aboutsummaryrefslogtreecommitdiff
path: root/src/or/entrynodes.c
AgeCommit message (Collapse)Author
2017-03-27Merge remote-tracking branch 'origin/maint-0.3.0'Nick Mathewson
2017-03-27Fix max sampled size logic when in bridge mode.George Kadianakis
When calculating max sampled size, Tor would only count the number of bridges in torrc, without considering that our state file might already have sampled bridges in it. This caused problems when people swap bridges, since the following error would trigger: [warn] Not expanding the guard sample any further; just hit the maximum sample threshold of 1
2017-03-15Run the copyright update script.Nick Mathewson
2017-03-09Revert "Restore correct behavior of 0.3.0.4-rc with bridges+ipv6-min"George Kadianakis
This reverts commit 5298ab59170be74aed20e04e5378ec66eef6476e.
2017-03-01Restore correct behavior of 0.3.0.4-rc with bridges+ipv6-minNick Mathewson
In that chutney test, the bridge client is configured to connect to the same bridge at 127.0.0.1:5003 _and_ at [::1]:5003, with no change in transports. That meant, I think, that the descriptor is only assigned to the first bridge when it arrives, and never the second.
2017-03-01Improve descriptor checks in the new guard algorithm.George Kadianakis
- Make sure we check at least two guards for descriptor before making circuits. We typically use the first primary guard for circuits, but it can also happen that we use the second primary guard (e.g. if we pick our first primary guard as an exit), so we should make sure we have descriptors for both of them. - Remove BUG() from the guard_has_descriptor() check since we now know that this can happen in rare but legitimate situations as well, and we should just move to the next guard in that case.
2017-02-28Change approach to preventing duplicate guards.Nick Mathewson
Previously I'd made a bad assumption in the implementation of prop271 in 0.3.0.1-alpha: I'd assumed that there couldn't be two guards with the same identity. That's true for non-bridges, but in the bridge case, we allow two bridges to have the same ID if they have different addr:port combinations -- in order to have the same bridge ID running multiple PTs. Fortunately, this assumption wasn't deeply ingrained: we stop enforcing the "one guard per ID" rule in the bridge case, and instead enforce "one guard per <id,addr,port>". We also needed to tweak our implementation of get_bridge_info_for_guard, since it made the same incorrect assumption. Fixes bug 21027; bugfix on 0.3.0.1-alpha.
2017-02-14Replace entry_guard_get_by_id_digest_for_guard_selection impl.Nick Mathewson
We already implemented this whole function somewhere else; no need to have the same code twice.
2017-02-09whoops, removed a semicolon :(Nick Mathewson
2017-02-09One more prop271 XXX.Nick Mathewson
2017-02-09Update some more XXXXprop271 comments to refer to actual tickets or to be ↵Nick Mathewson
up-to-date
2017-02-09Remove an XXXprop271 comment: turns out we didn't need a tristateNick Mathewson
2017-02-09Change "prop271" in XXXXs about guard Ed identity to refer to #20872.Nick Mathewson
2017-02-01Merge remote-tracking branch 'asn/bug21052'Nick Mathewson
2017-02-01Merge branch 'bug21242'Nick Mathewson
2017-02-01Merge remote-tracking branch 'public/bug21129'Nick Mathewson
2017-01-31When marking guard state instances on a channel, don't mark NULLNick Mathewson
It's okay for guard_state to be null: we might have a fallback circuit, or we might not be using guards. Fixes bug 211228; bugfix on 0.3.0.1-alpha
2017-01-31Don't try to use confirmed_idx in remove_guard_from_...lists()Nick Mathewson
Since we can call this function more than once before we update all the confirmed_idx fields, we can't rely on all the relays having an accurate confirmed_idx. Fixes bug 21129; bugfix on 0.3.0.1-alpha
2017-01-31Don't build circuits till primary guards have descriptorsNick Mathewson
In addition to not wanting to build circuits until we can see most of the paths in the network, and in addition to not wanting to build circuits until we have a consensus ... we shouldn't build circuits till all of our (in-use) primary guards have descriptors that we can use for them. This is another bug 21242 fix.
2017-01-31Don't (usually) return any guards that are missing descriptors.Nick Mathewson
Actually, it's _fine_ to use a descriptorless guard for fetching directory info -- we just shouldn't use it when building circuits. Fortunately, we already have a "usage" flag that we can use here. Partial fix for bug 21242.
2017-01-31entry_guard_pick_for_circuit(): TRAFFIC guards must have descriptorsNick Mathewson
This relates to the 21242 fix -- entry_guard_pick_for_circuit() should never yield nodes without descriptors when the node is going to be used for traffic, since we won't be able to extend through them.
2017-01-30entrynodes: Remove "split these functions" XXXXsNick Mathewson
They now have a ticket: #21349.
2017-01-30Remove prop271 "spec deviation" comments -- the spec has been updatedNick Mathewson
In some cases, replace those comments with better ones.
2017-01-24Repair the (deprecated, ugly) DROPGUARDS controller function.Nick Mathewson
This actually is much easier to write now that guard_selection_t is first-class.
2017-01-24Remove some more remnants of legacy guard selection.George Kadianakis
2017-01-18Remove argument from guards_choose_dirguardNick Mathewson
2017-01-18Remove some now-spurious blocks and indentation.Nick Mathewson
2017-01-18Remove GS_TYPE_LEGACYNick Mathewson
2017-01-18Remove UseDeprecatedGuardAlgorithm.Nick Mathewson
2017-01-18Remove the (no longer compiled) code for legacy guard selection.Nick Mathewson
Part of 20830.
2017-01-17prop271: Move new funcs to top, to avoid compiler warnings.George Kadianakis
2017-01-17prop271: When we exhaust all guards, mark all of them for retry.George Kadianakis
In the past, when we exhausted all guards in our sampled set, we just waited there till we mark a guard for retry again (usually takes 10 mins for a primary guard, 1 hour for a non-primary guard). This patch marks all guards as maybe-reachable when we exhaust all guards (this can happen when network is down for some time).
2017-01-02Make GETINFO entry-guards work again with prop271Nick Mathewson
This is not a great solution, but it's as close to backward-compatible as possible. A better GETINFO API should expose more information.
2016-12-16Rename 'remove' -> 'rmv' to avoid shadowing a libc globalNick Mathewson
2016-12-16Resolve a division-by-zero complaint from coverity. CID 1397272Nick Mathewson
2016-12-16Merge branch 'ticket20831_v2'Nick Mathewson
2016-12-16Make NumDirectoryGuards work with the new guard algorithm.Nick Mathewson
Now that we support NumEntryGuards, NumDirectoryGuards is pretty easy to put back in.
2016-12-16Make NumEntryGuards work as expected again.Nick Mathewson
Further, add a "guard-n-primary-guards-to-use" parameter, defaulting to 1, for NumEntryGuards to override.
2016-12-16271: Algorithm tweak to allow multiple entry guards.Nick Mathewson
Previously, we had NumEntryGuards kind of hardwired to 1. Now we have the code (but not the configuarability) to choose randomly from among the first N primary guards that would work, where N defaults to 1. Part of 20831 support for making NumEntryGuards work again.
2016-12-16Respect GuardLifetime in prop271 code.Nick Mathewson
It overrides both the GUARD_LIFETIME and the GUARD_CONFIRMED_MIN_LIFETIME options.
2016-12-16Merge branch 'ticket20826_v2'Nick Mathewson
2016-12-16Support restrictive ENTRYNODES configurations correctly.Nick Mathewson
Since we already had a separate function for getting the universe of possible guards, all we had to do was tweak it to handle very the GS_TYPE_RESTRICTED case.
2016-12-16guard->nickname is never NULL.Nick Mathewson
2016-12-16Merge branch 'prop271_030_v1_squashed'Nick Mathewson
2016-12-16Per suggestion, increase the retry frequency for primary guards.Nick Mathewson
2016-12-16Rewrite state transition logic in entry_guards_note_success()Nick Mathewson
asn found while testing that this function can be reached with GUARD_STATE_COMPLETE circuits; I believe this happens when cannibalization occurs. The added complexity of handling one more state made it reasonable to turn the main logic here into a switch statement.
2016-12-16Add a separate, non-fractional, limit to the sampled guard set size.Nick Mathewson
Letting the maximum sample size grow proportionally to the number of guards defeats its purpose to a certain extent. Noted by asn during code review. Fixes bug 20920; bug not in any released (or merged) version of Tor.
2016-12-16Clean check for live consensus when updating the guard sample.Nick Mathewson
The valid_until check was redundant.
2016-12-16Move a TODO comment into doxygen comments.Nick Mathewson
2016-12-16Easy code fixes.George Kadianakis
- Correctly maintain the previous guard selection in choose_guard_selection(). - Print bridge identifier instead of nothing in entry_guard_describe()._