Add configuration options for directory guards

In addition to all the other ways to make directory gurads not go,
you can now set UseEntryGuardsAsDirGuards to 0.

src/or/config.c

@@ -308,6 +308,7 @@ static config_var_t option_vars_[] = {
   OBSOLETE("NoPublish"),
   VAR("NodeFamily",              LINELIST, NodeFamilies,         NULL),
   V(NumCPUs,                     UINT,     "0"),
+  V(NumDirectoryGuards,          UINT,     "3"),
   V(NumEntryGuards,              UINT,     "3"),
   V(ORListenAddress,             LINELIST, NULL),
   VPORT(ORPort,                      LINELIST, NULL),
@@ -382,6 +383,7 @@ static config_var_t option_vars_[] = {
   V(UpdateBridgesFromAuthority,  BOOL,     "0"),
   V(UseBridges,                  BOOL,     "0"),
   V(UseEntryGuards,              BOOL,     "1"),
+  V(UseEntryGuardsAsDirGuards,   BOOL,     "1"),
   V(UseMicrodescriptors,         AUTOBOOL, "auto"),
   V(User,                        STRING,   NULL),
   V(UserspaceIOCPBuffers,        BOOL,     "0"),

src/or/directory.c

@@ -345,7 +345,7 @@ should_use_directory_guards(const or_options_t *options)
   /* If guards are disabled, or directory guards are disabled, we can't
    * use directory guards.
    */
-  if (!options->UseEntryGuards)
+  if (!options->UseEntryGuards || !options->UseEntryGuardsAsDirGuards)
     return 0;
   /* If we're configured to fetch directory info aggressively or of a
    * nonstandard type, don't use directory guards. */

src/or/entrynodes.c

@@ -400,10 +400,12 @@ static void
 pick_entry_guards(const or_options_t *options, int for_directory)
 {
   int changed = 0;
+  const int num_needed = for_directory ? options->NumDirectoryGuards :
+    options->NumEntryGuards;
 
   tor_assert(entry_guards);
 
-  while (num_live_entry_guards(for_directory) < options->NumEntryGuards) {
+  while (num_live_entry_guards(for_directory) < num_needed) {
     if (!add_an_entry_guard(NULL, 0, 0, for_directory))
       break;
     changed = 1;
@@ -861,6 +863,8 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
   int need_capacity = state ? state->need_capacity : 0;
   int preferred_min, consider_exit_family = 0;
   int need_descriptor = !for_directory;
+  const int num_needed = for_directory ? options->NumDirectoryGuards :
+    options->NumEntryGuards;
 
   /* Checking dirinfo_type isn't required yet, since we only choose directory
      guards that can support microdescs, routerinfos, and networkstatuses, AND
@@ -880,7 +884,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
     entry_guards_set_from_config(options);
 
   if (!entry_list_is_constrained(options) &&
-      smartlist_len(entry_guards) < options->NumEntryGuards)
+      smartlist_len(entry_guards) < num_needed)
     pick_entry_guards(options, for_directory);
 
  retry:
@@ -923,7 +927,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
          * guard list without needing to. */
         goto choose_and_finish;
       }
-      if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
+      if (smartlist_len(live_entry_guards) >= num_needed)
         goto choose_and_finish; /* we have enough */
   } SMARTLIST_FOREACH_END(entry);
 

src/or/or.h

@@ -3614,6 +3614,9 @@ typedef struct {
   int UseEntryGuards; /**< Boolean: Do we try to enter from a smallish number
                        * of fixed nodes? */
   int NumEntryGuards; /**< How many entry guards do we try to establish? */
+  int UseEntryGuardsAsDirGuards; /** Boolean: Do we try to get directory info
+                                  * from a smallish number of fixed nodes? */
+  int NumDirectoryGuards; /**< How many dir guards do we try to establish? */
   int RephistTrackTime; /**< How many seconds do we keep rephist info? */
   int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
                        * of our PK time by sending CREATE_FAST cells? */