diff options
-rw-r--r-- | src/or/entrynodes.c | 40 |
1 files changed, 17 insertions, 23 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 63b54f41f0..587dec6493 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -367,9 +367,6 @@ get_max_sample_size_absolute(void) } /** * We always try to make our sample contain at least this many guards. - * - * XXXX prop271 spec deviation There was a MIN_SAMPLE_THRESHOLD in the - * proposal, but I removed it in favor of MIN_FILTERED_SAMPLE_SIZE. -NM */ STATIC int get_min_filtered_sample_size(void) @@ -562,8 +559,8 @@ choose_guard_selection(const or_options_t *options, } } SMARTLIST_FOREACH_END(node); - /* XXXX prop271 spec deviation -- separate 'high' and 'low' thresholds - * to prevent flapping */ + /* We use separate 'high' and 'low' thresholds here to prevent flapping + * back and forth */ const int meaningful_threshold_high = (int)(n_guards * get_meaningful_restriction_threshold() * 1.05); const int meaningful_threshold_mid = @@ -682,7 +679,6 @@ node_is_possible_guard(const node_t *node) /* The "GUARDS" set is all nodes in the nodelist for which this predicate * holds. */ - /* XXXX -- prop271 spec deviation. We require node_is_dir() here. */ tor_assert(node); return (node->is_possible_guard && node->is_stable && @@ -936,14 +932,14 @@ get_max_sample_size(guard_selection_t *gs, const int using_bridges = (gs->type == GS_TYPE_BRIDGE); const int min_sample = get_min_filtered_sample_size(); - /* XXXX prop271 spec deviation with bridges, max_sample is "all of them" */ + /* With bridges, max_sample is "all of them" */ if (using_bridges) return n_guards; const int max_sample_by_pct = (int)(n_guards * get_max_sample_threshold()); const int max_sample_absolute = get_max_sample_size_absolute(); const int max_sample = MIN(max_sample_by_pct, max_sample_absolute); - if (max_sample < min_sample) // XXXX prop271 spec deviation + if (max_sample < min_sample) return min_sample; else return max_sample; @@ -1302,7 +1298,6 @@ node_passes_guard_filter(const or_options_t *options, if (routerset_contains_node(options->ExcludeNodes, node)) return 0; - /* XXXX -- prop271 spec deviation -- add entrynodes to spec. */ if (options->EntryNodes && !routerset_contains_node(options->EntryNodes, node)) return 0; @@ -2310,6 +2305,13 @@ entry_guards_upgrade_waiting_circuits(guard_selection_t *gs, /* First look at the complete circuits: Do any block this circuit? */ SMARTLIST_FOREACH_BEGIN(all_circuits, origin_circuit_t *, circ) { + /* "C2 "blocks" C1 if: + * C2 obeys all the restrictions that C1 had to obey, AND + * C2 has higher priority than C1, AND + * Either C2 is <complete>, or C2 is <waiting_for_better_guard>, + or C2 has been <usable_if_no_better_guard> for no more than + {NONPRIMARY_GUARD_CONNECT_TIMEOUT} seconds." + */ circuit_guard_state_t *state = origin_circuit_get_guard_state(circ); if BUG((state == NULL)) continue; @@ -2322,9 +2324,6 @@ entry_guards_upgrade_waiting_circuits(guard_selection_t *gs, } SMARTLIST_FOREACH_END(circ); if (n_complete_blocking) { - /* "If any circuit is <complete>, then do not use any - <waiting_for_better_guard> or <usable_if_no_better_guard> circuits - circuits whose guards have lower priority." */ log_debug(LD_GUARD, "Considered upgrading guard-stalled circuits: found " "%d complete and %d guard-stalled. At least one complete " "circuit had higher priority, so not upgrading.", @@ -2332,14 +2331,10 @@ entry_guards_upgrade_waiting_circuits(guard_selection_t *gs, goto no_change; } - /* "If any circuit is <waiting_for_better_guard>, and every currently - {is_pending} circuit whose guard has higher priority has been in - state <usable_if_no_better_guard> for at least - {NONPRIMARY_GUARD_CONNECT_TIMEOUT} seconds, and all primary guards - have reachable status of <no>, then call that circuit <complete>." - - XXXX --- prop271 deviation. there's no such thing in the spec as - an {is_pending circuit}; fix the spec. + /* " * If any circuit C1 is <waiting_for_better_guard>, AND: + * All primary guards have reachable status of <no>. + * There is no circuit C2 that "blocks" C1. + Then, upgrade C1 to <complete>."" */ int n_blockers_found = 0; const time_t state_set_at_cutoff = @@ -2687,7 +2682,6 @@ entry_guard_parse_from_state(const char *s) /* Take sampled_by_version verbatim. */ guard->sampled_by_version = sampled_by; sampled_by = NULL; /* prevent free */ - // XXXX -- prop271 spec deviation -- we do not require sampled_by_version /* Listed is a boolean */ if (listed && strcmp(listed, "0")) @@ -3235,10 +3229,10 @@ guards_choose_guard(cpath_build_state_t *state, const node_t *r = NULL; const uint8_t *exit_id = NULL; entry_guard_restriction_t *rst = NULL; - // XXXX prop271 spec deviation -- use of restriction here. if (state && (exit_id = build_state_get_exit_rsa_id(state))) { /* We're building to a targeted exit node, so that node can't be - * chosen as our guard for this circuit. */ + * chosen as our guard for this circuit. Remember that fact in a + * restriction. */ rst = tor_malloc_zero(sizeof(entry_guard_restriction_t)); memcpy(rst->exclude_id, exit_id, DIGEST_LEN); } |