June 2013 - tor-commits - lists.torproject.org

[tor/release-0.2.4] Start on an 0.2.4.14-alpha changelog
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit ce168e78009d7aab21254e8dc976573bd2bb2701 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:33:14 2013 -0400 Start on an 0.2.4.14-alpha changelog --- ChangeLog | 24 ++++++++++++++++++++++++ changes/bug9002 | 4 ---- changes/bug9063_redux | 15 --------------- changes/bug9072 | 3 --- 4 files changed, 24 insertions(+), 22 deletions(-) diff --git a/ChangeLog b/ChangeLog index 333213d..266a1cc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,27 @@ +Changes in version 0.2.4.14-alpha - 2013-06-18 + Tor 0.2.4.13-alpha fixes a pair of client guard enumeration problems + present in 0.2.4.13-alpha. + + o Major bugfixes: + - When we have too much memory queued in circuits (according to a new + MaxMemInCellQueues option), close the circuits consuming the most + memory. This prevents us from running out of memory as a relay if + circuits fill up faster than they can be drained. Fixes + bug 9063; bugfix on the 54th commit of Tor. This bug is a further + fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc. + + This change also fixes an earlier approach taken in 0.2.4.13-alpha, + where we tried to solve this issue simply by imposing an upper limit on + the number of queued cells for a single circuit. That approach proved + to be problematic, since there are ways to provoke clients to send a + number of cells in excess of any such reasonable limit. Fixes bug + 9072; bugfix on 0.2.4.13-alpha. + + - Limit hidden service descriptors to at most ten introduction + points, to slow one kind of guard enumeration. Fixes bug 9002; + bugfix on 0.1.1.11-alpha. + + Changes in version 0.2.4.13-alpha - 2013-06-14 Tor 0.2.4.13-alpha fixes a variety of potential remote crash vulnerabilities, makes socks5 username/password circuit isolation diff --git a/changes/bug9002 b/changes/bug9002 deleted file mode 100644 index c41ace3..0000000 --- a/changes/bug9002 +++ /dev/null @@ -1,4 +0,0 @@ - o Major bugfixes: - - Limit hidden service descriptors to at most ten introduction - points, to slow one kind of guard enumeration. Fixes bug 9002; - bugfix on 0.1.1.11-alpha. diff --git a/changes/bug9063_redux b/changes/bug9063_redux deleted file mode 100644 index e6fae72..0000000 --- a/changes/bug9063_redux +++ /dev/null @@ -1,15 +0,0 @@ - o Major bugfixes: - - When we have too much memory queued in circuits (according to a new - MaxMemInCellQueues option), close the circuits consuming the most - memory. This prevents us from running out of memory as a relay if - circuits fill up faster than they can be drained. Fixes - bug 9063; bugfix on the 54th commit of Tor. This bug is a further - fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc. - - Also fixes an earlier approach taken in 0.2.4.13-alpha, where we - tried to solve this issue simply by imposing an upper limit on the - number of queued cells for a single circuit. That approach proved to - be problematic, since there are ways to provoke clients to send a - number of cells in excess of any such reasonable limit. - Fixes bug 9072; bugfix on 0.2.4.13-alpha. - diff --git a/changes/bug9072 b/changes/bug9072 deleted file mode 100644 index e594a38..0000000 --- a/changes/bug9072 +++ /dev/null @@ -1,3 +0,0 @@ - o Critical bugfixes: - - Disable middle relay queue overfill detection code due to possible - guard discovery attack, pending further analysis. Fixes bug #9072.

1 0

[tor/release-0.2.4] Bump version to 0.2.4.14-alpha.
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit fd9ba5ed560d3be63ce0eb898ea73dff2b9b9ae7 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:40:18 2013 -0400 Bump version to 0.2.4.14-alpha. (Remember, this isn't a release until we tag it.) --- configure.ac | 2 +- contrib/tor-mingw.nsi.in | 2 +- src/win32/orconfig.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index f7e7f5e..5def901 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson dnl Copyright (c) 2007-2013, The Tor Project, Inc. dnl See LICENSE for licensing information -AC_INIT([tor],[0.2.4.13-alpha]) +AC_INIT([tor],[0.2.4.14-alpha]) AC_CONFIG_SRCDIR([src/or/main.c]) AC_CONFIG_MACRO_DIR([m4]) AM_INIT_AUTOMAKE diff --git a/contrib/tor-mingw.nsi.in b/contrib/tor-mingw.nsi.in index 603194a..0697577 100644 --- a/contrib/tor-mingw.nsi.in +++ b/contrib/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.2.4.13-alpha" +!define VERSION "0.2.4.14-alpha" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 508fe36..b073219 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -241,7 +241,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.4.13-alpha" +#define VERSION "0.2.4.14-alpha"

1 0

[tor/release-0.2.4] Disable middle relay queue overfill detection code due to possible guard discovery attack
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit 2a95f3171681ee53c97ccba9d80f4454b462aaa7 Author: Andrea Shepard <andrea(a)torproject.org> Date: Sat Jun 15 02:16:00 2013 -0700 Disable middle relay queue overfill detection code due to possible guard discovery attack --- changes/bug9072 | 3 +++ src/or/relay.c | 5 +++++ 2 files changed, 8 insertions(+) diff --git a/changes/bug9072 b/changes/bug9072 new file mode 100644 index 0000000..e594a38 --- /dev/null +++ b/changes/bug9072 @@ -0,0 +1,3 @@ + o Critical bugfixes: + - Disable middle relay queue overfill detection code due to possible + guard discovery attack, pending further analysis. Fixes bug #9072. diff --git a/src/or/relay.c b/src/or/relay.c index 087459c..fdb4bff 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -2548,6 +2548,10 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, streams_blocked = circ->streams_blocked_on_p_conn; } + /* + * Disabling this for now because of a possible guard discovery attack + */ +#if 0 /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */ if ((circ->n_conn != NULL) && CIRCUIT_IS_ORCIRC(circ)) { orcirc = TO_OR_CIRCUIT(circ); @@ -2566,6 +2570,7 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, } } } +#endif cell_queue_append_packed_copy(queue, cell);

1 0

[tor/release-0.2.4] Merge branch 'bug9072-023' into bug9072-024
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit 9e45d940d466bcefcd1490fc2ae0e5a6298a846f Merge: 8b6d0bd 2a95f31 Author: Andrea Shepard <andrea(a)torproject.org> Date: Sat Jun 15 02:20:19 2013 -0700 Merge branch 'bug9072-023' into bug9072-024 changes/bug9072 | 3 +++ src/or/relay.c | 5 +++++ 2 files changed, 8 insertions(+) diff --cc src/or/relay.c index a26d418,fdb4bff..0f21663 --- a/src/or/relay.c +++ b/src/or/relay.c @@@ -2474,18 -2540,22 +2474,22 @@@ append_cell_to_circuit_queue(circuit_t return; if (direction == CELL_DIRECTION_OUT) { - queue = &circ->n_conn_cells; - streams_blocked = circ->streams_blocked_on_n_conn; + queue = &circ->n_chan_cells; + streams_blocked = circ->streams_blocked_on_n_chan; } else { orcirc = TO_OR_CIRCUIT(circ); - queue = &orcirc->p_conn_cells; - streams_blocked = circ->streams_blocked_on_p_conn; + queue = &orcirc->p_chan_cells; + streams_blocked = circ->streams_blocked_on_p_chan; } + /* + * Disabling this for now because of a possible guard discovery attack + */ + #if 0 /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */ - if ((circ->n_conn != NULL) && CIRCUIT_IS_ORCIRC(circ)) { + if ((circ->n_chan != NULL) && CIRCUIT_IS_ORCIRC(circ)) { orcirc = TO_OR_CIRCUIT(circ); - if (orcirc->p_conn) { + if (orcirc->p_chan) { if (queue->n + 1 >= ORCIRC_MAX_MIDDLE_CELLS) { /* Queueing this cell would put queue over the cap */ log_warn(LD_CIRC, @@@ -2505,8 -2570,9 +2509,9 @@@ } } } + #endif - cell_queue_append_packed_copy(queue, cell); + cell_queue_append_packed_copy(queue, cell, chan->wide_circ_ids); /* If we have too many cells on the circuit, we should stop reading from * the edge streams for a while. */

1 0

[tor/release-0.2.4] Limit hidden service descriptors to at most 10 guard nodes.
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit dc516a543604e081583cbe725bc4b0a89768fc78 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun Jun 16 20:23:33 2013 -0400 Limit hidden service descriptors to at most 10 guard nodes. Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard nodes), or on 0.0.6pre1 (which introduced hidden services). --- changes/bug9002 | 4 ++++ src/or/rendcommon.c | 25 +++++++++++++++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) diff --git a/changes/bug9002 b/changes/bug9002 new file mode 100644 index 0000000..c41ace3 --- /dev/null +++ b/changes/bug9002 @@ -0,0 +1,4 @@ + o Major bugfixes: + - Limit hidden service descriptors to at most ten introduction + points, to slow one kind of guard enumeration. Fixes bug 9002; + bugfix on 0.1.1.11-alpha. diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 4722690..812fce9 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -1002,6 +1002,10 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc) return 0; } +/* Do not allow more than this many introduction points in a hidden service + * descriptor */ +#define MAX_INTRO_POINTS 10 + /** Parse *desc, calculate its service id, and store it in the cache. * If we have a newer v0 descriptor with the same ID, ignore this one. * If we have an older descriptor with the same ID, replace it. @@ -1070,6 +1074,15 @@ rend_cache_store(const char *desc, size_t desc_len, int published, rend_service_descriptor_free(parsed); return -1; } + if (parsed->intro_nodes && + smartlist_len(parsed->intro_nodes) > MAX_INTRO_POINTS) { + log_warn(LD_REND, "Found too many introduction points on a hidden " + "service descriptor for %s. This is probably a (misguided) " + "attempt to improve reliability, but it could also be an " + "attempt to do a guard enumeration attack. Rejecting.", + safe_str_client(query)); + return -2; + } tor_snprintf(key, sizeof(key), "0%s", query); e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key); if (e && e->parsed->timestamp > parsed->timestamp) { @@ -1288,6 +1301,7 @@ rend_cache_store_v2_desc_as_client(const char *desc, } /* Decode/decrypt introduction points. */ if (intro_content) { + int n_intro_points; if (rend_query->auth_type != REND_NO_AUTH && !tor_mem_is_zero(rend_query->descriptor_cookie, sizeof(rend_query->descriptor_cookie))) { @@ -1308,13 +1322,20 @@ rend_cache_store_v2_desc_as_client(const char *desc, intro_size = ipos_decrypted_size; } } - if (rend_parse_introduction_points(parsed, intro_content, - intro_size) <= 0) { + n_intro_points = rend_parse_introduction_points(parsed, intro_content, + intro_size); + if (n_intro_points <= 0) { log_warn(LD_REND, "Failed to parse introduction points. Either the " "service has published a corrupt descriptor or you have " "provided invalid authorization data."); retval = -2; goto err; + } else if (n_intro_points > MAX_INTRO_POINTS) { + log_warn(LD_REND, "Found too many introduction points on a hidden " + "service descriptor for %s. This is probably a (misguided) " + "attempt to improve reliability, but it could also be an " + "attempt to do a guard enumeration attack. Rejecting.", + safe_str_client(rend_query->onion_address)); } } else { log_info(LD_REND, "Descriptor does not contain any introduction points.");

1 0

[tor/release-0.2.4] Implement a real OOM-killer for too-long circuit queues.
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit 2e1fe1fcf93c2a77805048bea5c535ca4456d583 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun Jun 16 09:55:44 2013 -0400 Implement a real OOM-killer for too-long circuit queues. This implements "algorithm 1" from my discussion of bug #9072: on OOM, find the circuits with the longest queues, and kill them. It's also a fix for #9063 -- without the side-effects of bug #9072. The memory bounds aren't perfect here, and you need to be sure to allow some slack for the rest of Tor's usage. This isn't a perfect fix; the rest of the solutions I describe on codeable. --- changes/bug9063_redux | 15 ++++++++ doc/tor.1.txt | 9 +++++ src/common/mempool.h | 2 + src/or/circuitlist.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++ src/or/circuitlist.h | 1 + src/or/config.c | 7 ++++ src/or/or.h | 4 ++ src/or/relay.c | 33 +++++++++++++++- src/or/relay.h | 1 + 9 files changed, 172 insertions(+), 2 deletions(-) diff --git a/changes/bug9063_redux b/changes/bug9063_redux new file mode 100644 index 0000000..e6fae72 --- /dev/null +++ b/changes/bug9063_redux @@ -0,0 +1,15 @@ + o Major bugfixes: + - When we have too much memory queued in circuits (according to a new + MaxMemInCellQueues option), close the circuits consuming the most + memory. This prevents us from running out of memory as a relay if + circuits fill up faster than they can be drained. Fixes + bug 9063; bugfix on the 54th commit of Tor. This bug is a further + fix beyond bug 6252, whose fix was merged into 0.2.3.21-rc. + + Also fixes an earlier approach taken in 0.2.4.13-alpha, where we + tried to solve this issue simply by imposing an upper limit on the + number of queued cells for a single circuit. That approach proved to + be problematic, since there are ways to provoke clients to send a + number of cells in excess of any such reasonable limit. + Fixes bug 9072; bugfix on 0.2.4.13-alpha. + diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 773fccf..1f3afef 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1475,6 +1475,15 @@ is non-zero): localhost, RFC1918 addresses, and so on. This can create security issues; you should probably leave it off. (Default: 0) +**MaxMemInCellQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: + This option configures a threshold above which Tor will assume that it + needs to stop queueing cells because it's about to run out of memory. + If it hits this threshold, it will begin killing circuits until it + has recovered at least 10% of this memory. Do not set this option too + low, or your relay may be unreliable under load. This option only + effects circuit queues, so the actual process size will be larger than + this. (Default: 8GB) + DIRECTORY SERVER OPTIONS ------------------------ diff --git a/src/common/mempool.h b/src/common/mempool.h index d0a7bc2..bc424ac 100644 --- a/src/common/mempool.h +++ b/src/common/mempool.h @@ -22,6 +22,8 @@ void mp_pool_destroy(mp_pool_t *pool); void mp_pool_assert_ok(mp_pool_t *pool); void mp_pool_log_status(mp_pool_t *pool, int severity); +#define MP_POOL_ITEM_OVERHEAD (sizeof(void*)) + #define MEMPOOL_STATS #ifdef MEMPOOL_PRIVATE diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 93ba69d..d9ea4d1 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -1359,6 +1359,108 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line, } } +/** Given a marked circuit circ, aggressively free its cell queues to + * recover memory. */ +static void +marked_circuit_free_cells(circuit_t *circ) +{ + if (!circ->marked_for_close) { + log_warn(LD_BUG, "Called on non-marked circuit"); + return; + } + cell_queue_clear(&circ->n_conn_cells); + if (! CIRCUIT_IS_ORIGIN(circ)) + cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_conn_cells); +} + +/** Return the number of cells used by the circuit c's cell queues. */ +static size_t +n_cells_in_circ_queues(const circuit_t *c) +{ + size_t n = c->n_conn_cells.n; + if (! CIRCUIT_IS_ORIGIN(c)) + n += TO_OR_CIRCUIT((circuit_t*)c)->p_conn_cells.n; + return n; +} + +/** helper to sort a list of circuit_q by total queue lengths, in descending + * order. */ +static int +circuits_compare_by_queue_len_(const void **a_, const void **b_) +{ + const circuit_t *a = *a_; + const circuit_t *b = *b_; + size_t a_n = n_cells_in_circ_queues(a); + size_t b_n = n_cells_in_circ_queues(b); + + if (a_n < b_n) + return 1; + else if (a_n == b_n) + return 0; + else + return -1; +} + +#define FRACTION_OF_CIRCS_TO_RETAIN_ON_OOM 0.90 + +/** We're out of memory for cells, having allocated current_allocation + * bytes' worth. Kill the 'worst' circuits until we're under + * FRACTION_OF_CIRCS_TO_RETAIN_ON_OOM of our maximum usage. */ +void +circuits_handle_oom(size_t current_allocation) +{ + /* Let's hope there's enough slack space for this allocation here... */ + smartlist_t *circlist = smartlist_new(); + circuit_t *circ; + size_t n_cells_removed=0, n_cells_to_remove; + int n_circuits_killed=0; + log_notice(LD_GENERAL, "We're low on memory. Killing circuits with " + "over-long queues. (This behavior is controlled by " + "MaxMemInCellQueues.)"); + + { + size_t mem_target = (size_t)(get_options()->MaxMemInCellQueues * + FRACTION_OF_CIRCS_TO_RETAIN_ON_OOM); + size_t mem_to_recover; + if (current_allocation <= mem_target) + return; + mem_to_recover = current_allocation - mem_target; + n_cells_to_remove = CEIL_DIV(mem_to_recover, packed_cell_mem_cost()); + } + + /* This algorithm itself assumes that you've got enough memory slack + * to actually run it. */ + for (circ = global_circuitlist; circ; circ = circ->next) + smartlist_add(circlist, circ); + + /* This is O(n log n); there are faster algorithms we could use instead. + * Let's hope this doesn't happen enough to be in the critical path. */ + smartlist_sort(circlist, circuits_compare_by_queue_len_); + + /* Okay, now the worst circuits are at the front of the list. Let's mark + * them, and reclaim their storage aggressively. */ + SMARTLIST_FOREACH_BEGIN(circlist, circuit_t *, circ) { + size_t n = n_cells_in_circ_queues(circ); + if (! circ->marked_for_close) { + circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT); + } + marked_circuit_free_cells(circ); + + ++n_circuits_killed; + n_cells_removed += n; + if (n_cells_removed >= n_cells_to_remove) + break; + } SMARTLIST_FOREACH_END(circ); + + clean_cell_pool(); /* In case this helps. */ + + log_notice(LD_GENERAL, "Removed "U64_FORMAT" bytes by killing %d circuits.", + U64_PRINTF_ARG(n_cells_removed * packed_cell_mem_cost()), + n_circuits_killed); + + smartlist_free(circlist); +} + /** Verify that cpath layer cp has all of its invariants * correct. Trigger an assert if anything is invalid. */ diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h index 6e77354..44f0c1f 100644 --- a/src/or/circuitlist.h +++ b/src/or/circuitlist.h @@ -57,6 +57,7 @@ int circuit_count_pending_on_or_conn(or_connection_t *or_conn); void assert_cpath_layer_ok(const crypt_path_t *cp); void assert_circuit_ok(const circuit_t *c); void circuit_free_all(void); +void circuits_handle_oom(size_t current_allocation); #endif diff --git a/src/or/config.c b/src/or/config.c index 90a5dfb..d5c5689 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -343,6 +343,7 @@ static config_var_t _option_vars[] = { V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending, UINT, "32"), + V(MaxMemInCellQueues, MEMUNIT, "8 GB"), V(MaxOnionsPending, UINT, "100"), OBSOLETE("MonthlyAccountingStart"), V(MyFamily, STRING, NULL), @@ -3668,6 +3669,12 @@ options_validate(or_options_t *old_options, or_options_t *options, log_warn(LD_CONFIG, "EntryNodes is set, but UseEntryGuards is disabled. " "EntryNodes will be ignored."); + if (options->MaxMemInCellQueues < (500 << 20)) { + log_warn(LD_CONFIG, "MaxMemInCellQueues must be at least 500 MB for now. " + "Ideally, have it as large as you can afford."); + options->MaxMemInCellQueues = (500 << 20); + } + options->_AllowInvalid = 0; if (options->AllowInvalidNodes) { SMARTLIST_FOREACH_BEGIN(options->AllowInvalidNodes, const char *, cp) { diff --git a/src/or/or.h b/src/or/or.h index 83bf8c8..dd95c34 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3064,6 +3064,10 @@ typedef struct { config_line_t *DirPort_lines; config_line_t *DNSPort_lines; /**< Ports to listen on for DNS requests. */ + uint64_t MaxMemInCellQueues; /**< If we have more memory than this allocated + * for circuit cell queues, run the OOM handler + */ + /** @name port booleans * * Derived booleans: True iff there is a non-listener port on an AF_INET or diff --git a/src/or/relay.c b/src/or/relay.c index fdb4bff..fda9e89 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1799,7 +1799,7 @@ circuit_consider_sending_sendme(circuit_t *circ, crypt_path_t *layer_hint) #endif /** The total number of cells we have allocated from the memory pool. */ -static int total_cells_allocated = 0; +static size_t total_cells_allocated = 0; /** A memory pool to allocate packed_cell_t objects. */ static mp_pool_t *cell_pool = NULL; @@ -1871,7 +1871,7 @@ dump_cell_pool_usage(int severity) ++n_circs; } log(severity, LD_MM, "%d cells allocated on %d circuits. %d cells leaked.", - n_cells, n_circs, total_cells_allocated - n_cells); + n_cells, n_circs, (int)total_cells_allocated - n_cells); mp_pool_log_status(cell_pool, severity); } @@ -1978,6 +1978,29 @@ cell_queue_pop(cell_queue_t *queue) return cell; } +/** Return the total number of bytes used for each packed_cell in a queue. + * Approximate. */ +size_t +packed_cell_mem_cost(void) +{ + return sizeof(packed_cell_t) + MP_POOL_ITEM_OVERHEAD + + get_options()->CellStatistics ? + (sizeof(insertion_time_elem_t)+MP_POOL_ITEM_OVERHEAD) : 0; +} + +/** Check whether we've got too much space used for cells. If so, + * call the OOM handler and return 1. Otherwise, return 0. */ +static int +cell_queues_check_size(void) +{ + size_t alloc = total_cells_allocated * packed_cell_mem_cost(); + if (alloc >= get_options()->MaxMemInCellQueues) { + circuits_handle_oom(alloc); + return 1; + } + return 0; +} + /** Return a pointer to the "next_active_on_{n,p}_conn" pointer of circ, * depending on whether conn matches n_conn or p_conn. */ static INLINE circuit_t ** @@ -2574,6 +2597,12 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, cell_queue_append_packed_copy(queue, cell); + if (PREDICT_UNLIKELY(cell_queues_check_size())) { + /* We ran the OOM handler */ + if (circ->marked_for_close) + return; + } + /* If we have too many cells on the circuit, we should stop reading from * the edge streams for a while. */ if (!streams_blocked && queue->n >= CELL_QUEUE_HIGHWATER_SIZE) diff --git a/src/or/relay.h b/src/or/relay.h index 41675e2..c55813b 100644 --- a/src/or/relay.h +++ b/src/or/relay.h @@ -40,6 +40,7 @@ void init_cell_pool(void); void free_cell_pool(void); void clean_cell_pool(void); void dump_cell_pool_usage(int severity); +size_t packed_cell_mem_cost(void); void cell_queue_clear(cell_queue_t *queue); void cell_queue_append(cell_queue_t *queue, packed_cell_t *cell);

1 0

[tor/release-0.2.4] Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit c37fdc2eef0ccfeff56df5a9b7dfae9396fc643c Merge: dc516a5 2e1fe1f Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:16:47 2013 -0400 Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 changes/bug9063_redux | 15 ++++++++ doc/tor.1.txt | 9 +++++ src/common/mempool.h | 2 + src/or/circuitlist.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++ src/or/circuitlist.h | 1 + src/or/config.c | 7 ++++ src/or/or.h | 4 ++ src/or/relay.c | 33 +++++++++++++++- src/or/relay.h | 1 + 9 files changed, 172 insertions(+), 2 deletions(-)

1 0

[tor/release-0.2.4] Tweak bug9063_redux patch: {n_p}_chan_cells, not {n, p}_conn_cells
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit efa342f5fa2c6700ed8273557b7fb39bdc577120 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:25:10 2013 -0400 Tweak bug9063_redux patch: {n_p}_chan_cells, not {n,p}_conn_cells --- src/or/circuitlist.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index ac33ecf..3dc362f 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -1508,18 +1508,18 @@ marked_circuit_free_cells(circuit_t *circ) log_warn(LD_BUG, "Called on non-marked circuit"); return; } - cell_queue_clear(&circ->n_conn_cells); + cell_queue_clear(&circ->n_chan_cells); if (! CIRCUIT_IS_ORIGIN(circ)) - cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_conn_cells); + cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_chan_cells); } /** Return the number of cells used by the circuit c's cell queues. */ static size_t n_cells_in_circ_queues(const circuit_t *c) { - size_t n = c->n_conn_cells.n; + size_t n = c->n_chan_cells.n; if (! CIRCUIT_IS_ORIGIN(c)) - n += TO_OR_CIRCUIT((circuit_t*)c)->p_conn_cells.n; + n += TO_OR_CIRCUIT((circuit_t*)c)->p_chan_cells.n; return n; }

1 0

[tor/release-0.2.4] Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit d3063da691d0006cf41f6406099f056ab47c543a Merge: 9e45d94 c37fdc2 Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:23:03 2013 -0400 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 Conflicts: src/or/config.c src/or/relay.c changes/bug9002 | 4 ++ changes/bug9063_redux | 15 ++++++++ doc/tor.1.txt | 9 +++++ src/common/mempool.h | 2 + src/or/circuitlist.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++ src/or/circuitlist.h | 1 + src/or/config.c | 8 ++++ src/or/or.h | 4 ++ src/or/relay.c | 33 +++++++++++++++- src/or/relay.h | 1 + src/or/rendcommon.c | 25 +++++++++++- 11 files changed, 200 insertions(+), 4 deletions(-) diff --cc src/or/config.c index df1a67e,d5c5689..55d19b8 --- a/src/or/config.c +++ b/src/or/config.c @@@ -299,9 -343,8 +299,10 @@@ static config_var_t option_vars_[] = V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending, UINT, "32"), + V(MaxMemInCellQueues, MEMUNIT, "8 GB"), - V(MaxOnionsPending, UINT, "100"), + OBSOLETE("MaxOnionsPending"), + V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), + V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"), OBSOLETE("MonthlyAccountingStart"), V(MyFamily, STRING, NULL), V(NewCircuitPeriod, INTERVAL, "30 seconds"), @@@ -2606,11 -3665,17 +2607,18 @@@ options_validate(or_options_t *old_opti if (options->UseBridges && options->EntryNodes) REJECT("You cannot set both UseBridges and EntryNodes."); - if (options->EntryNodes && !options->UseEntryGuards) - log_warn(LD_CONFIG, "EntryNodes is set, but UseEntryGuards is disabled. " - "EntryNodes will be ignored."); + if (options->EntryNodes && !options->UseEntryGuards) { + REJECT("If EntryNodes is set, UseEntryGuards must be enabled."); + } + if (options->MaxMemInCellQueues < (500 << 20)) { + log_warn(LD_CONFIG, "MaxMemInCellQueues must be at least 500 MB for now. " + "Ideally, have it as large as you can afford."); + options->MaxMemInCellQueues = (500 << 20); + } + - options->_AllowInvalid = 0; + options->AllowInvalid_ = 0; ++ if (options->AllowInvalidNodes) { SMARTLIST_FOREACH_BEGIN(options->AllowInvalidNodes, const char *, cp) { if (!strcasecmp(cp, "entry")) diff --cc src/or/relay.c index 0f21663,fda9e89..3138c5e --- a/src/or/relay.c +++ b/src/or/relay.c @@@ -2106,15 -1864,14 +2106,15 @@@ dump_cell_pool_usage(int severity circuit_t *c; int n_circs = 0; int n_cells = 0; - for (c = _circuit_get_global_list(); c; c = c->next) { - n_cells += c->n_conn_cells.n; + for (c = circuit_get_global_list_(); c; c = c->next) { + n_cells += c->n_chan_cells.n; if (!CIRCUIT_IS_ORIGIN(c)) - n_cells += TO_OR_CIRCUIT(c)->p_conn_cells.n; + n_cells += TO_OR_CIRCUIT(c)->p_chan_cells.n; ++n_circs; } - log(severity, LD_MM, "%d cells allocated on %d circuits. %d cells leaked.", - n_cells, n_circs, (int)total_cells_allocated - n_cells); + tor_log(severity, LD_MM, + "%d cells allocated on %d circuits. %d cells leaked.", - n_cells, n_circs, total_cells_allocated - n_cells); ++ n_cells, n_circs, (int)total_cells_allocated - n_cells); mp_pool_log_status(cell_pool, severity); } @@@ -2222,64 -1978,382 +2222,87 @@@ cell_queue_pop(cell_queue_t *queue return cell; } + /** Return the total number of bytes used for each packed_cell in a queue. + * Approximate. */ + size_t + packed_cell_mem_cost(void) + { + return sizeof(packed_cell_t) + MP_POOL_ITEM_OVERHEAD + + get_options()->CellStatistics ? + (sizeof(insertion_time_elem_t)+MP_POOL_ITEM_OVERHEAD) : 0; + } + + /** Check whether we've got too much space used for cells. If so, + * call the OOM handler and return 1. Otherwise, return 0. */ + static int + cell_queues_check_size(void) + { + size_t alloc = total_cells_allocated * packed_cell_mem_cost(); + if (alloc >= get_options()->MaxMemInCellQueues) { + circuits_handle_oom(alloc); + return 1; + } + return 0; + } + -/** Return a pointer to the "next_active_on_{n,p}_conn" pointer of circ, - * depending on whether conn matches n_conn or p_conn. */ -static INLINE circuit_t ** -next_circ_on_conn_p(circuit_t *circ, or_connection_t *conn) -{ - tor_assert(circ); - tor_assert(conn); - if (conn == circ->n_conn) { - return &circ->next_active_on_n_conn; - } else { - or_circuit_t *orcirc = TO_OR_CIRCUIT(circ); - tor_assert(conn == orcirc->p_conn); - return &orcirc->next_active_on_p_conn; - } -} - -/** Return a pointer to the "prev_active_on_{n,p}_conn" pointer of circ, - * depending on whether conn matches n_conn or p_conn. */ -static INLINE circuit_t ** -prev_circ_on_conn_p(circuit_t *circ, or_connection_t *conn) -{ - tor_assert(circ); - tor_assert(conn); - if (conn == circ->n_conn) { - return &circ->prev_active_on_n_conn; - } else { - or_circuit_t *orcirc = TO_OR_CIRCUIT(circ); - tor_assert(conn == orcirc->p_conn); - return &orcirc->prev_active_on_p_conn; - } -} - -/** Helper for sorting cell_ewma_t values in their priority queue. */ -static int -compare_cell_ewma_counts(const void *p1, const void *p2) -{ - const cell_ewma_t *e1=p1, *e2=p2; - if (e1->cell_count < e2->cell_count) - return -1; - else if (e1->cell_count > e2->cell_count) - return 1; - else - return 0; -} - -/** Given a cell_ewma_t, return a pointer to the circuit containing it. */ -static circuit_t * -cell_ewma_to_circuit(cell_ewma_t *ewma) -{ - if (ewma->is_for_p_conn) { - /* This is an or_circuit_t's p_cell_ewma. */ - or_circuit_t *orcirc = SUBTYPE_P(ewma, or_circuit_t, p_cell_ewma); - return TO_CIRCUIT(orcirc); - } else { - /* This is some circuit's n_cell_ewma. */ - return SUBTYPE_P(ewma, circuit_t, n_cell_ewma); - } -} - -/* ==== Functions for scaling cell_ewma_t ==== - - When choosing which cells to relay first, we favor circuits that have been - quiet recently. This gives better latency on connections that aren't - pushing lots of data, and makes the network feel more interactive. - - Conceptually, we take an exponentially weighted mean average of the number - of cells a circuit has sent, and allow active circuits (those with cells to - relay) to send cells in reverse order of their exponentially-weighted mean - average (EWMA) cell count. [That is, a cell sent N seconds ago 'counts' - F^N times as much as a cell sent now, for 0<F<1.0, and we favor the - circuit that has sent the fewest cells] - - If 'double' had infinite precision, we could do this simply by counting a - cell sent at startup as having weight 1.0, and a cell sent N seconds later - as having weight F^-N. This way, we would never need to re-scale - any already-sent cells. - - To prevent double from overflowing, we could count a cell sent now as - having weight 1.0 and a cell sent N seconds ago as having weight F^N. - This, however, would mean we'd need to re-scale *ALL* old circuits every - time we wanted to send a cell. - - So as a compromise, we divide time into 'ticks' (currently, 10-second - increments) and say that a cell sent at the start of a current tick is - worth 1.0, a cell sent N seconds before the start of the current tick is - worth F^N, and a cell sent N seconds after the start of the current tick is - worth F^-N. This way we don't overflow, and we don't need to constantly - rescale. - */ - -/** How long does a tick last (seconds)? */ -#define EWMA_TICK_LEN 10 - -/** The default per-tick scale factor, if it hasn't been overridden by a - * consensus or a configuration setting. zero means "disabled". */ -#define EWMA_DEFAULT_HALFLIFE 0.0 - -/** Given a timeval now, compute the cell_ewma tick in which it occurs - * and the fraction of the tick that has elapsed between the start of the tick - * and now. Return the former and store the latter in - * *remainder_out. - * - * These tick values are not meant to be shared between Tor instances, or used - * for other purposes. */ -static unsigned -cell_ewma_tick_from_timeval(const struct timeval *now, - double *remainder_out) -{ - unsigned res = (unsigned) (now->tv_sec / EWMA_TICK_LEN); - /* rem */ - double rem = (now->tv_sec % EWMA_TICK_LEN) + - ((double)(now->tv_usec)) / 1.0e6; - *remainder_out = rem / EWMA_TICK_LEN; - return res; -} - -/** Compute and return the current cell_ewma tick. */ -unsigned -cell_ewma_get_tick(void) -{ - return ((unsigned)approx_time() / EWMA_TICK_LEN); -} - -/** The per-tick scale factor to be used when computing cell-count EWMA - * values. (A cell sent N ticks before the start of the current tick - * has value ewma_scale_factor ** N.) +/** + * Update the number of cells available on the circuit's n_chan or p_chan's + * circuit mux. */ -static double ewma_scale_factor = 0.1; -/* DOCDOC ewma_enabled */ -static int ewma_enabled = 0; - -/*DOCDOC*/ -#define EPSILON 0.00001 -/*DOCDOC*/ -#define LOG_ONEHALF -0.69314718055994529 - -/** Adjust the global cell scale factor based on options */ void -cell_ewma_set_scale_factor(const or_options_t *options, - const networkstatus_t *consensus) +update_circuit_on_cmux_(circuit_t *circ, cell_direction_t direction, + const char *file, int lineno) { - int32_t halflife_ms; - double halflife; - const char *source; - if (options && options->CircuitPriorityHalflife >= -EPSILON) { - halflife = options->CircuitPriorityHalflife; - source = "CircuitPriorityHalflife in configuration"; - } else if (consensus && (halflife_ms = networkstatus_get_param( - consensus, "CircuitPriorityHalflifeMsec", - -1, -1, INT32_MAX)) >= 0) { - halflife = ((double)halflife_ms)/1000.0; - source = "CircuitPriorityHalflifeMsec in consensus"; - } else { - halflife = EWMA_DEFAULT_HALFLIFE; - source = "Default value"; - } + channel_t *chan = NULL; + or_circuit_t *or_circ = NULL; + circuitmux_t *cmux = NULL; - if (halflife <= EPSILON) { - /* The cell EWMA algorithm is disabled. */ - ewma_scale_factor = 0.1; - ewma_enabled = 0; - log_info(LD_OR, - "Disabled cell_ewma algorithm because of value in %s", - source); - } else { - /* convert halflife into halflife-per-tick. */ - halflife /= EWMA_TICK_LEN; - /* compute per-tick scale factor. */ - ewma_scale_factor = exp( LOG_ONEHALF / halflife ); - ewma_enabled = 1; - log_info(LD_OR, - "Enabled cell_ewma algorithm because of value in %s; " - "scale factor is %f per %d seconds", - source, ewma_scale_factor, EWMA_TICK_LEN); - } -} - -/** Return the multiplier necessary to convert the value of a cell sent in - * 'from_tick' to one sent in 'to_tick'. */ -static INLINE double -get_scale_factor(unsigned from_tick, unsigned to_tick) -{ - /* This math can wrap around, but that's okay: unsigned overflow is - well-defined */ - int diff = (int)(to_tick - from_tick); - return pow(ewma_scale_factor, diff); -} - -/** Adjust the cell count of ewma so that it is scaled with respect to - * cur_tick */ -static void -scale_single_cell_ewma(cell_ewma_t *ewma, unsigned cur_tick) -{ - double factor = get_scale_factor(ewma->last_adjusted_tick, cur_tick); - ewma->cell_count *= factor; - ewma->last_adjusted_tick = cur_tick; -} - -/** Adjust the cell count of every active circuit on conn so - * that they are scaled with respect to cur_tick */ -static void -scale_active_circuits(or_connection_t *conn, unsigned cur_tick) -{ - - double factor = get_scale_factor( - conn->active_circuit_pqueue_last_recalibrated, - cur_tick); - /** Ordinarily it isn't okay to change the value of an element in a heap, - * but it's okay here, since we are preserving the order. */ - SMARTLIST_FOREACH(conn->active_circuit_pqueue, cell_ewma_t *, e, { - tor_assert(e->last_adjusted_tick == - conn->active_circuit_pqueue_last_recalibrated); - e->cell_count *= factor; - e->last_adjusted_tick = cur_tick; - }); - conn->active_circuit_pqueue_last_recalibrated = cur_tick; -} - -/** Rescale ewma to the same scale as conn, and add it to - * conn's priority queue of active circuits */ -static void -add_cell_ewma_to_conn(or_connection_t *conn, cell_ewma_t *ewma) -{ - tor_assert(ewma->heap_index == -1); - scale_single_cell_ewma(ewma, - conn->active_circuit_pqueue_last_recalibrated); - - smartlist_pqueue_add(conn->active_circuit_pqueue, - compare_cell_ewma_counts, - STRUCT_OFFSET(cell_ewma_t, heap_index), - ewma); -} - -/** Remove ewma from conn's priority queue of active circuits */ -static void -remove_cell_ewma_from_conn(or_connection_t *conn, cell_ewma_t *ewma) -{ - tor_assert(ewma->heap_index != -1); - smartlist_pqueue_remove(conn->active_circuit_pqueue, - compare_cell_ewma_counts, - STRUCT_OFFSET(cell_ewma_t, heap_index), - ewma); -} - -/** Remove and return the first cell_ewma_t from conn's priority queue of - * active circuits. Requires that the priority queue is nonempty. */ -static cell_ewma_t * -pop_first_cell_ewma_from_conn(or_connection_t *conn) -{ - return smartlist_pqueue_pop(conn->active_circuit_pqueue, - compare_cell_ewma_counts, - STRUCT_OFFSET(cell_ewma_t, heap_index)); -} - -/** Add circ to the list of circuits with pending cells on - * conn. No effect if circ is already linked. */ -void -make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn) -{ - circuit_t **nextp = next_circ_on_conn_p(circ, conn); - circuit_t **prevp = prev_circ_on_conn_p(circ, conn); - - if (*nextp && *prevp) { - /* Already active. */ - return; - } - - assert_active_circuits_ok_paranoid(conn); + tor_assert(circ); - if (! conn->active_circuits) { - conn->active_circuits = circ; - *prevp = *nextp = circ; + /* Okay, get the channel */ + if (direction == CELL_DIRECTION_OUT) { + chan = circ->n_chan; } else { - circuit_t *head = conn->active_circuits; - circuit_t *old_tail = *prev_circ_on_conn_p(head, conn); - *next_circ_on_conn_p(old_tail, conn) = circ; - *nextp = head; - *prev_circ_on_conn_p(head, conn) = circ; - *prevp = old_tail; + or_circ = TO_OR_CIRCUIT(circ); + chan = or_circ->p_chan; } - if (circ->n_conn == conn) { - add_cell_ewma_to_conn(conn, &circ->n_cell_ewma); - } else { - or_circuit_t *orcirc = TO_OR_CIRCUIT(circ); - tor_assert(conn == orcirc->p_conn); - add_cell_ewma_to_conn(conn, &orcirc->p_cell_ewma); - } + tor_assert(chan); + tor_assert(chan->cmux); - assert_active_circuits_ok_paranoid(conn); -} + /* Now get the cmux */ + cmux = chan->cmux; -/** Remove circ from the list of circuits with pending cells on - * conn. No effect if circ is already unlinked. */ -void -make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn) -{ - circuit_t **nextp = next_circ_on_conn_p(circ, conn); - circuit_t **prevp = prev_circ_on_conn_p(circ, conn); - circuit_t *next = *nextp, *prev = *prevp; - - if (!next && !prev) { - /* Already inactive. */ + /* Cmux sanity check */ + if (! circuitmux_is_circuit_attached(cmux, circ)) { + log_warn(LD_BUG, "called on non-attachd circuit from %s:%d", + file, lineno); return; } + tor_assert(circuitmux_attached_circuit_direction(cmux, circ) == direction); - assert_active_circuits_ok_paranoid(conn); - - tor_assert(next && prev); - tor_assert(*prev_circ_on_conn_p(next, conn) == circ); - tor_assert(*next_circ_on_conn_p(prev, conn) == circ); + assert_cmux_ok_paranoid(chan); - if (next == circ) { - conn->active_circuits = NULL; - } else { - *prev_circ_on_conn_p(next, conn) = prev; - *next_circ_on_conn_p(prev, conn) = next; - if (conn->active_circuits == circ) - conn->active_circuits = next; - } - *prevp = *nextp = NULL; - - if (circ->n_conn == conn) { - remove_cell_ewma_from_conn(conn, &circ->n_cell_ewma); + /* Update the number of cells we have for the circuit mux */ + if (direction == CELL_DIRECTION_OUT) { + circuitmux_set_num_cells(cmux, circ, circ->n_chan_cells.n); } else { - or_circuit_t *orcirc = TO_OR_CIRCUIT(circ); - tor_assert(conn == orcirc->p_conn); - remove_cell_ewma_from_conn(conn, &orcirc->p_cell_ewma); + circuitmux_set_num_cells(cmux, circ, or_circ->p_chan_cells.n); } - assert_active_circuits_ok_paranoid(conn); + assert_cmux_ok_paranoid(chan); } -/** Remove all circuits from the list of circuits with pending cells on - * conn. */ +/** Remove all circuits from the cmux on chan. */ void -connection_or_unlink_all_active_circs(or_connection_t *orconn) +channel_unlink_all_circuits(channel_t *chan) { - circuit_t *head = orconn->active_circuits; - circuit_t *cur = head; - if (! head) - return; - do { - circuit_t *next = *next_circ_on_conn_p(cur, orconn); - *prev_circ_on_conn_p(cur, orconn) = NULL; - *next_circ_on_conn_p(cur, orconn) = NULL; - cur = next; - } while (cur != head); - orconn->active_circuits = NULL; - - SMARTLIST_FOREACH(orconn->active_circuit_pqueue, cell_ewma_t *, e, - e->heap_index = -1); - smartlist_clear(orconn->active_circuit_pqueue); + tor_assert(chan); + tor_assert(chan->cmux); + + circuitmux_detach_all_circuits(chan->cmux); + chan->num_n_circuits = 0; + chan->num_p_circuits = 0; } /** Block (if block is true) or unblock (if block is false) @@@ -2511,8 -2595,14 +2534,14 @@@ append_cell_to_circuit_queue(circuit_t } #endif - cell_queue_append_packed_copy(queue, cell); + cell_queue_append_packed_copy(queue, cell, chan->wide_circ_ids); + if (PREDICT_UNLIKELY(cell_queues_check_size())) { + /* We ran the OOM handler */ + if (circ->marked_for_close) + return; + } + /* If we have too many cells on the circuit, we should stop reading from * the edge streams for a while. */ if (!streams_blocked && queue->n >= CELL_QUEUE_HIGHWATER_SIZE) diff --cc src/or/relay.h index 229fb4f,c55813b..1fef10a --- a/src/or/relay.h +++ b/src/or/relay.h @@@ -46,25 -40,21 +46,26 @@@ void init_cell_pool(void) void free_cell_pool(void); void clean_cell_pool(void); void dump_cell_pool_usage(int severity); + size_t packed_cell_mem_cost(void); +/* For channeltls.c */ +void packed_cell_free(packed_cell_t *cell); + void cell_queue_clear(cell_queue_t *queue); void cell_queue_append(cell_queue_t *queue, packed_cell_t *cell); -void cell_queue_append_packed_copy(cell_queue_t *queue, const cell_t *cell); +void cell_queue_append_packed_copy(cell_queue_t *queue, const cell_t *cell, + int wide_circ_ids); -void append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn, +void append_cell_to_circuit_queue(circuit_t *circ, channel_t *chan, cell_t *cell, cell_direction_t direction, streamid_t fromstream); -void connection_or_unlink_all_active_circs(or_connection_t *conn); -int connection_or_flush_from_first_active_circuit(or_connection_t *conn, - int max, time_t now); -void assert_active_circuits_ok(or_connection_t *orconn); -void make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn); -void make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn); +void channel_unlink_all_circuits(channel_t *chan); +int channel_flush_from_first_active_circuit(channel_t *chan, int max); +void assert_circuit_mux_okay(channel_t *chan); +void update_circuit_on_cmux_(circuit_t *circ, cell_direction_t direction, + const char *file, int lineno); +#define update_circuit_on_cmux(circ, direction) \ + update_circuit_on_cmux_((circ), (direction), SHORT_FILE__, __LINE__) int append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr); const uint8_t *decode_address_from_payload(tor_addr_t *addr_out,

1 0

[tor/release-0.2.4] Merge remote-tracking branch 'origin/maint-0.2.4' into release-0.2.4
by nickm＠torproject.org 18 Jun '13

18 Jun '13

commit 4a9ccb5d59d88f3026460802ee8209b79d709931 Merge: dcb4f22 efa342f Author: Nick Mathewson <nickm(a)torproject.org> Date: Tue Jun 18 10:28:43 2013 -0400 Merge remote-tracking branch 'origin/maint-0.2.4' into release-0.2.4 changes/bug9002 | 4 ++ changes/bug9063_redux | 15 ++++++++ changes/bug9072 | 3 ++ doc/tor.1.txt | 9 +++++ src/common/mempool.h | 2 + src/or/circuitlist.c | 102 +++++++++++++++++++++++++++++++++++++++++++++++++ src/or/circuitlist.h | 1 + src/or/config.c | 8 ++++ src/or/or.h | 4 ++ src/or/relay.c | 38 +++++++++++++++++- src/or/relay.h | 1 + src/or/rendcommon.c | 25 +++++++++++- 12 files changed, 208 insertions(+), 4 deletions(-)

1 0