summaryrefslogtreecommitdiff
path: root/src/or/circuitbuild.c
diff options
context:
space:
mode:
authorMike Perry <mikeperry-git@fscked.org>2010-09-29 10:06:31 -0700
committerMike Perry <mikeperry-git@fscked.org>2010-09-29 11:49:43 -0700
commit4324bb1b213613b9fc304054ea31aecf50773ba3 (patch)
tree75fe38ecc5fa788fa58be398591eaff42e71a779 /src/or/circuitbuild.c
parent11910cf5b32edfd6b900386d37bb69c7592174c1 (diff)
downloadtor-4324bb1b213613b9fc304054ea31aecf50773ba3.tar.gz
tor-4324bb1b213613b9fc304054ea31aecf50773ba3.zip
Cap the circuit build timeout to the max time we've seen.
Also, cap the measurement timeout to 2X the max we've seen.
Diffstat (limited to 'src/or/circuitbuild.c')
-rw-r--r--src/or/circuitbuild.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 234765bcaf..7a0a215768 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1204,6 +1204,7 @@ circuit_build_times_count_timeout(circuit_build_times_t *cbt,
static int
circuit_build_times_set_timeout_worker(circuit_build_times_t *cbt)
{
+ build_time_t max_time;
if (cbt->total_build_times < circuit_build_times_min_circs_to_observe()) {
return 0;
}
@@ -1217,11 +1218,29 @@ circuit_build_times_set_timeout_worker(circuit_build_times_t *cbt)
cbt->close_ms = circuit_build_times_calculate_timeout(cbt,
circuit_build_times_close_quantile());
+ max_time = circuit_build_times_max(cbt);
+
/* Sometimes really fast guard nodes give us such a steep curve
* that this ends up being not that much greater than timeout_ms.
* Make it be at least 1 min to handle this case. */
cbt->close_ms = MAX(cbt->close_ms, circuit_build_times_initial_timeout());
+ if (cbt->timeout_ms > max_time) {
+ log_notice(LD_CIRC,
+ "Circuit build timeout of %dms is beyond the maximum build "
+ "time we have ever observed. Capping it to %dms.",
+ (int)cbt->timeout_ms, max_time);
+ cbt->timeout_ms = max_time;
+ }
+
+ if (max_time < INT32_MAX/2 && cbt->close_ms > 2*max_time) {
+ log_notice(LD_CIRC,
+ "Circuit build measurement period of %dms is more than twice "
+ "the maximum build time we have ever observed. Capping it to "
+ "%dms.", (int)cbt->close_ms, 2*max_time);
+ cbt->close_ms = 2*max_time;
+ }
+
cbt->have_computed_timeout = 1;
return 1;
}