[tor-commits] [tor/master] Remove UseDirectoryGuards
nickm at torproject.org
nickm at torproject.org
Fri Dec 16 16:42:18 UTC 2016
commit 3902a18a6976af2ceb2d6ca43266bf6154881621
Author: Nick Mathewson <nickm at torproject.org>
Date: Thu Dec 8 12:35:55 2016 -0500
Remove UseDirectoryGuards
It is obsoleted in an always-on direction by prop271.
---
changes/ticket20831 | 6 ++++++
doc/tor.1.txt | 9 ---------
src/or/config.c | 2 +-
src/or/directory.c | 5 ++---
src/or/or.h | 2 --
src/test/test_dir.c | 14 ++++----------
6 files changed, 13 insertions(+), 25 deletions(-)
diff --git a/changes/ticket20831 b/changes/ticket20831
new file mode 100644
index 0000000..cb4a3a3
--- /dev/null
+++ b/changes/ticket20831
@@ -0,0 +1,6 @@
+ o Removed features:
+ - The NumDirectoryGuards and UseDirectoryGuards torrc options are
+ no longer present: all users that use entry guards will also use
+ directory guards. Related to proposal 271; implements part of
+ ticket 20831.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 670c75d..6b59f08 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -1208,15 +1208,6 @@ The following options are useful only for clients (that is, if
Authorities, Single Onion Services, and Tor2web clients. In these cases,
the this option is ignored. (Default: 1)
-[[UseEntryGuardsAsDirGuards]] **UseEntryGuardsAsDirGuards** **0**|**1**::
- If this option is set to 1, and UseEntryGuards is also set to 1,
- we try to use our entry guards as directory
- guards, and failing that, pick more nodes to act as our directory guards.
- This helps prevent an adversary from enumerating clients. It's only
- available for clients (non-relay, non-bridge) that aren't configured to
- download any non-default directory material. It doesn't currently
- do anything when we lack a live consensus. (Default: 1)
-
[[GuardfractionFile]] **GuardfractionFile** __FILENAME__::
V3 authoritative directories only. Configures the location of the
guardfraction file which contains information about how long relays
diff --git a/src/or/config.c b/src/or/config.c
index 2ec96d3..e45ad94 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -495,7 +495,7 @@ static config_var_t option_vars_[] = {
V(UpdateBridgesFromAuthority, BOOL, "0"),
V(UseBridges, BOOL, "0"),
VAR("UseEntryGuards", BOOL, UseEntryGuards_option, "1"),
- V(UseEntryGuardsAsDirGuards, BOOL, "1"),
+ OBSOLETE("UseEntryGuardsAsDirGuards"),
V(UseGuardFraction, AUTOBOOL, "auto"),
V(UseMicrodescriptors, AUTOBOOL, "auto"),
OBSOLETE("UseNTorHandshake"),
diff --git a/src/or/directory.c b/src/or/directory.c
index 9c039a0..acae5de 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -442,10 +442,9 @@ should_use_directory_guards(const or_options_t *options)
/* Public (non-bridge) servers never use directory guards. */
if (public_server_mode(options))
return 0;
- /* If guards are disabled, or directory guards are disabled, we can't
- * use directory guards.
+ /* If guards are disabled, we can't use directory guards.
*/
- if (!options->UseEntryGuards || !options->UseEntryGuardsAsDirGuards)
+ if (!options->UseEntryGuards)
return 0;
/* If we're configured to fetch directory info aggressively or of a
* nonstandard type, don't use directory guards. */
diff --git a/src/or/or.h b/src/or/or.h
index 04ff548..ceeaff5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4070,8 +4070,6 @@ typedef struct {
int UseEntryGuards;
int NumEntryGuards; /**< How many entry guards do we try to establish? */
- int UseEntryGuardsAsDirGuards; /** Boolean: Do we try to get directory info
- * from a smallish number of fixed nodes? */
/** If 1, we use any guardfraction information we see in the
* consensus. If 0, we don't. If -1, let the consensus parameter
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 4ef421f..ed58ba5 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -4354,7 +4354,6 @@ test_dir_should_use_directory_guards(void *data)
tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
tt_int_op(CALLED(public_server_mode), OP_EQ, 1);
- options->UseEntryGuardsAsDirGuards = 1;
options->UseEntryGuards = 1;
options->DownloadExtraInfo = 0;
options->FetchDirInfoEarly = 0;
@@ -4368,29 +4367,24 @@ test_dir_should_use_directory_guards(void *data)
tt_int_op(CALLED(public_server_mode), OP_EQ, 3);
options->UseEntryGuards = 1;
- options->UseEntryGuardsAsDirGuards = 0;
- tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
- tt_int_op(CALLED(public_server_mode), OP_EQ, 4);
- options->UseEntryGuardsAsDirGuards = 1;
-
options->DownloadExtraInfo = 1;
tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
- tt_int_op(CALLED(public_server_mode), OP_EQ, 5);
+ tt_int_op(CALLED(public_server_mode), OP_EQ, 4);
options->DownloadExtraInfo = 0;
options->FetchDirInfoEarly = 1;
tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
- tt_int_op(CALLED(public_server_mode), OP_EQ, 6);
+ tt_int_op(CALLED(public_server_mode), OP_EQ, 5);
options->FetchDirInfoEarly = 0;
options->FetchDirInfoExtraEarly = 1;
tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
- tt_int_op(CALLED(public_server_mode), OP_EQ, 7);
+ tt_int_op(CALLED(public_server_mode), OP_EQ, 6);
options->FetchDirInfoExtraEarly = 0;
options->FetchUselessDescriptors = 1;
tt_int_op(should_use_directory_guards(options), OP_EQ, 0);
- tt_int_op(CALLED(public_server_mode), OP_EQ, 8);
+ tt_int_op(CALLED(public_server_mode), OP_EQ, 7);
options->FetchUselessDescriptors = 0;
done:
More information about the tor-commits
mailing list