Make all begindir or one-hop circuits internal

This solves bug 5283, where client traffic could get sent over the
same circuit as an anonymized connection to a directory, even if
that circuit used an exit node unsuitable for clients.  By marking
the directory connection as needs_internal, we ensure that the
(non-internal!) client-traffic connection won't be sent over the
same circuit.

diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 0ad8b3b51bc2a3f0344e2bdb90838ea1044d7829..df33f63bb9f71a15b301dc7ede9293b8ecf8194b 100644 (file)
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1229,7 +1229,13 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
   need_uptime = !conn->want_onehop && !conn->use_begindir &&
                 smartlist_string_num_isin(options->LongLivedPorts,
                                           conn->socks_request->port);
-  need_internal = desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL;
+
+  if (desired_circuit_purpose != CIRCUIT_PURPOSE_C_GENERAL)
+    need_internal = 1;
+  else if (conn->use_begindir || conn->want_onehop)
+    need_internal = 1;
+  else
+    need_internal = 0;
 
   circ = circuit_get_best(conn, 1, desired_circuit_purpose,
                           need_uptime, need_internal);