MAX_REND_FAILURES is 1, but we would try three times

Fix an "off by 2" error in counting rendezvous failures on the onion
service side.

While we thought we would stop the rendezvous attempt after one failed
circuit, we were actually making three circuit attempts before giving up.

Fixes bug 24895; bugfix on 0.0.6.

diff --git a/changes/bug24895 b/changes/bug24895
new file mode 100644 (file)
index 0000000..7b90f6d
--- /dev/null
+++ b/changes/bug24895
@@ -0,0 +1,6 @@
+  o Major bugfixes (onion services):
+    - Fix an "off by 2" error in counting rendezvous failures on the
+      onion service side. While we thought we would stop the rendezvous
+      attempt after one failed circuit, we were actually making three
+      circuit attempts before giving up. Fixes bug 24895; bugfix on 0.0.6.
+

diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index a8c383444da171141d2438bbaccf5aba58460c44..acc431a5771f6e2f56c86b3dc017560b6314f398 100644 (file)
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -2930,8 +2930,11 @@ rend_service_relaunch_rendezvous(origin_circuit_t *oldcirc)
   }
   oldcirc->hs_service_side_rend_circ_has_been_relaunched = 1;
 
+  /* We check failure_count >= MAX_REND_FAILURES-1 below rather than
+   * failure_count >= MAX_REND_FAILURES, because we increment the failure
+   * count for our current failure *after* this clause. */
   if (!oldcirc->build_state ||
-      oldcirc->build_state->failure_count > MAX_REND_FAILURES ||
+      oldcirc->build_state->failure_count >= MAX_REND_FAILURES-1 ||
       oldcirc->build_state->expiry_time < time(NULL)) {
     log_info(LD_REND,
              "Attempt to build circuit to %s for rendezvous has failed "