commit 5c45a333c3cdfc4c7a817425a1c3ae88085c389b Merge: 3511549 6472487 Author: Nick Mathewson nickm@torproject.org Date: Fri Jan 3 10:53:22 2014 -0500
Merge remote-tracking branch 'public/bug10169_023' into bug10169_024
Conflicts: doc/tor.1.txt src/or/config.c src/or/or.h
The conflicts were all pretty trivial.
changes/bug10169 | 4 ++ changes/bug9686 | 3 ++ doc/tor.1.txt | 10 ++-- src/or/buffers.c | 43 +++++++++++++++- src/or/buffers.h | 3 ++ src/or/circuitlist.c | 138 ++++++++++++++++++++++++++++++++++++++++---------- src/or/config.c | 9 ++-- src/or/or.h | 8 +-- src/or/relay.c | 3 +- 9 files changed, 181 insertions(+), 40 deletions(-)
diff --cc doc/tor.1.txt index 3f8f6da,01f0be7..a600041 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@@ -1679,13 -1475,13 +1679,13 @@@ is non-zero) localhost, RFC1918 addresses, and so on. This can create security issues; you should probably leave it off. (Default: 0)
- [[MaxMemInCellQueues]] **MaxMemInCellQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: -**MaxMemInQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: ++[[MaxMemInQueues]] **MaxMemInQueues** __N__ **bytes**|**KB**|**MB**|**GB**:: This option configures a threshold above which Tor will assume that it - needs to stop queueing cells because it's about to run out of memory. - If it hits this threshold, it will begin killing circuits until it - has recovered at least 10% of this memory. Do not set this option too + needs to stop queueing or buffering data because it's about to run out of + memory. If it hits this threshold, it will begin killing circuits until + it has recovered at least 10% of this memory. Do not set this option too low, or your relay may be unreliable under load. This option only - affects circuit queues, so the actual process size will be larger than + affects some queues, so the actual process size will be larger than this. (Default: 8GB)
DIRECTORY SERVER OPTIONS diff --cc src/or/circuitlist.c index b0e24a5,2e13541..8a581e6 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@@ -1508,11 -1368,43 +1508,43 @@@ marked_circuit_free_cells(circuit_t *ci log_warn(LD_BUG, "Called on non-marked circuit"); return; } - cell_queue_clear(&circ->n_conn_cells); + cell_queue_clear(&circ->n_chan_cells); if (! CIRCUIT_IS_ORIGIN(circ)) - cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_conn_cells); + cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_chan_cells); }
+ /** Aggressively free buffer contents on all the buffers of all streams in the + * list starting at <b>stream</b>. Return the number of bytes recovered. */ + static size_t + marked_circuit_streams_free_bytes(edge_connection_t *stream) + { + size_t result = 0; + for ( ; stream; stream = stream->next_stream) { + connection_t *conn = TO_CONN(stream); + if (conn->inbuf) { + result += buf_allocation(conn->inbuf); + buf_clear(conn->inbuf); + } + if (conn->outbuf) { + result += buf_allocation(conn->outbuf); + buf_clear(conn->outbuf); + } + } + return result; + } + + /** Aggressively free buffer contents on all the buffers of all streams on + * circuit <b>c</b>. Return the number of bytes recovered. */ + static size_t + marked_circuit_free_stream_bytes(circuit_t *c) + { + if (CIRCUIT_IS_ORIGIN(c)) { + return marked_circuit_streams_free_bytes(TO_ORIGIN_CIRCUIT(c)->p_streams); + } else { + return marked_circuit_streams_free_bytes(TO_OR_CIRCUIT(c)->n_streams); + } + } + /** Return the number of cells used by the circuit <b>c</b>'s cell queues. */ static size_t n_cells_in_circ_queues(const circuit_t *c) diff --cc src/or/config.c index 3984755,01e62d6..2805532 --- a/src/or/config.c +++ b/src/or/config.c @@@ -81,8 -114,8 +81,9 @@@ static config_abbrev_t option_abbrevs_[ { "BandwidthRateBytes", "BandwidthRate", 0, 0}, { "BandwidthBurstBytes", "BandwidthBurst", 0, 0}, { "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0}, + { "DirServer", "DirAuthority", 0, 0}, /* XXXX024 later, make this warn? */ { "MaxConn", "ConnLimit", 0, 1}, + { "MaxMemInCellQueues", "MaxMemInQueues", 0, 0}, { "ORBindAddress", "ORListenAddress", 0, 0}, { "DirBindAddress", "DirListenAddress", 0, 0}, { "SocksBindAddress", "SocksListenAddress", 0, 0}, @@@ -299,10 -344,8 +300,10 @@@ static config_var_t option_vars_[] = V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"), V(MaxCircuitDirtiness, INTERVAL, "10 minutes"), V(MaxClientCircuitsPending, UINT, "32"), - V(MaxMemInCellQueues, MEMUNIT, "8 GB"), + V(MaxMemInQueues, MEMUNIT, "8 GB"), - V(MaxOnionsPending, UINT, "100"), + OBSOLETE("MaxOnionsPending"), + V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"), + V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"), OBSOLETE("MonthlyAccountingStart"), V(MyFamily, STRING, NULL), V(NewCircuitPeriod, INTERVAL, "30 seconds"), @@@ -2612,18 -3666,17 +2613,18 @@@ options_validate(or_options_t *old_opti if (options->UseBridges && options->EntryNodes) REJECT("You cannot set both UseBridges and EntryNodes.");
- if (options->EntryNodes && !options->UseEntryGuards) - log_warn(LD_CONFIG, "EntryNodes is set, but UseEntryGuards is disabled. " - "EntryNodes will be ignored."); + if (options->EntryNodes && !options->UseEntryGuards) { + REJECT("If EntryNodes is set, UseEntryGuards must be enabled."); + }
- if (options->MaxMemInCellQueues < (500 << 20)) { - log_warn(LD_CONFIG, "MaxMemInCellQueues must be at least 500 MB for now. " + if (options->MaxMemInQueues < (256 << 20)) { + log_warn(LD_CONFIG, "MaxMemInQueues must be at least 256 MB for now. " "Ideally, have it as large as you can afford."); - options->MaxMemInCellQueues = (500 << 20); + options->MaxMemInQueues = (256 << 20); }
- options->_AllowInvalid = 0; + options->AllowInvalid_ = 0; + if (options->AllowInvalidNodes) { SMARTLIST_FOREACH_BEGIN(options->AllowInvalidNodes, const char *, cp) { if (!strcasecmp(cp, "entry")) diff --cc src/or/or.h index 5318b0f,c323783..ec7e933 --- a/src/or/or.h +++ b/src/or/or.h @@@ -2817,24 -2564,18 +2817,27 @@@ typedef struct circuit_t * more. */ int deliver_window;
+ /** Temporary field used during circuits_handle_oom. */ + uint32_t age_tmp; + - /** For storage while n_conn is pending - * (state CIRCUIT_STATE_OR_WAIT). When defined, it is always - * length ONIONSKIN_CHALLENGE_LEN. */ - char *n_conn_onionskin; + /** For storage while n_chan is pending (state CIRCUIT_STATE_CHAN_WAIT). */ + struct create_cell_t *n_chan_create_cell;
- /** When was this circuit created? We keep this timestamp with a higher - * resolution than most so that the circuit-build-time tracking code can - * get millisecond resolution. */ + /** When did circuit construction actually begin (ie send the + * CREATE cell or begin cannibalization). + * + * Note: This timer will get reset if we decide to cannibalize + * a circuit. It may also get reset during certain phases of hidden + * service circuit use. + * + * We keep this timestamp with a higher resolution than most so that the + * circuit-build-time tracking code can get millisecond resolution. + */ + struct timeval timestamp_began; + + /** This timestamp marks when the init_circuit_base constructor ran. */ struct timeval timestamp_created; + /** When the circuit was first used, or 0 if the circuit is clean. * * XXXX023 Note that some code will artifically adjust this value backward