Guard selection time and expiry

Roger Dingledine arma at mit.edu
Tue Jan 19 05:58:58 UTC 2010


On Tue, Jan 19, 2010 at 12:29:34AM -0500, Roger Dingledine wrote:
> Option 2: Rather than writing "2010-01-01 00:00:00", pick a random time
> in January. Then expire the guard 45 days after this random time. Minimum
> time to keep a guard is 0.5 months (on Jan 31 I randomly choose to record
> Jan 1, and then I discard it on Feb 15), maximum time is 2.5 months (on
> Jan 1 I write down Jan 31, and discard it on Mar 15), expected time is
> 1.5 months.
[snip]
> So I'm going to go with option 2. Unless anybody else has clever ideas?

The code in either case is really easy. Here's a patch on master:
(I realize that not all months have 30 days, but I think the assumption
doesn't hurt anything here. Also, I realize there's another place where
we pick a chosen_on_date, but I think that's an edge case that can
be ignored. And thirdly, I think this patch could go into maint-0.2.1
safely; in any case, the right time for it to go in is alongside the
patch to bug 1217.)

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 7eafeb3..d27a47d 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -3022,7 +3022,10 @@ add_an_entry_guard(routerinfo_t *chosen, int reset_status
   log_info(LD_CIRC, "Chose '%s' as new entry guard.", router->nickname);
   strlcpy(entry->nickname, router->nickname, sizeof(entry->nickname));
   memcpy(entry->identity, router->cache_info.identity_digest, DIGEST_LEN);
-  entry->chosen_on_date = start_of_month(time(NULL));
+  /* Choose expiry time smudged over this month. For details, see
+   * http://archives.seul.org/or/dev/Jan-2010/msg00004.html */
+  entry->chosen_on_date = start_of_month(time(NULL)) +
+                          crypto_rand_int(3600*24*30);
   entry->chosen_by_version = tor_strdup(VERSION);
   if (chosen) /* prepend */
     smartlist_insert(entry_guards, 0, entry);
@@ -3074,7 +3077,7 @@ static int
 remove_obsolete_entry_guards(void)
 {
   int changed = 0, i;
-  time_t this_month = start_of_month(time(NULL));
+  time_t now = time(NULL);

   for (i = 0; i < smartlist_len(entry_guards); ++i) {
     entry_guard_t *entry = smartlist_get(entry_guards, i);
@@ -3094,9 +3097,8 @@ remove_obsolete_entry_guards(void)
                 !tor_version_as_new_as(ver, "0.2.0.6-alpha"))) {
       msg = "was selected without regard for guard bandwidth";
       version_is_bad = 1;
-    } else if (entry->chosen_on_date + 3600*24*35 < this_month) {
-      /* It's been more than a month, and probably more like two since
-       * chosen_on_date is clipped to the beginning of its month. */
+    } else if (entry->chosen_on_date + 3600*24*45 < now) {
+      /* It's been 1.5 months since the date listed in our state file. */
       msg = "was selected several months ago";
       date_is_bad = 1;
     }



More information about the tor-dev mailing list