Commit Graph

12367 Commits

Author SHA1 Message Date
Mike Perry
a5ac96b58d Fix comments from Sebastian + Nick's code review.
Check for overflow in one place, and be consistent about type usage.
2010-05-10 19:56:27 -07:00
Mike Perry
29e0d70814 Bug 1296: Add option+logic to disable CBT learning.
There are now four ways that CBT can be disabled:

1. Network-wide, with the cbtdisabled consensus param.
2. Via config, with "LearnCircuitBuildTimeout 0"
3. Via config, with "AuthoritativeDirectory 1"
4. Via a state file write failure.
2010-05-10 13:11:48 -07:00
Mike Perry
0a6191cf70 Bug 1357: Store the suspended timeout value to resume.
This prevents a spurious warning where we have a timeout just after
deciding our network came back online.
2010-05-10 13:11:47 -07:00
Mike Perry
728e946efd Bug 1245: Ignore negative and large timeouts.
This should prevent some asserts and storage of incorrect build times
for the cases where Tor is suspended during a circuit construction, or
just after completing a circuit. The idea is that if the circuit
build time is much greater than we would have cut it off at, we probably
had a suspend event along this codepath, and we should discard the
value.
2010-05-10 13:11:46 -07:00
Mike Perry
e40e35507e Bump timeout calculation message to notice when timeout changes. 2010-05-10 13:01:25 -07:00
Mike Perry
eecdd94dec Add consensus parameter for max synthetic quantile.
In case we decide that the timeout rate is now too high due to our
change of the max synthetic quantile value, this consensus parameter
will allow us to restore it to the previous value.
2010-05-10 13:00:34 -07:00
Mike Perry
e84025bc2b Update path-spec.txt with contents of proposal 151. 2010-05-10 12:59:05 -07:00
Mike Perry
835ab53102 Add a TIMEOUT_RATE keyword to buildtimeout event. 2010-05-10 12:59:05 -07:00
Mike Perry
3bbc3e2137 Bug 1335: Implement filtering step to remove+prevent high timeouts.
This is for the other issue we saw in Bug 1335. A large number of high
timeouts were causing the timeout calculation to slowly drift upwards,
especially in conditions of load. This fix repeatedly regenerates all of
our synthetic timeouts whenever the timeout changes, to try to prevent
drift.

It also lowers the timeout cap to help for some cases of Bug 1245, where
some timeout values were so large that we ended up allocating a ton of
scratch memory to count the histogram bins.

The downside is that lowering this cap is affecting our timeout rate.
Unfortunately, the buildtimeout quantile is now higher than the actual
completion rate by what appears to be about 7-10%, which probably
represents the skew in the distribution due to lowering this synthetic
cap.
2010-05-10 12:58:10 -07:00
Mike Perry
cc2a48f1be Bug 1335: Alter Xm calculation to be weighted avg of top N=3 modes.
In my state files, I was seeing several peaks, probably due to different
guards having different latency. This change is meant to better capture
this behavior and generate more reasonable timeouts when it happens. It
is improving the timeout values for my collection of state files.
2010-05-10 12:46:49 -07:00
Roger Dingledine
5add4b1d83 Merge commit 'linus/master' 2010-05-07 17:27:17 -04:00
Linus Nordberg
b7e533c1d7 Don't be bashistic. 2010-05-07 23:10:30 +02:00
Andy Isaacson
6751899fe1 use ssp-buffer-size=1 to avoid Werror failures
Build on Ubuntu 10.04 64-bit was failing:

util.c: In function ‘parse_http_time’:
util.c:1370: error: not protecting function: no buffer at least 8 bytes long

We don't want to lose -Werror, and we don't care too much about the
added overhead of protecting even small buffers, so let's simply turn on
SSP for all buffers.

Thanks to Jacob Appelbaum for the pointer and SwissTorExit for the
original report.

Signed-off-by: Andy Isaacson <adi@hexapodia.org>
2010-05-07 12:30:47 -07:00
Roger Dingledine
8ba00e4305 Merge commit 'ioerror/compileTimeHardening' 2010-05-07 12:05:26 -04:00
Jacob Appelbaum
04fa935e02 Add support for gcc compiler/linker hardening flags.
This patch adds support for two new configure options:
    '--enable-gcc-hardening'
    This sets CFLAGS to include:
        "-D_FORTIFY_SOURCE=2 -fstack-protector-all"
        "-fwrapv -fPIE -Wstack-protector -Wformat -Wformat-security"
        "-Wpointer-sign"
    It sets LDFLAGS to include:
        "-pie"

    '--enable-linker-hardening'
    This sets LDFLAGS to include:
        " -z relro -z now"
2010-05-07 16:15:26 +02:00
Roger Dingledine
89bb5fbce6 Merge branch 'maint-0.2.1' 2010-05-06 07:18:44 -04:00
Roger Dingledine
befcc84f43 move to maxmind geoip db 2010-05-06 07:15:22 -04:00
Roger Dingledine
c7114568c2 Merge branch 'maint-0.2.1' 2010-05-05 03:23:25 -04:00
Roger Dingledine
aec1daaed3 release notes entry for 0.2.1.26 2010-05-05 03:19:41 -04:00
Roger Dingledine
c359f10e29 bump to 0.2.2.13-alpha-dev 2010-05-05 03:12:33 -04:00
Roger Dingledine
ec3f576fbe put the blurb in 0.2.2.13-alpha 2010-05-05 03:12:26 -04:00
Sebastian Hahn
b3b2a57bbf Clarify the implications of the "Address" option
Fixes bug 1381
2010-05-02 00:38:22 +02:00
Sebastian Hahn
41c0d52810 check-speces is a typo. 2010-04-27 19:01:08 +02:00
Nick Mathewson
0c030b0b2f Merge branch 'hacking' 2010-04-27 12:29:03 -04:00
Nick Mathewson
8ec5f939a6 Add new sections to the HACKING file
The main changes are to explain how we use git branches, how we use
changes files, and what should go into a patch.  Putting these in
HACKING means that we shouldn't need to constantly refer to the or-dev
emails where we explain this stuff.
2010-04-27 12:24:35 -04:00
Roger Dingledine
feb8c1b5f6 bump to 0.2.2.13-alpha 2010-04-24 05:43:43 -04:00
Roger Dingledine
8afc7d563d prepare the 0.2.2.13-alpha changelog 2010-04-23 20:59:20 -04:00
Roger Dingledine
09be26dc51 Merge branch 'maint-0.2.1' 2010-04-23 20:44:31 -04:00
Roger Dingledine
95bc91cfc3 windows packaging cleanups from phobos 2010-04-23 20:43:40 -04:00
Roger Dingledine
e7bd97493c Merge branch 'maint-0.2.1' 2010-04-23 20:26:23 -04:00
Roger Dingledine
67b38d5068 close idle tls conns early 2010-04-23 20:23:00 -04:00
Roger Dingledine
b3019c6d2b Merge branch 'maint-0.2.1' 2010-04-23 19:46:29 -04:00
Roger Dingledine
45ab6959c9 blurbs for two recent alphas 2010-04-23 19:42:34 -04:00
Roger Dingledine
b264192083 finally get rid of "clique mode" 2010-04-23 19:39:42 -04:00
Roger Dingledine
cb31978adb close idle dir-fetch circs early 2010-04-23 18:35:11 -04:00
Roger Dingledine
573e1d40b3 finally get rid of "clique mode" 2010-04-21 21:35:18 -04:00
Roger Dingledine
6952b445cc stop authority reachability check on startup 2010-04-21 04:27:56 -04:00
Roger Dingledine
4f307e0382 immediate reachability check for new relays 2010-04-21 03:12:14 -04:00
Roger Dingledine
7231e289dd windows packaging cleanups from phobos 2010-04-20 20:17:28 -04:00
Roger Dingledine
92a6ae2b8d more logging when tracking missing descriptors 2010-04-20 18:02:23 -04:00
Roger Dingledine
2c1900ee5e bump to 0.2.2.12-alpha-dev 2010-04-20 17:56:28 -04:00
Roger Dingledine
3d8879a04d merge in the bug 1364 fix 2010-04-20 03:59:23 -04:00
Sebastian Hahn
0b82ce3eb6 Demote a warning about missing client ciphers 2010-04-20 03:57:33 -04:00
Roger Dingledine
18678e5f1e bump to 0.2.2.12-alpha 2010-04-20 03:56:15 -04:00
Roger Dingledine
ea6cdafee5 prepare for 0.2.2.12-alpha 2010-04-20 03:53:07 -04:00
Roger Dingledine
eaf5487d95 fetch descriptors from the authority that told us about them 2010-04-20 03:20:31 -04:00
Roger Dingledine
2e692bd8c9 fetch unknown descriptors if we see them in a vote 2010-04-20 03:03:33 -04:00
Roger Dingledine
77babb832a minor cleanups 2010-04-20 02:48:35 -04:00
Nick Mathewson
f2c30e97cc Switch geoip_get_request_history to asprintf; fix bug 1365 2010-04-20 01:09:40 -04:00
Roger Dingledine
de4a49adc2 fix "Got a certificate for ?? that we already have"
what's happening here is that we're fetching certs for obsolete
authorities -- probably legacy signers in this case. but try to
remain general in the log message.
2010-04-19 18:35:57 -04:00