[tor-commits] [tor/master] Remove AuthDirMaxServersPerAuthAddr

nickm at torproject.org nickm at torproject.org
Tue Dec 13 23:06:28 UTC 2016


commit 55d02c004c9b36258ef64ccb2def4ddcb0fb04c5
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Dec 13 13:09:27 2016 -0500

    Remove AuthDirMaxServersPerAuthAddr
    
    Back when Roger had do do most of our testing on the moria host, we
    needed a higher limit for the number of relays running on a single
    IP address when that limit was shared with an authority. Nowadays,
    the idea is pretty obsolete.
    
    Also remove the router_addr_is_trusted_dir() function, which served
    no other purpose.
    
    Closes ticket 20960.
---
 changes/ticket20960 |  5 +++++
 doc/tor.1.txt       |  4 ----
 src/or/config.c     |  3 +--
 src/or/dirserv.c    |  8 +-------
 src/or/or.h         |  3 ---
 src/or/routerlist.c | 14 --------------
 src/or/routerlist.h |  1 -
 7 files changed, 7 insertions(+), 31 deletions(-)

diff --git a/changes/ticket20960 b/changes/ticket20960
new file mode 100644
index 0000000..3c21ae6
--- /dev/null
+++ b/changes/ticket20960
@@ -0,0 +1,5 @@
+  o Removed features:
+    - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
+      limit for relays running on a single IP applies to authority IP
+      addresses as well as to non-authority IP addresses.  Closes ticket
+      20960.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 9b8a0f0..eef7454 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2246,10 +2246,6 @@ on the public Tor network.
     list as acceptable on a single IP address. Set this to "0" for "no limit".
     (Default: 2)
 
-[[AuthDirMaxServersPerAuthAddr]] **AuthDirMaxServersPerAuthAddr** __NUM__::
-    Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
-    to addresses shared with directory authorities. (Default: 5)
-
 [[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**::
     Authoritative directories only. If non-zero, always vote the
     Fast flag for any relay advertising this amount of capacity or
diff --git a/src/or/config.c b/src/or/config.c
index a4d063d..c68f83a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -218,7 +218,7 @@ static config_var_t option_vars_[] = {
   OBSOLETE("AuthDirListBadDirs"),
   V(AuthDirListBadExits,         BOOL,     "0"),
   V(AuthDirMaxServersPerAddr,    UINT,     "2"),
-  V(AuthDirMaxServersPerAuthAddr,UINT,     "5"),
+  OBSOLETE("AuthDirMaxServersPerAuthAddr"),
   V(AuthDirHasIPv6Connectivity,  BOOL,     "0"),
   VAR("AuthoritativeDirectory",  BOOL, AuthoritativeDir,    "0"),
   V(AutomapHostsOnResolve,       BOOL,     "0"),
@@ -594,7 +594,6 @@ static const config_var_t testing_tor_network_defaults[] = {
   V(EnforceDistinctSubnets,      BOOL,     "0"),
   V(AssumeReachable,             BOOL,     "1"),
   V(AuthDirMaxServersPerAddr,    UINT,     "0"),
-  V(AuthDirMaxServersPerAuthAddr,UINT,     "0"),
   V(ClientBootstrapConsensusAuthorityDownloadSchedule, CSV_INTERVAL,
     "0, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
   V(ClientBootstrapConsensusFallbackDownloadSchedule, CSV_INTERVAL,
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index e106628..4d349dd 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -2056,12 +2056,8 @@ get_possible_sybil_list(const smartlist_t *routers)
   int addr_count;
   /* Allow at most this number of Tor servers on a single IP address, ... */
   int max_with_same_addr = options->AuthDirMaxServersPerAddr;
-  /* ... unless it's a directory authority, in which case allow more. */
-  int max_with_same_addr_on_authority = options->AuthDirMaxServersPerAuthAddr;
   if (max_with_same_addr <= 0)
     max_with_same_addr = INT_MAX;
-  if (max_with_same_addr_on_authority <= 0)
-    max_with_same_addr_on_authority = INT_MAX;
 
   smartlist_add_all(routers_by_ip, routers);
   smartlist_sort(routers_by_ip, compare_routerinfo_by_ip_and_bw_);
@@ -2074,9 +2070,7 @@ get_possible_sybil_list(const smartlist_t *routers)
         last_addr = ri->addr;
         addr_count = 1;
       } else if (++addr_count > max_with_same_addr) {
-        if (!router_addr_is_trusted_dir(ri->addr) ||
-            addr_count > max_with_same_addr_on_authority)
-          digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
+        digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
       }
   } SMARTLIST_FOREACH_END(ri);
 
diff --git a/src/or/or.h b/src/or/or.h
index 0e508e9..cfbd7b5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3969,9 +3969,6 @@ typedef struct {
                             * and vote for all other exits as good. */
   int AuthDirMaxServersPerAddr; /**< Do not permit more than this
                                  * number of servers per IP address. */
-  int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
-                                     * number of servers per IP address shared
-                                     * with an authority. */
   int AuthDirHasIPv6Connectivity; /**< Boolean: are we on IPv6?  */
   int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */
 
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 46c44d8..69ae51a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -2991,20 +2991,6 @@ router_digest_is_trusted_dir_type(const char *digest, dirinfo_type_t type)
   return 0;
 }
 
-/** Return true iff <b>addr</b> is the address of one of our trusted
- * directory authorities. */
-int
-router_addr_is_trusted_dir(uint32_t addr)
-{
-  if (!trusted_dir_servers)
-    return 0;
-  SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ent,
-    if (ent->addr == addr)
-      return 1;
-    );
-  return 0;
-}
-
 /** If hexdigest is correctly formed, base16_decode it into
  * digest, which must have DIGEST_LEN space in it.
  * Return 0 on success, -1 on failure.
diff --git a/src/or/routerlist.h b/src/or/routerlist.h
index 606e908..8b68d69 100644
--- a/src/or/routerlist.h
+++ b/src/or/routerlist.h
@@ -86,7 +86,6 @@ int router_digest_is_trusted_dir_type(const char *digest,
 #define router_digest_is_trusted_dir(d) \
   router_digest_is_trusted_dir_type((d), NO_DIRINFO)
 
-int router_addr_is_trusted_dir(uint32_t addr);
 int hexdigest_to_digest(const char *hexdigest, char *digest);
 const routerinfo_t *router_get_by_id_digest(const char *digest);
 routerinfo_t *router_get_mutable_by_digest(const char *digest);





More information about the tor-commits mailing list