summaryrefslogtreecommitdiff
path: root/src/or/dirserv.c
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2007-03-10 05:43:35 +0000
committerRoger Dingledine <arma@torproject.org>2007-03-10 05:43:35 +0000
commita24779216990b7490a1f62bfc411e3a113895b1d (patch)
tree447ab9d813e23f381a923ecc50faa14b937efc65 /src/or/dirserv.c
parentdf3a539d034366a021af44cca9330d42d6cff7cb (diff)
downloadtor-a24779216990b7490a1f62bfc411e3a113895b1d.tar.gz
tor-a24779216990b7490a1f62bfc411e3a113895b1d.zip
Directory authorities now call routers stable if they have an
uptime of at least 30 days, even if that's not the median uptime in the network. Implements proposal 1xx, suggested by Kevin Bauer and Damon McCoy. svn:r9788
Diffstat (limited to 'src/or/dirserv.c')
-rw-r--r--src/or/dirserv.c16
1 files changed, 13 insertions, 3 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d55dc8e2f3..cc85d090f6 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1364,6 +1364,13 @@ should_generate_v2_networkstatus(void)
the_v2_networkstatus_is_dirty + DIR_REGEN_SLACK_TIME < time(NULL);
}
+/** If a router's uptime is at least this value, then it is always
+ * considered stable, regardless of the rest of the network. This
+ * way we resist attacks where an attacker doubles the size of the
+ * network using allegedly high-uptime nodes, displacing all the
+ * current guards. */
+#define UPTIME_TO_GUARANTEE_STABLE (3600*24*30)
+
/* Thresholds for server performance: set by
* dirserv_compute_performance_thresholds, and used by
* generate_v2_networkstatus */
@@ -1395,9 +1402,12 @@ dirserv_thinks_router_is_unreliable(time_t now,
routerinfo_t *router,
int need_uptime, int need_capacity)
{
- if (need_uptime &&
- (unsigned)real_uptime(router, now) < stable_uptime)
- return 1;
+ if (need_uptime) {
+ int uptime = real_uptime(router, now);
+ if ((unsigned)uptime < stable_uptime &&
+ (unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
+ return 1;
+ }
if (need_capacity &&
router_get_advertised_bandwidth(router) < fast_bandwidth)
return 1;