Guard selection time and expiry
Roger Dingledine
arma at mit.edu
Tue Jan 19 05:58:58 UTC 2010
On Tue, Jan 19, 2010 at 12:29:34AM -0500, Roger Dingledine wrote:
> Option 2: Rather than writing "2010-01-01 00:00:00", pick a random time
> in January. Then expire the guard 45 days after this random time. Minimum
> time to keep a guard is 0.5 months (on Jan 31 I randomly choose to record
> Jan 1, and then I discard it on Feb 15), maximum time is 2.5 months (on
> Jan 1 I write down Jan 31, and discard it on Mar 15), expected time is
> 1.5 months.
[snip]
> So I'm going to go with option 2. Unless anybody else has clever ideas?
The code in either case is really easy. Here's a patch on master:
(I realize that not all months have 30 days, but I think the assumption
doesn't hurt anything here. Also, I realize there's another place where
we pick a chosen_on_date, but I think that's an edge case that can
be ignored. And thirdly, I think this patch could go into maint-0.2.1
safely; in any case, the right time for it to go in is alongside the
patch to bug 1217.)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 7eafeb3..d27a47d 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -3022,7 +3022,10 @@ add_an_entry_guard(routerinfo_t *chosen, int reset_status
log_info(LD_CIRC, "Chose '%s' as new entry guard.", router->nickname);
strlcpy(entry->nickname, router->nickname, sizeof(entry->nickname));
memcpy(entry->identity, router->cache_info.identity_digest, DIGEST_LEN);
- entry->chosen_on_date = start_of_month(time(NULL));
+ /* Choose expiry time smudged over this month. For details, see
+ * http://archives.seul.org/or/dev/Jan-2010/msg00004.html */
+ entry->chosen_on_date = start_of_month(time(NULL)) +
+ crypto_rand_int(3600*24*30);
entry->chosen_by_version = tor_strdup(VERSION);
if (chosen) /* prepend */
smartlist_insert(entry_guards, 0, entry);
@@ -3074,7 +3077,7 @@ static int
remove_obsolete_entry_guards(void)
{
int changed = 0, i;
- time_t this_month = start_of_month(time(NULL));
+ time_t now = time(NULL);
for (i = 0; i < smartlist_len(entry_guards); ++i) {
entry_guard_t *entry = smartlist_get(entry_guards, i);
@@ -3094,9 +3097,8 @@ remove_obsolete_entry_guards(void)
!tor_version_as_new_as(ver, "0.2.0.6-alpha"))) {
msg = "was selected without regard for guard bandwidth";
version_is_bad = 1;
- } else if (entry->chosen_on_date + 3600*24*35 < this_month) {
- /* It's been more than a month, and probably more like two since
- * chosen_on_date is clipped to the beginning of its month. */
+ } else if (entry->chosen_on_date + 3600*24*45 < now) {
+ /* It's been 1.5 months since the date listed in our state file. */
msg = "was selected several months ago";
date_is_bad = 1;
}
More information about the tor-dev
mailing list