Commit 0f9dfef9 authored by Nick Mathewson's avatar Nick Mathewson 🎨
Browse files

Add configuration options for directory guards

In addition to all the other ways to make directory gurads not go,
you can now set UseEntryGuardsAsDirGuards to 0.
parent 0c4210fb
......@@ -308,6 +308,7 @@ static config_var_t option_vars_[] = {
OBSOLETE("NoPublish"),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
V(NumCPUs, UINT, "0"),
V(NumDirectoryGuards, UINT, "3"),
V(NumEntryGuards, UINT, "3"),
V(ORListenAddress, LINELIST, NULL),
VPORT(ORPort, LINELIST, NULL),
......@@ -382,6 +383,7 @@ static config_var_t option_vars_[] = {
V(UpdateBridgesFromAuthority, BOOL, "0"),
V(UseBridges, BOOL, "0"),
V(UseEntryGuards, BOOL, "1"),
V(UseEntryGuardsAsDirGuards, BOOL, "1"),
V(UseMicrodescriptors, AUTOBOOL, "auto"),
V(User, STRING, NULL),
V(UserspaceIOCPBuffers, BOOL, "0"),
......
......@@ -345,7 +345,7 @@ should_use_directory_guards(const or_options_t *options)
/* If guards are disabled, or directory guards are disabled, we can't
* use directory guards.
*/
if (!options->UseEntryGuards)
if (!options->UseEntryGuards || !options->UseEntryGuardsAsDirGuards)
return 0;
/* If we're configured to fetch directory info aggressively or of a
* nonstandard type, don't use directory guards. */
......
......@@ -400,10 +400,12 @@ static void
pick_entry_guards(const or_options_t *options, int for_directory)
{
int changed = 0;
const int num_needed = for_directory ? options->NumDirectoryGuards :
options->NumEntryGuards;
tor_assert(entry_guards);
while (num_live_entry_guards(for_directory) < options->NumEntryGuards) {
while (num_live_entry_guards(for_directory) < num_needed) {
if (!add_an_entry_guard(NULL, 0, 0, for_directory))
break;
changed = 1;
......@@ -861,6 +863,8 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
int need_capacity = state ? state->need_capacity : 0;
int preferred_min, consider_exit_family = 0;
int need_descriptor = !for_directory;
const int num_needed = for_directory ? options->NumDirectoryGuards :
options->NumEntryGuards;
/* Checking dirinfo_type isn't required yet, since we only choose directory
guards that can support microdescs, routerinfos, and networkstatuses, AND
......@@ -880,7 +884,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
entry_guards_set_from_config(options);
if (!entry_list_is_constrained(options) &&
smartlist_len(entry_guards) < options->NumEntryGuards)
smartlist_len(entry_guards) < num_needed)
pick_entry_guards(options, for_directory);
retry:
......@@ -923,7 +927,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
* guard list without needing to. */
goto choose_and_finish;
}
if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
if (smartlist_len(live_entry_guards) >= num_needed)
goto choose_and_finish; /* we have enough */
} SMARTLIST_FOREACH_END(entry);
......
......@@ -3614,6 +3614,9 @@ typedef struct {
int UseEntryGuards; /**< Boolean: Do we try to enter from a smallish number
* of fixed nodes? */
int NumEntryGuards; /**< How many entry guards do we try to establish? */
int UseEntryGuardsAsDirGuards; /** Boolean: Do we try to get directory info
* from a smallish number of fixed nodes? */
int NumDirectoryGuards; /**< How many dir guards do we try to establish? */
int RephistTrackTime; /**< How many seconds do we keep rephist info? */
int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
* of our PK time by sending CREATE_FAST cells? */
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment