[tor/master] circuit: Add flags for IPv6 extends - tor-commits

9 Jun 2020

commit 9e7f51e469cd275ef519498945124fe5addc889f
Author: teor teor@riseup.net
Date:   Mon May 11 16:54:01 2020 +1000
circuit: Add flags for IPv6 extends
But don't implement the actual node selection yet.
Part of 33226.
---
 src/core/or/circuitbuild.c         | 12 ++++++++----
 src/core/or/circuitlist.c          |  4 ++--
 src/core/or/circuituse.c           | 17 ++++++++++++-----
 src/core/or/circuituse.h           | 16 +++++++++++-----
 src/core/or/cpath_build_state_st.h |  2 ++
 src/feature/relay/selftest.c       |  8 ++++++--
 6 files changed, 41 insertions(+), 18 deletions(-)

diff --git a/src/core/or/circuitbuild.c b/src/core/or/circuitbuild.c
index 8d5988b63..ba70c4753 100644
--- a/src/core/or/circuitbuild.c
+++ b/src/core/or/circuitbuild.c
@@ -439,7 +439,8 @@ onion_populate_cpath(origin_circuit_t *circ)
/** Create and return a new origin circuit. Initialize its purpose and
  * build-state based on our arguments.  The <b>flags</b> argument is a
- * bitfield of CIRCLAUNCH_* flags. */
+ * bitfield of CIRCLAUNCH_* flags, see circuit_launch_by_extend_info() for
+ * more details. */
 origin_circuit_t *
 origin_circuit_init(uint8_t purpose, int flags)
 {
@@ -455,13 +456,16 @@ origin_circuit_init(uint8_t purpose, int flags)
     ((flags & CIRCLAUNCH_NEED_CAPACITY) ? 1 : 0);
   circ->build_state->is_internal =
     ((flags & CIRCLAUNCH_IS_INTERNAL) ? 1 : 0);
+  circ->build_state->is_ipv6_selftest =
+    ((flags & CIRCLAUNCH_IS_IPV6_SELFTEST) ? 1 : 0);
   circ->base_.purpose = purpose;
   return circ;
 }
-/** Build a new circuit for <b>purpose</b>. If <b>exit</b>
- * is defined, then use that as your exit router, else choose a suitable
- * exit node.
+/** Build a new circuit for <b>purpose</b>. If <b>exit</b> is defined, then use
+ * that as your exit router, else choose a suitable exit node. The <b>flags</b>
+ * argument is a bitfield of CIRCLAUNCH_* flags, see
+ * circuit_launch_by_extend_info() for more details.
  *
  * Also launch a connection to the first OR in the chosen path, if
  * it's not open already.
diff --git a/src/core/or/circuitlist.c b/src/core/or/circuitlist.c
index ca174c442..bfee4104e 100644
--- a/src/core/or/circuitlist.c
+++ b/src/core/or/circuitlist.c
@@ -1943,8 +1943,8 @@ circuit_find_to_cannibalize(uint8_t purpose_to_produce, extend_info_t *info,
       }
/* Ignore any circuits for which we can't use the Guard. It is possible
-       * that the Guard was removed from the samepled set after the circuit
-       * was created so avoid using it. */
+       * that the Guard was removed from the sampled set after the circuit
+       * was created, so avoid using it. */
       if (!entry_guard_could_succeed(circ->guard_state)) {
         goto next;
       }
diff --git a/src/core/or/circuituse.c b/src/core/or/circuituse.c
index 46ebcc5dc..71063dc72 100644
--- a/src/core/or/circuituse.c
+++ b/src/core/or/circuituse.c
@@ -2092,11 +2092,18 @@ circuit_should_cannibalize_to_build(uint8_t purpose_to_build,
 }
/** Launch a new circuit with purpose <b>purpose</b> and exit node
- * <b>extend_info</b> (or NULL to select a random exit node).  If flags
- * contains CIRCLAUNCH_NEED_UPTIME, choose among routers with high uptime.  If
- * CIRCLAUNCH_NEED_CAPACITY is set, choose among routers with high bandwidth.
- * If CIRCLAUNCH_IS_INTERNAL is true, the last hop need not be an exit node.
- * If CIRCLAUNCH_ONEHOP_TUNNEL is set, the circuit will have only one hop.
+ * <b>extend_info</b> (or NULL to select a random exit node).
+ *
+ * If flags contains:
+ *  - CIRCLAUNCH_ONEHOP_TUNNEL: the circuit will have only one hop;
+ *  - CIRCLAUNCH_NEED_UPTIME: choose routers with high uptime;
+ *  - CIRCLAUNCH_NEED_CAPACITY: choose routers with high bandwidth;
+ *  - CIRCLAUNCH_IS_IPV6_SELFTEST: the second-last hop must support IPv6
+ *                                 extends;
+ *  - CIRCLAUNCH_IS_INTERNAL: the last hop need not be an exit node;
+ *  - CIRCLAUNCH_IS_V3_RP: the last hop must support v3 onion service
+ *                         rendezvous.
+ *
  * Return the newly allocated circuit on success, or NULL on failure. */
 origin_circuit_t *
 circuit_launch_by_extend_info(uint8_t purpose,
diff --git a/src/core/or/circuituse.h b/src/core/or/circuituse.h
index 95d36d647..028fe4aa4 100644
--- a/src/core/or/circuituse.h
+++ b/src/core/or/circuituse.h
@@ -36,17 +36,23 @@ void circuit_try_attaching_streams(origin_circuit_t *circ);
 void circuit_build_failed(origin_circuit_t *circ);
/** Flag to set when a circuit should have only a single hop. */
-#define CIRCLAUNCH_ONEHOP_TUNNEL  (1<<0)
+#define CIRCLAUNCH_ONEHOP_TUNNEL    (1<<0)
 /** Flag to set when a circuit needs to be built of high-uptime nodes */
-#define CIRCLAUNCH_NEED_UPTIME    (1<<1)
+#define CIRCLAUNCH_NEED_UPTIME      (1<<1)
 /** Flag to set when a circuit needs to be built of high-capacity nodes */
-#define CIRCLAUNCH_NEED_CAPACITY  (1<<2)
+#define CIRCLAUNCH_NEED_CAPACITY    (1<<2)
 /** Flag to set when the last hop of a circuit doesn't need to be an
  * exit node. */
-#define CIRCLAUNCH_IS_INTERNAL    (1<<3)
+#define CIRCLAUNCH_IS_INTERNAL      (1<<3)
 /** Flag to set when we are trying to launch a v3 rendezvous circuit. We need
  *  to apply some additional filters on the node picked. */
-#define CIRCLAUNCH_IS_V3_RP (1<<4)
+#define CIRCLAUNCH_IS_V3_RP         (1<<4)
+/** Flag to set when we are trying to launch a self-testing circuit to our
+ *  IPv6 ORPort. We need to apply some additional filters on the second-last
+ *  node in the circuit. (We are both the client and the last node in the
+ *  circuit.) */
+#define CIRCLAUNCH_IS_IPV6_SELFTEST (1<<5)
+
 origin_circuit_t *circuit_launch_by_extend_info(uint8_t purpose,
                                                 extend_info_t *info,
                                                 int flags);
diff --git a/src/core/or/cpath_build_state_st.h b/src/core/or/cpath_build_state_st.h
index ee9a0d972..eb8e97edc 100644
--- a/src/core/or/cpath_build_state_st.h
+++ b/src/core/or/cpath_build_state_st.h
@@ -24,6 +24,8 @@ struct cpath_build_state_t {
   unsigned int need_capacity : 1;
   /** Whether the last hop was picked with exiting in mind. */
   unsigned int is_internal : 1;
+  /** Is this an IPv6 ORPort self-testing circuit? */
+  unsigned int is_ipv6_selftest : 1;
   /** Did we pick this as a one-hop tunnel (not safe for other streams)?
    * These are for encrypted dir conns that exit to this router, not
    * for arbitrary exits from the circuit. */
diff --git a/src/feature/relay/selftest.c b/src/feature/relay/selftest.c
index e311c08ec..ae5633bfb 100644
--- a/src/feature/relay/selftest.c
+++ b/src/feature/relay/selftest.c
@@ -190,15 +190,19 @@ router_do_orport_reachability_checks(const routerinfo_t *me,
                                      int orport_reachable)
 {
   extend_info_t *ei = extend_info_from_router(me, family);
+  int ipv6_flags = (family == AF_INET6 ? CIRCLAUNCH_IS_IPV6_SELFTEST : 0);
-  /* If we don't have an IPv6 ORPort, ei will be NULL. */
+  /* If we're trying to test IPv6, but we don't have an IPv6 ORPort, ei will
+   * be NULL. */
   if (ei) {
     const char *family_name = fmt_af_family(family);
     log_info(LD_CIRC, "Testing %s of my %s ORPort: %s.",
              !orport_reachable ? "reachability" : "bandwidth",
              family_name, fmt_addrport(&ei->addr, ei->port));
     circuit_launch_by_extend_info(CIRCUIT_PURPOSE_TESTING, ei,
-                            CIRCLAUNCH_NEED_CAPACITY|CIRCLAUNCH_IS_INTERNAL);
+                                  CIRCLAUNCH_NEED_CAPACITY|
+                                  CIRCLAUNCH_IS_INTERNAL|
+                                  ipv6_flags);
     extend_info_free(ei);
   }
 }

    