Commit 5138f5ca authored Dec 07, 2015 by Arlo Breault Committed by Nick Mathewson Dec 08, 2015

Ensure node is a guard candidate when picking a directory guard

parent b0867fec

changes/bug17772

0 → 100644

+7 −0

Original line number	Diff line number	Diff line
		o Major bugfixes (guard selection):
		- Actually look at the Guard flag when selecting a new directory
		guard. When we implemented the directory guard design, we
		accidentally started treating all relays as if they have the Guard
		flag during guard selection, leading to weaker anonymity and worse
		performance. Fixes bug 17222; bugfix on 0.2.4.8-alpha. Discovered
		by Mohsen Imani.

src/or/routerlist.c

+8 −2

Original line number	Diff line number	Diff line
		@@ -1537,8 +1537,14 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
		if ((type & MICRODESC_DIRINFO) && !is_trusted &&
		!node->rs->version_supports_microdesc_cache)
		continue;
		if (for_guard && node->using_as_guard)
		continue; /* Don't make the same node a guard twice. */
		/* Don't make the same node a guard twice */
		if (for_guard && node->using_as_guard) {
		continue;
		}
		/* Ensure that a directory guard is actually a guard node. */
		if (for_guard && !node->is_possible_guard) {
		continue;
		}
		if (try_excluding &&
		routerset_contains_routerstatus(options->ExcludeNodes, status,
		country)) {