tor-commits September 2011

tor-commits@lists.torproject.org

19 participants
865 discussions

[arm/master] fix: concurrency issue could crash from CIRC event
by atagar＠torproject.org 24 Sep '11

24 Sep '11

commit e884fcbd894c9e764c60e6b40c5bd3e14583352e Author: Damian Johnson <atagar(a)torproject.org> Date: Sat Sep 24 13:03:20 2011 -0700 fix: concurrency issue could crash from CIRC event If we got a CIRC event while populating the cache of relays that we're attached to we could reset _fingerprintsAttachedCache to None while we were in the middle of populating it. Manipulation of this cache is supposed to be governed by the connection lock, so fixing that for the CIRC event's reset. --- src/util/torTools.py | 6 ++++++ 1 files changed, 6 insertions(+), 0 deletions(-) diff --git a/src/util/torTools.py b/src/util/torTools.py index e59b35e..3d18fcb 100644 --- a/src/util/torTools.py +++ b/src/util/torTools.py @@ -2004,7 +2004,9 @@ class Controller(TorCtl.PostEventListener): # CIRC events aren't required, but if one's received then flush this cache # since it uses circuit-status results. + self.connLock.acquire() self._fingerprintsAttachedCache = None + self.connLock.release() self._cachedParam["circuits"] = None @@ -2085,6 +2087,10 @@ class Controller(TorCtl.PostEventListener): relayPort - orport of relay (to further narrow the results) """ + # Events can reset _fingerprintsAttachedCache to None, so all uses of this + # function need to be under the connection lock (skipping that might also + # scew with the conn usage of this function...) + # If we were provided with a string port then convert to an int (so # lookups won't mismatch based on type). if isinstance(relayPort, str): relayPort = int(relayPort)

1 0

[arm/master] fix: clarifying missing armrc message
by atagar＠torproject.org 24 Sep '11

24 Sep '11

commit 73de20de4a69bc055cf23d5852e0ac8b007af1a9 Author: Damian Johnson <atagar(a)torproject.org> Date: Sat Sep 24 12:54:39 2011 -0700 fix: clarifying missing armrc message Occasionally people are confused by the notice that no armrc was loaded, thinking that it's a problem. Trying to clarify the message (it's just supposed to inform users that they can customize arm's behavior). --- src/starter.py | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/src/starter.py b/src/starter.py index 4315f06..2347f7b 100644 --- a/src/starter.py +++ b/src/starter.py @@ -94,7 +94,7 @@ DESC_SAVE_FAILED_MSG = "Unable to save configuration descriptions (%s)" NO_INTERNAL_CFG_MSG = "Failed to load the parsing configuration. This will be problematic for a few things like torrc validation and log duplication detection (%s)" STANDARD_CFG_LOAD_FAILED_MSG = "Failed to load configuration (using defaults): \"%s\"" -STANDARD_CFG_NOT_FOUND_MSG = "No configuration found at '%s', using defaults" +STANDARD_CFG_NOT_FOUND_MSG = "No armrc loaded, using defaults. You can customize arm by placing a configuration file at '%s' (see the armrc.sample for its options)." # torrc entries that are scrubbed when dumping PRIVATE_TORRC_ENTRIES = ["HashedControlPassword", "Bridge", "HiddenServiceDir"]

1 0

[arm/master] Quiting wizard when the user presses 'q'
by atagar＠torproject.org 24 Sep '11

24 Sep '11

commit 30fc358c617ebd075119e20fd6e532150b432e24 Author: Damian Johnson <atagar(a)torproject.org> Date: Sat Sep 24 13:14:54 2011 -0700 Quiting wizard when the user presses 'q' Users could cancel the wizard by prssing esc, but it's also intuitive to expect 'q' to do the same (since that's the keybinding to quit arm entirely). Respecting this option too. This was requested by monochromec on... https://trac.torproject.org/projects/tor/ticket/3995 This also fixes a minor bug where the config options dialog wouldn't respect a cancel signal (instead looping on that dialog). --- src/cli/wizard.py | 7 ++++--- 1 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/cli/wizard.py b/src/cli/wizard.py index 40cf632..4cb65ad 100644 --- a/src/cli/wizard.py +++ b/src/cli/wizard.py @@ -351,6 +351,7 @@ def showWizard(): selection = promptConfigOptions(relayType, config, disabledOpt) if selection == BACK: relayType = None + elif selection == CANCEL: break elif selection == NEXT: generatedTorrc = getTorrc(relayType, config, disabledOpt) @@ -536,7 +537,7 @@ def promptRelayType(initialSelection): if key == curses.KEY_UP: selection = (selection - 1) % len(options) elif key == curses.KEY_DOWN: selection = (selection + 1) % len(options) elif uiTools.isSelectionKey(key): return options[selection].getValue() - elif key == 27: return CANCEL # esc - cancel + elif key in (27, ord('q'), ord('Q')): return CANCEL # esc or q - cancel finally: cli.popups.finalize() @@ -635,7 +636,7 @@ def promptConfigOptions(relayType, config, disabledOpt): except ValueError, exc: cli.popups.showMsg(str(exc), 3) cli.controller.getController().redraw() - elif key == 27: selection, key = -1, curses.KEY_ENTER # esc - cancel + elif key in (27, ord('q'), ord('Q')): return CANCEL finally: cli.popups.finalize() @@ -857,7 +858,7 @@ def showConfirmationDialog(torrcContents, torrcLocation): if selection == 0: return CANCEL elif selection == 1: return BACK else: return NEXT - elif key == 27: return CANCEL + elif key in (27, ord('q'), ord('Q')): return CANCEL finally: cli.popups.finalize()

1 0

r25112: {website} update the ssl version of fodt mirror. (in website/trunk: . include)
by Andrew Lewman 23 Sep '11

23 Sep '11

Author: phobos Date: 2011-09-23 20:02:50 +0000 (Fri, 23 Sep 2011) New Revision: 25112 Modified: website/trunk/include/mirrors-table.wmi website/trunk/update-mirrors.pl Log: update the ssl version of fodt mirror. Modified: website/trunk/include/mirrors-table.wmi =================================================================== --- website/trunk/include/mirrors-table.wmi 2011-09-23 19:48:03 UTC (rev 25111) +++ website/trunk/include/mirrors-table.wmi 2011-09-23 20:02:50 UTC (rev 25112) @@ -163,10 +163,10 @@ <td><a href="ftp://ftp.fodt.it/pub/mirror/tor/">ftp</a></td> <td><a href="http://tor.fodt.it/dist/">http</a></td> <td><a href="http://tor.fodt.it/">http</a></td> + <td><a href="https://tor.fodt.it/dist/">https</a></td> + <td><a href="https://tor.fodt.it/">https</a></td> <td> - </td> <td> - </td> - <td> - </td> - <td> - </td> </tr> <tr> @@ -392,6 +392,23 @@ <tr> + <td>INT</td> + + <td>CoralCDN</td> + + <td>Up to date</td> + + <td> - </td> + <td><a href="http://www.torproject.org.nyud.net/dist/">http</a></td> + <td><a href="http://www.torproject.org.nyud.net/">http</a></td> + <td> - </td> + <td> - </td> + <td> - </td> + <td> - </td> +</tr> + +<tr> + <td>NL</td> <td>Amorphis</td> @@ -545,23 +562,6 @@ <tr> - <td>INT</td> - - <td>CoralCDN</td> - - <td>Unknown</td> - - <td> - </td> - <td><a href="http://www.torproject.org.nyud.net/dist/">http</a></td> - <td><a href="http://www.torproject.org.nyud.net/">http</a></td> - <td> - </td> - <td> - </td> - <td> - </td> - <td> - </td> -</tr> - -<tr> - <td>IS</td> <td>crypto.is</td> Modified: website/trunk/update-mirrors.pl =================================================================== --- website/trunk/update-mirrors.pl 2011-09-23 19:48:03 UTC (rev 25111) +++ website/trunk/update-mirrors.pl 2011-09-23 20:02:50 UTC (rev 25112) @@ -689,11 +689,11 @@ ipv6 => "False", loadBalanced => "No", httpWebsiteMirror => "http://tor.fodt.it/", - httpsWebsiteMirror => "", + httpsWebsiteMirror => "https://tor.fodt.it/", rsyncWebsiteMirror => "", ftpWebsiteMirror => "ftp://ftp.fodt.it/pub/mirror/tor/", httpDistMirror => "http://tor.fodt.it/dist/", - httpsDistMirror => "", + httpsDistMirror => "https://tor.fodt.it/dist/", rsyncDistMirror => "", hiddenServiceMirror => "", },

1 0

r25111: {website} update factor.cc https mirror, factor location, and update a (in website/trunk: . include)
by Andrew Lewman 23 Sep '11

23 Sep '11

Author: phobos Date: 2011-09-23 19:48:03 +0000 (Fri, 23 Sep 2011) New Revision: 25111 Modified: website/trunk/include/mirrors-table.wmi website/trunk/update-mirrors.pl Log: update factor.cc https mirror, factor location, and update all mirrors Modified: website/trunk/include/mirrors-table.wmi =================================================================== --- website/trunk/include/mirrors-table.wmi 2011-09-22 15:24:59 UTC (rev 25110) +++ website/trunk/include/mirrors-table.wmi 2011-09-23 19:48:03 UTC (rev 25111) @@ -18,6 +18,23 @@ <tr> + <td>DK</td> + + <td>Zentrum der Gesundheit</td> + + <td>Up to date</td> + + <td> - </td> + <td><a href="http://tor.idnr.ws/dist/">http</a></td> + <td><a href="http://tor.idnr.ws/">http</a></td> + <td> - </td> + <td> - </td> + <td> - </td> + <td> - </td> +</tr> + +<tr> + <td>EE</td> <td>CyberSIDE</td> @@ -205,7 +222,7 @@ <tr> - <td>AT</td> + <td>DE</td> <td>factor.cc</td> @@ -214,8 +231,8 @@ <td> - </td> <td><a href="http://tor.factor.cc/dist/">http</a></td> <td><a href="http://tor.factor.cc/">http</a></td> - <td><a href="https://tor.factor.cc/dist/">https</a></td> - <td><a href="https://tor.factor.cc/">https</a></td> + <td><a href="https://factor.cc/tor/dist/">https</a></td> + <td><a href="https://factor.cc/tor">https</a></td> <td> - </td> <td> - </td> </tr> @@ -324,23 +341,6 @@ <tr> - <td>US</td> - - <td>AskApache</td> - - <td>Up to date</td> - - <td> - </td> - <td><a href="http://tor.askapache.com/dist/">http</a></td> - <td><a href="http://tor.askapache.com/">http</a></td> - <td> - </td> - <td> - </td> - <td> - </td> - <td> - </td> -</tr> - -<tr> - <td>FR</td> <td>LazyTiger</td> @@ -409,15 +409,15 @@ <tr> - <td>SE</td> + <td>US</td> - <td>homosu</td> + <td>AskApache</td> <td>Up to date</td> <td> - </td> - <td><a href="http://tor.homosu.net/dist">http</a></td> - <td><a href="http://tor.homosu.net/">http</a></td> + <td><a href="http://tor.askapache.com/dist/">http</a></td> + <td><a href="http://tor.askapache.com/">http</a></td> <td> - </td> <td> - </td> <td> - </td> @@ -426,15 +426,15 @@ <tr> - <td>DK</td> + <td>SE</td> - <td>Zentrum der Gesundheit</td> + <td>homosu</td> <td>Up to date</td> <td> - </td> - <td><a href="http://tor.idnr.ws/dist/">http</a></td> - <td><a href="http://tor.idnr.ws/">http</a></td> + <td><a href="http://tor.homosu.net/dist">http</a></td> + <td><a href="http://tor.homosu.net/">http</a></td> <td> - </td> <td> - </td> <td> - </td> Modified: website/trunk/update-mirrors.pl =================================================================== --- website/trunk/update-mirrors.pl 2011-09-22 15:24:59 UTC (rev 25110) +++ website/trunk/update-mirrors.pl 2011-09-23 19:48:03 UTC (rev 25111) @@ -700,18 +700,18 @@ mirror043 => { adminContact => "", orgName => "factor.cc", - isoCC => "AT", + isoCC => "DE", subRegion => "", - region => "AT", + region => "DE", ipv4 => "True", ipv6 => "False", loadBalanced => "No", httpWebsiteMirror => "http://tor.factor.cc/", - httpsWebsiteMirror => "https://tor.factor.cc/", + httpsWebsiteMirror => "https://factor.cc/tor", rsyncWebsiteMirror => "", ftpWebsiteMirror => "", httpDistMirror => "http://tor.factor.cc/dist/", - httpsDistMirror => "https://tor.factor.cc/dist/", + httpsDistMirror => "https://factor.cc/tor/dist/", rsyncDistMirror => "", hiddenServiceMirror => "", }

1 0

[torspec/master] Incorporate Roger's comments into proposal 184
by nickm＠torproject.org 23 Sep '11

23 Sep '11

commit 02049040cd6816ed4893a508a57b61164f9c70ea Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Sep 22 21:41:18 2011 -0400 Incorporate Roger's comments into proposal 184 --- proposals/184-v3-link-protocol.txt | 18 +++++++++++++++++- 1 files changed, 17 insertions(+), 1 deletions(-) diff --git a/proposals/184-v3-link-protocol.txt b/proposals/184-v3-link-protocol.txt index 910f223..8af15f9 100644 --- a/proposals/184-v3-link-protocol.txt +++ b/proposals/184-v3-link-protocol.txt @@ -51,12 +51,28 @@ Design: Indicating variable-length cells. Design: Variable-length padding. We add a new variable-length cell type, "VPADDING", to be used for - padding. All Tor instances may send a DROP cell at any point that + padding. All Tor instances may send a VPADDING cell at any point that a VERSIONS cell is not required; a VPADDING cell's body may be any length; the body of a VPADDING cell MAY have any content. Upon receiving a VPADDING cell, the recipient should drop it, as with a PADDING cell. + (This does not give a way to send fewer than 5 bytes of padding. + We could add this in the future, in a new link protocol.) + + Implementations SHOULD fill the content of all padding cells + randomly. + +A note on padding: + + We do not specify any situation in which a node ought to generate + a VPADDING cell; that's left for future work. Implementors should + be aware that many schemes have been proposed for link padding + that do not in fact work as well as one would expect. We + recommend that no mainstream implementation should produce padding + in an attempt to resist traffic analysis, without real research + showing that it helps. + Interaction with proposal 176: Proposal 176 says that during the v3 handshake, no cells other

1 0

[torspec/master] changes to 186 based on comments from Karsten
by nickm＠torproject.org 22 Sep '11

22 Sep '11

commit e80e9974fa38eeff7ae63a03dd6f8c2a0df858b6 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Sep 22 17:21:24 2011 -0400 changes to 186 based on comments from Karsten --- proposals/186-multiple-orports.txt | 27 +++++++++++++++------------ 1 files changed, 15 insertions(+), 12 deletions(-) diff --git a/proposals/186-multiple-orports.txt b/proposals/186-multiple-orports.txt index 5b59c77..56a76c7 100644 --- a/proposals/186-multiple-orports.txt +++ b/proposals/186-multiple-orports.txt @@ -24,14 +24,14 @@ Configuring additional addresses and ports: In consonance with our changes to the (Socks|Trans|NATD|DNS)Port options made in 0.2.3.x for proposal 171, I make a corresponding - change to allow multiple SocksPort options and deprecate - SocksListenAddress. + change to allow multiple ORPort options and deprecate + ORListenAddress. The new syntax will be: - "SocksPort" PortDescription Options? + "ORPort" PortDescription Option* - Options = "NoAdvertise" | "NoListen" | "AllAddrs" | "IPV4Only" + Option = "NoAdvertise" | "NoListen" | "AllAddrs" | "IPV4Only" | "IPV6Only" PortDescription = PORTLIST | @@ -41,7 +41,7 @@ Configuring additional addresses and ports: (PORTLIST and ADDRESS are defined below.) The 'NoAdvertise' option performs the function of the old - SocksListenAddress option. If it is set, we bind a port, but + ORListenAddress option. If it is set, we bind a port, but don't put it in our descriptor. The 'NoListen' option tells Tor to advertise an address, but not @@ -60,7 +60,7 @@ Configuring additional addresses and ports: As with the client *Port options, only the old format or the new format are allowed: either a single numeric socksport and zero or more sockslistenaddress options, or a set of one or more - SocksPorts in the new extended format. + ORPorts in the new extended format. In current operating systems (unless we get into crazy nonportable tricks) we need to use one socket for every address:port that Tor @@ -71,21 +71,21 @@ Configuring additional addresses and ports: Example: We want to bind on 0.0.0.0:9001 - SocksPort 9001 + ORPort 9001 Example: Our firewall is redirecting ports 80, 443, and 7000-8000 on all hosts in x.244.2.0/24 onto our port 2929. - SocksPort 2929 no-advertise - SocksPort x.244.2.0/24:80,443,7000-8000 no-listen + ORPort 2929 noadvertise + ORPort x.244.2.0/24:80,443,7000-8000 nolisten Example: We have a dynamic DNS provider that maps tornode.example.com to our current external IPv4 and IPv6 addresses. Our firewall forwards port 443 on those address to our port 1337. - SocksPort 1337 no-advertise alladdrs - SocksPort tornode.example.com:443 no-bind alladdrs + ORPort 1337 noadvertise alladdrs + ORPort tornode.example.com:443 nobind alladdrs Self-testing: @@ -93,7 +93,7 @@ Self-testing: before they declare themselves reachable. If a Tor has a lot of advertised ports, that could be prohibitive. Instead, it should try a sample of ports for each address. It should - not advertise any given SocksPort line until it has tried + not advertise any given ORPort line until it has tried extending to or connecting to a sample of the address/port combinations. @@ -129,6 +129,9 @@ New descriptor syntax: A node must not list more than 8 or-address lines. + A PORTLIST must have no more than 16 PORTSPEC entries, and its entries must + be disjoint. + (Q: Any reason to allow more than 2? Multiple interfaces, I guess.) New authority behavior:

1 0

[torspec/master] Make 185 a little more explicit on who sets dir-cache in their routerdesc
by nickm＠torproject.org 22 Sep '11

22 Sep '11

commit d1fbdaf64ce9d58530a606bf7f44409d9f9d894f Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu Sep 22 16:19:00 2011 -0400 Make 185 a little more explicit on who sets dir-cache in their routerdesc --- proposals/185-dir-without-dirport.txt | 8 ++++++-- 1 files changed, 6 insertions(+), 2 deletions(-) diff --git a/proposals/185-dir-without-dirport.txt b/proposals/185-dir-without-dirport.txt index c84ec35..838a58a 100644 --- a/proposals/185-dir-without-dirport.txt +++ b/proposals/185-dir-without-dirport.txt @@ -30,8 +30,12 @@ Configuration: Advertising cache status: Nodes which are running as a directory cache but which do not have - a DirPort set should set the entry "dir-cache 1" in their router - descriptors. + a DirPort set, or which do not have a working DirPort, should set + the entry "dir-cache 1" in their router descriptors and give their + directory port as 0 in their router lines. (Nodes which have a + working directory port advertise it as usual, and do not include + a "dir-cache" line. Implementations should accept and ignore + dir-cache lines with values other than "dir-cache 1".) Consensus:

1 0

[tor/master] New torrc option to allow bucket refill intervals of less than 1 sec
by nickm＠torproject.org 22 Sep '11

22 Sep '11

commit 6b1d8321aef15a948ec32333a98217450bd02f78 Author: Florian Tschorsch <tschorsch(a)informatik.uni-wuerzburg.de> Date: Wed Sep 7 20:21:53 2011 -0400 New torrc option to allow bucket refill intervals of less than 1 sec Implements bug3630. --- doc/tor.1.txt | 8 ++++ src/or/config.c | 8 ++++ src/or/connection.c | 64 +++++++++++++++++------------- src/or/main.c | 110 +++++++++++++++++++++++++++++++++++++++----------- src/or/or.h | 3 + 5 files changed, 141 insertions(+), 52 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 4edee80..05f52f8 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -737,6 +737,14 @@ The following options are useful only for clients (that is, if unattached waiting for an appropriate circuit, before we fail it. (Default: 2 minutes.) +**TokenBucketRefillInterval** __NUM__:: + Set the refill interval of Tor's token bucket to NUM milliseconds. + NUM must be positive and either a divisor or a multiple of 1 second. + Note that this option retains the configured bandwidth limits and refills + token buckets only in ratio to the interval. This option will be ignored + when Tor was built with Libevent's bufferevents enabled. (Default: 1 second) + + **TrackHostExits** __host__,__.domain__,__...__:: For each value in the comma separated list, Tor will track recent connections to hosts that match this value and attempt to reuse the same diff --git a/src/or/config.c b/src/or/config.c index bc77b3a..b04cee4 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -386,6 +386,7 @@ static config_var_t _option_vars[] = { OBSOLETE("SysLog"), V(TestSocks, BOOL, "0"), OBSOLETE("TestVia"), + V(TokenBucketRefillInterval, MSEC_INTERVAL, "10 msec"), V(TrackHostExits, CSV, NULL), V(TrackHostExitsExpire, INTERVAL, "30 minutes"), OBSOLETE("TrafficShaping"), @@ -1382,6 +1383,13 @@ options_act(const or_options_t *old_options) if (accounting_is_enabled(options)) configure_accounting(time(NULL)); + if (options->TokenBucketRefillInterval < 0 + || options->TokenBucketRefillInterval > 1000) { + log_warn(LD_CONFIG, "Token bucket refill interval must be in the range " + "of [0:1000]"); + return -1; + } + #ifdef USE_BUFFEREVENTS /* If we're using the bufferevents implementation and our rate limits * changed, we need to tell the rate-limiting system about it. */ diff --git a/src/or/connection.c b/src/or/connection.c index 0092030..42d7e2f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -2389,20 +2389,21 @@ connection_bucket_init(void) } /** Refill a single bucket called name with bandwidth rate - * rate and bandwidth burst burst, assuming that - * seconds_elapsed seconds have passed since the last call. - **/ + * per millisecond rate and bandwidth burst per refill interval + * burst, assuming that milliseconds_elapsed milliseconds + * have passed since the last call. */ static void connection_bucket_refill_helper(int *bucket, int rate, int burst, - int seconds_elapsed, const char *name) + int milliseconds_elapsed, + const char *name) { int starting_bucket = *bucket; - if (starting_bucket < burst && seconds_elapsed) { - if (((burst - starting_bucket)/seconds_elapsed) < rate) { + if (starting_bucket < burst && milliseconds_elapsed) { + if (((burst - starting_bucket)/milliseconds_elapsed) < rate) { *bucket = burst; /* We would overflow the bucket; just set it to * the maximum. */ } else { - int incr = rate*seconds_elapsed; + int incr = rate*milliseconds_elapsed; *bucket += incr; if (*bucket > burst || *bucket < starting_bucket) { /* If we overflow the burst, or underflow our starting bucket, @@ -2416,41 +2417,46 @@ connection_bucket_refill_helper(int *bucket, int rate, int burst, } } -/** A second has rolled over; increment buckets appropriately. */ +/** Time has passed; increment buckets appropriately. */ void -connection_bucket_refill(int seconds_elapsed, time_t now) +connection_bucket_refill(int milliseconds_elapsed, time_t now) { const or_options_t *options = get_options(); smartlist_t *conns = get_connection_array(); - int relayrate, relayburst; + int bandwidthrate, bandwidthburst, relayrate, relayburst; + + bandwidthrate = (int)options->BandwidthRate / 1000; + bandwidthburst = (int)options->BandwidthBurst; if (options->RelayBandwidthRate) { - relayrate = (int)options->RelayBandwidthRate; + relayrate = (int)options->RelayBandwidthRate / 1000; relayburst = (int)options->RelayBandwidthBurst; } else { - relayrate = (int)options->BandwidthRate; - relayburst = (int)options->BandwidthBurst; + relayrate = bandwidthrate; + relayburst = bandwidthburst; } - tor_assert(seconds_elapsed >= 0); + tor_assert(milliseconds_elapsed >= 0); write_buckets_empty_last_second = global_relayed_write_bucket <= 0 || global_write_bucket <= 0; /* refill the global buckets */ connection_bucket_refill_helper(&global_read_bucket, - (int)options->BandwidthRate, - (int)options->BandwidthBurst, - seconds_elapsed, "global_read_bucket"); + bandwidthrate, bandwidthburst, + milliseconds_elapsed, + "global_read_bucket"); connection_bucket_refill_helper(&global_write_bucket, - (int)options->BandwidthRate, - (int)options->BandwidthBurst, - seconds_elapsed, "global_write_bucket"); + bandwidthrate, bandwidthburst, + milliseconds_elapsed, + "global_read_bucket"); connection_bucket_refill_helper(&global_relayed_read_bucket, - relayrate, relayburst, seconds_elapsed, + relayrate, relayburst, + milliseconds_elapsed, "global_relayed_read_bucket"); connection_bucket_refill_helper(&global_relayed_write_bucket, - relayrate, relayburst, seconds_elapsed, + relayrate, relayburst, + milliseconds_elapsed, "global_relayed_write_bucket"); /* refill the per-connection buckets */ @@ -2458,18 +2464,20 @@ connection_bucket_refill(int seconds_elapsed, time_t now) { if (connection_speaks_cells(conn)) { or_connection_t *or_conn = TO_OR_CONN(conn); + int orbandwidthrate = or_conn->bandwidthrate / 1000; + int orbandwidthburst = or_conn->bandwidthburst; if (connection_bucket_should_increase(or_conn->read_bucket, or_conn)) { connection_bucket_refill_helper(&or_conn->read_bucket, - or_conn->bandwidthrate, - or_conn->bandwidthburst, - seconds_elapsed, + orbandwidthrate, + orbandwidthburst, + milliseconds_elapsed, "or_conn->read_bucket"); } if (connection_bucket_should_increase(or_conn->write_bucket, or_conn)) { connection_bucket_refill_helper(&or_conn->write_bucket, - or_conn->bandwidthrate, - or_conn->bandwidthburst, - seconds_elapsed, + orbandwidthrate, + orbandwidthburst, + milliseconds_elapsed, "or_conn->write_bucket"); } } diff --git a/src/or/main.c b/src/or/main.c index ad5558e..1a95e31 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -91,10 +91,10 @@ static int stats_prev_global_read_bucket; /** What was the write bucket before the last second_elapsed_callback() call? * (used to determine how many bytes we've written). */ static int stats_prev_global_write_bucket; -#else +#endif + static uint64_t stats_prev_n_read = 0; static uint64_t stats_prev_n_written = 0; -#endif /* XXX we might want to keep stats about global_relayed_*_bucket too. Or not.*/ /** How many bytes have we read since we started the process? */ @@ -1507,9 +1507,6 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg) size_t bytes_written; size_t bytes_read; int seconds_elapsed; -#ifdef USE_BUFFEREVENTS - uint64_t cur_read,cur_written; -#endif const or_options_t *options = get_options(); (void)timer; (void)arg; @@ -1523,30 +1520,28 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg) /* the second has rolled over. check more stuff. */ seconds_elapsed = current_second ? (int)(now - current_second) : 0; #ifdef USE_BUFFEREVENTS - connection_get_rate_limit_totals(&cur_read, &cur_written); - bytes_written = (size_t)(cur_written - stats_prev_n_written); - bytes_read = (size_t)(cur_read - stats_prev_n_read); + { + uint64_t cur_read,cur_written; + connection_get_rate_limit_totals(&cur_read, &cur_written); + bytes_written = (size_t)(cur_written - stats_prev_n_written); + bytes_read = (size_t)(cur_read - stats_prev_n_read); + stats_n_bytes_read += bytes_read; + stats_n_bytes_written += bytes_written; + if (accounting_is_enabled(options) && seconds_elapsed >= 0) + accounting_add_bytes(bytes_read, bytes_written, seconds_elapsed); + stats_prev_n_written = cur_written; + stats_prev_n_read = cur_read; + } #else - bytes_written = stats_prev_global_write_bucket - global_write_bucket; - bytes_read = stats_prev_global_read_bucket - global_read_bucket; + bytes_read = (size_t)(stats_n_bytes_read - stats_prev_n_read); + bytes_written = (size_t)(stats_n_bytes_written - stats_prev_n_written); + stats_prev_n_read = stats_n_bytes_read; + stats_prev_n_written = stats_n_bytes_written; #endif - stats_n_bytes_read += bytes_read; - stats_n_bytes_written += bytes_written; - if (accounting_is_enabled(options) && seconds_elapsed >= 0) - accounting_add_bytes(bytes_read, bytes_written, seconds_elapsed); + control_event_bandwidth_used((uint32_t)bytes_read,(uint32_t)bytes_written); control_event_stream_bandwidth_used(); - if (seconds_elapsed > 0) - connection_bucket_refill(seconds_elapsed, now); -#ifdef USE_BUFFEREVENTS - stats_prev_n_written = cur_written; - stats_prev_n_read = cur_read; -#else - stats_prev_global_read_bucket = global_read_bucket; - stats_prev_global_write_bucket = global_write_bucket; -#endif - if (server_mode(options) && !we_are_hibernating() && seconds_elapsed > 0 && @@ -1594,6 +1589,57 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg) current_second = now; /* remember which second it is, for next time */ } +#ifndef USE_BUFFEREVENTS +/** Timer: used to invoke refill_callback(). */ +static periodic_timer_t *refill_timer = NULL; + +/** Libevent callback: invoked periodically to refill token buckets + * and count r/w bytes. It is only used when bufferevents are disabled. */ +static void +refill_callback(periodic_timer_t *timer, void *arg) +{ + static struct timeval current_millisecond; + struct timeval now; + + size_t bytes_written; + size_t bytes_read; + int milliseconds_elapsed = 0; + int seconds_rolled_over = 0; + + const or_options_t *options = get_options(); + + (void)timer; + (void)arg; + + tor_gettimeofday(&now); + + /* If this is our first time, no time has passed. */ + if (current_millisecond.tv_sec) { + long mdiff = tv_mdiff(&current_millisecond, &now); + if (mdiff > INT_MAX) + mdiff = INT_MAX; + milliseconds_elapsed = (int)mdiff; + seconds_rolled_over = (int)(now.tv_sec - current_millisecond.tv_sec); + } + + bytes_written = stats_prev_global_write_bucket - global_write_bucket; + bytes_read = stats_prev_global_read_bucket - global_read_bucket; + + stats_n_bytes_read += bytes_read; + stats_n_bytes_written += bytes_written; + if (accounting_is_enabled(options) && milliseconds_elapsed >= 0) + accounting_add_bytes(bytes_read, bytes_written, seconds_rolled_over); + + if (milliseconds_elapsed > 0) + connection_bucket_refill(milliseconds_elapsed, now.tv_sec); + + stats_prev_global_read_bucket = global_read_bucket; + stats_prev_global_write_bucket = global_write_bucket; + + current_millisecond = now; /* remember what time it is, for next time */ +} +#endif + #ifndef MS_WINDOWS /** Called when a possibly ignorable libevent error occurs; ensures that we * don't get into an infinite loop by ignoring too many errors from @@ -1791,6 +1837,22 @@ do_main_loop(void) tor_assert(second_timer); } +#ifndef USE_BUFFEREVENTS + if (!refill_timer) { + struct timeval refill_interval; + int msecs = get_options()->TokenBucketRefillInterval; + + refill_interval.tv_sec = msecs/1000; + refill_interval.tv_usec = (msecs%1000)*1000; + + refill_timer = periodic_timer_new(tor_libevent_get_base(), + &refill_interval, + refill_callback, + NULL); + tor_assert(refill_timer); + } +#endif + for (;;) { if (nt_service_is_stopping()) return 0; diff --git a/src/or/or.h b/src/or/or.h index 56f34fc..37eea1c 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3107,6 +3107,9 @@ typedef struct { * log whether it was DNS-leaking or not? */ int HardwareAccel; /**< Boolean: Should we enable OpenSSL hardware * acceleration where available? */ + /** Token Bucket Refill resolution in milliseconds (ignored when + * bufferevents are enabled) */ + int TokenBucketRefillInterval; char *AccelName; /**< Optional hardware acceleration engine name. */ char *AccelDir; /**< Optional hardware acceleration engine search dir. */ int UseEntryGuards; /**< Boolean: Do we try to enter from a smallish number

1 0

[tor/master] Move around check for TokenBucketRefillInterval; disallow changes to it
by nickm＠torproject.org 22 Sep '11

22 Sep '11

commit 0721abbf1b89602d4be4dd97a7bd3a5849d6ecae Author: Nick Mathewson <nickm(a)torproject.org> Date: Wed Sep 7 21:02:49 2011 -0400 Move around check for TokenBucketRefillInterval; disallow changes to it --- src/or/config.c | 18 +++++++++++------- 1 files changed, 11 insertions(+), 7 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index b04cee4..5a7a590 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1383,13 +1383,6 @@ options_act(const or_options_t *old_options) if (accounting_is_enabled(options)) configure_accounting(time(NULL)); - if (options->TokenBucketRefillInterval < 0 - || options->TokenBucketRefillInterval > 1000) { - log_warn(LD_CONFIG, "Token bucket refill interval must be in the range " - "of [0:1000]"); - return -1; - } - #ifdef USE_BUFFEREVENTS /* If we're using the bufferevents implementation and our rate limits * changed, we need to tell the rate-limiting system about it. */ @@ -3173,6 +3166,11 @@ options_validate(or_options_t *old_options, or_options_t *options, REJECT("TransPort and TransListenAddress are disabled in this build."); #endif + if (options->TokenBucketRefillInterval <= 0 + || options->TokenBucketRefillInterval > 1000) { + REJECT("TokenBucketRefillInterval must be between 1 and 1000 inclusive."); + } + if (options->AccountingMax && (is_listening_on_low_port(options->ORPort, options->ORListenAddress) || is_listening_on_low_port(options->DirPort, options->DirListenAddress))) @@ -3975,6 +3973,12 @@ options_transition_allowed(const or_options_t *old, return -1; } + if (old->TokenBucketRefillInterval != new_val->TokenBucketRefillInterval) { + *msg = tor_strdup("While Tor is running, changing TokenBucketRefill" + "Interval is not allowed"); + return -1; + } + if (old->DisableIOCP != new_val->DisableIOCP) { *msg = tor_strdup("While Tor is running, changing DisableIOCP " "is not allowed.");

1 0

← Newer
1
...
24
25
26
27
28
29
30
...
87
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits September 2011