summaryrefslogtreecommitdiff
path: root/src/or/entrynodes.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2016-12-08 10:02:19 -0500
committerNick Mathewson <nickm@torproject.org>2016-12-16 11:06:22 -0500
commit2e2f3a4d99885c0d348024dc85ed6ef064a62ace (patch)
tree2f0b6154a5e0ec5a545ff7d79c04c61b7d131dce /src/or/entrynodes.c
parente50d85b90cb3fbc562517c11ded12940682ffec0 (diff)
downloadtor-2e2f3a4d99885c0d348024dc85ed6ef064a62ace.tar.gz
tor-2e2f3a4d99885c0d348024dc85ed6ef064a62ace.zip
Add a separate, non-fractional, limit to the sampled guard set size.
Letting the maximum sample size grow proportionally to the number of guards defeats its purpose to a certain extent. Noted by asn during code review. Fixes bug 20920; bug not in any released (or merged) version of Tor.
Diffstat (limited to 'src/or/entrynodes.c')
-rw-r--r--src/or/entrynodes.c14
1 files changed, 13 insertions, 1 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index f41464a4c9..3249ce2947 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -402,6 +402,16 @@ get_max_sample_threshold(void)
return pct / 100.0;
}
/**
+ * We never let our sampled guard set grow larger than this number.
+ */
+STATIC int
+get_max_sample_size_absolute(void)
+{
+ return (int) networkstatus_get_param(NULL, "guard-max-sample-size",
+ DFLT_MAX_SAMPLE_SIZE,
+ 1, INT32_MAX);
+}
+/**
* We always try to make our sample contain at least this many guards.
*
* XXXX prop271 spec deviation There was a MIN_SAMPLE_THRESHOLD in the
@@ -937,7 +947,9 @@ get_max_sample_size(guard_selection_t *gs,
if (using_bridges)
return n_guards;
- const int max_sample = (int)(n_guards * get_max_sample_threshold());
+ const int max_sample_by_pct = (int)(n_guards * get_max_sample_threshold());
+ const int max_sample_absolute = get_max_sample_size_absolute();
+ const int max_sample = MIN(max_sample_by_pct, max_sample_absolute);
if (max_sample < min_sample) // XXXX prop271 spec deviation
return min_sample;
else