diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-11-17 09:56:53 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-11-17 09:56:53 -0500 |
| commit | 2cee26b16447c143333ffc16502ecc28b48060cd (patch) | |
| tree | 9b01309f821456100ab55ef39b7dd452262db5ee /src/or/entrynodes.h | |
| parent | b98614f1af6ed10aa0e3cd00d5baf57fb534f574 (diff) | |
| parent | 96b69942a54e69e9f4d8aeb07bf9a5fb98892900 (diff) | |
| download | tor-2cee26b16447c143333ffc16502ecc28b48060cd.tar.gz tor-2cee26b16447c143333ffc16502ecc28b48060cd.zip | |
Merge branch 'bug23817_031' into maint-0.3.2
Diffstat (limited to 'src/or/entrynodes.h')
| -rw-r--r-- | src/or/entrynodes.h | 33 |
1 files changed, 24 insertions, 9 deletions
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 9e1e729930..49bb3e55c4 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -272,22 +272,28 @@ struct guard_selection_s { struct entry_guard_handle_t; +/** Types of restrictions we impose when picking guard nodes */ +typedef enum guard_restriction_type_t { + /* Don't pick the same guard node as our exit node (or its family) */ + RST_EXIT_NODE = 0, + /* Don't pick dirguards that have previously shown to be outdated */ + RST_OUTDATED_MD_DIRSERVER = 1 +} guard_restriction_type_t; + /** * A restriction to remember which entry guards are off-limits for a given * circuit. * - * Right now, we only use restrictions to block a single guard and its family - * from being selected; this mechanism is designed to be more extensible in - * the future, however. - * * Note: This mechanism is NOT for recording which guards are never to be * used: only which guards cannot be used on <em>one particular circuit</em>. */ struct entry_guard_restriction_t { - /** - * The guard's RSA identity digest must not equal this; and it must not - * be in the same family as any node with this digest. - */ + /* What type of restriction are we imposing? */ + guard_restriction_type_t type; + + /* In case of restriction type RST_EXIT_NODE, the guard's RSA identity + * digest must not equal this; and it must not be in the same family as any + * node with this digest. */ uint8_t exclude_id[DIGEST_LEN]; }; @@ -316,7 +322,8 @@ struct circuit_guard_state_t { int guards_update_all(void); const node_t *guards_choose_guard(cpath_build_state_t *state, circuit_guard_state_t **guard_state_out); -const node_t *guards_choose_dirguard(circuit_guard_state_t **guard_state_out); +const node_t *guards_choose_dirguard(uint8_t dir_purpose, + circuit_guard_state_t **guard_state_out); #if 1 /* XXXX NM I would prefer that all of this stuff be private to @@ -550,6 +557,14 @@ STATIC unsigned entry_guards_note_guard_success(guard_selection_t *gs, unsigned old_state); STATIC int entry_guard_has_higher_priority(entry_guard_t *a, entry_guard_t *b); STATIC char *getinfo_helper_format_single_entry_guard(const entry_guard_t *e); + +STATIC entry_guard_restriction_t *guard_create_exit_restriction( + const uint8_t *exit_id); + +STATIC entry_guard_restriction_t *guard_create_dirserver_md_restriction(void); + +STATIC void entry_guard_restriction_free(entry_guard_restriction_t *rst); + #endif /* defined(ENTRYNODES_PRIVATE) */ void remove_all_entry_guards_for_guard_selection(guard_selection_t *gs); |