Don't expand guard sample set unless consensus is "reasonably live" (32e486de) · Commits · The Tor Project / Core / Tor

changes/bug22400_01

0 → 100644

+4 −0

Original line number	Diff line number	Diff line
		o Major bugfixes (entry guards):
		- When starting with an old consensus, do not add new entry guards
		unless the consensus is "reasonably live" (under 1 day old). Fixes
		one root cause of bug 22400; bugfix on 0.3.0.1-alpha.

+15 −0

Original line number	Diff line number	Diff line
		@@ -1104,6 +1104,21 @@ entry_guards_expand_sample(guard_selection_t *gs)
		{
		tor_assert(gs);
		const or_options_t *options = get_options();

		if (gs->type != GS_TYPE_BRIDGE) {
		networkstatus_t *consensus = networkstatus_get_latest_consensus();
		time_t now = approx_time();
		if (consensus == NULL) {
		log_info(LD_GUARD, "Not expanding the sample guard set; we have "
		"no consensus.");
		return NULL;
		} else if (!networkstatus_consensus_reasonably_live(consensus, now)) {
		log_info(LD_GUARD, "Not expanding the sample guard set; we have "
		"a consensus, but it is far too old.");
		return NULL;
		}
		}

		int n_sampled = smartlist_len(gs->sampled_entry_guards);
		entry_guard_t *added_guard = NULL;
		int n_usable_filtered_guards = num_reachable_filtered_guards(gs, NULL);