Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge branch 'maint-0.2.4' into maint-0.2.5

Roger Dingledine 9 years ago
parent
5c200d9be2 71c62b15ca
commit
a4c641cce9
4 changed files with 29 additions and 10 deletions
Split View Show Diff Stats
  1. 6 0
      changes/ticket12688
  2. 6 2
      doc/tor.1.txt
  3. 1 4
      src/or/config.c
  4. 16 4
      src/or/entrynodes.c

+ 6 - 0
changes/ticket12688
View File 

@@ -0,0 +1,6 @@
 
+  Major features:
 
+    - Make the number of entry guards configurable via a new
 
+      NumEntryGuards consensus parameter, and the number of directory
 
+      guards configurable via a new NumDirectoryGuards consensus
 
+      parameter. Implements ticket 12688.
 
+

+ 6 - 2
doc/tor.1.txt
View File 

@@ -1092,12 +1092,16 @@ The following options are useful only for clients (that is, if
 
 
 [[NumEntryGuards]] **NumEntryGuards** __NUM__::
 
     If UseEntryGuards is set to 1, we will try to pick a total of NUM routers
 
-    as long-term entries for our circuits. (Default: 3)
 
+    as long-term entries for our circuits. If NUM is 0, we try to learn
 
+    the number from the NumEntryGuards consensus parameter, and default
 
+    to 3 if the consensus parameter isn't set. (Default: 0)
 
 
 [[NumDirectoryGuards]] **NumDirectoryGuards** __NUM__::
 
     If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
 
     have at least NUM routers to use as directory guards. If this option
 
-    is set to 0, use the value from NumEntryGuards. (Default: 0)
 
+    is set to 0, use the value from the NumDirectoryGuards consensus
 
+    parameter, falling back to the value from NumEntryGuards if the
 
+    consensus parameter is 0 or isn't set. (Default: 0)
 
 
 [[GuardLifetime]] **GuardLifetime**  __N__ **days**|**weeks**|**months**::
 
     If nonzero, and UseEntryGuards is set, minimum time to keep a guard before

+ 1 - 4
src/or/config.c
View File 

@@ -325,7 +325,7 @@ static config_var_t option_vars_[] = {
 
   VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
 
   V(NumCPUs,                     UINT,     "0"),
 
   V(NumDirectoryGuards,          UINT,     "0"),
 
-  V(NumEntryGuards,              UINT,     "3"),
 
+  V(NumEntryGuards,              UINT,     "0"),
 
   V(ORListenAddress,             LINELIST, NULL),
 
   VPORT(ORPort,                      LINELIST, NULL),
 
   V(OutboundBindAddress,         LINELIST,   NULL),
 
@@ -3251,9 +3251,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
 
              "have it group-readable.");
 
   }
 
 
-  if (options->UseEntryGuards && ! options->NumEntryGuards)
 
-    REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");
 
-
 
   if (options->MyFamily && options->BridgeRelay) {
 
     log_warn(LD_CONFIG, "Listing a family for a bridge relay is not "
 
              "supported: it can reveal bridge fingerprints to censors. "

+ 16 - 4
src/or/entrynodes.c
View File 

@@ -440,9 +440,20 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
 
 static int
 
 decide_num_guards(const or_options_t *options, int for_directory)
 
 {
 
-  if (for_directory && options->NumDirectoryGuards != 0)
 
-    return options->NumDirectoryGuards;
 
-  return options->NumEntryGuards;
 
+  if (for_directory) {
 
+    int answer;
 
+    if (options->NumDirectoryGuards != 0)
 
+      return options->NumDirectoryGuards;
 
+    answer = networkstatus_get_param(NULL, "NumDirectoryGuards", 0, 0, 10);
 
+    if (answer) /* non-zero means use the consensus value */
 
+      return answer;
 
+  }
 
+
 
+  if (options->NumEntryGuards)
 
+    return options->NumEntryGuards;
 
+
 
+  /* Use the value from the consensus, or 3 if no guidance. */
 
+  return networkstatus_get_param(NULL, "NumEntryGuards", 3, 1, 10);
 
 }
 
 
 /** If the use of entry guards is configured, choose more entry guards
 
@@ -841,6 +852,7 @@ entry_guards_set_from_config(const or_options_t *options)
 
 {
 
   smartlist_t *entry_nodes, *worse_entry_nodes, *entry_fps;
 
   smartlist_t *old_entry_guards_on_list, *old_entry_guards_not_on_list;
 
+  const int numentryguards = decide_num_guards(options, 0);
 
   tor_assert(entry_guards);
 
 
   should_add_entry_nodes = 0;
 
@@ -909,7 +921,7 @@ entry_guards_set_from_config(const or_options_t *options)
 
   /* Next, the rest of EntryNodes */
 
   SMARTLIST_FOREACH_BEGIN(entry_nodes, const node_t *, node) {
 
     add_an_entry_guard(node, 0, 0, 1, 0);
 
-    if (smartlist_len(entry_guards) > options->NumEntryGuards * 10)
 
+    if (smartlist_len(entry_guards) > numentryguards * 10)
 
       break;
 
   } SMARTLIST_FOREACH_END(node);
 
   log_notice(LD_GENERAL, "%d entries in guards", smartlist_len(entry_guards));