diff options
author | Roger Dingledine <arma@torproject.org> | 2011-01-15 22:39:15 -0500 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2011-01-15 22:39:15 -0500 |
commit | 4ff97e3775316ceb500cb5d2a562ec5dfd8dfb23 (patch) | |
tree | 77b0407257fb8cd4cb94719df396969095d69e88 /src/or | |
parent | 8e9b25e6c7a2e70c370881ab5748651b1c7de66f (diff) | |
parent | 7699014e1e9e183d1fd840e59909bcf77ba3321b (diff) | |
download | tor-4ff97e3775316ceb500cb5d2a562ec5dfd8dfb23.tar.gz tor-4ff97e3775316ceb500cb5d2a562ec5dfd8dfb23.zip |
Merge branch 'maint-0.2.2'
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/circuitbuild.c | 84 | ||||
-rw-r--r-- | src/or/circuitbuild.h | 2 | ||||
-rw-r--r-- | src/or/circuitlist.c | 4 | ||||
-rw-r--r-- | src/or/connection_or.c | 8 | ||||
-rw-r--r-- | src/or/dirvote.h | 3 | ||||
-rw-r--r-- | src/or/networkstatus.c | 54 | ||||
-rw-r--r-- | src/or/networkstatus.h | 5 | ||||
-rw-r--r-- | src/or/or.h | 27 | ||||
-rw-r--r-- | src/or/relay.c | 6 | ||||
-rw-r--r-- | src/or/router.c | 2 | ||||
-rw-r--r-- | src/or/routerlist.c | 3 | ||||
-rw-r--r-- | src/or/routerparse.c | 3 |
12 files changed, 148 insertions, 53 deletions
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index d4505c29f9..fd02bae152 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -107,7 +107,7 @@ circuit_build_times_disabled(void) return 0; } else { int consensus_disabled = networkstatus_get_param(NULL, "cbtdisabled", - 0); + 0, 0, 1); int config_disabled = !get_options()->LearnCircuitBuildTimeout; int dirauth_disabled = get_options()->AuthoritativeDir; int state_disabled = (get_or_state()->LastWritten == -1); @@ -129,16 +129,19 @@ circuit_build_times_disabled(void) static int32_t circuit_build_times_max_timeouts(void) { - int32_t num = networkstatus_get_param(NULL, "cbtmaxtimeouts", - CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT); - return num; + return networkstatus_get_param(NULL, "cbtmaxtimeouts", + CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT, + CBT_MIN_MAX_RECENT_TIMEOUT_COUNT, + CBT_MAX_MAX_RECENT_TIMEOUT_COUNT); } static int32_t circuit_build_times_default_num_xm_modes(void) { int32_t num = networkstatus_get_param(NULL, "cbtnummodes", - CBT_DEFAULT_NUM_XM_MODES); + CBT_DEFAULT_NUM_XM_MODES, + CBT_MIN_NUM_XM_MODES, + CBT_MAX_NUM_XM_MODES); return num; } @@ -146,7 +149,9 @@ static int32_t circuit_build_times_min_circs_to_observe(void) { int32_t num = networkstatus_get_param(NULL, "cbtmincircs", - CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE); + CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE, + CBT_MIN_MIN_CIRCUITS_TO_OBSERVE, + CBT_MAX_MIN_CIRCUITS_TO_OBSERVE); return num; } @@ -162,24 +167,46 @@ double circuit_build_times_quantile_cutoff(void) { int32_t num = networkstatus_get_param(NULL, "cbtquantile", - CBT_DEFAULT_QUANTILE_CUTOFF); + CBT_DEFAULT_QUANTILE_CUTOFF, + CBT_MIN_QUANTILE_CUTOFF, + CBT_MAX_QUANTILE_CUTOFF); return num/100.0; } +int +circuit_build_times_get_bw_scale(networkstatus_t *ns) +{ + return networkstatus_get_param(ns, "bwweightscale", + BW_WEIGHT_SCALE, + BW_MIN_WEIGHT_SCALE, + BW_MAX_WEIGHT_SCALE); +} + static double circuit_build_times_close_quantile(void) { - int32_t num = networkstatus_get_param(NULL, "cbtclosequantile", - CBT_DEFAULT_CLOSE_QUANTILE); - - return num/100.0; + int32_t param; + /* Cast is safe - circuit_build_times_quantile_cutoff() is capped */ + int32_t min = (int)tor_lround(100*circuit_build_times_quantile_cutoff()); + param = networkstatus_get_param(NULL, "cbtclosequantile", + CBT_DEFAULT_CLOSE_QUANTILE, + CBT_MIN_CLOSE_QUANTILE, + CBT_MAX_CLOSE_QUANTILE); + if (param < min) { + log_warn(LD_DIR, "Consensus parameter cbtclosequantile is " + "too small, raising to %d", min); + param = min; + } + return param / 100.0; } static int32_t circuit_build_times_test_frequency(void) { int32_t num = networkstatus_get_param(NULL, "cbttestfreq", - CBT_DEFAULT_TEST_FREQUENCY); + CBT_DEFAULT_TEST_FREQUENCY, + CBT_MIN_TEST_FREQUENCY, + CBT_MAX_TEST_FREQUENCY); return num; } @@ -187,24 +214,35 @@ static int32_t circuit_build_times_min_timeout(void) { int32_t num = networkstatus_get_param(NULL, "cbtmintimeout", - CBT_DEFAULT_TIMEOUT_MIN_VALUE); + CBT_DEFAULT_TIMEOUT_MIN_VALUE, + CBT_MIN_TIMEOUT_MIN_VALUE, + CBT_MAX_TIMEOUT_MIN_VALUE); return num; } int32_t circuit_build_times_initial_timeout(void) { - int32_t num = networkstatus_get_param(NULL, "cbtinitialtimeout", - CBT_DEFAULT_TIMEOUT_INITIAL_VALUE); - return num; + int32_t min = circuit_build_times_min_timeout(); + int32_t param = networkstatus_get_param(NULL, "cbtinitialtimeout", + CBT_DEFAULT_TIMEOUT_INITIAL_VALUE, + CBT_MIN_TIMEOUT_INITIAL_VALUE, + CBT_MAX_TIMEOUT_INITIAL_VALUE); + if (param < min) { + log_warn(LD_DIR, "Consensus parameter cbtinitialtimeout is too small, " + "raising to %d", min); + param = min; + } + return param; } static int32_t -circuit_build_times_recent_circuit_count(void) +circuit_build_times_recent_circuit_count(networkstatus_t *ns) { - int32_t num = networkstatus_get_param(NULL, "cbtrecentcount", - CBT_DEFAULT_RECENT_CIRCUITS); - return num; + return networkstatus_get_param(ns, "cbtrecentcount", + CBT_DEFAULT_RECENT_CIRCUITS, + CBT_MIN_RECENT_CIRCUITS, + CBT_MAX_RECENT_CIRCUITS); } /** @@ -217,8 +255,7 @@ void circuit_build_times_new_consensus_params(circuit_build_times_t *cbt, networkstatus_t *ns) { - int32_t num = networkstatus_get_param(ns, "cbtrecentcount", - CBT_DEFAULT_RECENT_CIRCUITS); + int32_t num = circuit_build_times_recent_circuit_count(ns); if (num > 0 && num != cbt->liveness.num_recent_circs) { int8_t *recent_circs; @@ -308,7 +345,8 @@ void circuit_build_times_init(circuit_build_times_t *cbt) { memset(cbt, 0, sizeof(*cbt)); - cbt->liveness.num_recent_circs = circuit_build_times_recent_circuit_count(); + cbt->liveness.num_recent_circs = + circuit_build_times_recent_circuit_count(NULL); cbt->liveness.timeouts_after_firsthop = tor_malloc_zero(sizeof(int8_t)* cbt->liveness.num_recent_circs); cbt->close_ms = cbt->timeout_ms = circuit_build_times_get_initial_timeout(); diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index c664440eb1..33d483df87 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -122,5 +122,7 @@ void circuit_build_times_network_is_live(circuit_build_times_t *cbt); int circuit_build_times_network_check_live(circuit_build_times_t *cbt); void circuit_build_times_network_circ_success(circuit_build_times_t *cbt); +int circuit_build_times_get_bw_scale(networkstatus_t *ns); + #endif diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index d033cc6321..d5c74ee7b6 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -382,7 +382,9 @@ circuit_purpose_to_controller_string(uint8_t purpose) int32_t circuit_initial_package_window(void) { - int32_t num = networkstatus_get_param(NULL, "circwindow", CIRCWINDOW_START); + int32_t num = networkstatus_get_param(NULL, "circwindow", CIRCWINDOW_START, + CIRCWINDOW_START_MIN, + CIRCWINDOW_START_MAX); /* If the consensus tells us a negative number, we'd assert. */ if (num < 0) num = CIRCWINDOW_START; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 5b440bc7ce..5e28f94314 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -391,11 +391,11 @@ connection_or_update_token_buckets_helper(or_connection_t *conn, int reset, * bandwidth parameters in the consensus, but allow local config * options to override. */ rate = options->PerConnBWRate ? (int)options->PerConnBWRate : - (int)networkstatus_get_param(NULL, "perconnbwrate", - (int)options->BandwidthRate); + networkstatus_get_param(NULL, "perconnbwrate", + (int)options->BandwidthRate, 1, INT32_MAX); burst = options->PerConnBWBurst ? (int)options->PerConnBWBurst : - (int)networkstatus_get_param(NULL, "perconnbwburst", - (int)options->BandwidthBurst); + networkstatus_get_param(NULL, "perconnbwburst", + (int)options->BandwidthBurst, 1, INT32_MAX); } conn->bandwidthrate = rate; diff --git a/src/or/dirvote.h b/src/or/dirvote.h index b2b8d282ed..97bed5ee68 100644 --- a/src/or/dirvote.h +++ b/src/or/dirvote.h @@ -19,9 +19,6 @@ /** Smallest allowable voting interval. */ #define MIN_VOTE_INTERVAL 300 -/** Precision multiplier for the Bw weights */ -#define BW_WEIGHT_SCALE 10000 - void dirvote_free_all(void); /* vote manipulation */ diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 68dc9f6712..cccb1c0b6e 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -2154,32 +2154,52 @@ networkstatus_dump_bridge_status_to_file(time_t now) tor_free(status); } -int32_t +static int32_t get_net_param_from_list(smartlist_t *net_params, const char *param_name, - int default_val) + int32_t default_val, int32_t min_val, int32_t max_val) { + int32_t res = default_val; size_t name_len = strlen(param_name); + tor_assert(max_val > min_val); + tor_assert(min_val <= default_val); + tor_assert(max_val >= default_val); + SMARTLIST_FOREACH_BEGIN(net_params, const char *, p) { if (!strcmpstart(p, param_name) && p[name_len] == '=') { int ok=0; long v = tor_parse_long(p+name_len+1, 10, INT32_MIN, INT32_MAX, &ok, NULL); - if (ok) - return (int32_t) v; + if (ok) { + res = (int32_t) v; + break; + } } } SMARTLIST_FOREACH_END(p); - return default_val; + if (res < min_val) { + log_warn(LD_DIR, "Consensus parameter %s is too small. Got %d, raising to " + "%d.", param_name, res, min_val); + res = min_val; + } else if (res > max_val) { + log_warn(LD_DIR, "Consensus parameter %s is too large. Got %d, capping to " + "%d.", param_name, res, max_val); + res = max_val; + } + + return res; } /** Return the value of a integer parameter from the networkstatus <b>ns</b> * whose name is <b>param_name</b>. If <b>ns</b> is NULL, try loading the * latest consensus ourselves. Return <b>default_val</b> if no latest - * consensus, or if it has no parameter called <b>param_name</b>. */ + * consensus, or if it has no parameter called <b>param_name</b>. + * Make sure the value parsed from the consensus is at least + * <b>min_val</b> and at most <b>max_val</b> and raise/cap the parsed value + * if necessary. */ int32_t networkstatus_get_param(networkstatus_t *ns, const char *param_name, - int32_t default_val) + int32_t default_val, int32_t min_val, int32_t max_val) { if (!ns) /* if they pass in null, go find it ourselves */ ns = networkstatus_get_latest_consensus(); @@ -2187,24 +2207,36 @@ networkstatus_get_param(networkstatus_t *ns, const char *param_name, if (!ns || !ns->net_params) return default_val; - return get_net_param_from_list(ns->net_params, param_name, default_val); + return get_net_param_from_list(ns->net_params, param_name, + default_val, min_val, max_val); } /** Return the value of a integer bw weight parameter from the networkstatus * <b>ns</b> whose name is <b>weight_name</b>. If <b>ns</b> is NULL, try * loading the latest consensus ourselves. Return <b>default_val</b> if no - * latest consensus, or if it has no parameter called <b>param_name</b>. */ + * latest consensus, or if it has no parameter called <b>weight_name</b>. */ int32_t networkstatus_get_bw_weight(networkstatus_t *ns, const char *weight_name, - int32_t default_val) + int32_t default_val) { + int32_t param; + int max; if (!ns) /* if they pass in null, go find it ourselves */ ns = networkstatus_get_latest_consensus(); if (!ns || !ns->weight_params) return default_val; - return get_net_param_from_list(ns->weight_params, weight_name, default_val); + max = circuit_build_times_get_bw_scale(ns); + param = get_net_param_from_list(ns->weight_params, weight_name, + default_val, -1, + BW_MAX_WEIGHT_SCALE); + if (param > max) { + log_warn(LD_DIR, "Value of consensus weight %s was too large, capping " + "to %d", weight_name, max); + param = max; + } + return param; } /** Return the name of the consensus flavor <b>flav</b> as used to identify diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h index e01e6b5288..38fac557df 100644 --- a/src/or/networkstatus.h +++ b/src/or/networkstatus.h @@ -96,10 +96,9 @@ void signed_descs_update_status_from_consensus_networkstatus( char *networkstatus_getinfo_helper_single(const routerstatus_t *rs); char *networkstatus_getinfo_by_purpose(const char *purpose_string, time_t now); void networkstatus_dump_bridge_status_to_file(time_t now); -int32_t get_net_param_from_list(smartlist_t *net_params, const char *name, - int default_val); int32_t networkstatus_get_param(networkstatus_t *ns, const char *param_name, - int32_t default_val); + int32_t default_val, int32_t min_val, + int32_t max_val); int getinfo_helper_networkstatus(control_connection_t *conn, const char *question, char **answer, const char **errmsg); diff --git a/src/or/or.h b/src/or/or.h index b4ebe64841..9672b41584 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -774,6 +774,8 @@ typedef enum { /** Initial value for both sides of a circuit transmission window when the * circuit is initialized. Measured in cells. */ #define CIRCWINDOW_START 1000 +#define CIRCWINDOW_START_MIN 100 +#define CIRCWINDOW_START_MAX 1000 /** Amount to increment a circuit window when we get a circuit SENDME. */ #define CIRCWINDOW_INCREMENT 100 /** Initial value on both sides of a stream transmission window when the @@ -3110,6 +3112,11 @@ struct socks_request_t { /* Circuit Build Timeout "public" structures. */ +/** Precision multiplier for the Bw weights */ +#define BW_WEIGHT_SCALE 10000 +#define BW_MIN_WEIGHT_SCALE 1 +#define BW_MAX_WEIGHT_SCALE INT32_MAX + /** Total size of the circuit timeout history to accumulate. * 1000 is approx 2.5 days worth of continual-use circuits. */ #define CBT_NCIRCUITS_TO_OBSERVE 1000 @@ -3119,6 +3126,8 @@ struct socks_request_t { /** Number of modes to use in the weighted-avg computation of Xm */ #define CBT_DEFAULT_NUM_XM_MODES 3 +#define CBT_MIN_NUM_XM_MODES 1 +#define CBT_MAX_NUM_XM_MODES 20 /** A build_time_t is milliseconds */ typedef uint32_t build_time_t; @@ -3140,12 +3149,16 @@ typedef uint32_t build_time_t; * build in terms of CDF quantile. */ #define CBT_DEFAULT_CLOSE_QUANTILE 95 +#define CBT_MIN_CLOSE_QUANTILE CBT_MIN_QUANTILE_CUTOFF +#define CBT_MAX_CLOSE_QUANTILE CBT_MAX_QUANTILE_CUTOFF /** * How many circuits count as recent when considering if the * connection has gone gimpy or changed. */ #define CBT_DEFAULT_RECENT_CIRCUITS 20 +#define CBT_MIN_RECENT_CIRCUITS 3 +#define CBT_MAX_RECENT_CIRCUITS 1000 /** * Maximum count of timeouts that finish the first hop in the past @@ -3156,25 +3169,37 @@ typedef uint32_t build_time_t; * gives us. */ #define CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT (CBT_DEFAULT_RECENT_CIRCUITS*9/10) +#define CBT_MIN_MAX_RECENT_TIMEOUT_COUNT 3 +#define CBT_MAX_MAX_RECENT_TIMEOUT_COUNT 10000 /** Minimum circuits before estimating a timeout */ #define CBT_DEFAULT_MIN_CIRCUITS_TO_OBSERVE 100 +#define CBT_MIN_MIN_CIRCUITS_TO_OBSERVE 1 +#define CBT_MAX_MIN_CIRCUITS_TO_OBSERVE 10000 /** Cutoff percentile on the CDF for our timeout estimation. */ #define CBT_DEFAULT_QUANTILE_CUTOFF 80 +#define CBT_MIN_QUANTILE_CUTOFF 10 +#define CBT_MAX_QUANTILE_CUTOFF 99 double circuit_build_times_quantile_cutoff(void); /** How often in seconds should we build a test circuit */ #define CBT_DEFAULT_TEST_FREQUENCY 60 +#define CBT_MIN_TEST_FREQUENCY 1 +#define CBT_MAX_TEST_FREQUENCY INT32_MAX /** Lowest allowable value for CircuitBuildTimeout in milliseconds */ #define CBT_DEFAULT_TIMEOUT_MIN_VALUE (1500) +#define CBT_MIN_TIMEOUT_MIN_VALUE 500 +#define CBT_MAX_TIMEOUT_MIN_VALUE INT32_MAX /** Initial circuit build timeout in milliseconds */ #define CBT_DEFAULT_TIMEOUT_INITIAL_VALUE (60*1000) +#define CBT_MIN_TIMEOUT_INITIAL_VALUE CBT_MIN_TIMEOUT_MIN_VALUE +#define CBT_MAX_TIMEOUT_INITIAL_VALUE INT32_MAX int32_t circuit_build_times_initial_timeout(void); -#if CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT < 1 +#if CBT_DEFAULT_MAX_RECENT_TIMEOUT_COUNT < CBT_MIN_MAX_RECENT_TIMEOUT_COUNT #error "RECENT_CIRCUITS is set too low." #endif diff --git a/src/or/relay.c b/src/or/relay.c index c2035b0266..ec8e9ac8da 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1993,9 +1993,9 @@ cell_ewma_set_scale_factor(or_options_t *options, networkstatus_t *consensus) if (options && options->CircuitPriorityHalflife >= -EPSILON) { halflife = options->CircuitPriorityHalflife; source = "CircuitPriorityHalflife in configuration"; - } else if (consensus && - (halflife_ms = networkstatus_get_param( - consensus, "CircuitPriorityHalflifeMsec", -1)) >= 0) { + } else if (consensus && (halflife_ms = networkstatus_get_param( + consensus, "CircuitPriorityHalflifeMsec", + -1, -1, INT32_MAX)) >= 0) { halflife = ((double)halflife_ms)/1000.0; source = "CircuitPriorityHalflifeMsec in consensus"; } else { diff --git a/src/or/router.c b/src/or/router.c index 1748652ff9..56f44ccc5f 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1073,7 +1073,7 @@ should_refuse_unknown_exits(or_options_t *options) if (options->RefuseUnknownExits_ != -1) { return options->RefuseUnknownExits_; } else { - return networkstatus_get_param(NULL, "refuseunknownexits", 1); + return networkstatus_get_param(NULL, "refuseunknownexits", 1, 0, 1); } } diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 96cc01b960..380e34b99c 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1656,8 +1656,7 @@ smartlist_choose_node_by_bandwidth_weights(smartlist_t *sl, return NULL; } - weight_scale = networkstatus_get_param(NULL, "bwweightscale", - BW_WEIGHT_SCALE); + weight_scale = circuit_build_times_get_bw_scale(NULL); if (rule == WEIGHT_FOR_GUARD) { Wg = networkstatus_get_bw_weight(NULL, "Wgg", -1); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index fbceda1072..2bd370a056 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -11,6 +11,7 @@ #include "or.h" #include "config.h" +#include "circuitbuild.h" #include "dirserv.h" #include "dirvote.h" #include "policies.h" @@ -2373,7 +2374,7 @@ networkstatus_verify_bw_weights(networkstatus_t *ns) const char *casename = NULL; int valid = 1; - weight_scale = networkstatus_get_param(ns, "bwweightscale", BW_WEIGHT_SCALE); + weight_scale = circuit_build_times_get_bw_scale(ns); Wgg = networkstatus_get_bw_weight(ns, "Wgg", -1); Wgm = networkstatus_get_bw_weight(ns, "Wgm", -1); Wgd = networkstatus_get_bw_weight(ns, "Wgd", -1); |