[tor-dev] moria1 had 756 HSDir flags in its vote but, the consensus had 2583

Roger Dingledine arma at mit.edu
Thu Feb 15 17:47:47 UTC 2018 

On Mon, Feb 12, 2018 at 03:09:00PM +0000, nusenu wrote:
> >>> NOTICE: moria1 had 756 HSDir flags in its vote but
> >>> the consensus had 2583
>
> I tried to find it on trac, I guess this is:
> https://trac.torproject.org/projects/tor/ticket/19162

Yes, correct. moria1 runs all sorts of experimental patches.

One of them is choosing the HSDir flag for relays based on:

+    hsdir_tk = find_nth_long(tks, n_active, n_active*3/4);
+    hsdir_bandwidth = find_nth_uint32(bandwidths_kb, n_active, n_active/4);

That is, the relay needs to be in the top quarter of the relays
by time-known, and in the top three-quarters of the relays by
bandwidth weights (as decided by moria1's bwauth).

I think the time-known idea is a potentially really smart one, since if
we do it right we force attacking hsdir relays to be in the network for
a long time before they are allowed to become hsdirs.

--Roger

-------------- next part --------------
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d3bae24..9c4d91a 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1336,6 +1336,11 @@ static double guard_wfu = 0.0;
 /** Don't call a router a guard unless we've known about it for at least this
  * many seconds. */
 static long guard_tk = 0;
+/** Don't call a router an HSDir unless we've known about it for at least this
+ * many seconds. */
+static long hsdir_tk = 0;
+/** Don't call a router an HSDir unless it has at least this weight. */
+static long hsdir_bandwidth = 0;
 /** Any router with a bandwidth at least this high is "Fast" */
 static uint32_t fast_bandwidth_kb = 0;
 /** If exits can be guards, then all guards must have a bandwidth this
@@ -1409,6 +1414,8 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router,
 {
 
   long uptime;
+  long tk = rep_hist_get_weighted_time_known(node->identity, now);
+  uint32_t bw_kb = dirserv_get_credible_bandwidth_kb(router);
 
   /* If we haven't been running for at least
    * get_options()->MinUptimeHidServDirectoryV2 seconds, we can't
@@ -1427,6 +1434,8 @@ dirserv_thinks_router_is_hs_dir(const routerinfo_t *router,
   return (router->wants_to_be_hs_dir &&
           router->supports_tunnelled_dir_requests &&
           node->is_stable && node->is_fast &&
+          tk >= hsdir_tk &&
+          bw_kb >= hsdir_bandwidth &&
           uptime >= get_options()->MinUptimeHidServDirectoryV2 &&
           router_is_active(router, node, now));
 }
@@ -1463,9 +1472,10 @@ router_counts_toward_thresholds(const node_t *node, time_t now,
 
 /** Look through the routerlist, the Mean Time Between Failure history, and
  * the Weighted Fractional Uptime history, and use them to set thresholds for
- * the Stable, Fast, and Guard flags.  Update the fields stable_uptime,
- * stable_mtbf, enough_mtbf_info, guard_wfu, guard_tk, fast_bandwidth,
- * guard_bandwidth_including_exits, and guard_bandwidth_excluding_exits.
+ * the Stable, Fast, Guard, and HSDir flags.  Update the fields stable_uptime,
+ * stable_mtbf, enough_mtbf_info, guard_wfu, guard_tk, hsdir_tk,
+ * hsdir_bandwidth, fast_bandwidth, guard_bandwidth_including_exits,
+ * and guard_bandwidth_excluding_exits.
  *
  * Also, set the is_exit flag of each router appropriately. */
 static void
@@ -1492,6 +1502,8 @@ dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
   guard_bandwidth_excluding_exits_kb = 0;
   guard_tk = 0;
   guard_wfu = 0;
+  hsdir_tk = 0;
+  hsdir_bandwidth = 0;
 
   nodelist_assert_ok();
   nodelist = nodelist_get_list();
@@ -1560,6 +1572,16 @@ dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
     guard_bandwidth_including_exits_kb =
       third_quartile_uint32(bandwidths_kb, n_active);
     guard_tk = find_nth_long(tks, n_active, n_active/8);
+    hsdir_tk = find_nth_long(tks, n_active, n_active*3/4);
+//    hsdir_bandwidth = median_uint32(bandwidths_kb, n_active);
+    hsdir_bandwidth = find_nth_uint32(bandwidths_kb, n_active, n_active/4);
+  }
+
+  {
+    int i;
+    for (i = 0; i < n_active; i++) {
+      log_info(LD_GENERAL, "TK %d/%d: %ld", i, n_active, tks[i]);
+    }
   }
 
   if (guard_tk > TIME_KNOWN_TO_GUARANTEE_FAMILIAR)
@@ -1621,11 +1643,13 @@ dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
   }
 
   log_info(LD_DIRSERV,
-      "Cutoffs: For Stable, %lu sec uptime, %lu sec MTBF. "
+      "Cutoffs (%d active): For Stable, %lu sec uptime, %lu sec MTBF. "
       "For Fast: %lu kilobytes/sec. "
       "For Guard: WFU %.03f%%, time-known %lu sec, "
       "and bandwidth %lu or %lu kilobytes/sec. "
+      "For HSDir: time-known %lu sec, bandwidth %lu kilobytes/sec. "
       "We%s have enough stability data.",
+      n_active,
       (unsigned long)stable_uptime,
       (unsigned long)stable_mtbf,
       (unsigned long)fast_bandwidth_kb,
@@ -1633,6 +1657,8 @@ dirserv_compute_performance_thresholds(digestmap_t *omit_as_sybil)
       (unsigned long)guard_tk,
       (unsigned long)guard_bandwidth_including_exits_kb,
       (unsigned long)guard_bandwidth_excluding_exits_kb,
+      (unsigned long)hsdir_tk,
+      (unsigned long)hsdir_bandwidth,
       enough_mtbf_info ? "" : " don't");
 
   tor_free(uptimes);

More information about the tor-dev mailing list