diff options
| author | David Goulet <dgoulet@torproject.org> | 2019-05-29 14:05:16 -0400 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2019-08-06 07:58:14 -0400 |
| commit | 9f738be8937d675929b43a149d706160641a089d (patch) | |
| tree | 8a54a82b32bea028f6693f97e359899d3bd43aec /src/test/test_hs_intropoint.c | |
| parent | 4ee65a6f877e841739f037ad27d2d588ce4e0c51 (diff) | |
| download | tor-9f738be8937d675929b43a149d706160641a089d.tar.gz tor-9f738be8937d675929b43a149d706160641a089d.zip | |
hs: Limit the amount of relayed INTRODUCE2
This commit add the hs_dos.{c|h} file that has the purpose of having the
anti-DoS code for onion services.
At this commit, it only has one which is a function that decides if an
INTRODUCE2 can be sent on the given introduction service circuit (S<->IP)
using a simple token bucket.
The rate per second is 25 and allowed burst to 200.
Basic defenses on #15516.
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/test/test_hs_intropoint.c')
| -rw-r--r-- | src/test/test_hs_intropoint.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c index 0cdb1fef27..87338b448f 100644 --- a/src/test/test_hs_intropoint.c +++ b/src/test/test_hs_intropoint.c @@ -119,6 +119,8 @@ helper_create_intro_circuit(void) or_circuit_t *circ = or_circuit_new(0, NULL); tt_assert(circ); circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_OR); + token_bucket_ctr_init(&circ->introduce2_bucket, 100, 100, + (uint32_t) approx_time()); done: return circ; } |