diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-11-17 09:59:26 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-11-17 09:59:26 -0500 |
| commit | fcdec00685608c85161116bdb7408f33094ea3fa (patch) | |
| tree | 195124df1f483681f556630f58811bc67645cd7a /src/or/entrynodes.h | |
| parent | 94dce246ee97884a546113827404a45d0f16c648 (diff) | |
| parent | 9c17a6d28b4acf044f408a0c7211e051e238c797 (diff) | |
| download | tor-fcdec00685608c85161116bdb7408f33094ea3fa.tar.gz tor-fcdec00685608c85161116bdb7408f33094ea3fa.zip | |
Merge branch 'maint-0.3.2'
Diffstat (limited to 'src/or/entrynodes.h')
| -rw-r--r-- | src/or/entrynodes.h | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 86f0517df2..3ca966bc78 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -272,22 +272,28 @@ struct guard_selection_s { struct entry_guard_handle_t; +/** Types of restrictions we impose when picking guard nodes */ +typedef enum guard_restriction_type_t { + /* Don't pick the same guard node as our exit node (or its family) */ + RST_EXIT_NODE = 0, + /* Don't pick dirguards that have previously shown to be outdated */ + RST_OUTDATED_MD_DIRSERVER = 1 +} guard_restriction_type_t; + /** * A restriction to remember which entry guards are off-limits for a given * circuit. * - * Right now, we only use restrictions to block a single guard and its family - * from being selected; this mechanism is designed to be more extensible in - * the future, however. - * * Note: This mechanism is NOT for recording which guards are never to be * used: only which guards cannot be used on <em>one particular circuit</em>. */ struct entry_guard_restriction_t { - /** - * The guard's RSA identity digest must not equal this; and it must not - * be in the same family as any node with this digest. - */ + /* What type of restriction are we imposing? */ + guard_restriction_type_t type; + + /* In case of restriction type RST_EXIT_NODE, the guard's RSA identity + * digest must not equal this; and it must not be in the same family as any + * node with this digest. */ uint8_t exclude_id[DIGEST_LEN]; }; @@ -316,7 +322,8 @@ struct circuit_guard_state_t { int guards_update_all(void); const node_t *guards_choose_guard(cpath_build_state_t *state, circuit_guard_state_t **guard_state_out); -const node_t *guards_choose_dirguard(circuit_guard_state_t **guard_state_out); +const node_t *guards_choose_dirguard(uint8_t dir_purpose, + circuit_guard_state_t **guard_state_out); #if 1 /* XXXX NM I would prefer that all of this stuff be private to @@ -554,6 +561,14 @@ STATIC unsigned entry_guards_note_guard_success(guard_selection_t *gs, unsigned old_state); STATIC int entry_guard_has_higher_priority(entry_guard_t *a, entry_guard_t *b); STATIC char *getinfo_helper_format_single_entry_guard(const entry_guard_t *e); + +STATIC entry_guard_restriction_t *guard_create_exit_restriction( + const uint8_t *exit_id); + +STATIC entry_guard_restriction_t *guard_create_dirserver_md_restriction(void); + +STATIC void entry_guard_restriction_free(entry_guard_restriction_t *rst); + #endif /* defined(ENTRYNODES_PRIVATE) */ void remove_all_entry_guards_for_guard_selection(guard_selection_t *gs); |