nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-13 06:33:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'maint-0.4.4'

Browse Source
This commit is contained in:
David Goulet 2020-08-18 08:49:07 -04:00
commit 80d2376f33
3 changed files with 30 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
changes/ticket24308 Normal file
View File

@ -0,0 +1,6 @@
o Minor features (denial-of-service memory limiter):
- Allow the user to configure even lower values for the MaxMemInQueues
parameter. Relays now enforce a minimum of 64 MB, when previously
the minimum was 256 MB. On clients, there is no minimum. Relays and
clients will both warn if the value is set so low that Tor is likely
to stop working. Closes ticket 24308.

29
src/app/config/config.c
View File

@ -4050,8 +4050,11 @@ options_validate_cb(const void *old_options_, void *options_, char **msg)
* actual maximum value. We clip this value if it's too low, and autodetect * actual maximum value. We clip this value if it's too low, and autodetect
* it if it's set to 0. */ * it if it's set to 0. */
STATIC uint64_t STATIC uint64_t
compute_real_max_mem_in_queues(const uint64_t val, int log_guess) compute_real_max_mem_in_queues(const uint64_t val, bool is_server)
{ {
#define MIN_SERVER_MB 64
#define MIN_UNWARNED_SERVER_MB 256
#define MIN_UNWARNED_CLIENT_MB 64
uint64_t result; uint64_t result;
if (val == 0) { if (val == 0) {
@ -4109,7 +4112,7 @@ compute_real_max_mem_in_queues(const uint64_t val, int log_guess)
result = avail; result = avail;
} }
} }
if (log_guess && ! notice_sent) { if (is_server && ! notice_sent) {
log_notice(LD_CONFIG, "%sMaxMemInQueues is set to %"PRIu64" MB. " log_notice(LD_CONFIG, "%sMaxMemInQueues is set to %"PRIu64" MB. "
"You can override this by setting MaxMemInQueues by hand.", "You can override this by setting MaxMemInQueues by hand.",
ram ? "Based on detected system memory, " : "", ram ? "Based on detected system memory, " : "",
@ -4117,10 +4120,24 @@ compute_real_max_mem_in_queues(const uint64_t val, int log_guess)
notice_sent = 1; notice_sent = 1;
} }
return result; return result;
} else if (val < ONE_GIGABYTE / 4) { } else if (is_server && val < ONE_MEGABYTE * MIN_SERVER_MB) {
log_warn(LD_CONFIG, "MaxMemInQueues must be at least 256 MB for now. " /* We can't configure less than this much on a server. */
"Ideally, have it as large as you can afford."); log_warn(LD_CONFIG, "MaxMemInQueues must be at least %d MB on servers "
return ONE_GIGABYTE / 4; "for now. Ideally, have it as large as you can afford.",
MIN_SERVER_MB);
return MIN_SERVER_MB * ONE_MEGABYTE;
} else if (is_server && val < ONE_MEGABYTE * MIN_UNWARNED_SERVER_MB) {
/* On a server, if it's less than this much, we warn that things
* may go badly. */
log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your "
"relay doesn't work, this may be the reason why.");
return val;
} else if (! is_server && val < ONE_MEGABYTE * MIN_UNWARNED_CLIENT_MB) {
/* On a client, if it's less than this much, we warn that things
* may go badly. */
log_warn(LD_CONFIG, "MaxMemInQueues is set to a low value; if your "
"client doesn't work, this may be the reason why.");
return val;
} else { } else {
/* The value was fine all along */ /* The value was fine all along */
return val; return val;

2
src/app/config/config.h
View File

@ -291,7 +291,7 @@ STATIC int parse_dir_authority_line(const char *line,
STATIC int parse_dir_fallback_line(const char *line, int validate_only); STATIC int parse_dir_fallback_line(const char *line, int validate_only);
STATIC uint64_t compute_real_max_mem_in_queues(const uint64_t val, STATIC uint64_t compute_real_max_mem_in_queues(const uint64_t val,
int log_guess); bool is_server);
STATIC int open_and_add_file_log(const log_severity_list_t *severity, STATIC int open_and_add_file_log(const log_severity_list_t *severity,
const char *fname, const char *fname,
int truncate_log); int truncate_log);