diff options
| author | Nick Mathewson <nickm@torproject.org> | 2016-12-08 10:02:19 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2016-12-16 11:06:22 -0500 |
| commit | 2e2f3a4d99885c0d348024dc85ed6ef064a62ace (patch) | |
| tree | 2f0b6154a5e0ec5a545ff7d79c04c61b7d131dce /src | |
| parent | e50d85b90cb3fbc562517c11ded12940682ffec0 (diff) | |
| download | tor-2e2f3a4d99885c0d348024dc85ed6ef064a62ace.tar.gz tor-2e2f3a4d99885c0d348024dc85ed6ef064a62ace.zip | |
Add a separate, non-fractional, limit to the sampled guard set size.
Letting the maximum sample size grow proportionally to the number of
guards defeats its purpose to a certain extent. Noted by asn during
code review.
Fixes bug 20920; bug not in any released (or merged) version of Tor.
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/entrynodes.c | 14 | ||||
| -rw-r--r-- | src/or/entrynodes.h | 8 |
2 files changed, 20 insertions, 2 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index f41464a4c9..3249ce2947 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -402,6 +402,16 @@ get_max_sample_threshold(void) return pct / 100.0; } /** + * We never let our sampled guard set grow larger than this number. + */ +STATIC int +get_max_sample_size_absolute(void) +{ + return (int) networkstatus_get_param(NULL, "guard-max-sample-size", + DFLT_MAX_SAMPLE_SIZE, + 1, INT32_MAX); +} +/** * We always try to make our sample contain at least this many guards. * * XXXX prop271 spec deviation There was a MIN_SAMPLE_THRESHOLD in the @@ -937,7 +947,9 @@ get_max_sample_size(guard_selection_t *gs, if (using_bridges) return n_guards; - const int max_sample = (int)(n_guards * get_max_sample_threshold()); + const int max_sample_by_pct = (int)(n_guards * get_max_sample_threshold()); + const int max_sample_absolute = get_max_sample_size_absolute(); + const int max_sample = MIN(max_sample_by_pct, max_sample_absolute); if (max_sample < min_sample) // XXXX prop271 spec deviation return min_sample; else diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h index 11335255e2..d7dc01424a 100644 --- a/src/or/entrynodes.h +++ b/src/or/entrynodes.h @@ -440,7 +440,12 @@ int num_bridges_usable(void); * We never let our sampled guard set grow larger than this percentage * of the guards on the network. */ -#define DFLT_MAX_SAMPLE_THRESHOLD_PERCENT 30 +#define DFLT_MAX_SAMPLE_THRESHOLD_PERCENT 20 +/** + * We never let our sampled guard set grow larger than this number of + * guards. + */ +#define DFLT_MAX_SAMPLE_SIZE 60 /** * We always try to make our sample contain at least this many guards. * @@ -495,6 +500,7 @@ int num_bridges_usable(void); /**@}*/ STATIC double get_max_sample_threshold(void); +STATIC int get_max_sample_size_absolute(void); STATIC int get_min_filtered_sample_size(void); STATIC int get_remove_unlisted_guards_after_days(void); STATIC int get_guard_lifetime_days(void); |