tor-commits

tor-commits@lists.torproject.org

1 participants
212433 discussions

[tor/maint-0.2.2] Add a big changelog entry for bug 1090 fixes
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit c49f660c1a9f196c8cbb4863bb377bdb6e642539 Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Apr 27 13:33:38 2011 -0400 Add a big changelog entry for bug 1090 fixes --- changes/bug1090-general | 73 +++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 73 insertions(+), 0 deletions(-) diff --git a/changes/bug1090-general b/changes/bug1090-general new file mode 100644 index 0000000..4656315 --- /dev/null +++ b/changes/bug1090-general @@ -0,0 +1,73 @@ + o Major features and bugfixes (node selection) + + - Revise and unify the meaning of the ExitNodes, EntryNodes, + ExcludeEntryNodes, ExcludeExitNodes, ExcludeNodes, and + StrictNodes options. Previously, we had been ambiguous in + describing what counted as an "exit" node, and what operations + exactly "StrictNodes 0" would permit. This created confusion + when people saw nodes built through unexpected circuits, and + made it hard to tell real bugs from surprises. We now stipulate + that the intended behavior is: + + . "Exit", in the context of ExitNodes and ExcludeExitNodes, + means a node that delivers user traffic outside the Tor + network. + . "Entry", in the context of EntryNodes and ExcludeEntryNodes, + means a node used as the first hop of a multihop circuit: + it doesn't include direct connections to directory servers. + . "ExcludeNodes" applies to all nodes. + . "StrictNodes" changes the behavior of ExcludeNodes only. + When StrictNodes is set, Tor should avoid all nodes listed + in ExcludeNodes, even when it will make user requests + fail. When StrictNodes is *not* set, then Tor should + follow ExcludeNodes whenever it can, except when it must + use an excluded node to perform self-tests, connect to a + hidden service, provide a hidden service, fulfill a .exit + request, upload directory information, or fetch directory + information. + + Collectively, the changes to implement the behavior are a fix for + bug 1090. + + - ExcludeNodes now takes precedence over EntryNodes and ExitNodes: + if a node is listed in both, it's treated as excluded. + + - ExcludeNodes now applies to directory nodes: as a preference if + StrictNodes is 0, or an absolute requirement if StrictNodes is 1. + (Don't exclude all the directory authorities and set StrictNodes + to 1 unless you really want your Tor to break.) + + - ExcludeNodes and ExcludeExitNodes now override exit enclaving. + + - ExcludeExitNodes now overrides .exit requests. + + - We don't use bridges from ExcludeNodes. + + - When StrictNodes is 1: + . We now apply ExcludeNodes to hidden service introduction points + and to rendezvous points selected by hidden service users. + This can make your hidden service less reliable: use it with + caution! + . If we have used ExcludeNodes on ourself, do not try self-tests. + . If we have excluded all the directory authorities, we will + not even try to upload our descriptor if we're a server. + . Do not honor .exit requests to an excluded node. + + - Remove a misfeature that caused us to ignore the Fast/Stable flags + if ExitNodes was set. Bugfix on 0.2.2.7-alpha. + + - When the set of permitted nodes changes, we now remove any + mappings introduced via TrackExitHosts to now-excluded nodes. + Bugfix on 0.1.0.1-rc. + + - We never cannibalize a circuit that had excluded nodes on it, + even if StrictNodes is 0. Bugfix on 0.1.0.1-rc. + + - Improve log messages related to excluded nodes. + + - Revert a change where we would be laxer about attaching streams to + circuits than when building the circuits. This was meant to + prevent a set of bugs where streams were never attachable, but our + improved code here should make this unnecessary. Bugfix on + 0.2.2.7-alpha. +

1 0

[tor/maint-0.2.2] revert most of ef81649d2fc
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit f962dda8c188ebe17be1ad7d6548f303b6425943 Author: Roger Dingledine <arma(a)torproject.org> Date: Tue Apr 26 19:55:34 2011 -0400 revert most of ef81649d2fc Now we believe it to be the case that we never build a circuit for our stream that has an unsuitable exit, so we'll never need to use such a circuit. The risk is that we have some code that builds the circuit, but now we refuse to use it, meaning we just build a bazillion circuits and ignore them all. --- src/or/circuitbuild.c | 2 +- src/or/circuituse.c | 18 ++++++++++++------ src/or/connection_edge.c | 19 ++----------------- src/or/connection_edge.h | 3 +-- 4 files changed, 16 insertions(+), 26 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index b963f1a..6401e71 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -2728,7 +2728,7 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, { if (!ap_stream_wants_exit_attention(conn)) continue; /* Skip everything but APs in CIRCUIT_WAIT */ - if (connection_ap_can_use_exit(TO_EDGE_CONN(conn), router, 1)) { + if (connection_ap_can_use_exit(TO_EDGE_CONN(conn), router)) { ++n_supported[i]; // log_fn(LOG_DEBUG,"%s is supported. n_supported[%d] now %d.", // router->nickname, i, n_supported[i]); diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 530941c..cc4a739 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -127,7 +127,7 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn, return 0; } } - if (exitrouter && !connection_ap_can_use_exit(conn, exitrouter, 0)) { + if (exitrouter && !connection_ap_can_use_exit(conn, exitrouter)) { /* can't exit from this router */ return 0; } @@ -166,6 +166,10 @@ circuit_is_better(circuit_t *a, circuit_t *b, uint8_t purpose) return 1; if (CIRCUIT_IS_ORIGIN(b) && TO_ORIGIN_CIRCUIT(b)->build_state->is_internal) + /* XXX023 what the heck is this internal thing doing here. I + * think we can get rid of it. circuit_is_acceptable() already + * makes sure that is_internal is exactly what we need it to + * be. -RD */ return 1; } break; @@ -511,7 +515,7 @@ circuit_stream_is_being_handled(edge_connection_t *conn, if (exitrouter && (!need_uptime || build_state->need_uptime)) { int ok; if (conn) { - ok = connection_ap_can_use_exit(conn, exitrouter, 0); + ok = connection_ap_can_use_exit(conn, exitrouter); } else { addr_policy_result_t r = compare_addr_to_addr_policy( 0, port, exitrouter->exit_policy); @@ -1291,9 +1295,10 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn, * refactor into a single function? */ routerinfo_t *router = router_get_by_nickname(conn->chosen_exit_name, 1); int opt = conn->chosen_exit_optional; - if (router && !connection_ap_can_use_exit(conn, router, 0)) { + if (router && !connection_ap_can_use_exit(conn, router)) { log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP, - "Requested exit point '%s' would refuse request. %s.", + "Requested exit point '%s' is excluded or " + "would refuse request. %s.", conn->chosen_exit_name, opt ? "Trying others" : "Closing"); if (opt) { conn->chosen_exit_optional = 0; @@ -1611,9 +1616,10 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn) } return -1; } - if (router && !connection_ap_can_use_exit(conn, router, 0)) { + if (router && !connection_ap_can_use_exit(conn, router)) { log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP, - "Requested exit point '%s' would refuse request. %s.", + "Requested exit point '%s' is excluded or " + "would refuse request. %s.", conn->chosen_exit_name, opt ? "Trying others" : "Closing"); if (opt) { conn->chosen_exit_optional = 0; diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 1ee57ab..082cd5f 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -3044,15 +3044,9 @@ connection_edge_is_rendezvous_stream(edge_connection_t *conn) * to exit from it, or 0 if it probably will not allow it. * (We might be uncertain if conn's destination address has not yet been * resolved.) - * - * If excluded_means_no is 1 and Exclude*Nodes is set and excludes - * this relay, return 0. - * XXX022-1090 This StrictNodes business needs more work, a la bug 1090. See - * also git commit ef81649d. */ int -connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit, - int excluded_means_no) +connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit) { or_options_t *options = get_options(); @@ -3102,17 +3096,8 @@ connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit, return 0; } if (options->_ExcludeExitNodesUnion && - (options->StrictNodes || excluded_means_no) && routerset_contains_router(options->_ExcludeExitNodesUnion, exit)) { - /* If we are trying to avoid this node as exit, and we have StrictNodes - * set, then this is not a suitable exit. Refuse it. - * - * If we don't have StrictNodes set, then this function gets called in - * two contexts. First, we've got a circuit open and we want to know - * whether we can use it. In that case, we somehow built this circuit - * despite having the last hop in ExcludeExitNodes, so we should be - * willing to use it. Second, we are evaluating whether this is an - * acceptable exit for a new circuit. In that case, skip it. */ + /* Not a suitable exit. Refuse it. */ return 0; } diff --git a/src/or/connection_edge.h b/src/or/connection_edge.h index c4ae467..70d0dd2 100644 --- a/src/or/connection_edge.h +++ b/src/or/connection_edge.h @@ -47,8 +47,7 @@ int connection_exit_begin_conn(cell_t *cell, circuit_t *circ); int connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ); void connection_exit_connect(edge_connection_t *conn); int connection_edge_is_rendezvous_stream(edge_connection_t *conn); -int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit, - int excluded_means_no); +int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit); void connection_ap_expire_beginning(void); void connection_ap_attach_pending(void); void connection_ap_fail_onehop(const char *failed_digest,

1 0

[tor/maint-0.2.2] warn if we launch too many circuits for a given stream
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit f7a5bc16d689e8b919285c66cd0f07a6694bcc69 Author: Roger Dingledine <arma(a)torproject.org> Date: Tue Apr 26 22:18:01 2011 -0400 warn if we launch too many circuits for a given stream --- changes/bug1090-launch-warning | 5 +++++ src/or/circuituse.c | 13 ++++++++++++- src/or/or.h | 7 +++++++ 3 files changed, 24 insertions(+), 1 deletions(-) diff --git a/changes/bug1090-launch-warning b/changes/bug1090-launch-warning new file mode 100644 index 0000000..3f3fbcb --- /dev/null +++ b/changes/bug1090-launch-warning @@ -0,0 +1,5 @@ + o Minor features: + - Keep track of how many times we launch a new circuit to handle + a given stream. Too many launches could indicate an inconsistency + between our "launch a circuit to handle this stream" logic and our + "attach our stream to one of the available circuits" logic. diff --git a/src/or/circuituse.c b/src/or/circuituse.c index cc4a739..fd1cf6b 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1409,7 +1409,18 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn, extend_info_free(extend_info); - if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL) { + if (desired_circuit_purpose == CIRCUIT_PURPOSE_C_GENERAL) { + /* We just caused a circuit to get built because of this stream. + * If this stream has caused a _lot_ of circuits to be built, that's + * a bad sign: we should tell the user. */ + if (conn->num_circuits_launched < NUM_CIRCUITS_LAUNCHED_THRESHOLD && + ++conn->num_circuits_launched == NUM_CIRCUITS_LAUNCHED_THRESHOLD) + log_warn(LD_BUG, "The application request to %s:%d has launched " + "%d circuits without finding one it likes.", + escaped_safe_str_client(conn->socks_request->address), + conn->socks_request->port, + conn->num_circuits_launched); + } else { /* help predict this next time */ rep_hist_note_used_internal(time(NULL), need_uptime, 1); if (circ) { diff --git a/src/or/or.h b/src/or/or.h index 50a1223..7d354c8 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1151,6 +1151,13 @@ typedef struct edge_connection_t { * already retried several times. */ uint8_t num_socks_retries; +#define NUM_CIRCUITS_LAUNCHED_THRESHOLD 10 + /** Number of times we've launched a circuit to handle this stream. If + * it gets too high, that could indicate an inconsistency between our + * "launch a circuit to handle this stream" logic and our "attach our + * stream to one of the available circuits" logic. */ + unsigned int num_circuits_launched:4; + /** True iff this connection is for a DNS request only. */ unsigned int is_dns_request:1;

1 0

[tor/maint-0.2.2] Merge remote-tracking branch 'arma/bug1090-part1-squashed' into bug1090-part1-squashed
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 99621bc5a629a81a5a823ce21ac3d967443d0e12 Merge: 8f6cb93 0c40dda Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Apr 27 13:45:28 2011 -0400 Merge remote-tracking branch 'arma/bug1090-part1-squashed' into bug1090-part1-squashed src/or/rendclient.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-)

1 0

[tor/maint-0.2.2] don't exit enclave to excluded relays
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 719b5b87dee4910bb3e2d29db6e2012416f60d3d Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 03:57:01 2011 -0500 don't exit enclave to excluded relays --- src/or/routerlist.c | 6 +++++- 1 files changed, 5 insertions(+), 1 deletions(-) diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 29e2e96..523596d 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1538,6 +1538,8 @@ routerlist_find_my_routerinfo(void) /** Find a router that's up, that has this IP address, and * that allows exit to this address:port, or return NULL if there * isn't a good one. + * Don't exit enclave to excluded relays -- it wouldn't actually + * hurt anything, but this way there are fewer confused users. */ routerinfo_t * router_find_exact_exit_enclave(const char *address, uint16_t port) @@ -1545,6 +1547,7 @@ router_find_exact_exit_enclave(const char *address, uint16_t port) uint32_t addr; struct in_addr in; tor_addr_t a; + or_options_t *options = get_options(); if (!tor_inet_aton(address, &in)) return NULL; /* it's not an IP already */ @@ -1557,7 +1560,8 @@ router_find_exact_exit_enclave(const char *address, uint16_t port) if (router->addr == addr && router->is_running && compare_tor_addr_to_addr_policy(&a, port, router->exit_policy) == - ADDR_POLICY_ACCEPTED) + ADDR_POLICY_ACCEPTED && + !routerset_contains_router(options->_ExcludeExitNodesUnion, router)) return router; }); return NULL;

1 0

[tor/maint-0.2.2] make formal a constraint that's been true a while now
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 9f47cfc21a8fa91b98a48291c316121135fa3f17 Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 05:39:26 2011 -0500 make formal a constraint that's been true a while now --- src/or/config.c | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index bd904dc..404e648 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3189,6 +3189,12 @@ options_validate(or_options_t *old_options, or_options_t *options, REJECT("Servers must be able to freely connect to the rest " "of the Internet, so they must not set UseBridges."); + /* If both of these are set, we'll end up with funny behavior where we + * demand enough entrynodes be up and running else we won't build + * circuits, yet we never actually use them. */ + if (options->UseBridges && options->EntryNodes) + REJECT("You cannot set both UseBridges and EntryNodes."); + options->_AllowInvalid = 0; if (options->AllowInvalidNodes) { SMARTLIST_FOREACH(options->AllowInvalidNodes, const char *, cp, {

1 0

[tor/maint-0.2.2] refuse moria1.exit if moria1 is excluded
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 2b5c39211c2259404ab9bc23a1788b6d529e838f Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 05:29:28 2011 -0500 refuse moria1.exit if moria1 is excluded add a note reminding us to do this for foo.moria1.exit if we decide to. --- src/or/connection_edge.c | 11 +++++++++-- 1 files changed, 9 insertions(+), 2 deletions(-) diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index fff42be..4c74426 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -1610,6 +1610,10 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn, tor_assert(!automap); if (s) { if (s[1] != '\0') { + /* XXX022-1090 we should look this up as a relay and see if it's + * in our excluded set, and refuse it here if so. But first, + * figure out what's up with this 'remapped_to_exit' business + * and whether that needs careful treatment. -RD */ conn->chosen_exit_name = tor_strdup(s+1); if (remapped_to_exit) /* 5 tries before it expires the addressmap */ conn->chosen_exit_retries = TRACKHOSTEXITS_RETRIES; @@ -1627,11 +1631,14 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn, conn->chosen_exit_name = tor_strdup(socks->address); r = router_get_by_nickname(conn->chosen_exit_name, 1); *socks->address = 0; - if (r) { + if (r && (!options->_ExcludeExitNodesUnion || + !routerset_contains_router(options->_ExcludeExitNodesUnion, + r))) { strlcpy(socks->address, r->address, sizeof(socks->address)); } else { log_warn(LD_APP, - "Unrecognized server in exit address '%s.exit'. Refusing.", + "%s relay in exit address '%s.exit'. Refusing.", + r ? "Excluded" : "Unrecognized", safe_str_client(socks->address)); connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL); return -1;

1 0

[tor/maint-0.2.2] note another case where strictnodes is considered for exits
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit bcea155ce0999d19b596a24edd359d1fc0dbe380 Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 04:36:24 2011 -0500 note another case where strictnodes is considered for exits --- src/or/connection_edge.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 72e2c8a..fff42be 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -2969,6 +2969,8 @@ connection_edge_is_rendezvous_stream(edge_connection_t *conn) * * If excluded_means_no is 1 and Exclude*Nodes is set and excludes * this relay, return 0. + * XXX022-1090 This StrictNodes business needs more work, a la bug 1090. See + * also git commit ef81649d. */ int connection_ap_can_use_exit(edge_connection_t *conn, routerinfo_t *exit,

1 0

[tor/maint-0.2.2] If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes.
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 0ad3836f73cbb6f0aa8b643c43e799d69d378aea Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 04:35:08 2011 -0500 If ExitNodes and Exclude{Exit}Nodes overlap, obey Exclude{Exit}Nodes. Also, ExitNodes are always strict. --- src/or/circuitbuild.c | 56 ++++++++++++++++++++++-------------------------- src/or/routerlist.c | 4 +++ src/or/routerlist.h | 2 + 3 files changed, 32 insertions(+), 30 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 86406cb..b8a82e8 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -2685,13 +2685,29 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, n_supported[i] = -1; continue; /* skip routers that are known to be down or bad exits */ } + + if (options->_ExcludeExitNodesUnion && + routerset_contains_router(options->_ExcludeExitNodesUnion, router)) { + n_supported[i] = -1; + continue; /* user asked us not to use it, no matter what */ + } + if (options->ExitNodes && + !routerset_contains_router(options->ExitNodes, router)) { + n_supported[i] = -1; + continue; /* not one of our chosen exit nodes */ + } + if (router_is_unreliable(router, need_uptime, need_capacity, 0) && - (!options->ExitNodes || - !routerset_contains_router(options->ExitNodes, router))) { + !options->ExitNodes) { /* FFFF Someday, differentiate between a routerset that names * routers, and a routerset that names countries, and only do this * check if they've asked for specific exit relays. Or if the country * they ask for is rare. Or something. */ + /* XXX022-1090 We need to pick a tradeoff here: if we throw it out because + * it's unreliable, users might end up with no exit options even + * though some options are up. If we don't throw it out, users who + * set ExitNodes will have partitioning problems because they'll be + * the only folks willing to use this node. */ n_supported[i] = -1; continue; /* skip routers that are not suitable, unless we have * ExitNodes set, in which case we asked for it */ @@ -2753,21 +2769,13 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, /* If any routers definitely support any pending connections, choose one * at random. */ if (best_support > 0) { - smartlist_t *supporting = smartlist_create(), *use = smartlist_create(); + smartlist_t *supporting = smartlist_create(); for (i = 0; i < smartlist_len(dir->routers); i++) if (n_supported[i] == best_support) smartlist_add(supporting, smartlist_get(dir->routers, i)); - routersets_get_disjunction(use, supporting, options->ExitNodes, - options->_ExcludeExitNodesUnion, 1); - if (smartlist_len(use) == 0 && options->ExitNodes && - !options->StrictNodes) { /* give up on exitnodes and try again */ - routersets_get_disjunction(use, supporting, NULL, - options->_ExcludeExitNodesUnion, 1); - } - router = routerlist_sl_choose_by_bandwidth(use, WEIGHT_FOR_EXIT); - smartlist_free(use); + router = routerlist_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT); smartlist_free(supporting); } else { /* Either there are no pending connections, or no routers even seem to @@ -2775,7 +2783,7 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, * at least one predicted exit port. */ int attempt; - smartlist_t *needed_ports, *supporting, *use; + smartlist_t *needed_ports, *supporting; if (best_support == -1) { if (need_uptime || need_capacity) { @@ -2792,7 +2800,6 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, options->_ExcludeExitNodesUnion ? " or are Excluded" : ""); } supporting = smartlist_create(); - use = smartlist_create(); needed_ports = circuit_get_unhandled_ports(time(NULL)); for (attempt = 0; attempt < 2; attempt++) { /* try once to pick only from routers that satisfy a needed port, @@ -2807,25 +2814,13 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, } } - routersets_get_disjunction(use, supporting, options->ExitNodes, - options->_ExcludeExitNodesUnion, 1); - if (smartlist_len(use) == 0 && options->ExitNodes && - !options->StrictNodes) { /* give up on exitnodes and try again */ - routersets_get_disjunction(use, supporting, NULL, - options->_ExcludeExitNodesUnion, 1); - } - /* FFF sometimes the above results in null, when the requested - * exit node is considered down by the consensus. we should pick - * it anyway, since the user asked for it. */ - router = routerlist_sl_choose_by_bandwidth(use, WEIGHT_FOR_EXIT); + router = routerlist_sl_choose_by_bandwidth(supporting, WEIGHT_FOR_EXIT); if (router) break; smartlist_clear(supporting); - smartlist_clear(use); } SMARTLIST_FOREACH(needed_ports, uint16_t *, cp, tor_free(cp)); smartlist_free(needed_ports); - smartlist_free(use); smartlist_free(supporting); } @@ -2834,10 +2829,11 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime, log_info(LD_CIRC, "Chose exit server '%s'", router->nickname); return router; } - if (options->ExitNodes && options->StrictNodes) { + if (options->ExitNodes) { log_warn(LD_CIRC, - "No specified exit routers seem to be running, and " - "StrictNodes is set: can't choose an exit."); + "No specified %sexit routers seem to be running: " + "can't choose an exit.", + options->_ExcludeExitNodesUnion ? "non-excluded " : ""); } return NULL; } diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 523596d..a9a216b 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -5473,12 +5473,14 @@ routerset_needs_geoip(const routerset_t *set) return set && smartlist_len(set->country_names); } +#if 0 /** Return true iff there are no entries in set. */ static int routerset_is_empty(const routerset_t *set) { return !set || smartlist_len(set->list) == 0; } +#endif /** Helper. Return true iff set contains a router based on the other * provided fields. Return higher values for more specific subentries: a @@ -5594,6 +5596,7 @@ routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset, } } +#if 0 /** Add to target every routerinfo_t from source except: * * 1) Don't add it if include is non-empty and the relay isn't in @@ -5624,6 +5627,7 @@ routersets_get_disjunction(smartlist_t *target, } }); } +#endif /** Remove every routerinfo_t from lst that is in routerset. */ void diff --git a/src/or/routerlist.h b/src/or/routerlist.h index cd0eb95..3bbdc42 100644 --- a/src/or/routerlist.h +++ b/src/or/routerlist.h @@ -175,9 +175,11 @@ int routerset_contains_extendinfo(const routerset_t *set, void routerset_get_all_routers(smartlist_t *out, const routerset_t *routerset, const routerset_t *excludeset, int running_only); +#if 0 void routersets_get_disjunction(smartlist_t *target, const smartlist_t *source, const routerset_t *include, const routerset_t *exclude, int running_only); +#endif void routerset_subtract_routers(smartlist_t *out, const routerset_t *routerset); char *routerset_to_string(const routerset_t *routerset);

1 0

[tor/maint-0.2.2] the new entrynodes behavior is always strict
by nickm＠torproject.org 27 Apr '11

27 Apr '11

commit 5d12495d982d076b74ca2c0c88b78b00d2810e71 Author: Roger Dingledine <arma(a)torproject.org> Date: Fri Mar 11 04:21:25 2011 -0500 the new entrynodes behavior is always strict --- src/or/circuitbuild.c | 36 +++++++++++------------------------- 1 files changed, 11 insertions(+), 25 deletions(-) diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index ebbda21..86406cb 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -4006,14 +4006,10 @@ entry_guards_prepend_from_config(or_options_t *options) SMARTLIST_FOREACH(entry_routers, routerinfo_t *, ri, { add_an_entry_guard(ri, 0); }); - /* Finally, the remaining previously configured guards that are not in - * EntryNodes, unless we're strict in which case we drop them */ - if (options->StrictNodes) { - SMARTLIST_FOREACH(old_entry_guards_not_on_list, entry_guard_t *, e, - entry_guard_free(e)); - } else { - smartlist_add_all(entry_guards, old_entry_guards_not_on_list); - } + /* Finally, free the remaining previously configured guards that are not in + * EntryNodes. */ + SMARTLIST_FOREACH(old_entry_guards_not_on_list, entry_guard_t *, e, + entry_guard_free(e)); smartlist_free(entry_routers); smartlist_free(entry_fps); @@ -4024,7 +4020,7 @@ entry_guards_prepend_from_config(or_options_t *options) /** Return 0 if we're fine adding arbitrary routers out of the * directory to our entry guard list, or return 1 if we have a - * list already and we'd prefer to stick to it. + * list already and we must stick to it. */ int entry_list_is_constrained(or_options_t *options) @@ -4036,18 +4032,6 @@ entry_list_is_constrained(or_options_t *options) return 0; } -/* Are we dead set against changing our entry guard list, or would we - * change it if it means keeping Tor usable? */ -static int -entry_list_is_totally_static(or_options_t *options) -{ - if (options->EntryNodes && options->StrictNodes) - return 1; - if (options->UseBridges) - return 1; - return 0; -} - /** Pick a live (up and listed) entry guard from entry_guards. If * state is non-NULL, this is for a specific circuit -- * make sure not to pick this circuit's exit or any node in the @@ -4092,6 +4076,7 @@ choose_random_entry(cpath_build_state_t *state) continue; /* don't pick the same node for entry and exit */ if (consider_exit_family && smartlist_isin(exit_family, r)) continue; /* avoid relays that are family members of our exit */ +#if 0 /* since EntryNodes is always strict now, this clause is moot */ if (options->EntryNodes && !routerset_contains_router(options->EntryNodes, r)) { /* We've come to the end of our preferred entry nodes. */ @@ -4106,6 +4091,7 @@ choose_random_entry(cpath_build_state_t *state) "No relays from EntryNodes available. Using others."); } } +#endif smartlist_add(live_entry_guards, r); if (!entry->made_contact) { /* Always start with the first not-yet-contacted entry @@ -4131,7 +4117,7 @@ choose_random_entry(cpath_build_state_t *state) } if (smartlist_len(live_entry_guards) < preferred_min) { - if (!entry_list_is_totally_static(options)) { + if (!entry_list_is_constrained(options)) { /* still no? try adding a new entry then */ /* XXX if guard doesn't imply fast and stable, then we need * to tell add_an_entry_guard below what we want, or it might @@ -4157,9 +4143,9 @@ choose_random_entry(cpath_build_state_t *state) goto retry; } if (!r && entry_list_is_constrained(options) && consider_exit_family) { - /* still no? if we're using bridges or have StrictNodes - * set, and our chosen exit is in the same family as all our - * bridges/entry guards, then be flexible about families. */ + /* still no? if we're using bridges, + * and our chosen exit is in the same family as all our + * bridges, then be flexible about families. */ consider_exit_family = 0; goto retry; }

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits