Merge branch 'bug8240_v2_squashed' into maint-0.2.4

Conflicts: doc/tor.1.txt src/or/circuitbuild.c src/or/config.c src/or/or.h
author: Nick Mathewson <nickm@torproject.org> 2013-03-19 16:15:27 -0400
committer: Nick Mathewson <nickm@torproject.org> 2013-03-19 16:15:27 -0400
commit: 6f20a74d52741cce521cf03b8afee570e3cb367b (patch)
tree: c49d5aab8a038da07570612795861ea32bf6cb2d /src
parent: a7b46336eb5f1f7f734ac2d978c7ab17d1c870c0 (diff)
parent: 18752bca5b57c11b6d843db671e1886ed0624848 (diff)
download: tor-6f20a74d52741cce521cf03b8afee570e3cb367b.tar.gz
tor-6f20a74d52741cce521cf03b8afee570e3cb367b.zip
5 files changed, 49 insertions, 2 deletions
diff --git a/src/common/util.h b/src/common/util.h
index fbf6d2bea4..712352b032 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -172,6 +172,17 @@ int n_bits_set_u8(uint8_t v);
  * overflow. */
 #define CEIL_DIV(a,b) (((a)+(b)-1)/(b))
 
+/* Return <b>v</b> if it's between <b>min</b> and <b>max</b>.  Otherwise
+ * return <b>min</b> if <b>v</b> is smaller than <b>min</b>, or <b>max</b> if
+ * <b>b</b> is larger than <b>max</b>.
+ *
+ * Requires that <b>min</b> is no more than <b>max</b>. May evaluate any of
+ * its arguments more than once! */
+#define CLAMP(min,v,max)                        \
+  ( ((v) < (min)) ? (min) :                     \
+    ((v) > (max)) ? (max) :                     \
+    (v) )
+
 /* String manipulation */
 
 /** Allowable characters in a hexadecimal string. */
diff --git a/src/or/config.c b/src/or/config.c
index 0ebf3b6942..68c0ccacdc 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -255,6 +255,7 @@ static config_var_t option_vars_[] = {
 #endif
   OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
   OBSOLETE("Group"),
+  V(GuardLifetime,               INTERVAL, "0 minutes"),
   V(HardwareAccel,               BOOL,     "0"),
   V(HeartbeatPeriod,             INTERVAL, "6 hours"),
   V(AccelName,                   STRING,   NULL),
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 98fde98e7d..8863d92409 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -1103,6 +1103,8 @@ static struct unit_table_t time_units[] = {
   { "days",     24*60*60 },
   { "week",     7*24*60*60 },
   { "weeks",    7*24*60*60 },
+  { "month",    2629728, }, /* about 30.437 days */
+  { "months",   2629728, },
   { NULL, 0 },
 };
 
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index e92c0c166d..5bb0a7317c 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -24,6 +24,7 @@
 #include "entrynodes.h"
 #include "main.h"
 #include "microdesc.h"
+#include "networkstatus.h"
 #include "nodelist.h"
 #include "policies.h"
 #include "router.h"
@@ -332,6 +333,9 @@ control_event_guard_deferred(void)
 #endif
 }
 
+/** Largest amount that we'll backdate chosen_on_date */
+#define CHOSEN_ON_DATE_SLOP (30*86400)
+
 /** Add a new (preferably stable and fast) router to our
  * entry_guards list. Return a pointer to the router if we succeed,
  * or NULL if we can't find any more suitable entries.
@@ -445,6 +449,32 @@ entry_guard_free(entry_guard_t *e)
   tor_free(e);
 }
 
+/**
+ * Return the minimum lifetime of working entry guard, in seconds,
+ * as given in the consensus networkstatus.  (Plus CHOSEN_ON_DATE_SLOP,
+ * so that we can do the chosen_on_date randomization while achieving the
+ * desired minimum lifetime.)
+ */
+static int32_t
+guards_get_lifetime(void)
+{
+  const or_options_t *options = get_options();
+#define DFLT_GUARD_LIFETIME (86400 * 30)   /* One month. */
+#define MIN_GUARD_LIFETIME  (86400 * 60)   /* Two months. */
+#define MAX_GUARD_LIFETIME  (86400 * 1826) /* Five years. */
+
+  if (options->GuardLifetime >= 1) {
+    return CLAMP(MIN_GUARD_LIFETIME,
+                 options->GuardLifetime,
+                 MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
+  }
+
+  return networkstatus_get_param(NULL, "GuardLifetime",
+                                 DFLT_GUARD_LIFETIME,
+                                 MIN_GUARD_LIFETIME,
+                                 MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
+}
+
 /** Remove any entry guard which was selected by an unknown version of Tor,
  * or which was selected by a version of Tor that's known to select
  * entry guards badly, or which was selected more 2 months ago. */
@@ -454,6 +484,7 @@ static int
 remove_obsolete_entry_guards(time_t now)
 {
   int changed = 0, i;
+  int32_t guard_lifetime = guards_get_lifetime();
 
   for (i = 0; i < smartlist_len(entry_guards); ++i) {
     entry_guard_t *entry = smartlist_get(entry_guards, i);
@@ -484,8 +515,8 @@ remove_obsolete_entry_guards(time_t now)
       }
       tor_free(tor_ver);
     }
-    if (!version_is_bad && entry->chosen_on_date + 3600*24*60 < now) {
-      /* It's been 2 months since the date listed in our state file. */
+    if (!version_is_bad && entry->chosen_on_date + guard_lifetime < now) {
+      /* It's been too long since the date listed in our state file. */
       msg = "was selected several months ago";
       date_is_bad = 1;
     }
diff --git a/src/or/or.h b/src/or/or.h
index 00f72adb8d..67315522ed 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4027,6 +4027,8 @@ typedef struct {
    * should guess a suitable value. */
   int SSLKeyLifetime;
 
+  /** How long (seconds) do we keep a guard before picking a new one? */
+  int GuardLifetime;
 } or_options_t;
 
 /** Persistent state for an onion router, as saved to disk. */
author	Nick Mathewson <nickm@torproject.org>	2013-03-19 16:15:27 -0400
committer	Nick Mathewson <nickm@torproject.org>	2013-03-19 16:15:27 -0400
commit	6f20a74d52741cce521cf03b8afee570e3cb367b (patch)
tree	c49d5aab8a038da07570612795861ea32bf6cb2d /src
parent	a7b46336eb5f1f7f734ac2d978c7ab17d1c870c0 (diff)
parent	18752bca5b57c11b6d843db671e1886ed0624848 (diff)
download	tor-6f20a74d52741cce521cf03b8afee570e3cb367b.tar.gz tor-6f20a74d52741cce521cf03b8afee570e3cb367b.zip