When the client is choosing entry guards, now it selects at most

one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator. 
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.

Not a backport candidate, since I think this might break for users
who only have a given /16 in their reachableaddresses, or something
like that.


svn:r17514

2 files changed, 5 insertions, 2 deletions

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index e7ab333e82..e16e1675d2 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1658,8 +1658,10 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
   if (options->UseEntryGuards && entry_guards) {
     SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
       {
-        if ((r = router_get_by_digest(entry->identity)))
+        if ((r = router_get_by_digest(entry->identity))) {
           smartlist_add(excluded, r);
+          routerlist_add_family(excluded, r);
+        }
       });
   }
 
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 48e66ed8db..e2f3170b6a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1219,7 +1219,8 @@ routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router)
 }
 
 /** Add all the family of <b>router</b> to the smartlist <b>sl</b>.
- * This is used to make sure we don't pick siblings in a single path.
+ * This is used to make sure we don't pick siblings in a single path,
+ * or pick more than one relay from a family for our entry guard list.
  */
 void
 routerlist_add_family(smartlist_t *sl, routerinfo_t *router)