diff options
| author | David Goulet <dgoulet@torproject.org> | 2020-02-11 09:56:44 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2020-02-11 09:57:05 -0500 |
| commit | 735aa208b1592e166d03ec96e90422293d26b98a (patch) | |
| tree | ab9b503d54c8cdd18cd0954d2b99de1fccfdf6a2 | |
| parent | bd4f4cb5f0f98f224f0f707c6dd00d2fd8e55a7a (diff) | |
| download | tor-735aa208b1592e166d03ec96e90422293d26b98a.tar.gz tor-735aa208b1592e166d03ec96e90422293d26b98a.zip | |
dirauth: Add option AuthDirRejectRequestsUnderLoad
This controls the previous feature added that makes dirauth send back a 503
error code on non relay connections if under bandwidth pressure.
Signed-off-by: David Goulet <dgoulet@torproject.org>
| -rw-r--r-- | doc/tor.1.txt | 7 | ||||
| -rw-r--r-- | src/app/config/config.c | 1 | ||||
| -rw-r--r-- | src/app/config/or_options_st.h | 7 |
3 files changed, 15 insertions, 0 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 1504223b89..c7c41e7841 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2925,6 +2925,13 @@ on the public Tor network. before it will treat advertised bandwidths as wholly unreliable. (Default: 500) +[[AuthDirRejectRequestsUnderLoad]] **AuthDirRejectRequestsUnderLoad** **0**|**1**:: + If set, the directory authority will start rejecting directory requests + from non relay connections by sending a 503 error code if it is under + bandwidth pressure (reaching the configured limit if any). Relays will + always tried to be answered even if this is on. (Default: 1) + + HIDDEN SERVICE OPTIONS ---------------------- diff --git a/src/app/config/config.c b/src/app/config/config.c index deda2448b6..89ec26f05c 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -671,6 +671,7 @@ static const config_var_t option_vars_[] = { OBSOLETE("UseNTorHandshake"), V(User, STRING, NULL), OBSOLETE("UserspaceIOCPBuffers"), + V(AuthDirRejectRequestsUnderLoad, BOOL, "1"), V(AuthDirSharedRandomness, BOOL, "1"), V(AuthDirTestEd25519LinkKeys, BOOL, "1"), OBSOLETE("V1AuthoritativeDirectory"), diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h index 32dcd9fb18..e6be797017 100644 --- a/src/app/config/or_options_st.h +++ b/src/app/config/or_options_st.h @@ -1008,6 +1008,13 @@ struct or_options_t { */ uint64_t MaxUnparseableDescSizeToLog; + /** Bool (default: 1): Under bandwidth pressure, if set to 1, the authority + * will always answer directory requests from relays but will start sending + * 503 error code for the other connections. If set to 0, all connections + * are considered the same and the authority will try to answer them all + * regardless of bandwidth pressure or not. */ + int AuthDirRejectRequestsUnderLoad; + /** Bool (default: 1): Switch for the shared random protocol. Only * relevant to a directory authority. If off, the authority won't * participate in the protocol. If on (default), a flag is added to the |