diff options
| author | David Goulet <dgoulet@torproject.org> | 2018-01-29 11:50:11 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2018-01-30 09:18:16 -0500 |
| commit | e58a4fc6cfcdeafc2ebfb61fd3cf6d163ce2436c (patch) | |
| tree | 3747d076cdafbdab0ebe518f006f79f2395c8ad2 /src/or/or.h | |
| parent | a3714268f659998dc879ed723852440cd8be1b04 (diff) | |
| download | tor-e58a4fc6cfcdeafc2ebfb61fd3cf6d163ce2436c.tar.gz tor-e58a4fc6cfcdeafc2ebfb61fd3cf6d163ce2436c.zip | |
dos: Make circuit rate limit per second, not tenths anymore
Because this touches too many commits at once, it is made into one single
commit.
Remove the use of "tenths" for the circuit rate to simplify things. We can
only refill the buckets at best once every second because of the use of
approx_time() and our token system is set to be 1 token = 1 circuit so make
the rate a flat integer of circuit per second.
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/or/or.h')
| -rw-r--r-- | src/or/or.h | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/src/or/or.h b/src/or/or.h index 454d05ed52..024a9cff0f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -4520,9 +4520,8 @@ typedef struct { /** Minimum concurrent connection needed from one single address before any * defense is used. */ int DoSCircuitCreationMinConnections; - /** Circuit rate, in tenths of a second, that is used to refill the token - * bucket at this given rate. */ - int DoSCircuitCreationRateTenths; + /** Circuit rate used to refill the token bucket. */ + int DoSCircuitCreationRate; /** Maximum allowed burst of circuits. Reaching that value, the address is * detected as malicious and a defense might be used. */ int DoSCircuitCreationBurst; |