[tor-commits] [tor/master] Bug 28693: Provide Torrc option to disable circuit padding.
nickm at torproject.org
nickm at torproject.org
Mon May 13 18:35:30 UTC 2019
commit f4064d6ce214b4b79017280a6c9db9b3f945ece1
Author: Mike Perry <mikeperry-git at torproject.org>
Date: Wed Apr 17 05:51:39 2019 +0000
Bug 28693: Provide Torrc option to disable circuit padding.
---
doc/tor.1.txt | 8 ++++++++
src/app/config/config.c | 5 +++++
src/app/config/or_options_st.h | 5 +++++
src/core/or/circuitpadding.c | 41 +++++++++++++++++++++++++++++++----------
4 files changed, 49 insertions(+), 10 deletions(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index f99217240..6c125e374 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -955,6 +955,14 @@ The following options are useful only for clients (that is, if
this option. This option should be offered via the UI to mobile users
for use where bandwidth may be expensive. (Default: 0)
+[[CircuitPadding]] **CircuitPadding** **0**|**1**::
+ If set to 0, Tor will not pad client circuits with additional cover
+ traffic. Only clients may set this option. This option should be offered
+ via the UI to mobile users for use where bandwidth may be expensive. If
+ set to 1, padding will be negotiated as per the consensus and relay
+ support (unlike ConnectionPadding, CircuitPadding cannot be force-enabled).
+ (Default: 1)
+
[[ExcludeNodes]] **ExcludeNodes** __node__,__node__,__...__::
A list of identity fingerprints, country codes, and address
patterns of nodes to avoid when building a circuit. Country codes are
diff --git a/src/app/config/config.c b/src/app/config/config.c
index 46dc15b06..7ad970625 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -596,6 +596,7 @@ static config_var_t option_vars_[] = {
V(ReducedConnectionPadding, BOOL, "0"),
V(ConnectionPadding, AUTOBOOL, "auto"),
V(RefuseUnknownExits, AUTOBOOL, "auto"),
+ V(CircuitPadding, BOOL, "1"),
V(RejectPlaintextPorts, CSV, ""),
V(RelayBandwidthBurst, MEMUNIT, "0"),
V(RelayBandwidthRate, MEMUNIT, "0"),
@@ -3741,6 +3742,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
REJECT("Relays cannot set ReducedConnectionPadding. ");
}
+ if (server_mode(options) && options->CircuitPadding == 0) {
+ REJECT("Relays cannot set CircuitPadding to 0. ");
+ }
+
if (options->BridgeDistribution) {
if (!options->BridgeRelay) {
REJECT("You set BridgeDistribution, but you didn't set BridgeRelay!");
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
index bd707fd19..0fdeb94b4 100644
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@@ -248,6 +248,11 @@ struct or_options_t {
* pad to the server regardless of server support. */
int ConnectionPadding;
+ /** Boolean: if true, then circuit padding will be negotiated by client
+ * and server, subject to consenus limits (default). If 0, it will be fully
+ * disabled. */
+ int CircuitPadding;
+
/** To what authority types do we publish our descriptor? Choices are
* "v1", "v2", "v3", "bridge", or "". */
struct smartlist_t *PublishServerDescriptor;
diff --git a/src/core/or/circuitpadding.c b/src/core/or/circuitpadding.c
index bf74ecc3f..dcd8f645c 100644
--- a/src/core/or/circuitpadding.c
+++ b/src/core/or/circuitpadding.c
@@ -1100,6 +1100,24 @@ circpad_new_consensus_params(const networkstatus_t *ns)
}
/**
+ * Return true if padding is allowed by torrc and consensus.
+ */
+STATIC bool
+circpad_is_padding_allowed(void)
+{
+ /* If padding has been disabled in the consensus, don't send any more
+ * padding. Technically the machine should be shut down when the next
+ * machine condition check happens, but machine checks only happen on
+ * certain circuit events, and if padding is disabled due to some
+ * network overload or DoS condition, we really want to stop ASAP. */
+ if (circpad_padding_disabled || !get_options()->CircuitPadding) {
+ return 0;
+ }
+
+ return 1;
+}
+
+/**
* Check this machine against its padding limits, as well as global
* consensus limits.
*
@@ -1117,15 +1135,6 @@ circpad_machine_reached_padding_limit(circpad_machine_runtime_t *mi)
{
const circpad_machine_spec_t *machine = CIRCPAD_GET_MACHINE(mi);
- /* If padding has been disabled in the consensus, don't send any more
- * padding. Technically the machine should be shut down when the next
- * machine condition check happens, but machine checks only happen on
- * certain circuit events, and if padding is disabled due to some
- * network overload or DoS condition, we really want to stop ASAP. */
- if (circpad_padding_disabled) {
- return 1;
- }
-
/* If machine_padding_pct is non-zero, and we've sent more
* than the allowed count of padding cells, then check our
* percent limits for this machine. */
@@ -1176,6 +1185,18 @@ circpad_machine_schedule_padding,(circpad_machine_runtime_t *mi))
struct timeval timeout;
tor_assert(mi);
+ /* Don't schedule padding if it is disabled */
+ if (!circpad_is_padding_allowed()) {
+ static ratelim_t padding_lim = RATELIM_INIT(600);
+ log_fn_ratelim(&padding_lim,LOG_INFO,LD_CIRC,
+ "Padding has been disabled, but machine still on circuit %"PRIu64
+ ", %d",
+ mi->on_circ->n_chan ? mi->on_circ->n_chan->global_identifier : 0,
+ mi->on_circ->n_circ_id);
+
+ return CIRCPAD_STATE_UNCHANGED;
+ }
+
/* Don't schedule padding if we are currently in dormant mode. */
if (!is_participating_on_network()) {
log_info(LD_CIRC, "Not scheduling padding because we are dormant.");
@@ -1638,7 +1659,7 @@ circpad_machine_conditions_met(origin_circuit_t *circ,
{
/* If padding is disabled, no machines should match/apply. This has
* the effect of shutting down all machines, and not adding any more. */
- if (circpad_padding_disabled)
+ if (circpad_padding_disabled || !get_options()->CircuitPadding)
return 0;
if (!(circpad_circ_purpose_to_mask(TO_CIRCUIT(circ)->purpose)
More information about the tor-commits
mailing list