diff options
| author | Yawning Angel <yawning@schwanenlied.me> | 2015-05-20 17:33:59 +0000 |
|---|---|---|
| committer | Yawning Angel <yawning@schwanenlied.me> | 2015-05-20 17:33:59 +0000 |
| commit | db7bde08be59398488624bc377d1d5318182ee45 (patch) | |
| tree | ea94749bcaf9952e55bbe74e80188bf2b3dc002e /src/or/circuituse.c | |
| parent | 32bd533ddac5bd7d594a81119449b3d30206eedd (diff) | |
| download | tor-db7bde08be59398488624bc377d1d5318182ee45.tar.gz tor-db7bde08be59398488624bc377d1d5318182ee45.zip | |
Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.
This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.
Addresses part of #16052.
Diffstat (limited to 'src/or/circuituse.c')
| -rw-r--r-- | src/or/circuituse.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/src/or/circuituse.c b/src/or/circuituse.c index b54a4d2a7f..a429a7d053 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1189,17 +1189,28 @@ circuit_detach_stream(circuit_t *circ, edge_connection_t *conn) if (CIRCUIT_IS_ORIGIN(circ)) { origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ); + int removed = 0; if (conn == origin_circ->p_streams) { origin_circ->p_streams = conn->next_stream; - return; + removed = 1; + } else { + for (prevconn = origin_circ->p_streams; + prevconn && prevconn->next_stream && prevconn->next_stream != conn; + prevconn = prevconn->next_stream) + ; + if (prevconn && prevconn->next_stream) { + prevconn->next_stream = conn->next_stream; + removed = 1; + } } - - for (prevconn = origin_circ->p_streams; - prevconn && prevconn->next_stream && prevconn->next_stream != conn; - prevconn = prevconn->next_stream) - ; - if (prevconn && prevconn->next_stream) { - prevconn->next_stream = conn->next_stream; + if (removed) { + /* If the stream was removed, and it was a rend stream, decrement the + * number of streams on the circuit associated with the rend service. + */ + if (circ->purpose == CIRCUIT_PURPOSE_S_REND_JOINED) { + tor_assert(origin_circ->rend_data); + origin_circ->rend_data->nr_streams--; + } return; } } else { |