diff options
| author | Nick Mathewson <nickm@torproject.org> | 2018-02-16 09:41:06 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2018-02-16 09:41:06 -0500 |
| commit | cb92d47deca15c44dd52cad6fc326520648c632e (patch) | |
| tree | 4a13531c5add07457232ad2d112e0cc17d2a7da6 /src/or/config.c | |
| parent | 2b99350ca4c905db1bd4f1aecc630b4f55933e96 (diff) | |
| parent | e7f631478254c38d6d8b1bea65840b4c6429e4f4 (diff) | |
| download | tor-cb92d47deca15c44dd52cad6fc326520648c632e.tar.gz tor-cb92d47deca15c44dd52cad6fc326520648c632e.zip | |
Merge remote-tracking branch 'dgoulet/ticket24902_029_05' into maint-0.2.9
Diffstat (limited to 'src/or/config.c')
| -rw-r--r-- | src/or/config.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index 42ff25877e..3b40274339 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -29,6 +29,7 @@ #include "dirserv.h" #include "dirvote.h" #include "dns.h" +#include "dos.h" #include "entrynodes.h" #include "geoip.h" #include "hibernate.h" @@ -241,6 +242,19 @@ static config_var_t option_vars_[] = { OBSOLETE("DynamicDHGroups"), VPORT(DNSPort, LINELIST, NULL), V(DNSListenAddress, LINELIST, NULL), + /* DoS circuit creation options. */ + V(DoSCircuitCreationEnabled, AUTOBOOL, "auto"), + V(DoSCircuitCreationMinConnections, UINT, "0"), + V(DoSCircuitCreationRate, UINT, "0"), + V(DoSCircuitCreationBurst, UINT, "0"), + V(DoSCircuitCreationDefenseType, INT, "0"), + V(DoSCircuitCreationDefenseTimePeriod, INTERVAL, "0"), + /* DoS connection options. */ + V(DoSConnectionEnabled, AUTOBOOL, "auto"), + V(DoSConnectionMaxConcurrentCount, UINT, "0"), + V(DoSConnectionDefenseType, INT, "0"), + /* DoS single hop client options. */ + V(DoSRefuseSingleHopClientRendezvous, AUTOBOOL, "auto"), V(DownloadExtraInfo, BOOL, "0"), V(TestingEnableConnBwEvent, BOOL, "0"), V(TestingEnableCellStatsEvent, BOOL, "0"), @@ -2039,6 +2053,17 @@ options_act(const or_options_t *old_options) } } + /* DoS mitigation subsystem only applies to public relay. */ + if (public_server_mode(options)) { + /* If we are configured as a relay, initialize the subsystem. Even on HUP, + * this is safe to call as it will load data from the current options + * or/and the consensus. */ + dos_init(); + } else if (old_options && public_server_mode(old_options)) { + /* Going from relay to non relay, clean it up. */ + dos_free_all(); + } + /* Load the webpage we're going to serve every time someone asks for '/' on our DirPort. */ tor_free(global_dirfrontpagecontents); |