[tor-commits] [tor/release-0.3.1] Set guard state on bridge descriptor fetches.

nickm at torproject.org nickm at torproject.org
Wed Jun 28 17:54:56 UTC 2017


commit 6009c891655748eb2089afa8bc4a3d54ec2ddab9
Author: George Kadianakis <desnacked at riseup.net>
Date:   Mon May 22 14:10:38 2017 +0300

    Set guard state on bridge descriptor fetches.
    
    We used to not set the guard state in launch_direct_bridge_descriptor_fetch().
    So when a bridge descriptor fetch failed, the guard subsystem would never
    learn about the fail (and hence the guard's reachability state would not
    be updated).
---
 changes/bug21969    |  3 +++
 src/or/bridges.c    |  6 +++++-
 src/or/entrynodes.c | 28 ++++++++++++++++++++++++++++
 src/or/entrynodes.h |  4 ++++
 4 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/changes/bug21969 b/changes/bug21969
new file mode 100644
index 0000000..9b116fc
--- /dev/null
+++ b/changes/bug21969
@@ -0,0 +1,3 @@
+  o Major bugfixes (entry guards):
+    - Don't block bootstrapping when a primary bridge is offline and we can't
+      get its descriptor. Fixes bug 21969; bugfix on 0.3.0.3-alpha.
diff --git a/src/or/bridges.c b/src/or/bridges.c
index 58375ca..0b45883 100644
--- a/src/or/bridges.c
+++ b/src/or/bridges.c
@@ -547,6 +547,7 @@ static void
 launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
 {
   const or_options_t *options = get_options();
+  circuit_guard_state_t *guard_state = NULL;
 
   if (connection_get_by_type_addr_port_purpose(
       CONN_TYPE_DIR, &bridge->addr, bridge->port,
@@ -570,12 +571,15 @@ launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
     return;
   }
 
+  guard_state = get_guard_state_for_bridge_desc_fetch(bridge->identity);
+
   directory_initiate_command(&bridge->addr, bridge->port,
                              NULL, 0, /*no dirport*/
                              bridge->identity,
                              DIR_PURPOSE_FETCH_SERVERDESC,
                              ROUTER_PURPOSE_BRIDGE,
-                             DIRIND_ONEHOP, "authority.z", NULL, 0, 0, NULL);
+                             DIRIND_ONEHOP, "authority.z", NULL, 0, 0,
+                             guard_state);
 }
 
 /** Fetching the bridge descriptor from the bridge authority returned a
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 5b5e13b..f8c7024 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -2926,6 +2926,34 @@ entry_guard_get_by_id_digest(const char *digest)
       get_guard_selection_info(), digest);
 }
 
+/** We are about to connect to bridge with identity <b>digest</b> to fetch its
+ *  descriptor. Create a new guard state for this connection and return it. */
+circuit_guard_state_t *
+get_guard_state_for_bridge_desc_fetch(const char *digest)
+{
+  circuit_guard_state_t *guard_state = NULL;
+  entry_guard_t *guard = NULL;
+
+  guard = entry_guard_get_by_id_digest_for_guard_selection(
+                                    get_guard_selection_info(), digest);
+  if (!guard) {
+    return NULL;
+  }
+
+  /* Update the guard last_tried_to_connect time since it's checked by the
+   * guard susbsystem. */
+  guard->last_tried_to_connect = approx_time();
+
+  /* Create the guard state */
+  guard_state = tor_malloc_zero(sizeof(circuit_guard_state_t));
+  guard_state->guard = entry_guard_handle_new(guard);
+  guard_state->state = GUARD_CIRC_STATE_USABLE_ON_COMPLETION;
+  guard_state->state_set_at = approx_time();
+  guard_state->restrictions = NULL;
+
+  return guard_state;
+}
+
 /** Release all storage held by <b>e</b>. */
 STATIC void
 entry_guard_free(entry_guard_t *e)
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
index f02901f..c2ddeca 100644
--- a/src/or/entrynodes.h
+++ b/src/or/entrynodes.h
@@ -323,6 +323,10 @@ const node_t *guards_choose_dirguard(circuit_guard_state_t **guard_state_out);
 entry_guard_t *entry_guard_get_by_id_digest_for_guard_selection(
     guard_selection_t *gs, const char *digest);
 entry_guard_t *entry_guard_get_by_id_digest(const char *digest);
+
+circuit_guard_state_t *
+get_guard_state_for_bridge_desc_fetch(const char *digest);
+
 void entry_guards_changed_for_guard_selection(guard_selection_t *gs);
 void entry_guards_changed(void);
 guard_selection_t * get_guard_selection_info(void);





More information about the tor-commits mailing list