Add an (as yet) unused UseDeprecatedGuardAlgorithm_ option.

I expect we'll be ripping this out somewhere in 0.3.0, but let's
keep it around for a little while in case it turns out to be the
only way to avert disaster?

4 files changed, 48 insertions, 1 deletions

diff --git a/src/or/config.c b/src/or/config.c
index 79a5847b81..f77f4d1879 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -307,6 +307,10 @@ static config_var_t option_vars_[] = {
   V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"),
   V(ExtraInfoStatistics,         BOOL,     "1"),
   V(FallbackDir,                 LINELIST, NULL),
+  /* XXXX prop271 -- this has an ugly name to remind us to remove it. */
+  VAR("UseDeprecatedGuardAlgorithm_",        BOOL,
+      UseDeprecatedGuardAlgorithm, "0"),
+
   V(UseDefaultFallbackDirs,      BOOL,     "1"),
 
   OBSOLETE("FallbackNetworkstatusFile"),
@@ -4489,6 +4493,13 @@ options_transition_allowed(const or_options_t *old,
     return -1;
   }
 
+  if (old->UseDeprecatedGuardAlgorithm !=
+      new_val->UseDeprecatedGuardAlgorithm) {
+    *msg = tor_strdup("While Tor is running, changing "
+                      "UseDeprecatedGuardAlgorithm is not allowed.");
+    return -1;
+  }
+
   if (sandbox_is_active()) {
 #define SB_NOCHANGE_STR(opt)                                            \
     do {                                                                \
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 0e561478bf..959b4221c1 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -1315,6 +1315,9 @@ int
 entry_guard_succeeded(guard_selection_t *gs,
                       circuit_guard_state_t **guard_state_p)
 {
+  if (get_options()->UseDeprecatedGuardAlgorithm)
+    return 1;
+
   if (BUG(*guard_state_p == NULL))
     return -1;
 
@@ -1345,6 +1348,9 @@ int
 entry_guard_failed(guard_selection_t *gs,
                    circuit_guard_state_t **guard_state_p)
 {
+  if (get_options()->UseDeprecatedGuardAlgorithm)
+    return;
+
   if (BUG(*guard_state_p == NULL))
     return -1;
 
@@ -2490,6 +2496,9 @@ entry_guards_compute_status_for_guard_selection(guard_selection_t *gs,
   if ((!gs) || !(gs->chosen_entry_guards))
     return;
 
+  if (!get_options()->UseDeprecatedGuardAlgorithm)
+    return;
+
   if (options->EntryNodes) /* reshuffle the entry guard list if needed */
     entry_nodes_should_be_added();
 
@@ -2582,6 +2591,10 @@ entry_guard_register_connect_status_for_guard_selection(
     return 0;
   }
 
+  if (! get_options()->UseDeprecatedGuardAlgorithm) {
+    return 0;
+  }
+
   SMARTLIST_FOREACH_BEGIN(gs->chosen_entry_guards, entry_guard_t *, e) {
     tor_assert(e);
     if (tor_memeq(e->identity, digest, DIGEST_LEN)) {
@@ -2842,6 +2855,8 @@ entry_list_is_constrained(const or_options_t *options)
 const node_t *
 choose_random_entry(cpath_build_state_t *state)
 {
+  tor_assert(get_options()->UseDeprecatedGuardAlgorithm);
+
   return choose_random_entry_impl(get_guard_selection_info(),
                                   state, 0, NO_DIRINFO, NULL);
 }
@@ -2851,6 +2866,8 @@ choose_random_entry(cpath_build_state_t *state)
 const node_t *
 choose_random_dirguard(dirinfo_type_t type)
 {
+  tor_assert(get_options()->UseDeprecatedGuardAlgorithm);
+
   return choose_random_entry_impl(get_guard_selection_info(),
                                   NULL, 1, type, NULL);
 }
@@ -2861,6 +2878,8 @@ choose_random_dirguard(dirinfo_type_t type)
 int
 num_bridges_usable(void)
 {
+  tor_assert(get_options()->UseDeprecatedGuardAlgorithm);
+
   int n_options = 0;
   tor_assert(get_options()->UseBridges);
   (void) choose_random_entry_impl(get_guard_selection_info(),
diff --git a/src/or/or.h b/src/or/or.h
index eb0025d100..8282731eea 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4579,6 +4579,14 @@ typedef struct {
 
   /** If 1, we skip all OOS checks. */
   int DisableOOSCheck;
+
+  /** If 1, we use the old (pre-prop271) guard selection algorithm.
+   *
+   * XXXX prop271 This option is only here as a stopgap while we're
+   * XXXX tuning and debugging the new (post-prop271) algorithm.  Eventually
+   * we should remove it entirely.
+   */
+  int UseDeprecatedGuardAlgorithm;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index 8e90b000fc..65118594ea 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -212,6 +212,7 @@ test_choose_random_entry_no_guards(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientPreferIPv6ORPort = 0;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   /* Try to pick an entry even though none of our routers are guards. */
   chosen_entry = choose_random_entry(NULL);
@@ -236,6 +237,7 @@ test_choose_random_entry_no_guards(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 0;
   mocked_options.ClientPreferIPv6ORPort = 0;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
 
@@ -248,6 +250,7 @@ test_choose_random_entry_no_guards(void *arg)
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientUseIPv6 = 1;
   mocked_options.ClientPreferIPv6ORPort = 1;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
   tt_assert(chosen_entry);
@@ -257,6 +260,7 @@ test_choose_random_entry_no_guards(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientPreferIPv6ORPort = -1;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
   tt_assert(chosen_entry);
@@ -295,6 +299,7 @@ test_choose_random_entry_one_possible_guard(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientPreferIPv6ORPort = 0;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   /* Pick an entry. Make sure we pick the node we marked as guard. */
   chosen_entry = choose_random_entry(NULL);
@@ -315,6 +320,7 @@ test_choose_random_entry_one_possible_guard(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 0;
   mocked_options.ClientPreferIPv6ORPort = 0;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
 
@@ -327,6 +333,7 @@ test_choose_random_entry_one_possible_guard(void *arg)
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientUseIPv6 = 1;
   mocked_options.ClientPreferIPv6ORPort = 1;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
 
@@ -339,6 +346,7 @@ test_choose_random_entry_one_possible_guard(void *arg)
   memset(&mocked_options, 0, sizeof(mocked_options));
   mocked_options.ClientUseIPv4 = 1;
   mocked_options.ClientPreferIPv6ORPort = -1;
+  mocked_options.UseDeprecatedGuardAlgorithm = 1;
 
   chosen_entry = choose_random_entry(NULL);
 
@@ -701,6 +709,7 @@ static void
 test_entry_guards_set_from_config(void *arg)
 {
   or_options_t *options = get_options_mutable();
+  options->UseDeprecatedGuardAlgorithm = 1;
   guard_selection_t *gs = get_guard_selection_info();
   const smartlist_t *all_entry_guards =
     get_entry_guards_for_guard_selection(gs);
@@ -2177,7 +2186,7 @@ struct testcase_t entrynodes_tests[] = {
     TT_FORK, NULL, NULL },
   { "choose_random_entry_no_guards", test_choose_random_entry_no_guards,
     TT_FORK, &fake_network, NULL },
-  { "choose_random_entry_one_possibleguard",
+  { "choose_random_entry_one_possible_guard",
     test_choose_random_entry_one_possible_guard,
     TT_FORK, &fake_network, NULL },
   { "populate_live_entry_guards_1guard",