Merge remote-tracking branch 'origin/maint-0.2.4'

4 files changed, 38 insertions, 2 deletions

diff --git a/src/or/config.c b/src/or/config.c
index 861ee6ffeb..86f0661146 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -255,6 +255,7 @@ static config_var_t option_vars_[] = {
 #endif
   OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
   OBSOLETE("Group"),
+  V(GuardLifetime,               INTERVAL, "0 minutes"),
   V(HardwareAccel,               BOOL,     "0"),
   V(HeartbeatPeriod,             INTERVAL, "6 hours"),
   V(AccelName,                   STRING,   NULL),
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 98fde98e7d..8863d92409 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -1103,6 +1103,8 @@ static struct unit_table_t time_units[] = {
   { "days",     24*60*60 },
   { "week",     7*24*60*60 },
   { "weeks",    7*24*60*60 },
+  { "month",    2629728, }, /* about 30.437 days */
+  { "months",   2629728, },
   { NULL, 0 },
 };
 
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 933eabbc00..b35e4d8ef3 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -24,6 +24,7 @@
 #include "entrynodes.h"
 #include "main.h"
 #include "microdesc.h"
+#include "networkstatus.h"
 #include "nodelist.h"
 #include "policies.h"
 #include "router.h"
@@ -336,6 +337,9 @@ control_event_guard_deferred(void)
 #endif
 }
 
+/** Largest amount that we'll backdate chosen_on_date */
+#define CHOSEN_ON_DATE_SLOP (30*86400)
+
 /** Add a new (preferably stable and fast) router to our
  * entry_guards list. Return a pointer to the router if we succeed,
  * or NULL if we can't find any more suitable entries.
@@ -449,6 +453,32 @@ entry_guard_free(entry_guard_t *e)
   tor_free(e);
 }
 
+/**
+ * Return the minimum lifetime of working entry guard, in seconds,
+ * as given in the consensus networkstatus.  (Plus CHOSEN_ON_DATE_SLOP,
+ * so that we can do the chosen_on_date randomization while achieving the
+ * desired minimum lifetime.)
+ */
+static int32_t
+guards_get_lifetime(void)
+{
+  const or_options_t *options = get_options();
+#define DFLT_GUARD_LIFETIME (86400 * 30)   /* One month. */
+#define MIN_GUARD_LIFETIME  (86400 * 60)   /* Two months. */
+#define MAX_GUARD_LIFETIME  (86400 * 1826) /* Five years. */
+
+  if (options->GuardLifetime >= 1) {
+    return CLAMP(MIN_GUARD_LIFETIME,
+                 options->GuardLifetime,
+                 MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
+  }
+
+  return networkstatus_get_param(NULL, "GuardLifetime",
+                                 DFLT_GUARD_LIFETIME,
+                                 MIN_GUARD_LIFETIME,
+                                 MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
+}
+
 /** Remove any entry guard which was selected by an unknown version of Tor,
  * or which was selected by a version of Tor that's known to select
  * entry guards badly, or which was selected more 2 months ago. */
@@ -458,6 +488,7 @@ static int
 remove_obsolete_entry_guards(time_t now)
 {
   int changed = 0, i;
+  int32_t guard_lifetime = guards_get_lifetime();
 
   for (i = 0; i < smartlist_len(entry_guards); ++i) {
     entry_guard_t *entry = smartlist_get(entry_guards, i);
@@ -488,8 +519,8 @@ remove_obsolete_entry_guards(time_t now)
       }
       tor_free(tor_ver);
     }
-    if (!version_is_bad && entry->chosen_on_date + 3600*24*60 < now) {
-      /* It's been 2 months since the date listed in our state file. */
+    if (!version_is_bad && entry->chosen_on_date + guard_lifetime < now) {
+      /* It's been too long since the date listed in our state file. */
       msg = "was selected several months ago";
       date_is_bad = 1;
     }
diff --git a/src/or/or.h b/src/or/or.h
index 68039afdf0..88fd38d9d7 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4029,6 +4029,8 @@ typedef struct {
    * should guess a suitable value. */
   int SSLKeyLifetime;
 
+  /** How long (seconds) do we keep a guard before picking a new one? */
+  int GuardLifetime;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */