diff options
-rw-r--r-- | changes/feature5956 | 4 | ||||
-rw-r--r-- | doc/tor.1.txt | 12 | ||||
-rw-r--r-- | src/or/config.c | 13 | ||||
-rw-r--r-- | src/or/nodelist.c | 21 | ||||
-rw-r--r-- | src/or/or.h | 3 |
5 files changed, 48 insertions, 5 deletions
diff --git a/changes/feature5956 b/changes/feature5956 index dbc6a1ef80..2e18810588 100644 --- a/changes/feature5956 +++ b/changes/feature5956 @@ -3,4 +3,6 @@ instead of looking at raw circuit counts, look at which fraction of (bandwidth-weighted) paths we're able to build. This approach keeps clients from building circuits if their paths are likely to stand out - statistically. Fixes issue 5956. + statistically. The default fraction of paths needed is taken from the + consensus directory; you can override it with the new + PathsNeededToBuildCircuits option. Fixes issue 5956. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 40cf66dbc4..2b616bd26c 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1282,6 +1282,18 @@ The following options are useful only for clients (that is, if things may influence the choice. This option breaks a tie to the favor of IPv6. (Default: 0) +**PathsNeededToBuildCircuits** __NUM__:: + Tor clients don't build circuits for user traffic until they know + about enough of the network so that they could potentially construct + enough of the possible paths through the network. If this option + is set to a fraction between 0.25 and 0.95, Tor won't build circuits + until it has enough descriptors or microdescriptors to construct + that fraction of possible paths. Note that setting this option too low + can make your Tor client less anonymous, and setting it too high can + prevent your Tor client from bootstrapping. If this option is negative, + Tor will use a default value chosen by the directory + authorities. (Default: -1.) + SERVER OPTIONS -------------- diff --git a/src/or/config.c b/src/or/config.c index 4349b670b0..e503645468 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -325,6 +325,7 @@ static config_var_t option_vars_[] = { V(PathBiasDropGuards, AUTOBOOL, "0"), V(PathBiasUseCloseCounts, AUTOBOOL, "1"), + V(PathsNeededToBuildCircuits, DOUBLE, "-1"), OBSOLETE("PathlenCoinWeight"), V(PerConnBWBurst, MEMUNIT, "0"), V(PerConnBWRate, MEMUNIT, "0"), @@ -2386,6 +2387,18 @@ options_validate(or_options_t *old_options, or_options_t *options, return -1; } + if (options->PathsNeededToBuildCircuits >= 0.0) { + if (options->PathsNeededToBuildCircuits < 0.25) { + log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too low. Increasing " + "to 0.25"); + options->PathsNeededToBuildCircuits = 0.25; + } else if (options->PathsNeededToBuildCircuits < 0.95) { + log_warn(LD_CONFIG, "PathsNeededToBuildCircuits is too high. Decreasing " + "to 0.95"); + options->PathsNeededToBuildCircuits = 0.95; + } + } + if (options->MaxClientCircuitsPending <= 0 || options->MaxClientCircuitsPending > MAX_MAX_CLIENT_CIRCUITS_PENDING) { tor_asprintf(msg, diff --git a/src/or/nodelist.c b/src/or/nodelist.c index 77e4ae0fed..4d7395b047 100644 --- a/src/or/nodelist.c +++ b/src/or/nodelist.c @@ -1387,6 +1387,22 @@ count_loading_descriptors_progress(void) BOOTSTRAP_STATUS_LOADING_DESCRIPTORS)); } +/** Return the fraction of paths needed before we're willing to build + * circuits, as configured in <b>options</b>, or in the consensus <b>ns</b>. */ +static double +get_frac_paths_needed_for_circs(const or_options_t *options, + const networkstatus_t *ns) +{ +#define DFLT_PCT_USABLE_NEEDED 60 + if (options->PathsNeededToBuildCircuits >= 1.0) { + return options->PathsNeededToBuildCircuits; + } else { + return networkstatus_get_param(ns, "min_paths_for_circs_pct", + DFLT_PCT_USABLE_NEEDED, + 25, 95)/100.0; + } +} + /** Change the value of have_min_dir_info, setting it true iff we have enough * network and router information to build circuits. Clear the value of * need_to_update_have_min_dir_info. */ @@ -1428,10 +1444,7 @@ update_router_have_minimum_dir_info(void) &num_present, &num_usable, &status); -/* What fraction of desired paths do we need before we will build circuits? */ -#define FRAC_USABLE_NEEDED .6 - - if (paths < FRAC_USABLE_NEEDED) { + if (paths < get_frac_paths_needed_for_circs(options,consensus)) { tor_snprintf(dir_info_status, sizeof(dir_info_status), "We need more %sdescriptors: we have %d/%d, and " "can only build %02d%% of likely paths. (We have %s.)", diff --git a/src/or/or.h b/src/or/or.h index a6f3d3e88a..4c76adf98f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3918,6 +3918,9 @@ typedef struct { /** Autobool: should we use the ntor handshake if we can? */ int UseNTorHandshake; + + /** Fraction: */ + double PathsNeededToBuildCircuits; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ |