diff options
author | Robert Ransom <rransom.8774@gmail.com> | 2011-12-24 04:55:20 -0800 |
---|---|---|
committer | Robert Ransom <rransom.8774@gmail.com> | 2011-12-27 08:02:43 -0800 |
commit | 836161c56062686d274abf4218779c4db5c8cf5c (patch) | |
tree | 382e1825809d3ac785082c6e52773342e3ddd5da | |
parent | f88c8ca8c98dc3a0c9e63012ce425d1287625444 (diff) | |
download | tor-836161c56062686d274abf4218779c4db5c8cf5c.tar.gz tor-836161c56062686d274abf4218779c4db5c8cf5c.zip |
Add an option to close HS service-side rend circs on timeout
-rw-r--r-- | changes/bug1297b | 4 | ||||
-rw-r--r-- | doc/tor.1.txt | 8 | ||||
-rw-r--r-- | src/or/circuituse.c | 3 | ||||
-rw-r--r-- | src/or/config.c | 1 | ||||
-rw-r--r-- | src/or/or.h | 4 |
5 files changed, 18 insertions, 2 deletions
diff --git a/changes/bug1297b b/changes/bug1297b index 9cf2597b02..fb0d00cabf 100644 --- a/changes/bug1297b +++ b/changes/bug1297b @@ -14,5 +14,7 @@ - Don't close hidden-service-side rendezvous circuits when they reach the normal circuit-build timeout. Previously, we would - close them. Fixes the remaining part of bug 1297. + close them. This behaviour change can be disabled using the new + CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes + the remaining part of bug 1297. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index f9425737b8..91a7c69a56 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -693,6 +693,14 @@ The following options are useful only for clients (that is, if another set of introduction and rendezvous circuits for the same destination hidden service will be launched. (Default: 0) +**CloseHSServiceRendCircuitsImmediatelyOnTimeout** **0**|**1**:: + If 1, Tor will close unfinished hidden-service-side rendezvous + circuits after the current circuit-build timeout. Otherwise, such + circuits will be left open, in the hope that they will finish + connecting to their destinations. In either case, another + rendezvous circuit for the same destination client will be + launched. (Default: 0) + **LongLivedPorts** __PORTS__:: A list of ports for services that tend to have long-running connections (e.g. chat and interactive shells). Circuits for streams that use these diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 9778ae7b29..c07d434b7c 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -553,7 +553,8 @@ circuit_expire_building(void) /* If this is a service-side rendezvous circuit which is far * enough along in connecting to its destination, consider sparing * it. */ - if (!(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) && + if (!(options->CloseHSServiceRendCircuitsImmediatelyOnTimeout) && + !(TO_ORIGIN_CIRCUIT(victim)->hs_circ_has_timed_out) && victim->purpose == CIRCUIT_PURPOSE_S_CONNECT_REND) { log_info(LD_CIRC,"Marking circ %s:%d:%d (state %d:%s, purpose %d) " "as timed-out HS circ; relaunching rendezvous attempt.", diff --git a/src/or/config.c b/src/or/config.c index 3374459b40..da4f3c195b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -307,6 +307,7 @@ static config_var_t _option_vars[] = { V(HSAuthoritativeDir, BOOL, "0"), OBSOLETE("HSAuthorityRecordStats"), V(CloseHSClientCircuitsImmediatelyOnTimeout, BOOL, "0"), + V(CloseHSServiceRendCircuitsImmediatelyOnTimeout, BOOL, "0"), V(HTTPProxy, STRING, NULL), V(HTTPProxyAuthenticator, STRING, NULL), V(HTTPSProxy, STRING, NULL), diff --git a/src/or/or.h b/src/or/or.h index 3ac8b92516..e246ac42e2 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3066,6 +3066,10 @@ typedef struct { * an INTRODUCE1 cell on its way to the service. */ int CloseHSClientCircuitsImmediatelyOnTimeout; + /** Close hidden-service-side rendezvous circuits immediately when + * they reach the normal circuit-build timeout. */ + int CloseHSServiceRendCircuitsImmediatelyOnTimeout; + int ConnLimit; /**< Demanded minimum number of simultaneous connections. */ int _ConnLimit; /**< Maximum allowed number of simultaneous connections. */ int RunAsDaemon; /**< If true, run in the background. (Unix only) */ |