diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-12-12 10:32:25 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-12-16 11:34:31 -0500 |
commit | 506bd6d47c9c003a94eae7132e83b682a53f0bc9 (patch) | |
tree | aa4f6d71402ea6e7ed53aff612b03205105e9dd8 /src/or | |
parent | d9200d853d5b9125ebcb47ae5a02ef0cd52f436a (diff) | |
download | tor-506bd6d47c9c003a94eae7132e83b682a53f0bc9.tar.gz tor-506bd6d47c9c003a94eae7132e83b682a53f0bc9.zip |
Make NumDirectoryGuards work with the new guard algorithm.
Now that we support NumEntryGuards, NumDirectoryGuards is pretty
easy to put back in.
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/entrynodes.c | 39 | ||||
-rw-r--r-- | src/or/entrynodes.h | 15 |
2 files changed, 42 insertions, 12 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 9defd11656..9416298ca3 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -472,10 +472,11 @@ STATIC int get_n_primary_guards(void) { const int n = get_options()->NumEntryGuards; + const int n_dir = get_options()->NumDirectoryGuards; if (n > 5) { - return n + n / 2; - } else if (n > 1) { - return n * 2; + return MAX(n_dir, n + n / 2); + } else if (n >= 1) { + return MAX(n_dir, n * 2); } return networkstatus_get_param(NULL, @@ -487,14 +488,25 @@ get_n_primary_guards(void) * making a circuit. */ STATIC int -get_n_primary_guards_to_use(void) -{ - if (get_options()->NumEntryGuards > 1) { - return get_options()->NumEntryGuards; +get_n_primary_guards_to_use(guard_usage_t usage) +{ + int configured; + const char *param_name; + int param_default; + if (usage == GUARD_USAGE_DIRGUARD) { + configured = get_options()->NumDirectoryGuards; + param_name = "guard-n-primary-dir-guards-to-use"; + param_default = DFLT_N_PRIMARY_DIR_GUARDS_TO_USE; + } else { + configured = get_options()->NumEntryGuards; + param_name = "guard-n-primary-guards-to-use"; + param_default = DFLT_N_PRIMARY_GUARDS_TO_USE; + } + if (configured >= 1) { + return configured; } return networkstatus_get_param(NULL, - "guard-n-primary-guards-to-use", - DFLT_N_PRIMARY_GUARDS_TO_USE, 1, INT32_MAX); + param_name, param_default, 1, INT32_MAX); } /** * If we haven't successfully built or used a circuit in this long, then @@ -1807,6 +1819,7 @@ entry_guards_note_internet_connectivity(guard_selection_t *gs) */ STATIC entry_guard_t * select_entry_guard_for_circuit(guard_selection_t *gs, + guard_usage_t usage, const entry_guard_restriction_t *rst, unsigned *state_out) { @@ -1817,7 +1830,7 @@ select_entry_guard_for_circuit(guard_selection_t *gs, if (!gs->primary_guards_up_to_date) entry_guards_update_primary(gs); - int num_entry_guards = get_n_primary_guards_to_use(); + int num_entry_guards = get_n_primary_guards_to_use(usage); smartlist_t *usable_primary_guards = smartlist_new(); /* "If any entry in PRIMARY_GUARDS has {is_reachable} status of @@ -2080,6 +2093,7 @@ circuit_guard_state_free(circuit_guard_state_t *state) */ int entry_guard_pick_for_circuit(guard_selection_t *gs, + guard_usage_t usage, entry_guard_restriction_t *rst, const node_t **chosen_node_out, circuit_guard_state_t **guard_state_out) @@ -2091,7 +2105,8 @@ entry_guard_pick_for_circuit(guard_selection_t *gs, *guard_state_out = NULL; unsigned state = 0; - entry_guard_t *guard = select_entry_guard_for_circuit(gs, rst, &state); + entry_guard_t *guard = + select_entry_guard_for_circuit(gs, usage, rst, &state); if (! guard) goto fail; if (BUG(state == 0)) @@ -4986,6 +5001,7 @@ guards_choose_guard(cpath_build_state_t *state, memcpy(rst->exclude_id, exit_id, DIGEST_LEN); } if (entry_guard_pick_for_circuit(get_guard_selection_info(), + GUARD_USAGE_TRAFFIC, rst, &r, guard_state_out) < 0) { @@ -5018,6 +5034,7 @@ guards_choose_dirguard(dirinfo_type_t info, * microdescriptors. -NM */ const node_t *r = NULL; if (entry_guard_pick_for_circuit(get_guard_selection_info(), + GUARD_USAGE_DIRGUARD, NULL, &r, guard_state_out) < 0) { diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index e2ae2561f3..c215c103ca 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -397,8 +397,16 @@ const char *entry_guard_get_rsa_id_digest(const entry_guard_t *guard); const char *entry_guard_describe(const entry_guard_t *guard); guard_pathbias_t *entry_guard_get_pathbias_state(entry_guard_t *guard); +/** Enum to specify how we're going to use a given guard, when we're picking + * one for immediate use. */ +typedef enum { + GUARD_USAGE_TRAFFIC = 0, + GUARD_USAGE_DIRGUARD = 1 +} guard_usage_t; + void circuit_guard_state_free(circuit_guard_state_t *state); int entry_guard_pick_for_circuit(guard_selection_t *gs, + guard_usage_t usage, entry_guard_restriction_t *rst, const node_t **chosen_node_out, circuit_guard_state_t **guard_state_out); @@ -477,6 +485,10 @@ int num_bridges_usable(void); */ #define DFLT_N_PRIMARY_GUARDS_TO_USE 1 /** + * As DFLT_N_PRIMARY_GUARDS, but for choosing which directory guard to use. + */ +#define DFLT_N_PRIMARY_DIR_GUARDS_TO_USE 3 +/** * If we haven't successfully built or used a circuit in this long, then * consider that the internet is probably down. */ @@ -511,7 +523,7 @@ STATIC int get_remove_unlisted_guards_after_days(void); STATIC int get_guard_lifetime(void); STATIC int get_guard_confirmed_min_lifetime(void); STATIC int get_n_primary_guards(void); -STATIC int get_n_primary_guards_to_use(void); +STATIC int get_n_primary_guards_to_use(guard_usage_t usage); STATIC int get_internet_likely_down_interval(void); STATIC int get_nonprimary_guard_connect_timeout(void); STATIC int get_nonprimary_guard_idle_timeout(void); @@ -590,6 +602,7 @@ STATIC void sampled_guards_update_from_consensus(guard_selection_t *gs); STATIC void entry_guards_note_guard_failure(guard_selection_t *gs, entry_guard_t *guard); STATIC entry_guard_t *select_entry_guard_for_circuit(guard_selection_t *gs, + guard_usage_t usage, const entry_guard_restriction_t *rst, unsigned *state_out); STATIC void mark_primary_guards_maybe_reachable(guard_selection_t *gs); |