nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'bug1297a' into maint-0.2.2

Browse Source
This commit is contained in:
Nick Mathewson 2011-05-30 12:25:07 -04:00
commit 16cfca501f
4 changed files with 32 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
changes/bug1297a Normal file
View File

@ -0,0 +1,16 @@
o Major bugfixes:
- Apply circuit timeouts to opened hidden-service-related circuits
based on the correct start time. Previously, we would apply the
circuit build timeout based on time since the circuit's
creation; it was supposed to be applied based on time since the
circuit entered its current state. Bugfix on 0.0.6; fixes part
of bug 1297.
- Use the same circuit timeout for client-side introduction
circuits as for other four-hop circuits. Previously,
client-side introduction circuits were closed after the same
timeout as single-hop directory-fetch circuits; this was
appropriate with the static circuit build timeout in 0.2.1.x and
earlier, but caused many hidden service access attempts to fail
with the adaptive CBT introduced in 0.2.2.2-alpha. Bugfix on
0.2.2.2-alpha; fixes another part of bug 1297.

11
src/or/circuituse.c
View File

@ -288,7 +288,6 @@ circuit_expire_building(void)
struct timeval general_cutoff, begindir_cutoff, fourhop_cutoff, struct timeval general_cutoff, begindir_cutoff, fourhop_cutoff,
cannibalize_cutoff, close_cutoff, extremely_old_cutoff; cannibalize_cutoff, close_cutoff, extremely_old_cutoff;
struct timeval now; struct timeval now;
struct timeval introcirc_cutoff;
cpath_build_state_t *build_state; cpath_build_state_t *build_state;
tor_gettimeofday(&now); tor_gettimeofday(&now);
@ -307,8 +306,6 @@ circuit_expire_building(void)
SET_CUTOFF(close_cutoff, circ_times.close_ms); SET_CUTOFF(close_cutoff, circ_times.close_ms);
SET_CUTOFF(extremely_old_cutoff, circ_times.close_ms*2 + 1000); SET_CUTOFF(extremely_old_cutoff, circ_times.close_ms*2 + 1000);
introcirc_cutoff = begindir_cutoff;
while (next_circ) { while (next_circ) {
struct timeval cutoff; struct timeval cutoff;
victim = next_circ; victim = next_circ;
@ -325,8 +322,6 @@ circuit_expire_building(void)
cutoff = fourhop_cutoff; cutoff = fourhop_cutoff;
else if (TO_ORIGIN_CIRCUIT(victim)->has_opened) else if (TO_ORIGIN_CIRCUIT(victim)->has_opened)
cutoff = cannibalize_cutoff; cutoff = cannibalize_cutoff;
else if (victim->purpose == CIRCUIT_PURPOSE_C_INTRODUCING)
cutoff = introcirc_cutoff;
else if (victim->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT) else if (victim->purpose == CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT)
cutoff = close_cutoff; cutoff = close_cutoff;
else else
@ -337,12 +332,6 @@ circuit_expire_building(void)
#if 0 #if 0
/* some debug logs, to help track bugs */ /* some debug logs, to help track bugs */
if (victim->purpose == CIRCUIT_PURPOSE_C_INTRODUCING &&
victim->timestamp_created <= introcirc_cutoff &&
victim->timestamp_created > general_cutoff)
log_info(LD_REND|LD_CIRC, "Timing out introduction circuit which we "
"would not have done if it had been a general circuit.");
if (victim->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING && if (victim->purpose >= CIRCUIT_PURPOSE_C_INTRODUCING &&
victim->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) { victim->purpose <= CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED) {
if (!victim->timestamp_dirty) if (!victim->timestamp_dirty)

5
src/or/or.h
View File

@ -2143,6 +2143,11 @@ typedef struct circuit_t {
* in time in order to indicate that a circuit shouldn't be used for new * in time in order to indicate that a circuit shouldn't be used for new
* streams, but that it can stay alive as long as it has streams on it. * streams, but that it can stay alive as long as it has streams on it.
* That's a kludge we should fix. * That's a kludge we should fix.
*
* XXX023 The CBT code uses this field to record when HS-related
* circuits entered certain states. This usage probably won't
* interfere with this field's primary purpose, but we should
* document it more thoroughly to make sure of that.
*/ */
time_t timestamp_dirty; time_t timestamp_dirty;

11
src/or/rendclient.c
View File

@ -275,6 +275,10 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
/* Now, we wait for an ACK or NAK on this circuit. */ /* Now, we wait for an ACK or NAK on this circuit. */
introcirc->_base.purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT; introcirc->_base.purpose = CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT;
/* Set timestamp_dirty, because circuit_expire_building expects it
* to specify when a circuit entered the _C_INTRODUCE_ACK_WAIT
* state. */
introcirc->_base.timestamp_dirty = time(NULL);
return 0; return 0;
perm_err: perm_err:
@ -329,6 +333,10 @@ rend_client_introduction_acked(origin_circuit_t *circ,
circ->rend_data->onion_address, CIRCUIT_PURPOSE_C_REND_READY); circ->rend_data->onion_address, CIRCUIT_PURPOSE_C_REND_READY);
if (rendcirc) { /* remember the ack */ if (rendcirc) { /* remember the ack */
rendcirc->_base.purpose = CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED; rendcirc->_base.purpose = CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED;
/* Set timestamp_dirty, because circuit_expire_building expects
* it to specify when a circuit entered the
* _C_REND_READY_INTRO_ACKED state. */
rendcirc->_base.timestamp_dirty = time(NULL);
} else { } else {
log_info(LD_REND,"...Found no rend circ. Dropping on the floor."); log_info(LD_REND,"...Found no rend circ. Dropping on the floor.");
} }
@ -674,6 +682,9 @@ rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request,
log_info(LD_REND,"Got rendezvous ack. This circuit is now ready for " log_info(LD_REND,"Got rendezvous ack. This circuit is now ready for "
"rendezvous."); "rendezvous.");
circ->_base.purpose = CIRCUIT_PURPOSE_C_REND_READY; circ->_base.purpose = CIRCUIT_PURPOSE_C_REND_READY;
/* Set timestamp_dirty, because circuit_expire_building expects it
* to specify when a circuit entered the _C_REND_READY state. */
circ->_base.timestamp_dirty = time(NULL);
/* XXXX023 This is a pretty brute-force approach. It'd be better to /* XXXX023 This is a pretty brute-force approach. It'd be better to
* attach only the connections that are waiting on this circuit, rather * attach only the connections that are waiting on this circuit, rather
* than trying to attach them all. See comments bug 743. */ * than trying to attach them all. See comments bug 743. */