diff options
| author | George Kadianakis <desnacked@riseup.net> | 2017-11-06 19:38:47 +0200 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-11-17 09:52:40 -0500 |
| commit | f61e3090fb2975ad8c2a5e138b87c62428c5f46b (patch) | |
| tree | 7a59ab0a92891498e8cf517636f0e6506ed70beb /src/or/entrynodes.h | |
| parent | 7fc64f02a3057405f9e75d70848afd2e9b95da05 (diff) | |
| download | tor-f61e3090fb2975ad8c2a5e138b87c62428c5f46b.tar.gz tor-f61e3090fb2975ad8c2a5e138b87c62428c5f46b.zip | |
Introduce new guard restriction and use it to skip outdated dirs.
Diffstat (limited to 'src/or/entrynodes.h')
| -rw-r--r-- | src/or/entrynodes.h | 37 |
1 files changed, 27 insertions, 10 deletions
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 735c7738ba..29de627de0 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -272,22 +272,28 @@ struct guard_selection_s { struct entry_guard_handle_t; +/** Types of restrictions we impose when picking guard nodes */ +typedef enum guard_restriction_type_t { + /* Don't pick the same guard node as our exit node (or its family) */ + RST_EXIT_NODE = 0, + /* Don't pick dirguards that have previously shown to be outdated */ + RST_OUTDATED_MD_DIRSERVER = 1 +} guard_restriction_type_t; + /** * A restriction to remember which entry guards are off-limits for a given * circuit. * - * Right now, we only use restrictions to block a single guard and its family - * from being selected; this mechanism is designed to be more extensible in - * the future, however. - * * Note: This mechanism is NOT for recording which guards are never to be * used: only which guards cannot be used on <em>one particular circuit</em>. */ struct entry_guard_restriction_t { - /** - * The guard's RSA identity digest must not equal this; and it must not - * be in the same family as any node with this digest. - */ + /* What type of restriction are we imposing? */ + guard_restriction_type_t type; + + /* In case of restriction type RST_EXIT_NODE, the guard's RSA identity + * digest must not equal this; and it must not be in the same family as any + * node with this digest. */ uint8_t exclude_id[DIGEST_LEN]; }; @@ -316,7 +322,8 @@ struct circuit_guard_state_t { int guards_update_all(void); const node_t *guards_choose_guard(cpath_build_state_t *state, circuit_guard_state_t **guard_state_out); -const node_t *guards_choose_dirguard(circuit_guard_state_t **guard_state_out); +const node_t *guards_choose_dirguard(uint8_t dir_purpose, + circuit_guard_state_t **guard_state_out); #if 1 /* XXXX NM I would prefer that all of this stuff be private to @@ -550,7 +557,17 @@ STATIC unsigned entry_guards_note_guard_success(guard_selection_t *gs, unsigned old_state); STATIC int entry_guard_has_higher_priority(entry_guard_t *a, entry_guard_t *b); STATIC char *getinfo_helper_format_single_entry_guard(const entry_guard_t *e); -#endif + +STATIC entry_guard_restriction_t * +guard_create_exit_restriction(const uint8_t *exit_id); + +STATIC entry_guard_restriction_t * +guard_create_dirserver_md_restriction(void); + +STATIC void +entry_guard_restriction_free(entry_guard_restriction_t *rst); + +#endif /* defined(ENTRYNODES_PRIVATE) */ void remove_all_entry_guards_for_guard_selection(guard_selection_t *gs); void remove_all_entry_guards(void); |