Be more robust when excluding existing nodes as new dirguards

In addition to rejecting them post-hoc, avoid picking them in the
first place.  This makes us less likely to decide that we can't add
guards at all.

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 163afd3d2912e1780adff4f20a9b9b8e31168626..c2f395338d97f4983cb1950fc31734015c4c48c8 100644 (file)
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -3397,6 +3397,7 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state)
     });
   }
   /* and exclude current entry guards and their families, if applicable */
+  /*XXXX025 use the using_as_guard flag to accomplish this.*/
   if (options->UseEntryGuards) {
     SMARTLIST_FOREACH(get_entry_guards(), const entry_guard_t *, entry,
       {

diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 3e471ed01ef605967a7c3fedede6ed2b13cbcd70..5dd27905d6744396a19092e6a52354f8814ccf44 100644 (file)
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -362,7 +362,7 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
   } else {
     const routerstatus_t *rs;
     rs = router_pick_directory_server(MICRODESC_DIRINFO|V3_DIRINFO,
-                                      PDS_PREFER_TUNNELED_DIR_CONNS_);
+                                      PDS_PREFER_TUNNELED_DIR_CONNS_|PDS_FOR_GUARD);
     if (!rs)
       return NULL;
     node = node_get_by_id(rs->identity_digest);

diff --git a/src/or/or.h b/src/or/or.h
index df69674d348fb8042127bf78c59baa8cf39cd36a..1cb9ef2f0e9b8c228b7361459734870ae5846077 100644 (file)
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4760,6 +4760,10 @@ typedef struct dir_server_t {
 #define PDS_NO_EXISTING_SERVERDESC_FETCH (1<<3)
 #define PDS_NO_EXISTING_MICRODESC_FETCH (1<<4)
 
+/** This node is to be chosen as a directory guard, so don't choose any
+ * node that's currently a guard. */
+#define PDS_FOR_GUARD (1<<5)
+
 #define PDS_PREFER_TUNNELED_DIR_CONNS_ (1<<16)
 
 /** Possible ways to weight routers when choosing one randomly.  See

diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 90b707bcdb046077821165c6d170d260a5669eeb..837245db3e833c0348724bcf7bd61531d45a2663 100644 (file)
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1153,6 +1153,7 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
   int requireother = ! (flags & PDS_ALLOW_SELF);
   int fascistfirewall = ! (flags & PDS_IGNORE_FASCISTFIREWALL);
   int prefer_tunnel = (flags & PDS_PREFER_TUNNELED_DIR_CONNS_);
+  int for_guard = (flags & PDS_FOR_GUARD);
   int try_excluding = 1, n_excluded = 0;
 
   if (!consensus)
@@ -1192,6 +1193,8 @@ router_pick_directory_server_impl(dirinfo_type_t type, int flags)
     if ((type & MICRODESC_DIRINFO) && !is_trusted &&
         !node->rs->version_supports_microdesc_cache)
       continue;
+    if (for_guard && node->using_as_guard)
+      continue; /* Don't make the same node a guard twice. */
     if (try_excluding &&
         routerset_contains_routerstatus(options->ExcludeNodes, status,
                                         country)) {