Merge remote-tracking branch 'public/bug11553_024' into bug11553_025

Conflicts: src/or/circuitbuild.c
2024-09-21 13:34:59 +02:00 · 2014-04-23 12:44:18 -04:00 · 2014-04-23 12:44:18 -04:00 · 17ad309d33
commit 17ad309d33
parent fd9961d220 a770b74501
3 changed files with 20 additions and 8 deletions
--- a/src/or/channel.c
+++ b/src/or/channel.c
@ -728,6 +728,9 @@ channel_init(channel_t *chan)
  /* Init timestamp */
  chan->timestamp_last_added_nonpadding = time(NULL);

+  /* Warn about exhausted circuit IDs no more than hourly. */
+  chan->last_warned_circ_ids_exhausted.rate = 3600;
+
  /* Initialize queues. */
  TOR_SIMPLEQ_INIT(&chan->incoming_queue);
  TOR_SIMPLEQ_INIT(&chan->outgoing_queue);
--- a/src/or/channel.h
+++ b/src/or/channel.h
@ -149,8 +149,6 @@ struct channel_s {
  circ_id_type_bitfield_t circ_id_type:2;
  /** DOCDOC*/
  unsigned wide_circ_ids:1;
-  /** Have we logged a warning about circID exhaustion on this channel? */
-  unsigned warned_circ_ids_exhausted:1;

  /** For how many circuits are we n_chan?  What about p_chan? */
  unsigned int num_n_circuits, num_p_circuits;
@ -179,6 +177,10 @@ struct channel_s {
   */
  unsigned int is_local:1;

+  /** Have we logged a warning about circID exhaustion on this channel?
+   * If so, when? */
+  ratelim_t last_warned_circ_ids_exhausted;
+
  /** Channel timestamps for cell channels */
  time_t timestamp_client; /* Client used this, according to relay.c */
  time_t timestamp_drained; /* Output queue empty */
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@ -87,6 +87,12 @@ channel_connect_for_circuit(const tor_addr_t *addr, uint16_t port,
 static circid_t
 get_unique_circ_id_by_chan(channel_t *chan)
 {
+/* This number is chosen somewhat arbitrarily; see comment below for more
+ * info.  When the space is 80% full, it gives a one-in-a-million failure
+ * chance; when the space is 90% full, it gives a one-in-850 chance; and when
+ * the space is 95% full, it gives a one-in-26 failure chance.  That seems
+ * okay, though you could make a case IMO for anything between N=32 and
+ * N=256. */
 #define MAX_CIRCID_ATTEMPTS 64
  int in_use;
  unsigned n_with_circ = 0, n_pending_destroy = 0;
@ -123,9 +129,8 @@ get_unique_circ_id_by_chan(channel_t *chan)
       * whole circuit ID space every time we extend a circuit, which is
       * not so great either.
       */
-      if (! chan->warned_circ_ids_exhausted) {
-        chan->warned_circ_ids_exhausted = 1;
-        log_warn(LD_CIRC,"No unused circIDs found on channel %s wide "
+      log_fn_ratelim(&chan->last_warned_circ_ids_exhausted, LOG_WARN,
+                 LD_CIRC,"No unused circIDs found on channel %s wide "
                 "circID support, with %u inbound and %u outbound circuits. "
                 "Found %u circuit IDs in use by circuits, and %u with "
                 "pending destroy cells."
@ -133,12 +138,14 @@ get_unique_circ_id_by_chan(channel_t *chan)
                 chan->wide_circ_ids ? "with" : "without",
                 chan->num_p_circuits, chan->num_n_circuits,
                 n_with_circ, n_pending_destroy);
-      }
      return 0;
    }

-    crypto_rand((char*) &test_circ_id, sizeof(test_circ_id));
-    test_circ_id &= mask;
+    do {
+      crypto_rand((char*) &test_circ_id, sizeof(test_circ_id));
+      test_circ_id &= mask;
+    } while (test_circ_id == 0);
+
    test_circ_id |= high_bit;

    in_use = circuit_id_in_use_on_channel(test_circ_id, chan);