[tor-commits] [tor/maint-0.2.7] Ensure node is a guard candidate when picking a directory guard
nickm at torproject.org
nickm at torproject.org
Tue Dec 8 15:23:50 UTC 2015
commit 5138f5ca6957166febe98d5b6841936d7c20d0ad
Author: Arlo Breault <arlolra at gmail.com>
Date: Mon Dec 7 20:28:26 2015 -0800
Ensure node is a guard candidate when picking a directory guard
---
changes/bug17772 | 7 +++++++
src/or/routerlist.c | 10 ++++++++--
2 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/changes/bug17772 b/changes/bug17772
new file mode 100644
index 0000000..54d457c
--- /dev/null
+++ b/changes/bug17772
@@ -0,0 +1,7 @@
+ o Major bugfixes (guard selection):
+ - Actually look at the Guard flag when selecting a new directory
+ guard. When we implemented the directory guard design, we
+ accidentally started treating all relays as if they have the Guard
+ flag during guard selection, leading to weaker anonymity and worse
+ performance. Fixes bug 17222; bugfix on 0.2.4.8-alpha. Discovered
+ by Mohsen Imani.
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 8fe496b..9ad763c 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1537,8 +1537,14 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
if ((type & MICRODESC_DIRINFO) && !is_trusted &&
!node->rs->version_supports_microdesc_cache)
continue;
- if (for_guard && node->using_as_guard)
- continue; /* Don't make the same node a guard twice. */
+ /* Don't make the same node a guard twice */
+ if (for_guard && node->using_as_guard) {
+ continue;
+ }
+ /* Ensure that a directory guard is actually a guard node. */
+ if (for_guard && !node->is_possible_guard) {
+ continue;
+ }
if (try_excluding &&
routerset_contains_routerstatus(options->ExcludeNodes, status,
country)) {
More information about the tor-commits
mailing list