Handle ntor and ntor_v3 individually in rephist and for MetricsPort.

This patch should not mess with the DoS protection here.

Fixes tpo/core/tor#40638.
This commit is contained in:
Alexander Færøy 2023-09-19 18:34:27 +02:00
parent c884a07f08
commit b855a786b6
4 changed files with 24 additions and 19 deletions

4
changes/ticket40638 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfix (MetricsPort, relay):
- Handle rephist tracking of ntor and ntor_v3 handshakes individually such
that MetricsPort exposes the correct values. Fixes bug 40638; bugfix on 0.4.7.11.

View File

@ -2290,19 +2290,14 @@ typedef struct {
/** Keep track of the onionskin requests for an assessment period. */
static overload_onionskin_assessment_t overload_onionskin_assessment;
/**
* We combine ntorv3 and ntor into the same stat, so we must
* use this function to convert the cell type to a stat index.
/** This function ensures that we clamp the maximum value of the given input
* <b>type</b> to NTOR in case the input is out of range.
*/
static inline uint16_t
onionskin_type_to_stat(uint16_t type)
{
if (type == ONION_HANDSHAKE_TYPE_NTOR_V3) {
return ONION_HANDSHAKE_TYPE_NTOR;
}
if (BUG(type > MAX_ONION_STAT_TYPE)) {
return MAX_ONION_STAT_TYPE; // use ntor if out of range
return MAX_ONION_STAT_TYPE; // use ntor_v3 if out of range
}
return type;
@ -2371,7 +2366,8 @@ rep_hist_note_circuit_handshake_requested(uint16_t type)
onion_handshakes_requested[stat]++;
/* Only relays get to record requested onionskins. */
if (stat == ONION_HANDSHAKE_TYPE_NTOR) {
if (stat == ONION_HANDSHAKE_TYPE_NTOR ||
stat == ONION_HANDSHAKE_TYPE_NTOR_V3) {
/* Assess if we've reached the overload general signal. */
overload_general_onionskin_assessment();
@ -2398,7 +2394,8 @@ rep_hist_note_circuit_handshake_dropped(uint16_t type)
stats_n_onionskin_dropped[stat]++;
/* Only relays get to record requested onionskins. */
if (stat == ONION_HANDSHAKE_TYPE_NTOR) {
if (stat == ONION_HANDSHAKE_TYPE_NTOR ||
stat == ONION_HANDSHAKE_TYPE_NTOR_V3) {
/* Note the dropped ntor in the overload assessment object. */
overload_onionskin_assessment.n_ntor_dropped++;
}
@ -2438,11 +2435,13 @@ rep_hist_log_circuit_handshake_stats(time_t now)
{
(void)now;
log_notice(LD_HEARTBEAT, "Circuit handshake stats since last time: "
"%d/%d TAP, %d/%d NTor.",
"%d/%d TAP, %d/%d NTor, %d/%d NTor (v3).",
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_TAP],
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_TAP],
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_NTOR],
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR]);
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR],
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_NTOR_V3],
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR_V3]);
memset(onion_handshakes_assigned, 0, sizeof(onion_handshakes_assigned));
memset(onion_handshakes_requested, 0, sizeof(onion_handshakes_requested));
}

View File

@ -102,8 +102,8 @@ void rep_hist_note_dns_error(int type, uint8_t error);
void rep_hist_consensus_has_changed(const networkstatus_t *ns);
/** We combine ntor and ntorv3 stats, so we have 3 stat types:
* tap, fast, and ntor. The max type is ntor (2) */
#define MAX_ONION_STAT_TYPE ONION_HANDSHAKE_TYPE_NTOR
* tap, fast, and ntor. The max type is ntor_v3 (3) */
#define MAX_ONION_STAT_TYPE MAX_ONION_HANDSHAKE_TYPE
extern uint64_t rephist_total_alloc;
extern uint32_t rephist_total_num;

View File

@ -333,10 +333,12 @@ test_status_hb_not_in_consensus(void *arg)
status_hb_not_in_consensus_server_mode);
log_global_min_severity_ = LOG_DEBUG;
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_TAP] = 1;
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_TAP] = 1;
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR] = 1;
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_NTOR] = 1;
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_TAP] = 2;
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_NTOR] = 3;
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR] = 4;
onion_handshakes_assigned[ONION_HANDSHAKE_TYPE_NTOR_V3] = 5;
onion_handshakes_requested[ONION_HANDSHAKE_TYPE_NTOR_V3] = 6;
expected = 0;
setup_capture_of_logs(LOG_INFO);
@ -352,8 +354,8 @@ test_status_hb_not_in_consensus(void *arg)
"I've made 0 connections with IPv4 and 0 with IPv6.\n");
expect_log_msg("Average packaged cell fullness: 100.000%. "
"TLS write overhead: 0%\n");
expect_log_msg("Circuit handshake stats since last time: 1/1 TAP, "
"1/1 NTor.\n");
expect_log_msg("Circuit handshake stats since last time: 1/2 TAP, "
"3/4 NTor, 5/6 NTor (v3).\n");
expect_log_msg("Since startup we initiated 0 and received 0 v1 "
"connections; initiated 0 and received 0 v2 connections; "
"initiated 0 and received 0 v3 connections; "