nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-30 23:53:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add a separate, non-fractional, limit to the sampled guard set size.

Browse Source 
Letting the maximum sample size grow proportionally to the number of
guards defeats its purpose to a certain extent.  Noted by asn during
code review.

Fixes bug 20920; bug not in any released (or merged) version of Tor.
This commit is contained in:
Nick Mathewson 2016-12-08 10:02:19 -05:00
parent e50d85b90c
commit 2e2f3a4d99
2 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/or/entrynodes.c
View File

@ -401,6 +401,16 @@ get_max_sample_threshold(void)
1, 100); 1, 100);
return pct / 100.0; return pct / 100.0;
} }
/**
* We never let our sampled guard set grow larger than this number.
*/
STATIC int
get_max_sample_size_absolute(void)
{
return (int) networkstatus_get_param(NULL, "guard-max-sample-size",
DFLT_MAX_SAMPLE_SIZE,
1, INT32_MAX);
}
/** /**
* We always try to make our sample contain at least this many guards. * We always try to make our sample contain at least this many guards.
* *
@ -937,7 +947,9 @@ get_max_sample_size(guard_selection_t *gs,
if (using_bridges) if (using_bridges)
return n_guards; return n_guards;
const int max_sample = (int)(n_guards * get_max_sample_threshold()); const int max_sample_by_pct = (int)(n_guards * get_max_sample_threshold());
const int max_sample_absolute = get_max_sample_size_absolute();
const int max_sample = MIN(max_sample_by_pct, max_sample_absolute);
if (max_sample < min_sample) // XXXX prop271 spec deviation if (max_sample < min_sample) // XXXX prop271 spec deviation
return min_sample; return min_sample;
else else

8
src/or/entrynodes.h
View File

@ -440,7 +440,12 @@ int num_bridges_usable(void);
* We never let our sampled guard set grow larger than this percentage * We never let our sampled guard set grow larger than this percentage
* of the guards on the network. * of the guards on the network.
*/ */
#define DFLT_MAX_SAMPLE_THRESHOLD_PERCENT 30 #define DFLT_MAX_SAMPLE_THRESHOLD_PERCENT 20
/**
* We never let our sampled guard set grow larger than this number of
* guards.
*/
#define DFLT_MAX_SAMPLE_SIZE 60
/** /**
* We always try to make our sample contain at least this many guards. * We always try to make our sample contain at least this many guards.
* *
@ -495,6 +500,7 @@ int num_bridges_usable(void);
/**@}*/ /**@}*/
STATIC double get_max_sample_threshold(void); STATIC double get_max_sample_threshold(void);
STATIC int get_max_sample_size_absolute(void);
STATIC int get_min_filtered_sample_size(void); STATIC int get_min_filtered_sample_size(void);
STATIC int get_remove_unlisted_guards_after_days(void); STATIC int get_remove_unlisted_guards_after_days(void);
STATIC int get_guard_lifetime_days(void); STATIC int get_guard_lifetime_days(void);