From 18752bca5b57c11b6d843db671e1886ed0624848 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 11 Mar 2013 22:16:25 -0400 Subject: [PATCH] Drop the minimum guard lifetime back down to one month Mike believes that raising the default to 2 months with no way to lower it may create horrible load-balancing issues. --- doc/tor.1.txt | 2 +- src/or/circuitbuild.c | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 5639ad26d4..0c13a5c7d6 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -962,7 +962,7 @@ The following options are useful only for clients (that is, if **GuardLifetime** __N__ **days**|**weeks**|**months**:: If nonzero, and UseEntryGuards is set, minimum time to keep a guard before picking a new one. If zero, we use the GuardLifetime parameter from the - consensus directory. No value here may be less than 2 months or greater + consensus directory. No value here may be less than 1 month or greater than 5 years; out-of-range values are clamped. (Default: 0) **SafeSocks** **0**|**1**:: diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index f07d428829..d3a29fd0e3 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -4290,13 +4290,15 @@ entry_guard_free(entry_guard_t *e) /** * Return the minimum lifetime of working entry guard, in seconds, - * as given in the consensus networkstatus. + * as given in the consensus networkstatus. (Plus CHOSEN_ON_DATE_SLOP, + * so that we can do the chosen_on_date randomization while achieving the + * desired minimum lifetime.) */ static int32_t guards_get_lifetime(void) { const or_options_t *options = get_options(); -#define DFLT_GUARD_LIFETIME (86400 * 60) /* Two months. */ +#define DFLT_GUARD_LIFETIME (86400 * 30) /* One month. */ #define MIN_GUARD_LIFETIME (86400 * 60) /* Two months. */ #define MAX_GUARD_LIFETIME (86400 * 1826) /* Five years. */