diff options
author | Nick Mathewson <nickm@torproject.org> | 2013-02-14 12:06:59 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2013-02-14 12:06:59 -0500 |
commit | 1070a720ad7f45fa82b77be0512056a06e535b72 (patch) | |
tree | 2ff76f12390f5f7c88b1b62080ebe73b5e58873c /src | |
parent | 91027218e29090b18d42e1868367cc2a9e149900 (diff) | |
download | tor-1070a720ad7f45fa82b77be0512056a06e535b72.tar.gz tor-1070a720ad7f45fa82b77be0512056a06e535b72.zip |
Be more robust when excluding existing nodes as new dirguards
In addition to rejecting them post-hoc, avoid picking them in the
first place. This makes us less likely to decide that we can't add
guards at all.
Diffstat (limited to 'src')
-rw-r--r-- | src/or/circuitbuild.c | 1 | ||||
-rw-r--r-- | src/or/entrynodes.c | 2 | ||||
-rw-r--r-- | src/or/or.h | 4 | ||||
-rw-r--r-- | src/or/routerlist.c | 3 |
4 files changed, 9 insertions, 1 deletions
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 163afd3d29..c2f395338d 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -3397,6 +3397,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state) }); } /* and exclude current entry guards and their families, if applicable */ + /*XXXX025 use the using_as_guard flag to accomplish this.*/ if (options->UseEntryGuards) { SMARTLIST_FOREACH(get_entry_guards(), const entry_guard_t *, entry, { diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 3e471ed01e..5dd27905d6 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -362,7 +362,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend, } else { const routerstatus_t *rs; rs = router_pick_directory_server(MICRODESC_DIRINFO|V3_DIRINFO, - PDS_PREFER_TUNNELED_DIR_CONNS_); + PDS_PREFER_TUNNELED_DIR_CONNS_|PDS_FOR_GUARD); if (!rs) return NULL; node = node_get_by_id(rs->identity_digest); diff --git a/src/or/or.h b/src/or/or.h index df69674d34..1cb9ef2f0e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4760,6 +4760,10 @@ typedef struct dir_server_t { #define PDS_NO_EXISTING_SERVERDESC_FETCH (1<<3) #define PDS_NO_EXISTING_MICRODESC_FETCH (1<<4) +/** This node is to be chosen as a directory guard, so don't choose any + * node that's currently a guard. */ +#define PDS_FOR_GUARD (1<<5) + #define PDS_PREFER_TUNNELED_DIR_CONNS_ (1<<16) /** Possible ways to weight routers when choosing one randomly. See diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 90b707bcdb..837245db3e 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1153,6 +1153,7 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags) int requireother = ! (flags & PDS_ALLOW_SELF); int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL); int prefer_tunnel = (flags & PDS_PREFER_TUNNELED_DIR_CONNS_); + int for_guard = (flags & PDS_FOR_GUARD); int try_excluding = 1, n_excluded = 0; if (!consensus) @@ -1192,6 +1193,8 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags) if ((type & MICRODESC_DIRINFO) && !is_trusted && !node->rs->version_supports_microdesc_cache) continue; + if (for_guard && node->using_as_guard) + continue; /* Don't make the same node a guard twice. */ if (try_excluding && routerset_contains_routerstatus(options->ExcludeNodes, status, country)) { |