summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Ransom <rransom.8774@gmail.com>2011-12-24 04:55:20 -0800
committerRobert Ransom <rransom.8774@gmail.com>2011-12-27 08:02:43 -0800
commit836161c56062686d274abf4218779c4db5c8cf5c (patch)
tree382e1825809d3ac785082c6e52773342e3ddd5da
parentf88c8ca8c98dc3a0c9e63012ce425d1287625444 (diff)
downloadtor-836161c56062686d274abf4218779c4db5c8cf5c.tar.gz
tor-836161c56062686d274abf4218779c4db5c8cf5c.zip
Add an option to close HS service-side rend circs on timeout
-rw-r--r--changes/bug1297b4
-rw-r--r--doc/tor.1.txt8
-rw-r--r--src/or/circuituse.c3
-rw-r--r--src/or/config.c1
-rw-r--r--src/or/or.h4
5 files changed, 18 insertions, 2 deletions
diff --git a/changes/bug1297b b/changes/bug1297b
index 9cf2597b02..fb0d00cabf 100644
--- a/changes/bug1297b
+++ b/changes/bug1297b
@@ -14,5 +14,7 @@
- Don't close hidden-service-side rendezvous circuits when they
reach the normal circuit-build timeout. Previously, we would
- close them. Fixes the remaining part of bug 1297.
+ close them. This behaviour change can be disabled using the new
+ CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes
+ the remaining part of bug 1297.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index f9425737b8..91a7c69a56 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -693,6 +693,14 @@ The following options are useful only for clients (that is, if
another set of introduction and rendezvous circuits for the same
destination hidden service will be launched. (Default: 0)
+**CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**::
+ If 1, Tor will close unfinished hidden-service-side rendezvous
+ circuits after the current circuit-build timeout. Otherwise, such
+ circuits will be left open, in the hope that they will finish
+ connecting to their destinations. In either case, another
+ rendezvous circuit for the same destination client will be
+ launched. (Default: 0)
+
**LongLivedPorts** __PORTS__::
A list of ports for services that tend to have long-running connections
(e.g. chat and interactive shells). Circuits for streams that use these
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 9778ae7b29..c07d434b7c 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -553,7 +553,8 @@ circuit_expire_building(void)
/* If this is a service-side rendezvous circuit which is far
* enough along in connecting to its destination, consider sparing
* it. */
- if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
+ if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) &&
+ !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) &&
victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) {
log_info(LD_CIRC,"Marking circ %s:%d:%d (state %d:%s, purpose %d) "
"as timed-out HS circ; relaunching rendezvous attempt.",
diff --git a/src/or/config.c b/src/or/config.c
index 3374459b40..da4f3c195b 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -307,6 +307,7 @@ static config_var_t _option_vars[] = {
V(HSAuthoritativeDir, BOOL, "0"),
OBSOLETE("HSAuthorityRecordStats"),
V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"),
+ V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"),
V(HTTPProxy, STRING, NULL),
V(HTTPProxyAuthenticator, STRING, NULL),
V(HTTPSProxy, STRING, NULL),
diff --git a/src/or/or.h b/src/or/or.h
index 3ac8b92516..e246ac42e2 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3066,6 +3066,10 @@ typedef struct {
* an INTRODUCE1 cell on its way to the service. */
int CloseHSClientCircuitsImmediatelyOnTimeout;
+ /** Close hidden-service-side rendezvous circuits immediately when
+ * they reach the normal circuit-build timeout. */
+ int CloseHSServiceRendCircuitsImmediatelyOnTimeout;
+
int ConnLimit; /**< Demanded minimum number of simultaneous connections. */
int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */
int RunAsDaemon; /**< If true, run in the background. (Unix only) */