summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2021-02-01 09:04:50 -0500
committerDavid Goulet <dgoulet@torproject.org>2021-02-03 08:51:00 -0500
commit98590621bb49cbecd601085f7e03697f8783ff7b (patch)
treee2f4b25b2f106fb9f4595e03c426d5c19ecf5772 /src
parentce3af5dd5948cd9c24fc5b5f70814b38cbca46a9 (diff)
downloadtor-98590621bb49cbecd601085f7e03697f8783ff7b.tar.gz
tor-98590621bb49cbecd601085f7e03697f8783ff7b.zip
relay: Double the size of the relay reentry set
This is to minimize false positive and thus deny reentry to Exit connections that were in reality not re-entering. Helps with overall UX. Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src')
-rw-r--r--src/feature/nodelist/nodelist.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/feature/nodelist/nodelist.c b/src/feature/nodelist/nodelist.c
index 9d553ce1f5..22b93762e7 100644
--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@ -672,8 +672,12 @@ nodelist_set_consensus(networkstatus_t *ns)
address_set_free(the_nodelist->node_addrs);
addr_port_set_free(the_nodelist->reentry_set);
the_nodelist->node_addrs = address_set_new(estimated_addresses);
- /* Times two here is for both the ORPort and DirPort. */
- the_nodelist->reentry_set = addr_port_set_new(estimated_addresses * 2);
+ /* Times two here is for both the ORPort and DirPort. We double it again in
+ * order to minimize as much as possible the false positive when looking up
+ * this set. Reason is that Exit streams that are legitimate but end up a
+ * false positive against this set will thus be considered reentry and be
+ * rejected which means a bad UX. */
+ the_nodelist->reentry_set = addr_port_set_new(estimated_addresses * 2 * 2);
SMARTLIST_FOREACH_BEGIN(ns->routerstatus_list, routerstatus_t *, rs) {
node_t *node = node_get_or_create(rs->identity_digest);