Extend intro point to a 4th hop on cannibalization

Fixes #16260

Signed-off-by: David Goulet <dgoulet@ev0ke.net>

diff --git a/changes/bug16260 b/changes/bug16260
new file mode 100644 (file)
index 0000000..a75cb1d
--- /dev/null
+++ b/changes/bug16260
@@ -0,0 +1,11 @@
+  o Minor bugfix (Hidden service)
+    - When cannibalizing a circuit for an introduction point, always extend
+      to the chosen exit node creating a 4 hop circuit instead of using the
+      current circuit exit node which resulted in changing the original
+      intro point choice. This resulted in the hidden service skipping
+      excluded nodes like for instance reconnecting to an expired intro
+      point.; Fixes #16260; bugfixes on tor-0.1.0.1-rc~460.
+
+      This is particularly important for the introduction point retry
+      behavior (#8239) since cannibalization is allowed, which is desired,
+      so it's important to pin the chosen exit point.

diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 28c70ad22c580a948a34f008f4aa2d33c207f2b3..69d0f76a1a384fb9c241ec5dca11d06b0567f527 100644 (file)
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1766,12 +1766,12 @@ circuit_launch_by_extend_info(uint8_t purpose,
 
       switch (purpose) {
         case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
-        case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO:
           /* it's ready right now */
           break;
         case CIRCUIT_PURPOSE_C_INTRODUCING:
         case CIRCUIT_PURPOSE_S_CONNECT_REND:
         case CIRCUIT_PURPOSE_C_GENERAL:
+        case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO:
           /* need to add a new hop */
           tor_assert(extend_info);
           if (circuit_extend_to_new_exit(circ, extend_info) < 0)

diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index c857d4cc8710135498aaf9e3ac5b4a78367de963..89f95d7a006ce4d86434b0d7a5166295b45fd02c 100644 (file)
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -2765,21 +2765,10 @@ rend_service_launch_establish_intro(rend_service_t *service,
              safe_str_client(extend_info_describe(intro->extend_info)));
     return -1;
   }
-
-  if (tor_memneq(intro->extend_info->identity_digest,
-      launched->build_state->chosen_exit->identity_digest, DIGEST_LEN)) {
-    char cann[HEX_DIGEST_LEN+1], orig[HEX_DIGEST_LEN+1];
-    base16_encode(cann, sizeof(cann),
-                  launched->build_state->chosen_exit->identity_digest,
-                  DIGEST_LEN);
-    base16_encode(orig, sizeof(orig),
-                  intro->extend_info->identity_digest, DIGEST_LEN);
-    log_info(LD_REND, "The intro circuit we just cannibalized ends at $%s, "
-                      "but we requested an intro circuit to $%s. Updating "
-                      "our service.", cann, orig);
-    extend_info_free(intro->extend_info);
-    intro->extend_info = extend_info_dup(launched->build_state->chosen_exit);
-  }
+  /* We must have the same exit node even if cannibalized. */
+  tor_assert(tor_memeq(intro->extend_info->identity_digest,
+                       launched->build_state->chosen_exit->identity_digest,
+                       DIGEST_LEN));
 
   launched->rend_data = rend_data_service_create(service->service_id,
                                                  service->pk_digest, NULL,