Commit 7d1f675c authored by Roger Dingledine's avatar Roger Dingledine
Browse files

entry nodes are now entry guards.

this is our last easy chance for a wholesale change. heave ho.


svn:r5782
parent e27c47b6
This diff is collapsed.
......@@ -680,7 +680,7 @@ circuit_build_failed(circuit_t *circ)
"(%s:%d). I'm going to try to rotate to a better connection.",
n_conn->address, n_conn->port);
n_conn->is_obsolete = 1;
entry_node_set_status(n_conn->identity_digest, 0);
entry_guard_set_status(n_conn->identity_digest, 0);
}
}
......
......@@ -71,16 +71,21 @@ static config_abbrev_t _option_abbrevs[] = {
{ "ORBindAddress", "ORListenAddress", 0, 0},
{ "DirBindAddress", "DirListenAddress", 0, 0},
{ "SocksBindAddress", "SocksListenAddress", 0, 0},
{ "UseHelperNodes", "UseEntryNodes", 0, 0},
{ "NumHelperNodes", "NumEntryNodes", 0, 0},
{ "UseHelperNodes", "UseEntryGuards", 0, 0},
{ "NumHelperNodes", "NumEntryGuards", 0, 0},
{ "UseEntryNodes", "UseEntryGuards", 0, 0},
{ "NumEntryNodes", "NumEntryGuards", 0, 0},
{ NULL, NULL, 0, 0},
};
/* A list of state-file abbreviations, for compatibility. */
static config_abbrev_t _state_abbrevs[] = {
{ "AccountingBytesReadInterval", "AccountingBytesReadInInterval", 0, 0 },
{ "HelperNode", "EntryNode", 0, 0 },
{ "HelperNodeDownSince", "EntryNodeDownSince", 0, 0 },
{ "HelperNodeUnlistedSince", "EntryNodeUnlistedSince", 0, 0 },
{ "HelperNode", "EntryGuard", 0, 0 },
{ "HelperNodeDownSince", "EntryGuardDownSince", 0, 0 },
{ "HelperNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
{ "EntryNode", "EntryGuard", 0, 0 },
{ "EntryNodeDownSince", "EntryGuardDownSince", 0, 0 },
{ "EntryNodeUnlistedSince", "EntryGuardUnlistedSince", 0, 0 },
{ NULL, NULL, 0, 0},
};
#undef PLURAL
......@@ -179,7 +184,7 @@ static config_var_t _option_vars[] = {
VAR("NoPublish", BOOL, NoPublish, "0"),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
VAR("NumCpus", UINT, NumCpus, "1"),
VAR("NumEntryNodes", UINT, NumEntryNodes, "3"),
VAR("NumEntryGuards", UINT, NumEntryGuards, "3"),
VAR("ORListenAddress", LINELIST, ORListenAddress, NULL),
VAR("ORPort", UINT, ORPort, "0"),
VAR("OutboundBindAddress", STRING, OutboundBindAddress, NULL),
......@@ -212,7 +217,7 @@ static config_var_t _option_vars[] = {
VAR("TrackHostExits", CSV, TrackHostExits, NULL),
VAR("TrackHostExitsExpire",INTERVAL, TrackHostExitsExpire, "30 minutes"),
OBSOLETE("TrafficShaping"),
VAR("UseEntryNodes", BOOL, UseEntryNodes, "1"),
VAR("UseEntryGuards", BOOL, UseEntryGuards, "1"),
VAR("User", STRING, User, NULL),
VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir, "0"),
VAR("VersioningAuthoritativeDirectory",BOOL,VersioningAuthoritativeDir, "0"),
......@@ -232,10 +237,10 @@ static config_var_t _state_vars[] = {
VAR("AccountingExpectedUsage", MEMUNIT, AccountingExpectedUsage, NULL),
VAR("AccountingIntervalStart", ISOTIME, AccountingIntervalStart, NULL),
VAR("AccountingSecondsActive", INTERVAL, AccountingSecondsActive, NULL),
VAR("EntryNode", LINELIST_S, EntryNodes, NULL),
VAR("EntryNodeDownSince", LINELIST_S, EntryNodes, NULL),
VAR("EntryNodeUnlistedSince", LINELIST_S, EntryNodes, NULL),
VAR("EntryNodes", LINELIST_V, EntryNodes, NULL),
VAR("EntryGuard", LINELIST_S, EntryGuards, NULL),
VAR("EntryGuardDownSince", LINELIST_S, EntryGuards, NULL),
VAR("EntryGuardUnlistedSince", LINELIST_S, EntryGuards, NULL),
VAR("EntryGuards", LINELIST_V, EntryGuards, NULL),
VAR("BWHistoryReadEnds", ISOTIME, BWHistoryReadEnds, NULL),
VAR("BWHistoryReadInterval", UINT, BWHistoryReadInterval, NULL),
......@@ -283,11 +288,11 @@ static config_var_description_t state_description[] = {
{ "BWHistoryWriteInterval", "How long is each write-interval (in seconds)?"},
{ "BWHistoryWriteValues", "Number of bytes written in each interval." },
{ "EntryNode", "One of the nodes we have chosen as a fixed entry" },
{ "EntryNodeDownSince",
"The last entry node has been down since this time." },
{ "EntryNodeUnlistedSince",
"The last entry node has been unlisted since this time." },
{ "EntryGuard", "One of the nodes we have chosen as a fixed entry" },
{ "EntryGuardDownSince",
"The last entry guard has been down since this time." },
{ "EntryGuardUnlistedSince",
"The last entry guard has been unlisted since this time." },
{ "LastWritten", "When was this state file last regenerated?" },
{ "TorVersion", "Which version of Tor generated this state file?" },
......@@ -710,8 +715,8 @@ options_act(or_options_t *old_options)
/* Check for transitions that need action. */
if (old_options) {
if (options->UseEntryNodes && !old_options->UseEntryNodes) {
info(LD_CIRC,"Switching to entry nodes; abandoning previous circuits");
if (options->UseEntryGuards && !old_options->UseEntryGuards) {
info(LD_CIRC,"Switching to entry guards; abandoning previous circuits");
circuit_mark_all_unused_circs();
circuit_expire_all_dirty_circs();
}
......@@ -1937,10 +1942,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (!options->RecommendedServerVersions)
options->RecommendedServerVersions =
config_lines_dup(options->RecommendedVersions);
if (options->UseEntryNodes) {
if (options->UseEntryGuards) {
notice(LD_CONFIG, "Authoritative directory servers can't set "
"UseEntryNodes. Disabling.");
options->UseEntryNodes = 0;
"UseEntryGuards. Disabling.");
options->UseEntryGuards = 0;
}
}
......@@ -2170,8 +2175,8 @@ options_validate(or_options_t *old_options, or_options_t *options,
if (options->HashedControlPassword && options->CookieAuthentication)
REJECT("Cannot set both HashedControlPassword and CookieAuthentication");
if (options->UseEntryNodes && ! options->NumEntryNodes)
REJECT("Cannot enable UseEntryNodes with NumEntryNodes set to 0");
if (options->UseEntryGuards && ! options->NumEntryGuards)
REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");
if (check_nickname_list(options->ExitNodes, "ExitNodes"))
result = -1;
......@@ -3569,7 +3574,7 @@ or_state_validate(or_state_t *old_state, or_state_t *state, int from_setconf)
{
const char *err;
tor_version_t v;
if (entry_nodes_parse_state(state, 0, &err)<0) {
if (entry_guards_parse_state(state, 0, &err)<0) {
warn(LD_GENERAL, "Unable to parse entry nodes: %s", err);
return -1;
}
......@@ -3589,7 +3594,7 @@ or_state_set(or_state_t *new_state)
if (global_state)
config_free(&state_format, global_state);
global_state = new_state;
if (entry_nodes_parse_state(global_state, 1, &err)<0)
if (entry_guards_parse_state(global_state, 1, &err)<0)
warn(LD_GENERAL,"Unparseable helper nodes state: %s",err);
if (rep_hist_load_state(global_state, &err)<0)
warn(LD_GENERAL,"Unparseable bandwidth history state: %s",err);
......@@ -3666,7 +3671,7 @@ or_state_save(void)
tor_assert(global_state);
entry_nodes_update_state(global_state);
entry_guards_update_state(global_state);
rep_hist_update_state(global_state);
if (!global_state->dirty)
......
......@@ -346,7 +346,7 @@ connection_about_to_close_connection(connection_t *conn)
if (conn->state != OR_CONN_STATE_OPEN) {
if (connection_or_nonopen_was_started_here(conn)) {
rep_hist_note_connect_failed(conn->identity_digest, time(NULL));
entry_node_set_status(conn->identity_digest, 0);
entry_guard_set_status(conn->identity_digest, 0);
control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED);
}
} else if (conn->hold_open_until_flushed) {
......
......@@ -452,7 +452,7 @@ connection_or_connect(uint32_t addr, uint16_t port, const char *id_digest)
* Tor server. */
if (!options->HttpsProxy) {
router_mark_as_down(conn->identity_digest);
entry_node_set_status(conn->identity_digest, 0);
entry_guard_set_status(conn->identity_digest, 0);
}
control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED);
connection_free(conn);
......@@ -625,7 +625,7 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
"Identity key not as expected for router at %s:%d: wanted %s "
"but got %s",
conn->address, conn->port, expected, seen);
entry_node_set_status(conn->identity_digest, 0);
entry_guard_set_status(conn->identity_digest, 0);
control_event_or_conn_status(conn, OR_CONN_EVENT_FAILED);
as_advertised = 0;
}
......@@ -687,7 +687,7 @@ connection_tls_finish_handshake(connection_t *conn)
control_event_or_conn_status(conn, OR_CONN_EVENT_CONNECTED);
if (started_here) {
rep_hist_note_connect_succeeded(conn->identity_digest, time(NULL));
if (entry_node_set_status(conn->identity_digest, 1) < 0) {
if (entry_guard_set_status(conn->identity_digest, 1) < 0) {
/* pending circs get closed in circuit_about_to_close_connection() */
return -1;
}
......
......@@ -1248,7 +1248,7 @@ list_getinfo_options(void)
"desc/id/* Server descriptor by hex ID\n"
"desc/name/* Server descriptor by nickname.\n"
"desc/all-recent Latest server descriptor for every router\n"
"entry-nodes Which nodes will we use as entry nodes?\n"
"entry-guards Which nodes will we use as entry guards?\n"
"info/names List of GETINFO options, types, and documentation.\n"
"network-status List of hex IDs, nicknames, server statuses.\n"
"orconn-status Status of each current OR connection.\n"
......@@ -1270,9 +1270,9 @@ handle_getinfo_helper(const char *question, char **answer)
} else if (!strcmpstart(question, "accounting/")) {
return accounting_getinfo_helper(question, answer);
} else if (!strcmpstart(question, "helper-nodes")) { /* deprecated */
return entry_nodes_getinfo(question, answer);
} else if (!strcmpstart(question, "entry-nodes")) {
return entry_nodes_getinfo(question, answer);
return entry_guards_getinfo(question, answer);
} else if (!strcmpstart(question, "entry-guards")) {
return entry_guards_getinfo(question, answer);
} else if (!strcmpstart(question, "config/")) {
return config_getinfo_helper(question, answer);
} else if (!strcmp(question, "info/names")) {
......
......@@ -1483,7 +1483,7 @@ tor_free_all(int postfork)
dns_free_all();
clear_pending_onions();
circuit_free_all();
entry_nodes_free_all();
entry_guards_free_all();
connection_free_all();
if (!postfork) {
config_free_all();
......
......@@ -1361,9 +1361,9 @@ typedef struct {
* log whether it was DNS-leaking or not? */
int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware
* acceleration where available? */
int UseEntryNodes; /**< Boolean: Do we try to enter from a smallish number
* of fixed nodes? */
int NumEntryNodes; /**< How many helper nodes do we try to establish? */
int UseEntryGuards; /**< Boolean: Do we try to enter from a smallish number
* of fixed nodes? */
int NumEntryGuards; /**< How many entry guards do we try to establish? */
int RephistTrackTime; /**< How many seconds do we keep rephist info? */
int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
* of our PK time by sending CREATE_FAST cells? */
......@@ -1384,7 +1384,7 @@ typedef struct {
int AccountingSecondsActive;
uint64_t AccountingExpectedUsage;
config_line_t *EntryNodes;
config_line_t *EntryGuards;
time_t BWHistoryReadEnds;
int BWHistoryReadInterval;
......@@ -1484,14 +1484,14 @@ void extend_info_free(extend_info_t *info);
routerinfo_t *build_state_get_exit_router(cpath_build_state_t *state);
const char *build_state_get_exit_nickname(cpath_build_state_t *state);
void entry_nodes_set_status_from_directory(void);
int entry_node_set_status(const char *digest, int succeeded);
void entry_guards_set_status_from_directory(void);
int entry_guard_set_status(const char *digest, int succeeded);
void entry_nodes_should_be_added(void);
void entry_nodes_prepend_from_config(void);
void entry_nodes_update_state(or_state_t *state);
int entry_nodes_parse_state(or_state_t *state, int set, const char **err);
int entry_nodes_getinfo(const char *question, char **answer);
void entry_nodes_free_all(void);
void entry_guards_prepend_from_config(void);
void entry_guards_update_state(or_state_t *state);
int entry_guards_parse_state(or_state_t *state, int set, const char **err);
int entry_guards_getinfo(const char *question, char **answer);
void entry_guards_free_all(void);
/********************************* circuitlist.c ***********************/
......
......@@ -2757,7 +2757,7 @@ routers_update_all_from_networkstatus(void)
}
}
entry_nodes_set_status_from_directory();
entry_guards_set_status_from_directory();
if (!have_warned_about_old_version) {
int n_recent = 0;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment