[tor-commits] [tor/release-0.3.0] Improve descriptor checks in the new guard algorithm.

nickm at torproject.org nickm at torproject.org
Wed Mar 1 13:55:09 UTC 2017 

commit 18a98206ede334c7332c43dc9f0b812611273f37
Author: George Kadianakis <desnacked at riseup.net>
Date:   Wed Mar 1 12:38:12 2017 +0200

    Improve descriptor checks in the new guard algorithm.
    
    - Make sure we check at least two guards for descriptor before making
      circuits. We typically use the first primary guard for circuits, but
      it can also happen that we use the second primary guard (e.g. if we
      pick our first primary guard as an exit), so we should make sure we
      have descriptors for both of them.
    
    - Remove BUG() from the guard_has_descriptor() check since we now know
      that this can happen in rare but legitimate situations as well, and we
      should just move to the next guard in that case.
---
 changes/bug21415    |  4 ++++
 src/or/entrynodes.c | 12 +++++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/changes/bug21415 b/changes/bug21415
new file mode 100644
index 0000000..f0aa72f
--- /dev/null
+++ b/changes/bug21415
@@ -0,0 +1,4 @@
+  o Minor bugfix (entry guards):
+    - Silence a BUG() warning when attempting to use a guard whose descriptor
+      we don't know and make this scenario more unlikely to happen. Fixes bug
+      21415; bugfix on 0.3.0.1-alpha.
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 3e87147..729e4b0 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -1843,7 +1843,7 @@ select_entry_guard_for_circuit(guard_selection_t *gs,
     if (! entry_guard_obeys_restriction(guard, rst))
       continue;
     if (guard->is_reachable != GUARD_REACHABLE_NO) {
-      if (need_descriptor && BUG(!guard_has_descriptor(guard))) {
+      if (need_descriptor && !guard_has_descriptor(guard)) {
         continue;
       }
       *state_out = GUARD_CIRC_STATE_USABLE_ON_COMPLETION;
@@ -3357,9 +3357,15 @@ guard_selection_have_enough_dir_info_to_build_circuits(guard_selection_t *gs)
   if (!gs->primary_guards_up_to_date)
     entry_guards_update_primary(gs);
 
-  const int num_primary = get_n_primary_guards_to_use(GUARD_USAGE_TRAFFIC);
   int n_missing_descriptors = 0;
   int n_considered = 0;
+  int num_primary_to_check;
+
+  /* We want to check for the descriptor of at least the first two primary
+   * guards in our list, since these are the guards that we typically use for
+   * circuits. */
+  num_primary_to_check = get_n_primary_guards_to_use(GUARD_USAGE_TRAFFIC);
+  num_primary_to_check++;
 
   SMARTLIST_FOREACH_BEGIN(gs->primary_entry_guards, entry_guard_t *, guard) {
     entry_guard_consider_retry(guard);
@@ -3368,7 +3374,7 @@ guard_selection_have_enough_dir_info_to_build_circuits(guard_selection_t *gs)
     n_considered++;
     if (!guard_has_descriptor(guard))
       n_missing_descriptors++;
-    if (n_considered >= num_primary)
+    if (n_considered >= num_primary_to_check)
       break;
   } SMARTLIST_FOREACH_END(guard);

More information about the tor-commits mailing list