpose == CIRCUIT_PURPOSE_C_REND_JOINED) {
+      purpose == CIRCUIT_PURPOSE_C_REND_JOINED ||
+      purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED) {
     if (circ->timestamp_dirty &&
        circ->timestamp_dirty+get_options()->MaxCircuitDirtiness <= now)
       return 0;
@@ -162,6 +163,8 @@ circuit_is_acceptable(const origin_circuit_t *origin_circ,
     return 0;
 
   if (purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+      purpose == CIRCUIT_PURPOSE_CONFLUX_UNLINKED ||
+      purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED ||
       purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
       purpose == CIRCUIT_PURPOSE_C_HSDIR_GET) {
     tor_addr_t addr;
@@ -1003,7 +1006,8 @@ circuit_stream_is_being_handled(entry_connection_t *conn,
   SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
     if (CIRCUIT_IS_ORIGIN(circ) &&
         !circ->marked_for_close &&
-        circ->purpose == CIRCUIT_PURPOSE_C_GENERAL &&
+        (circ->purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+        circ->purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED) &&
         (!circ->timestamp_dirty ||
          circ->timestamp_dirty + get_options()->MaxCircuitDirtiness > now)) {
       origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
@@ -1450,6 +1454,8 @@ circuit_expire_old_circuits_clientside(void)
       if (timercmp(&circ->timestamp_began, &cutoff, OP_LT)) {
         if (circ->purpose == CIRCUIT_PURPOSE_C_GENERAL ||
                 circ->purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
+                circ->purpose == CIRCUIT_PURPOSE_CONFLUX_UNLINKED ||
+                circ->purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED ||
                 circ->purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
                 circ->purpose == CIRCUIT_PURPOSE_HS_VANGUARDS ||
                 circ->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT ||
@@ -1655,6 +1661,8 @@ circuit_has_opened(origin_circuit_t *circ)
       hs_client_circuit_has_opened(circ);
       break;
     case CIRCUIT_PURPOSE_C_GENERAL:
+      circuit_try_attaching_streams(circ);
+      break;
     case CIRCUIT_PURPOSE_C_HSDIR_GET:
     case CIRCUIT_PURPOSE_S_HSDIR_POST:
       /* Tell any AP connections that have been waiting for a new
@@ -2030,6 +2038,11 @@ circuit_should_cannibalize_to_build(uint8_t purpose_to_build,
     return 0;
   }
 
+  /* Do not cannibalize for conflux circuits */
+  if (purpose_to_build == CIRCUIT_PURPOSE_CONFLUX_UNLINKED) {
+    return 0;
+  }
+
   return 1;
 }
 
@@ -2607,6 +2620,8 @@ link_apconn_to_circ(entry_connection_t *apconn, origin_circuit_t *circ,
     exitnode = node_get_by_id(cpath->extend_info->identity_digest);
 
   /* See if we can use optimistic data on this circuit */
+  // TODO-329-PURPOSE: Can conflux use optimistic data? Does
+  // anything use optimistic data? Does anything use this?
   if (circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL ||
       circ->base_.purpose == CIRCUIT_PURPOSE_C_HSDIR_GET ||
       circ->base_.purpose == CIRCUIT_PURPOSE_S_HSDIR_POST ||
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index 7dd0935b47..b0ccedc27f 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -1236,6 +1236,7 @@ connection_ap_expire_beginning(void)
     }
 
     if (circ->purpose != CIRCUIT_PURPOSE_C_GENERAL &&
+        circ->purpose != CIRCUIT_PURPOSE_CONFLUX_LINKED &&
         circ->purpose != CIRCUIT_PURPOSE_CONTROLLER &&
         circ->purpose != CIRCUIT_PURPOSE_C_HSDIR_GET &&
         circ->purpose != CIRCUIT_PURPOSE_S_HSDIR_POST &&
@@ -3112,6 +3113,8 @@ connection_ap_supports_optimistic_data(const entry_connection_t *conn)
   const edge_connection_t *edge_conn = ENTRY_TO_EDGE_CONN(conn);
   /* We can only send optimistic data if we're connected to an open
      general circuit. */
+  // TODO-329-PURPOSE: Can conflux circuits use optimistic data?
+  // Does anything use optimistic data?
   if (edge_conn->on_circuit == NULL ||
       edge_conn->on_circuit->state != CIRCUIT_STATE_OPEN ||
       (edge_conn->on_circuit->purpose != CIRCUIT_PURPOSE_C_GENERAL &&
@@ -3138,7 +3141,8 @@ connection_ap_get_begincell_flags(entry_connection_t *ap_conn)
     return 0;
 
   /* No flags for hidden services. */
-  if (edge_conn->on_circuit->purpose != CIRCUIT_PURPOSE_C_GENERAL)
+  if (edge_conn->on_circuit->purpose != CIRCUIT_PURPOSE_C_GENERAL &&
+      edge_conn->on_circuit->purpose != CIRCUIT_PURPOSE_CONFLUX_LINKED)
     return 0;
 
   /* If only IPv4 is supported, no flags */
@@ -3222,6 +3226,7 @@ connection_ap_handshake_send_begin,(entry_connection_t *ap_conn))
 
   tor_snprintf(payload,RELAY_PAYLOAD_SIZE, "%s:%d",
                (circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+                circ->base_.purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED ||
                 circ->base_.purpose == CIRCUIT_PURPOSE_CONTROLLER) ?
                  ap_conn->socks_request->address : "",
                ap_conn->socks_request->port);
@@ -3323,7 +3328,8 @@ connection_ap_handshake_send_resolve(entry_connection_t *ap_conn)
   tor_assert(base_conn->type == CONN_TYPE_AP);
   tor_assert(base_conn->state == AP_CONN_STATE_CIRCUIT_WAIT);
   tor_assert(ap_conn->socks_request);
-  tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL);
+  tor_assert(circ->base_.purpose == CIRCUIT_PURPOSE_C_GENERAL ||
+             circ->base_.purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED);
 
   command = ap_conn->socks_request->command;
   tor_assert(SOCKS_COMMAND_IS_RESOLVE(command));
diff --git a/src/feature/client/circpathbias.c b/src/feature/client/circpathbias.c
index ff9e05a645..144a53c972 100644
--- a/src/feature/client/circpathbias.c
+++ b/src/feature/client/circpathbias.c
@@ -334,12 +334,23 @@ pathbias_should_count(origin_circuit_t *circ)
    * endpoint could be chosen maliciously.
    * Similarly, we can't count client-side intro attempts,
    * because clients can be manipulated into connecting to
-   * malicious intro points. */
+   * malicious intro points.
+   *
+   * Finally, avoid counting conflux circuits for now, because
+   * a malicious exit could cause us to reconnect and blame
+   * our guard...
+   *
+   * TODO-329-PURPOSE: This is not quite right, we could
+   * instead avoid sending usable probes on conflux circs,
+   * and count only linked circs as failures, but it is
+   * not 100% clear that would result in accurate counts. */
   if (get_options()->UseEntryGuards == 0 ||
           circ->base_.purpose == CIRCUIT_PURPOSE_TESTING ||
           circ->base_.purpose == CIRCUIT_PURPOSE_CONTROLLER ||
           circ->base_.purpose == CIRCUIT_PURPOSE_S_CONNECT_REND ||
           circ->base_.purpose == CIRCUIT_PURPOSE_S_REND_JOINED ||
+          circ->base_.purpose == CIRCUIT_PURPOSE_CONFLUX_UNLINKED ||
+          circ->base_.purpose == CIRCUIT_PURPOSE_CONFLUX_LINKED ||
           (circ->base_.purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
            circ->base_.purpose <= CIRCUIT_PURPOSE_C_INTRODUCE_ACKED)) {
 

-- 
To stop receiving notification emails like this one, please contact
the administrator of this repository.
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits