summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
Diffstat (limited to 'src/or')
-rw-r--r--src/or/buffers.c112
-rw-r--r--src/or/buffers.h8
-rw-r--r--src/or/circuitbuild.c11
-rw-r--r--src/or/circuitlist.c167
-rw-r--r--src/or/circuitlist.h7
-rw-r--r--src/or/config.c49
-rw-r--r--src/or/connection.c8
-rw-r--r--src/or/control.c6
-rw-r--r--src/or/directory.c26
-rw-r--r--src/or/directory.h2
-rw-r--r--src/or/dirserv.c33
-rw-r--r--src/or/entrynodes.c10
-rw-r--r--src/or/main.c12
-rw-r--r--src/or/microdesc.c2
-rw-r--r--src/or/networkstatus.c36
-rw-r--r--src/or/networkstatus.h2
-rw-r--r--src/or/nodelist.c10
-rw-r--r--src/or/or.h19
-rw-r--r--src/or/policies.c28
-rw-r--r--src/or/policies.h2
-rw-r--r--src/or/relay.c17
-rw-r--r--src/or/relay.h2
-rw-r--r--src/or/rephist.c20
-rw-r--r--src/or/router.c23
-rw-r--r--src/or/routerlist.c9
-rw-r--r--src/or/routerparse.c3
26 files changed, 444 insertions, 180 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 50016d3a86..012ced6d32 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -62,6 +62,8 @@ static int parse_socks_client(const uint8_t *data, size_t datalen,
int state, char **reason,
ssize_t *drain_out);
+#define DEBUG_CHUNK_ALLOC
+
/* Chunk manipulation functions */
/** A single chunk on a buffer or in a freelist. */
@@ -69,7 +71,12 @@ typedef struct chunk_t {
struct chunk_t *next; /**< The next chunk on the buffer or freelist. */
size_t datalen; /**< The number of bytes stored in this chunk */
size_t memlen; /**< The number of usable bytes of storage in <b>mem</b>. */
+#ifdef DEBUG_CHUNK_ALLOC
+ size_t DBG_alloc;
+#endif
char *data; /**< A pointer to the first byte of data stored in <b>mem</b>. */
+ uint32_t inserted_time; /**< Timestamp in truncated ms since epoch
+ * when this chunk was inserted. */
char mem[FLEXIBLE_ARRAY_MEMBER]; /**< The actual memory used for storage in
* this chunk. */
} chunk_t;
@@ -141,6 +148,9 @@ static chunk_freelist_t freelists[] = {
* could help with? */
static uint64_t n_freelist_miss = 0;
+/** DOCDOC */
+static size_t total_bytes_allocated_in_chunks = 0;
+
static void assert_freelist_ok(chunk_freelist_t *fl);
/** Return the freelist to hold chunks of size <b>alloc</b>, or NULL if
@@ -174,6 +184,11 @@ chunk_free_unchecked(chunk_t *chunk)
} else {
if (freelist)
++freelist->n_free;
+#ifdef DEBUG_CHUNK_ALLOC
+ tor_assert(alloc == chunk->DBG_alloc);
+#endif
+ tor_assert(total_bytes_allocated_in_chunks >= alloc);
+ total_bytes_allocated_in_chunks -= alloc;
tor_free(chunk);
}
}
@@ -200,6 +215,10 @@ chunk_new_with_alloc_size(size_t alloc)
else
++n_freelist_miss;
ch = tor_malloc(alloc);
+#ifdef DEBUG_CHUNK_ALLOC
+ ch->DBG_alloc = alloc;
+#endif
+ total_bytes_allocated_in_chunks += alloc;
}
ch->next = NULL;
ch->datalen = 0;
@@ -211,6 +230,14 @@ chunk_new_with_alloc_size(size_t alloc)
static void
chunk_free_unchecked(chunk_t *chunk)
{
+ if (!chunk)
+ return;
+#ifdef DEBUG_CHUNK_ALLOC
+ tor_assert(CHUNK_ALLOC_SIZE(chunk->memlen) == chunk->DBG_alloc);
+#endif
+ tor_assert(total_bytes_allocated_in_chunks >=
+ CHUNK_ALLOC_SIZE(chunk->memlen));
+ total_bytes_allocated_in_chunks -= CHUNK_ALLOC_SIZE(chunk->memlen);
tor_free(chunk);
}
static INLINE chunk_t *
@@ -220,7 +247,11 @@ chunk_new_with_alloc_size(size_t alloc)
ch = tor_malloc(alloc);
ch->next = NULL;
ch->datalen = 0;
+#ifdef DEBUG_CHUNK_ALLOC
+ ch->DBG_alloc = alloc;
+#endif
ch->memlen = CHUNK_SIZE_WITH_ALLOC(alloc);
+ total_bytes_allocated_in_chunks += alloc;
ch->data = &ch->mem[0];
return ch;
}
@@ -232,11 +263,18 @@ static INLINE chunk_t *
chunk_grow(chunk_t *chunk, size_t sz)
{
off_t offset;
+ size_t memlen_orig = chunk->memlen;
tor_assert(sz > chunk->memlen);
offset = chunk->data - chunk->mem;
chunk = tor_realloc(chunk, CHUNK_ALLOC_SIZE(sz));
chunk->memlen = sz;
chunk->data = chunk->mem + offset;
+#ifdef DEBUG_CHUNK_ALLOC
+ tor_assert(chunk->DBG_alloc == CHUNK_ALLOC_SIZE(memlen_orig));
+ chunk->DBG_alloc = CHUNK_ALLOC_SIZE(sz);
+#endif
+ total_bytes_allocated_in_chunks +=
+ CHUNK_ALLOC_SIZE(sz) - CHUNK_ALLOC_SIZE(memlen_orig);
return chunk;
}
@@ -261,12 +299,14 @@ preferred_chunk_size(size_t target)
}
/** Remove from the freelists most chunks that have not been used since the
- * last call to buf_shrink_freelists(). */
-void
+ * last call to buf_shrink_freelists(). Return the amount of memory
+ * freed. */
+size_t
buf_shrink_freelists(int free_all)
{
#ifdef ENABLE_BUF_FREELISTS
int i;
+ size_t total_freed = 0;
disable_control_logging();
for (i = 0; freelists[i].alloc_size; ++i) {
int slack = freelists[i].slack;
@@ -298,6 +338,13 @@ buf_shrink_freelists(int free_all)
*chp = NULL;
while (chunk) {
chunk_t *next = chunk->next;
+#ifdef DEBUG_CHUNK_ALLOC
+ tor_assert(chunk->DBG_alloc == CHUNK_ALLOC_SIZE(chunk->memlen));
+#endif
+ tor_assert(total_bytes_allocated_in_chunks >=
+ CHUNK_ALLOC_SIZE(chunk->memlen));
+ total_bytes_allocated_in_chunks -= CHUNK_ALLOC_SIZE(chunk->memlen);
+ total_freed += CHUNK_ALLOC_SIZE(chunk->memlen);
tor_free(chunk);
chunk = next;
--n_to_free;
@@ -315,18 +362,21 @@ buf_shrink_freelists(int free_all)
}
// tor_assert(!n_to_free);
freelists[i].cur_length = new_length;
+ tor_assert(orig_n_to_skip == new_length);
log_info(LD_MM, "Cleaned freelist for %d-byte chunks: original "
- "length %d, kept %d, dropped %d.",
+ "length %d, kept %d, dropped %d. New length is %d",
(int)freelists[i].alloc_size, orig_length,
- orig_n_to_skip, orig_n_to_free);
+ orig_n_to_skip, orig_n_to_free, new_length);
}
freelists[i].lowest_length = freelists[i].cur_length;
assert_freelist_ok(&freelists[i]);
}
done:
enable_control_logging();
+ return total_freed;
#else
(void) free_all;
+ return 0;
#endif
}
@@ -376,9 +426,10 @@ struct buf_t {
*
* If <b>nulterminate</b> is true, ensure that there is a 0 byte in
* buf->head->mem right after all the data. */
-static void
+STATIC void
buf_pullup(buf_t *buf, size_t bytes, int nulterminate)
{
+ /* XXXX nothing uses nulterminate; remove it. */
chunk_t *dest, *src;
size_t capacity;
if (!buf->head)
@@ -450,6 +501,20 @@ buf_pullup(buf_t *buf, size_t bytes, int nulterminate)
check();
}
+#ifdef TOR_UNIT_TESTS
+void
+buf_get_first_chunk_data(const buf_t *buf, const char **cp, size_t *sz)
+{
+ if (!buf || !buf->head) {
+ *cp = NULL;
+ *sz = 0;
+ } else {
+ *cp = buf->head->data;
+ *sz = buf->head->datalen;
+ }
+}
+#endif
+
/** Resize buf so it won't hold extra memory that we haven't been
* using lately.
*/
@@ -504,6 +569,12 @@ buf_new(void)
return buf;
}
+size_t
+buf_get_default_chunk_size(const buf_t *buf)
+{
+ return buf->default_chunk_size;
+}
+
/** Remove all data from <b>buf</b>. */
void
buf_clear(buf_t *buf)
@@ -531,7 +602,7 @@ buf_allocation(const buf_t *buf)
size_t total = 0;
const chunk_t *chunk;
for (chunk = buf->head; chunk; chunk = chunk->next) {
- total += chunk->memlen;
+ total += CHUNK_ALLOC_SIZE(chunk->memlen);
}
return total;
}
@@ -564,6 +635,10 @@ static chunk_t *
chunk_copy(const chunk_t *in_chunk)
{
chunk_t *newch = tor_memdup(in_chunk, CHUNK_ALLOC_SIZE(in_chunk->memlen));
+ total_bytes_allocated_in_chunks += CHUNK_ALLOC_SIZE(in_chunk->memlen);
+#ifdef DEBUG_CHUNK_ALLOC
+ newch->DBG_alloc = CHUNK_ALLOC_SIZE(in_chunk->memlen);
+#endif
newch->next = NULL;
if (in_chunk->data) {
off_t offset = in_chunk->data - in_chunk->mem;
@@ -599,6 +674,7 @@ static chunk_t *
buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped)
{
chunk_t *chunk;
+ struct timeval now;
if (CHUNK_ALLOC_SIZE(capacity) < buf->default_chunk_size) {
chunk = chunk_new_with_alloc_size(buf->default_chunk_size);
} else if (capped && CHUNK_ALLOC_SIZE(capacity) > MAX_CHUNK_ALLOC) {
@@ -606,6 +682,10 @@ buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped)
} else {
chunk = chunk_new_with_alloc_size(preferred_chunk_size(capacity));
}
+
+ tor_gettimeofday_cached_monotonic(&now);
+ chunk->inserted_time = (uint32_t)tv_to_msec(&now);
+
if (buf->tail) {
tor_assert(buf->head);
buf->tail->next = chunk;
@@ -618,6 +698,26 @@ buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped)
return chunk;
}
+/** Return the age of the oldest chunk in the buffer <b>buf</b>, in
+ * milliseconds. Requires the current time, in truncated milliseconds since
+ * the epoch, as its input <b>now</b>.
+ */
+uint32_t
+buf_get_oldest_chunk_timestamp(const buf_t *buf, uint32_t now)
+{
+ if (buf->head) {
+ return now - buf->head->inserted_time;
+ } else {
+ return 0;
+ }
+}
+
+size_t
+buf_get_total_allocation(void)
+{
+ return total_bytes_allocated_in_chunks;
+}
+
/** Read up to <b>at_most</b> bytes from the socket <b>fd</b> into
* <b>chunk</b> (which must be on <b>buf</b>). If we get an EOF, set
* *<b>reached_eof</b> to 1. Return -1 on error, 0 on eof or blocking,
diff --git a/src/or/buffers.h b/src/or/buffers.h
index 48b1185204..a201282da6 100644
--- a/src/or/buffers.h
+++ b/src/or/buffers.h
@@ -16,17 +16,21 @@
buf_t *buf_new(void);
buf_t *buf_new_with_capacity(size_t size);
+size_t buf_get_default_chunk_size(const buf_t *buf);
void buf_free(buf_t *buf);
void buf_clear(buf_t *buf);
buf_t *buf_copy(const buf_t *buf);
void buf_shrink(buf_t *buf);
-void buf_shrink_freelists(int free_all);
+size_t buf_shrink_freelists(int free_all);
void buf_dump_freelist_sizes(int severity);
size_t buf_datalen(const buf_t *buf);
size_t buf_allocation(const buf_t *buf);
size_t buf_slack(const buf_t *buf);
+uint32_t buf_get_oldest_chunk_timestamp(const buf_t *buf, uint32_t now);
+size_t buf_get_total_allocation(void);
+
int read_to_buf(tor_socket_t s, size_t at_most, buf_t *buf, int *reached_eof,
int *socket_error);
int read_to_buf_tls(tor_tls_t *tls, size_t at_most, buf_t *buf);
@@ -100,6 +104,8 @@ void assert_buf_ok(buf_t *buf);
#ifdef BUFFERS_PRIVATE
STATIC int buf_find_string_offset(const buf_t *buf, const char *s, size_t n);
+STATIC void buf_pullup(buf_t *buf, size_t bytes, int nulterminate);
+void buf_get_first_chunk_data(const buf_t *buf, const char **cp, size_t *sz);
#endif
#endif
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index ffcca4666c..98fef4c142 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -606,27 +606,30 @@ int
inform_testing_reachability(void)
{
char dirbuf[128];
+ char *address;
const routerinfo_t *me = router_get_my_routerinfo();
if (!me)
return 0;
+ address = tor_dup_ip(me->addr);
control_event_server_status(LOG_NOTICE,
"CHECKING_REACHABILITY ORADDRESS=%s:%d",
- me->address, me->or_port);
+ address, me->or_port);
if (me->dir_port) {
tor_snprintf(dirbuf, sizeof(dirbuf), " and DirPort %s:%d",
- me->address, me->dir_port);
+ address, me->dir_port);
control_event_server_status(LOG_NOTICE,
"CHECKING_REACHABILITY DIRADDRESS=%s:%d",
- me->address, me->dir_port);
+ address, me->dir_port);
}
log_notice(LD_OR, "Now checking whether ORPort %s:%d%s %s reachable... "
"(this may take up to %d minutes -- look for log "
"messages indicating success)",
- me->address, me->or_port,
+ address, me->or_port,
me->dir_port ? dirbuf : "",
me->dir_port ? "are" : "is",
TIMEOUT_UNTIL_UNREACHABILITY_COMPLAINT/60);
+ tor_free(address);
return 1;
}
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 9474896367..b2eb730c8c 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -1435,9 +1435,9 @@ circuit_mark_all_dirty_circs_as_unusable(void)
* - If circ->rend_splice is set (we are the midpoint of a joined
* rendezvous stream), then mark the other circuit to close as well.
*/
-void
-circuit_mark_for_close_(circuit_t *circ, int reason, int line,
- const char *file)
+MOCK_IMPL(void,
+circuit_mark_for_close_, (circuit_t *circ, int reason, int line,
+ const char *file))
{
int orig_reason = reason; /* Passed to the controller */
assert_circuit_ok(circ);
@@ -1612,6 +1612,38 @@ marked_circuit_free_cells(circuit_t *circ)
cell_queue_clear(& TO_OR_CIRCUIT(circ)->p_chan_cells);
}
+/** Aggressively free buffer contents on all the buffers of all streams in the
+ * list starting at <b>stream</b>. Return the number of bytes recovered. */
+static size_t
+marked_circuit_streams_free_bytes(edge_connection_t *stream)
+{
+ size_t result = 0;
+ for ( ; stream; stream = stream->next_stream) {
+ connection_t *conn = TO_CONN(stream);
+ if (conn->inbuf) {
+ result += buf_allocation(conn->inbuf);
+ buf_clear(conn->inbuf);
+ }
+ if (conn->outbuf) {
+ result += buf_allocation(conn->outbuf);
+ buf_clear(conn->outbuf);
+ }
+ }
+ return result;
+}
+
+/** Aggressively free buffer contents on all the buffers of all streams on
+ * circuit <b>c</b>. Return the number of bytes recovered. */
+static size_t
+marked_circuit_free_stream_bytes(circuit_t *c)
+{
+ if (CIRCUIT_IS_ORIGIN(c)) {
+ return marked_circuit_streams_free_bytes(TO_ORIGIN_CIRCUIT(c)->p_streams);
+ } else {
+ return marked_circuit_streams_free_bytes(TO_OR_CIRCUIT(c)->n_streams);
+ }
+}
+
/** Return the number of cells used by the circuit <b>c</b>'s cell queues. */
STATIC size_t
n_cells_in_circ_queues(const circuit_t *c)
@@ -1632,7 +1664,7 @@ n_cells_in_circ_queues(const circuit_t *c)
* This function will return incorrect results if the oldest cell queued on
* the circuit is older than 2**32 msec (about 49 days) old.
*/
-static uint32_t
+STATIC uint32_t
circuit_max_queued_cell_age(const circuit_t *c, uint32_t now)
{
uint32_t age = 0;
@@ -1652,20 +1684,68 @@ circuit_max_queued_cell_age(const circuit_t *c, uint32_t now)
return age;
}
-/** Temporary variable for circuits_compare_by_oldest_queued_cell_ This is a
- * kludge to work around the fact that qsort doesn't provide a way for
- * comparison functions to take an extra argument. */
-static uint32_t circcomp_now_tmp;
+/** Return the age in milliseconds of the oldest buffer chunk on any stream in
+ * the linked list <b>stream</b>, where age is taken in milliseconds before
+ * the time <b>now</b> (in truncated milliseconds since the epoch). */
+static uint32_t
+circuit_get_streams_max_data_age(const edge_connection_t *stream, uint32_t now)
+{
+ uint32_t age = 0, age2;
+ for (; stream; stream = stream->next_stream) {
+ const connection_t *conn = TO_CONN(stream);
+ if (conn->outbuf) {
+ age2 = buf_get_oldest_chunk_timestamp(conn->outbuf, now);
+ if (age2 > age)
+ age = age2;
+ }
+ if (conn->inbuf) {
+ age2 = buf_get_oldest_chunk_timestamp(conn->inbuf, now);
+ if (age2 > age)
+ age = age2;
+ }
+ }
+
+ return age;
+}
+
+/** Return the age in milliseconds of the oldest buffer chunk on any stream
+ * attached to the circuit <b>c</b>, where age is taken in milliseconds before
+ * the time <b>now</b> (in truncated milliseconds since the epoch). */
+STATIC uint32_t
+circuit_max_queued_data_age(const circuit_t *c, uint32_t now)
+{
+ if (CIRCUIT_IS_ORIGIN(c)) {
+ return circuit_get_streams_max_data_age(
+ TO_ORIGIN_CIRCUIT((circuit_t*)c)->p_streams, now);
+ } else {
+ return circuit_get_streams_max_data_age(
+ TO_OR_CIRCUIT((circuit_t*)c)->n_streams, now);
+ }
+}
-/** Helper to sort a list of circuit_t by age of oldest cell, in descending
- * order. Requires that circcomp_now_tmp is set correctly. */
+/** Return the age of the oldest cell or stream buffer chunk on the circuit
+ * <b>c</b>, where age is taken in milliseconds before the time <b>now</b> (in
+ * truncated milliseconds since the epoch). */
+STATIC uint32_t
+circuit_max_queued_item_age(const circuit_t *c, uint32_t now)
+{
+ uint32_t cell_age = circuit_max_queued_cell_age(c, now);
+ uint32_t data_age = circuit_max_queued_data_age(c, now);
+ if (cell_age > data_age)
+ return cell_age;
+ else
+ return data_age;
+}
+
+/** Helper to sort a list of circuit_t by age of oldest item, in descending
+ * order. */
static int
-circuits_compare_by_oldest_queued_cell_(const void **a_, const void **b_)
+circuits_compare_by_oldest_queued_item_(const void **a_, const void **b_)
{
const circuit_t *a = *a_;
const circuit_t *b = *b_;
- uint32_t age_a = circuit_max_queued_cell_age(a, circcomp_now_tmp);
- uint32_t age_b = circuit_max_queued_cell_age(b, circcomp_now_tmp);
+ uint32_t age_a = a->age_tmp;
+ uint32_t age_b = b->age_tmp;
if (age_a < age_b)
return 1;
@@ -1675,67 +1755,88 @@ circuits_compare_by_oldest_queued_cell_(const void **a_, const void **b_)
return -1;
}
-#define FRACTION_OF_CELLS_TO_RETAIN_ON_OOM 0.90
+#define FRACTION_OF_DATA_TO_RETAIN_ON_OOM 0.90
/** We're out of memory for cells, having allocated <b>current_allocation</b>
* bytes' worth. Kill the 'worst' circuits until we're under
- * FRACTION_OF_CIRCS_TO_RETAIN_ON_OOM of our maximum usage. */
+ * FRACTION_OF_DATA_TO_RETAIN_ON_OOM of our maximum usage. */
void
circuits_handle_oom(size_t current_allocation)
{
/* Let's hope there's enough slack space for this allocation here... */
smartlist_t *circlist = smartlist_new();
circuit_t *circ;
- size_t n_cells_removed=0, n_cells_to_remove;
+ size_t mem_to_recover;
+ size_t mem_recovered=0;
int n_circuits_killed=0;
struct timeval now;
+ uint32_t now_ms;
log_notice(LD_GENERAL, "We're low on memory. Killing circuits with "
"over-long queues. (This behavior is controlled by "
- "MaxMemInCellQueues.)");
+ "MaxMemInQueues.)");
+
+ {
+ const size_t recovered = buf_shrink_freelists(1);
+ if (recovered >= current_allocation) {
+ log_warn(LD_BUG, "We somehow recovered more memory from freelists "
+ "than we thought we had allocated");
+ current_allocation = 0;
+ } else {
+ current_allocation -= recovered;
+ }
+ }
{
- size_t mem_target = (size_t)(get_options()->MaxMemInCellQueues *
- FRACTION_OF_CELLS_TO_RETAIN_ON_OOM);
- size_t mem_to_recover;
+ size_t mem_target = (size_t)(get_options()->MaxMemInQueues *
+ FRACTION_OF_DATA_TO_RETAIN_ON_OOM);
if (current_allocation <= mem_target)
return;
mem_to_recover = current_allocation - mem_target;
- n_cells_to_remove = CEIL_DIV(mem_to_recover, packed_cell_mem_cost());
}
+ tor_gettimeofday_cached_monotonic(&now);
+ now_ms = (uint32_t)tv_to_msec(&now);
+
/* This algorithm itself assumes that you've got enough memory slack
* to actually run it. */
- TOR_LIST_FOREACH(circ, &global_circuitlist, head)
+ TOR_LIST_FOREACH(circ, &global_circuitlist, head) {
+ circ->age_tmp = circuit_max_queued_item_age(circ, now_ms);
smartlist_add(circlist, circ);
-
- /* Set circcomp_now_tmp so that the sort can work. */
- tor_gettimeofday_cached(&now);
- circcomp_now_tmp = (uint32_t)tv_to_msec(&now);
+ }
/* This is O(n log n); there are faster algorithms we could use instead.
* Let's hope this doesn't happen enough to be in the critical path. */
- smartlist_sort(circlist, circuits_compare_by_oldest_queued_cell_);
+ smartlist_sort(circlist, circuits_compare_by_oldest_queued_item_);
/* Okay, now the worst circuits are at the front of the list. Let's mark
* them, and reclaim their storage aggressively. */
SMARTLIST_FOREACH_BEGIN(circlist, circuit_t *, circ) {
size_t n = n_cells_in_circ_queues(circ);
+ size_t freed;
if (! circ->marked_for_close) {
circuit_mark_for_close(circ, END_CIRC_REASON_RESOURCELIMIT);
}
marked_circuit_free_cells(circ);
+ freed = marked_circuit_free_stream_bytes(circ);
++n_circuits_killed;
- n_cells_removed += n;
- if (n_cells_removed >= n_cells_to_remove)
+
+ mem_recovered += n * packed_cell_mem_cost();
+ mem_recovered += freed;
+
+ if (mem_recovered >= mem_to_recover)
break;
} SMARTLIST_FOREACH_END(circ);
clean_cell_pool(); /* In case this helps. */
-
- log_notice(LD_GENERAL, "Removed "U64_FORMAT" bytes by killing %d circuits.",
- U64_PRINTF_ARG(n_cells_removed * packed_cell_mem_cost()),
- n_circuits_killed);
+ buf_shrink_freelists(1); /* This is necessary to actually release buffer
+ chunks. */
+
+ log_notice(LD_GENERAL, "Removed "U64_FORMAT" bytes by killing %d circuits; "
+ "%d circuits remain alive.",
+ U64_PRINTF_ARG(mem_recovered),
+ n_circuits_killed,
+ smartlist_len(circlist) - n_circuits_killed);
smartlist_free(circlist);
}
diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h
index 1c8cf7de24..a29c29a49a 100644
--- a/src/or/circuitlist.h
+++ b/src/or/circuitlist.h
@@ -53,8 +53,8 @@ origin_circuit_t *circuit_find_to_cannibalize(uint8_t purpose,
extend_info_t *info, int flags);
void circuit_mark_all_unused_circs(void);
void circuit_mark_all_dirty_circs_as_unusable(void);
-void circuit_mark_for_close_(circuit_t *circ, int reason,
- int line, const char *file);
+MOCK_DECL(void, circuit_mark_for_close_, (circuit_t *circ, int reason,
+ int line, const char *file));
int circuit_get_cpath_len(origin_circuit_t *circ);
void circuit_clear_cpath(origin_circuit_t *circ);
crypt_path_t *circuit_get_cpath_hop(origin_circuit_t *circ, int hopnum);
@@ -76,6 +76,9 @@ void channel_note_destroy_not_pending(channel_t *chan, circid_t id);
#ifdef CIRCUITLIST_PRIVATE
STATIC void circuit_free(circuit_t *circ);
STATIC size_t n_cells_in_circ_queues(const circuit_t *c);
+STATIC uint32_t circuit_max_queued_data_age(const circuit_t *c, uint32_t now);
+STATIC uint32_t circuit_max_queued_cell_age(const circuit_t *c, uint32_t now);
+STATIC uint32_t circuit_max_queued_item_age(const circuit_t *c, uint32_t now);
#endif
#endif
diff --git a/src/or/config.c b/src/or/config.c
index 5633696d0c..0187caf104 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -85,6 +85,7 @@ static config_abbrev_t option_abbrevs_[] = {
{ "DirFetchPostPeriod", "StatusFetchPeriod", 0, 0},
{ "DirServer", "DirAuthority", 0, 0}, /* XXXX024 later, make this warn? */
{ "MaxConn", "ConnLimit", 0, 1},
+ { "MaxMemInCellQueues", "MaxMemInQueues", 0, 0},
{ "ORBindAddress", "ORListenAddress", 0, 0},
{ "DirBindAddress", "DirListenAddress", 0, 0},
{ "SocksBindAddress", "SocksListenAddress", 0, 0},
@@ -306,7 +307,7 @@ static config_var_t option_vars_[] = {
V(MaxAdvertisedBandwidth, MEMUNIT, "1 GB"),
V(MaxCircuitDirtiness, INTERVAL, "10 minutes"),
V(MaxClientCircuitsPending, UINT, "32"),
- V(MaxMemInCellQueues, MEMUNIT, "8 GB"),
+ V(MaxMemInQueues, MEMUNIT, "8 GB"),
OBSOLETE("MaxOnionsPending"),
V(MaxOnionQueueDelay, MSEC_INTERVAL, "1750 msec"),
V(MinMeasuredBWsForAuthToIgnoreAdvertised, INT, "500"),
@@ -317,6 +318,7 @@ static config_var_t option_vars_[] = {
V(NATDListenAddress, LINELIST, NULL),
VPORT(NATDPort, LINELIST, NULL),
V(Nickname, STRING, NULL),
+ V(PredictedPortsRelevanceTime, INTERVAL, "1 hour"),
V(WarnUnsafeSocks, BOOL, "1"),
OBSOLETE("NoPublish"),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
@@ -1341,6 +1343,20 @@ options_act(const or_options_t *old_options)
}
#endif
+ /* If we are a bridge with a pluggable transport proxy but no
+ Extended ORPort, inform the user that she is missing out. */
+ if (server_mode(options) && options->ServerTransportPlugin &&
+ !options->ExtORPort_lines) {
+ log_notice(LD_CONFIG, "We use pluggable transports but the Extended "
+ "ORPort is disabled. Tor and your pluggable transports proxy "
+ "communicate with each other via the Extended ORPort so it "
+ "is suggested you enable it: it will also allow your Bridge "
+ "to collect statistics about its clients that use pluggable "
+ "transports. Please enable it using the ExtORPort torrc option "
+ "(e.g. set 'ExtORPort auto').");
+
+ }
+
if (options->SafeLogging_ != SAFELOG_SCRUB_ALL &&
(!old_options || old_options->SafeLogging_ != options->SafeLogging_)) {
log_warn(LD_GENERAL, "Your log may contain sensitive information - you "
@@ -2380,6 +2396,11 @@ compute_publishserverdescriptor(or_options_t *options)
* services can overload the directory system. */
#define MIN_REND_POST_PERIOD (10*60)
+/** Higest allowable value for PredictedPortsRelevanceTime; if this is
+ * too high, our selection of exits will decrease for an extended
+ * period of time to an uncomfortable level .*/
+#define MAX_PREDICTED_CIRCS_RELEVANCE (60*60)
+
/** Highest allowable value for RendPostPeriod. */
#define MAX_DIR_PERIOD (MIN_ONION_KEY_LIFETIME/2)
@@ -2448,7 +2469,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
!strcmpstart(uname, "Windows Me"))) {
log_warn(LD_CONFIG, "Tor is running as a server, but you are "
"running %s; this probably won't work. See "
- "https://wiki.torproject.org/TheOnionRouter/TorFAQ#ServerOS "
+ "https://www.torproject.org/docs/faq.html#BestOSForRelay "
"for details.", uname);
}
@@ -2758,10 +2779,10 @@ options_validate(or_options_t *old_options, or_options_t *options,
REJECT("If EntryNodes is set, UseEntryGuards must be enabled.");
}
- if (options->MaxMemInCellQueues < (500 << 20)) {
- log_warn(LD_CONFIG, "MaxMemInCellQueues must be at least 500 MB for now. "
+ if (options->MaxMemInQueues < (256 << 20)) {
+ log_warn(LD_CONFIG, "MaxMemInQueues must be at least 256 MB for now. "
"Ideally, have it as large as you can afford.");
- options->MaxMemInCellQueues = (500 << 20);
+ options->MaxMemInQueues = (256 << 20);
}
options->AllowInvalid_ = 0;
@@ -2840,6 +2861,13 @@ options_validate(or_options_t *old_options, or_options_t *options,
options->RendPostPeriod = MAX_DIR_PERIOD;
}
+ if (options->PredictedPortsRelevanceTime >
+ MAX_PREDICTED_CIRCS_RELEVANCE) {
+ log_warn(LD_CONFIG, "PredictedPortsRelevanceTime is too large; "
+ "clipping to %ds.", MAX_PREDICTED_CIRCS_RELEVANCE);
+ options->PredictedPortsRelevanceTime = MAX_PREDICTED_CIRCS_RELEVANCE;
+ }
+
if (options->Tor2webMode && options->LearnCircuitBuildTimeout) {
/* LearnCircuitBuildTimeout and Tor2webMode are incompatible in
* two ways:
@@ -3258,17 +3286,6 @@ options_validate(or_options_t *old_options, or_options_t *options,
smartlist_free(options_sl);
}
- /* If we are a bridge with a pluggable transport proxy but no
- Extended ORPort, inform the user that she is missing out. */
- if (server_mode(options) && options->ServerTransportPlugin &&
- !options->ExtORPort_lines) {
- log_notice(LD_CONFIG, "We are a bridge with a pluggable transport "
- "proxy but the Extended ORPort is disabled. The "
- "Extended ORPort helps Tor communicate with the pluggable "
- "transport proxy. Please enable it using the ExtORPort "
- "torrc option.");
- }
-
if (options->ConstrainedSockets) {
/* If the user wants to constrain socket buffer use, make sure the desired
* limit is between MIN|MAX_TCPSOCK_BUFFER in k increments. */
diff --git a/src/or/connection.c b/src/or/connection.c
index 653fa1cff7..19944161fb 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1008,9 +1008,9 @@ tor_listen(tor_socket_t fd)
*/
static connection_t *
connection_listener_new(const struct sockaddr *listensockaddr,
- socklen_t socklen,
- int type, const char *address,
- const port_cfg_t *port_cfg)
+ socklen_t socklen,
+ int type, const char *address,
+ const port_cfg_t *port_cfg)
{
listener_connection_t *lis_conn;
connection_t *conn = NULL;
@@ -2227,7 +2227,7 @@ retry_listener_ports(smartlist_t *old_conns,
if (listensockaddr) {
conn = connection_listener_new(listensockaddr, listensocklen,
- port->type, address, port);
+ port->type, address, port);
tor_free(listensockaddr);
tor_free(address);
} else {
diff --git a/src/or/control.c b/src/or/control.c
index 48f9b57d93..23e2054f9e 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -3176,6 +3176,10 @@ connection_control_reached_eof(control_connection_t *conn)
return 0;
}
+static void lost_owning_controller(const char *owner_type,
+ const char *loss_manner)
+ ATTR_NORETURN;
+
/** Shut down this Tor instance in the same way that SIGINT would, but
* with a log message appropriate for the loss of an owning controller. */
static void
@@ -4670,6 +4674,8 @@ static char *owning_controller_process_spec = NULL;
* if this Tor instance is not currently owned by a process. */
static tor_process_monitor_t *owning_controller_process_monitor = NULL;
+static void owning_controller_procmon_cb(void *unused) ATTR_NORETURN;
+
/** Process-termination monitor callback for Tor's owning controller
* process. */
static void
diff --git a/src/or/directory.c b/src/or/directory.c
index 739885c766..5eccb2cabd 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -82,8 +82,7 @@ static void dir_microdesc_download_failed(smartlist_t *failed,
static void note_client_request(int purpose, int compressed, size_t bytes);
static int client_likes_consensus(networkstatus_t *v, const char *want_url);
-static void directory_initiate_command_rend(const char *address,
- const tor_addr_t *addr,
+static void directory_initiate_command_rend(const tor_addr_t *addr,
uint16_t or_port,
uint16_t dir_port,
const char *digest,
@@ -464,7 +463,7 @@ directory_get_from_dirserver(uint8_t dir_purpose, uint8_t router_purpose,
tor_addr_t addr;
routerinfo_t *ri = node->ri;
node_get_addr(node, &addr);
- directory_initiate_command(ri->address, &addr,
+ directory_initiate_command(&addr,
ri->or_port, 0/*no dirport*/,
ri->cache_info.identity_digest,
dir_purpose,
@@ -593,9 +592,6 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status,
{
const or_options_t *options = get_options();
const node_t *node;
- char address_buf[INET_NTOA_BUF_LEN+1];
- struct in_addr in;
- const char *address;
tor_addr_t addr;
const int anonymized_connection = dirind_is_anon(indirection);
node = node_get_by_id(status->identity_digest);
@@ -605,13 +601,6 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status,
"don't have its router descriptor.",
routerstatus_describe(status));
return;
- } else if (node) {
- node_get_address_string(node, address_buf, sizeof(address_buf));
- address = address_buf;
- } else {
- in.s_addr = htonl(status->addr);
- tor_inet_ntoa(&in, address_buf, sizeof(address_buf));
- address = address_buf;
}
tor_addr_from_ipv4h(&addr, status->addr);
@@ -625,7 +614,7 @@ directory_initiate_command_routerstatus_rend(const routerstatus_t *status,
return;
}
- directory_initiate_command_rend(address, &addr,
+ directory_initiate_command_rend(&addr,
status->or_port, status->dir_port,
status->identity_digest,
dir_purpose, router_purpose,
@@ -867,7 +856,7 @@ directory_command_should_use_begindir(const or_options_t *options,
* <b>supports_begindir</b>, and whose identity key digest is
* <b>digest</b>. */
void
-directory_initiate_command(const char *address, const tor_addr_t *_addr,
+directory_initiate_command(const tor_addr_t *_addr,
uint16_t or_port, uint16_t dir_port,
const char *digest,
uint8_t dir_purpose, uint8_t router_purpose,
@@ -875,7 +864,7 @@ directory_initiate_command(const char *address, const tor_addr_t *_addr,
const char *payload, size_t payload_len,
time_t if_modified_since)
{
- directory_initiate_command_rend(address, _addr, or_port, dir_port,
+ directory_initiate_command_rend(_addr, or_port, dir_port,
digest, dir_purpose,
router_purpose, indirection,
resource, payload, payload_len,
@@ -897,7 +886,7 @@ is_sensitive_dir_purpose(uint8_t dir_purpose)
/** Same as directory_initiate_command(), but accepts rendezvous data to
* fetch a hidden service descriptor. */
static void
-directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
+directory_initiate_command_rend(const tor_addr_t *_addr,
uint16_t or_port, uint16_t dir_port,
const char *digest,
uint8_t dir_purpose, uint8_t router_purpose,
@@ -915,7 +904,6 @@ directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
const int anonymized_connection = dirind_is_anon(indirection);
tor_addr_t addr;
- tor_assert(address);
tor_assert(_addr);
tor_assert(or_port || dir_port);
tor_assert(digest);
@@ -948,7 +936,7 @@ directory_initiate_command_rend(const char *address, const tor_addr_t *_addr,
/* set up conn so it's got all the data we need to remember */
tor_addr_copy(&conn->base_.addr, &addr);
conn->base_.port = use_begindir ? or_port : dir_port;
- conn->base_.address = tor_strdup(address);
+ conn->base_.address = tor_dup_addr(&addr);
memcpy(conn->identity_digest, digest, DIGEST_LEN);
conn->base_.purpose = dir_purpose;
diff --git a/src/or/directory.h b/src/or/directory.h
index 3de69329a4..bc200797d4 100644
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -63,7 +63,7 @@ int connection_dir_process_inbuf(dir_connection_t *conn);
int connection_dir_finished_flushing(dir_connection_t *conn);
int connection_dir_finished_connecting(dir_connection_t *conn);
void connection_dir_about_to_close(dir_connection_t *dir_conn);
-void directory_initiate_command(const char *address, const tor_addr_t *addr,
+void directory_initiate_command(const tor_addr_t *addr,
uint16_t or_port, uint16_t dir_port,
const char *digest,
uint8_t dir_purpose, uint8_t router_purpose,
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index cd0e23cc2c..984b47d2f5 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -79,7 +79,6 @@ static int add_fingerprint_to_dir(const char *nickname, const char *fp,
struct authdir_config_t *list);
static uint32_t
dirserv_get_status_impl(const char *fp, const char *nickname,
- const char *address,
uint32_t addr, uint16_t or_port,
const char *platform, const char *contact,
const char **msg, int should_log);
@@ -327,7 +326,6 @@ dirserv_router_get_status(const routerinfo_t *router, const char **msg)
}
return dirserv_get_status_impl(d, router->nickname,
- router->address,
router->addr, router->or_port,
router->platform, router->contact_info,
msg, 1);
@@ -341,7 +339,6 @@ dirserv_would_reject_router(const routerstatus_t *rs)
uint32_t res;
res = dirserv_get_status_impl(rs->identity_digest, rs->nickname,
- "", /* address is only used in logs */
rs->addr, rs->or_port,
NULL, NULL,
NULL, 0);
@@ -380,7 +377,6 @@ dirserv_get_name_status(const char *id_digest, const char *nickname)
*/
static uint32_t
dirserv_get_status_impl(const char *id_digest, const char *nickname,
- const char *address,
uint32_t addr, uint16_t or_port,
const char *platform, const char *contact,
const char **msg, int should_log)
@@ -452,14 +448,14 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
if (should_log)
log_info(LD_DIRSERV,
"Marking '%s' as bad directory because of address '%s'",
- nickname, address);
+ nickname, fmt_addr32(addr));
result |= FP_BADDIR;
}
if (authdir_policy_badexit_address(addr, or_port)) {
if (should_log)
log_info(LD_DIRSERV, "Marking '%s' as bad exit because of address '%s'",
- nickname, address);
+ nickname, fmt_addr32(addr));
result |= FP_BADEXIT;
}
@@ -467,7 +463,7 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
if (!authdir_policy_permits_address(addr, or_port)) {
if (should_log)
log_info(LD_DIRSERV, "Rejecting '%s' because of address '%s'",
- nickname, address);
+ nickname, fmt_addr32(addr));
if (msg)
*msg = "Authdir is rejecting routers in this range.";
return FP_REJECT;
@@ -475,7 +471,7 @@ dirserv_get_status_impl(const char *id_digest, const char *nickname,
if (!authdir_policy_valid_address(addr, or_port)) {
if (should_log)
log_info(LD_DIRSERV, "Not marking '%s' valid because of address '%s'",
- nickname, address);
+ nickname, fmt_addr32(addr));
result |= FP_INVALID;
}
if (reject_unlisted) {
@@ -524,19 +520,12 @@ dirserv_free_fingerprint_list(void)
static int
dirserv_router_has_valid_address(routerinfo_t *ri)
{
- struct in_addr iaddr;
if (get_options()->DirAllowPrivateAddresses)
return 0; /* whatever it is, we're fine with it */
- if (!tor_inet_aton(ri->address, &iaddr)) {
- log_info(LD_DIRSERV,"Router %s published non-IP address '%s'. Refusing.",
- router_describe(ri),
- ri->address);
- return -1;
- }
- if (is_internal_IP(ntohl(iaddr.s_addr), 0)) {
+ if (is_internal_IP(ri->addr, 0)) {
log_info(LD_DIRSERV,
- "Router %s published internal IP address '%s'. Refusing.",
- router_describe(ri), ri->address);
+ "Router %s published internal IP address. Refusing.",
+ router_describe(ri));
return -1; /* it's a private IP, we should reject it */
}
return 0;
@@ -588,12 +577,10 @@ authdir_wants_to_reject_router(routerinfo_t *ri, const char **msg,
}
if (dirserv_router_has_valid_address(ri) < 0) {
log_fn(severity, LD_DIRSERV,
- "Router %s has invalid address '%s'. "
- "Not adding (%s).",
+ "Router %s has invalid address. Not adding (%s).",
router_describe(ri),
- ri->address,
esc_router_info(ri));
- *msg = "Rejected: Address is not an IP, or IP is a private address.";
+ *msg = "Rejected: Address is a private address.";
return -1;
}
@@ -3279,7 +3266,7 @@ dirserv_single_reachability_test(time_t now, routerinfo_t *router)
/* IPv4. */
log_debug(LD_OR,"Testing reachability of %s at %s:%u.",
- router->nickname, router->address, router->or_port);
+ router->nickname, fmt_addr32(router->addr), router->or_port);
tor_addr_from_ipv4h(&router_addr, router->addr);
chan = channel_tls_connect(&router_addr, router->or_port,
router->cache_info.identity_digest);
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 17c5b13e79..b374ac7a34 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -1967,7 +1967,6 @@ get_socks_args_by_bridge_addrport(const tor_addr_t *addr, uint16_t port)
static void
launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
{
- char *address;
const or_options_t *options = get_options();
if (connection_get_by_type_addr_port_purpose(
@@ -1982,15 +1981,12 @@ launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge)
return;
}
- address = tor_dup_addr(&bridge->addr);
-
- directory_initiate_command(address, &bridge->addr,
+ directory_initiate_command(&bridge->addr,
bridge->port, 0/*no dirport*/,
bridge->identity,
DIR_PURPOSE_FETCH_SERVERDESC,
ROUTER_PURPOSE_BRIDGE,
DIRIND_ONEHOP, "authority.z", NULL, 0, 0);
- tor_free(address);
}
/** Fetching the bridge descriptor from the bridge authority returned a
@@ -2108,13 +2104,11 @@ rewrite_node_address_for_bridge(const bridge_info_t *bridge, node_t *node)
} else {
if (tor_addr_family(&bridge->addr) == AF_INET) {
ri->addr = tor_addr_to_ipv4h(&bridge->addr);
- tor_free(ri->address);
- ri->address = tor_dup_ip(ri->addr);
ri->or_port = bridge->port;
log_info(LD_DIR,
"Adjusted bridge routerinfo for '%s' to match configured "
"address %s:%d.",
- ri->nickname, ri->address, ri->or_port);
+ ri->nickname, fmt_addr32(ri->addr), ri->or_port);
} else if (tor_addr_family(&bridge->addr) == AF_INET6) {
tor_addr_copy(&ri->ipv6_addr, &bridge->addr);
ri->ipv6_orport = bridge->port;
diff --git a/src/or/main.c b/src/or/main.c
index b0529cde8a..7294c8955a 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1670,24 +1670,28 @@ second_elapsed_callback(periodic_timer_t *timer, void *arg)
/* every 20 minutes, check and complain if necessary */
const routerinfo_t *me = router_get_my_routerinfo();
if (me && !check_whether_orport_reachable()) {
+ char *address = tor_dup_ip(me->addr);
log_warn(LD_CONFIG,"Your server (%s:%d) has not managed to confirm that "
"its ORPort is reachable. Please check your firewalls, ports, "
"address, /etc/hosts file, etc.",
- me->address, me->or_port);
+ address, me->or_port);
control_event_server_status(LOG_WARN,
"REACHABILITY_FAILED ORADDRESS=%s:%d",
- me->address, me->or_port);
+ address, me->or_port);
+ tor_free(address);
}
if (me && !check_whether_dirport_reachable()) {
+ char *address = tor_dup_ip(me->addr);
log_warn(LD_CONFIG,
"Your server (%s:%d) has not managed to confirm that its "
"DirPort is reachable. Please check your firewalls, ports, "
"address, /etc/hosts file, etc.",
- me->address, me->dir_port);
+ address, me->dir_port);
control_event_server_status(LOG_WARN,
"REACHABILITY_FAILED DIRADDRESS=%s:%d",
- me->address, me->dir_port);
+ address, me->dir_port);
+ tor_free(address);
}
}
diff --git a/src/or/microdesc.c b/src/or/microdesc.c
index 8052ca998c..6419ea79f8 100644
--- a/src/or/microdesc.c
+++ b/src/or/microdesc.c
@@ -721,7 +721,7 @@ update_microdesc_downloads(time_t now)
smartlist_t *missing;
digestmap_t *pending;
- if (should_delay_dir_fetches(options))
+ if (should_delay_dir_fetches(options, NULL))
return;
if (directory_too_idle_to_fetch_descriptors(options, now))
return;
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 2b0242b569..49478a7341 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -31,6 +31,7 @@
#include "router.h"
#include "routerlist.h"
#include "routerparse.h"
+#include "transports.h"
/** Map from lowercase nickname to identity digest of named server, if any. */
static strmap_t *named_server_map = NULL;
@@ -884,14 +885,37 @@ update_consensus_networkstatus_fetch_time(time_t now)
/** Return 1 if there's a reason we shouldn't try any directory
* fetches yet (e.g. we demand bridges and none are yet known).
- * Else return 0. */
+ * Else return 0.
+
+ * If we return 1 and <b>msg_out</b> is provided, set <b>msg_out</b>
+ * to an explanation of why directory fetches are delayed. (If we
+ * return 0, we set msg_out to NULL.)
+ */
int
-should_delay_dir_fetches(const or_options_t *options)
+should_delay_dir_fetches(const or_options_t *options, const char **msg_out)
{
- if (options->UseBridges && !any_bridge_descriptors_known()) {
- log_info(LD_DIR, "delaying dir fetches (no running bridges known)");
- return 1;
+ if (msg_out) {
+ *msg_out = NULL;
}
+
+ if (options->UseBridges) {
+ if (!any_bridge_descriptors_known()) {
+ if (msg_out) {
+ *msg_out = "No running bridges";
+ }
+ log_info(LD_DIR, "Delaying dir fetches (no running bridges known)");
+ return 1;
+ }
+
+ if (pt_proxies_configuration_pending()) {
+ if (msg_out) {
+ *msg_out = "Pluggable transport proxies still configuring";
+ }
+ log_info(LD_DIR, "Delaying dir fetches (pt proxies still configuring)");
+ return 1;
+ }
+ }
+
return 0;
}
@@ -901,7 +925,7 @@ void
update_networkstatus_downloads(time_t now)
{
const or_options_t *options = get_options();
- if (should_delay_dir_fetches(options))
+ if (should_delay_dir_fetches(options, NULL))
return;
update_consensus_networkstatus_downloads(now);
update_certificate_downloads(now);
diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h
index df5895c4b8..1659818f0a 100644
--- a/src/or/networkstatus.h
+++ b/src/or/networkstatus.h
@@ -53,7 +53,7 @@ int networkstatus_nickname_is_unnamed(const char *nickname);
void networkstatus_consensus_download_failed(int status_code,
const char *flavname);
void update_consensus_networkstatus_fetch_time(time_t now);
-int should_delay_dir_fetches(const or_options_t *options);
+int should_delay_dir_fetches(const or_options_t *options,const char **msg_out);
void update_networkstatus_downloads(time_t now);
void update_certificate_downloads(time_t now);
int consensus_is_waiting_for_certs(void);
diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 03fa836d4e..3704822c72 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -785,7 +785,7 @@ void
node_get_address_string(const node_t *node, char *buf, size_t len)
{
if (node->ri) {
- strlcpy(buf, node->ri->address, len);
+ strlcpy(buf, fmt_addr32(node->ri->addr), len);
} else if (node->rs) {
tor_addr_t addr;
tor_addr_from_ipv4h(&addr, node->rs->addr);
@@ -1477,6 +1477,7 @@ update_router_have_minimum_dir_info(void)
const networkstatus_t *consensus =
networkstatus_get_reasonably_live_consensus(now,usable_consensus_flavor());
int using_md;
+ const char *delay_fetches_msg = NULL;
if (!consensus) {
if (!networkstatus_get_latest_consensus())
@@ -1489,10 +1490,9 @@ update_router_have_minimum_dir_info(void)
goto done;
}
- if (should_delay_dir_fetches(get_options())) {
- log_notice(LD_DIR, "no known bridge descriptors running yet; stalling");
- strlcpy(dir_info_status, "No live bridge descriptors.",
- sizeof(dir_info_status));
+ if (should_delay_dir_fetches(get_options(), &delay_fetches_msg)) {
+ log_notice(LD_DIR, "Delaying dir fetches: %s", delay_fetches_msg);
+ strlcpy(dir_info_status, "%s", sizeof(dir_info_status));
res = 0;
goto done;
}
diff --git a/src/or/or.h b/src/or/or.h
index c47ae23ed1..546adaa3a2 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2009,7 +2009,6 @@ typedef int16_t country_t;
/** Information about another onion router in the network. */
typedef struct {
signed_descriptor_t cache_info;
- char *address; /**< Location of OR: either a hostname or an IP address. */
char *nickname; /**< Human-readable OR name. */
uint32_t addr; /**< IPv4 address of OR, in host order. */
@@ -2816,6 +2815,9 @@ typedef struct circuit_t {
* more. */
int deliver_window;
+ /** Temporary field used during circuits_handle_oom. */
+ uint32_t age_tmp;
+
/** For storage while n_chan is pending (state CIRCUIT_STATE_CHAN_WAIT). */
struct create_cell_t *n_chan_create_cell;
@@ -3469,9 +3471,8 @@ typedef struct {
config_line_t *DirPort_lines;
config_line_t *DNSPort_lines; /**< Ports to listen on for DNS requests. */
- uint64_t MaxMemInCellQueues; /**< If we have more memory than this allocated
- * for circuit cell queues, run the OOM handler
- */
+ uint64_t MaxMemInQueues; /**< If we have more memory than this allocated
+ * for queues and buffers, run the OOM handler */
/** @name port booleans
*
@@ -3637,6 +3638,10 @@ typedef struct {
* a new one? */
int MaxCircuitDirtiness; /**< Never use circs that were first used more than
this interval ago. */
+ int PredictedPortsRelevanceTime; /** How long after we've requested a
+ * connection for a given port, do we want
+ * to continue to pick exits that support
+ * that port? */
uint64_t BandwidthRate; /**< How much bandwidth, on average, are we willing
* to use in a second? */
uint64_t BandwidthBurst; /**< How much bandwidth, at maximum, are we willing
@@ -4836,9 +4841,9 @@ typedef struct rend_service_descriptor_t {
crypto_pk_t *pk; /**< This service's public key. */
int version; /**< Version of the descriptor format: 0 or 2. */
time_t timestamp; /**< Time when the descriptor was generated. */
- /** Bitmask: which rendezvous protocols are supported?
- * (We allow bits '0', '1', and '2' to be set.) */
- int protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH;
+ /** Bitmask: which introduce/rendezvous protocols are supported?
+ * (We allow bits '0', '1', '2' and '3' to be set.) */
+ unsigned protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH;
/** List of the service's introduction points. Elements are removed if
* introduction attempts fail. */
smartlist_t *intro_nodes;
diff --git a/src/or/policies.c b/src/or/policies.c
index 05377ec205..42dc46b7fd 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -438,7 +438,7 @@ validate_addr_policies(const or_options_t *options, char **msg)
if (policies_parse_exit_policy(options->ExitPolicy, &addr_policy,
options->IPv6Exit,
- options->ExitPolicyRejectPrivate, NULL,
+ options->ExitPolicyRejectPrivate, 0,
!options->BridgeRelay))
REJECT("Error in ExitPolicy entry.");
@@ -482,10 +482,12 @@ validate_addr_policies(const or_options_t *options, char **msg)
* Ignore port specifiers.
*/
static int
-load_policy_from_option(config_line_t *config, smartlist_t **policy,
+load_policy_from_option(config_line_t *config, const char *option_name,
+ smartlist_t **policy,
int assume_action)
{
int r;
+ int killed_any_ports = 0;
addr_policy_list_free(*policy);
*policy = NULL;
r = parse_addr_policy(config, policy, assume_action);
@@ -504,9 +506,13 @@ load_policy_from_option(config_line_t *config, smartlist_t **policy,
c = addr_policy_get_canonical_entry(&newp);
SMARTLIST_REPLACE_CURRENT(*policy, n, c);
addr_policy_free(n);
+ killed_any_ports = 1;
}
} SMARTLIST_FOREACH_END(n);
}
+ if (killed_any_ports) {
+ log_warn(LD_CONFIG, "Ignoring ports in %s option.", option_name);
+ }
return 0;
}
@@ -516,20 +522,22 @@ int
policies_parse_from_options(const or_options_t *options)
{
int ret = 0;
- if (load_policy_from_option(options->SocksPolicy, &socks_policy, -1) < 0)
+ if (load_policy_from_option(options->SocksPolicy, "SocksPolicy",
+ &socks_policy, -1) < 0)
ret = -1;
- if (load_policy_from_option(options->DirPolicy, &dir_policy, -1) < 0)
+ if (load_policy_from_option(options->DirPolicy, "DirPolicy",
+ &dir_policy, -1) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirReject,
+ if (load_policy_from_option(options->AuthDirReject, "AuthDirReject",
&authdir_reject_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirInvalid,
+ if (load_policy_from_option(options->AuthDirInvalid, "AuthDirInvalid",
&authdir_invalid_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirBadDir,
+ if (load_policy_from_option(options->AuthDirBadDir, "AuthDirBadDir",
&authdir_baddir_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
- if (load_policy_from_option(options->AuthDirBadExit,
+ if (load_policy_from_option(options->AuthDirBadExit, "AuthDirBadExit",
&authdir_badexit_policy, ADDR_POLICY_REJECT) < 0)
ret = -1;
if (parse_reachable_addresses() < 0)
@@ -962,7 +970,7 @@ exit_policy_remove_redundancies(smartlist_t *dest)
int
policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest,
int ipv6_exit,
- int rejectprivate, const char *local_address,
+ int rejectprivate, uint32_t local_address,
int add_default_policy)
{
if (!ipv6_exit) {
@@ -972,7 +980,7 @@ policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest,
append_exit_policy_string(dest, "reject private:*");
if (local_address) {
char buf[POLICY_BUF_LEN];
- tor_snprintf(buf, sizeof(buf), "reject %s:*", local_address);
+ tor_snprintf(buf, sizeof(buf), "reject %s:*", fmt_addr32(local_address));
append_exit_policy_string(dest, buf);
}
}
diff --git a/src/or/policies.h b/src/or/policies.h
index facbbb6b5a..91ac427492 100644
--- a/src/or/policies.h
+++ b/src/or/policies.h
@@ -45,7 +45,7 @@ addr_policy_result_t compare_tor_addr_to_node_policy(const tor_addr_t *addr,
int policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest,
int ipv6exit,
- int rejectprivate, const char *local_address,
+ int rejectprivate, uint32_t local_address,
int add_default_policy);
void policies_exit_policy_append_reject_star(smartlist_t **dest);
void addr_policy_append_reject_addr(smartlist_t **dest,
diff --git a/src/or/relay.c b/src/or/relay.c
index dc234c1f2a..d6742d25e1 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -2153,7 +2153,8 @@ cell_queue_append_packed_copy(circuit_t *circ, cell_queue_t *queue,
(void)circ;
(void)exitward;
(void)use_stats;
- tor_gettimeofday_cached(&now);
+ tor_gettimeofday_cached_monotonic(&now);
+
copy->inserted_time = (uint32_t)tv_to_msec(&now);
cell_queue_append(queue, copy);
@@ -2201,13 +2202,21 @@ packed_cell_mem_cost(void)
return sizeof(packed_cell_t) + MP_POOL_ITEM_OVERHEAD;
}
+/** DOCDOC */
+STATIC size_t
+cell_queues_get_total_allocation(void)
+{
+ return total_cells_allocated * packed_cell_mem_cost();
+}
+
/** Check whether we've got too much space used for cells. If so,
* call the OOM handler and return 1. Otherwise, return 0. */
-static int
+STATIC int
cell_queues_check_size(void)
{
- size_t alloc = total_cells_allocated * packed_cell_mem_cost();
- if (alloc >= get_options()->MaxMemInCellQueues) {
+ size_t alloc = cell_queues_get_total_allocation();
+ alloc += buf_get_total_allocation();
+ if (alloc >= get_options()->MaxMemInQueues) {
circuits_handle_oom(alloc);
return 1;
}
diff --git a/src/or/relay.h b/src/or/relay.h
index 20eecfb400..2c7d0d8ae4 100644
--- a/src/or/relay.h
+++ b/src/or/relay.h
@@ -85,6 +85,8 @@ STATIC int connected_cell_parse(const relay_header_t *rh, const cell_t *cell,
tor_addr_t *addr_out, int *ttl_out);
STATIC packed_cell_t *packed_cell_new(void);
STATIC packed_cell_t *cell_queue_pop(cell_queue_t *queue);
+STATIC size_t cell_queues_get_total_allocation(void);
+STATIC int cell_queues_check_size(void);
#endif
#endif
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 66dc5f611f..16e16ab651 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -1862,22 +1862,20 @@ rep_hist_note_used_port(time_t now, uint16_t port)
add_predicted_port(now, port);
}
-/** For this long after we've seen a request for a given port, assume that
- * we'll want to make connections to the same port in the future. */
-#define PREDICTED_CIRCS_RELEVANCE_TIME (60*60)
-
/** Return a newly allocated pointer to a list of uint16_t * for ports that
* are likely to be asked for in the near future.
*/
smartlist_t *
rep_hist_get_predicted_ports(time_t now)
{
+ int predicted_circs_relevance_time;
smartlist_t *out = smartlist_new();
tor_assert(predicted_ports_list);
+ predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime;
/* clean out obsolete entries */
SMARTLIST_FOREACH_BEGIN(predicted_ports_list, predicted_port_t *, pp) {
- if (pp->time + PREDICTED_CIRCS_RELEVANCE_TIME < now) {
+ if (pp->time + predicted_circs_relevance_time < now) {
log_debug(LD_CIRC, "Expiring predicted port %d", pp->port);
rephist_total_alloc -= sizeof(predicted_port_t);
@@ -1944,14 +1942,17 @@ int
rep_hist_get_predicted_internal(time_t now, int *need_uptime,
int *need_capacity)
{
+ int predicted_circs_relevance_time;
+ predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime;
+
if (!predicted_internal_time) { /* initialize it */
predicted_internal_time = now;
predicted_internal_uptime_time = now;
predicted_internal_capacity_time = now;
}
- if (predicted_internal_time + PREDICTED_CIRCS_RELEVANCE_TIME < now)
+ if (predicted_internal_time + predicted_circs_relevance_time < now)
return 0; /* too long ago */
- if (predicted_internal_uptime_time + PREDICTED_CIRCS_RELEVANCE_TIME >= now)
+ if (predicted_internal_uptime_time + predicted_circs_relevance_time >= now)
*need_uptime = 1;
// Always predict that we need capacity.
*need_capacity = 1;
@@ -1963,8 +1964,11 @@ rep_hist_get_predicted_internal(time_t now, int *need_uptime,
int
any_predicted_circuits(time_t now)
{
+ int predicted_circs_relevance_time;
+ predicted_circs_relevance_time = get_options()->PredictedPortsRelevanceTime;
+
return smartlist_len(predicted_ports_list) ||
- predicted_internal_time + PREDICTED_CIRCS_RELEVANCE_TIME >= now;
+ predicted_internal_time + predicted_circs_relevance_time >= now;
}
/** Return 1 if we have no need for circuits currently, else return 0. */
diff --git a/src/or/router.c b/src/or/router.c
index 6fa9f65e10..4828a8df67 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1177,7 +1177,7 @@ consider_testing_reachability(int test_or, int test_dir)
/* XXX IPv6 self testing */
log_info(LD_CIRC, "Testing %s of my ORPort: %s:%d.",
!orport_reachable ? "reachability" : "bandwidth",
- me->address, me->or_port);
+ fmt_addr32(me->addr), me->or_port);
circuit_launch_by_extend_info(CIRCUIT_PURPOSE_TESTING, ei,
CIRCLAUNCH_NEED_CAPACITY|CIRCLAUNCH_IS_INTERNAL);
extend_info_free(ei);
@@ -1189,7 +1189,7 @@ consider_testing_reachability(int test_or, int test_dir)
CONN_TYPE_DIR, &addr, me->dir_port,
DIR_PURPOSE_FETCH_SERVERDESC)) {
/* ask myself, via tor, for my server descriptor. */
- directory_initiate_command(me->address, &addr,
+ directory_initiate_command(&addr,
me->or_port, me->dir_port,
me->cache_info.identity_digest,
DIR_PURPOSE_FETCH_SERVERDESC,
@@ -1204,6 +1204,7 @@ router_orport_found_reachable(void)
{
const routerinfo_t *me = router_get_my_routerinfo();
if (!can_reach_or_port && me) {
+ char *address = tor_dup_ip(me->addr);
log_notice(LD_OR,"Self-testing indicates your ORPort is reachable from "
"the outside. Excellent.%s",
get_options()->PublishServerDescriptor_ != NO_DIRINFO ?
@@ -1212,7 +1213,8 @@ router_orport_found_reachable(void)
mark_my_descriptor_dirty("ORPort found reachable");
control_event_server_status(LOG_NOTICE,
"REACHABILITY_SUCCEEDED ORADDRESS=%s:%d",
- me->address, me->or_port);
+ address, me->or_port);
+ tor_free(address);
}
}
@@ -1222,6 +1224,7 @@ router_dirport_found_reachable(void)
{
const routerinfo_t *me = router_get_my_routerinfo();
if (!can_reach_dir_port && me) {
+ char *address = tor_dup_ip(me->addr);
log_notice(LD_DIRSERV,"Self-testing indicates your DirPort is reachable "
"from the outside. Excellent.");
can_reach_dir_port = 1;
@@ -1229,7 +1232,8 @@ router_dirport_found_reachable(void)
mark_my_descriptor_dirty("DirPort found reachable");
control_event_server_status(LOG_NOTICE,
"REACHABILITY_SUCCEEDED DIRADDRESS=%s:%d",
- me->address, me->dir_port);
+ address, me->dir_port);
+ tor_free(address);
}
}
@@ -1800,7 +1804,6 @@ router_rebuild_descriptor(int force)
ri = tor_malloc_zero(sizeof(routerinfo_t));
ri->cache_info.routerlist_index = -1;
- ri->address = tor_dup_ip(addr);
ri->nickname = tor_strdup(options->Nickname);
ri->addr = addr;
ri->or_port = router_get_advertised_or_port(options);
@@ -1865,7 +1868,7 @@ router_rebuild_descriptor(int force)
policies_parse_exit_policy(options->ExitPolicy, &ri->exit_policy,
options->IPv6Exit,
options->ExitPolicyRejectPrivate,
- ri->address, !options->BridgeRelay);
+ ri->addr, !options->BridgeRelay);
}
ri->policy_is_reject_star =
policy_is_reject_star(ri->exit_policy, AF_INET) &&
@@ -2271,8 +2274,7 @@ char *
router_dump_router_to_string(routerinfo_t *router,
crypto_pk_t *ident_key)
{
- /* XXXX025 Make this look entirely at its arguments, and not at globals.
- */
+ char *address = NULL;
char *onion_pkey = NULL; /* Onion key, PEM-encoded. */
char *identity_pkey = NULL; /* Identity key, PEM-encoded. */
char digest[DIGEST_LEN];
@@ -2346,7 +2348,9 @@ router_dump_router_to_string(routerinfo_t *router,
}
}
+ address = tor_dup_ip(router->addr);
chunks = smartlist_new();
+
/* Generate the easy portion of the router descriptor. */
smartlist_add_asprintf(chunks,
"router %s %s %d 0 %d\n"
@@ -2362,7 +2366,7 @@ router_dump_router_to_string(routerinfo_t *router,
"signing-key\n%s"
"%s%s%s%s",
router->nickname,
- router->address,
+ address,
router->or_port,
decide_to_advertise_dirport(options, router->dir_port),
extra_or_address ? extra_or_address : "",
@@ -2476,6 +2480,7 @@ router_dump_router_to_string(routerinfo_t *router,
SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp));
smartlist_free(chunks);
}
+ tor_free(address);
tor_free(family_line);
tor_free(onion_pkey);
tor_free(identity_pkey);
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index d636a1e25c..8d29b89ea9 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -669,7 +669,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now)
char id_digest_str[2*DIGEST_LEN+1];
char sk_digest_str[2*DIGEST_LEN+1];
- if (should_delay_dir_fetches(get_options()))
+ if (should_delay_dir_fetches(get_options(), NULL))
return;
pending_cert = fp_pair_map_new();
@@ -2709,7 +2709,6 @@ routerinfo_free(routerinfo_t *router)
return;
tor_free(router->cache_info.signed_descriptor_body);
- tor_free(router->address);
tor_free(router->nickname);
tor_free(router->platform);
tor_free(router->contact_info);
@@ -4593,7 +4592,7 @@ void
update_router_descriptor_downloads(time_t now)
{
const or_options_t *options = get_options();
- if (should_delay_dir_fetches(options))
+ if (should_delay_dir_fetches(options, NULL))
return;
if (!we_fetch_router_descriptors(options))
return;
@@ -4614,7 +4613,7 @@ update_extrainfo_downloads(time_t now)
int n_no_ei = 0, n_pending = 0, n_have = 0, n_delay = 0;
if (! options->DownloadExtraInfo)
return;
- if (should_delay_dir_fetches(options))
+ if (should_delay_dir_fetches(options, NULL))
return;
if (!router_have_minimum_dir_info())
return;
@@ -4720,7 +4719,7 @@ router_differences_are_cosmetic(const routerinfo_t *r1, const routerinfo_t *r2)
}
/* If any key fields differ, they're different. */
- if (strcasecmp(r1->address, r2->address) ||
+ if (r1->addr != r2->addr ||
strcasecmp(r1->nickname, r2->nickname) ||
r1->or_port != r2->or_port ||
!tor_addr_eq(&r1->ipv6_addr, &r2->ipv6_addr) ||
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 9414a533b9..ad3cf3b388 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1195,8 +1195,7 @@ router_parse_entry_from_string(const char *s, const char *end,
log_warn(LD_DIR,"Router nickname is invalid");
goto err;
}
- router->address = tor_strdup(tok->args[1]);
- if (!tor_inet_aton(router->address, &in)) {
+ if (!tor_inet_aton(tok->args[1], &in)) {
log_warn(LD_DIR,"Router address is not an IP address.");
goto err;
}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion