Browse Source

Wrap all of the legacy guard code, and its users, in #ifdefs

This will make it easier to see what we remove down the line.
Nick Mathewson 7 years ago
parent
commit
6867950432

+ 8 - 0
src/or/bridges.c

@@ -743,7 +743,11 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache)
                    (int) bridge->port);
       }
       if (get_options()->UseDeprecatedGuardAlgorithm) {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
         add_bridge_as_entry_guard(get_guard_selection_info(), node);
+#else
+        tor_assert_nonfatal_unreached();
+#endif
       } else {
         entry_guard_learned_bridge_identity(&bridge->addrport_configured,
                                (const uint8_t*)ri->cache_info.identity_digest);
@@ -754,8 +758,12 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache)
       /* set entry->made_contact so if it goes down we don't drop it from
        * our entry node list */
       if (get_options()->UseDeprecatedGuardAlgorithm) {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
         entry_guard_register_connect_status(ri->cache_info.identity_digest,
                                             1, 0, now);
+#else
+        tor_assert_nonfatal_unreached();
+#endif
       }
       if (first) {
         routerlist_retry_directory_downloads(now);

+ 2 - 0
src/or/channel.c

@@ -2538,6 +2538,7 @@ channel_do_open_actions(channel_t *chan)
   if (started_here) {
     circuit_build_times_network_is_live(get_circuit_build_times_mutable());
     rep_hist_note_connect_succeeded(chan->identity_digest, now);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     // XXXX prop271 this call is no longer useful with the new algorithm.
     if (entry_guard_register_connect_status(
           chan->identity_digest, 1, 0, now) < 0) {
@@ -2549,6 +2550,7 @@ channel_do_open_actions(channel_t *chan)
                 "connection so we can retry the earlier entry guards.");
       close_origin_circuits = 1;
     }
+#endif
     router_set_status(chan->identity_digest, 1);
   } else {
     /* only report it to the geoip module if it's not a known router */

+ 6 - 0
src/or/circpathbias.c

@@ -1279,7 +1279,10 @@ pathbias_measure_use_rate(entry_guard_t *guard)
                  tor_lround(pb->timeouts),
                  tor_lround(get_circuit_build_close_time_ms()/1000));
           pb->path_bias_disabled = 1;
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
+          // XXXX
           entry_guard_mark_bad(guard);
+#endif
           return;
         }
       } else if (!pb->path_bias_use_extreme) {
@@ -1385,7 +1388,10 @@ pathbias_measure_close_rate(entry_guard_t *guard)
                  tor_lround(pb->timeouts),
                  tor_lround(get_circuit_build_close_time_ms()/1000));
           pb->path_bias_disabled = 1;
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
+          // XXXX
           entry_guard_mark_bad(guard);
+#endif
           return;
         }
       } else if (!pb->path_bias_extreme) {

+ 2 - 0
src/or/circuitbuild.c

@@ -2277,6 +2277,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state,
      * family. */
     nodelist_add_node_and_family(excluded, node);
   }
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   /* and exclude current entry guards and their families,
    * unless we're in a test network, and excluding guards
    * would exclude all nodes (i.e. we're in an incredibly small tor network,
@@ -2295,6 +2296,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state,
         }
       });
   }
+#endif
 
   if (state) {
     if (state->need_uptime)

+ 7 - 9
src/or/circuituse.c

@@ -550,16 +550,14 @@ circuit_expire_building(void)
                                       == CPATH_STATE_OPEN;
           log_info(LD_CIRC,
                  "No circuits are opened. Relaxing timeout for circuit %d "
-                 "(a %s %d-hop circuit in state %s with channel state %s). "
-                 "%d guards are live.",
+                 "(a %s %d-hop circuit in state %s with channel state %s).",
                  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
                  circuit_purpose_to_string(victim->purpose),
                  TO_ORIGIN_CIRCUIT(victim)->build_state ?
                    TO_ORIGIN_CIRCUIT(victim)->build_state->desired_path_len :
                    -1,
                  circuit_state_to_string(victim->state),
-                 channel_state_to_string(victim->n_chan->state),
-                 num_live_entry_guards(0));
+                 channel_state_to_string(victim->n_chan->state));
 
           /* We count the timeout here for CBT, because technically this
            * was a timeout, and the timeout value needs to reset if we
@@ -577,7 +575,7 @@ circuit_expire_building(void)
                  "No circuits are opened. Relaxed timeout for circuit %d "
                  "(a %s %d-hop circuit in state %s with channel state %s) to "
                  "%ldms. However, it appears the circuit has timed out "
-                 "anyway. %d guards are live.",
+                 "anyway.",
                  TO_ORIGIN_CIRCUIT(victim)->global_identifier,
                  circuit_purpose_to_string(victim->purpose),
                  TO_ORIGIN_CIRCUIT(victim)->build_state ?
@@ -585,8 +583,7 @@ circuit_expire_building(void)
                    -1,
                  circuit_state_to_string(victim->state),
                  channel_state_to_string(victim->n_chan->state),
-                 (long)build_close_ms,
-                 num_live_entry_guards(0));
+                 (long)build_close_ms);
       }
     }
 
@@ -1655,8 +1652,10 @@ circuit_build_failed(origin_circuit_t *circ)
       /* New guard API: we failed. */
       if (circ->guard_state)
         entry_guard_failed(&circ->guard_state);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
       /* Old guard API: we failed. */
       entry_guard_register_connect_status(n_chan_id, 0, 1, time(NULL));
+#endif
       /* if there are any one-hop streams waiting on this circuit, fail
        * them now so they can retry elsewhere. */
       connection_ap_fail_onehop(n_chan_id, circ->build_state);
@@ -1966,7 +1965,7 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
       int severity = LOG_NOTICE;
       /* Retry some stuff that might help the connection work. */
       if (entry_list_is_constrained(options) &&
-          entries_known_but_down(options)) {
+          guards_retry_optimistic(options)) {
         log_fn(severity, LD_APP|LD_DIR,
                "Application request when we haven't %s. "
                "Optimistically trying known %s again.",
@@ -1974,7 +1973,6 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
                "used client functionality lately" :
                "received a consensus with exits",
                options->UseBridges ? "bridges" : "entrynodes");
-        entries_retry_all(options);
       } else if (!options->UseBridges || any_bridge_descriptors_known()) {
         log_fn(severity, LD_APP|LD_DIR,
                "Application request when we haven't %s. "

+ 9 - 0
src/or/config.c

@@ -2116,11 +2116,13 @@ options_act(const or_options_t *old_options)
     rep_hist_desc_stats_term();
 
   /* Check if we need to parse and add the EntryNodes config option. */
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   if (options->EntryNodes &&
       (!old_options ||
        !routerset_equal(old_options->EntryNodes,options->EntryNodes) ||
        !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes)))
     entry_nodes_should_be_added();
+#endif
 
   /* Since our options changed, we might need to regenerate and upload our
    * server descriptor.
@@ -3040,6 +3042,13 @@ options_validate(or_options_t *old_options, or_options_t *options,
 
   warn_about_relative_paths(options);
 
+#ifndef ENABLE_LEGACY_GUARD_ALGORITHM
+  if (options->UseDeprecatedGuardAlgorithm) {
+    log_warn(LD_CONFIG, "DeprecatedGuardAlgorithm not supported.");
+    return -1;
+  }
+#endif
+
   if (server_mode(options) &&
       (!strcmpstart(uname, "Windows 95") ||
        !strcmpstart(uname, "Windows 98") ||

+ 4 - 0
src/or/connection_or.c

@@ -737,9 +737,11 @@ connection_or_about_to_close(or_connection_t *or_conn)
       rep_hist_note_connect_failed(or_conn->identity_digest, now);
       /* Tell the new guard API about the channel failure */
       entry_guard_chan_failed(TLS_CHAN_TO_BASE(or_conn->chan));
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
       /* Tell the old guard API about the channel failure */
       entry_guard_register_connect_status(or_conn->identity_digest,0,
                                           !options->HTTPSProxy, now);
+#endif
       if (conn->state >= OR_CONN_STATE_TLS_HANDSHAKING) {
         int reason = tls_error_to_orconn_end_reason(or_conn->tls_error);
         control_event_or_conn_status(or_conn, OR_CONN_EVENT_FAILED,
@@ -1678,9 +1680,11 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
            conn->base_.address, conn->base_.port, expected, seen, extra_log);
     /* Tell the new guard API about the channel failure */
     entry_guard_chan_failed(TLS_CHAN_TO_BASE(conn->chan));
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     /* Tell the old guard API about the channel failure */
     entry_guard_register_connect_status(conn->identity_digest, 0, 1,
                                         time(NULL));
+#endif
     control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED,
                                  END_OR_CONN_REASON_OR_IDENTITY);
     if (!authdir_mode_tests_reachability(options))

+ 5 - 0
src/or/control.c

@@ -4041,12 +4041,17 @@ handle_control_dropguards(control_connection_t *conn,
   smartlist_split_string(args, body, " ",
                          SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   if (smartlist_len(args)) {
     connection_printf_to_buf(conn, "512 Too many arguments to DROPGUARDS\r\n");
   } else {
     remove_all_entry_guards();
     send_control_done(conn);
   }
+#else
+  // XXXX
+  connection_printf_to_buf(conn, "512 not supported\r\n");
+#endif
 
   SMARTLIST_FOREACH(args, char *, cp, tor_free(cp));
   smartlist_free(args);

+ 87 - 4
src/or/entrynodes.c

@@ -149,11 +149,13 @@ static guard_selection_t *curr_guard_context = NULL;
  * and those changes need to be flushed to disk. */
 static int entry_guards_dirty = 0;
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 static const node_t *choose_random_entry_impl(guard_selection_t *gs,
                                               cpath_build_state_t *state,
                                               int for_directory,
                                               dirinfo_type_t dirtype,
                                               int *n_options_out);
+#endif
 static void entry_guard_set_filtered_flags(const or_options_t *options,
                                            guard_selection_t *gs,
                                            entry_guard_t *guard);
@@ -228,7 +230,9 @@ guard_selection_new(const char *name,
   gs = tor_malloc_zero(sizeof(*gs));
   gs->name = tor_strdup(name);
   gs->type = type;
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   gs->chosen_entry_guards = smartlist_new();
+#endif
   gs->sampled_entry_guards = smartlist_new();
   gs->confirmed_entry_guards = smartlist_new();
   gs->primary_entry_guards = smartlist_new();
@@ -298,6 +302,7 @@ get_guard_selection_info(void)
   return curr_guard_context;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Return the list of entry guards for a guard_selection_t, creating it
  * if necessary. */
 const smartlist_t *
@@ -324,6 +329,7 @@ entry_guard_mark_bad(entry_guard_t *guard)
   guard->bad_since = approx_time();
   entry_guards_changed();
 }
+#endif
 
 /** Return a statically allocated human-readable description of <b>guard</b>
  */
@@ -2831,6 +2837,7 @@ entry_guards_load_guards_from_state(or_state_t *state, int set)
 /* XXXXX prop271 ----- end of new-for-prop271 code ----- */
 /* XXXXX ----------------------------------------------- */
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /**
  * @name Constants for old (pre-prop271) guard selection algorithm.
  */
@@ -3109,6 +3116,7 @@ num_live_entry_guards(int for_directory)
   return num_live_entry_guards_for_guard_selection(
       get_guard_selection_info(), for_directory);
 }
+#endif
 
 /** If <b>digest</b> matches the identity of any node in the
  * entry_guards list for the provided guard selection state,
@@ -3123,11 +3131,12 @@ entry_guard_get_by_id_digest_for_guard_selection(guard_selection_t *gs,
                     if (tor_memeq(digest, entry->identity, DIGEST_LEN))
                       return entry;
                    );
-
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, entry,
                     if (tor_memeq(digest, entry->identity, DIGEST_LEN))
                       return entry;
                    );
+#endif
   return NULL;
 }
 
@@ -3150,6 +3159,7 @@ entry_guard_get_by_id_digest(const char *digest)
       get_guard_selection_info(), digest);
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Dump a description of our list of entry guards in the given guard
  * selection context to the log at level <b>severity</b>. */
 static void
@@ -3375,6 +3385,7 @@ pick_entry_guards(guard_selection_t *gs,
   if (changed)
     entry_guards_changed_for_guard_selection(gs);
 }
+#endif
 
 /** Release all storage held by <b>e</b>. */
 STATIC void
@@ -3383,7 +3394,9 @@ entry_guard_free(entry_guard_t *e)
   if (!e)
     return;
   entry_guard_handles_clear(e);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   tor_free(e->chosen_by_version);
+#endif
   tor_free(e->sampled_by_version);
   tor_free(e->extra_state_fields);
   tor_free(e->selection_name);
@@ -3391,6 +3404,7 @@ entry_guard_free(entry_guard_t *e)
   tor_free(e);
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Remove from a guard selection context any entry guard which was selected
  * by an unknown version of Tor, or which was selected by a version of Tor
  * that's known to select entry guards badly, or which was selected more 2
@@ -3869,6 +3883,7 @@ entry_guards_set_from_config(guard_selection_t *gs,
   smartlist_free(old_entry_guards_not_on_list);
   entry_guards_changed_for_guard_selection(gs);
 }
+#endif
 
 /** Return 0 if we're fine adding arbitrary routers out of the
  * directory to our entry guard list, or return 1 if we have a
@@ -3877,6 +3892,7 @@ entry_guards_set_from_config(guard_selection_t *gs,
 int
 entry_list_is_constrained(const or_options_t *options)
 {
+  // XXXX prop271 look at the current selection.
   if (options->EntryNodes)
     return 1;
   if (options->UseBridges)
@@ -3884,6 +3900,7 @@ entry_list_is_constrained(const or_options_t *options)
   return 0;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Pick a live (up and listed) entry guard from entry_guards. If
  * <b>state</b> is non-NULL, this is for a specific circuit --
  * make sure not to pick this circuit's exit or any node in the
@@ -3910,6 +3927,7 @@ choose_random_dirguard(dirinfo_type_t type)
   return choose_random_entry_impl(get_guard_selection_info(),
                                   NULL, 1, type, NULL);
 }
+#endif
 
 /** Return the number of bridges that have descriptors that are marked with
  * purpose 'bridge' and are running.
@@ -3920,10 +3938,13 @@ num_bridges_usable(void)
   int n_options = 0;
 
   if (get_options()->UseDeprecatedGuardAlgorithm) {
-
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     tor_assert(get_options()->UseBridges);
     (void) choose_random_entry_impl(get_guard_selection_info(),
                                     NULL, 0, 0, &n_options);
+#else
+    tor_assert_nonfatal_unreached();
+#endif
   } else {
     /* XXXX prop271 Is this quite right? */
     tor_assert(get_options()->UseBridges);
@@ -3944,6 +3965,7 @@ num_bridges_usable(void)
   return n_options;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Filter <b>all_entry_guards</b> for usable entry guards and put them
  * in <b>live_entry_guards</b>. We filter based on whether the node is
  * currently alive, and on whether it satisfies the restrictions
@@ -4156,6 +4178,7 @@ choose_random_entry_impl(guard_selection_t *gs,
   smartlist_free(live_entry_guards);
   return node;
 }
+#endif
 
 static void
 pathbias_check_use_success_count(entry_guard_t *node)
@@ -4199,6 +4222,7 @@ pathbias_check_close_success_count(entry_guard_t *node)
   }
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Parse <b>state</b> and learn about the entry guards it describes.
  * If <b>set</b> is true, and there are no errors, replace the guard
  * list in the provided guard selection context with what we find.
@@ -4452,6 +4476,7 @@ entry_guards_parse_state_for_guard_selection(
   digestmap_free(added_by, tor_free_);
   return *msg ? -1 : 0;
 }
+#endif
 
 /** Parse <b>state</b> and learn about the entry guards it describes.
  * If <b>set</b> is true, and there are no errors, replace the guard
@@ -4466,9 +4491,13 @@ entry_guards_parse_state(or_state_t *state, int set, char **msg)
 
   int r1 = entry_guards_load_guards_from_state(state, set);
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   int r2 = entry_guards_parse_state_for_guard_selection(
       get_guard_selection_by_name("legacy", GS_TYPE_LEGACY, 1),
       state, set, msg);
+#else
+   int r2 = 0;
+#endif
 
   entry_guards_dirty = 0;
 
@@ -4530,8 +4559,6 @@ entry_guards_changed(void)
 void
 entry_guards_update_state(or_state_t *state)
 {
-  config_line_t **next, *line;
-
   entry_guards_dirty = 0;
 
   // Handles all non-legacy guard info.
@@ -4539,6 +4566,9 @@ entry_guards_update_state(or_state_t *state)
 
   entry_guards_dirty = 0;
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
+  config_line_t **next, *line;
+
   guard_selection_t *gs;
   gs = get_guard_selection_by_name("legacy", GS_TYPE_LEGACY, 0);
   if (!gs)
@@ -4612,6 +4642,7 @@ entry_guards_update_state(or_state_t *state)
       }
 
   } SMARTLIST_FOREACH_END(e);
+#endif
   if (!get_options()->AvoidDiskWrites)
     or_state_mark_dirty(get_or_state(), 0);
   entry_guards_dirty = 0;
@@ -4634,11 +4665,18 @@ getinfo_helper_entry_guards(control_connection_t *conn,
   guard_selection_t *gs = get_guard_selection_info();
 
   tor_assert(gs != NULL);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   tor_assert(gs->chosen_entry_guards != NULL);
+#else
+  // XXXX
+  (void)question;
+  (void)answer;
+#endif
 
   (void) conn;
   (void) errmsg;
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   if (!strcmp(question,"entry-guards") ||
       !strcmp(question,"helper-nodes")) {
     smartlist_t *sl = smartlist_new();
@@ -4683,6 +4721,7 @@ getinfo_helper_entry_guards(control_connection_t *conn,
     SMARTLIST_FOREACH(sl, char *, c, tor_free(c));
     smartlist_free(sl);
   }
+#endif
   return 0;
 }
 
@@ -4721,6 +4760,7 @@ guard_get_guardfraction_bandwidth(guardfraction_bandwidth_t *guardfraction_bw,
   guardfraction_bw->non_guard_bw = orig_bandwidth - (int) guard_bw;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Returns true iff the node is used as a guard in the specified guard
  * context */
 int
@@ -4819,6 +4859,7 @@ entries_retry_all(const or_options_t *options)
   tor_assert(entry_list_is_constrained(options));
   entries_retry_helper(options, 1);
 }
+#endif
 
 /** Helper: Update the status of all entry guards, in whatever algorithm
  * is used. Return true if we should stop using all previously generated
@@ -4833,7 +4874,11 @@ guards_update_all(void)
   tor_assert(curr_guard_context);
 
   if (curr_guard_context->type == GS_TYPE_LEGACY) {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     entry_guards_compute_status(get_options(), approx_time());
+#else
+    tor_assert_nonfatal_unreached();
+#endif
   } else {
     if (entry_guards_update_all(curr_guard_context))
       mark_circuits = 1;
@@ -4849,7 +4894,12 @@ guards_choose_guard(cpath_build_state_t *state,
                    circuit_guard_state_t **guard_state_out)
 {
   if (get_options()->UseDeprecatedGuardAlgorithm) {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     return choose_random_entry(state);
+#else
+    tor_assert_nonfatal_unreached();
+    return NULL;
+#endif
   } else {
     const node_t *r = NULL;
     const uint8_t *exit_id = NULL;
@@ -4877,7 +4927,13 @@ guards_choose_dirguard(dirinfo_type_t info,
                       circuit_guard_state_t **guard_state_out)
 {
   if (get_options()->UseDeprecatedGuardAlgorithm) {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     return choose_random_dirguard(info);
+#else
+    (void)info;
+    tor_assert_nonfatal_unreached();
+    return NULL;
+#endif
   } else {
     /* XXXX prop271 We don't need to look at the dirinfo_type_t here,
      * apparently. If you look at the old implementation, and you follow info
@@ -4897,6 +4953,31 @@ guards_choose_dirguard(dirinfo_type_t info,
   }
 }
 
+/**
+ * If we're running with a constrained guard set, then maybe mark our guards
+ * usable.  Return 1 if we do; 0 if we don't.
+ */
+int
+guards_retry_optimistic(const or_options_t *options)
+{
+  if (! entry_list_is_constrained(options))
+    return 0;
+
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
+  if (options->UseDeprecatedGuardAlgorithm) {
+    if (entries_known_but_down(options)) {
+      entries_retry_all(options);
+      return 1;
+    }
+  }
+#endif
+
+  // XXXX prop271 -- is this correct?
+  mark_primary_guards_maybe_reachable(get_guard_selection_info());
+
+  return 1;
+}
+
 /** Free one guard selection context */
 STATIC void
 guard_selection_free(guard_selection_t *gs)
@@ -4905,12 +4986,14 @@ guard_selection_free(guard_selection_t *gs)
 
   tor_free(gs->name);
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   if (gs->chosen_entry_guards) {
     SMARTLIST_FOREACH(gs->chosen_entry_guards, entry_guard_t *, e,
                       entry_guard_free(e));
     smartlist_free(gs->chosen_entry_guards);
     gs->chosen_entry_guards = NULL;
   }
+#endif
 
   if (gs->sampled_entry_guards) {
     SMARTLIST_FOREACH(gs->sampled_entry_guards, entry_guard_t *, e,

+ 26 - 0
src/or/entrynodes.h

@@ -28,6 +28,11 @@ typedef struct circuit_guard_state_t circuit_guard_state_t;
    private. */
 typedef struct entry_guard_restriction_t entry_guard_restriction_t;
 
+/*
+  XXXX Prop271 undefine this in order to disable all legacy guard functions.
+*/
+#define ENABLE_LEGACY_GUARD_ALGORITHM
+
 /* Information about a guard's pathbias status.
  * These fields are used in circpathbias.c to try to detect entry
  * nodes that are failing circuits at a suspicious frequency.
@@ -174,6 +179,7 @@ struct entry_guard_t {
   guard_selection_t *in_selection;
   /**@}*/
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   /**
    * @name legacy guard selection algorithm fields
    *
@@ -202,6 +208,7 @@ struct entry_guard_t {
                           * at which we last failed to connect to it. */
 
   /**}@*/
+#endif
 
   /** Path bias information for this guard. */
   guard_pathbias_t pb;
@@ -298,6 +305,7 @@ struct guard_selection_s {
    * confirmed_entry_guards receive? */
   int next_confirmed_idx;
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   /**
    * A list of our chosen entry guards, as entry_guard_t structures; this
    * preserves the pre-Prop271 behavior.
@@ -310,6 +318,7 @@ struct guard_selection_s {
    * preserves the pre-Prop271 behavior.
    */
   int should_add_entry_nodes;
+#endif
 };
 
 struct entry_guard_handle_t;
@@ -369,9 +378,11 @@ entry_guard_t *entry_guard_get_by_id_digest(const char *digest);
 void entry_guards_changed_for_guard_selection(guard_selection_t *gs);
 void entry_guards_changed(void);
 guard_selection_t * get_guard_selection_info(void);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 const smartlist_t *get_entry_guards_for_guard_selection(
     guard_selection_t *gs);
 const smartlist_t *get_entry_guards(void);
+#endif
 int num_live_entry_guards_for_guard_selection(
     guard_selection_t *gs,
     int for_directory);
@@ -379,7 +390,9 @@ int num_live_entry_guards(int for_directory);
 #endif
 
 const node_t *entry_guard_find_node(const entry_guard_t *guard);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 void entry_guard_mark_bad(entry_guard_t *guard);
+#endif
 const char *entry_guard_get_rsa_id_digest(const entry_guard_t *guard);
 const char *entry_guard_describe(const entry_guard_t *guard);
 guard_pathbias_t *entry_guard_get_pathbias_state(entry_guard_t *guard);
@@ -408,8 +421,10 @@ void entry_guards_note_internet_connectivity(guard_selection_t *gs);
 int update_guard_selection_choice(const or_options_t *options);
 
 /* Used by bridges.c only. */
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 void add_bridge_as_entry_guard(guard_selection_t *gs,
                                const node_t *chosen);
+#endif
 int num_bridges_usable(void);
 
 #ifdef ENTRYNODES_PRIVATE
@@ -568,6 +583,7 @@ STATIC unsigned entry_guards_note_guard_success(guard_selection_t *gs,
                                                 unsigned old_state);
 STATIC int entry_guard_has_higher_priority(entry_guard_t *a, entry_guard_t *b);
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 // ---------- XXXX this stuff is pre-prop271.
 
 STATIC const node_t *add_an_entry_guard(guard_selection_t *gs,
@@ -599,16 +615,20 @@ STATIC const node_t *entry_is_live(const entry_guard_t *e,
                                    const char **msg);
 
 STATIC int entry_is_time_to_retry(const entry_guard_t *e, time_t now);
+#endif
 
 #endif
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 void remove_all_entry_guards_for_guard_selection(guard_selection_t *gs);
 void remove_all_entry_guards(void);
+#endif
 
 struct bridge_info_t;
 void entry_guard_learned_bridge_identity(const tor_addr_port_t *addrport,
                                          const uint8_t *rsa_id_digest);
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 void entry_guards_compute_status_for_guard_selection(
     guard_selection_t *gs, const or_options_t *options, time_t now);
 void entry_guards_compute_status(const or_options_t *options, time_t now);
@@ -619,9 +639,13 @@ int entry_guard_register_connect_status(const char *digest, int succeeded,
                                         int mark_relay_status, time_t now);
 void entry_nodes_should_be_added_for_guard_selection(guard_selection_t *gs);
 void entry_nodes_should_be_added(void);
+#endif
 int entry_list_is_constrained(const or_options_t *options);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 const node_t *choose_random_entry(cpath_build_state_t *state);
 const node_t *choose_random_dirguard(dirinfo_type_t t);
+#endif
+int guards_retry_optimistic(const or_options_t *options);
 int entry_guards_parse_state_for_guard_selection(
     guard_selection_t *gs, or_state_t *state, int set, char **msg);
 int entry_guards_parse_state(or_state_t *state, int set, char **msg);
@@ -629,9 +653,11 @@ void entry_guards_update_state(or_state_t *state);
 int getinfo_helper_entry_guards(control_connection_t *conn,
                                 const char *question, char **answer,
                                 const char **errmsg);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 int is_node_used_as_guard_for_guard_selection(guard_selection_t *gs,
                                               const node_t *node);
 MOCK_DECL(int, is_node_used_as_guard, (const node_t *node));
+#endif
 
 int entries_known_but_down(const or_options_t *options);
 void entries_retry_all(const or_options_t *options);

+ 6 - 0
src/or/routerlist.c

@@ -2003,6 +2003,10 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags,
   int try_excluding = 1, n_excluded = 0, n_busy = 0;
   int try_ip_pref = 1;
 
+#ifndef ENABLE_LEGACY_GUARD_ALGORITHM
+  tor_assert_nonfatal(! for_guard);
+#endif
+
   if (!consensus)
     return NULL;
 
@@ -2038,10 +2042,12 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags,
     if ((type & EXTRAINFO_DIRINFO) &&
         !router_supports_extrainfo(node->identity, is_trusted_extrainfo))
       continue;
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
     /* Don't make the same node a guard twice */
      if (for_guard && is_node_used_as_guard(node)) {
        continue;
      }
+#endif
     /* Ensure that a directory guard is actually a guard node. */
     if (for_guard && !node->is_possible_guard) {
       continue;

+ 16 - 4
src/test/test_entrynodes.c

@@ -45,6 +45,7 @@ get_or_state_replacement(void)
   return dummy_state;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /* Unittest cleanup function: Cleanup the fake network. */
 static int
 fake_network_cleanup(const struct testcase_t *testcase, void *ptr)
@@ -77,6 +78,7 @@ fake_network_setup(const struct testcase_t *testcase)
   /* Return anything but NULL (it's interpreted as test fail) */
   return dummy_state;
 }
+#endif
 
 static networkstatus_t *dummy_consensus = NULL;
 
@@ -200,6 +202,7 @@ mock_get_options(void)
   return &mocked_options;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 /** Test choose_random_entry() with none of our routers being guard nodes. */
 static void
 test_choose_random_entry_no_guards(void *arg)
@@ -888,6 +891,7 @@ test_entry_is_live(void *arg)
  done:
   ; /* XXX */
 }
+#endif
 
 #define TEST_IPV4_ADDR "123.45.67.89"
 #define TEST_IPV6_ADDR "[1234:5678:90ab:cdef::]"
@@ -1471,8 +1475,12 @@ test_entry_guard_parse_from_state_broken(void *arg)
   tt_int_op(smartlist_len(gs_df->sampled_entry_guards), OP_EQ, 1);
   guard_selection_t *gs_legacy =
     get_guard_selection_by_name("legacy", GS_TYPE_LEGACY, 0);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   tt_assert(gs_legacy != NULL);
   tt_int_op(smartlist_len(gs_legacy->chosen_entry_guards), OP_EQ, 0);
+#else
+  tt_assert(gs_legacy == NULL);
+#endif
 
  done:
   config_free_lines(lines);
@@ -2455,7 +2463,7 @@ test_entry_guard_select_for_circuit_no_confirmed(void *arg)
   // if we mark that guard down, we should get a different primary guard.
   // auto-retry it.
   g->is_reachable = GUARD_REACHABLE_NO;
-  g->unreachable_since = approx_time() - 10;
+  g->failing_since = approx_time() - 10;
   g->last_tried_to_connect = approx_time() - 10;
   state = 9999;
   g2 = select_entry_guard_for_circuit(gs, NULL, &state);
@@ -2469,7 +2477,7 @@ test_entry_guard_select_for_circuit_no_confirmed(void *arg)
 
   // If we say that the first primary guard was last tried a long time ago, we
   // should get an automatic retry on it.
-  g->unreachable_since = approx_time() - 72*60*60;
+  g->failing_since = approx_time() - 72*60*60;
   g->last_tried_to_connect = approx_time() - 72*60*60;
   state = 9999;
   g2 = select_entry_guard_for_circuit(gs, NULL, &state);
@@ -2484,7 +2492,7 @@ test_entry_guard_select_for_circuit_no_confirmed(void *arg)
   SMARTLIST_FOREACH(gs->primary_entry_guards, entry_guard_t *, guard, {
     guard->is_reachable = GUARD_REACHABLE_NO;
     guard->last_tried_to_connect = approx_time() - 5;
-    guard->unreachable_since = approx_time() - 30;
+    guard->failing_since = approx_time() - 30;
   });
   state = 9999;
   g2 = select_entry_guard_for_circuit(gs, NULL, &state);
@@ -2503,7 +2511,7 @@ test_entry_guard_select_for_circuit_no_confirmed(void *arg)
     tt_assert(guard->is_usable_filtered_guard == 1);
     // no change to these fields.
     tt_i64_op(guard->last_tried_to_connect, OP_EQ, approx_time() - 5);
-    tt_i64_op(guard->unreachable_since, OP_EQ, approx_time() - 30);
+    tt_i64_op(guard->failing_since, OP_EQ, approx_time() - 30);
   });
 
   /* Let's try again and we should get the first primary guard again */
@@ -3334,9 +3342,11 @@ test_enty_guard_should_expire_waiting(void *arg)
   tor_free(fake_state);
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 static const struct testcase_setup_t fake_network = {
   fake_network_setup, fake_network_cleanup
 };
+#endif
 
 static const struct testcase_setup_t big_fake_network = {
   big_fake_network_setup, big_fake_network_cleanup
@@ -3354,6 +3364,7 @@ static const struct testcase_setup_t upgrade_circuits = {
       (void*)(arg) }
 
 struct testcase_t entrynodes_tests[] = {
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   { "entry_is_time_to_retry", test_entry_is_time_to_retry,
     TT_FORK, NULL, NULL },
   { "choose_random_entry_no_guards", test_choose_random_entry_no_guards,
@@ -3379,6 +3390,7 @@ struct testcase_t entrynodes_tests[] = {
   { "entry_is_live",
     test_entry_is_live,
     TT_FORK, &fake_network, NULL },
+#endif
   { "node_preferred_orport",
     test_node_preferred_orport,
     0, NULL, NULL },

+ 10 - 0
src/test/test_routerlist.c

@@ -204,6 +204,7 @@ mock_usable_consensus_flavor(void)
   return mock_usable_consensus_flavor_value;
 }
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
 static smartlist_t *mock_is_guard_list = NULL;
 
 static int
@@ -250,6 +251,7 @@ clear_mock_guard_list(void)
     mock_is_guard_list = NULL;
   }
 }
+#endif
 
 static void
 test_router_pick_directory_server_impl(void *arg)
@@ -271,7 +273,9 @@ test_router_pick_directory_server_impl(void *arg)
   (void)arg;
 
   MOCK(usable_consensus_flavor, mock_usable_consensus_flavor);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   MOCK(is_node_used_as_guard, mock_is_node_used_as_guard);
+#endif
 
   /* With no consensus, we must be bootstrapping, regardless of time or flavor
    */
@@ -384,6 +388,7 @@ test_router_pick_directory_server_impl(void *arg)
   node_router1->is_valid = 1;
   node_router3->is_valid = 1;
 
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   flags |= PDS_FOR_GUARD;
   mark_node_used_as_guard(node_router1);
   mark_node_used_as_guard(node_router2);
@@ -397,8 +402,10 @@ test_router_pick_directory_server_impl(void *arg)
   rs = NULL;
   mark_node_unused_as_guard(node_router2);
   mark_node_unused_as_guard(node_router3);
+#endif
 
   /* One not valid, one guard. This should leave one remaining */
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   node_router1->is_valid = 0;
   mark_node_used_as_guard(node_router2);
   rs = router_pick_directory_server_impl(V3_DIRINFO, flags, NULL);
@@ -407,6 +414,7 @@ test_router_pick_directory_server_impl(void *arg)
   rs = NULL;
   node_router1->is_valid = 1;
   mark_node_unused_as_guard(node_router2);
+#endif
 
   /* Manipulate overloaded */
 
@@ -469,8 +477,10 @@ test_router_pick_directory_server_impl(void *arg)
 
  done:
   UNMOCK(usable_consensus_flavor);
+#ifdef ENABLE_LEGACY_GUARD_ALGORITHM
   UNMOCK(is_node_used_as_guard);
   clear_mock_guard_list();
+#endif
 
   if (router1_id)
     tor_free(router1_id);