[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Remove AuthDirMaxServersPerAuthAddr
commit 55d02c004c9b36258ef64ccb2def4ddcb0fb04c5
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Tue Dec 13 13:09:27 2016 -0500
Remove AuthDirMaxServersPerAuthAddr
Back when Roger had do do most of our testing on the moria host, we
needed a higher limit for the number of relays running on a single
IP address when that limit was shared with an authority. Nowadays,
the idea is pretty obsolete.
Also remove the router_addr_is_trusted_dir() function, which served
no other purpose.
Closes ticket 20960.
---
changes/ticket20960 | 5 +++++
doc/tor.1.txt | 4 ----
src/or/config.c | 3 +--
src/or/dirserv.c | 8 +-------
src/or/or.h | 3 ---
src/or/routerlist.c | 14 --------------
src/or/routerlist.h | 1 -
7 files changed, 7 insertions(+), 31 deletions(-)
diff --git a/changes/ticket20960 b/changes/ticket20960
new file mode 100644
index 0000000..3c21ae6
--- /dev/null
+++ b/changes/ticket20960
@@ -0,0 +1,5 @@
+ o Removed features:
+ - The AuthDirMaxServersPerAuthAddr option no longer exists: The same
+ limit for relays running on a single IP applies to authority IP
+ addresses as well as to non-authority IP addresses. Closes ticket
+ 20960.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 9b8a0f0..eef7454 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2246,10 +2246,6 @@ on the public Tor network.
list as acceptable on a single IP address. Set this to "0" for "no limit".
(Default: 2)
-[[AuthDirMaxServersPerAuthAddr]] **AuthDirMaxServersPerAuthAddr** __NUM__::
- Authoritative directories only. Like AuthDirMaxServersPerAddr, but applies
- to addresses shared with directory authorities. (Default: 5)
-
[[AuthDirFastGuarantee]] **AuthDirFastGuarantee** __N__ **bytes**|**KBytes**|**MBytes**|**GBytes**|**TBytes**|**KBits**|**MBits**|**GBits**|**TBits**::
Authoritative directories only. If non-zero, always vote the
Fast flag for any relay advertising this amount of capacity or
diff --git a/src/or/config.c b/src/or/config.c
index a4d063d..c68f83a 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -218,7 +218,7 @@ static config_var_t option_vars_[] = {
OBSOLETE("AuthDirListBadDirs"),
V(AuthDirListBadExits, BOOL, "0"),
V(AuthDirMaxServersPerAddr, UINT, "2"),
- V(AuthDirMaxServersPerAuthAddr,UINT, "5"),
+ OBSOLETE("AuthDirMaxServersPerAuthAddr"),
V(AuthDirHasIPv6Connectivity, BOOL, "0"),
VAR("AuthoritativeDirectory", BOOL, AuthoritativeDir, "0"),
V(AutomapHostsOnResolve, BOOL, "0"),
@@ -594,7 +594,6 @@ static const config_var_t testing_tor_network_defaults[] = {
V(EnforceDistinctSubnets, BOOL, "0"),
V(AssumeReachable, BOOL, "1"),
V(AuthDirMaxServersPerAddr, UINT, "0"),
- V(AuthDirMaxServersPerAuthAddr,UINT, "0"),
V(ClientBootstrapConsensusAuthorityDownloadSchedule, CSV_INTERVAL,
"0, 2, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 8, 16, 32, 60"),
V(ClientBootstrapConsensusFallbackDownloadSchedule, CSV_INTERVAL,
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index e106628..4d349dd 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -2056,12 +2056,8 @@ get_possible_sybil_list(const smartlist_t *routers)
int addr_count;
/* Allow at most this number of Tor servers on a single IP address, ... */
int max_with_same_addr = options->AuthDirMaxServersPerAddr;
- /* ... unless it's a directory authority, in which case allow more. */
- int max_with_same_addr_on_authority = options->AuthDirMaxServersPerAuthAddr;
if (max_with_same_addr <= 0)
max_with_same_addr = INT_MAX;
- if (max_with_same_addr_on_authority <= 0)
- max_with_same_addr_on_authority = INT_MAX;
smartlist_add_all(routers_by_ip, routers);
smartlist_sort(routers_by_ip, compare_routerinfo_by_ip_and_bw_);
@@ -2074,9 +2070,7 @@ get_possible_sybil_list(const smartlist_t *routers)
last_addr = ri->addr;
addr_count = 1;
} else if (++addr_count > max_with_same_addr) {
- if (!router_addr_is_trusted_dir(ri->addr) ||
- addr_count > max_with_same_addr_on_authority)
- digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
+ digestmap_set(omit_as_sybil, ri->cache_info.identity_digest, ri);
}
} SMARTLIST_FOREACH_END(ri);
diff --git a/src/or/or.h b/src/or/or.h
index 0e508e9..cfbd7b5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3969,9 +3969,6 @@ typedef struct {
* and vote for all other exits as good. */
int AuthDirMaxServersPerAddr; /**< Do not permit more than this
* number of servers per IP address. */
- int AuthDirMaxServersPerAuthAddr; /**< Do not permit more than this
- * number of servers per IP address shared
- * with an authority. */
int AuthDirHasIPv6Connectivity; /**< Boolean: are we on IPv6? */
int AuthDirPinKeys; /**< Boolean: Do we enforce key-pinning? */
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 46c44d8..69ae51a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -2991,20 +2991,6 @@ router_digest_is_trusted_dir_type(const char *digest, dirinfo_type_t type)
return 0;
}
-/** Return true iff <b>addr</b> is the address of one of our trusted
- * directory authorities. */
-int
-router_addr_is_trusted_dir(uint32_t addr)
-{
- if (!trusted_dir_servers)
- return 0;
- SMARTLIST_FOREACH(trusted_dir_servers, dir_server_t *, ent,
- if (ent->addr == addr)
- return 1;
- );
- return 0;
-}
-
/** If hexdigest is correctly formed, base16_decode it into
* digest, which must have DIGEST_LEN space in it.
* Return 0 on success, -1 on failure.
diff --git a/src/or/routerlist.h b/src/or/routerlist.h
index 606e908..8b68d69 100644
--- a/src/or/routerlist.h
+++ b/src/or/routerlist.h
@@ -86,7 +86,6 @@ int router_digest_is_trusted_dir_type(const char *digest,
#define router_digest_is_trusted_dir(d) \
router_digest_is_trusted_dir_type((d), NO_DIRINFO)
-int router_addr_is_trusted_dir(uint32_t addr);
int hexdigest_to_digest(const char *hexdigest, char *digest);
const routerinfo_t *router_get_by_id_digest(const char *digest);
routerinfo_t *router_get_mutable_by_digest(const char *digest);
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits