mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-12-01 08:03:31 +01:00
re-enable per-connection rate limiting. get rid of the "OP bandwidth"
concept. lay groundwork for "bandwidth classes" -- separate global buckets that apply depending on what sort of conn it is. svn:r6563
This commit is contained in:
parent
741b11df45
commit
91bd12c20d
@ -212,6 +212,8 @@ static config_var_t _option_vars[] = {
|
|||||||
VAR("RecommendedClientVersions", LINELIST, RecommendedClientVersions, NULL),
|
VAR("RecommendedClientVersions", LINELIST, RecommendedClientVersions, NULL),
|
||||||
VAR("RecommendedServerVersions", LINELIST, RecommendedServerVersions, NULL),
|
VAR("RecommendedServerVersions", LINELIST, RecommendedServerVersions, NULL),
|
||||||
VAR("RedirectExit", LINELIST, RedirectExit, NULL),
|
VAR("RedirectExit", LINELIST, RedirectExit, NULL),
|
||||||
|
VAR("RelayBandwidthBurst", MEMUNIT, RelayBandwidthBurst, "0"),
|
||||||
|
VAR("RelayBandwidthRate", MEMUNIT, RelayBandwidthRate, "0"),
|
||||||
VAR("RendExcludeNodes", STRING, RendExcludeNodes, NULL),
|
VAR("RendExcludeNodes", STRING, RendExcludeNodes, NULL),
|
||||||
VAR("RendNodes", STRING, RendNodes, NULL),
|
VAR("RendNodes", STRING, RendNodes, NULL),
|
||||||
VAR("RendPostPeriod", INTERVAL, RendPostPeriod, "1 hour"),
|
VAR("RendPostPeriod", INTERVAL, RendPostPeriod, "1 hour"),
|
||||||
|
@ -1043,10 +1043,8 @@ static void
|
|||||||
connection_read_bucket_decrement(connection_t *conn, int num_read)
|
connection_read_bucket_decrement(connection_t *conn, int num_read)
|
||||||
{
|
{
|
||||||
global_read_bucket -= num_read;
|
global_read_bucket -= num_read;
|
||||||
//tor_assert(global_read_bucket >= 0);
|
|
||||||
if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
|
if (connection_speaks_cells(conn) && conn->state == OR_CONN_STATE_OPEN) {
|
||||||
conn->receiver_bucket -= num_read;
|
conn->receiver_bucket -= num_read;
|
||||||
//tor_assert(conn->receiver_bucket >= 0);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1071,8 +1069,7 @@ connection_consider_empty_buckets(connection_t *conn)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Initialize the global read bucket to options->BandwidthBurst,
|
/** Initialize the global read bucket to options->BandwidthBurst. */
|
||||||
* and current_time to the current time. */
|
|
||||||
void
|
void
|
||||||
connection_bucket_init(void)
|
connection_bucket_init(void)
|
||||||
{
|
{
|
||||||
@ -1110,7 +1107,9 @@ connection_bucket_refill(struct timeval *now)
|
|||||||
conn = carray[i];
|
conn = carray[i];
|
||||||
|
|
||||||
if (connection_receiver_bucket_should_increase(conn)) {
|
if (connection_receiver_bucket_should_increase(conn)) {
|
||||||
conn->receiver_bucket = conn->bandwidth;
|
conn->receiver_bucket += conn->bandwidthrate;
|
||||||
|
if (conn->receiver_bucket > conn->bandwidthburst)
|
||||||
|
conn->receiver_bucket = conn->bandwidthburst;
|
||||||
//log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i,
|
//log_fn(LOG_DEBUG,"Receiver bucket %d now %d.", i,
|
||||||
// conn->receiver_bucket);
|
// conn->receiver_bucket);
|
||||||
}
|
}
|
||||||
@ -1147,7 +1146,7 @@ connection_receiver_bucket_should_increase(connection_t *conn)
|
|||||||
if (conn->state != OR_CONN_STATE_OPEN)
|
if (conn->state != OR_CONN_STATE_OPEN)
|
||||||
return 0; /* only open connections play the rate limiting game */
|
return 0; /* only open connections play the rate limiting game */
|
||||||
|
|
||||||
if (conn->receiver_bucket >= conn->bandwidth)
|
if (conn->receiver_bucket >= conn->bandwidthburst)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return 1;
|
return 1;
|
||||||
|
@ -314,11 +314,8 @@ connection_or_finished_connecting(connection_t *conn)
|
|||||||
static void
|
static void
|
||||||
connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router)
|
connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router)
|
||||||
{
|
{
|
||||||
or_options_t *options = get_options();
|
|
||||||
|
|
||||||
conn->addr = router->addr;
|
conn->addr = router->addr;
|
||||||
conn->port = router->or_port;
|
conn->port = router->or_port;
|
||||||
conn->receiver_bucket = conn->bandwidth = (int)options->BandwidthBurst;
|
|
||||||
connection_or_set_identity_digest(conn, router->cache_info.identity_digest);
|
connection_or_set_identity_digest(conn, router->cache_info.identity_digest);
|
||||||
conn->nickname = tor_strdup(router->nickname);
|
conn->nickname = tor_strdup(router->nickname);
|
||||||
tor_free(conn->address);
|
tor_free(conn->address);
|
||||||
@ -331,33 +328,34 @@ connection_or_init_conn_from_router(connection_t *conn, routerinfo_t *router)
|
|||||||
static void
|
static void
|
||||||
connection_or_init_conn_from_address(connection_t *conn,
|
connection_or_init_conn_from_address(connection_t *conn,
|
||||||
uint32_t addr, uint16_t port,
|
uint32_t addr, uint16_t port,
|
||||||
const char *id_digest)
|
const char *id_digest,
|
||||||
|
int started_here)
|
||||||
{
|
{
|
||||||
const char *n;
|
|
||||||
or_options_t *options = get_options();
|
or_options_t *options = get_options();
|
||||||
routerinfo_t *r = router_get_by_digest(id_digest);
|
routerinfo_t *r = router_get_by_digest(id_digest);
|
||||||
|
conn->bandwidthrate = (int)options->BandwidthRate;
|
||||||
|
conn->receiver_bucket = conn->bandwidthburst = (int)options->BandwidthBurst;
|
||||||
if (r) {
|
if (r) {
|
||||||
connection_or_init_conn_from_router(conn,r);
|
connection_or_init_conn_from_router(conn,r);
|
||||||
return;
|
|
||||||
}
|
|
||||||
conn->addr = addr;
|
|
||||||
conn->port = port;
|
|
||||||
/* This next part isn't really right, but it's good enough for now. */
|
|
||||||
conn->receiver_bucket = conn->bandwidth = (int)options->BandwidthBurst;
|
|
||||||
connection_or_set_identity_digest(conn, id_digest);
|
|
||||||
/* If we're an authoritative directory server, we may know a
|
|
||||||
* nickname for this router. */
|
|
||||||
n = dirserv_get_nickname_by_digest(id_digest);
|
|
||||||
if (n) {
|
|
||||||
conn->nickname = tor_strdup(n);
|
|
||||||
} else {
|
} else {
|
||||||
conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
|
const char *n;
|
||||||
conn->nickname[0] = '$';
|
conn->addr = addr;
|
||||||
base16_encode(conn->nickname+1, HEX_DIGEST_LEN+1,
|
conn->port = port;
|
||||||
conn->identity_digest, DIGEST_LEN);
|
connection_or_set_identity_digest(conn, id_digest);
|
||||||
|
/* If we're an authoritative directory server, we may know a
|
||||||
|
* nickname for this router. */
|
||||||
|
n = dirserv_get_nickname_by_digest(id_digest);
|
||||||
|
if (n) {
|
||||||
|
conn->nickname = tor_strdup(n);
|
||||||
|
} else {
|
||||||
|
conn->nickname = tor_malloc(HEX_DIGEST_LEN+2);
|
||||||
|
conn->nickname[0] = '$';
|
||||||
|
base16_encode(conn->nickname+1, HEX_DIGEST_LEN+1,
|
||||||
|
conn->identity_digest, DIGEST_LEN);
|
||||||
|
}
|
||||||
|
tor_free(conn->address);
|
||||||
|
conn->address = tor_dup_addr(addr);
|
||||||
}
|
}
|
||||||
tor_free(conn->address);
|
|
||||||
conn->address = tor_dup_addr(addr);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return the best connection of type OR with the
|
/** Return the best connection of type OR with the
|
||||||
@ -443,7 +441,7 @@ connection_or_connect(uint32_t addr, uint16_t port, const char *id_digest)
|
|||||||
conn = connection_new(CONN_TYPE_OR);
|
conn = connection_new(CONN_TYPE_OR);
|
||||||
|
|
||||||
/* set up conn so it's got all the data we need to remember */
|
/* set up conn so it's got all the data we need to remember */
|
||||||
connection_or_init_conn_from_address(conn, addr, port, id_digest);
|
connection_or_init_conn_from_address(conn, addr, port, id_digest, 1);
|
||||||
conn->state = OR_CONN_STATE_CONNECTING;
|
conn->state = OR_CONN_STATE_CONNECTING;
|
||||||
control_event_or_conn_status(conn, OR_CONN_EVENT_LAUNCHED);
|
control_event_or_conn_status(conn, OR_CONN_EVENT_LAUNCHED);
|
||||||
|
|
||||||
@ -658,8 +656,6 @@ connection_or_check_valid_handshake(connection_t *conn, char *digest_rcvd)
|
|||||||
* If he initiated the connection, make sure he's not already connected,
|
* If he initiated the connection, make sure he's not already connected,
|
||||||
* then initialize conn from the information in router.
|
* then initialize conn from the information in router.
|
||||||
*
|
*
|
||||||
* If I'm not a server, set bandwidth to the default OP bandwidth.
|
|
||||||
*
|
|
||||||
* If all is successful, call circuit_n_conn_done() to handle events
|
* If all is successful, call circuit_n_conn_done() to handle events
|
||||||
* that have been pending on the tls handshake completion. Also set the
|
* that have been pending on the tls handshake completion. Also set the
|
||||||
* directory to be dirty (only matters if I'm an authdirserver).
|
* directory to be dirty (only matters if I'm an authdirserver).
|
||||||
@ -675,17 +671,8 @@ connection_tls_finish_handshake(connection_t *conn)
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!started_here) {
|
if (!started_here) {
|
||||||
#if 0
|
|
||||||
connection_t *c;
|
|
||||||
if ((c=connection_or_get_by_identity_digest(digest_rcvd))) {
|
|
||||||
log_debug(LD_OR,
|
|
||||||
"Router '%s' is already connected on fd %d. Dropping fd %d.",
|
|
||||||
c->nickname, c->s, conn->s);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
connection_or_init_conn_from_address(conn,conn->addr,conn->port,
|
connection_or_init_conn_from_address(conn,conn->addr,conn->port,
|
||||||
digest_rcvd);
|
digest_rcvd, 0);
|
||||||
|
|
||||||
/* Annotate that we received a TLS connection.
|
/* Annotate that we received a TLS connection.
|
||||||
* (Todo: only actually consider ourselves reachable if there
|
* (Todo: only actually consider ourselves reachable if there
|
||||||
@ -701,10 +688,6 @@ connection_tls_finish_handshake(connection_t *conn)
|
|||||||
router_orport_found_reachable();
|
router_orport_found_reachable();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!server_mode(get_options())) { /* If I'm an OP... */
|
|
||||||
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
|
|
||||||
}
|
|
||||||
|
|
||||||
directory_set_dirty();
|
directory_set_dirty();
|
||||||
conn->state = OR_CONN_STATE_OPEN;
|
conn->state = OR_CONN_STATE_OPEN;
|
||||||
control_event_or_conn_status(conn, OR_CONN_EVENT_CONNECTED);
|
control_event_or_conn_status(conn, OR_CONN_EVENT_CONNECTED);
|
||||||
|
14
src/or/or.h
14
src/or/or.h
@ -149,7 +149,6 @@
|
|||||||
#define cell_t tor_cell_t
|
#define cell_t tor_cell_t
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define DEFAULT_BANDWIDTH_OP (1024 * 1000)
|
|
||||||
#define MAX_NICKNAME_LEN 19
|
#define MAX_NICKNAME_LEN 19
|
||||||
/* Hex digest plus dollar sign. */
|
/* Hex digest plus dollar sign. */
|
||||||
#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
|
#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
|
||||||
@ -666,11 +665,12 @@ struct connection_t {
|
|||||||
/* Used only by OR connections: */
|
/* Used only by OR connections: */
|
||||||
tor_tls_t *tls; /**< TLS connection state (OR only.) */
|
tor_tls_t *tls; /**< TLS connection state (OR only.) */
|
||||||
|
|
||||||
/* bandwidth and receiver_bucket only used by ORs in OPEN state: */
|
/* bandwidth* and receiver_bucket only used by ORs in OPEN state: */
|
||||||
int bandwidth; /**< Connection bandwidth. (OPEN ORs only.) */
|
int bandwidthrate; /**< Bytes/s added to the bucket. (OPEN ORs only.) */
|
||||||
|
int bandwidthburst; /**< Max bucket size for this conn. (OPEN ORs only.) */
|
||||||
int receiver_bucket; /**< When this hits 0, stop receiving. Every second we
|
int receiver_bucket; /**< When this hits 0, stop receiving. Every second we
|
||||||
* add 'bandwidth' to this, capping it at 10*bandwidth.
|
* add 'bandwidthrate' to this, capping it at
|
||||||
* (OPEN ORs only)
|
* bandwidthburst. (OPEN ORs only)
|
||||||
*/
|
*/
|
||||||
circ_id_type_t circ_id_type; /**< When we send CREATE cells along this
|
circ_id_type_t circ_id_type; /**< When we send CREATE cells along this
|
||||||
* connection, which half of the space should
|
* connection, which half of the space should
|
||||||
@ -1320,6 +1320,10 @@ typedef struct {
|
|||||||
* to use in a second? */
|
* to use in a second? */
|
||||||
uint64_t MaxAdvertisedBandwidth; /**< How much bandwidth are we willing to
|
uint64_t MaxAdvertisedBandwidth; /**< How much bandwidth are we willing to
|
||||||
* tell people we have? */
|
* tell people we have? */
|
||||||
|
uint64_t RelayBandwidthRate; /**< How much bandwidth, on average, are we
|
||||||
|
* willing to use for all relayed conns? */
|
||||||
|
uint64_t RelayBandwidthBurst; /**< How much bandwidth, at maximum, will we
|
||||||
|
* use in a second for all relayed conns? */
|
||||||
int NumCpus; /**< How many CPUs should we try to use? */
|
int NumCpus; /**< How many CPUs should we try to use? */
|
||||||
int RunTesting; /**< If true, create testing circuits to measure how well the
|
int RunTesting; /**< If true, create testing circuits to measure how well the
|
||||||
* other ORs are running. */
|
* other ORs are running. */
|
||||||
|
Loading…
Reference in New Issue
Block a user