18 years ago · 56d3119581
--- a/ChangeLog
+++ b/ChangeLog
@@ -47,6 +47,12 @@ Changes in version 0.2.0.3-alpha - 2007-??-??
 
				   o Deprecated features:
			
 
				     - RedirectExits is now deprecated.
			
 
				 
			
 
				+  o Security fixes:
			
 
				+    - Directory authorities now call routers Fast if their bandwidth is
			
 
				+      at least 100KB/s, and consider their bandwidth adequate to be a
			
 
				+      Guard if it is at least 250KB/s. This fix complements proposal
			
 
				+      107. [Bugfix on 0.1.2.x]
			
 
				+
			
 
				   o Major bugfixes (directory):
			
 
				     - Fix a crash bug when router descriptors end at a 4096-byte boundary
			
 
				       on disk.  [Bugfix on 0.1.2.x]
			
@@ -191,7 +197,7 @@ Changes in version 0.2.0.1-alpha - 2007-06-01
 
				       Add a standalone tool to generate key certificates. (Proposal 103.)
			
 
				 
			
 
				   o Security fixes:
			
 
				-    - Directory authorities now call routers stable if they have an
			
 
				+    - Directory authorities now call routers Stable if they have an
			
 
				       uptime of at least 30 days, even if that's not the median uptime
			
 
				       in the network. Implements proposal 107, suggested by Kevin Bauer
			
 
				       and Damon McCoy.
			
--- a/doc/spec/dir-spec.txt
+++ b/doc/spec/dir-spec.txt
@@ -938,19 +938,19 @@ $Id$
 
				    it successfully within the last 30 minutes.
			
 
				 
			
 
				    "Stable" -- A router is 'Stable' if it is active, and either its
			
 
				-   uptime is at least the median uptime for known active routers, or
			
 
				+   uptime is at least the median uptime for known active routers or
			
 
				    its uptime is at least 30 days. Routers are never called stable if
			
 
				    they are running a version of Tor known to drop circuits stupidly.
			
 
				    (0.1.1.10-alpha through 0.1.1.16-rc are stupid this way.)
			
 
				 
			
 
				    "Fast" -- A router is 'Fast' if it is active, and its bandwidth is
			
 
				-   in the top 7/8ths for known active routers.
			
 
				+   either in the top 7/8ths for known active routers or at least 100KB/s.
			
 
				 
			
 
				    "Guard" -- A router is a possible 'Guard' if it is 'Stable' and its
			
 
				-   bandwidth is above median for known active routers. If the total
			
 
				-   bandwidth of active non-BadExit Exit servers is less than one third
			
 
				-   of the total bandwidth of all active servers, no Exit is listed as
			
 
				-   a Guard.
			
 
				+   bandwidth is either above median for known active routers or at least
			
 
				+   250KB/s. If the total bandwidth of active non-BadExit Exit servers
			
 
				+   is less than one third of the total bandwidth of all active servers,
			
 
				+   no Exit is listed as a Guard.
			
 
				 
			
 
				    "Authority" -- A router is called an 'Authority' if the authority
			
 
				    generating the network-status document believes it is an authority.
			
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1437,6 +1437,12 @@ should_generate_v2_networkstatus(void)
 
				  * network using allegedly high-uptime nodes, displacing all the
			
 
				  * current guards. */
			
 
				 #define UPTIME_TO_GUARANTEE_STABLE (3600*24*30)
			
 
				+/** Similarly, we protect sufficiently fast nodes from being pushed
			
 
				+ * out of the set of Fast nodes. */
			
 
				+#define BANDWIDTH_TO_GUARANTEE_FAST (100*1024)
			
 
				+/** Similarly, every node with sufficient bandwidth can be considered
			
 
				+ * for Guard status. */
			
 
				+#define BANDWIDTH_TO_GUARANTEE_GUARD (250*1024)
			
 
				 
			
 
				 /* Thresholds for server performance: set by
			
 
				  * dirserv_compute_performance_thresholds, and used by
			
@@ -1475,9 +1481,11 @@ dirserv_thinks_router_is_unreliable(time_t now,
 
				         (unsigned)uptime < UPTIME_TO_GUARANTEE_STABLE)
			
 
				       return 1;
			
 
				   }
			
 
				-  if (need_capacity &&
			
 
				-      router_get_advertised_bandwidth(router) < fast_bandwidth)
			
 
				-    return 1;
			
 
				+  if (need_capacity) {
			
 
				+    uint32_t bw = router_get_advertised_bandwidth(router);
			
 
				+    if (bw < fast_bandwidth && bw < BANDWIDTH_TO_GUARANTEE_FAST)
			
 
				+      return 1;
			
 
				+  }
			
 
				   return 0;
			
 
				 }
			
 
				 
			
@@ -1710,9 +1718,10 @@ set_routerstatus_from_routerinfo(routerstatus_t *rs,
 
				   rs->is_valid = ri->is_valid;
			
 
				   rs->is_possible_guard = rs->is_fast && rs->is_stable &&
			
 
				     (!rs->is_exit || exits_can_be_guards) &&
			
 
				-    router_get_advertised_bandwidth(ri) >=
			
 
				-    (exits_can_be_guards ? guard_bandwidth_including_exits :
			
 
				-     guard_bandwidth_excluding_exits);
			
 
				+    (router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
			
 
				+     router_get_advertised_bandwidth(ri) >=
			
 
				+     (exits_can_be_guards ? guard_bandwidth_including_exits :
			
 
				+      guard_bandwidth_excluding_exits));
			
 
				   rs->is_bad_exit = listbadexits && ri->is_bad_exit;
			
 
				   /* 0.1.1.9-alpha is the first version to support fetch by descriptor
			
 
				    * hash. */