diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-02-06 17:08:50 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-02-07 10:45:34 -0500 |
| commit | 1068e50aecefac8469991884afc08b6ecb24e740 (patch) | |
| tree | 90329bd25af1be5d58152d25321b10cbb9202b43 /src/or/circuitlist.c | |
| parent | a7e946596d6da9aca80456141b7fddbc198c217c (diff) | |
| download | tor-1068e50aecefac8469991884afc08b6ecb24e740.tar tor-1068e50aecefac8469991884afc08b6ecb24e740.tar.gz | |
Discard circuit paths on which nobody supports ntor
Right now this accounts for about 1% of circuits over all, but if you
pick a guard that's running 0.2.3, it will be about 6% of the circuits
running through that guard.
Making sure that every circuit has at least one ntor link means that
we're getting plausibly good forward secrecy on every circuit.
This implements ticket 9777,
Diffstat (limited to 'src/or/circuitlist.c')
| -rw-r--r-- | src/or/circuitlist.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index b0e24a5fe..c7b15e40b 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -709,7 +709,7 @@ circuit_free_cpath(crypt_path_t *cpath) if (!cpath) return; - /* it's a doubly linked list, so we have to notice when we've + /* it's a circular list, so we have to notice when we've * gone through it once. */ while (cpath->next && cpath->next != head) { victim = cpath; @@ -720,6 +720,14 @@ circuit_free_cpath(crypt_path_t *cpath) circuit_free_cpath_node(cpath); } +/** Remove all the items in the cpath on <b>circ</b>.*/ +void +circuit_clear_cpath(origin_circuit_t *circ) +{ + circuit_free_cpath(circ->cpath); + circ->cpath = NULL; +} + /** Release all storage held by circuits. */ void circuit_free_all(void) |