nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
38,422 Commits 53 Branches 630 Tags 128 MiB
d9821bdea5
Commit Graph

27966 Commits

Author SHA1 Message Date
Mike Perry
00633bc619 metrics: Report amount of cwnd drop from delta and gamma 
Part of #40708.
 2022-11-08 12:47:14 -05:00
David Goulet
2adc73afdb Merge branch 'maint-0.4.7' 2022-11-08 12:36:44 -05:00
David Goulet
fde87096c3 Merge branch 'tor-gitlab/mr/650' into maint-0.4.7 2022-11-08 12:36:19 -05:00
David Goulet
d634a5ebc7 relay: Remove unused conn->ext_or_conn_id 
This also incidently removes a use of uninitialized stack data from the
connection_or_set_ext_or_identifier() function.

Fixes #40648

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-08 12:35:09 -05:00
David Goulet
2066e0494c math: Replace naughty macro by an inline function 
Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-07 14:49:41 -05:00
Mike Perry
fec9757a37 metrics: Add flow control metrics. 
Part of #40708.
 2022-11-07 09:55:06 -05:00
Mike Perry
2f7e05d89d metrics: Add stats when the clock stalls. 
Part of #40708.
 2022-11-07 09:55:06 -05:00
Mike Perry
83fdaff7c0 metrics: Add running average of CC cwnd in slow start when closing circuit 
Count slow start separately.

Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-07 09:55:06 -05:00
David Goulet
62ce557b0b metrics: Add stats when reaching vegas delta or ss_cwnd_max 
Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-07 09:55:06 -05:00
David Goulet
a0e72fcb97 metrics: Add running average of CC cwnd when closing circuit 
Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-07 09:55:06 -05:00
David Goulet
c565ef9c58 metrics: Add running average of CC cwnd when exiting slow start 
Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-07 09:55:06 -05:00
Vinícius Zavam
bd64e6bd08
fix: %s/param.sh/param.h 
while here also reflect the check for __NETBSD_SOURCE on
tor_libc_get_version_str
 2022-11-05 20:51:26 +00:00
Vinícius Zavam
cc95be8e17
fix: we shall not produce warnings compiling tor 2022-11-05 20:49:04 +00:00
Vinícius Zavam
64f8490ede
present __DragonFly_version, from DragonFlyBSD 2022-11-05 18:58:59 +00:00
Vinícius Zavam
2077b880d8
once NetBSD was presented, return its version 
* defined by __NetBSD_Version__ on <sys/param.h> too.
 2022-11-05 18:46:09 +00:00
Vinícius Zavam
8a879395ab
make tor_libc_get_name aware of NetBSD 
* __NETBSD_SOURCE was used here to verify if we are running on NetBSD
 2022-11-05 18:41:17 +00:00
Vinícius Zavam
c98ec6d001
return what OpenBSD gives as base system version 
* it also uses sys/param.h to track its version;
  * present that to tor_libc_get_version_str() as libc version;

  while here, we also fix the return of FreeBSD version

  * __FreeBSD_version is the correct var tracking the OSVERSION
 2022-11-05 18:38:04 +00:00
Vinícius Zavam
9c7f919d6f
should we identify __FreeBSD__, return its version 
* we use OSVERSION here (defined by __FreeBSD__);
  * it's part of the <sys/param.h> include;
  * that tracks all noteworthy changes made to the base system.
 2022-11-05 18:31:46 +00:00
Vinícius Zavam
dba3090a68
return BSD if tor_libc_get_name sees __BSD_VISIBLE 
* __BSD_VISIBLE is defined by systems like FreeBSD and OpenBSD;
  * that also extends to DragonFlyBSD;
  * it's used on stdlib.h and ctypes.h on those systems.
 2022-11-05 18:17:12 +00:00
David Goulet
6196e9596a metrics: Add connection socket family to metrics 
Adds either ipv4 or ipv6 to the "tor_relay_connections_total" stats.

Closes #40710

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-03 13:05:21 -04:00
David Goulet
87e820a0c5 metrics: Add stats for num circ reaching max cell outq 
Part of #40708

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-11-03 09:37:38 -04:00
Rasmus Dahlberg
0fe2096144 Clip DNS TTL values once in event callback 
This change ensures that other parts of the code base always operate on
the same clipped TTL values, notably without being aware of clipping.
 2022-11-01 09:29:19 -04:00
David Goulet
b04705305b Merge branch 'tor-gitlab/mr/649' 2022-11-01 09:14:33 -04:00
David Goulet
15e5b203cd Merge branch 'tor-gitlab/mr/594' 2022-11-01 09:11:29 -04:00
Alexander Færøy
75d12dffe7 Remove BUG() in Windows process read callback. 
This BUG() was added when the code was written to see if this callback
was ever executed after we marked the handle as EOF. It turns out, it
does, but we handle it gracefully. We can therefore remove the BUG().

Fixes tpo/core/tor#40596.
 2022-11-01 11:11:20 +01:00
David Goulet
c733ccda99 Merge branch 'tor-gitlab/mr/579' 2022-10-31 15:28:36 -04:00
David Goulet
2a838c196d Merge branch 'maint-0.4.7' 2022-10-31 15:00:15 -04:00
David Goulet
3596d193be Merge branch 'tor-gitlab/mr/636' 2022-10-31 14:15:00 -04:00
David Goulet
619dd35321 sandbox: Add my-consensus-<flavor-name> to sandbox for dirauth 
Fixese #40663

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-31 11:37:43 -04:00
David Goulet
65a85a9d23 Merge branch 'maint-0.4.7' 2022-10-31 11:21:21 -04:00
David Goulet
19b080f2aa Merge branch 'tor-gitlab/mr/646' 2022-10-28 12:07:51 -04:00
David Goulet
5db238f3e3 thread: Bump max detectable CPU from 16 to 128 
Lets take advantage of those beefy machines ;).

Closes #40703

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-28 11:28:43 -04:00
Jeremy Saklad
7e80ad4787
relay: Skip warnings for single onion services 
Single onion services are not secret, so there is no added risk from
using accounting or running a relay in the same instance.

Related to #40691
 2022-10-28 09:15:14 -05:00
Roger Dingledine
338185d840 resolve a BUG() on relays at startup 
Remove a harmless "Bug" log message that can happen in
relay_addr_learn_from_dirauth() on relays during startup:

tor_bug_occurred_(): Bug: ../src/feature/relay/relay_find_addr.c:225: relay_addr_learn_from_dirauth: Non-fatal assertion !(!ei) failed. (on Tor 0.4.7.10 )
Bug: Tor 0.4.7.10: Non-fatal assertion !(!ei) failed in relay_addr_learn_from_dirauth at ../src/feature/relay/relay_find_addr.c:225. Stack trace: (on Tor 0.4.7.10 )

Finishes fixing bug 40231.

Fixes bug 40523; bugfix on 0.4.5.4-rc.
 2022-10-27 20:07:48 -04:00
David Goulet
3c58fa8a6f Merge branch 'maint-0.4.7' 2022-10-27 11:41:48 -04:00
David Goulet
72f52d2c85 Merge branch 'tor-gitlab/mr/644' into maint-0.4.7 2022-10-27 11:41:43 -04:00
David Goulet
0918cc2783 Merge branch 'maint-0.4.7' 2022-10-27 11:41:26 -04:00
David Goulet
6d40e980fb metrics: Treat relay connections as gauge, not counter 
Fixes #40699

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 11:37:21 -04:00
David Goulet
177f3a40eb metrics: Add number of opened circuits to MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 10:48:52 -04:00
David Goulet
1a2d93f72a relay: Add our consensus relay flag to MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 10:48:52 -04:00
David Goulet
48ab17cc72 metrics: Add traffic related stats to MetricsPort 
At this commit, bytes read and written are exported.

Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 10:48:48 -04:00
David Goulet
cd7be492d1 relay: Add DoS subsystem stats to MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 10:47:56 -04:00
David Goulet
fff2b92682 Merge branch 'maint-0.4.7' 2022-10-27 10:46:54 -04:00
David Goulet
a1c40c8511 metrics: Fix naming and documentation 
After nickm's review, minor changes to names and comments.

Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-27 10:45:08 -04:00
David Goulet
dcbedc6c3f Merge branch 'tor-gitlab/mr/596' 2022-10-26 15:27:03 -04:00
David Goulet
06a26f1872 relay: Change the connection metrics name 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:16:48 -04:00
David Goulet
00f714b374 relay: Add CC RTT reset stats to MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:16:48 -04:00
David Goulet
e7e18ae914 relay: Add total number of streams seen on MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:16:48 -04:00
David Goulet
98b98fd3ce rephist: Track number of streams seen per type 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:16:48 -04:00
David Goulet
dd272b6ef4 Merge remote-tracking branch 'tor-gitlab/mr/638' 2022-10-26 15:12:54 -04:00
David Goulet
78c184d2fe hs: Retry service rendezvous on circuit close 
Move the retry from circuit_expire_building() to when the offending
circuit is being closed.

Fixes #40695

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:10:39 -04:00
David Goulet
5b44a32c59 circ: Get rid of hs_circ_has_timed_out 
Logic is too convoluted and we can't efficiently apply a specific
timeout depending on the purpose.

Remove it and instead rely on the right circuit cutoff instead of
keeping this flagged circuit open forever.

Part of #40694

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:10:37 -04:00
David Goulet
88b5daf152 circ: Set proper timeout cutoff for HS circuits 
Explicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.

As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and join our rendezvous.

Part of #40694

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:10:34 -04:00
David Goulet
fb21387882 Merge branch 'tor-gitlab/mr/637' 2022-10-26 15:07:42 -04:00
David Goulet
a7aa22a4e7 hs: Retry rdv circuit if repurposed 
This can happen if our measurement subsystem decides to snatch it.

Fixes #40696

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 15:05:44 -04:00
David Goulet
ca135a127d Merge branch 'maint-0.4.7' 2022-10-26 15:01:43 -04:00
David Goulet
0a49e04691 Merge branch 'tor-gitlab/mr/635' into maint-0.4.7 2022-10-26 15:01:40 -04:00
David Goulet
a2ee39452a Merge branch 'tor-gitlab/mr/633' 2022-10-26 14:58:21 -04:00
David Goulet
59008c6f51 hs: Change the error for a collapsing client circuit 
Change it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.

Closes #40692

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 14:56:45 -04:00
David Goulet
bb9f2ea8fb Merge branch 'maint-0.4.7' 2022-10-26 14:21:41 -04:00
David Goulet
a317326aae Merge branch 'maint-0.4.5' into maint-0.4.7 2022-10-26 14:21:41 -04:00
David Goulet
7a851e8983 Merge branch 'tor-gitlab/mr/631' into maint-0.4.5 2022-10-26 14:21:35 -04:00
David Goulet
efad436432 dirauth: Remove Faravahar 
Closes #40688

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 14:20:07 -04:00
David Goulet
4a7824b9ae Merge branch 'maint-0.4.7' 2022-10-26 14:12:51 -04:00
David Goulet
e19cf2dac6 Merge branch 'maint-0.4.5' into maint-0.4.7 2022-10-26 14:12:51 -04:00
David Goulet
b113b08722 Merge branch 'maint-0.4.7' 2022-10-26 14:07:49 -04:00
David Goulet
f501564b40 relay: Reduce the minimum circuit cell in queue limit 
With congestion control, the flow control window is much lower than the
initial 1000.

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 14:05:28 -04:00
David Goulet
a2c034d8f5 dos: Apply circuit creation defenses if circ max queue cell reached 
This adds two consensus parameters to control the outbound max circuit
queue cell size limit and how many times it is allowed to reach that
limit for a single client IP.

Closes #40680

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-26 14:05:28 -04:00
Roger Dingledine
c56980f5e5 use consensus ip:port for dir auths if different 
Directory authorities and relays now interact properly with directory
authorities if they change addresses. In the past, they would continue
to upload votes, signatures, descriptors, etc to the hard-coded address
in the configuration. Now, if the directory authority is listed in
the consensus at a different address, they will direct queries to this
new address.

Specifically, these three activities have changed:

* Posting a vote, a signature, or a relay descriptor to all the dir auths.

* Dir auths fetching missing votes or signatures from all the dir auths.

* Dir auths fetching new descriptors from a specific dir auth when they
just learned about them from that dir auth's vote.

We already do this desired behavior (prefer the address in the consensus,
but fall back to the hard-coded dirservers info if needed) when fetching
missing certs.

There is a fifth case, in router_pick_trusteddirserver(), where clients
and relays are trying to reach a random dir auth to fetch something. I
left that case alone for now because the interaction with fallbackdirs
is complicated.

Implements ticket 40705.
 2022-10-25 04:19:37 -04:00
Roger Dingledine
2033cc7b5e clean up comment a bit 2022-10-25 02:55:13 -04:00
David Goulet
6300a9548d hs: Retry rdv circuit if repurposed 
This can happen if our measurement subsystem decides to snatch it.

Fixes #40696

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-24 11:03:38 -04:00
Roger Dingledine
bab8375ef5 dir auths now omit Measured= if rs->is_authority 
Directory authorities stop voting a consensus "Measured" weight
for relays with the Authority flag. Now these relays will be
considered unmeasured, which should reserve their bandwidth
for their dir auth role and minimize distractions from other roles.

In place of the "Measured" weight, they now include a
"MeasuredButAuthority" weight (not used by anything) so the bandwidth
authority's opinion on this relay can be recorded for posterity.

Resolves ticket 40698.
 2022-10-24 04:34:49 -04:00
Roger Dingledine
ea2ba4f5a8 back out most of commit b7992d4f 
The AuthDirDontVoteOnDirAuthBandwidth torrc option never worked, and it
was implemented in a way that could have produced consensus conflicts
if it had.

Resolves bug 40700.
 2022-10-24 04:34:00 -04:00
David Goulet
04cccd7074 hs: Retry service rendezvous on circuit close 
Move the retry from circuit_expire_building() to when the offending
circuit is being closed.

Fixes #40695

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-19 16:39:10 -04:00
David Goulet
921268d4ce circ: Get rid of hs_circ_has_timed_out 
Logic is too convoluted and we can't efficiently apply a specific
timeout depending on the purpose.

Remove it and instead rely on the right circuit cutoff instead of
keeping this flagged circuit open forever.

Part of #40694

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-19 16:39:10 -04:00
David Goulet
de0fda7a79 circ: Set proper timeout cutoff for HS circuits 
Explicitly set the S_CONNECT_REND purpose to a 4-hop cutoff.

As for the established rendezvous circuit waiting on the RENDEZVOUS2,
set one that is very long considering the possible waiting time for the
service to get the request and join our rendezvous.

Part of #40694

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-19 14:50:00 -04:00
David Goulet
8463111c9b hs: Change the error for a collapsing client circuit 
Change it to an "unreachable" error so the intro point can be retried
and not flagged as a failure and never retried again.

Closes #40692

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-19 14:41:48 -04:00
David Goulet
938070f5c4 dirauth: Change dizum IP address 
Closes #40687

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-18 10:35:54 -04:00
David Goulet
e86833ade6 Merge branch 'maint-0.4.5' into maint-0.4.7 2022-10-14 09:12:23 -04:00
David Goulet
28413e7560 Merge branch 'maint-0.4.7' 2022-10-14 09:12:23 -04:00
Nick Mathewson
e531d4d1b9 Fix a completely wrong calculation in mach monotime_init_internal() 
Bug 1: We were purporting to calculate milliseconds per tick, when we
*should* have been computing ticks per millisecond.

Bug 2: Instead of computing either one of those, we were _actually_
computing femtoseconds per tick.

These two bugs covered for one another on x86 hardware, where 1 tick
== 1 nanosecond.  But on M1 OSX, 1 tick is about 41 nanoseconds,
causing surprising results.

Fixes bug 40684; bugfix on 0.3.3.1-alpha.
 2022-10-13 13:40:10 -04:00
David Goulet
5080a4ff67 Merge branch 'maint-0.4.7' 2022-10-12 15:52:04 -04:00
David Goulet
c8d8fa0d36 relay: Add number of rejected connections to MetricsPort 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-12 09:25:19 -04:00
David Goulet
d543db5ac0 relay: Add connection stats to MetricsPort 
This adds the number of created and opened connections to the
MetricsPort for a relay for each connection type and direction.

Output looks like:

  # HELP tor_relay_connections Connections metrics of this relay
  # TYPE tor_relay_connections counter
  tor_relay_connections{type="OR listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="OR listener",direction="received",state="created"} 0
  tor_relay_connections{type="OR listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="OR listener",direction="received",state="opened"} 0
  tor_relay_connections{type="OR",direction="initiated",state="created"} 5
  tor_relay_connections{type="OR",direction="received",state="created"} 0
  tor_relay_connections{type="OR",direction="initiated",state="opened"} 5
  tor_relay_connections{type="OR",direction="received",state="opened"} 0
  tor_relay_connections{type="Exit",direction="initiated",state="created"} 0
  tor_relay_connections{type="Exit",direction="received",state="created"} 0
  tor_relay_connections{type="Exit",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Exit",direction="received",state="opened"} 0
  tor_relay_connections{type="Socks listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Socks listener",direction="received",state="created"} 0
  tor_relay_connections{type="Socks listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Socks listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Socks",direction="initiated",state="created"} 0
  tor_relay_connections{type="Socks",direction="received",state="created"} 0
  tor_relay_connections{type="Socks",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Socks",direction="received",state="opened"} 0
  tor_relay_connections{type="Directory listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Directory listener",direction="received",state="created"} 0
  tor_relay_connections{type="Directory listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Directory listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Directory",direction="initiated",state="created"} 0
  tor_relay_connections{type="Directory",direction="received",state="created"} 0
  tor_relay_connections{type="Directory",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Directory",direction="received",state="opened"} 0
  tor_relay_connections{type="Control listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Control listener",direction="received",state="created"} 0
  tor_relay_connections{type="Control listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Control listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Control",direction="initiated",state="created"} 0
  tor_relay_connections{type="Control",direction="received",state="created"} 0
  tor_relay_connections{type="Control",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Control",direction="received",state="opened"} 0
  tor_relay_connections{type="Transparent pf/netfilter listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Transparent pf/netfilter listener",direction="received",state="created"} 0
  tor_relay_connections{type="Transparent pf/netfilter listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Transparent pf/netfilter listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Transparent natd listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Transparent natd listener",direction="received",state="created"} 0
  tor_relay_connections{type="Transparent natd listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Transparent natd listener",direction="received",state="opened"} 0
  tor_relay_connections{type="DNS listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="DNS listener",direction="received",state="created"} 0
  tor_relay_connections{type="DNS listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="DNS listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Extended OR",direction="initiated",state="created"} 0
  tor_relay_connections{type="Extended OR",direction="received",state="created"} 0
  tor_relay_connections{type="Extended OR",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Extended OR",direction="received",state="opened"} 0
  tor_relay_connections{type="Extended OR listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Extended OR listener",direction="received",state="created"} 0
  tor_relay_connections{type="Extended OR listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Extended OR listener",direction="received",state="opened"} 0
  tor_relay_connections{type="HTTP tunnel listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="HTTP tunnel listener",direction="received",state="created"} 0
  tor_relay_connections{type="HTTP tunnel listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="HTTP tunnel listener",direction="received",state="opened"} 0
  tor_relay_connections{type="Metrics listener",direction="initiated",state="created"} 0
  tor_relay_connections{type="Metrics listener",direction="received",state="created"} 1
  tor_relay_connections{type="Metrics listener",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Metrics listener",direction="received",state="opened"} 1
  tor_relay_connections{type="Metrics",direction="initiated",state="created"} 0
  tor_relay_connections{type="Metrics",direction="received",state="created"} 0
  tor_relay_connections{type="Metrics",direction="initiated",state="opened"} 0
  tor_relay_connections{type="Metrics",direction="received",state="opened"} 0

Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-12 09:25:19 -04:00
David Goulet
5603baf257 conn: Keep stats of opened and closed connections 
Related to #40194

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-10-12 09:25:19 -04:00
David Goulet
4692cf8688 Merge branch 'maint-0.4.7' 2022-10-11 10:09:37 -04:00
Andy
d09414858e Properly compute cell-drop overload fraction 
Patch to address #40673. An additional check has been added to
onion_pending_add() in order to ensure that we avoid counting create
cells from clients.

In the cpuworker.c assign_onionskin_to_cpuworker
method if total_pending_tasks >= max_pending_tasks
and channel_is_client(circ->p_chan) returns false then
rep_hist_note_circuit_handshake_dropped() will be called and
rep_hist_note_circuit_handshake_assigned() will not be called. This
causes relays to run into errors due to the fact that the number of
dropped packets exceeds the total number of assigned packets.

To avoid this situation a check has been added to
onion_pending_add() to ensure that these erroneous calls to
rep_hist_note_circuit_handshake_dropped() are not made.

See the #40673 ticket for the conversation with armadev about this issue.
 2022-10-06 00:46:29 -04:00
Nick Mathewson
5afaf1856f Merge remote-tracking branch 'tor-gitlab/mr/614' 2022-09-26 12:46:04 -04:00
pseudonymisaTor
5f04e1e062 remove unused DEFAULT_CLIENT_NICKNAME 2022-09-22 08:18:12 +00:00
Tor CI Release
2dff82dc72 version: Bump version to 0.4.7.10-dev 2022-08-12 10:55:03 -04:00
Tor CI Release
d52a5f2181 version: Bump version to 0.4.5.14-dev 2022-08-12 10:54:19 -04:00
Tor CI Release
f732a91a73 version: Bump version to 0.4.7.10 2022-08-12 10:19:37 -04:00
Tor CI Release
ecb194b9da version: Bump version to 0.4.5.14 2022-08-12 10:12:06 -04:00
David Goulet
0cc27ecfdc Merge branch 'maint-0.4.7' 2022-08-12 09:56:54 -04:00
David Goulet
c4ff6a4f55 Merge branch 'maint-0.4.6' into maint-0.4.7 2022-08-12 09:56:54 -04:00
David Goulet
8244eefcd3 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-12 09:56:54 -04:00
David Goulet
bb88086c72 geoip: Update geoip files with August 9th, 2022 database 
Fixes #40658

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-12 09:56:50 -04:00
Tor CI Release
1506eca5aa version: Bump version to 0.4.7.9-dev 2022-08-11 11:15:05 -04:00
Tor CI Release
8e868600dd version: Bump version to 0.4.6.11-dev 2022-08-11 11:14:44 -04:00
Tor CI Release
3b143927b3 version: Bump version to 0.4.5.13-dev 2022-08-11 11:14:20 -04:00
Tor CI Release
f478be6dc7 version: Bump version to 0.4.7.9 2022-08-11 10:24:15 -04:00
Tor CI Release
661c214f4b version: Bump version to 0.4.6.11 2022-08-11 10:19:11 -04:00
Tor CI Release
56152a1048 version: Bump version to 0.4.5.13 2022-08-11 09:50:20 -04:00
David Goulet
c142b59503 Merge branch 'maint-0.4.7' 2022-08-11 09:44:47 -04:00
David Goulet
9b4d3ed492 Merge branch 'maint-0.4.6' into maint-0.4.7 2022-08-11 09:44:47 -04:00
David Goulet
c65d8b2aad Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-11 09:44:47 -04:00
Tor CI Release
65ffb97c2f fallbackdir: Update list generated on August 11, 2022 2022-08-11 09:44:39 -04:00
Tor CI Release
f9acdd0630 Update geoip files to match ipfire location db, 2022/08/11. 2022-08-11 09:44:32 -04:00
David Goulet
c9232e8f3f Merge branch 'maint-0.4.7' 2022-08-11 09:27:03 -04:00
Mike Perry
432b2e50c9 Tune congestion control parameters. 2022-08-11 09:26:51 -04:00
Mike Perry
0cde7bc6d6 Reduce the number of vegas parameters. 
We need to tune these, but we're not likely to need the subtle differences
between a few of them. Removing them will prevent our consensus parameter
string from becoming too long in the event of tuning.
 2022-08-11 09:26:51 -04:00
Mike Perry
acdc0ecdd4 Reset the min value if we hit cwnd_min. 
This can avoid circuits getting stuck due to an abnormally low min value.
 2022-08-11 09:26:51 -04:00
Mike Perry
4444f5f4ed Use EWMA instead of bare rtt for min rtt. 
This allows us to average out minimums due to lulls in activity a bit more.
 2022-08-11 09:26:51 -04:00
Mike Perry
08c3ee8eca Create slow-start max for n_ewma_cnt. 
Since slow-start now checks every sendme, lower EWMA is better.
 2022-08-11 09:26:51 -04:00
Mike Perry
832a1d9fae Implement RFC3742 Limited Slow Start 
RFC3742 updates the cwnd every sendme during slow start, and backs off of the
exponential growth based on a cap parameter.
 2022-08-11 09:26:51 -04:00
David Goulet
a88ed7a670 fallbackdirs: Update list from maint-0.4.7 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-10 13:59:47 -04:00
David Goulet
9e8f76d430 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-10 13:59:20 -04:00
David Goulet
362839a77d fallbackdirs: Update list from maint-0.4.7 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-10 13:59:14 -04:00
David Goulet
9d88a8be31 geoip: Get latest from maint-0.4.7 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-10 13:43:46 -04:00
David Goulet
e465f511a5 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-10 13:41:25 -04:00
David Goulet
13d2d1246f geoip: Update files from maint-0.4.7 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-10 13:41:22 -04:00
David Goulet
4d18f4aa9a Merge branch 'maint-0.4.7' 2022-08-10 08:53:08 -04:00
Roger Dingledine
d48eaff86d ignore families for L2 guard independence 
mike is concerned that we would get too much exposure to adversaries,
if we enforce that none of our L2 guards can be in the same family.

this change set now essentially finishes the feature that commit a77727cdc
was attempting to add, but strips the "_and_family" part of that plan.
 2022-08-09 16:39:26 -04:00
Roger Dingledine
7b1fffe0dd make L2 vanguards actually independent 
We had omitted some checks for whether our vanguards (second layer
guards from proposal 333) overlapped or came from the same family.
Now make sure to pick each of them to be independent.

Fixes bug 40639; bugfix on 0.4.7.1-alpha.
 2022-08-09 14:47:11 -04:00
David Goulet
16664c0017 Merge branch 'maint-0.4.7' 2022-08-09 11:01:44 -04:00
David Goulet
8bf1a86ae1 dirauth: Make voting flag threshold tunable via torrc 
Remove UPTIME_TO_GUARANTEE_STABLE, MTBF_TO_GUARANTEE_STABLE,
TIME_KNOWN_TO_GUARANTEE_FAMILIAR WFU_TO_GUARANTEE_GUARD and replace each
of them with a tunnable torrc option.

Related to #40652

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-09 11:01:12 -04:00
Roger Dingledine
ac306581af fix a few more typos in comments 2022-08-06 21:04:28 -04:00
David Goulet
681c15a32d dirauth: Add a AuthDirVoteGuard to pin Guard flags 
Related to #40652

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-04 13:32:56 -04:00
David Goulet
5cc6ab0c1e Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-02 16:14:02 -04:00
David Goulet
bf30943cb7 Merge branch 'maint-0.4.7' 2022-08-02 16:14:02 -04:00
David Goulet
eee35adf74 Merge branch 'maint-0.4.6' into maint-0.4.7 2022-08-02 16:14:02 -04:00
David Goulet
10d755ead5 Merge branch 'tor-gitlab/mr/608' into maint-0.4.5 2022-08-02 16:13:58 -04:00
David Goulet
e69cf2340b Merge branch 'maint-0.4.5' into maint-0.4.6 2022-08-02 16:08:50 -04:00
David Goulet
4d3f42a6f2 Merge branch 'maint-0.4.7' 2022-08-02 16:08:50 -04:00
David Goulet
645eff49ac Merge branch 'maint-0.4.6' into maint-0.4.7 2022-08-02 16:08:50 -04:00
David Goulet
6fcae8e0d0 relay: Don't send DESTROY remote reason backward or forward 
Fixes #40649

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-02 15:53:31 -04:00
David Goulet
f51c68729f Merge branch 'maint-0.4.7' 2022-08-02 15:31:00 -04:00
Mike Perry
533fe36957 Add an underflow check to a cwnd error condition. 2022-08-02 18:13:42 +00:00
David Goulet
0c984e0ec2 conn: Notify btrack subsys on normal OR conn close 
Fixes #40604

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-08-01 10:58:40 -04:00
David Goulet
e618a7e445 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-07-27 11:33:19 -04:00
David Goulet
22cb4c23d0 Merge branch 'maint-0.4.7' 2022-07-27 11:33:19 -04:00
David Goulet
7654e12be8 Merge branch 'maint-0.4.6' into maint-0.4.7 2022-07-27 11:33:19 -04:00
David Goulet
691e542fd5 Merge branch 'tor-gitlab/mr/605' into maint-0.4.5 2022-07-27 11:33:16 -04:00
Nick Mathewson
8e7bd96362 Fix a check, make a netflow padding function more safe. 
Previously, `channelpadding_get_netflow_inactive_timeout_ms` would
crash with an assertion failure if `low_timeout` was greater than
`high_timeout`. That wasn't possible in practice because of checks
in `channelpadding_update_padding_for_channel`, but it's better not
to have a function whose correctness is this tricky to prove.

Fixes #40645.  Bugfix on 0.3.1.1-alpha.
 2022-07-27 09:16:50 -04:00
David Goulet
dc13936f20 relay: Use remote reason when sending back a DESTROY 
Fix from previous commit where a DESTROY cell is sent instead of a
TRUNCATED.

Related to #40623

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-07-27 08:32:01 -04:00
David Goulet
ce1675ef65 Merge branch 'tor-gitlab/mr/601' 2022-07-26 16:18:04 -04:00
David Goulet
5260b4ef34 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-07-26 16:16:04 -04:00
David Goulet
e98995bb08 Merge branch 'maint-0.4.6' into maint-0.4.7 2022-07-26 16:16:04 -04:00
David Goulet
028f5fd6ea Merge branch 'maint-0.4.7' 2022-07-26 16:16:04 -04:00
David Goulet
ed74c52158 cmux: Remove a log bug that is actually an acceptable race 
Closes #40647

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2022-07-26 16:14:09 -04:00