Merge remote-tracking branch 'origin/maint-0.2.4'

2024-11-27 22:03:31 +01:00 · 2013-03-10 23:03:17 -04:00 · 2013-03-10 23:03:17 -04:00 · aa3126b5b4
commit aa3126b5b4
parent e4c5001bad e270a066a6
4 changed files with 35 additions and 0 deletions
--- a/changes/6783_big_hammer
+++ b/changes/6783_big_hammer
@ -0,0 +1,6 @@
+  o Major features (deprecation):
+    - There's now a "DisableV2DirectoryInfo_" option that prevents us
+      from serving any directory requests for v2 directory information.
+      This is for us to test disabling the old deprecated V2 directory
+      format, so that we can see whether doing so has any effect on
+      network load. Part of a fix for bug 6783.
--- a/src/or/config.c
+++ b/src/or/config.c
@ -213,6 +213,7 @@ static config_var_t option_vars_[] = {
  V(DisableAllSwap,              BOOL,     "0"),
  V(DisableDebuggerAttachment,   BOOL,     "1"),
  V(DisableIOCP,                 BOOL,     "1"),
+  V(DisableV2DirectoryInfo_,     BOOL,     "0"),
  V(DynamicDHGroups,             BOOL,     "0"),
  VPORT(DNSPort,                     LINELIST, NULL),
  V(DNSListenAddress,            LINELIST, NULL),
@ -2379,6 +2380,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
    REJECT("TokenBucketRefillInterval must be between 1 and 1000 inclusive.");
  }

+  if (options->DisableV2DirectoryInfo_ && ! authdir_mode(options)) {
+    REJECT("DisableV2DirectoryInfo_ set, but we aren't an authority.");
+  }
+
  if (options->ExcludeExitNodes || options->ExcludeNodes) {
    options->ExcludeExitNodesUnion_ = routerset_new();
    routerset_union(options->ExcludeExitNodesUnion_,options->ExcludeExitNodes);
--- a/src/or/directory.c
+++ b/src/or/directory.c
@ -2805,6 +2805,19 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
    const char *key = url + strlen("/tor/status/");
    long lifetime = NETWORKSTATUS_CACHE_LIFETIME;

+    if (options->DisableV2DirectoryInfo_ && !is_v3) {
+      static ratelim_t reject_v2_ratelim = RATELIM_INIT(1800);
+      char *m;
+      write_http_status_line(conn, 404, "Not found");
+      smartlist_free(dir_fps);
+      geoip_note_ns_response(GEOIP_REJECT_NOT_FOUND);
+      if ((m = rate_limit_log(&reject_v2_ratelim, approx_time()))) {
+        log_notice(LD_DIR, "Rejected a v2 networkstatus request.%s", m);
+        tor_free(m);
+      }
+      goto done;
+    }
+
    if (!is_v3) {
      dirserv_get_networkstatus_v2_fingerprints(dir_fps, key);
      if (!strcmpstart(key, "fp/"))
--- a/src/or/or.h
+++ b/src/or/or.h
@ -3999,6 +3999,17 @@ typedef struct {

  /** Fraction: */
  double PathsNeededToBuildCircuits;
+
+  /** Do we serve v2 directory info at all?  This is a temporary option, since
+   * we'd like to disable v2 directory serving entirely, but we need a way to
+   * make it temporarily disableable, in order to do fast testing and be
+   * able to turn it back on if it turns out to be non-workable.
+   *
+   * XXXX025 Make this always-on, or always-off.  Right now, it's only
+   * enableable for authorities.
+   */
+  int DisableV2DirectoryInfo_;
+
 } or_options_t;

 /** Persistent state for an onion router, as saved to disk. */