[tor-commits] [tor/master] Clean up some XXX comments.

nickm at torproject.org nickm at torproject.org
Wed Dec 26 04:34:55 UTC 2012 

commit aa16d59ee7abdf7c3309c267052ae265e141e1b3
Author: Mike Perry <mikeperry-git at fscked.org>
Date:   Sun Dec 9 23:50:05 2012 -0800

    Clean up some XXX comments.
---
 src/or/circuitbuild.c |    4 ----
 src/or/circuituse.c   |    1 +
 src/or/relay.c        |    4 +++-
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index a724006..f903bbf 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1434,10 +1434,6 @@ pathbias_check_close(origin_circuit_t *ocirc, int reason)
     if (circ->timestamp_dirty) {
       /* Any circuit where there were attempted streams but no successful
        * streams could be bias */
-      // XXX: May open up attacks if the adversary can force connections
-      // on unresponsive hosts to use new circs. Vidalia displayes a "Retrying"
-      // state.. Can we use that? Does optimistic data change this?
-
       log_info(LD_CIRC,
             "Circuit %d closed without successful use for reason %d. "
             "Circuit purpose %d currently %s.",
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index d3b4801..cb44bba 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1166,6 +1166,7 @@ circuit_has_opened(origin_circuit_t *circ)
    * building). */
   // XXX: Cannibalized now use RELAY_EARLY, which is visible
   // to taggers end-to-end! We really need to probe these instead.
+  // Don't forget to remove this check once that's done!
   if (circ->has_opened &&
       circ->build_state->desired_path_len > DEFAULT_ROUTE_LEN) {
     circ->path_state = PATH_STATE_USE_SUCCEEDED;
diff --git a/src/or/relay.c b/src/or/relay.c
index 3ee0c83..6ed4b93 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -697,7 +697,9 @@ connection_ap_process_end_not_open(
     /* Path bias: If we get a valid reason code from the exit,
      * it wasn't due to tagging */
     // XXX: This relies on recognized+digest being strong enough not
-    // to be spoofable.. Is that a valid assumption?
+    // to be spoofable.. Is that a valid assumption? 
+    // Or more accurately: is it better than nothing? Can the attack
+    // be done offline?
     circ->path_state = PATH_STATE_USE_SUCCEEDED;
   }

More information about the tor-commits mailing list