[tor-commits] [tor/master] Do not automatically ignore Fast/Stable for exits when ExitNodes is set
nickm at torproject.org
nickm at torproject.org
Wed Apr 27 18:36:23 UTC 2011
commit 4851de554d5fc473cc9418b15bfb752e45b7d81d
Author: Nick Mathewson <nickm at torproject.org>
Date: Mon Mar 28 17:29:59 2011 -0400
Do not automatically ignore Fast/Stable for exits when ExitNodes is set
This once maybe made sense when ExitNodes meant "Here are 3 exits;
use them all", but now it more typically means "Here are 3
countries; exit from there." Using non-Fast/Stable exits created a
potential partitioning opportunity and an annoying stability
problem.
(Don't worry about the case where all of our ExitNodes are non-Fast
or non-Stable: we handle that later in the function by retrying with
need_capacity and need_uptime set to 0.)
---
changes/exitnodes_reliable | 7 +++++++
src/or/circuitbuild.c | 18 +++++-------------
2 files changed, 12 insertions(+), 13 deletions(-)
diff --git a/changes/exitnodes_reliable b/changes/exitnodes_reliable
new file mode 100644
index 0000000..62ef03a
--- /dev/null
+++ b/changes/exitnodes_reliable
@@ -0,0 +1,7 @@
+ o Minor features:
+ - If ExitNodes is set, still pay attention to the Fast/Stable
+ status of exits when picking exit nodes. (We used to ignore
+ these flags when ExitNodes was set, on the grounds that people
+ who set exitnodes wanted all of those nodes to get used, but
+ with the ability to pick exits by country and IP range, this
+ doesn't necessarily make sense any more.)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index b6627a0..714d636 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -2697,20 +2697,12 @@ choose_good_exit_server_general(routerlist_t *dir, int need_uptime,
continue; /* not one of our chosen exit nodes */
}
- if (router_is_unreliable(router, need_uptime, need_capacity, 0) &&
- !options->ExitNodes) {
- /* FFFF Someday, differentiate between a routerset that names
- * routers, and a routerset that names countries, and only do this
- * check if they've asked for specific exit relays. Or if the country
- * they ask for is rare. Or something. */
- /* XXX022-1090 We need to pick a tradeoff here: if we throw it out because
- * it's unreliable, users might end up with no exit options even
- * though some options are up. If we don't throw it out, users who
- * set ExitNodes will have partitioning problems because they'll be
- * the only folks willing to use this node. */
+ if (router_is_unreliable(router, need_uptime, need_capacity, 0)) {
n_supported[i] = -1;
- continue; /* skip routers that are not suitable, unless we have
- * ExitNodes set, in which case we asked for it */
+ continue; /* skip routers that are not suitable. Don't worry if
+ * this makes us reject all the possible routers: if so,
+ * we'll retry later in this function with need_update and
+ * need_capacity set to 0. */
}
if (!(router->is_valid || options->_AllowInvalid & ALLOW_INVALID_EXIT)) {
/* if it's invalid and we don't want it */
More information about the tor-commits
mailing list