This is an automated email from the git hooks/post-receive script.
dgoulet pushed a change to branch main in repository tor.
from 16664c0017 Merge branch 'maint-0.4.7' new 7b1fffe0dd make L2 vanguards actually independent new d48eaff86d ignore families for L2 guard independence new 4d18f4aa9a Merge branch 'maint-0.4.7'
The 3 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
Summary of changes: changes/bug40639 | 5 +++++ src/feature/client/entrynodes.c | 16 +++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 changes/bug40639
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit 7b1fffe0ddfb78234bddba4aae5800482d8b01fb Author: Roger Dingledine arma@torproject.org AuthorDate: Thu Jul 7 01:16:53 2022 -0400
make L2 vanguards actually independent
We had omitted some checks for whether our vanguards (second layer guards from proposal 333) overlapped or came from the same family. Now make sure to pick each of them to be independent.
Fixes bug 40639; bugfix on 0.4.7.1-alpha. --- changes/bug40639 | 5 +++++ src/feature/client/entrynodes.c | 10 +++++++++- 2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/changes/bug40639 b/changes/bug40639 new file mode 100644 index 0000000000..d5ab2e0cb3 --- /dev/null +++ b/changes/bug40639 @@ -0,0 +1,5 @@ + o Major bugfixes (vanguards): + - We had omitted some checks for whether our vanguards (second layer + guards from proposal 333) overlapped or came from the same family. + Now make sure to pick each of them to be independent. Fixes bug + 40639; bugfix on 0.4.7.1-alpha. diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c index 15f29d1c3e..493571173e 100644 --- a/src/feature/client/entrynodes.c +++ b/src/feature/client/entrynodes.c @@ -4136,8 +4136,16 @@ maintain_layer2_guards(void) log_info(LD_GENERAL, "Adding %d guards to Layer2 routerset", new_guards_needed_n);
- /* Add required guards to the list */ + /* First gather the exclusions based on our current L2 guards */ smartlist_t *excluded = smartlist_new(); + SMARTLIST_FOREACH_BEGIN(layer2_guards, layer2_guard_t *, g) { + /* Exclude existing L2 guard + family so that we don't double-pick. */ + const node_t *existing = node_get_by_id(g->identity); + if (existing) + nodelist_add_node_and_family(excluded, existing); + } SMARTLIST_FOREACH_END(g); + + /* Add required guards to the list */ for (int i = 0; i < new_guards_needed_n; i++) { const node_t *choice = NULL; const or_options_t *options = get_options();
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit d48eaff86d5d2bd0df2b0974abf28652934b5cc6 Author: Roger Dingledine arma@torproject.org AuthorDate: Tue Aug 9 16:39:26 2022 -0400
ignore families for L2 guard independence
mike is concerned that we would get too much exposure to adversaries, if we enforce that none of our L2 guards can be in the same family.
this change set now essentially finishes the feature that commit a77727cdc was attempting to add, but strips the "_and_family" part of that plan. --- changes/bug40639 | 6 +++--- src/feature/client/entrynodes.c | 10 ++++++---- 2 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/changes/bug40639 b/changes/bug40639 index d5ab2e0cb3..d975e9ad22 100644 --- a/changes/bug40639 +++ b/changes/bug40639 @@ -1,5 +1,5 @@ o Major bugfixes (vanguards): - We had omitted some checks for whether our vanguards (second layer - guards from proposal 333) overlapped or came from the same family. - Now make sure to pick each of them to be independent. Fixes bug - 40639; bugfix on 0.4.7.1-alpha. + guards from proposal 333) overlapped. Now make sure to pick each + of them to be independent. Also, change the design to allow them to + come from the same family. Fixes bug 40639; bugfix on 0.4.7.1-alpha. diff --git a/src/feature/client/entrynodes.c b/src/feature/client/entrynodes.c index 493571173e..e7324487da 100644 --- a/src/feature/client/entrynodes.c +++ b/src/feature/client/entrynodes.c @@ -4139,10 +4139,11 @@ maintain_layer2_guards(void) /* First gather the exclusions based on our current L2 guards */ smartlist_t *excluded = smartlist_new(); SMARTLIST_FOREACH_BEGIN(layer2_guards, layer2_guard_t *, g) { - /* Exclude existing L2 guard + family so that we don't double-pick. */ + /* Exclude existing L2 guard so that we don't double-pick it. + * But, it's ok if they come from the same family. */ const node_t *existing = node_get_by_id(g->identity); if (existing) - nodelist_add_node_and_family(excluded, existing); + smartlist_add(excluded, (node_t *)existing); } SMARTLIST_FOREACH_END(g);
/* Add required guards to the list */ @@ -4167,8 +4168,9 @@ maintain_layer2_guards(void) // Nickname can also be None here because it is looked up later control_event_guard("None", layer2_guard->identity, "GOOD_L2"); - /* Exclude this node and its family so that we don't double-pick. */ - nodelist_add_node_and_family(excluded, choice); + /* Exclude this node so that we don't double-pick it. (Again, coming + * from the same family is ok here.) */ + smartlist_add(excluded, (node_t *)choice); }
/* Some cleanup */
This is an automated email from the git hooks/post-receive script.
dgoulet pushed a commit to branch main in repository tor.
commit 4d18f4aa9aae22a341b3eeb87d5fe12af64c8766 Merge: 16664c0017 d48eaff86d Author: David Goulet dgoulet@torproject.org AuthorDate: Wed Aug 10 08:53:08 2022 -0400
Merge branch 'maint-0.4.7'
changes/bug40639 | 5 +++++ src/feature/client/entrynodes.c | 16 +++++++++++++--- 2 files changed, 18 insertions(+), 3 deletions(-)
tor-commits@lists.torproject.org
-
gitolite role