summaryrefslogtreecommitdiff
path: root/src/or/circuituse.c
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2005-01-12 04:58:23 +0000
committerRoger Dingledine <arma@torproject.org>2005-01-12 04:58:23 +0000
commit84c81e07838f5966f7a949df9b8f7d5bbb72d62e (patch)
tree9c3f159d592f1a9615fb2608cd23e6921dd54d4f /src/or/circuituse.c
parent51f47d746e602b4043b054acb733e9e389361c30 (diff)
downloadtor-84c81e07838f5966f7a949df9b8f7d5bbb72d62e.tar.gz
tor-84c81e07838f5966f7a949df9b8f7d5bbb72d62e.zip
Annotate circuits w/ whether they aim to contain high uptime nodes and/or
high capacity nodes. When building circuits, choose appropriate nodes. New config option LongLivedPorts to indicate application streams that will want high uptime circuits. When attaching a stream to a circuit, pay attention to its requirements. This means that every single node in an intro rend circuit, not just the last one, will have a minimum uptime. Boost the min uptime from an hour to 24 hours. svn:r3339
Diffstat (limited to 'src/or/circuituse.c')
-rw-r--r--src/or/circuituse.c36
1 files changed, 27 insertions, 9 deletions
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 2e7169b7cb..783fc20ad4 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -78,6 +78,11 @@ static int circuit_is_acceptable(circuit_t *circ,
return 0; /* this circuit is screwed and doesn't know it yet */
}
+ if (!circ->build_state->need_uptime &&
+ smartlist_string_num_isin(get_options()->LongLivedPorts,
+ conn->socks_request->port))
+ return 0;
+
if (conn->socks_request &&
conn->socks_request->command == SOCKS_COMMAND_RESOLVE) {
/* 0.0.8 servers have buggy resolve support. */
@@ -311,6 +316,7 @@ int circuit_stream_is_being_handled(connection_t *conn, uint16_t port, int min)
void circuit_build_needed_circs(time_t now) {
static long time_to_new_circuit = 0;
circuit_t *circ;
+ int need_uptime=0, need_capacity=1;
/* launch a new circ for any pending streams that need one */
connection_ap_attach_pending();
@@ -332,7 +338,7 @@ void circuit_build_needed_circs(time_t now) {
circ &&
circ->timestamp_created + TESTING_CIRCUIT_INTERVAL < now) {
log_fn(LOG_INFO,"Creating a new testing circuit.");
- circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL);
+ circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL, 0, 0);
}
}
@@ -353,8 +359,9 @@ void circuit_build_needed_circs(time_t now) {
/* if we know of a port that's been requested recently and no
* circuit is currently available that can handle it, start one
* for that too. */
- if (!circuit_all_predicted_ports_handled(now)) {
- circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL);
+ if (!circuit_all_predicted_ports_handled(now, &need_uptime, &need_capacity)) {
+ circuit_launch_by_identity(CIRCUIT_PURPOSE_C_GENERAL, NULL,
+ need_uptime, need_capacity);
}
/* XXX count idle rendezvous circs and build more */
@@ -637,7 +644,9 @@ static int did_circs_fail_last_period = 0;
* success. */
#define MAX_CIRCUIT_FAILURES 5
-circuit_t *circuit_launch_by_identity(uint8_t purpose, const char *exit_digest)
+circuit_t *
+circuit_launch_by_identity(uint8_t purpose, const char *exit_digest,
+ int need_uptime, int need_capacity)
{
if (!has_fetched_directory) {
log_fn(LOG_DEBUG,"Haven't fetched directory yet; canceling circuit launch.");
@@ -652,11 +661,14 @@ circuit_t *circuit_launch_by_identity(uint8_t purpose, const char *exit_digest)
}
/* try a circ. if it fails, circuit_mark_for_close will increment n_circuit_failures */
- return circuit_establish_circuit(purpose, exit_digest);
+ return circuit_establish_circuit(purpose, exit_digest,
+ need_uptime, need_capacity);
}
/** Launch a new circuit and return a pointer to it. Return NULL if you failed. */
-circuit_t *circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname)
+circuit_t *
+circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname,
+ int need_uptime, int need_capacity)
{
const char *digest = NULL;
@@ -668,7 +680,8 @@ circuit_t *circuit_launch_by_nickname(uint8_t purpose, const char *exit_nickname
}
digest = r->identity_digest;
}
- return circuit_launch_by_identity(purpose, digest);
+ return circuit_launch_by_identity(purpose, digest,
+ need_uptime, need_capacity);
}
/** Record another failure at opening a general circuit. When we have
@@ -704,6 +717,7 @@ circuit_get_open_circ_or_launch(connection_t *conn,
circuit_t *circ;
uint32_t addr;
int is_resolve;
+ int need_uptime;
tor_assert(conn);
tor_assert(circp);
@@ -729,10 +743,14 @@ circuit_get_open_circ_or_launch(connection_t *conn,
return 0;
}
+ need_uptime = smartlist_string_num_isin(get_options()->LongLivedPorts,
+ conn->socks_request->port);
+
/* Do we need to check exit policy? */
if (!is_resolve && !connection_edge_is_rendezvous_stream(conn)) {
addr = client_dns_lookup_entry(conn->socks_request->address);
- if (router_exit_policy_all_routers_reject(addr, conn->socks_request->port)) {
+ if (router_exit_policy_all_routers_reject(addr, conn->socks_request->port,
+ need_uptime)) {
log_fn(LOG_NOTICE,"No Tor server exists that allows exit to %s:%d. Rejecting.",
conn->socks_request->address, conn->socks_request->port);
return -1;
@@ -783,7 +801,7 @@ circuit_get_open_circ_or_launch(connection_t *conn,
else
new_circ_purpose = desired_circuit_purpose;
- circ = circuit_launch_by_nickname(new_circ_purpose, exitname);
+ circ = circuit_launch_by_nickname(new_circ_purpose, exitname, need_uptime, 1);
tor_free(exitname);
if (circ &&