diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/compat.c | 11 | ||||
| -rw-r--r-- | src/common/log.c | 2 | ||||
| -rw-r--r-- | src/or/circuitlist.c | 4 | ||||
| -rw-r--r-- | src/or/config.c | 24 | ||||
| -rw-r--r-- | src/or/connection.c | 2 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 5 | ||||
| -rw-r--r-- | src/or/directory.c | 4 | ||||
| -rw-r--r-- | src/or/or.h | 9 | ||||
| -rw-r--r-- | src/or/relay.c | 2 | ||||
| -rw-r--r-- | src/win32/orconfig.h | 2 |
10 files changed, 42 insertions, 23 deletions
diff --git a/src/common/compat.c b/src/common/compat.c index 96012e2e01..dbd3197a88 100644 --- a/src/common/compat.c +++ b/src/common/compat.c @@ -2204,7 +2204,7 @@ tor_threads_init(void) } #endif -#ifdef HAVE_SYS_MMAN_H +#if defined(HAVE_MLOCKALL) && HAVE_DECL_MLOCKALL /** Attempt to raise the current and max rlimit to infinity for our process. * This only needs to be done once and can probably only be done when we have * not already dropped privileges. @@ -2258,7 +2258,6 @@ int tor_mlockall(void) { static int memory_lock_attempted = 0; - int ret; if (memory_lock_attempted) { return 1; @@ -2273,15 +2272,13 @@ tor_mlockall(void) * http://msdn.microsoft.com/en-us/library/aa366895(VS.85).aspx */ -#ifdef HAVE_MLOCKALL - ret = tor_set_max_memlock(); - if (ret == 0) { +#if defined(HAVE_MLOCKALL) && HAVE_DECL_MLOCKALL + if (tor_set_max_memlock() == 0) { /* Perhaps we only want to log this if we're in a verbose mode? */ log_notice(LD_GENERAL, "RLIMIT_MEMLOCK is now set to RLIM_INFINITY."); } - ret = mlockall(MCL_CURRENT|MCL_FUTURE); - if (ret == 0) { + if (mlockall(MCL_CURRENT|MCL_FUTURE) == 0) { log_notice(LD_GENERAL, "Insecure OS paging is effectively disabled."); return 0; } else { diff --git a/src/common/log.c b/src/common/log.c index a83f945459..9912080af6 100644 --- a/src/common/log.c +++ b/src/common/log.c @@ -81,7 +81,7 @@ should_log_function_name(log_domain_mask_t domain, int severity) /* All debugging messages occur in interesting places. */ return 1; case LOG_NOTICE: - case LOG_WARN: + case LOG_WARN: case LOG_ERR: /* We care about places where bugs occur. */ return (domain == LD_BUG); diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index 560bec55f1..02bf925ba5 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -504,7 +504,7 @@ circuit_free(circuit_t *circ) * "active" checks will be violated. */ cell_queue_clear(&circ->n_conn_cells); - memset(circ, 0xAA, memlen); /* poison memory */ + memset(mem, 0xAA, memlen); /* poison memory */ tor_free(mem); } @@ -1103,6 +1103,7 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line, edge_connection_t *conn; for (conn=or_circ->n_streams; conn; conn=conn->next_stream) connection_edge_destroy(or_circ->p_circ_id, conn); + or_circ->n_streams = NULL; while (or_circ->resolving_streams) { conn = or_circ->resolving_streams; @@ -1126,6 +1127,7 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line, edge_connection_t *conn; for (conn=ocirc->p_streams; conn; conn=conn->next_stream) connection_edge_destroy(circ->n_circ_id, conn); + ocirc->p_streams = NULL; } circ->marked_for_close = line; diff --git a/src/or/config.c b/src/or/config.c index b6a52a85de..66f9d0488b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -166,6 +166,7 @@ static config_var_t _option_vars[] = { V(CellStatistics, BOOL, "0"), V(CircuitBuildTimeout, INTERVAL, "0"), V(CircuitIdleTimeout, INTERVAL, "1 hour"), + V(CircuitStreamTimeout, INTERVAL, "0"), V(ClientDNSRejectInternalAddresses, BOOL,"1"), V(ClientOnly, BOOL, "0"), V(ConsensusParams, STRING, NULL), @@ -2942,6 +2943,10 @@ compute_publishserverdescriptor(or_options_t *options) * will generate too many circuits and potentially overload the network. */ #define MIN_MAX_CIRCUIT_DIRTINESS 10 +/** Lowest allowable value for CircuitStreamTimeout; if this is too low, Tor + * will generate too many circuits and potentially overload the network. */ +#define MIN_CIRCUIT_STREAM_TIMEOUT 10 + /** Return 0 if every setting in <b>options</b> is reasonable, and a * permissible transition from <b>old_options</b>. Else return -1. * Should have no side effects, except for normalizing the contents of @@ -3373,23 +3378,30 @@ options_validate(or_options_t *old_options, or_options_t *options, } if (options->RendPostPeriod < MIN_REND_POST_PERIOD) { - log(LOG_WARN,LD_CONFIG,"RendPostPeriod option is too short; " - "raising to %d seconds.", MIN_REND_POST_PERIOD); + log_warn(LD_CONFIG, "RendPostPeriod option is too short; " + "raising to %d seconds.", MIN_REND_POST_PERIOD); options->RendPostPeriod = MIN_REND_POST_PERIOD; } if (options->RendPostPeriod > MAX_DIR_PERIOD) { - log(LOG_WARN, LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.", - MAX_DIR_PERIOD); + log_warn(LD_CONFIG, "RendPostPeriod is too large; clipping to %ds.", + MAX_DIR_PERIOD); options->RendPostPeriod = MAX_DIR_PERIOD; } if (options->MaxCircuitDirtiness < MIN_MAX_CIRCUIT_DIRTINESS) { - log(LOG_WARN, LD_CONFIG, "MaxCircuitDirtiness option is too short; " - "raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS); + log_warn(LD_CONFIG, "MaxCircuitDirtiness option is too short; " + "raising to %d seconds.", MIN_MAX_CIRCUIT_DIRTINESS); options->MaxCircuitDirtiness = MIN_MAX_CIRCUIT_DIRTINESS; } + if (options->CircuitStreamTimeout && + options->CircuitStreamTimeout < MIN_CIRCUIT_STREAM_TIMEOUT) { + log_warn(LD_CONFIG, "CircuitStreamTimeout option is too short; " + "raising to %d seconds.", MIN_CIRCUIT_STREAM_TIMEOUT); + options->CircuitStreamTimeout = MIN_CIRCUIT_STREAM_TIMEOUT; + } + if (options->KeepalivePeriod < 1) REJECT("KeepalivePeriod option must be positive."); diff --git a/src/or/connection.c b/src/or/connection.c index aca9b8b116..0600d9711f 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -423,7 +423,7 @@ _connection_free(connection_t *conn) connection_or_remove_from_identity_map(TO_OR_CONN(conn)); } - memset(conn, 0xAA, memlen); /* poison memory */ + memset(mem, 0xCC, memlen); /* poison memory */ tor_free(mem); } diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 97d6595e97..75a57fedd5 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -377,13 +377,16 @@ connection_edge_finished_connecting(edge_connection_t *edge_conn) static int compute_retry_timeout(edge_connection_t *conn) { + int timeout = get_options()->CircuitStreamTimeout; + if (timeout) /* if our config options override the default, use them */ + return timeout; if (conn->num_socks_retries < 2) /* try 0 and try 1 */ return 10; return 15; } /** Find all general-purpose AP streams waiting for a response that sent their - * begin/resolve cell >=15 seconds ago. Detach from their current circuit, and + * begin/resolve cell too long ago. Detach from their current circuit, and * mark their current circuit as unsuitable for new streams. Then call * connection_ap_handshake_attach_circuit() to attach to a new circuit (if * available) or launch a new one. diff --git a/src/or/directory.c b/src/or/directory.c index 1d3c43ec0c..427f5d8c08 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3242,8 +3242,8 @@ directory_handle_command(dir_connection_t *conn) &body, &body_len, MAX_DIR_UL_SIZE, 0)) { case -1: /* overflow */ log_warn(LD_DIRSERV, - "Invalid input from address '%s'. Closing.", - conn->_base.address); + "Request too large from address '%s' to DirPort. Closing.", + safe_str(conn->_base.address)); return -1; case 0: log_debug(LD_DIRSERV,"command not all here yet."); diff --git a/src/or/or.h b/src/or/or.h index 767ad95720..2e575f5ef9 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2445,10 +2445,15 @@ typedef struct { * connections alive? */ int SocksTimeout; /**< How long do we let a socks connection wait * unattached before we fail it? */ - int CircuitBuildTimeout; /**< Cull non-open circuits that were born - * at least this many seconds ago. */ + int CircuitBuildTimeout; /**< If non-zero, cull non-open circuits that + * were born at least this many seconds ago. If + * zero, use the internal adaptive algorithm. */ int CircuitIdleTimeout; /**< Cull open clean circuits that were born * at least this many seconds ago. */ + int CircuitStreamTimeout; /**< If non-zero, detach streams from circuits + * and try a new circuit if the stream has been + * waiting for this many seconds. If zero, use + * our default internal timeout schedule. */ int MaxOnionsPending; /**< How many circuit CREATE requests do we allow * to wait simultaneously before we start dropping * them? */ diff --git a/src/or/relay.c b/src/or/relay.c index 2151ddeb9b..00e70d95c1 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -1846,7 +1846,7 @@ set_streams_blocked_on_circ(circuit_t *circ, or_connection_t *orconn, } /** Pull as many cells as possible (but no more than <b>max</b>) from the - * queue of the first active circuit on <b>conn</b>, and write then to + * queue of the first active circuit on <b>conn</b>, and write them to * <b>conn</b>->outbuf. Return the number of cells written. Advance * the active circuit pointer to the next active circuit in the ring. */ int diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index 101fd0cad0..f58bb584b3 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -226,7 +226,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.2.2.6-alpha" +#define VERSION "0.2.2.6-alpha-dev" |