nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 05:26:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

When computing performance thresholds, ignore omitted-as-sybil nodes.

Browse Source 
Fixes bug 8146.
This commit is contained in:
Nick Mathewson 2013-02-04 10:19:26 -05:00
parent ddf2c36ab1
commit 40c13240c0
2 changed files with 15 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/bug8146_etc Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes (security, directory authority):
- When computing directory thresholds, ignore any rejected-as-sybil
nodes during the computation so that they can't influence Fast,
Guard, etc. Fixes bug 8146.

18
src/or/dirserv.c
View File

@ -1893,7 +1893,8 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router,
* *
* Also, set the is_exit flag of each router appropriately. */ * Also, set the is_exit flag of each router appropriately. */
static void static void
dirserv_compute_performance_thresholds(routerlist_t *rl) dirserv_compute_performance_thresholds(routerlist_t *rl,
digestmap_t *omit_as_sybil)
{ {
int n_active, n_active_nonexit, n_familiar; int n_active, n_active_nonexit, n_familiar;
uint32_t *uptimes, *bandwidths, *bandwidths_excluding_exits; uint32_t *uptimes, *bandwidths, *bandwidths_excluding_exits;
@ -1935,7 +1936,8 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
/* Now, fill in the arrays. */ /* Now, fill in the arrays. */
SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), node_t *, node) { SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), node_t *, node) {
routerinfo_t *ri = node->ri; routerinfo_t *ri = node->ri;
if (ri && router_is_active(ri, node, now)) { if (ri && router_is_active(ri, node, now) &&
!digestmap_get(omit_as_sybil, ri->cache_info.identity_digest)) {
const char *id = ri->cache_info.identity_digest; const char *id = ri->cache_info.identity_digest;
uint32_t bw; uint32_t bw;
node->is_exit = (!router_exit_policy_rejects_all(ri) && node->is_exit = (!router_exit_policy_rejects_all(ri) &&
@ -1997,7 +1999,8 @@ dirserv_compute_performance_thresholds(routerlist_t *rl)
SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), node_t *, node) { SMARTLIST_FOREACH_BEGIN(nodelist_get_list(), node_t *, node) {
routerinfo_t *ri = node->ri; routerinfo_t *ri = node->ri;
if (ri && router_is_active(ri, node, now)) { if (ri && router_is_active(ri, node, now) &&
!digestmap_get(omit_as_sybil, ri->cache_info.identity_digest)) {
const char *id = ri->cache_info.identity_digest; const char *id = ri->cache_info.identity_digest;
long tk = rep_hist_get_weighted_time_known(id, now); long tk = rep_hist_get_weighted_time_known(id, now);
if (tk < guard_tk) if (tk < guard_tk)
@ -2751,13 +2754,13 @@ dirserv_generate_networkstatus_vote_obj(crypto_pk_t *private_key,
dirserv_set_router_is_running(ri, now); dirserv_set_router_is_running(ri, now);
}); });
dirserv_compute_performance_thresholds(rl);
routers = smartlist_new(); routers = smartlist_new();
smartlist_add_all(routers, rl->routers); smartlist_add_all(routers, rl->routers);
routers_sort_by_identity(routers); routers_sort_by_identity(routers);
omit_as_sybil = get_possible_sybil_list(routers); omit_as_sybil = get_possible_sybil_list(routers);
dirserv_compute_performance_thresholds(rl, omit_as_sybil);
routerstatuses = smartlist_new(); routerstatuses = smartlist_new();
microdescriptors = smartlist_new(); microdescriptors = smartlist_new();
@ -3008,14 +3011,13 @@ generate_v2_networkstatus_opinion(void)
dirserv_set_router_is_running(ri, now); dirserv_set_router_is_running(ri, now);
}); });
dirserv_compute_performance_thresholds(rl);
routers = smartlist_new(); routers = smartlist_new();
smartlist_add_all(routers, rl->routers); smartlist_add_all(routers, rl->routers);
routers_sort_by_identity(routers); routers_sort_by_identity(routers);
omit_as_sybil = get_possible_sybil_list(routers); omit_as_sybil = get_possible_sybil_list(routers);
dirserv_compute_performance_thresholds(rl, omit_as_sybil);
SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) { SMARTLIST_FOREACH_BEGIN(routers, routerinfo_t *, ri) {
if (ri->cache_info.published_on >= cutoff) { if (ri->cache_info.published_on >= cutoff) {
routerstatus_t rs; routerstatus_t rs;