commit da82e0b5795c449f4442c87e065e9a60da4892a8
parent e2d8300c1060050dad9092e211c6753376b87ad6
Author: Nick Mathewson <nickm@torproject.org>
Date: Mon, 20 Nov 2017 14:29:50 -0500
Merge branch 'bug23817_031' into maint-0.3.2
Diffstat:
2 files changed, 15 insertions(+), 17 deletions(-)
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
@@ -966,7 +966,7 @@ entry_guard_learned_bridge_identity(const tor_addr_port_t *addrport,
* violate it.
*/
STATIC int
-num_reachable_filtered_guards(guard_selection_t *gs,
+num_reachable_filtered_guards(const guard_selection_t *gs,
const entry_guard_restriction_t *rst)
{
int n_reachable_filtered_guards = 0;
@@ -1472,30 +1472,28 @@ guard_create_exit_restriction(const uint8_t *exit_id)
return rst;
}
-/** If we have fewer than this many possible guards, don't set
- * MD-availability-based restrictions: we might blacklist all of
- * them. */
+/** If we have fewer than this many possible usable guards, don't set
+ * MD-availability-based restrictions: we might blacklist all of them. */
#define MIN_GUARDS_FOR_MD_RESTRICTION 10
/** Return true if we should set md dirserver restrictions. We might not want
- * to set those if our network is too restricted, since we don't want to
- * blacklist all our nodes. */
+ * to set those if our guard options are too restricted, since we don't want
+ * to blacklist all of them. */
static int
should_set_md_dirserver_restriction(void)
{
const guard_selection_t *gs = get_guard_selection_info();
+ int num_usable_guards = num_reachable_filtered_guards(gs, NULL);
- /* Compute the number of filtered guards */
- int n_filtered_guards = 0;
- SMARTLIST_FOREACH_BEGIN(gs->sampled_entry_guards, entry_guard_t *, guard) {
- if (guard->is_filtered_guard) {
- ++n_filtered_guards;
- }
- } SMARTLIST_FOREACH_END(guard);
+ /* Don't set restriction if too few reachable filtered guards. */
+ if (num_usable_guards < MIN_GUARDS_FOR_MD_RESTRICTION) {
+ log_info(LD_GUARD, "Not setting md restriction: only %d"
+ " usable guards.", num_usable_guards);
+ return 0;
+ }
- /* Do we have enough filtered guards that we feel okay about blacklisting
- * some for MD restriction? */
- return (n_filtered_guards >= MIN_GUARDS_FOR_MD_RESTRICTION);
+ /* We have enough usable guards: set MD restriction */
+ return 1;
}
/** Allocate and return an outdated md guard restriction. Return NULL if no
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
@@ -521,7 +521,7 @@ STATIC void entry_guard_consider_retry(entry_guard_t *guard);
STATIC void make_guard_confirmed(guard_selection_t *gs, entry_guard_t *guard);
STATIC void entry_guards_update_confirmed(guard_selection_t *gs);
STATIC void entry_guards_update_primary(guard_selection_t *gs);
-STATIC int num_reachable_filtered_guards(guard_selection_t *gs,
+STATIC int num_reachable_filtered_guards(const guard_selection_t *gs,
const entry_guard_restriction_t *rst);
STATIC void sampled_guards_update_from_consensus(guard_selection_t *gs);
/**
