aboutsummaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
Diffstat (limited to 'src/or')
-rw-r--r--src/or/entrynodes.c39
-rw-r--r--src/or/entrynodes.h15
2 files changed, 42 insertions, 12 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 9defd11656..9416298ca3 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -472,10 +472,11 @@ STATIC int
get_n_primary_guards(void)
{
const int n = get_options()->NumEntryGuards;
+ const int n_dir = get_options()->NumDirectoryGuards;
if (n > 5) {
- return n + n / 2;
- } else if (n > 1) {
- return n * 2;
+ return MAX(n_dir, n + n / 2);
+ } else if (n >= 1) {
+ return MAX(n_dir, n * 2);
}
return networkstatus_get_param(NULL,
@@ -487,14 +488,25 @@ get_n_primary_guards(void)
* making a circuit.
*/
STATIC int
-get_n_primary_guards_to_use(void)
-{
- if (get_options()->NumEntryGuards > 1) {
- return get_options()->NumEntryGuards;
+get_n_primary_guards_to_use(guard_usage_t usage)
+{
+ int configured;
+ const char *param_name;
+ int param_default;
+ if (usage == GUARD_USAGE_DIRGUARD) {
+ configured = get_options()->NumDirectoryGuards;
+ param_name = "guard-n-primary-dir-guards-to-use";
+ param_default = DFLT_N_PRIMARY_DIR_GUARDS_TO_USE;
+ } else {
+ configured = get_options()->NumEntryGuards;
+ param_name = "guard-n-primary-guards-to-use";
+ param_default = DFLT_N_PRIMARY_GUARDS_TO_USE;
+ }
+ if (configured >= 1) {
+ return configured;
}
return networkstatus_get_param(NULL,
- "guard-n-primary-guards-to-use",
- DFLT_N_PRIMARY_GUARDS_TO_USE, 1, INT32_MAX);
+ param_name, param_default, 1, INT32_MAX);
}
/**
* If we haven't successfully built or used a circuit in this long, then
@@ -1807,6 +1819,7 @@ entry_guards_note_internet_connectivity(guard_selection_t *gs)
*/
STATIC entry_guard_t *
select_entry_guard_for_circuit(guard_selection_t *gs,
+ guard_usage_t usage,
const entry_guard_restriction_t *rst,
unsigned *state_out)
{
@@ -1817,7 +1830,7 @@ select_entry_guard_for_circuit(guard_selection_t *gs,
if (!gs->primary_guards_up_to_date)
entry_guards_update_primary(gs);
- int num_entry_guards = get_n_primary_guards_to_use();
+ int num_entry_guards = get_n_primary_guards_to_use(usage);
smartlist_t *usable_primary_guards = smartlist_new();
/* "If any entry in PRIMARY_GUARDS has {is_reachable} status of
@@ -2080,6 +2093,7 @@ circuit_guard_state_free(circuit_guard_state_t *state)
*/
int
entry_guard_pick_for_circuit(guard_selection_t *gs,
+ guard_usage_t usage,
entry_guard_restriction_t *rst,
const node_t **chosen_node_out,
circuit_guard_state_t **guard_state_out)
@@ -2091,7 +2105,8 @@ entry_guard_pick_for_circuit(guard_selection_t *gs,
*guard_state_out = NULL;
unsigned state = 0;
- entry_guard_t *guard = select_entry_guard_for_circuit(gs, rst, &state);
+ entry_guard_t *guard =
+ select_entry_guard_for_circuit(gs, usage, rst, &state);
if (! guard)
goto fail;
if (BUG(state == 0))
@@ -4986,6 +5001,7 @@ guards_choose_guard(cpath_build_state_t *state,
memcpy(rst->exclude_id, exit_id, DIGEST_LEN);
}
if (entry_guard_pick_for_circuit(get_guard_selection_info(),
+ GUARD_USAGE_TRAFFIC,
rst,
&r,
guard_state_out) < 0) {
@@ -5018,6 +5034,7 @@ guards_choose_dirguard(dirinfo_type_t info,
* microdescriptors. -NM */
const node_t *r = NULL;
if (entry_guard_pick_for_circuit(get_guard_selection_info(),
+ GUARD_USAGE_DIRGUARD,
NULL,
&r,
guard_state_out) < 0) {
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
index e2ae2561f3..c215c103ca 100644
--- a/src/or/entrynodes.h
+++ b/src/or/entrynodes.h
@@ -397,8 +397,16 @@ const char *entry_guard_get_rsa_id_digest(const entry_guard_t *guard);
const char *entry_guard_describe(const entry_guard_t *guard);
guard_pathbias_t *entry_guard_get_pathbias_state(entry_guard_t *guard);
+/** Enum to specify how we're going to use a given guard, when we're picking
+ * one for immediate use. */
+typedef enum {
+ GUARD_USAGE_TRAFFIC = 0,
+ GUARD_USAGE_DIRGUARD = 1
+} guard_usage_t;
+
void circuit_guard_state_free(circuit_guard_state_t *state);
int entry_guard_pick_for_circuit(guard_selection_t *gs,
+ guard_usage_t usage,
entry_guard_restriction_t *rst,
const node_t **chosen_node_out,
circuit_guard_state_t **guard_state_out);
@@ -477,6 +485,10 @@ int num_bridges_usable(void);
*/
#define DFLT_N_PRIMARY_GUARDS_TO_USE 1
/**
+ * As DFLT_N_PRIMARY_GUARDS, but for choosing which directory guard to use.
+ */
+#define DFLT_N_PRIMARY_DIR_GUARDS_TO_USE 3
+/**
* If we haven't successfully built or used a circuit in this long, then
* consider that the internet is probably down.
*/
@@ -511,7 +523,7 @@ STATIC int get_remove_unlisted_guards_after_days(void);
STATIC int get_guard_lifetime(void);
STATIC int get_guard_confirmed_min_lifetime(void);
STATIC int get_n_primary_guards(void);
-STATIC int get_n_primary_guards_to_use(void);
+STATIC int get_n_primary_guards_to_use(guard_usage_t usage);
STATIC int get_internet_likely_down_interval(void);
STATIC int get_nonprimary_guard_connect_timeout(void);
STATIC int get_nonprimary_guard_idle_timeout(void);
@@ -590,6 +602,7 @@ STATIC void sampled_guards_update_from_consensus(guard_selection_t *gs);
STATIC void entry_guards_note_guard_failure(guard_selection_t *gs,
entry_guard_t *guard);
STATIC entry_guard_t *select_entry_guard_for_circuit(guard_selection_t *gs,
+ guard_usage_t usage,
const entry_guard_restriction_t *rst,
unsigned *state_out);
STATIC void mark_primary_guards_maybe_reachable(guard_selection_t *gs);
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion